A subnetwork or subnet is a logical subdivision of an
IP network
The Internet protocol suite, commonly known as TCP/IP, is a framework for organizing the set of communication protocols used in the Internet and similar computer networks according to functional criteria. The foundational protocols in the suit ...
.
[ Updated by RFC 6918.] The practice of dividing a network into two or more networks is called subnetting.
Computers that belong to the same subnet are addressed with an identical
most-significant bit
In computing, bit numbering is the convention used to identify the bit positions in a binary number.
Bit significance and indexing
In computing, the least significant bit (LSB) is the bit position in a binary integer representing the binar ...
-group in their
IP address
An Internet Protocol address (IP address) is a numerical label such as that is connected to a computer network that uses the Internet Protocol for communication.. Updated by . An IP address serves two main functions: network interface ident ...
es. This results in the logical division of an IP address into two fields: the ''network number'' or ''routing prefix'' and the ''rest field'' or ''host identifier''. The ''rest field'' is an identifier for a specific
host
A host is a person responsible for guests at an event or for providing hospitality during it.
Host may also refer to:
Places
* Host, Pennsylvania, a village in Berks County
People
*Jim Host (born 1937), American businessman
* Michel Host ...
or network interface.
The ''routing prefix'' may be expressed in
Classless Inter-Domain Routing
Classless Inter-Domain Routing (CIDR ) is a method for allocating IP addresses and for IP routing. The Internet Engineering Task Force introduced CIDR in 1993 to replace the previous classful network addressing architecture on the Internet. Its g ...
(CIDR) notation written as the first address of a network, followed by a slash character (''/''), and ending with the bit-length of the prefix. For example, is the prefix of the
Internet Protocol version 4
Internet Protocol version 4 (IPv4) is the fourth version of the Internet Protocol (IP). It is one of the core protocols of standards-based internetworking methods in the Internet and other packet-switched networks. IPv4 was the first version de ...
network starting at the given address, having 24 bits allocated for the network prefix, and the remaining 8 bits reserved for host addressing. Addresses in the range to belong to this network, with as the subnet broadcast address. The
IPv6
Internet Protocol version 6 (IPv6) is the most recent version of the Internet Protocol (IP), the communication protocol, communications protocol that provides an identification and location system for computers on networks and routes traffic ...
address specification is a large address block with 2
96 addresses, having a 32-bit routing prefix.
For IPv4, a network may also be characterized by its subnet mask or netmask, which is the
bitmask
In computer science, a mask or bitmask is data that is used for bitwise operations, particularly in a bit field. Using a mask, multiple bits in a byte, nibble, word, etc. can be set either on or off, or inverted from on to off (or vice versa) in ...
that, when applied by a
bitwise AND
In computer programming, a bitwise operation operates on a bit string, a bit array or a binary numeral (considered as a bit string) at the level of its individual bits. It is a fast and simple action, basic to the higher-level arithmetic oper ...
operation to any IP address in the network, yields the routing prefix. Subnet masks are also expressed in
dot-decimal notation
Dot-decimal notation is a presentation format for numerical data. It consists of a string of decimal numbers, using the full stop (''dot'') as a separation character.
A common use of dot-decimal notation is in information technology where it is ...
like an IP address. For example, the prefix would have the subnet mask .
Traffic is exchanged between subnetworks through
routers when the routing prefixes of the source address and the destination address differ. A router serves as a logical or physical boundary between the subnets.
The benefits of subnetting an existing network vary with each deployment scenario. In the address allocation architecture of the Internet using CIDR and in large organizations, it is necessary to allocate address space efficiently. Subnetting may also enhance routing efficiency, or have advantages in network management when subnetworks are administratively controlled by different entities in a larger organization. Subnets may be arranged logically in a hierarchical architecture, partitioning an organization's network address space into a tree-like routing structure, or other structures such as meshes.
Network addressing and routing
Computers participating in a network such as the
Internet
The Internet (or internet) is the global system of interconnected computer networks that uses the Internet protocol suite (TCP/IP) to communicate between networks and devices. It is a '' network of networks'' that consists of private, pub ...
each have at least one
network address
A network address is an identifier for a node or host on a telecommunications network. Network addresses are designed to be unique identifiers across the network, although some networks allow for local, private addresses, or locally administer ...
