Exactly what is subnetting and why should you care? Well, if you have to ask that question, then perhaps you should ask a Sysadmin to subnet your network for you. However, if you’re a home user with a network, you’re the Sysadmin. Or, at least you should be working to that end.

Essentially, subnetting is a way to break up one large network into smaller networks. Why you might want to or need to do this varies. For a corporate network, subnetting allows the organization to sandbox users of separate groups or departments from one another so employees of one department can’t easily access (unless you want them to) files, forms, reports, and other data since they will be on a separate network and the servers that host those documents can’t be reached. So, for example in a departmentally-subnetted network, employees in marketing can’t access data in the business department and vice versa, and business department employees can’t access data residing on the admin department network, and vice versa, etc. Additionally, a Sysadmin might segregate departments into their on subnets in order to make it easier to keep track of the host devices and to maintain them, as well as to lessen the administrative burden on supporting those PCs and the customers they are linked to.

For a home network, segregating a single Class C network, which is a network with IP addresses of the form N. N. N. H (where N= network nodes, and H = host computers/devices) there are 2 exp 8 – 2 available host IP address assignments = 254 host addresses. The network and the broadcast addresses are not included in this total and cannot be assigned to a PC or other network host. This is why we subtract 2 in the formula above. Home networks might be segregated for both security and control using subnetting so that various devices or data can be protected; that is to say, if someone accesses a home network, they wouldn’t necessarily be able to peruse the entirety of the home network unabated but only the subnet that they breached, or to ease administrative control over those devices. But, it is important to mention here that subnetting a home network requires someone to configure the router that manages the home network to accommodate the subnetting scheme that is chosen or this won’t work.

IPv4 Addresses and Subnet Masking

IP version 4 addresses are comprised of 4 groups called quads consisting of 8-bits per quad, separated by dots. Thus, IPv4 IP addresses are also referred to as dotted-quads. A typical network is classified as either a Class A, B, C, or D network. These types of networks are referred to as classful networks. A portion of each IPv4 address is used to identify the network portion and a portion is used to designate the host section of the address. In a Class A network, the IPv4 address is apportioned such that it can be identified as N.H.H.H, where the N = 8 bits (first dotted quad), and the H = 8 bits per quad in each of the 2nd, 3rd, and 4th dotted quads. Furthermore, a Class B network can be represented in the form: N.N.H.H with the first two 8-bit dotted quads being reserved for the network portion and the last two reserved for host assignments. And, lastly, the default home network is a Class C network which can be represented in the form of N.N.N.H, where only the final 8 bits of the IPv4 network address are reserved for host assignments (254 in all), while the remainder of the address (24 bits) are used to designate the network. Hence, a typical Class C home network would look like: 192.168.1.0/24, where the /24 is called the CIDR (Classless Inter-Domain Routing) representing the 24 bits in the network portion of the IP Address associated with the Class C home network.

Computers and other network nodes use the IPv4 address to identify those devices. However, these network nodes only speak 0’s and 1’s, so each quad of the IPv4 address can be all 0’s, such as 00000000 (each bit turned OFF), 11111111 (each bit turned ON), or some permutation of 0’s and 1’s that make up the 8 bits per quad and 32 bits per address. Unused bits (turned OFF) in a quad can be used to create the subnet ID, but how do network nodes know which ones to use? This is where subnet masks come in. Since typical private home networks have IPv4 address that are Class C networks and, thus, of the form N.N.N.H, the last 8 bits that make up the H(ost) address can be used to assign host addresses and we tell hosts they are available by assigning the subnet mask for a Class C network as 255.255.255.0. This basically means all bits in the first, second, and third quads of the IPv4 address are used for network assignment, and the remaining 8 bits in the fourth quad are available for host assignments. To recap, the IPv4 network and subnet mask for a typical Class C network are:

• IPv4 Address: 192.168.1.0
• Subnet Mask: 255.255.255.0 = 11111111.11111111.11111111.00000000

Looking at the above, 255 in binary is 11111111. The first three numbers of the IPv4 address hold the network ID whereas the last number holds the subnet ID. It is the subnet ID that can be used to assign addresses to nodes on the network. So, the Subnet Mask 255.255.255.0 means that the first three numbers of the IPv4 address hold the network ID which leaves the last number of this address which holds the subnet ID. The first three quads cannot accept host addresses since all of these bits are turned ON. But, the last quad can accept host assignments and we tell the nodes (and the DHCP server on the network) that these can be used when we identify the Subnet Mask as 255.255.255.0. The Subnet Mask is a powerful tool on our network. Subnetting the network alters this Subnet Mask assignment, so we must get it right when we subnet. Let’s look at a tool in Linux which can help us out in meeting that goal of never making a mistake when we subnet our networks.

