Page Details

This page is about IP Subnetting.

Some people may arrive here looking for a “subnetting chart”. If this is what's being sought, check out the Variable-Length Subnetting Chart and/or other VLSM charts in the section about making subnets.

(This page is part 1 of a multi-part guide. The parts are not equal in length, so later parts may be able to be covered more quickly.)

[#ipsubnet]:

IP Subnetting

The terms “subnet” and “supernet” can both be used as a noun or a verb. (In other words, a “subnet” is a thing, but a person can also “subnet” because the word “subnet” is also an activity that a person can do.)

“subnet” and “supernet” as nouns

A IP “subnet” is a group (or “collection”) of network addresses. A “supernet” is also a group of addresses. A group of addresses can be a “subnet” and a “supernet” at the same time, similar to the concept that a woman can be a “daughter” and a “mother” at the same time. The differences between the term “subnet” and “supernet” will be described in more detail after describing what a subnet is.

A device that uses one of those network addresses may be described as being “part of the subnet”, or “on the subnet”. Many people use the word “subnet” to describe a group of devices that communicate using a single group of network addresses.

“subnet” and “supernet” as verbs

The term “subnet” can also be used as a verb, describing the action of splitting up addresses into groups of addresses that are subnets.

Why make subnets/supernets?

Lumping network addresses into groups can simplify the steps that network devices must follow to determine how to communicate with other networking equipment. For example, devices may need to send some network traffic by using an antenna, while other traffic may need to be sent out a specific Ethernet cable or a fiber-optic cable. Devices can often start sending network communications in the correct direction as soon as the device determines which group a network address is in. This can take less time, and less computer memory, then checking a bunch of nearly-identical rules for many possible destinations. In addition to speeding up network communications, grouping network addresses can allow firewalls to apply certain rules to groups of addresses, so groups can be used to help implement network security.

As an example, a device called a “router” may be given the task of relaying some information to a computer. That router may be able to determine that the network traffic needs to go to another building, and so the router sends information to the other building. Another router may be located on the first floor of that building, and might quickly determine that the network communications need to reach a device on the third floor of that building. There might be thirty computers in that room. The steps that a router needs to perform can be simplified by having just one process that works for an entire group of all thirty computers.

The ability to work with groups, instead of individual network addresses, is the development in technology that allowed people to start making much larger networks, and to eventually create a giant world-wide network that we have named the Internet.

More overview about subnet/supernet groups

Devices follow certain rules when determining whether a IP network address is part of a specific subnet. As a very general rule, numbers that are closer togther are more likely to be in the same subnet, but that rule isn't always followed. 192.0.2.1 and 192.0.2.5 are often in the same subnet, but 192.0.2.127 and 192.0.2.128 are in the same subnet less frequently. 192.0.2.255 and 198.51.100.0 are in the same “subnet” (or “supernet”) far less frequently, but even numbers that far apart can be in the same subnet (such as when IPv4 classes tutorial describes some subnets that are “/4” subnets).

Examples of subnets

Here is a list of some network addresses:

  • 192.0.2.0
  • 192.0.2.1
  • 192.0.2.2
  • 192.0.2.3
  • 192.0.2.4
  • 192.0.2.5
  • 192.0.2.6
  • 192.0.2.7
  • 192.0.2.8
  • 192.0.2.9
  • 192.0.2.10
  • 192.0.2.11
  • 192.0.2.12
  • 192.0.2.13
  • 192.0.2.14
  • 192.0.2.15

(This text may show some of those addresses using certain text “decoration” styles, such as colors. That is simply helping to quickly identify addresses that are expected to be the first or the last address in a group.)

A group of addresses can be split into multiple evenly-sized groups. For example, a group of sixteen addresses may be placed into a single group, or they can be placed into 2 groups or four groups. In the following diagram, different group sizes are shown by the chart.

