Subnetting Masterclass
Tanimola MiracleTable of contents
- INTRODUCTION
- WHY ARE IP ADDRESSES WRITTEN THE WAY THEY ARE?
- BLOCKS OF IP ADDRESSES
- WHAT IS BINARY?
- HOW TO CONVERT A DECIMAL NUMBER TO BINARY
- HOW TO CONVERT A DECIMAL NUMBER INTO BINARY
- CLASSFUL ADDRESSES
- THE PROBLEM WITH CLASSFUL ADDRESSES
- CLASSLESS INTER-DOMAIN ROUTING (CIDR)
- SUBNET MASKS DEEP DIVE
- CONCLUSION
INTRODUCTION
A crucial aspect of networking is subnetting, which involves breaking down a large pool of IP addresses into smaller, more manageable segments. These smaller groups can be assigned to different customers or sections of a network for better organization.
Think of it like planning a city: the internet is the entire metropolis, while streets and houses represent individual devices. Without structure, navigating the city would be chaotic. By dividing it into districts, streets, and house numbers, everything becomes easier to locate just like how subnetting organizes networks.
For many beginners, subnetting seems complicated, often because explanations rush into complex calculations without first clarifying its purpose. The math behind it is definitely important, but without understanding why we break a large network into smaller parts, it’s easy to get lost in the technical details.
This guide focuses on the why rather than diving straight into the math. If you are completely new to subnetting and may even be unfamiliar with networking as a whole. No background knowledge is required just a curiosity to understand subnetting in the simplest way possible!
WHY ARE IP ADDRESSES WRITTEN THE WAY THEY ARE?
You’ve seen IP addresses before: they’re four numbers, separated by three dots and every computer or device on the internet has one. The device you’re using to read this blog has an IP Address.
Here are some examples of IP addresses:
192.168.0.54
10.23.65.4
8.8.8.8
These are IPv4 addresses, as opposed to IPv6. We won't cover IPv6 addresses in this post.
We already established that an IP address consists of four numbers, and each of them can range from 0 to 255. This means that if we were to list all possible IP addresses, the first one would be 0.0.0.0, followed by 0.0.0.1, then 0.0.0.2, and so on, up to 0.0.0.255. After that, the next set would start at 0.0.1.0, then 0.0.1.1, and continue in this pattern. Eventually, the highest possible IP address would be 255.255.255.255.
In total, there are 4,294,967,296 possible IP addresses, basically 4.3 billion. Each of the four numbers in an IP address is called an octet. So, an IP address is simply a combination of four octets. Let’s talk about how networks are divided and how different sections get assigned their own block of IP addresses.
BLOCKS OF IP ADDRESSES
Usually, most home networks that get their IP from their routers are configured to use a specific range of IP addresses such as 192.168.1.x, where x can be any number from 0 to 255. Essentially, your home network has a range/block of 256 IP addresses, although not all of them are usable, as some are always reserved.
In a sense, you could think of this IP range as a smaller network within the vast pool of 4.3 billion IP addresses. And that’s exactly what subnetting is—it involves taking a large block of IPs and breaking it down into smaller, more manageable segments.
To design a network. subnetting is a must have skill and by the end of this post we’ll figure it out together.
For instance, imagine you're assigned a large block of IP addresses and need to divide it into smaller subnets for different purposes. You might create one subnet for office workstations, another for company printers and another for the company servers and databases. Your goal is to assign IP ranges that are large enough to accommodate all devices in each category while allowing room for future expansion—but not so large that IPs are wasted. And most importantly, you must ensure that the subnets don’t overlap, as that could lead to serious network conflicts.
One important thing to know is that you can’t just choose any random starting and ending IP for a subnet. Subnet ranges must follow specific rules. The starting IP must be at a valid point, and the ending IP depends on both the starting point and the size of the subnet. To understand, we need to take a closer look at how computers communicate. Time to dive into binary, the language the computer understands.
WHAT IS BINARY?
At its core, binary is just a way of representing numbers using only two digits. Coincidentally, that’s the only language our computers speak.
