Online IP Subnet Calculator - IP address, subnet mask, CIDR, address ranges, broadcast, calculation

You can find Czech version of the description below in my article TCP/IP - adresy, masky, subnety a vypocty.


Example: or /17

What is a computer network?

A computer network is a connection of two or more computers some form of telecommunication system. The reason for using a computer network is to share sources. We can classify networks by many parameters. Some frequently used technologies are Ethernet, with protocol TCP/IP, for Local Area Network (LAN - cover a small geographical area and provide high bandwidth with low delays) and Frame Relay for Wide Area Network (WAN - interconnecting of LANs).

What is a subnet (subnetwork)?

Because real networks are really large, we can't communicate directly with all computers. So we divide a networks into smaller parts (hierarchically) and these parts are called subnetworks. Another reason is because we need to assigne some addresses to some organizations. LAN is a subnet or group of a subnets. Network devices in an IP subnet have a common IP address prefix. Communication between subnets is done by routers. Dividing a network into smaller parts is also good for performance, because broadcasts (packets sent to everyone) don't cross a subnet border. Virtual LAN (VLANs) are used to have more subnets on one switch.

What is an IP address?

An IP (Internet Protocol) address is a logical address of a device in a computer network using IP protocol (works on Layer 3 of ISO/OSI model). IP addresses are used on the Internet. IP addresses are stored as 32-bit binary numbers, but they are displayed as four decimal numbers divided with a dot (dot-decimal notation), example An IP address indicates the logical location of a device. An IP address range is from to Public addresses are managed by IANA (Internet Assigned Numbers Authority) and blocks of addresses are allocated to Local Internet Registries. These address blocks correspondent to geological locations.

Note: I'm writing here about older and still-in-use Internet Protocol Version 4 (IPv4), but there is a new Version 6 of this protocol (IPv6) which uses 128 bits for the address and offers many more addresses.

If you want to find the IP address of your computer (often a private address), you can use a command ipconfig or ipconfig /all on Windows OS or ifconfig on Linux OS.

IP address parts

Basically an IP address has two parts, a network-identifying prefix followed by a host address within that network. During the evolution of IP subneting there were a lot of changes. It started with classful networking, where a network prefix was firmly done by an IP address (and its class). Across classless networking, where we can take a part of a host number from a class and use this part as a subnet number. So we can divide a class into more than one subnet with a lower count of hosts. Until today's subneting, which uses CIDR, where we use arbitrary network prefixes.

Notice: Although use of CIDR, still is common to divide an IP address into 3 parts, where network numbers are done by class (even if we use a classless network), a subnet number is separated from this class, and the rest is a host part. This is important when we calculate a number of subnets.

classful   <network-prefix><-------host-number-------->
classless  <network-number><subnet-number><host-number>
classless  <-------network-prefix--------><host-number>

Public IP addresses

Public IP addresses are a major part of IP addresses. These addresses are used on the internet or other WAN (Wide Area Network) and could be routed in these networks.

Private IP addresses

Private IP addresses are used on a LAN (Local Area Network) and if you want to communicate to the internet you must translate this address to a public IP address. A common solution for address translation is NAT (Network Address Translation). We use private IP addresses to save the amount of public IP addresses.

networknetwork IDbroadcast addresshosts addresses class - class A - class B - class C

Special IP addresses

We also have some IP address ranges with special meanings.

networknetwork IDbroadcast address name     default network ID (zero) zero addresses localhost loopback addresses zeroconf addresses (APIPA) documentation and examples network device benchmark IPv6 to IPv4 relay Anycast     multicast addresses

Network ID

The first IP address of a subnet cannot be assigned to the host. This address identifies the subnetwork, it is called a network ID (or base address or network address). This address has only zeros in the host part.

