How to Subnet like a Champ

Lets save the discussion and get right to it. You will need to know two numbers, 256 and 8. And you need to understand one concept: Subnets group together hosts. These groups can't be any size. Instead they are restricted by powers of 2.

20 = 1
21 = 2
22 = 4
23 = 8
24 = 16
25 = 32
26 = 64
27 = 128
28 = 256

We could keep going, but 8 is a good stopping. The mask is used to declare how many hosts will be on the subnet. You can determine this by subtracting it from 256.
            Mask:         255  254  252  248  240  224  192   128     0
            Subnet Size:    1    2    4    8   16   32   64   128   256
        
This is for a single octet, but an IP address and the associated mask are 4 octets. So it will look more like:
            octet   1rst 2nd 3rd 4th
            -----   ---- --- --- ---
            mask:    255.255.255.248
            address:  10. 20. 30. 40
        
Note that we've lined up the octets in the mask with the octets in the host. I like to write the mask above the address. The mask is 255.255.255.248 while the address is 10.20.30.40. Just consider the 4th octect in this example. This host is on a subnet that has a size of 8 (256 - 248). As it turns out, there are two reserved addresses that are not used. So this host can only talk to 6 other hosts directly. Every other host is on a different subnet. A router is needed to move traffic between subnets
For small subnets of less then 254 hosts, only the 4th octet in the mask is used to determine the size. As the subnets get larger, the host portition will spill into the 3rd or 2nd octet. To find the size for any mask, all we need to do is multiply all of the octet sizes together. Lets see this in action with some examples:
            Mask              Values                 Size    Usable
            255.255.255.224 = 1 x 1 x 1 x 32    =      32        30
            255.255.255.0   = 1 x 1 x 1 x 256   =     256       254
            255.255.254.0   = 1 x 1 x 2 x 256   =     512       510
            255.255.248.0   = 1 x 1 x 8 x 256   =   2,048     2,046
            255.252.0.0     = 1 x 4 x 256 x 256 = 262,144   262,142
        
There is a table on bottom of the calculator page that lists subnet sizes and masks
Remember, we are subtracting each octet of the mask from 256 and then multiplying the results to get the size of the subnet, then subtracting 2 for the usable host count. You may already know, but only one of the octets will be a value other than 255 or 0, and it will always be 255 before and 0 after that "active" octet. You will notice that in the examples the table above.
An example of an invalid mask would be 255.128.0.255 . This is wrong because only 0's can follow the 128.
Earlier we mentioned each subnet has 2 special purpose addresses that can not be assigned to hosts; these are the network number or network address and the broadcast address. The network address is where the host index would be 0, while the broadcast address is the very last address on the subnet. Technically all host bits are set to 1. This is why the usable addresses count will be 2 less than the subnet size. You may wonder about 255.255.255.255 and 255.255.255.254 that would result in a negative usable host count. The first is considered to be a host address, (subnet size = 1). The second is special accomodation for point-to-point networks that covers the links between routers (subnet size = 2). In both cases, the network address and the broadcast address don't hold any meaning.
If two hosts are on the same subnet, they can talk to each other directly without needing a router. If a router is needed, the host will send the traffic to the subnet's default gateway. The default gateway should be the router's address on that subnet. It is common practice to assign the router to the first address on the subnet, but this isn't a rule.
In order to determine if two ip addresses are on the same subnet, we can divide the octet by the size and drop the remainder. If you get the same integer value for both hosts, then they are on the same subnet. The remainder represents the host number on that subnet. Treat each octet independently and it will work, or you can just focus on the active octet.

10.20.30.40 255.255.255.224 -> 10/1 20/1 30/1 40/32 = 10 20 30 1 remainder 8
10.20.30.50 255.255.255.224 -> 10/1 20/1 30/1 50/32 = 10 20 30 1 remainder 18


Because when we ignore the remandiner we get the same value, we know that these hosts are on the same subnet and can talk directly to each other. Notice that the 4th octet is active, so we can just consider 40/32 and 50/32. Both result in the same whole number, 1. Lets look at another.

10.20.30.40 255.255.255.224 -> 10/1 20/1 30/1 40/32 = 10 20 30 1 remainder 8
10.20.30.80 255.255.255.224 -> 10/1 20/1 30/1 80/32 = 10 20 30 2 remainder 16


We can see that these addresses are not on the same subnet and will need a router in order to communicate with each other. This method works with larger subnets as well.

10.20.30.40    255.252.0.0 -> 10/1  20/4  30/256  40/256 = 10  5r0 0r30  0r40
10.120.230.123 255.252.0.0 -> 10/1 120/4 230/256 255/256 = 10 30r0 0r230 0r123


Because the second octet is active and results in different whole numbers, these IP addresses are not on the same subnet.