0 can represent (off)
1 can represent (on)
Unlike the decimal system (which we use daily and is based on 10 digits: 0-9), computers only understand binary because they operate using electrical signals that can either be on (1) or off (0).
For example:
The decimal number 5 in binary is 101. The decimal number 10 in binary is 1010.
Remember we established that each IP address consists of four numbers (octets), and each octet can be any number between 0-255. These numbers are stored as 8 binary digits and every octet in an IP address follows the same format. The 8 number equals 8 bits because 1 or 0 is a bit. So having 8 of them sequentially makes it 8 bits. In computing 8 bits equals a byte.
HOW TO CONVERT A DECIMAL NUMBER TO BINARY
We’ll use the table below to convert any decimal number between 0 and 255 into binary. Below, I’ve written 00110001 on the bottom row, and above each digit, I’ve labeled its corresponding binary place value in an 8-bit number.
In binary, each digit (bit) represents a power of 2. The numbers below represent the values of each bit in an 8-bit binary number (from left to right) i.e. 2∧0 to 2∧7
VALUES | 128 | 64 | 32 | 16 | 8 | 4 | 2 | 1 |
BINARY | 0 | 0 | 1 | 1 | 0 | 0 | 0 | 1 |
Each position can be either on (1) or off (0)—just like a switch. If a bit is 1, it means we include that value in our sum. If it’s 0, we ignore it.
The next step is to Identify the "On" Values and sum it together. Looking at our binary number 00110001, we see that the 32, 16, and 1 positions are on (1), while the others are off (0).
Now, just add up the "on" values 32 + 16 + 1 = 49. So, 00110001 in binary equals 49 in decimal.
Exercise for you: convert the binary 11000000 to decimal. If your answer is different from 192 check your workings again.
HOW TO CONVERT A DECIMAL NUMBER INTO BINARY
Now that we know how to convert binary to decimal, let’s reverse the process. Converting decimal to binary follows a similar method. Just like before, we use the following place values in an 8-bit binary number:
VALUES | 128 | 64 | 32 | 16 | 8 | 4 | 2 | 1 |
BINARY | ? | ? | ? | ? | ? | ? | ? | ? |
Each of these values represents a power of 2, and our goal is to fill in 1s and 0s based on the decimal number we are converting.
Let’s convert 45 to binary.
The first step is to find the largest place value that fits into 45. The biggest number in our table that fits is 32. Write 1 under 32 and subtract: 45 - 32 = 13.
We’ll now repeat the first process again by finding the next biggest value that fits into 13. The next largest value is 8. Write 1 under 8 and subtract: 13 - 8 = 5.
Repeat the process: find the next biggest value that fits into 5. The next largest value is 4. Write 1 under 4 and subtract: 5 - 4 = 1.
Find the last value that fits into 1. The only number left is 1. Write 1 under 1 and subtract: 1 - 1 = 0 we’re done.
VALUES | 128 | 64 | 32 | 16 | 8 | 4 | 2 | 1 |
BINARY | 0 | 0 | 1 | 0 | 1 | 1 | 0 | 1 |
So, 45 in decimal is 00101101 in binary. How cool!
Now try this yourself. Convert 19 to Binary.
CLASSFUL ADDRESSES
The internet and IP addresses were created in an era when no one could have predicted their future impact and how big it would become. Back then, the concept of "websites" and "internet" seemed like pure science fiction that the average person didn't want a stake in.
Considering this, the initial method of allocating IP addresses might seem highly inefficient by today's standards, but it likely made sense at the time. In 1981, RFC 791 introduced a system that categorized IP addresses into distinct "classes". Under this system, an IP's CLASS determined the size of its assigned block.
There are five distinct classes ranging from Class A to Class E
Class A addresses included any IPs starting with a number between 0 and 127 in the first octet. Some examples of Class A IPs are 1.0.0.0, 45.50.230.47, and 127.128.10.210.
If an IP address falls within the Class A range, it means the owner has control over a massive block containing more than 16 million unique IP addresses—all because the first octet determines the entire allocation.
