Try the Subnet Calculator β€” IPv4 & IPv6

Subnetting Explained: CIDR Notation, Host Counts, and Practical Network Design

CIDR notation and subnetting make more sense once you see the pattern: each /1 increase halves the subnet. Here's how prefix lengths translate to host counts, common use cases from cloud VPCs to point-to-point links, and IPv6 subnetting philosophy.

By sadiqbd Β· June 9, 2026

Share:
Subnetting Explained: CIDR Notation, Host Counts, and Practical Network Design

Subnetting is one of those skills that seems harder than it is until you do it once

Every sysadmin, network engineer, and cloud infrastructure person works with subnets regularly. Yet CIDR notation (/24, /16, /28) trips people up because the connection between the number after the slash and the actual network boundaries isn't intuitive until you've worked through the maths a few times.

This is the subnetting primer that connects the notation to the actual numbers β€” without requiring binary arithmetic once you've understood the underlying pattern.

Why networks are divided into subnets

An IP network isn't one flat broadcast domain. Dividing it into subnets:

  • Reduces broadcast traffic (broadcasts are contained within a subnet)
  • Enables security boundaries (firewall rules between subnets)
  • Allows more efficient routing (route summarisation across subnets)
  • Matches logical organisation to physical or administrative boundaries

In cloud environments, subnets are the primary mechanism for network segmentation β€” public subnets for internet-facing resources, private subnets for databases and internal services, isolated subnets for highly sensitive workloads.

CIDR notation and prefix length

CIDR (Classless Inter-Domain Routing) notation expresses a network as an IP address and a prefix length: 192.168.1.0/24.

The prefix length (the number after the slash) specifies how many bits of the IP address are the network portion. The remaining bits are the host portion.

IPv4 addresses are 32 bits. With a /24:

  • Network bits: 24
  • Host bits: 32 βˆ’ 24 = 8
  • Maximum hosts: 2⁸ = 256 addresses (minus 2 for network and broadcast = 254 usable)

The prefix length determines how many hosts the subnet can accommodate:

Prefix Host bits Total addresses Usable hosts Subnet mask
/8 24 16,777,216 16,777,214 255.0.0.0
/16 16 65,536 65,534 255.255.0.0
/24 8 256 254 255.255.255.0
/25 7 128 126 255.255.255.128
/26 6 64 62 255.255.255.192
/27 5 32 30 255.255.255.224
/28 4 16 14 255.255.255.240
/29 3 8 6 255.255.255.248
/30 2 4 2 255.255.255.252
/32 0 1 1 host route 255.255.255.255

The pattern: each prefix increment halves the subnet size. A /25 is half a /24. A /26 is a quarter of a /24. Every time the prefix increases by 1, the subnet contains half as many addresses.

The network address and broadcast address

Given 192.168.1.0/24:

  • Network address: 192.168.1.0 β€” the first address; identifies the subnet itself. Cannot be assigned to a host.
  • Broadcast address: 192.168.1.255 β€” the last address; a packet sent to this address goes to all hosts in the subnet. Cannot be assigned to a host.
  • Usable range: 192.168.1.1 – 192.168.1.254 β€” 254 addresses for hosts

For 10.0.0.0/28:

  • Network: 10.0.0.0
  • Broadcast: 10.0.0.15 (16 addresses total: .0 through .15)
  • Usable: 10.0.0.1 – 10.0.0.14 β€” 14 usable hosts

Common subnetting use cases

Cloud VPC design

Most cloud VPCs start with a large CIDR block (10.0.0.0/16 or /8) that's then divided into subnets for different purposes.

A typical 3-tier AWS VPC:

VPC: 10.0.0.0/16 (65,534 usable addresses)

Public subnets (internet-facing, one per AZ):
  10.0.0.0/24   (254 hosts) β€” us-east-1a
  10.0.1.0/24   (254 hosts) β€” us-east-1b
  10.0.2.0/24   (254 hosts) β€” us-east-1c

Private subnets (application layer):
  10.0.10.0/24  β€” us-east-1a
  10.0.11.0/24  β€” us-east-1b
  10.0.12.0/24  β€” us-east-1c

Database subnets (most restricted):
  10.0.20.0/24  β€” us-east-1a
  10.0.21.0/24  β€” us-east-1b
  10.0.22.0/24  β€” us-east-1c

The /24 subnets are unnecessarily large for many applications but are simple to work with. For large-scale deployments, /22 or /20 subnets allow more room for growth.