Broadcast address

The last IP address of a subnet cannot be assigned to the host either, but is a subnet broadcast address. This address is used for a subnet directed broadcast, it is a message which is sent to all hosts in this subnet. This address has only ones in the host part. A subnet directed broadcast is routed through the network as a unicast, until it reaches the last hop router, and here it is sent as a full broadcast to this subnet. A full broadcast address has only ones in all octets, it is

Note: We have 3 types of communication (sending data). First is a unicast, when one host sends a message to another host. A broadcast, when one host sends a message either to all hosts (normally works for all hosts in the same subnet) or to all hosts in one specific subnet. And the last method is a multicast, when one host sends a message to a specific group of other hosts.

Host address

All other addresses in a subnet are host addresses. These addresses can be assigned to network devices such as computer. Here is an example how addresses look in the subnet Mask /30 is binary 11111111.11111111.11111111.11111100.

IP address binary type of address 11000000.10101000.00000101.00001100 network ID 11000000.10101000.00000101.00001101 host address 11000000.10101000.00000101.00001110 host address 11000000.10101000.00000101.00001111 broadcast address

What is a subnet mask?

Subnet mask tell us which part of an address is a network part and which is a host part. Network part designates a subnet and is used for routing to this subnet. Host part designates all members of this subnet and is useful only in this subnet. Subnet mask in IPv4 consist of 32 bits and normally is represented using dot-decimal form. Valid mask has ones from left side followed by zeros (after first zero can be only zeros). Example of a subnet mask is

Notice: Subnet mask is not allowed, because it has a 0 of possible hosts (it is possible to use this mask for some special point-to-point links). Mask addresses not a subnet, but one host.

Next table show details about all subnet masks.

CIDR decimal number of addresses classful subnets
/1 2147483646 128 A 2
/2 1073741822 64 A 4
/3 536870910 32 A 8
/4 268435454 16 A 16
/5 134217726 8 A 32
/6 67108862 4 A 64
/7 33554430 2 A 128
/8 16777214 1 A 256
/9 8388606 128 B 512
/10 4194302 64 B 1024
/11 2097150 32 B 2048
/12 1048574 16 B 4096
/13 524286 8 B 8192
/14 262142 4 B 16384
/15 131070 2 B 32768
/16 65534 1 B 65536
/17 32766 128 C 131072
/18 16382 64 C 262144
/19 8190 32 C 524288
/20 4094 16 C 1048576
/21 2046 8 C 2097152
/22 1022 4 C 4194304
/23 510 2 C 8388608
/24 254 1 C 16777216
/25 126 1/2 C 33554432
/26 62 1/4 C 67108864
/27 30 1/8 C 134217728
/28 14 1/16 C 268435456
/29 6 1/32 C 536870912
/30 2 1/64 C 1073741824
/31 0 1/128 C  
/32 1    


A shorter and easier form for representing a subnet mask is a Classless Inter-Domain Routing (CIDR) form. It's an IP address followed by a slash (/) and the number of one bits in the binary notation of the subnet mask (or only /number-of-bits). For example we have an IP address with a subnet mask, binary form of this mask is 11111111.11111111.11111111.11110000, so a CIDR representation is

Note: CIDR is not only a representation form, but also brings some mechanisms like VLSM, aggregation and more.


Variable Length Subnet Mask (VLSM) is a technique on which CIDR is based. It allows allocation on arbitrary length prefixes, it uses classless routing.

Wildcard mask

For some special applications (e.g. Cisco IOS access list) there is an inverse form of subnet mask called wildcard mask. We can do negation functions on a binary representation of a subnet mask, or take every decimal octet and calculate 255 - octet. For example, subnet mask has wildcard mask

Classful network

Old versions of Internet Protocol divided IP addresses into 5 classes, all of which define a subnet mask. Dividing into classes is done by the first bits of an IP address. A subnet mask isn't sent with an IP address during communication, because it is determined by IP address.

classsignificant bitsaddress rangemaskCIDR mask note
class A 0xxx0 - 127.x.x.x255.0.0.0/8 general
class B 10xx128 - 191.x.x.x255.255.0.0/16 general
class C 110x192 - 223.x.x.x255.255.255.0/24 general
class D1110224 - 239.x.x.x   multicast
class E1111240 - 255.x.x.x    reserved

Classless network

Soon, after greater use of the internet, it became obvious that classful network design is inefficient and not scalable. So new a network design was developed using VLSM and CIDR. It's called classless network. It allowed the division of classes into smaller subnets.

