An IP address is an address used in order to uniquely identify a device on an IP network. The address is made up of 32 binary bits, which can be divisible into a network portion and host portion with the help of a subnet mask. In this article I am going to discuss the designing aspect of subnet masks. For converting and analysing subnet masks, please refer to my previous article in this series of Subnet Masking.

The 32 binary bits are broken into four octets (1 octet = 8 bits). Each octet is converted to decimal and separated by a period (dot). For this reason, an IP address is said to be expressed in dotted decimal format (for example, The value in each octet ranges from 0 to 255 in decimal, or 00000000 – 11111111 in binary.

Here is how binary octets convert to decimal: The right-most bit, or least significant bit, of an octet holds a value of 2^0. The bit just to the left of that holds a value of 2^1. This continues until the left-most bit, or most significant bit, which holds a value of 2^7. So if all binary bits are a one, the decimal equivalent would be 255 as shown here:


TOTAL: 128+64+32+16+8+4+2+1=255

Here is a sample octet conversion when not all of the bits are set to 1:


TOTAL: 0+0+0+16+0+0+0+1=17

And this sample shows an IP address represented in both binary and decimal:


 10. 1. 1. 1 (decimal)
 00001010.00000001.00000001.00010001 (binary)

These octets are broken down to provide an addressing scheme that can accommodate large and small networks. There are five different classes of networks, A to E. This document focuses on addressing classes A to C, since class D is for Multicast and E is reserved, and are therefore beyond the scope of this document.

Note: The terms Class A, Class B and so on are used in this document to help facilitate the understanding of IP addressing and subnetting. These terms are rarely used in the industry anymore because of the introduction of classless inter domain routing (CIDR).

Given an IP address, its class can be determined from the three high-order bits. Fig. 1 shows the significance of the three high order bits and the range of addresses that fall into each class.

Fig. 1

In a Class A address, the first octet is the network portion, so the Class A example in Fig. 1 has a major network address of – (Technically, Class A is from to but and are reserved for special use.) Octets 2, 3, and 4 (the next 24 bits) are for the network manager to divide into subnets and hosts as they see fit. Class A addresses are used for networks that have more than 65,536 hosts (actually, up to 16,777,214 hosts!).

In a Class B address, the first two octets are the network portion, so the Class B example in Fig. 1 has a major network address of – Octets 3 and 4 (16 bits) are for local subnets and hosts. Class B addresses are used for networks that have between 255 and 65,534 hosts.

In a Class C address, the first three octets are the network portion. The Class C example in Fig. 1 has a major network address of – Octet 4 (8 bits) is for local subnets and hosts – perfect for networks with less than 254 hosts.

Class D is used for Multicast and Class E is used for Research & Development. So, we will talk only about Class A, B and C.

Network Masks

A network mask helps you know which portion of the address identifies the network and which portion of the address identifies the node. Class A, B, and C networks have default masks, also known as natural masks, as shown here:

An IP address on a Class A network that has not been subnetted would have an address/mask pair similar to: To see how the mask helps you identify the network and node parts of the address, convert the address and mask to binary numbers. = 00001100.00011111.00000001.00000001 = 11111111.00000000.00000000.00000000

Once you have the address and the mask represented in binary, then identifying the network and host ID is easier. Any address bits which have corresponding mask bits set to 1 represent the network ID. Any address bits that have corresponding mask bits set to 0 represent the node ID. = 00001100.00011111.00000001.00000001 = 11111111.00000000.00000000.00000000


            Net id | host id

Netid = 00001100 = 12

Hostid = 00011111.00000001.00000001 = 31.1.1

Subnetting Process:

  • Determine the number of Required Network-IDs
  • Determine the number of Required Host IDs per Subnet
  • Define One Subnet Mask Based on Requirements
  • Define a Unique Subnet ID for Each Physical Segment Based on the Subnet Mask
  • Define Valid Host Ids for Each Subnet Based on the Subnet ID

Designing Subnet Masks

Subnetting allows you to create multiple logical networks that exist within a single Class A, B, or C network. If you do not subnet, you are only able to use one network from your Class A, B, or C network, which is unrealistic.

