Articles

Subnets Explained: Divide Networks into Segments (2026)

March 12, 2026 8 min read intermediate

Subnets aren’t just about dividing networks; they’re about making them more efficient and secure by creating smaller, manageable broadcast domains.

Let’s see this in action. Imagine a small office network with a single Class C IP address range: 192.168.1.0/24. This gives us 254 usable IP addresses (192.168.1.1 to 192.168.1.254). If all devices in the office – computers, printers, phones – are in this single flat network, every broadcast message (like an ARP request for an IP address) goes to every device. As the network grows, this can lead to a lot of unnecessary traffic and can impact performance.

By subnetting, we can break this /24 network into smaller pieces. For instance, we could create two subnets:

  • Subnet 1 (Marketing): 192.168.1.0/25
  • Subnet 2 (Engineering): 192.168.1.128/25

Here’s what that looks like under the hood:

The original /24 network has a subnet mask of 255.255.255.0. The /25 subnet mask is 255.255.255.128.

  • Subnet 1 (192.168.1.0/25):
    • Network Address: 192.168.1.0
    • Usable IPs: 192.168.1.1 to 192.168.1.126
    • Broadcast Address: 192.168.1.127
  • Subnet 2 (192.168.1.128/25):
    • Network Address: 192.168.1.128
    • Usable IPs: 192.168.1.129 to 192.168.1.254
    • Broadcast Address: 192.168.1.255

Notice how we borrowed one bit from the host portion of the IP address to create the subnet. This effectively halves the available host addresses per subnet but creates two distinct subnets. Now, a broadcast within Subnet 1 only reaches devices in Subnet 1, and a broadcast within Subnet 2 only reaches devices in Subnet 2. This significantly reduces broadcast traffic.

The core problem subnetting solves is the inherent inefficiency and security limitations of large, flat networks. Without subnets, every device is in the same broadcast domain. This means:

  1. Performance Degradation: As mentioned, broadcast traffic can overwhelm devices.
  2. Security Risks: A compromised device in a flat network can potentially "see" and interact with every other device.
  3. Management Complexity: Tracking and managing a massive list of IP addresses becomes a nightmare.

Subnetting addresses these by:

  • Reducing Broadcast Domains: Each subnet is its own broadcast domain. Broadcasts don’t cross subnet boundaries unless explicitly routed.
  • Improving Security: By segmenting the network, you can apply security policies (like firewall rules) between subnets, controlling what traffic is allowed to flow. For example, you could block direct access from the Marketing subnet to sensitive Engineering servers.
  • Enhancing Organization: Subnets can be logically mapped to physical locations, departments, or types of devices, making network administration more intuitive.
  • Optimizing IP Address Usage: While it might seem counterintuitive, subnetting allows for more precise allocation of IP addresses, preventing the waste that can occur when a large block is assigned to a department that doesn’t use it all.

To implement this, you’d configure your router or Layer 3 switch. For instance, if you have a router with interfaces for each subnet:

  • Interface for Subnet 1:
    • IP Address: 192.168.1.1
    • Subnet Mask: 255.255.255.128
  • Interface for Subnet 2:
    • IP Address: 192.168.1.129
    • Subnet Mask: 255.255.255.128

Devices within each subnet would use the IP address of their respective router interface as their default gateway.

The number of subnets you can create from a given network is determined by how many bits you "borrow" for the subnet ID. If you borrow n bits, you can create 2^n subnets. However, the two "all-zeros" and "all-ones" subnet IDs are often reserved or unusable in older networking contexts, though modern practice generally allows their use. For example, borrowing 2 bits from a /24 network (192.168.1.0/24) would create 2^2 = 4 subnets:

  • 192.168.1.0/26 (mask 255.255.255.192)
  • 192.168.1.64/26
  • 192.168.1.128/26
  • 192.168.1.192/26

The key to understanding subnetting is recognizing that the subnet mask dictates both the network portion and the host portion of an IP address. When you "AND" an IP address with its subnet mask, you get the network address. The bits that are "1" in the subnet mask belong to the network and subnet ID, while the bits that are "0" belong to the host.

A common misconception is that subnetting always reduces the number of available hosts. While it does reduce the number of hosts per subnet, it allows you to create more networks (subnets) within a larger address space, which can lead to more efficient overall IP address utilization by preventing the allocation of excessively large blocks to small groups. It’s a trade-off: more segments for better control and efficiency, at the cost of fewer hosts per segment.

Once you’ve mastered subnetting, the next logical step is understanding how these separate subnets communicate with each other, which leads directly into the world of routing.

Want structured learning?

Take the full Computer Networking course →