Subnet is essentially an IP range, a set of consecutive IP addresses, within which network devices can communicate with each other directly using MAC addresses. If you want to connect a device whose IP address is not in the same subnet, you need a gateway that knows how to route the packet to the recipient in another network. But we will cover gateways and routing in a future module.

Example: Jaska's laptop and phone are in a small subnet with two IP addresses: 192.168.0.5 and 192.168.0.6. The laptop's IP address is 192.168.0.5 and the phone's address is 192.168.0.6.

You can directly connect Jaska's laptop to Jaska's phone using the MAC address (using ARP protocol as we learned earlier) at address 192.168.0.6.

But now Jaska wants to connect to a game server on the Internet at address 1.2.3.4. The IP address 1.2.3.4 does not belong to Jaska's small subnet, so Jaska needs to route to the game server through the Internet.

But how does Jaska's computer know that 1.2.3.4 is not within Jaska's subnet IP range, but 192.168.0.6 is? The answer lies in the IP address 

 with the subnet mask set in Jaska's network card settings, which allow Jaska's computer to directly determine that both 1.2.3.4 and even 192.168.0.7 are outside Jaska's network.

Subnet mask, which doesn't really roll off the tongue so let's call it a mask from now on, is a way to split an IP address into two parts, network and device.

Assume that we have an IP address of 192.168.1.100 and we are using the following mask: 255.255.255.0 (which we will discuss shortly in /24 CIDR notation). Let's examine this example using bit strings.

In this example, the network mask contains 24 "1" bits and 8 "0" bits. The network is defined based on the "1" bits of the network mask, while the device is formed at the positions of the "0" bits of the network mask. Hence, the network is 192.168.1.0 and the device address is 0.0.0.100.

This means that the IP address in question belongs to network 192.168.1.0 and the device is 100. With the help of the mask, we can differentiate this IP address from other devices in the same domain.

CIDR notation (Classless Inter-Domain Routing) provides a condensed way to represent network masks. It enables clear expression of network masks by combining the IP address and the network mask into one notation.

In CIDR notation, the subnet mask is represented after the address with a slash, followed by the subnet mask length expressed in bits. For example, if the IP address is 192.168.1.10 and the subnet mask is 255.255.255.0, in CIDR notation it would be 192.168.1.10/24. In this case, "/24" indicates that there are 24 "1" bits in the subnet mask, which is equivalent to the subnet mask 255.255.255.0.

CIDR notation enables the compression and clear expression of network masks. It is a commonly used practice in network design and IP address management.

## Subnets

Subnet is essentially an IP range, a set of consecutive IP addresses, within which network devices can communicate with each other directly using MAC addresses. If you want to connect a device whose IP address is not in the same subnet, you need a gateway that knows how to route the packet to the recipient in another network. But we will cover gateways and routing in a future module.

Example: Jaska's laptop and phone are in a small subnet with two IP addresses: 192.168.0.5 and 192.168.0.6. The laptop's IP address is 192.168.0.5 and the phone's address is 192.168.0.6.

You can directly connect Jaska's laptop to Jaska's phone using the MAC address (using ARP protocol as we learned earlier) at address 192.168.0.6.

But now Jaska wants to connect to a game server on the Internet at address 1.2.3.4. The IP address 1.2.3.4 does not belong to Jaska's small subnet, so Jaska needs to route to the game server through the Internet.

But how does Jaska's computer know that 1.2.3.4 is not within Jaska's subnet IP range, but 192.168.0.6 is? The answer lies in the IP address **combined** with the subnet mask set in Jaska's network card settings, which allow Jaska's computer to directly determine that both 1.2.3.4 and even 192.168.0.7 are outside Jaska's network.

---

## Subnet Mask

Subnet mask, which doesn't really roll off the tongue so let's call it a mask from now on, is a way to split an IP address into two parts, network and device.

Assume that we have an IP address of 192.168.1.100 and we are using the following mask: 255.255.255.0 (which we will discuss shortly in /24 CIDR notation). Let's examine this example using bit strings.

- **IP Address**: 11000000.10101000.00000001.01100100
- **Subnet Mask**: 11111111.11111111.11111111.00000000
- **Network**: 11000000.10101000.00000001.00000000
- **Device**: 00000000.00000000.00000000.01100100

In this example, the network mask contains 24 "1" bits and 8 "0" bits. The network is defined based on the "1" bits of the network mask, while the device is formed at the positions of the "0" bits of the network mask. Hence, the network is 192.168.1.0 and the device address is 0.0.0.100.

This means that the IP address in question belongs to network 192.168.1.0 and the device is 100. With the help of the mask, we can differentiate this IP address from other devices in the same domain.

---

## CIDR Notation

CIDR notation (Classless Inter-Domain Routing) provides a condensed way to represent network masks. It enables clear expression of network masks by combining the IP address and the network mask into one notation.

In CIDR notation, the subnet mask is represented after the address with a slash, followed by the subnet mask length expressed in bits. For example, if the IP address is 192.168.1.10 and the subnet mask is 255.255.255.0, in CIDR notation it would be 192.168.1.10/24. In this case, "/24" indicates that there are 24 "1" bits in the subnet mask, which is equivalent to the subnet mask 255.255.255.0.

CIDR notation enables the compression and clear expression of network masks. It is a commonly used practice in network design and IP address management.

---

## Test your knowledge

@exercise bd38a242bb4c


Subnets, netmasks and CIDR notation

Let's get to know computer networks and network protocols in a little more depth than the basic course. A prerequisite for getting by, for example, with Nmap and Wireshark courses.

Let's delve a little deeper into computer networks and network protocols, beyond the basics of the introductory course. A prerequisite for this is, for example, proficiency in Nmap and Wireshark courses.

Subnets, netmasks and CIDR notation

Subnets

Learn to hack — start here