Each data link on a network must have a unique network ID, with every node on that link being a member of the same network. If you break a major network (Class A, B, or C) into smaller subnetworks, it allows you to create a network of interconnecting subnetworks. Each data link on this network would then have a unique network/subnetwork ID. Any device, or gateway, connecting n networks/subnetworks has n distinct IP addresses, one for each network/subnetwork that it interconnects.

In order to subnet a network, extend the natural mask using some of the bits from the host ID portion of the address to create a subnetwork ID. For example, given a Class C network of which has a natural mask of, you can create subnets in this manner:


By extending the mask to be, you have taken three bits (indicated in orange) from the original host portion of the address and used them to make subnets. With these three bits, it is possible to create eight subnets. With the remaining five host ID bits, each subnet can have up to 32 host addresses, 30 of which can actually be assigned to a device since host IDs with all zeros (reserved for the “network address”) or all ones (reserved for the “broadcast address”) are not allowed. (It is very important to remember this.) So, with this in mind, these subnets have been created. host address range 1 to 30 host address range 33 to 62 host address range 65 to 94 host address range 97 to 126 host address range 129 to 158 host address range 161 to 190 host address range 193 to 222 host address range 225 to 254

Note: There are two ways to denote these masks. First, since you are using five bits more than the “natural” Class C mask, you can denote these addresses as having a 5-bit subnet mask. Or, secondly, the mask of can also be denoted as /27 as there are 27 bits that are set in the mask. This second method is used with CIDR. With this method, one of these networks can be described with the notation prefix/length. For example, denotes the network When appropriate, the prefix/length notation is used to denote the mask throughout the rest of this document.

The network subnetting scheme in this section allows for eight subnets, and the network might appear as:

Figure 3

Notice that each of the routers in Fig. 2 is attached to four subnetworks, and one subnetwork is common to both routers. Also, each router has an IP address for each subnetwork to which it is attached. Each subnetwork could potentially support up to 30 host addresses.

This brings up an interesting point. The more host bits you use for a subnet mask, the more subnets you have available. However, the more subnets available, the less host addresses available per subnet. For example, a Class C network of and a mask of (/27) allows you to have eight subnets, each with 32 host addresses (30 of which could be assigned to devices). If you use a mask of (/28), the breakdown is:


Since you now have four bits to make subnets with, you only have four bits left for host addresses. So in this case, you can have up to 16 subnets, each of which can have up to 16 host addresses (14 of which can be assigned to devices).

Take a look at how a Class B network might be subnetted. If you have the network, then you know that its natural mask is or Extending the mask to anything beyond means you are subnetting. You can quickly see that you have the ability to create a lot more subnets compared to a Class C network. If you use a mask of (/21), how many subnets and hosts per subnet does this allow for?


You are using five bits from the original host bits for subnets. This allows you to have 32 subnets (2^5). After using the five bits for subnetting, you are left with 11 bits for host addresses. This allows each subnet to have 2048 host addresses (2^11), 2046 of which could be assigned to devices.

Note: In the past, there were limitations to the use of a subnet 0 (all subnet bits are set to zero) and all ones subnet (all subnet bits set to one). Some devices would not allow the use of these subnets. Cisco devices allow the use of these subnets when the ip subnet zero command is configured.

Tips for CCNA Exams

I hope all these articles on subnet masking will help you have a better understanding of IPv4 addressing and Subnetting. As I stated earlier in my previous article on subnet masks, if you want to become an expert on it, you need to practise more on it. These topics are very important for all Cisco exams in Routing and Switching platforms as well as in daily jobs. If you have any query regarding this topic or any previous articles on subnet masks then please use the comment box below. Thanks and best of luck to your preparation for the CCNA exams.


  1. Guide to Cisco Certified Network Associate certification by Todd Lamlee, Sybex press.
  2. Guide to Cisco Certified Network Associate by Richard Deal.
  3. Cisco Certified Network Professional-Route by Wendell Odom,
  4. CCNP- Route Quick reference by Denis Donohue,
  5. Cisco Certified Internetwork Expert by Wendell Odom and others,
  6. Cisco Certified Internetwork Expert Quick reference by Brad Ellis,
  7. Data communication & Computer Networking by Furazon
  8. Computer Networking by William Stallings
  9. Computer networking fundamentals by Tatenbum.