Subnetting is the practice of dividing a network into two or more smaller networks. It increases routing efficiency, enhances the security of the network and reduces the size of the broadcast domain.
Consider the following example:
In the picture above we have one huge network: 10.0.0.0/24. All hosts on the network are in the same subnet, which has the following disadvantages:
A single broadcast domain – all hosts are in the same broadcast domain. A broadcast sent by any device on the network will be processed by all hosts, creating lots of unnecessary traffic.
Network security – each device can reach any other device on the network, which can present security problems. For example, a server containing sensitive information shouldn’t be in the same network as user’s workstations.
Organizational problems – in a large networks, different departments are usually grouped into different subnets. For example, you can group all devices from the Accounting department in the same subnet and then give access to sensitive financial data only to hosts from that subnet.
The network above could be subnetted like this:
Now, two subnets were created for different departments: 10.0.0.0/24 for Accounting and 10.1.0.0/24 for Marketing. Devices in each subnet are now in a different broadcast domain. This will reduce the amount of traffic flowing on the network and allow us to implement packet filtering on the router.
Subnet mask
An IP address is divided into two parts: network and host parts. For example, an IP class A address consists of 8 bits identifying the network and 24 bits identifying the host. This is because the default subnet mask for a class A IP address is 8 bits long. (or, written in dotted decimal notation, 255.0.0.0). What does it mean? Well, like an IP address, a subnet mask also consists of 32 bits. Computers use it to determine the network part and the host part of an address. The 1s in the subnet mask represent a network part, the 0s a host part.
Computers works only with bits. The math used to determine a network range is binary AND.
Let’s say that we have the IP address of 10.0.0.1 with the default subnet mask of 8 bits (255.0.0.0).
First, we need to convert the IP address to binary:
IP address: 10.0.0.1 = 00001010.00000000.00000000.00000001
Subnet mask 255.0.0.0 = 11111111.00000000.00000000.0000000
Computers then use the AND operation to determine the network number:
The computer can then determine the size of the network. Only IP addresses that begins with 10 will be in the same network. So, in this case, the range of addresses in this network is 10.0.0.0 – 10.255.255.255.NOTE
A subnet mask must always be a series of 1s followed by a series of 0s.
Create Subnets
There are a couple of ways to create subnets. In this article we will subnet a class C address 192.168.0.0 that, by default, has 24 subnet bits and 8 host bits.
Before we start subnetting, we have to ask ourselves these two questions:
1. How many subnets do we need?
2x = number of subnets. x is the number of 1s in the subnet mask. With 1 subnet bit, we can have 21 or 2 subnets. With 2 bits, 22 or 4 subnets, with 3 bits, 23 or 8 subnets, etc.
2. How many hosts per subnet do we need?
2y – 2 = number of hosts per subnet. y is the number of 0s in the subnet mask.
Subnetting example
An example will help you understand the subnetting concept. Let’s say that we need to subnet a class C address 192.168.0.0/24. We need two subnets with 50 hosts per subnet. Here is our calculation:
1. Since we need only two subnets, we need 21 subnet bits. In our case, this means that we will take one bit from the host part. Here is the calculation:
First, we have a class C address 192.168.0.0 with the subnet mask of 24. Let’s convert them to binary:
192.168.0.0 = 11000000.10101000.00000000.00000000
255.255.255.0 = 11111111.11111111.11111111.00000000
We need to take a single zero from the host part of the subnet mask. Here is our new subnet mask:
255.255.255.128 = 11111111.11111111.11111111.10000000
Remember, the ones in the subnet mask represent the network.
2. We need 50 hosts per subnet. Since we took one bit from the host part, we are left with seven bits for the hosts. Is it enough for 50 hosts? The formula to calculate the number of hosts is 2y – 2, with y representing the number of host bits. Since 27 – 2 is 126, we have more than enough bits for our hosts.
3. Our network will look like this:
192.168.0.0/25 – the first subnet has the subnet number of 192.168.0.0. The range of IP addresses in this subnet is 192.168.0.0 – 192.168.0.127.
192.168.0.128/25 – the second subnet has the subnet number of 192.168.0.128. The range of IP addresses in this subnet is 192.168.0.128 – 192.168.0.255.
CIDR (Classless Inter-Domain Routing)
CIDR (Classless inter-domain routing) is a method of public IP address assignment. It was introduced in 1993 by Internet Engineering Task Force with the following goals:
- to deal with the IPv4 address exhaustion problem
- to slow down the growth of routing tables on Internet routers
Before CIDR, public IP addresses were assigned based on the class boundaries:
- Class A – the classful subnet mask is /8. The number of possible IP addresses is 16,777,216 (2 to the power of 24).
- Class B – the classful subnet mask is /16. The number of addresses is 65,536
- Class C – the classful subnet mask is /24. Only 256 addresses available.
Some organizations were known to have gotten an entire Class A public IP address (for example, IBM got all the addresses in the 9.0.0.0/8 range). Since these addresses can’t be assigned to other companies, there was a shortage of available IPv4 addresses. Also, since IBM probably didn’t need more than 16 million IP addresses, a lot of addresses were unused.
To combat this, the classful network scheme of allocating the IP address was abandoned. The new system was classsless – a classful network was split into multiple smaller networks. For example, if a company needs 12 public IP addresses, it would get something like this: 190.5.4.16/28.
The number of usable IP addresses can be calculated with the following formula:
2 to the power of host bits – 2
In the example above, the company got 14 usable IP addresses from the 190.5.4.16 – 190.5.4.32 range because there are 4 host bits and 2 to the power of 4 minus 2 is 14 The first and the last address are the network address and the broadcast address,,respectively. All other addresses inside the range could be assigned to Internet hosts.