Sample Equal-Sized Splits of 16 Addresses
16 addresses per group 8 addresses per group 4 addresses per group

Group 1 (out of 1)

192.0.2.0
192.0.2.1
192.0.2.2
192.0.2.3
192.0.2.4
192.0.2.5
192.0.2.6
192.0.2.7
192.0.2.8
192.0.2.9
192.0.2.10
192.0.2.11
192.0.2.12
192.0.2.13
192.0.2.14
192.0.2.15

Group 1 (out of 2)

192.0.2.0
192.0.2.1
192.0.2.2
192.0.2.3
192.0.2.4
192.0.2.5
192.0.2.6
192.0.2.7

Group 2 (out of 2)

192.0.2.8
192.0.2.9
192.0.2.10
192.0.2.11
192.0.2.12
192.0.2.13
192.0.2.14
192.0.2.15

Group 1 (out of 4)

192.0.2.0
192.0.2.1
192.0.2.2
192.0.2.3

Group 2 (out of 4)

192.0.2.4
192.0.2.5
192.0.2.6
192.0.2.7

Group 3 (out of 4)

192.0.2.8
192.0.2.9
192.0.2.10
192.0.2.11

Group 4 (out of 4)

192.0.2.12
192.0.2.13
192.0.2.14
192.0.2.15

Note that these subnets are not mutually exclusive. All of these subnets exist at the same time. For example, there is a group of 8 addresses that includes the 192.168.2.10 address. There is also a group of 16 addresses that includes the 192.168.2.10 address. Those are different groups (notably: the size of those groups are different). However, both of those groups are very real, existing groups. The 192.168.2.10 address belongs to both of those groups. For that matter, the 192.168.2.10 address also belongs to a group that contains only four addresses. Every one of those groups, just mentioned, is written out and shown in one of the above boxes.

In the above example...

  • the group that goes from 192.0.2.4 through 192.0.2.7 (which was labelled “Group 2 (out of 4)”) is a subnet of the larger group that goes from 192.0.2.0 through 192.0.2.7 (and was labelled “Group 1 (out of 2)”).
  • Furthermore, the group of addresses going from 192.0.2.4 through 192.0.2.7 (which was labelled “Group 2 (of 4)”) is also a subnet of the group of addresses going from 192.0.2.0 through 192.0.2.15 (which was labelled “Group 1 (out of 1)”).

(The prior bullet points were not necessarily meant to be easily read over quickly. It is highly recommended that you look at each statement made, and look at the chart, to verify the truth of each statement.)

This simply means that all of the addresses in the smaller group are also in the larger group. Being able to take a large group, and break it into smaller groups, is called subnetting.

The term “supernet” refers to the opposite direction: the group of addresses going from 192.0.2.0 through 192.0.2.15 (labelled “Group 1 (out of 1)”) is a supernet of the group of addresses that goes from 192.0.2.8 through 192.0.2.11 (labelled “Group 3 (out of 4)”).

Sometimes people will refer to the action of “creating” a subnet. Here are some examples of how someone can “make” a subnet:

  • Taking a bunch of addresses (say, for example, the group of 16 addresses that we have been using), and drawing lines on a piece of paper, creating rectangles or circles around bunches of addresses to identify a group of addresses.
    • (Visually, the prior example used this approach by placing the different groups of addresses into different boxes. However, this more “visual” approach can be a bit more time-consuming, and be impractical when dealing with larger subnets that can have hundreds (or even millions!) of addresses.) This approach was selected because it was thought to be easier to understand for educational purposes, but, in practice, most networking experts will implement one of the other two approaches that are mentioned next.)
  • Figure out the first address of a subnet, and the last address of a subnet. (Assume that all addresses in between those addresses are part of the same subnet.)
  • Figure out the first address of a subnet, and how many addresses are in that subnet.

Any of those approaches accomplishes the same task, which involves figuring out which addresses are part of the group. That is what subnetting is about. So, “creating” a subnet really just means identifying a group (or “box”) of addresses is being talked about.

You may notice that each group of addresses in a column was the same size. That is not accidental. There are some rules to creating these groups. However, this guide started off by trying to focus on one simple concept, which is that a subnet is a group of addresses, and that subnets contain other smaller subnets (if they are large enough).

