Subnetting Guide
Subnetting is the practice of dividing one IP network into smaller, logically separate sub-networks. It's how a single allocation like 10.0.0.0/16 becomes 256 isolated /24s.
Why subnet?
- Isolation. Each subnet is a broadcast domain; failures and noise stay local.
- Security. Firewall rules can target subnet boundaries.
- Performance. Smaller subnets have less broadcast traffic.
- Organization. Different subnets can map to environments, teams, or regions.
Step-by-step: split a /24 into four /26s
A /24 has 8 host bits. To get four equal subnets, we need 2 additional network bits — yielding a /26. Each /26 has 64 addresses (62 usable).
| Subnet | Range | Hosts | Broadcast |
|---|---|---|---|
10.0.0.0/26 | 10.0.0.0 – 10.0.0.63 | 10.0.0.1 – 10.0.0.62 | 10.0.0.63 |
10.0.0.64/26 | 10.0.0.64 – 10.0.0.127 | 10.0.0.65 – 10.0.0.126 | 10.0.0.127 |
10.0.0.128/26 | 10.0.0.128 – 10.0.0.191 | 10.0.0.129 – 10.0.0.190 | 10.0.0.191 |
10.0.0.192/26 | 10.0.0.192 – 10.0.0.255 | 10.0.0.193 – 10.0.0.254 | 10.0.0.255 |
Variable-Length Subnet Masking (VLSM)
Real networks rarely need equal-sized subnets. VLSM lets you split a block into pieces of different sizes. A common pattern: carve out a /29 for a router-router link from a /24, then split the remainder into /25s.
i
Rule of thumb. Each one-bit increase in the prefix halves the subnet size. Going from /24 to /25 halves it, /26 quarters it, and so on.