. Usually, this address is unique to each device and can either be configured automatically with the
Dynamic Host Configuration Protocol (DHCP) by a network server, manually by an administrator, or automatically by
stateless address autoconfiguration
In computer networking, a link-local address is a unicast network address that is valid only for communications within the subnetwork that the host is connected to. Link-local addresses are most often assigned automatically with a process known a ...
.
An address fulfills the functions of identifying the host and locating it on the network. The most common network addressing architecture is
Internet Protocol version 4
Internet Protocol version 4 (IPv4) is the fourth version of the Internet Protocol (IP). It is one of the core protocols of standards-based internetworking methods in the Internet and other packet-switched networks. IPv4 was the first version de ...
(IPv4), but its successor,
IPv6
Internet Protocol version 6 (IPv6) is the most recent version of the Internet Protocol (IP), the communication protocol, communications protocol that provides an identification and location system for computers on networks and routes traffic ...
, has been increasingly
deployed since approximately 2006. An
IPv4 address
Internet Protocol version 4 (IPv4) is the fourth version of the Internet Protocol (IP). It is one of the core protocols of standards-based internetworking methods in the Internet and other packet-switched networks. IPv4 was the first version d ...
consists of 32 bits. An
IPv6 address
An Internet Protocol Version 6 address (IPv6 address) is a numeric label that is used to identify and locate a network interface of a computer or a network node participating in a computer network using IPv6. IP addresses are included in the ...
consists of 128 bits. In both systems, an IP address is divided into two logical parts, the ''network prefix'' and the ''host identifier''. All hosts on a subnetwork have the same network prefix. This prefix occupies the most-significant bits of the address. The number of bits allocated within a network to the prefix may vary between subnets, depending on the network architecture. The host identifier is a unique local identification and is either a host number on the local network or an interface identifier.
This addressing structure permits the selective
routing
Routing is the process of selecting a path for traffic in a network or between or across multiple networks. Broadly, routing is performed in many types of networks, including circuit-switched networks, such as the public switched telephone netw ...
of IP packets across multiple networks via special gateway computers, called
routers, to a destination host if the network prefixes of origination and destination hosts differ, or sent directly to a target host on the local network if they are the same. Routers constitute logical or physical borders between the subnets, and manage traffic between them. Each subnet is served by a designated default router but may consist internally of multiple physical
Ethernet
Ethernet () is a family of wired computer networking technologies commonly used in local area networks (LAN), metropolitan area networks (MAN) and wide area networks (WAN). It was commercially introduced in 1980 and first standardized in 198 ...
segments interconnected by
network switch
A network switch (also called switching hub, bridging hub, and, by the IEEE, MAC bridge) is networking hardware that connects devices on a computer network by using packet switching to receive and forward data to the destination device.
A netw ...
es.
The routing prefix of an address is identified by the ''subnet mask'', written in the same form used for IP addresses. For example, the subnet mask for a routing prefix that is composed of the most-significant 24 bits of an IPv4 address is written as .
The modern standard form of specification of the network prefix is CIDR notation, used for both IPv4 and IPv6. It counts the number of bits in the prefix and appends that number to the address after a ''slash'' (/) character separator. This notation was introduced with
Classless Inter-Domain Routing
Classless Inter-Domain Routing (CIDR ) is a method for allocating IP addresses and for IP routing. The Internet Engineering Task Force introduced CIDR in 1993 to replace the previous classful network addressing architecture on the Internet. Its g ...
(CIDR).
In IPv6 this is the only standards-based form to denote network or routing prefixes.
For example, the IPv4 network with the subnet mask is written as , and the IPv6 notation designates the address and its network prefix consisting of the most significant 32 bits.
In
classful network
A classful network is an obsolete network addressing architecture used in the Internet from 1981 until the introduction of Classless Inter-Domain Routing (CIDR) in 1993. The method divides the IP address space for Internet Protocol version 4 (IP ...
ing in IPv4, before the introduction of CIDR, the network prefix could be directly obtained from the IP address, based on its highest-order bit sequence. This determined the class (A, B, C) of the address and therefore the subnet mask. Since the introduction of CIDR, however, the assignment of an IP address to a network interface requires two parameters, the address and a subnet mask.