In general, the act of “subnetting” refers to taking a group of addresses and splitting that up into smaller groups. The act of “supernetting” refers to taking multiple groups and combining them together into a larger group. Both subnetting and supernetting involve identifying the smaller groups and the larger group. What this means is that subnetting and supernetting aren't really very different activities. The only minor distinction is what a person started with: did the person start with a big group, and then end up with smaller groups also being identified; or did the person start with small groups, and then end up with a larger group also being identified. In both cases, the same groups are identified at the end of the process.

  • (Basically, calling a group of addresses a “subnet” or a “supernet” is like referring to a doorway which people can use to go “through” a wall. Is such a doorway properly called an “entrance” or an “exit”? The answer is that both terms are legitimate.

    Sometimes, though, such a doorway is more appropriately referred to as an “entrance”, and sometimes the same doorway may be more appropriately referred to as an “exit”. If you are comparing the doorway to a location in the middle of the room, it is an “exit”. If you are comparing the doorway to a location outside, it is an entrance”. So, which term is more appropriate will be a matter of perspective. Similarly, a group of addresses may be both a “subnet” and a “supernet”, but people typically prefer one term based on what other group(s) may be getting compared. If there is no comparison being made, such a group of addresses is typically called a “subnet”.)

    • (There is an exception to that guideline, which is that such a group of addresses is typically just called a “network” if it is the default size for an IPv4 class. That exception may be more worthy of understanding after default class sizes are learned about.

As a point of comparison: Here is a larger chart. It shows all of the same groups as the previous chart, but it shows 32 addresses. So, this next/upcoming chart shows more addresses than what the previous chart shows.

[#sbnet32a]: Subnetting 32 IPv4 addresses
32 per group 16 per group 8 per group 4 per group
192.0.2.0
192.0.2.1
192.0.2.2
192.0.2.3
192.0.2.4
192.0.2.5
192.0.2.6
192.0.2.7
192.0.2.8
192.0.2.9
192.0.2.10
192.0.2.11
192.0.2.12
192.0.2.13
192.0.2.14
192.0.2.15
192.0.2.16
192.0.2.17
192.0.2.18
192.0.2.19
192.0.2.20
192.0.2.21
192.0.2.22
192.0.2.23
192.0.2.24
192.0.2.25
192.0.2.26
192.0.2.27
192.0.2.28
192.0.2.29
192.0.2.30
192.0.2.31
192.0.2.0
192.0.2.1
192.0.2.2
192.0.2.3
192.0.2.4
192.0.2.5
192.0.2.6
192.0.2.7
192.0.2.8
192.0.2.9
192.0.2.10
192.0.2.11
192.0.2.12
192.0.2.13
192.0.2.14
192.0.2.15
192.0.2.0
192.0.2.1
192.0.2.2
192.0.2.3
192.0.2.4
192.0.2.5
192.0.2.6
192.0.2.7

192.0.2.8
192.0.2.9
192.0.2.10
192.0.2.11
192.0.2.12
192.0.2.13
192.0.2.14
192.0.2.15
192.0.2.0
192.0.2.1
192.0.2.2
192.0.2.3

192.0.2.4
192.0.2.5
192.0.2.6
192.0.2.7

192.0.2.8
192.0.2.9
192.0.2.10
192.0.2.11

192.0.2.12
192.0.2.13
192.0.2.14
192.0.2.15
192.0.2.16
192.0.2.17
192.0.2.18
192.0.2.19
192.0.2.20
192.0.2.21
192.0.2.22
192.0.2.23
192.0.2.24
192.0.2.25
192.0.2.26
192.0.2.27
192.0.2.28
192.0.2.29
192.0.2.30
192.0.2.31
192.0.2.16
192.0.2.17
192.0.2.18
192.0.2.19
192.0.2.20
192.0.2.21
192.0.2.22
192.0.2.23

192.0.2.24
192.0.2.25
192.0.2.26
192.0.2.27
192.0.2.28
192.0.2.29
192.0.2.30
192.0.2.31
192.0.2.16
192.0.2.17
192.0.2.18
192.0.2.19

192.0.2.20
192.0.2.21
192.0.2.22
192.0.2.23

192.0.2.24
192.0.2.25
192.0.2.26
192.0.2.27

192.0.2.28
192.0.2.29
192.0.2.30
192.0.2.31

Note: The above is an example of IPv4 addresses. Later on, this text will show an example of IPv6 subnetting. For now, this guide will continue to use IPv4 addresses. One reason is because standard dotted-quad IPv4 notation doesn't use hexadecimal, which some people may find easier to use (especially when trying to learn a new topic).

