CIDR Notation and Subnetting: A Complete Guide for Network Engineers

← Back to Blog

CIDR (Classless Inter-Domain Routing) notation is the standard way to express IP address ranges and subnet configurations. Whether you are provisioning cloud infrastructure on AWS or GCP, configuring firewall rules, designing VPC layouts, or troubleshooting network issues, understanding CIDR and subnetting is an essential skill for developers and network engineers alike.

What Is CIDR Notation?

CIDR notation combines an IP address with a prefix length, separated by a slash:

192.168.1.0/24

The number after the slash — the prefix length — indicates how many bits of the 32-bit IPv4 address are used to identify the network. The remaining bits identify individual hosts within that network.

For 192.168.1.0/24: the first 24 bits (192.168.1) identify the network, and the last 8 bits (the final octet) identify up to 254 usable hosts.

IPv4 Subnet Fundamentals

The Subnet Mask

The subnet mask is the traditional way to express the same information as a prefix length. A /24 prefix equals a subnet mask of 255.255.255.0 — 24 consecutive binary ones followed by 8 zeros:

/24 = 11111111.11111111.11111111.00000000 = 255.255.255.0
/16 = 11111111.11111111.00000000.00000000 = 255.255.0.0
/8  = 11111111.00000000.00000000.00000000 = 255.0.0.0

Network, Broadcast, and Host Addresses

For any subnet, three special addresses are defined:

• Network address: All host bits set to 0 — identifies the subnet (192.168.1.0)
• Broadcast address: All host bits set to 1 — messages to all hosts (192.168.1.255)
• Usable host range: Everything in between (192.168.1.1 to 192.168.1.254)

Usable hosts = 2^{(32 − prefix)} − 2 (subtract 2 for network and broadcast).

Common Subnet Sizes and Their Uses

• /8 — 16,777,214 usable hosts — entire Class A range (e.g., 10.0.0.0/8)
• /16 — 65,534 usable hosts — large corporate networks (e.g., 172.16.0.0/16)
• /24 — 254 usable hosts — typical office or VPC subnet
• /28 — 14 usable hosts — small subnet for a specific service tier
• /30 — 2 usable hosts — point-to-point links between routers
• /32 — 1 address — single host route, loopback

Private IP Address Ranges (RFC 1918)

These ranges are reserved for private networks and are not routable on the public internet:

• 10.0.0.0/8 — large private range, common in cloud VPCs
• 172.16.0.0/12 — covers 172.16.x.x through 172.31.x.x
• 192.168.0.0/16 — common in home and office networks

Subnetting — Dividing a Network

Subnetting divides a larger network into smaller, more manageable subnets by extending the prefix length. Each additional bit borrowed doubles the number of subnets and halves the number of hosts per subnet.

Example: Split 10.0.0.0/24 into four equal /26 subnets:

10.0.0.0/26   → hosts 10.0.0.1   – 10.0.0.62   (62 usable)
10.0.0.64/26  → hosts 10.0.0.65  – 10.0.0.126  (62 usable)
10.0.0.128/26 → hosts 10.0.0.129 – 10.0.0.190  (62 usable)
10.0.0.192/26 → hosts 10.0.0.193 – 10.0.0.254  (62 usable)

Borrowing 2 bits from the host portion: 2² = 4 subnets, each with 2⁶ − 2 = 62 usable hosts.

Cloud Infrastructure Subnetting

When designing AWS VPCs, GCP VPCs, or Azure VNets, subnetting decisions have long-term consequences. Best practices:

• Start with a /16 VPC CIDR for maximum flexibility
• Allocate /24 subnets per availability zone per tier (web, app, database)
• Reserve a /27 or /28 for NAT gateways and load balancers
• Leave address space unallocated for future growth — don't use the entire VPC range immediately
• Avoid overlapping CIDRs across VPCs if you plan to use VPC peering

IPv6 Subnetting

IPv6 addresses are 128 bits long, written as eight groups of four hex digits: 2001:db8:abcd:0012::1/64. The prefix length works identically to IPv4.

A /64 IPv6 subnet contains 2⁶⁴ host addresses — roughly 18.4 quintillion. The standard practice is to always assign /64 subnets to individual network segments, since SLAAC (Stateless Address Autoconfiguration) requires a /64.

IPv6 Address Types

• ::1/128 — Loopback (equivalent to 127.0.0.1)
• fe80::/10 — Link-local (auto-configured, not routable)
• fc00::/7 — Unique local (private, RFC 4193)
• ff00::/8 — Multicast
• 2000::/3 — Global unicast (publicly routable)

Calculate Subnets Instantly

The IPv4 and IPv6 Subnet Calculator on DataConvertProTools gives you complete subnet information instantly — network address, broadcast address, first and last host, subnet mask, wildcard mask, binary representation, and a subnetting chart showing how the network can be divided. Enter any IP/CIDR notation and get results in under a second, entirely in your browser.