Given an IPv4 source address, its associated subnet mask, and the destination address, a router can determine whether the destination is on a locally connected network or a remote network. The subnet mask of the destination is not needed, and is generally not known to a router.
[ Updated by RFC 1349, RFC 4379, RFC 5884, RFC 6093, RFC 6298, RFC 6633, RFC 6864, RFC 8029.] For IPv6, however, on-link determination is different in detail and requires the
Neighbor Discovery Protocol
The Neighbor Discovery Protocol (NDP), or simply Neighbor Discovery (ND), is a protocol of the Internet protocol suite used with Internet Protocol Version 6 (IPv6). It operates at the link layer of the Internet model, and is responsible for gat ...
(NDP).
IPv6 address assignment to an interface carries no requirement of a matching on-link prefix and vice versa, with the exception of
link-local address
In computer networking, a link-local address is a unicast network address that is valid only for communications within the subnetwork that the host is connected to. Link-local addresses are most often assigned automatically with a process known a ...
es.
Since each locally connected subnet must be represented by a separate entry in the
routing table
In computer networking, a routing table, or routing information base (RIB), is a data table stored in a router or a network host that lists the routes to particular network destinations, and in some cases, metrics (distances) associated with tho ...
s of each connected router, subnetting increases routing complexity. However, by careful design of the network, routes to collections of more distant subnets within the branches of a tree hierarchy can be aggregated into a
supernetwork
A supernetwork, or supernet, is an Internet Protocol (IP) network that is formed by aggregation of multiple networks (or subnets) into a larger network. The new routing prefix for the aggregate network represents the constituent networks in a s ...
and represented by single routes.
Internet Protocol version 4
Determining the network prefix
An IPv4 subnet mask consists of 32 bits; it is a sequence of ones (''1'') followed by a block of zeros (''0''). The ones indicate bits in the address used for the network prefix and the trailing block of zeros designates that part as being the host identifier.
The following example shows the separation of the network prefix and the host identifier from an address () and its associated subnet mask (). The operation is visualized in a table using
binary
Binary may refer to:
Science and technology Mathematics
* Binary number, a representation of numbers using only two digits (0 and 1)
* Binary function, a function that takes two arguments
* Binary operation, a mathematical operation that ta ...
address formats.
The result of the
bitwise AND
In computer programming, a bitwise operation operates on a bit string, a bit array or a binary numeral (considered as a bit string) at the level of its individual bits. It is a fast and simple action, basic to the higher-level arithmetic oper ...
operation of IP address and the subnet mask is the network prefix . The host part, which is , is derived by the bitwise AND operation of the address and the
one's complement
The ones' complement of a binary number is the value obtained by inverting all the bits in the binary representation of the number (swapping 0s and 1s). The name "ones' complement" (''note this is possessive of the plural "ones", not of a sin ...
of the subnet mask.
Subnetting
Subnetting is the process of designating some high-order bits from the host part as part of the network prefix and adjusting the subnet mask appropriately. This divides a network into smaller subnets. The following diagram modifies the above example by moving 2 bits from the host part to the network prefix to form four smaller subnets each one quarter of the previous size.
Special addresses and subnets
IPv4 uses specially designated address formats to facilitate recognition of special address functionality. The first and the last subnets obtained by subnetting a larger network have traditionally had a special designation and, early on, special usage implications. In addition, IPv4 uses the ''all ones'' host address, i.e. the last address within a network, for broadcast transmission to all hosts on the link.
The first subnet obtained from subnetting a larger network has all bits in the subnet bit group set to zero. It is therefore called ''subnet zero''. The last subnet obtained from subnetting a larger network has all bits in the subnet bit group set to one. It is therefore called the ''all-ones subnet''.
The IETF originally discouraged the production use of these two subnets. When the prefix length is not available, the larger network and the first subnet have the same address, which may lead to confusion. Similar confusion is possible with the broadcast address at the end of the last subnet. Therefore, reserving the subnet values consisting of all zeros and all ones on the public Internet was recommended,
reducing the number of available subnets by two for each subnetting. This inefficiency was removed, and the practice was declared obsolete in 1995 and is only relevant when dealing with legacy equipment.
