An IP (Internet Protocol) address is a unique identifier for a node or host connection on an IP network. An IP address is a 32 bit binary number usually represented as 4 decimal values, each representing 8 bits, in the range 0 to 255 (known as octets) separated by decimal points. This is known as "dotted decimal" notation.


Example: or in binary form 10001100.10110011.11011100.11001000


Every IP address consists of two parts, one identifying the network and one identifying the node. The Class of the address and the subnet mask determine which part belongs to the network address and which part belongs to the node address.


Address Classes

There are 5 different address classes. You can determine which class any IP address is in by examining the first 4 bits of the IP address.


                    Class A addresses begin with 0xxx, or 1 to 126 decimal.

                    Class B addresses begin with 10xx, or 128 to 191 decimal.

                    Class C addresses begin with 110x, or 192 to 223 decimal.

                    Class D addresses begin with 1110, or 224 to 239 decimal.

                    Class E addresses begin with 1111, or 240 to 254 decimal.


Addresses beginning with 01111111, or 127 decimal, are reserved for loopback and for internal testing on a local machine. [You can test this: you should always be able to ping, which points to yourself] Class D addresses are reserved for multicasting. Class E addresses are reserved for future use. They should not be used for host addresses. Now we can see how the Class determines, by default, which part of the IP address belongs to the network (N) and which part belongs to the host (H).






In the example, is a Class B address so by default the Network part of the address (also known as the Network Address) is defined by the first two octets (140.179.x.x) and the node part is defined by the last 2 octets (x.x.220.200).


In order to specify the network address for a given IP address, the node section is set to all "0"s. In our example, specifies the network address for When the node section is set to all "1"s, it specifies a broadcast that is sent to all hosts on the network. specifies the example broadcast address. Note that this is true regardless of the length of the node section.












Subnetting an IP Network can be done for a variety of reasons, including organization, use of different physical media (such as Ethernet, FDDI, WAN, etc.), preservation of address space, and security. The most common reason is to control network traffic. In an Ethernet network, all nodes on a segment see all the packets transmitted by all the other nodes on that segment. Performance can be adversely affected under heavy traffic loads, due to collisions and the resulting retransmissions. A router is used to connect IP networks to minimize the amount of traffic each segment must receive.


Subnet Masking

Applying a subnet mask to an IP address allows you to identify the network and node parts of the address. Performing a bitwise logical AND operation between the IP address and the subnet mask results in the Network Address or Number. The logical AND operation compares 2 bits and if they are both "1", then the result is "1", otherwise, the result is "0".


For example, using our test IP address and the default Class B subnet mask, we get:


10001100.10110011.11110000.11001000 IP Address

11111111.11111111.00000000.00000000 Default Subnet Mask


10001100.10110011.00000000.00000000 Network Address


Default subnet masks:


                    Class A - - 11111111.00000000.00000000.00000000

                    Class B - - 11111111.11111111.00000000.00000000

                    Class C - - 11111111.11111111.11111111.00000000


Additional bits can be added to the default subnet mask for a given Class to further subnet, or break down, a network. When a bitwise logical AND operation is performed between the subnet mask and IP address, the result defines the Subnet Address. There are some restrictions on the subnet address. Node addresses of all "0"s and all "1"s are reserved for specifying the local network (when a host does not know it's network address) and all hosts on the network (broadcast address), respectively. This also applies to subnets. A subnet address cannot be all "0"s or all "1"s. This also implies that a 1 bit subnet mask is not allowed. This restriction is required because older standards enforced this restriction. Recent standards that allow use of these subnets have superceded these standards, but many "legacy" devices do not support the newer standards. If you are operating in a controlled environment, such as a lab, you can safely use these restricted subnets.


To calculate the number of subnets or nodes, use the formula (2^n - 2) where n = number of bits in either field. Multiplying the number of subnets by the number of nodes available per subnet gives you the total number of nodes available for your class and subnet mask. Also, note that although subnet masks with non-contiguous mask bits are allowed they are not recommended.



10001100.10110011.11011100.11001000 IP Address

11111111.11111111.11100000.00000000 Subnet Mask


10001100.10110011.11000000.00000000 Subnet Address

10001100.10110011.11011111.11111111 Broadcast Address

(Notice the broadcast address in one less than the subnet mask)

In this example a 3 bit subnet mask was used. There are 6 subnets available with this size mask (remember that subnets with all 0's and all 1's are not allowed). Each subnet has 8190 nodes. Each subnet can have nodes assigned to any address between the Subnet address and the Broadcast address. This gives a total of 49,140 nodes for the entire class B address subnetted this way. Notice that this is less than the 65,534 nodes an unsubnetted class B address would have.


Subnetting always reduces the number of possible nodes for a given network. There are complete subnet tables available here for Class A, Class B and Class C. These tables list all the possible subnet masks for each class, along with calculations of the number of networks, nodes and total hosts for each subnet.


Here is another, more detailed, example. Say you are assigned a Class C network number of (apologies to anyone who may actually own this domain address). You want to utilize this network across multiple small groups within an organization. You can do this by subnetting that network with a subnet address.

We will break this network into 14 subnets of 14 nodes each. This will limit us to 196 nodes on the network instead of the 254 we would have without subnetting, but gives us the advantages of traffic isolation and security. To accomplish this, we need to use a subnet mask 4 bits long.