As the above chart shows, there can also be more than 16 addresses in a subnet. The above chart shows 32 addresses being split up multiple times. An even larger chart could be made that shows 64 addresses being split up multiple times. And then, there are even larger subnets than that. In fact, there are even larger subnets with billions of network addresses. What this means, simply, is that there are many IP addresses, and those addresses can be divided into some very large groups. Many of those groups contain way more addresses than what this text is going to have a chart for.

Information about some network address groups

For instance, the page on “IPv4 classes” describes some large groups of IPv4 addresses. That section of documentation may also have some tables that show subnets that contain many millions of network addresses.

(You are encouraged to look over the “IPv4 classes” section at this time.)

For instance, one of the groups mentioned on that page is the group of IPv4 addresses that starts at 208.0.0.0 and goes up through 223.255.255.255. (That same group of addresses is also sometimes called “208.0.0.0/4”. Some network technicians also accept an even shorter way to refer to that group, which is “208/4”. All of those are ways of describing the same group of addresses, although some people might not like the shortest method of just specifying “208/4”. Instead, they would prefer the longer notation of “208.0.0.0/4”.)

Each one of the rows of that chart shows a subnet that we can refer to by using a name which ends with “/4”. The “/4” is part of a standard that has two names, which are “slash notation” and “CIDR” notation. That abbreviation is pronounced just like the word “cider”, like “apple cider”. It stands for “Classless Inter-Domain Routing”.

When using CIDR notation, the number after the slash helps to identify how big a subnet is. When using IPv4, each /4 network contains two hundred sixty eight million, four hundred thirty five thousand, four hundred fifty six (268,435,456) addresses. (That detail is IPv4-specific. An IPv6 subnet that is using a /4 will contain many more addresses. With IPv6, each /4 subnet has 21,267,647,932,558,653,966,460,912,964,485,513,216 addresses.)

VLSM Chart

For example, a larger chart is shown at: VLSM Chart. Such a chart often just shows the final part of an IPv4 address. (For instance, instead of specifying “192.0.2.10”, the chart just says “.10”. (The reason the chart only shows the last number is so that the same chart can be used to help visualize a different group of addresses, such as a group that contains 198.51.100.10 or a different group that contains 203.0.113.10.)

Go ahead and check out that VLSM Chart. Especially check out the specific columns in that chart that are labelled IPv4 /27 through IPv4 /30, and compare the tops of those columns to the above boxes. The same basic layout is shown: a group (shown as a box/rectangle) can be broken down into smaller groups. That larger chart is showing the same concept that was discussed earlier in this guide, but shows details about 256 addresses.

That larger VLSM chart may look like it has less information. First of all, the larger chart only shows the first and last address of each group. This was just done to help make the actual chart a bit smaller. Also, the larger chart only shows partial addresses (such as .0 through .15) instead of fuller addresses (like 192.0.2.0 through 192.0.2.15). So, the chart is only showing the last octet. This was done to help make the chart smaller, and also to make the same chart useful for looking at different addresses. For instance, that chart can be used with the addresses 198.51.100.0 through 198.51.100.15. However, that same chart can be used for the addresses 198.51.100.0 through 198.51.100.15, and 203.0.113.0 through 203.0.113.15).

Other people have also made similar charts, which are described in the “VLSM charts” on the networking basics page.

Hopefully that discussed some of the basics of subnetting. To help break things up, further discussion has been placed in a separate section. This guide really only covered some of the basic concepts so far, and so additional reading of the other sections is highly recommended. See: