Quick Subnetting

If you haven’t already, check out my previous post on Subnetting in Binary.

When studying for exams and just for everyday work, it’s important to be super quick when needing to subnet.

Thankfully, there are a few tricks to accomplish this.

Trick #1 The Easy Boundaries

There are four main bit boundaries that are dead giveaways.

Lets look at it in CIDR notation.

/8 =
/16 =
/24 =
/32 =

We know that if the range is between /9 and /15 we’re subnetting in the second octet. If the range is between /17 and /23 the third octet. Finally, if the range is between /25 and /31 the fourth octet.

Trick #2 The ‘in rule’

All subnet masks are continuous 1’s. A subnet mask is never discontinuous like 10100111.

Therefore if we have a mask of /17 we can determine right away from our previous trick that we’re only ‘1 in’ the octet. A /20 would be ‘4 in’ and a /23 would be ‘7 in’ or alternatively, ‘1 back’.

1 in or 7 back = 128 subnet size. Decimal notation is .128.
2 inĀ  or 6 back = 64 subnet size. Decimal notation is .192.
3 in or 5 back = 32 subnet size. Decimal notation is .224.
4 in or 4 back = 16 subnet size. Decimal notation is .240.
5 in or 3 back = 8 subnet size. Decimal notation is .248.
6 in or 2 back = 4 subnet size. Decimal notation is .252.
7 in or 1 back = 2 subnet size. Decimal notation is .254.
8 in = The next octet. Doesn’t apply. Refer to Trick #1.

If you memorize the eight powers of two you’ll always know the correct subnet size.

Trick #3 Subtracting from 256

If we have a mask of /18 we know its equal to in decimal notation. In this mask we only care about octets that are neither 255 or 0. So in this case its 192. To quickly find out the subnet size, we can just subtract 256 with 192! Which really quick equals 64 (our subnet size).

Trick #4 Wildcard masks

Here’s our mask /26. How do we find out the wildcard mask? Well first we convert it to dotted decimal notation. /26 equals

To get the wildcard mask all we do is simply subtract the DDN from 255. - <-- Wildcard Mask

Or an even faster way is to take the subnet size /26 equals a 64 and simply subtract 1 which still equals 63.

Last example: /19 is
224 equals a subnet size of 32 in the third octet.
Therefore our wildcard mask is

Subnet in Binary

Subnetting is one of the most important pieces of knowledge an engineer must know. There’s quick ways to subnet but before learning the tricks, it’s important to know what is actually happening in binary.

An IPv4 address consists of 32 individual bits ranging between 0.0.0 – The reason for this is due to 255 being the biggest decimal number that we’re able to express in binary with 8 bits. 1111 1111 = 255.

Classful Address Ranges

Everyone has probably heard of these once or twice. The classes of addresses. Class A, B, C.

Class A: – ( a /8)

Class B: – ( a /16)

Class C: – (a /24)

Now that we know what they are, lets throw them out the window! This is no longer used any longer and now we incorporate classless subnetting called VLSM – variable length subnet masks. However, we need to know the address ranges of the classful subnets due to some older protocols like RIP. (and old people)


VLSM means that the mask for example /24 or determines the subnet size and no longer relies on the Class like A, B, or C to determine the subnet mask.

For instance you can have an address start with the class A IP address of which by old standards would mean that you own all the IP address space of – (16,777216 addresses) but nowadays would be subnetted down through VLSM to maybe a /15 or Which would give us an address range of –


Lets break down the previous example with binary and how it actually works. We used an with a subnet mask of or in CIDR (classless inter-domain routing notation) a /15.

Binary is simply either a 0 or a 1. An IPv4 address has 32 bits ( a bit is a 0 or a 1) cut into four separate chunks called octets. Therefore, an IPv4 address is composed of bits in the pattern of:

00000000.00000000.00000000.00000000 <-- 32 bits 
This example equals

00001000.00000000.00000000.00000000 equals
11111111.11111110.00000000.00000000 equals the subnet mask of

By looking at the above mask in binary, we can determine which bits are ‘locked’ and are non-permeable. Lets bold the Network ID with the Subnet Mask.

00001000.00000000.00000000.00000000 <-
11111111.11111110.00000000.00000000 <-

Going from the above, these bold bits are locked and can not be changed. To get the broadcast ID ( the last address in the subnet) we simply flip the unlocked bits.

00001000.00000000.00000000.00000000 <- Original
00001000.00000001.11111111.11111111 <- Flipped

By flipping our unlocked bits our broadcast ID is found of Network ID Subnet Mask Broadcast ID

One more example.

The /19 represents 19 locked bits meaning they can never change in this subnet. Lets show the the network ID and mask in binary.

10101100.00010000.00000000.00000000 equals
11111111.11111111.11100000.00000000 equals /19 or

If we flip the unlocked bits we get our broadcast

10101100.00010000.00000000.00000000 equals
10101100.00010000.00011111.11111111 equals Network ID Subnet ID Broadcast ID

So now that we know what is actually happening at the bit level, we’re now ready to move on to faster ways to subnet. We’ll cover that in my next post Quick Subnetting!