Subnet Mask Explained: How Subnetting Works
A subnet mask is a number that divides an IP address into two parts: the network portion (identifying which network) and the host portion (identifying which device on that network). Understanding subnet masks is essential for network configuration, troubleshooting, and designing efficient networks. Whether you're setting up a home router, configuring a corporate LAN, or diagnosing why two devices can't communicate, subnet masks are at the core of every IP network decision.
What is a Subnet Mask?
Every IP address has two components: the network address and the host address. The subnet mask determines where the boundary lies. Think of it like a zip code: the first part tells you the general area (network), and the second part pinpoints the exact location (host). For example, with the IP 192.168.1.100 and subnet mask 255.255.255.0: the first three octets (192.168.1) identify the network, and the last octet (100) identifies the specific device on that network.
Subnet masks work at the binary level. Each 255 in decimal equals 11111111 in binary — eight consecutive 1-bits. When the subnet mask has a 1 in a given position, that bit in the IP address belongs to the network portion. When it has a 0, that bit belongs to the host portion. So 255.255.255.0 means the first 24 bits are network, and the last 8 bits are host. This binary approach is what makes variable-length subnetting possible — you don't have to split on octet boundaries.
Common subnet masks:
| Subnet Mask | CIDR | Networks | Hosts per Network |
|---|---|---|---|
| 255.255.255.0 | /24 | 1 | 254 |
| 255.255.255.128 | /25 | 2 | 126 |
| 255.255.255.192 | /26 | 4 | 62 |
| 255.255.255.224 | /27 | 8 | 30 |
| 255.255.0.0 | /16 | 1 | 65,534 |
| 255.0.0.0 | /8 | 1 | 16,777,214 |
CIDR Notation
CIDR (Classless Inter-Domain Routing) is a compact way to write subnet masks. Instead of writing 255.255.255.0, you simply append /24 to the IP address — meaning the first 24 bits are the network portion. /16 means the first 16 bits (255.255.0.0). The higher the CIDR number, the smaller the subnet. CIDR notation is especially common in cloud platforms like AWS and Azure, where you define VPC subnets using CIDR blocks like 10.0.1.0/24.
Here's a quick conversion trick: subtract the CIDR prefix from 32 to get the number of host bits. 32 - 24 = 8 host bits, which means 28 - 2 = 254 usable hosts. For /26, that's 32 - 26 = 6 host bits, so 26 - 2 = 62 usable hosts. The subtraction of 2 accounts for the network address (all host bits zero) and the broadcast address (all host bits one), which can't be assigned to devices.
How Subnetting Works
Subnetting divides a large network into smaller, more manageable subnetworks. For example, a /24 network (254 hosts) can be divided into two /25 networks (126 hosts each), four /26 networks (62 hosts each), or eight /27 networks (30 hosts each). This improves organization, security, and reduces broadcast traffic.
Why does this matter in practice? Imagine a company with departments that shouldn't share traffic directly — Finance, Engineering, and HR. By subnetting, each department gets its own broadcast domain, and a firewall or router can control what passes between them. Subnetting also reduces broadcast noise: in a flat /16 network with 65,000 hosts, broadcast packets from one device reach every other device. Split that into /24 subnets and broadcasts stay local to just 254 hosts.
A common real-world pattern is the 10.0.0.0/8 private range divided into /24 subnets: 10.0.1.0/24 for servers, 10.0.2.0/24 for office workstations, 10.0.3.0/24 for IoT devices, and so on. Each subnet can have its own policies, VLAN, and DHCP scope.
Key Network Addresses
For any subnet, three addresses are special:
- Network address: First address (all host bits = 0) — identifies the network itself. Routers use this to route packets to the correct subnet.
- Broadcast address: Last address (all host bits = 1) — sends to all devices on the subnet. Useful for ARP requests and service discovery.
- Usable host range: All addresses between network and broadcast. These are the IPs you can actually assign to devices.
Example: 192.168.1.0/24 → Network: 192.168.1.0, Broadcast: 192.168.1.255, Hosts: 192.168.1.1 to 192.168.1.254
For a smaller subnet like 192.168.1.128/26: Network is 192.168.1.128, broadcast is 192.168.1.191, and usable hosts are 192.168.1.129 through 192.168.1.190. Notice that the network address doesn't have to start at .0 — it depends on where the subnet begins within the larger address space.
FAQ
What is the default subnet mask for my home network?
Most home networks use 255.255.255.0 (/24), which gives you 254 usable IP addresses (192.168.1.1 through 192.168.1.254). This is more than enough for typical home use, where you might have a dozen devices connected. If you have a smart home with dozens of IoT devices, you still won't run into limits — even 254 addresses is generous for a residential setup.
How do I find my subnet mask?
On Windows, run ipconfig in Command Prompt. On macOS/Linux, run ifconfig or ip addr in Terminal. Your subnet mask will be displayed alongside your IP address. You can also find it in your router's admin panel, usually under LAN settings or DHCP configuration.
Check your public IP and network info at miip.link.