How to find the network number

The network number or network address results in a 0 remainder when we divide by the network size. We can find the network number by doing the division, dropping the remainder and multiplying back. focus on the just active octet. Lets look at
10.20.30.178 255.255.255.224. All of the action is in the 4th octet.
Mask 255.255.255.224:
256 - 224 = 32
178 / 32 = 5.5625
5 * 32 = 160
so the network address is 10.20.30.160
That also means the first address is 10.20.30.161, the broadcast address is the last address before we get to the next network. Since our networks are 32 addresses wide (256 - 224), that last address on this network will be 10.20.30.191, (160 + 31). You can think of this as the case where the remainder is one less than the size.

CIDR notation

There is a cleaner way to represent the mask value. It makes it a little more difficult to work out the size of the subnet because you can not lay out the mask octects and subtract from 256, but nothing we can't handle. The method simply counts the number of bits in the mask that are set. Converting from the 4 octets to a CIDR value takes a little practice. Remember that an octet is represented by 8 bits, and we have 4 octets for a max bit count of 32. Some examples that highlight can be used to see what is going on. Look for obvious patterns.
        0.0.0.0         /0
        255.0.0.0       /8
        255.255.0.0     /16
        255.255.255.0   /24
        255.255.255.255 /32
    
For other values, lets look at mask sizes between /24 and /32:
        255.255.255.128  /25   24 + 1
        255.255.255.192  /26   24 + 2
        255.255.255.224  /27   24 + 3
        255.255.255.240  /28   24 + 4
        255.255.255.248  /29   24 + 5
        255.255.255.252  /30   24 + 6
        255.255.255.254  /31   24 + 7
    
There are 7 of these so its not impossible to memorize them. Once you memorize one octet, you can apply it to the others. Again, look for the pattern.
        255.255.128.0  /17   16 + 1
        255.255.192.0  /18   16 + 2
        255.255.224.0  /19   16 + 3 
        255.255.240.0  /20   16 + 4 
        255.255.248.0  /21   16 + 5 
        255.255.252.0  /22   16 + 6 
        255.255.254.0  /23   16 + 7 
    

        255.128.0.0   /9   8 + 1
        255.192.0.0  /10   8 + 2
        255.224.0.0  /11   8 + 3 
        255.240.0.0  /12   8 + 4 
        255.248.0.0  /13   8 + 5 
        255.252.0.0  /14   8 + 6 
        255.254.0.0  /15   8 + 7 
    
Memorizing 128 is 1 bit, 192 is 2, 224 is 3 and so on will take a bit more effort, but will be faster. You can also derive them as well but it requires working with Log2. Here is another pattern to know about:
        1) 128 = 128                              128 + 128 = 256
        2) 128 + 64 = 192                         192 +  64 = 256
        3) 128 + 64 + 32 = 224                    224 +  32 = 256
        4) 128 + 64 + 32 + 16 = 240               240 +  16 = 256
        5) 128 + 64 + 32 + 16 + 8 = 248           248 +   8 = 256
        6) 128 + 64 + 32 + 16 + 8 + 4 = 252       252 +   4 = 256
        7) 128 + 64 + 32 + 16 + 8 + 4 + 2 = 254   254 +   2 = 256
    

Now if we need to go from the cidr notation to the subnet size you can work back to the mask as an octet in your head using the patterns above, or you can use powers of 2. Let start with another example, 192.168.4.64/27. We will work out the size of the subnet, the subnet number, and the broadcast address. It's best to know the size of the subnet first. You can get this by taking 2 raised to the power of 32 - the cidr value, for example: 232-27 = 25 = 32. So the subnet size is 32, leaving 30 usable addresses. The broadcast address will be the network number plus the size minus 1. (64 + 32 - 1) = 192.168.4.95
The cidrs to correspond to the 4th octet are the most common.
        232-25 = 27 = 128
        232-26 = 26 = 64
        232-27 = 25 = 32
        232-28 = 24 = 16
        232-29 = 23 = 8
        232-30 = 22 = 4
        232-31 = 21 = 2
    
But you can quickly work out the pattern in other active octets: so..
        232-24 = 28 = 256
        232-23 = 29 = 512
        232-22 = 210 = 1024
        232-21 = 211 = 2048
        232-20 = 212 = 4096
        232-19 = 213 = 8192
        232-18 = 214 = 16384
    

