Subnetting & CIDR

Imagine an enterprise is granted a massive block of 65,000 IP addresses. If the IT administrator connects all 65,000 computers to a single massive Local Area Network (LAN), the network will collapse almost instantly.

Why? Because computers frequently broadcast messages to discover services (like ARP requests). A single broadcast packet is duplicated and sent to all 65,000 computers. The resulting "Broadcast Storm" would consume 100% of the network bandwidth.

To solve this, the administrator must divide the large logical network into multiple smaller, isolated physical networks called Subnets (e.g., one subnet for the Accounting department, one for HR).

1. The Subnet Mask

An IP address is split into two parts: a Network ID and a Host ID. But how does a router know which bits belong to the Network and which belong to the Host? It uses a Subnet Mask.

A Subnet Mask is a 32-bit number where:

• The bits corresponding to the Network ID are set to 1.
• The bits corresponding to the Host ID are set to 0.

Example

Suppose your IP address is 192.168.1.50 and your Subnet Mask is 255.255.255.0.

• In binary, 255.255.255.0 is 11111111.11111111.11111111.00000000.
• The first 24 bits are 1, meaning the first 3 octets (192.168.1) are the Network ID.
• The last 8 bits are 0, meaning the last octet (.50) is the Host ID.

To find the exact Network Address (the base address of the subnet), the computer performs a bitwise Logical AND operation between the IP Address and the Subnet Mask.

• 192.168.1.50 AND 255.255.255.0 = 192.168.1.0

2. CIDR (Classless Inter-Domain Routing)

In the past, subnet masks were rigidly locked to class boundaries (Class A always used 8 bits, Class C always used 24 bits). This was called Classful Addressing, and it resulted in millions of wasted IP addresses.

CIDR was introduced to allow for variable-length subnet masking (VLSM). With CIDR, a network can be sliced at any arbitrary bit boundary.

CIDR Notation (Slash Notation)

Instead of writing out 255.255.255.0, CIDR simply appends a slash and the number of 1 bits in the mask to the IP address.

• 192.168.1.50/24 (Means the first 24 bits are the network).
• 10.0.0.0/8 (Means the first 8 bits are the network, leaving 24 bits for hosts, allowing 16.7 million computers on this subnet).

3. How to Subnet

If you are given the network 192.168.1.0/24 (which supports 256 addresses), but you want to create 4 smaller subnets of 64 addresses each, you must "borrow" bits from the Host portion to extend the Network portion.

1. To create 4 subnets, you need 2 extra network bits ($2^2 = 4$).
2. The new CIDR block becomes /26 (24 original + 2 borrowed).
3. The new Subnet Mask is 255.255.255.192 (since the last octet now starts with two 1s: 11000000 = 192).

The 4 new Subnets:

• Subnet 1: 192.168.1.0/26 (Range: 0 to 63)
• Subnet 2: 192.168.1.64/26 (Range: 64 to 127)
• Subnet 3: 192.168.1.128/26 (Range: 128 to 191)
• Subnet 4: 192.168.1.192/26 (Range: 192 to 255)

(Note: In every subnet, the very first address is reserved as the Network ID, and the very last address is reserved as the Broadcast Address. Therefore, a /26 subnet supports exactly 62 usable host devices).