DEV Community

Cover image for What is Subnet mask? And its Usage with examples in general & on cloud implications.
Giri Dharan
Giri Dharan

Posted on

What is Subnet mask? And its Usage with examples in general & on cloud implications.

#data #cloud #networking #infrastructure

A subnet mask is a 32-bit number that divides an IPv4 address into network and host portions. Devices use it via bitwise AND operations to identify local traffic versus packets needing a router.

Definition

It consists of contiguous 1s (network bits) followed by 0s (host bits) in binary, often written in dotted decimal like 255.255.255.0 (/24 in CIDR notation). This enables subnetting to split large networks into smaller, efficient segments.

Common Examples

  • Class A: 255.0.0.0 (/8) – Supports ~16 million hosts per network.
  • Class B: 255.255.0.0 (/16) – Supports ~65,000 hosts.
  • Class C: 255.255.255.0 (/24) – Supports 254 hosts (limits broadcast traffic).

How It Works

For IP 192.168.1.10 with mask 255.255.255.0, the network ID is 192.168.1.0; hosts range from .1 to .254. Routers compare masks to forward traffic correctly, reducing congestion and enhancing security.

Notation Dotted Decimal Binary (key part) Usable Hosts
/24 255.255.255.0 11111111.00000000 254
/25 255.255.255.128 11111111.10000000 126
/26 255.255.255.192 11111111.11000000 62

How to calculate subnet mask from CIDR notation

To convert CIDR notation (like /24) to a subnet mask, count the prefix number as leading 1s in a 32-bit binary string, fill the rest with 0s, then group into four 8-bit octets and convert to decimal.

Steps

  1. Take the CIDR prefix (e.g., /24 means 24 bits).
  2. Write 24 ones followed by 8 zeros: 11111111.11111111.11111111.00000000.
  3. Convert each octet to decimal: 255.255.255.0.

Examples

CIDR Binary (grouped by octet) Subnet Mask
/16 11111111.11111111.00000000.00000000 255.255.0.0
/24 11111111.11111111.11111111.00000000 255.255.255.0
/27 11111111.11111111.11111111.11100000 255.255.255.224

For octet values, remember powers of 2: 128+64+32+16+8+4+2+1 (full octet=255); partial 1s yield 240 (/28), 248 (/29), 252 (/30), etc.

subnet mask configuration on cloud especially in aws

In AWS VPCs, the subnet mask is defined by the CIDR block's prefix length (e.g., /24 = 255.255.255.0), specifying the IP range available for instances in that subnet across an Availability Zone. It ensures non-overlapping addresses, reserves 5 IPs per subnet, and supports public/private isolation via route tables.

VPC Workflow

VPCs use primary CIDR (e.g., 10.0.0.0/16); subnets carve out portions like 10.0.1.0/24. Configure via console (VPC > Subnets > Create), CLI (aws ec2 create-subnet), or Terraform (cidr_block param).

Terraform Snippet 

resource "aws_vpc" "main" {
  cidr_block = "10.0.0.0/16"
}
resource "aws_subnet" "private" {
  vpc_id     = aws_vpc.main.id
  cidr_block = "10.0.2.0/24"  # 255.255.255.0
}
Enter fullscreen mode Exit fullscreen mode

Ideal for your DevOps IaC setups with Terraform/K8s.

Type Example CIDR Mask Routing Need
Public 10.0.1.0/24 255.255.255.0 Internet Gateway
Private 10.0.2.0/26 255.255.255.192 NAT Gateway

Top comments (0)