You can see these subnet sizes can get fairly large. It is possible to have a subnet and break it into smaller subnets. Lets say we had 10.20.32.0/20. We know the size is 232 - 20 = 212 = 4096. That is a big number to work out in your head. But there are some tricks we can do if we remember from math class that you can multiply two numbers with the same base by adding their exponents. That allows us to write 212 as 24+8 = 24·28 = 16·256. Of course, thats still a little tricky. You many see that 256·4 = 1024 so it might be easier to do 2(8+2)+2 = 210·22 = 1024·4 = 4096. So what we have is 210 = 1024. This is helpful when you need to work out 212 since it is 210·22 or 1024 · 4. For practice, 213 is 1024·8 = 8192, or 8K. If you know that you can divide numbers by subtracting exponents, and remember that 32 minus the cidr value maps to an exponent, then sub dividing subnets will be easier.
Returning to our example, 10.20.32.0/20 has 4096 addresses, 4094 that are usable. But we can split this into multiple smaller sub networks. If we split it into 4 equal sized subnets, each would hold 1024 addresses. If we split it into 8 subnets, each would be 512 addresses wide. We can use the same power method to keep track of this. Taking a /20 and splitting it into 8 subnets is 8 = 23 and a /20 is 212. So 8 subnets from a /20 results in 8 x /23 subnets because 212-3 or 29, and we need to subtract this from 32 to get the CIDR of 23.
We can short-cut this and go directly from to the child cidr by adding 3 to the /20. So each of the 8 subnets of a /20 will have a /23 mask. Without getting into details, this also works for IPv6 where spliting subnets with large masks is pretty common. A /58 will hold 264 - 58 /64 subnets. To recap, a /20 divided by 8 will result in /23 subnets. A /17 divided into 4 smaller subnets would results in /19's
. Some people will count these on their head by increasing the CIDR each time they split the parent in half.
You can go the other way too. If you need to summerize 8 x/23's you will need a /20. We can come up with a general rule
A subnet with a /y CIDR will hold 2x-y subnets, each with a /x mask, ie a /20 will hold 223-20 = 8 x/23s
Lets try another example. How many /27 subnets can you get from a /23 summary? You should come up with 16 because 24 = 16. We can reword the problem. If we need 8 subnets, each with 62 usable IPs addresses, what size summary will cover all of them? You should get a /23. You will need a /26 to cover 62 usable IPs, and since we need 8 of these and 23=8, the mask on the summary will be 26 - 3 = /23, which is also 255.255.254.0

Classful Networks

Quite a long time ago, before anyone imagined a single "Internet" that would connect every IP address in the world, IP inventors tried to simplify things by creating different classes of subnets, where each class was a defined size:
        Class A,      255.0.0.0  /8
        Class B,    255.255.0.0  /16
        Class C,  255.255.255.0  /24
    
They auto assigned subnets into classes based on their starting address. Remember the 128, 192, 224 from earlier, its back:
        0.0.0.0   - 127.255.55.255   Class A 
        128.0.0.0 - 191.255.255.255  Class B
        192.0.0.0 - 223.255.255.255  Class C
        224.0.0.0 - 239.255.255.255  Class D 
    
What made this nice was that you could infer the mask size by looking at the first octet. The started assigning really large networks from the class A address space, medium networks were assigned a Class B, and the smaller companies got a Class C. Of course, there are more than 127 large companies, so things fell apart pretty quickly. The other thing was within a company, they would break the network into multiple subnets like we showed earlier. Normally the mask tells you what part of the address is the network address and what part are the host bits. When we split up a classful network, it is said we might borrow host bits to create subnets of the network class. In our earlier example, 10.20.30.40 is a Class A network, so in the original setup, the mask was 255.0.0.0. This means the network number is just the first octets 10, and the other three octets are the host address, 20.30.40 in our example. But if we want to split the network into 8 smaller subnets, we will "borrow" three bits from the host and use them to represent the subnet number. So now the mask is 255.224.0.0 or /11. Technically the network number is still 10.0.0.0, the subnet number is the first 3 bits of the 2nd octet, and the host bits are the remaining 21 bits. So now the subnet numbers would be
        10.0.0.0/11     1rst subnet, at index 000 
        10.32.0.0/11    2nd subnet, at index 001
        10.64.0.0/11    3rd subnet, at index 010
        10.96.0.0/11    4th subnet, at index 011
        10.128.0.0/11   5th subnet, at index 100
        10.160.0.0/11   6th subnet, at index 101
        10.192.0.0/11   7th subnet, at index 110
        10.224.0.0/11   8th subnet, at index 111
    

RFC1918

This is commonly called "private" address space because it is not routed on the public network. You can use private IPv4 address space internally but you can't use to to talk to anything outside of your private network. This has been around since class based networking. So there are actually class A, B, and C private address blocks under RFC1918. They are:
10.0.0.0/8 172.16.0.0/12 192.168.0.0/16
notice that there is only one class A private block. But there are 16 class B, and 256 class C private blocks, since 28-8 = 1, 216-12 = 16, and 224-16 = 256.

Hopefully this has helped. The concept is easy enough, split a network into smaller subnets. But it can get complicated to keep the math straight.