ToolSec

๐ŸŒ Network & IP

What Is a Subnet? CIDR Notation Explained

ยท 7 min read ยท Updated June 27, 2026

If you've ever seen an address like 192.168.1.0/24 and wondered what the /24 means, this guide is for you. Subnetting is one of those networking topics that feels intimidating until it clicks โ€” and then it's just counting bits. Let's build it up from the ground.

What is a subnet?

A subnet (short for "sub-network") is a logical division of a larger IP network. Splitting a network into subnets lets you group devices, control how traffic flows between them, and use address space efficiently. Every device on the same subnet can reach each other directly; to talk to a device on a different subnet, traffic goes through a router.

An IPv4 address is 32 bits, usually written as four numbers 0โ€“255 (each number is 8 bits, called an octet). A subnet splits those 32 bits into two parts: a network portion that identifies the subnet, and a host portion that identifies an individual device within it.

What does /24 mean? CIDR notation

The number after the slash โ€” the CIDR prefix โ€” tells you how many bits belong to the network portion. /24 means the first 24 bits are the network, leaving the last 8 bits for hosts. Since 8 bits can count from 0 to 255, a /24 contains 256 addresses.

The prefix and the older "subnet mask" notation describe exactly the same thing:

  • /24 = mask 255.255.255.0 = 256 addresses
  • /25 = mask 255.255.255.128 = 128 addresses
  • /26 = mask 255.255.255.192 = 64 addresses
  • /30 = mask 255.255.255.252 = 4 addresses

Notice the pattern: each extra bit in the prefix halves the number of addresses. That's the whole trick โ€” adding to the prefix borrows a bit from hosts and gives it to the network.

Network and broadcast addresses

Within any subnet, two addresses are reserved. The network address (all host bits 0) names the subnet itself, and the broadcast address (all host bits 1) is used to send to every device at once. Neither is assigned to a device, which is why a /24 with 256 total addresses has only 254 usable hosts. For a /30 โ€” common on point-to-point links โ€” that leaves just 2 usable addresses out of 4.

Why split a network into subnets?

  • Security & segmentation. Put servers, staff laptops and IoT devices on separate subnets so a compromise in one doesn't reach the others.
  • Performance. Smaller subnets mean smaller broadcast domains and less noise.
  • Organisation. One subnet per department, floor or function makes addressing and firewall rules easier to reason about.
  • Efficiency. Right-sizing subnets avoids wasting large blocks of addresses.

A worked example

Say you have 192.168.10.0/24 (256 addresses) and want four equal subnets. Borrow two host bits to make four blocks of /26 (64 addresses each):

  • 192.168.10.0/26 โ†’ hosts .1โ€“.62
  • 192.168.10.64/26 โ†’ hosts .65โ€“.126
  • 192.168.10.128/26 โ†’ hosts .129โ€“.190
  • 192.168.10.192/26 โ†’ hosts .193โ€“.254

The boundaries (0, 64, 128, 192) are where most manual subnetting goes wrong โ€” which is exactly what a calculator is for.

Private vs public ranges

Some ranges are reserved for private networks (RFC 1918) and are never routed on the public internet: 10.0.0.0/8, 172.16.0.0/12 and 192.168.0.0/16. That's why your home router hands out 192.168.x.x addresses โ€” they're private and reused everywhere behind NAT.

Try it yourself

The fastest way to internalise subnetting is to play with it. Drop an address and prefix into our subnet calculator to see the network, broadcast, host range and usable count instantly, and use the CIDR โ†” IP range converter to translate between blocks and plain address ranges. When you move to IPv6, the IPv6 subnet calculator applies the same ideas to 128-bit addresses.

Frequently asked questions

What does /24 mean in an IP address?

The /24 is the CIDR prefix: the first 24 bits are the network portion, leaving 8 bits for hosts. That's a subnet mask of 255.255.255.0, with 256 total addresses and 254 usable hosts.

What's the difference between a subnet mask and CIDR?

They express the same information two ways. CIDR (/24) counts the network bits; the subnet mask (255.255.255.0) shows those bits as four octets. Calculators convert between them.

Why are there only 254 usable hosts in a /24?

Two addresses are reserved: the network address (all host bits 0) and the broadcast address (all host bits 1). They can't be assigned to devices, so 256 total minus 2 leaves 254 usable.

Try the related tools

Related guides