Subnets and CIDR in IPv4

Last updated: 5 October 2021

This article is a gentle introduction to IPv4 subnets and CIDR. It includes a brief history lesson about network classes that explains why subnets were invented (and why they are very useful). Base-2 numbers play a large role in the story, so you may want to read my article about binary numbers first. And if you want to know how to calculate the number of IPs in a subnet then I got an article about that as well.

IP addresses

An IP address identifies a system on a network. The most common type of IP address is still IPv4, which is a 32-bit address made up of four 8-bit octets separated by dots. As you probably know, the world has pretty much run out of IPv4 addresses and IPv4 is slowly being replaced with IPv6. An IPv6 address is made up of eight 16-bit hextets (separated by colons). They are therefore 128-bit addresses. The number of available IPv6 addresses is insanely large – so large that you might one day get a static IP address from your ISP.

In this article I focus on IPv4 addresses. That is mainly because subnets are more relevant for IPv4 addresses. However, the basics are the same for both IPv4 and IPv6. The main difference is that you need to understand hexadecimals for IPv6 subnets.

Reserved and loopback IPs

Both IPv4 and IPV6 have so-called reserved addresses. For instance, chances are that your local machine has an IPv4 address starting with 192.168. These IP addresses are local IPs used for communication on your local network (LAN).

Your machine also has a loopback IP. In most cases this is 127.0.0.1. You will be familiar with that if you develop websites locally on your computer – if you have a web server running on your machine then you can view websites you are working on via http://127.0.0.1 or http://localhost.

Network classes

IP addresses have two parts; a network and a host part. In the early days of the internet (the ARPANET era) the first octet of an address was used for the network and the remaining three octets were used for nodes. That limited the number of networks to just 254, but that seemed plenty at the time. Little did they know that billions of people would one day spend their lives on Facebook and connect doorbells and toasters to the internet.

In the early 1980s a new architecture called classful network was adopted. This scheme defined five classes of IP addresses. The primary classes were A, B and C, and each class defined a range of IP addresses and which octets were the network part. Class A addresses still used only the first octet for the network; class B used the first two and class C the first three.

 Class | Network/Node                    | Range                       
-------+---------------------------------+-----------------------------
 A     | Network.Node.Node.Node          | 1.0.0.0 - 127.255.255.255   
 B     | Network.Network.Node.Node       | 128.0.0.0 - 191.255.255.255 
 C     | Network.Network.Network.Node    | 192.0.0.0 - 223.255.255.255 

Although elegant, the architecture was still very limited. At one end of the spectrum you had 254 class A addresses with a whopping 16,777,214 nodes each, while at the other end you had millions of class C addresses with just 254 nodes. As the internet kept growing rapidly it became clear that there weren’t enough IP addresses.

The next attempt to solve the problem was a new architecture called Classless Inter-Domain Routing, or CIDR. With CIDR the network part doesn’t always have to be an entire octet. This makes it possible to divide networks into smaller parts, known as subnets. CIDR was adopted in 1993 and is still widely used today. The main other development that has happened since is the introduction of IPv6 addresses. When IPv6 is finally widely used the world should never again face an IP address shortage.

Subnets

As said, with subnets the network component doesn’t always have to be exactly 1, 2 or 3 octets. Instead, the network address is defined by a subnet mask. Just like an IP address, a subnet mask is a 32-bit number divided into four-octets. The mask is used to mask out what part of an IP address is the network.

Base-2 numbers

To make sense of subnet masks you need to understand base-2 numbers. Once the subnet mask is a base-2 number you can instantly see which part of an IP address is the network and which part is used for nodes; the network component is made up of all ones while the host part is made up of zeros.

To demonstrate, let’s convert the network mask 255.255.255.0. In base-2, the number 255 is 11111111. So, the first three octets are all ones and part of the network. The last octet is made up of all zeros and can be used for nodes. This aligns exactly with class C networks:

11111111.11111111.11111111.00000000
Network  Network  Network  Node

Another common mask is 255.255.255.192. Here, part of the fourth octet is part of the network. To find out how many bits are turned on in the fourth octet you can use the following table:

 128 |  64 |  32 |  16 |  8  |  4  |  2  |  1  
-----+-----+-----+-----+-----+-----+-----+-----
  1  |  1  |  0  |  0  |  0  |  0  |  0  |  0  | 192

The first row shows base-2 exponents and the second row shows if an individual bit is on (1) or off (0). The number in the fourth octet is 192, and we can get to 192 by adding up 128 and 64. So, the first two bits in the fourth octet are on and the remaining six are off. The fourth octet is therefore 11000000, and the full subnet mask is 11111111.11111111.11111111.11000000.

CIDR notation

Network administrators typically use CIDR notation to indicate the size of the network part of an IP address. For instance, the network mask 255.255.255.0 translates to 11111111.11111111.11111111.0000000 in binary. There are 24 bits that are switched on in the address. In CIDR-speak, you can therefore say that it is a /24 address. If you see an IP address like 192.168.1.0/24 or 202.202.0.0/24 then you always know that the network part is made up of the first three octets.

The second example I gave used the mask 255.255.255.192. In that mask 26 bits are turned on, and it is therefore a /26 address. In the same way you can use CIDR for the old classful network IPs:

 Class | Network/Node   | Range                       | CIDR 
-------+----------------+-----------------------------+------
  A    | 255.0.0.0      | 1.0.0.0 - 127.255.255.255   | /8   
  B    | 255.255.0.0    | 128.0.0.0 - 191.255.255.255 | /16  
  C    | 255.255.255.0  | 192.0.0.0 - 223.255.255.255 | /24  

Reserved host IP addresses

There are a few more things to note about subnet masks. Firstly, it is perfectly fine to use the mask 255.255.255.0 for a class A IP address. This is why subnet masks are so useful; they let you configure your network exactly how you want.

Another thing to be aware of that the first and last IP address of the host portion are reserved. The first IP address is used as a network identifier and the last IP is the broadcast address. The broadcast address is typically used to assign an IP address to a node. Put simply, hosts use the broadcast address to send a message to the entire network. The message is typically: “I am a node on the network and would like an IP address, thank you very much”. The DHCP server on the network listens out for such cries and responds by assigning an IP address to the node.