Discovering computer networks: hands on in the Open Networking Lab
Discovering computer networks: hands on in the Open Networking Lab

Start this free course now. Just create an account and sign in. Enrol and complete the course for a free statement of participation or digital badge if available.

Free course

Discovering computer networks: hands on in the Open Networking Lab

7.4 Subnet masks and CIDR

In this part you’ll revisit subnet masks but in a little more depth than you’ve seen previously. This will reinforce and extend your understanding of how the subnet mask indicates ‘network’ parts of the IP address and ‘host’ parts. You’ll also learn how a process called Classless Inter-Domain Routing (abbreviated as CIDR) achieves more efficient use of available network addresses in the IPv4 addressing scheme.

There are four videos in this part – each video is followed by an activity.

Watch the video below, which is about 3 minutes long.


Download this video clip.Video player: 47_revision.mp4
Skip transcript


You’ve met subnet masks at various places in the preceding sessions and particularly in Session 1 and Session 2. This video is just a brief reminder of what you already know about them.

You know that an IPv4 address is represented as four decimal numbers separated by dots like the example here, but that this is just a representation that makes it easy for humans to understand. It’s really a group of 32 binary digits, or bits, made up of four octets with each octet translated into a decimal number.

This shows the 32 bits for our example IP address. You also know from your study of Sessions 1 and 2 that an IP address has two components. The part to the left identifies the network a device is attached to. This part is known as the network part.

The part to the right uniquely identifies the device that is attached to the network. This part is known as the device part or, more commonly, the host part. I’ll stick to the term ‘host’ from now on.

The subnet mask identifies where the boundary between the network part and the host part lies.

The subnet mask looks a bit like an IP address in that it is also four decimal numbers separated by dots, but these decimal numbers are either 255 or 0. This is an example subnet mask.

Where there’s a 255 in the mask it means that the corresponding decimal number in the IP address is a network part and that this number mustn’t be altered on this network. A zero in the mask means that the corresponding decimal number in the address is a host part and this can be varied.

So with a subnet mask of, 192.168.2 is the network part and 100 is the host part.

You also know from Session 2 that the number of octets used by each part is variable. For example, the network part could be two octets long with a two octet host. So with a subnet mask of the network part in our example would be 192.168 and the host part would be 2.100.

Now try the activities that follow this video to complete your revision.

End transcript
Interactive feature not available in single page view (see it in standard view).

Activity 7 Test yourself

5 minutes

  • Identify the true statement from the options below for the IP address with its subnet mask of

  • a. 

    The host portion of the IP address is 192.168.2.


    The IP address is in the same network.


    The maximum number of device addresses on this network is less than 10.

    The correct answer is b.


    Correct. All IP addresses that start 192.168.2 are in the same network.

Watch the video below, which is about 3 minutes long.

Classful and classless addresses

Download this video clip.Video player: 48_classful_and_classless_addresses.mp4
Skip transcript


In this video I’m going take a closer look at subnet masks and introduce you to a system called Classless Inter-Domain Routing. I’m going to start with a bit of history.

When the IP addressing scheme was first developed, subnet masks weren’t used. Instead the address space was divided into five classes: A, B, C, D and E.

Class A addresses were indicated by a zero in the leading bit of the address (that is, the left-most bit) and provided 128 separate networks, each with over 16 million different addresses.

Class B addresses were indicated by one-zero in the two leading bits of the address, giving 16,346 networks each with over 65,000 different addresses.

Class C networks had one-one-zero in their three leading bits and could provide over 2 million separate networks each with 256 different addresses.

Class D addresses were used for broadcasting, and Class E addresses were reserved for future use.

By the way, for this this course you won’t need to remember any of the details shown here but they do help to provide a foundation for what I’m going to explain next.

One of the problems with this early addressing scheme (now known as ‘classful addressing’) is that the smallest allocation (a Class C address) provided only 256 host addresses whereas the next size up had 65,536. For some small organisations 256 address were more than enough but for others they weren’t. However, the 65,000 or so provided in the next size allocation (Class B addresses) were far, far too many so network addresses were being wasted and Class B addresses were starting to run out.

The answer to both these problems is Classless Inter-Domain Routing, abbreviated as CIDR (but pronounced ‘cider’). CIDRider eliminates the previous octet boundaries (8, 16 and 24) of classful addressing by allowing fluidity between the network portion and the host portion of the address. I’ll explain how this works.

Look again at the IP address and its subnet mask

By writing them out in binary and putting one below the other, you can see that the only portion of relevance to the subnet mask is where all the bits have a one in them. These are always contiguous and start from the left. So a subnet mask can just be expressed by counting up these bits. By convention this is shown with a forward slash followed by the number of bits with a one in them.

In this example there are 24 is in the subnet mask. This would be forward-slash-twenty-four and the complete network address / subnet mask pair could be expressed as

This provides a convenient shorthand which is known as CIDR notation.

End transcript
Interactive feature not available in single page view (see it in standard view).

Activity 8 Test yourself

5 minutes

  • 1. In the old classful addressing system, if an organisation needed 1500 network addresses, roughly how many network addresses from their allocation block would have been wasted?

  • The organisation would have been given a Class B address block with just over 65,500 addresses as a Class C address block (256 addresses) would have been too small. Therefore about 64,000 addresses would have been wasted.