Supernet - aggregation

VLSM and CIDR let us use an aggregation of multiple contiguous subnetworks into one supernet. Supernets save space and resources during the routing process. If we have two subnets and, the supernet is


Maximum hosts and subnets

The maximum number of hosts and subnets in a particular subnetwork is designated by a subnet mask. A subnet mask divides an IP address into the network part and the host part by a number of ones and zeros. So we translate a subnet mask into binary form, or we can use a CIDR mask, and count the number of ones and zeros (number-of-zeros = 32 - number-of-ones). The network part of an address is designated by ones in the subnet mask, it means that we can change bits in this part and every time we'll get a different subnet, so the number of combinations in this part is the number of subnets. But the number of subnets depends on which addressing architecture we use (I mentioned this in the chapter "IP address parts"). If we use a CIDR, we can use the whole network prefix, this is how I understand modern subneting. We can count the number of subnets using the following equation.

2number-of-ones = number-of-subnets

Note: This is a new version of counting the number of a subnet following RFC 1812. In the past we used RFC 950 and we had to subtract 2 from this number (for all ones and all zeros address).

I often meet a situation when people think about a number of subnets in different way. I think, that it is correct for older networks, where we don't use CIDR. Here we have to find an IP address class and count the number of subnets only in this class.

2number-of-ones-in-mask - number-of-ones-in-class = number-of-subnets
   We have a address
   because of CIDR we know that a number of ones in the subnet mask is 22 and the number of zeros is 32 - 22 = 10
   1) a number of subnets for first situation = 222 = 4 194 304
   2) but for the second situation we have to take an IP address and by first bits find that it is a Class B (mask /16)
      so a number of subnets = 222-16 = 26 = 64

Number of hosts is an easier and similar principle. The host part of an address is designated by zeros in the subnet mask. We had to subtract 1 for the network ID and 1 for the broadcast address.

2number-of-zeros - 2 = number-of-hosts
   We have an address
   number of host = 210 - 2 = 1024 - 2 = 1022

Are two hosts from the same subnet?

We have two IP addresses with a subnet mask and we want to know if they are from the same subnet. First, the mask must be the same. Then we translate an IP address and a subnet mask into binary form. If the part, where in subnet mask are ones, is the same in both IP addresses they belong to the same subnet.

    IP address 1:, IP address 2:
    1) subnet masks are the same
    2) IP 1 binary: 11000000.10101000.00000101.00001101
       IP 2 binary: 11000000.10101000.00000111.10000000
       subnet mask: 11111111.11111111.11111100.00000000
    3) the network part of both addresses are the same, so they belong to the same subnet

Network ID

From a host IP address and a subnet mask, we can calculate a network ID. We need to translate an IP address and a subnet mask into binary form and after that we will do a bitwise AND.

   IP address:
   binary IP:   00001010.11011001.01111011.00000111
   binary mask: 11111111.11111111.11110000.00000000
   bitwise AND: 00001010.11011001.01110000.00000000

Another way to describe this is, that we take away the network part of an IP address and the host part fills with zeros.

Subnet broadcast address

Again from an IP address and a subnet mask we can calculate a broadcast address. We need to translate an IP address and a subnet mask into binary form and after we do a bitwise OR between an IP address and a negation mask, broadcast-address = IP-address OR NOT(subnet-mask).

   IP address:
   binary IP:     00001010.11011001.01111011.00000111
   binary mask:   11111111.11111111.11110000.00000000
   negation mask: 00000000.00000000.00001111.11111111
   bitwise OR:    00001010.11011001.01111111.11111111

Another way to describe this is, that we take away the network part of an IP address and the host part fills with ones.

Information sources