Using ipcalc to Assist With Subnetting a Linux Network

The Linux tool I alluded to earlier is called ipcalc, and it is issued from the Terminal. It is likely that you will need to install ipcalc since it is generally not natively installed in bash. To install ipcalc in Debian, Ubuntu or other apt-based distro, use:

$ sudo apt install ipcalc

If you’re running Fedora, Red Hat, or Alma Linux, then use:

$ sudo dnf install ipcalc

and, finally, if running Arch, Manjaro, or Garuda Linux or a derivative of Arch, use:

$ sudo pacman -Sy ipcalc

When running ipcalc in the Terminal, if you pass an IPv4 Address to ipcalc as an argument, then ipcalc assumes the subnet mask is 255.255.255.0. So, here is the stdout if I issue 192.168.1.0 as the IPv4 address passed to this utility:

Looking at the screenshot above, when I issued the Class C network IPv4 address of 192.168.1.0 to ipcalc, it tells me that:

• Network = 192.168.1.0 (Not assignable to PCs and other network nodes)
• Netmask (short for Network or Subnet Mask) = 255.255.255.0 = 24
• Wildcard = 0.0.0.255 = 00000000.00000000.00000000.11111111 ( in binary)
• First Available Host IPv4 Address = 192.168.1.1 (typically the IPv4 Address of your home router)
• Last Available Host IPv4 Address = 192.168.1.254 (last assignable IP address to PCs & network nodes)
• Broadcast = 192.168.1.255 (IPv4 address used to send traffic to all nodes on the network in a network broadcast, which is not assignable to PCs & network nodes)
• Hosts/Net = Number of hosts which can be assigned to the Class C, Private Internet network = 254

The class of a network is identified by the number of bits used for the network ID and the subnet ID, plus the few remaining bits used to contain the class, referred to as the leading bits.

• Class A Network: Leading bits 0. IP addresses start with 0. Default subnet is 255.0.0.0. CIDR notation is /8.
• Class B Network: Leading bits 10. IP addresses start with 128. Default subnet is 255.255.0.0. CIDR notation is /16.
• Class C Network: Leading bits 110. IP addresses start with 192. Default subnet is 255.255.255.0. CIDR notation is /24.
• Class D Network: Leading bits 1110. IP addresses start with 224. Default subnet is undefined. CIDR notation is /4.

Changing the Subnet Mask

It’s important to state here that using ipcalc to assist with calculating the configuration of a subnetted network does not make any changes. It just allows us to know what the settings that need to be changed are and what they are. So, for example, let’s take an example where we change the Subnet Mask using a Class C network and alter the CIDR from /24 to /16. You can enter this in the Terminal using ipcalc as follows:

$ ipcalc 192.168.1.0/16 OR $ ipcalc 192.168.1.0 /16 OR $ ipcalc 192.168.1.0 255.255.0.0

Note, above, that a space can be inserted between the IP address and the CIDR notation or not. Both work equally:

Changing Class C Network using the /16 CIDR Notation

Thus, the

By performing the subnetting above, we still get 65534 network assignments which we can make.

Using ipcalc With Subnets

Let’s assume that we wish to add three subnets to our network with 20, 15, and 80 hosts respectively. Here, we can use the -s option with ipcalc to calculate the subnet setup as follows:

$ 192.168.1.0 -s 20 15 80

Running this command gives us the following output:

Subnets 1 & 2

Subnet 3

In summary, the subnets that are to be configured are:

First Subnet:

• Subnet Mask: 255.255.255.224
• First IP address: 192.168.1.129
• Last IP address: 192.168.1.158
• Subnet Capacity: 30 devices

Second Subnet:

• Subnet Mask: 255.255.255.224
• First IP address: 192.168.1.161
• Last IP address: 192.168.1.190
• Subnet Capacity: 30 devices

Third Subnet:

• Subnet Mask: 255.255.255.128
• First IP address: 192.168.1.1
• Last IP address: 192.168.1.126
• Subnet Capacity: 126

Since the first and second subnets have the same Subnet Mask, the first three bits of the last quad in the HostMin & HostMax IP addresses (and those in between) are differentiated by the fact that these values are 100 and 101, respectively, allowing your home router to route traffic correctly.

You can easily see that using the ipcalc utility in the CLI would be invaluable for ensuring you, as the network Sysadmin, don’t make a mistake when configuring your subnets on your network.