  • 2. Express the following in CIDR notation:

    • IP address:
    • Subnet mast:
  • The subnet mask indicates that there are 16 bits in the network address, therefore in CIDR notation the IP address would be expressed as

Watch the video below, which is about 2 minutes long.


Download this video clip.Video player: 49_cidr.mp4
Skip transcript


In the last video you saw how CIDR notation enables fluidity between the rigid octet boundaries of the old classful addressing system. This has provided a way to make networks more scalable, so the old Class B addresses could be broken down into smaller allocations. Let me show you how this works.

I’ll demonstrate it with a simple example. I’ll use the network address with a subnet mask of and show both in binary. You can see that this provides 8 bits for the host portion (all those bits shown grey here).

Now, if we were to take two bits from the network portion and add it to the host portion, this would result in a network portion of 22 bits and a host portion of 10 bits giving 1024 addresses –four times as many as the old Class C addresses.

Now look at the third octet of bits in the subnet mask. This is 1111 1100. Your studies in the previous parts of this session should have enabled you to translate this into the decimal equivalent of 252, so in dotted decimal the subnet mask would be expressed as or in CIDR notation as /22.

By the way, although is a perfectly legitimate network address, it’s seldom used for reasons that I won’t go into here. I just used this address because it provided a convenient demonstration.

End transcript
Interactive feature not available in single page view (see it in standard view).

Activity 9 Test yourself

1 minute

  • What is the size of the host portion of the following IP address (expressed in CIDR notation):

  • /24 indicates that there are 24 bits in the network portion of the address. Therefore there must be 8 bits in the host portion.

Watch the video below, which is about 4 minutes long.

Subnetting with CIDR

Download this video clip.Video player: 50_subnetting_with_cidr.mp4
Skip transcript


In the previous video, you saw how CIDR provided a way to subdivide the network allocation boundaries of the old classful system into smaller chunks, resulting in more scaleable networks and less waste of network addresses. But other benefits arise from being able to subdivide networks into smaller portions. Remember that subnetting with CIDR is simply a method of dividing a block of IP addresses into smaller portions which can be operated as independent networks. This means that network managers can subdivide their networks to provide separation between different departments and functions.

In fact there are many advantages to separating out a network into smaller subnetworks. It can lead to an increase in reliability as technical problems in one subnet won’t affect other subnets. It helps with security as sensitive data can be restricted. Administration also becomes simpler and network traffic is reduced as broadcasts can be contained in smaller domains.

So I’ll briefly demonstrate how CIDR can be used to divide a network with 256 network addresses into smaller subnetworks. Let’s go back to that network address of Here it is with the binary version, shown in red, and here’s the binary version, shown in blue, of the original subnet mask

This subnet mask tells us that the first 24 bits give the network part of the address, and the last 8 bits give the host part. This network can provide 256 host addresses starting with the address and ending with the address You already know that is, of course, the network address and is the broadcast address for this network, so this leaves 254 available device addresses.

Now, here’s a new subnet mask of where we have taken two bits from the host address portion. This subnet mask tells us that there are now 26 bits in the network part and 6 bits in the host part.

Here are the addresses of the four newly created subnetworks. Each of these has a host portion of 6 bits providing 64 network addresses.

So, taking the top network, it has a network address of It can provide 62 device addresses starting and ending Its broadcast address will be

The next network has a network of address of and it also has a host portion of 6 bits and can provide 62 devices addresses, and so on.

So effectively, the previous 8-bit host address space which provided 256 different addresses has now been divided into four separate subnetworks each with a 6-bit host address (shown in black) and each providing 64 different network addresses.

The overarching network address of the organisation remains the same: You can see that all the numbers in the first 24 bits of the IP address remain unchanged. But within the organisation, CIDR has enabled the original 256 network addresses to be split into four separate and independent subnetworks.

So, just to summarise. The old classful method of indicating the network and host portions of an IP address was very rigid allowing boundaries to be placed only between octets. Classless Inter-Domain Routing (CIDR) removed the previous octet boundaries and enables scalability of networks. This helps to conserve network addresses and enables subdivision within networks.

End transcript
Interactive feature not available in single page view (see it in standard view).

Activity 10 Test yourself

5 minutes

Imagine you are a network manager who has been allocated an IP address block of 512 addresses.

  • 1. What would be the CIDR notation for your network?

  • A block of 512 addresses would have 9 bits in the host portion (29 = 512). This would mean that the network portion would be 32 − 9 = 23 bits. Therefore the CIDR notation would be /23.

  • 2. How many subnetworks with 128 addresses would you be able to create?

  • 512/128 = 4, therefore four subnets would be possible.

  • 3. What would be the CIDR notation for each of these four new subnets?

  • 128 addresses in the host portion would require 7 bits (27 = 128), leaving 25 bits in the network portion. Therefore the CIDR notation would be /25.


Take your learning further

Making the decision to study can be a big step, which is why you'll want a trusted University. The Open University has 50 years’ experience delivering flexible learning and 170,000 students are studying with us right now. Take a look at all Open University courses.

If you are new to University-level study, we offer two introductory routes to our qualifications. You could either choose to start with an Access module, or a module which allows you to count your previous learning towards an Open University qualification. Read our guide on Where to take your learning next for more information.

Not ready for formal University study? Then browse over 1000 free courses on OpenLearn and sign up to our newsletter to hear about new free courses as they are released.

Every year, thousands of students decide to study with The Open University. With over 120 qualifications, we’ve got the right course for you.

Request an Open University prospectus371