Point-to-point links

A /30 subnet has exactly 4 addresses β€” network, two host addresses, broadcast. It's the minimum useful subnet for a link between two devices (e.g. two routers connected directly):

Network:   10.255.0.0/30
Router A:  10.255.0.1
Router B:  10.255.0.2
Broadcast: 10.255.0.3

A /31 (2 addresses) is valid for point-to-point links per RFC 3021 β€” no network or broadcast address needed. Many modern routing implementations support this.

Private address ranges (RFC 1918)

Three ranges are reserved for private networks and should never be routed on the public internet:

  • 10.0.0.0/8 β€” large enterprises, cloud VPCs
  • 172.16.0.0/12 β€” (172.16.x.x through 172.31.x.x) β€” medium networks
  • 192.168.0.0/16 β€” home and small office networks

IPv6 subnetting

IPv6 uses 128-bit addresses, expressed in hexadecimal: 2001:db8:1234::/48.

The standard allocation for an IPv6 site is a /48 prefix from the provider. Within that /48, a /64 subnet is the standard size for each individual network segment β€” and it contains 2⁢⁴ (18 quintillion) addresses.

This scale difference from IPv4 is why IPv6 subnetting philosophy is different: there's no need to conserve addresses by using small subnets. Every LAN segment gets a /64, and there's still more address space left over than can be counted.

How to use the Subnet Calculator on sadiqbd.com

  1. Enter the IP address and prefix length β€” e.g. 192.168.10.0/26
  2. Calculate β€” the tool returns:
    • Network address
    • Broadcast address
    • Usable host range
    • Number of usable hosts
    • Subnet mask in dotted-decimal
    • CIDR notation
  3. For subnet splitting β€” enter a larger network and the target prefix length to see how many subnets result and what ranges they cover

Frequently Asked Questions

What's the difference between a subnet mask and CIDR notation? They express the same information differently. 255.255.255.0 as a subnet mask means 24 bits set to 1 β€” equivalent to /24 in CIDR notation. CIDR is more concise and is the modern standard; dotted-decimal subnet masks are still used in some contexts (especially legacy networking equipment).

Why does AWS say my /24 subnet has only 251 usable addresses instead of 254? AWS reserves 5 addresses per subnet: network address, VPC router, DNS, future use, and broadcast. So a /24 in AWS has 256 βˆ’ 5 = 251 usable addresses. Other cloud providers have similar reservations.

What prefix should I use for a small office network? A /24 (192.168.1.0/24) provides 254 usable addresses β€” adequate for most small offices. For larger environments with growth plans, a /23 (510 hosts) or /22 (1022 hosts) gives room to grow.

Is the Subnet Calculator free? Yes β€” completely free, no sign-up required.

Subnetting feels abstract until you see the numbers working out on actual network designs. The calculator makes any subnet's details immediately visible β€” host range, usable count, mask β€” which is what matters for practical network planning.

Try the Subnet Calculator free at sadiqbd.com β€” calculate network address, host range, and usable IPs for any IPv4 or IPv6 subnet instantly.

Share:
Try the related tool:
Open Subnet Calculator β€” IPv4 & IPv6

More Subnet Calculator β€” IPv4 & IPv6 articles

Subnet Calculator β€” IPv4 & IPv6 Network Address, Host Range & CIDR Subnet Calculator β€” IPv4 & IPv6 Network Address, Host Range & CIDR Cloud VPC Design: Public vs Private Subnets, NAT Gateways, and the Three-Tier Architecture Cloud VPC Design: Public vs Private Subnets, NAT Gateways, and the Three-Tier Architecture IPv6 Address Types: Why One Interface Has Link-Local, ULA, and Global Addresses All at Once IPv6 Address Types: Why One Interface Has Link-Local, ULA, and Global Addresses All at Once Subnetting Math: Why /24 Gives 254 Hosts, How VLSM Works, and What the Slash Actually Means Subnetting Math: Why /24 Gives 254 Hosts, How VLSM Works, and What the Slash Actually Means