Recall that the default Class C subnet mask is (11111111.11111111.11111111.00000000 binary)


Extending this by 4 bits yields a mask of (11111111.11111111.11111111.11110000 binary)


This gives us 16 possible network numbers, 2 of which cannot be used:


Subnet bits Network Number Node Addresses Broadcast Address

0000 Reserved None

0001 .17 thru .30

0010 .33 thru .46

0011 .49 thru .62

0100 .65 thru .78

0101 .81 thru .94

0110 .97 thru .110

0111 .113 thru .126

1000 .129 thru .142

1001 .145 thru .158

1010 .161 thru .174

1011 .177 thru .190

1100 .193 thru .206

1101 .209 thru .222

1110 .225 thru .238

1111 Reserved None









Now that you understand "classful" IP Subnetting principals, you can forget them ;). The reason is CIDR -- Classless InterDomain Routing. CIDR was invented several years ago to keep the internet from running out of IP addresses. The "classful" system of allocating IP addresses can be very wasteful; anyone who could reasonably show a need for more that 254 host addresses was given a Class B address block of 65533 host addresses. Even more wasteful were companies and organizations that were allocated Class A address blocks, which contain over 16 Million host addresses! Only a tiny percentage of the allocated Class A and Class B address space has ever been actually assigned to a host computer on the Internet.

People realized that addresses could be conserved if the class system was eliminated. By accurately allocating only the amount of address space that was actually needed, the address space crisis could be avoided for many years. This was first proposed in 1992 as a scheme called Supernetting. Under supernetting, the classful subnet masks are extended so that a network address and subnet mask could, for example, specify multiple Class C subnets with one address. For example, If I needed about 1000 addresses, I could supernet 4 Class C networks together: (11000000.00111100.10000000.00000000)Class C subnet address (11000000.00111100.10000001.00000000)Class C subnet address (11000000.00111100.10000010.00000000)Class C subnet address (11000000.00111100.10000011.00000000)Class C subnet address

-------------------------------------------------------- (11000000.00111100.10000000.00000000)Supernetted Subnet address (11111111.11111111.11111100.00000000)Subnet Mask (11000000.00111100.10000011.11111111)Broadcast address


In this example, the subnet includes all the addresses from to As you can see in the binary representation of the subnet mask, the Network portion of the address is 22 bits long, and the host portion is 10 bits long.


Under CIDR, the subnet mask notation is reduced to a simplified shorthand. Instead of spelling out the bits of the subnet mask, it is simply listed as the number of 1s bits that start the mask. In the above example, instead of writing the address and subnet mask as, Subnet Mask


the network address would be written simply as:


which indicates starting address of the network, and number of 1s bits (22) in the network portion of the address. If you look at the subnet mask in binary (11111111.11111111.11111100.00000000), you can easily see how this notation works.


The use of a CIDR notated address is the same as for a Classful address. Classful addresses can easily be written in CIDR notation (Class A = /8, Class B = /16, and Class C = /24)






It is currently almost impossible for an individual or company to be allocated their own IP address blocks. You will simply be told to get them from your ISP. The reason for this is the ever-growing size of the internet routing table. Just 5 years ago, there were less than 5000 network routes in the entire Internet. Today, there are over 90,000. Using CIDR, the biggest ISPs are allocated large chunks of address space (usually with a subnet mask of /19 or even smaller); the ISP's customers (often other, smaller ISPs) are then allocated networks from the big ISP's pool. That way, all the big ISP's customers (and their customers, and so on) are accessible via 1 network route on the Internet. But I digress.


It is expected that CIDR will keep the Internet happily in IP addresses for the next few years at least. After that, IPv6, with 128 bit addresses, will be needed. Under IPv6, even sloppy address allocation would comfortably allow a billion unique IP addresses for every person on earth! The complete and gory details of CIDR are documented in RFC1519, which was released in September of 1993.


Allowed Class A Subnet and Host IP addresses

# bits Subnet Mask # Subnets # Hosts

2 2 4194302

3 6 2097150

4 14 1048574

5 30 524286

6 62 262142

7 126 131070

8 254 65534

9 510 32766

10 1022 16382

11 2046 8190

12 4094 4094

13 8190 2046

14 16382 1022

15 32766 510

16 65534 254

17 131070 126

18 262142 62

19 524286 30

20 1048574 14

21 2097150 6

22 4194302 2









Allowed Class B Subnet and Host IP addresses

# bits Subnet Mask # Subnets # Hosts

2 2 16382

3 6 8190

4 14 4094

5 30 2046

6 62 1022

7 126 510

8 254 254

9 510 126

10 1022 62

11 2046 30

12 4094 14

13 8190 6

14 16382 2



Allowed Class C Subnet and Host IP addresses


# bits Subnet Mask # Subnets # Hosts

2 2 62

3 6 30

4 14 14

5 30 6

6 62 2




Private Subnets

There are three IP network addresses reserved for private networks. The addresses are,, and They can be used by anyone setting up internal IP networks, such as a lab or home LAN behind a NAT or proxy server or a router. It is always safe to use these because routers on the Internet will never forward packets coming from these addresses. These addresses are defined in RFC 1918.


References and Sources


* Overall RFC Index

* RFC 1918 - Address Allocation for Private Internets

* RFC 1219 - On the Assignment of Subnet Numbers

* RFC 950 - Internet standard subnetting procedure

* RFC 940 - Toward an Internet standard scheme for subnetting

* RFC 932 - Subnetwork addressing scheme

* RFC 917 - Internet subnets