[ (Informational RFC, demoted to category ''Historic'')]
Although the all-zeros and the all-ones host values are reserved for the network address of the subnet and its
broadcast address, respectively, in systems using CIDR all subnets are available in a subdivided network. For example, a network can be divided into sixteen usable networks. Each broadcast address, i.e. , , …, , reduces only the host count in each subnetwork.
Subnet host count
The number of subnetworks available and the number of possible hosts in a network may be readily calculated. For instance, the network may be subdivided into the following four subnets. The highlighted two address bits become part of the network number in this process.
The remaining bits after the subnet bits are used for addressing hosts within the subnet. In the above example, the subnet mask consists of 26 bits, making it 255.255.255.192, leaving 6 bits for the host identifier. This allows for 62 host combinations (2
6−2).
In general, the number of available hosts on a subnet is 2
''h''−2, where ''h'' is the number of bits used for the host portion of the address. The number of available subnets is 2
''n'', where ''n'' is the number of bits used for the network portion of the address.
There is an exception to this rule for 31-bit subnet masks,
which means the host identifier is only one bit long for two permissible addresses. In such networks, usually
point-to-point links, only two hosts (the endpoints) may be connected and a specification of network and broadcast addresses is not necessary.
Internet Protocol version 6
The design of the
IPv6
Internet Protocol version 6 (IPv6) is the most recent version of the Internet Protocol (IP), the communication protocol, communications protocol that provides an identification and location system for computers on networks and routes traffic ...
address space differs significantly from IPv4. The primary reason for subnetting in IPv4 is to improve efficiency in the utilization of the relatively small address space available, particularly to enterprises. No such limitations exist in IPv6, as the large address space available, even to end-users, is not a limiting factor.
As in IPv4, subnetting in IPv6 is based on the concepts of variable-length subnet masking (VLSM) and the
Classless Inter-Domain Routing
Classless Inter-Domain Routing (CIDR ) is a method for allocating IP addresses and for IP routing. The Internet Engineering Task Force introduced CIDR in 1993 to replace the previous classful network addressing architecture on the Internet. Its g ...
methodology. It is used to route traffic between the global allocation spaces and within customer networks between subnets and the Internet at large.
A compliant IPv6 subnet always uses addresses with 64 bits in the host identifier.
Given the address size of 128 bits, it therefore has a /64 routing prefix. Although it is technically possible to use smaller subnets,
they are impractical for local area networks based on Ethernet technology, because 64 bits are required for
stateless address autoconfiguration
In computer networking, a link-local address is a unicast network address that is valid only for communications within the subnetwork that the host is connected to. Link-local addresses are most often assigned automatically with a process known a ...
.
The
Internet Engineering Task Force
The Internet Engineering Task Force (IETF) is a standards organization for the Internet and is responsible for the technical standards that make up the Internet protocol suite (TCP/IP). It has no formal membership roster or requirements and a ...
recommends the use of subnets for point-to-point links, which have only two hosts.
IPv6 does not implement special address formats for broadcast traffic or network numbers,
and thus all addresses in a subnet are acceptable for host addressing. The all-zeroes address is reserved as the subnet-router anycast address.
The subnet router anycast address is the lowest address in the subnet, so it looks like the “network address”. If a router has multiple subnets on the same link, then it has multiple subnet router anycast addresses on that link. The first and last address in any network or subnet is not allowed to be assigned to any individual host.
In the past, the recommended allocation for an IPv6 customer site was an address space with a 48-bit () prefix.
However, this recommendation was revised to encourage smaller blocks, for example using 56-bit prefixes.
Another common allocation size for residential customer networks has a 64-bit prefix.
See also
*
Autonomous system (Internet)
An autonomous system (AS) is a collection of connected Internet Protocol (IP) routing prefixes under the control of one or more network operators on behalf of a single administrative entity or domain, that presents a common and clearly defined rou ...
References
Further reading
*
*
*
*
*
*
External links
Cisco-IP Addressing and Subnetting for New Users*
{{Authority control
Routing
IP addresses
Internet architecture