For instance, the 17.x.x.x range (where x can be any number from 0 to 255) was allocated to Apple. It means that Apple owns any IP Address that start with 17.0.0.0 to 17.255.255.255.
You might already see the issue here. An organization could either get millions of IPs or none at all—there was no middle ground. Keeping that in mind, let’s move on: next was the Class B range, covering any IP that started from 128 up to 191.
In a Class B block, the first two octets determined the network size. For instance, 150.25.x.x, 172.16.x.x, and 189.99.x.x all belonged to Class B allocations. This setup provided 65,536 addresses in total, meaning an organization could use IPs from (for example) 172.16.0.0 all the way up to 172.16.255.255.
But what if an organization didn’t need tens of thousands of IPs? That’s where Class C came in. Any IP starting from 192 up to 223 fell into the Class C range.
In a Class C block, the first three octets defined the network. So, for example, 194.129.5.x, 210.123.111.x, and 223.9.8.x were all Class C allocations. Unlike Class B, which had thousands of addresses, a Class C block provided just 256 IPs, enough for smaller networks. For example, a company with 223.9.8.0 to 223.9.8.255 had a manageable set of addresses without wasting thousands of unused ones.
Here’s a classful subnet table.
THE PROBLEM WITH CLASSFUL ADDRESSES
You might be thinking, so I can have either 16 million IP addresses, 65,536, or just 256 and nothing in between? That’s ridiculously inefficient! And yes, back in the day, that was exactly the case. In fact, the reason some massive organizations still have enormous chunks of IP addresses today is because of this outdated class-based system.
This was a major issue, especially considering that we were already facing a shortage of IP addresses and still are. But the inefficiencies don’t stop there. Things got even stranger with Class D. This range—224.x.x.x to 239.x.x.x—was reserved exclusively for multicast. That’s 268 million addresses dedicated to a feature that, while useful in some cases, never became mainstream enough to justify such an enormous allocation.
And then there’s Class E, which, according to RFC 988, was set aside for “future addressing modes”. This block spans 240.x.x.x to 255.x.x.x. But here’s the catch: we’re in the future now, and IPs are scarce—yet this range is still sitting there, unusable.
Why? Because even if we wanted to start using Class E addresses, it would be a nightmare. For decades, billions of devices have been programmed to ignore this range entirely. Picture getting assigned a batch of IPs, only to realize that half the internet can’t even recognize them. Not exactly practical.
So when we talk about 4.3 billion possible IPv4 addresses, the real number is much smaller than that.
Even just looking at Classes A, B, and C, the inefficiency is obvious. If a small business needed, say, eight IP addresses, they’d be given 256. If an ISP needed a few thousand, they had to either stitch together multiple blocks of 256 or take a massive 65,536-address block, wasting thousands in the process. The class-based system simply didn’t scale, and as a result, we burned through IPs at an alarming rate.
To fix this mess, the networking world ignored classful addressing altogether. In its place came a much smarter approach: classless addressing, also known as modern subnetting.
CLASSLESS INTER-DOMAIN ROUTING (CIDR)
With classless addressing, the rigid class system of the past is no longer in play. Instead, classless addressing offers much greater flexibility in how many IPs a network can have. Let’s take another look at the values in each column of the binary numbering system.
256 | 128 | 64 | 32 | 16 | 8 | 4 | 2 | 1 |
See those numbers? Thanks to classless addressing, you’re no longer limited to massive blocks of IPs—you can have precisely the amount you need. You could get a block with 8 IPs, 16 IPs, 32 IPs, 128 IPs, 256 IPs… and it doesn’t stop there. Notice the pattern? Each step to the left doubles the previous value: 1, 2, 4, 8, 16, 32—and so on. Following that logic, after 256 comes 512, then 1024, then 2048, then 4096, and beyond. This means you can have a block of 512, 1024, or however many IPs your network actually requires.
