Skip to content
Dev Utilities 9 min read

IP Subnetting: CIDR Notation, Network Masks, and Subnet Math

Learn how CIDR notation works, how to calculate network address, broadcast address, host range, and usable IPs from any subnet mask, with practical examples for AWS VPCs and Docker networks.

ToolsVito Team

IPv4 Address Structure

An IPv4 address is 32 bits, written as four octets in decimal:

192.168.1.100
↓ in binary:
11000000.10101000.00000001.01100100

Every IP address has two parts: the network portion (identifies the subnet) and the host portion (identifies the device within the subnet). The subnet mask determines where the split happens.

CIDR Notation

CIDR (Classless Inter-Domain Routing) expresses the network prefix length as a number after a slash:

192.168.1.0/24
           ↑ 24 bits are the network portion
           → subnet mask: 255.255.255.0 (24 ones followed by 8 zeros)
Prefix /8   → mask 255.0.0.0       → 16,777,214 hosts
Prefix /16  → mask 255.255.0.0     → 65,534 hosts
Prefix /24  → mask 255.255.255.0   → 254 hosts
Prefix /28  → mask 255.255.255.240 → 14 hosts
Prefix /32  → mask 255.255.255.255 → 1 host (single IP)

Calculating Subnet Values

Given 192.168.10.0/26:

Network bits: 26
Host bits: 32 - 26 = 6
Total addresses: 2^6 = 64
Usable hosts: 64 - 2 = 62  (subtract network + broadcast)

Subnet mask: 255.255.255.192
  (.192 = 11000000 = 128+64 = first 2 bits of last octet)

Network address: 192.168.10.0   (all host bits = 0)
Broadcast address: 192.168.10.63  (all host bits = 1)
First usable: 192.168.10.1
Last usable: 192.168.10.62

Subnetting a /24 into Smaller Blocks

// Divide 192.168.1.0/24 into four /26 subnets:
192.168.1.0/26    hosts: .1 – .62
192.168.1.64/26   hosts: .65 – .126
192.168.1.128/26  hosts: .129 – .190
192.168.1.192/26  hosts: .193 – .254

Private IP Ranges (RFC 1918)

10.0.0.0/8       →  10.0.0.0 – 10.255.255.255  (16M addresses)
172.16.0.0/12    →  172.16.0.0 – 172.31.255.255 (1M addresses)
192.168.0.0/16   →  192.168.0.0 – 192.168.255.255 (65K addresses)

// Reserved for loopback
127.0.0.0/8      → 127.x.x.x (loopback — 127.0.0.1)

// Reserved for link-local (APIPA)
169.254.0.0/16   → auto-assigned when DHCP fails

AWS VPC CIDR Planning

// VPC CIDR: 10.0.0.0/16 (65,534 addresses)
// Divide into AZ subnets:

Public subnets (one per AZ):
  10.0.1.0/24  → us-east-1a  (254 hosts)
  10.0.2.0/24  → us-east-1b
  10.0.3.0/24  → us-east-1c

Private subnets:
  10.0.10.0/24 → us-east-1a  (254 hosts)
  10.0.11.0/24 → us-east-1b
  10.0.12.0/24 → us-east-1c

Database subnets (smaller, isolated):
  10.0.20.0/28 → us-east-1a  (14 hosts)
  10.0.20.16/28 → us-east-1b

Docker and Kubernetes Networks

# Docker default bridge: 172.17.0.0/16
# Docker Compose default: 172.x.0.0/20 (auto-assigned)
# Custom network:
networks:
  app-net:
    ipam:
      config:
        - subnet: 10.5.0.0/24

# Kubernetes pod CIDR: typically 10.244.0.0/16 (Flannel)
# Kubernetes service CIDR: typically 10.96.0.0/12

Calculate Subnets Instantly

Use ToolsVito's IP Subnet Calculator to compute network address, broadcast, host range, and CIDR breakdown for any IP/mask combination.

Try it now — free, runs in your browser

IP Subnet Calculator

CIDR ranges & masks
All articles

More articles

Encode & Decode Base64 Encoding & Decoding: The Complete Developer Guide 7 min Security JWT Explained: Decoding JSON Web Tokens Without a Library 8 min Security MD5, SHA-1, SHA-256: Hash Functions Compared for Developers 9 min