This system is officially called Classless Inter-Domain Routing, or CIDR (pronounced “cider”), which is precisely what RFC 1519 defines. CIDR works by introducing something called a subnet mask. This mask is a number that specifies the size of a given block of IP addresses. With some simple binary math, you can take any IP address, check its subnet mask, and determine exactly which addresses belong to that block.
Now, understanding subnet masks might sound complicated, but don’t worry we’ll start with a simple explanation before diving into the details.
SUBNET MASKS SIMPLIFIED
In most cases, your device automatically receives network settings through DHCP (Dynamic Host Configuration Protocol). However, there are times when you may need to configure these settings manually.
Before your device can successfully communicate on a network, it needs three key pieces of information:
IP address
Subnet mask
Default gateway
Notice that the IP address is 192.168.10.3, and the subnet mask is 255.255.255.0. Notice too that the subnet mask is written in a similar way to an IP address: four numbers, each with a dot in between.
Let’s write these numbers on top of each other.
Think of a subnet mask as the segment that determines which part of an IP address is fixed and which part can be assigned freely.
Whenever a section of the subnet mask is 255, the corresponding section of the IP address is locked i.e. it must stay the same. But when a section of the subnet mask is 0, that part of the IP address can change.
For example, with a subnet mask of 255.255.255.0, the first three octets—192.168.10 are fixed, meaning they define the network portion of the address. The last octet, however, can range from 0 to 255, making it the host portion - this is the part that gets assigned to individual devices within the network. As a result, this subnet includes all IPs from 192.168.10.0 to 192.168.10.255, giving a total of 256 possible addresses for hosts.
A subnet mask essentially locks in the network part of the address while leaving the host part flexible for assignments. This is why we refer to 192.168.10 as the network portion; it identifies the network itself, while the final number is the host portion, representing individual devices within that network.
Now, if we use a subnet mask of 255.255.0.0, the first two octets—192.168—become the network portion, while the last two octets are open for assignment. This setup allows for a much larger network with 65,536 possible IP addresses, as the host portion can range from 192.168.0.0 to 192.168.255.255.
By adjusting the subnet mask, we can control the size of a network, determining how many devices can exist within it and how they communicate.
SLASH NOTATION
Before we dive deeper into subnet masks, here’s an interesting fact:
If you convert 255.255.255.0 into binary (use the method we learn about earlier), it would appear like this:
CONVERT 255 to binary
VALUES | 128 | 64 | 32 | 16 | 8 | 4 | 2 | 1 |
BINARY | 1 | 1 | 1 | 1 | 1 | 1 | 1 | 1 |
The result in binary is : 11111111.11111111.11111111.00000000
In the binary representation above, you’ll notice there are twenty-four consecutive 1s. Because of this, there’s a much more concise way to express 255.255.255.0—it’s called slash notation, represented as:
/24
Similarly, instead of writing 255.255.0.0, you can simply slash notation. Convert 255.255.0.0 into binary using the method we’ve learned about.
We’ll have 11111111.11111111.00000000.00000000 so if we count the number of 1s we’ll have 16. So we can represent the 255.255.0.0 in slash notation as /16.
SUBNET MASKS DEEP DIVE
If we break down our subnet mask into binary, we can see that subnetting offers much more flexibility. To understand this better, we need to represent the subnet mask in binary form.
In the image above the number of 0s will help us know how many IP addresses exist in this subnet. We calculate this by counting the numbers of zeros and raise it to the power of 2 i.e 2 raise to power 8. There are 256 available IP addresses.
If we need 128 IP addresses we can tweak our subnet mask and to understand how to do that we’ll dive deeper into subnet masks and all the math’s in between in the next series on subnetting.
CONCLUSION
We come a long way from barely knowing what subnet masks mean to understanding the philosophy of subnet masks and how to even understand and speak the computer language (binary).
The next subnetting article will be a continuation of this one. We’ll break apart the maths and really break networks with our new superpowers.
See you there.
Subscribe to my newsletter
Read articles from Tanimola Miracle directly inside your inbox. Subscribe to the newsletter, and don't miss out.
Written by