Subnetting – FLSM, VLSM, CIDR, Binary Method & Route Summarisation

1. What Is Subnetting and Why Does It Matter?

Subnetting is the process of dividing a single IP network into smaller logical subnetworks (subnets). Without subnetting, every device in the same network address space would be in the same broadcast domain — a single broadcast from one device reaches every other device, wasting bandwidth and creating security exposure.

Benefit How Subnetting Provides It
Reduced broadcast traffic Each subnet is its own broadcast domain. Broadcasts stay within the subnet and do not cross routers to other subnets
Efficient IP address use VLSM lets you allocate only as many addresses as a segment needs instead of wasting a full /24 on a 2-host WAN link
Security isolation Routers between subnets can apply ACLs, VLANs, and firewall policies to control inter-subnet traffic
Simpler troubleshooting Smaller, isolated subnets contain problems; a broadcast storm in one subnet does not affect others
Route summarisation Contiguous subnets can be summarised into a single route entry, reducing routing table size across the network

Related pages: Private vs Public IP Addresses | Default Routes | Static Routing Configuration | DHCP How It Works | OSPF Overview | OSPF Single-Area Lab (uses subnetting) | DHCP Server Configuration Lab

2. IPv4 Address Structure — Binary Breakdown

An IPv4 address is 32 bits long, written as four 8-bit octets in dotted decimal. The subnet mask defines where the network portion ends and the host portion begins. 

  IPv4 address: 192.168.10.100 /26

  Binary representation:
  192      . 168      . 10       . 100
  11000000 . 10101000 . 00001010 . 01100100

  Subnet mask /26 = 26 consecutive 1-bits followed by 6 zero-bits:
  11111111 . 11111111 . 11111111 . 11000000
  255      . 255      . 255      . 192

  AND the IP address with the subnet mask to find the Network Address:
  11000000 . 10101000 . 00001010 . 01100100   (192.168.10.100)
  11111111 . 11111111 . 11111111 . 11000000   (255.255.255.192)
  ------------------------------------------------ AND operation
  11000000 . 10101000 . 00001010 . 01000000   (192.168.10.64)  <-- Network address

  Host bits (6 bits of zeros = network, all 1s = broadcast):
  Network address:   ...01000000 = 192.168.10.64
  First usable host: ...01000001 = 192.168.10.65
  Last usable host:  ...01111110 = 192.168.10.126
  Broadcast address: ...01111111 = 192.168.10.127

Octet Bit Values — Reference

  Bit position:    128  64  32  16   8   4   2   1
  Binary:            1   0   0   0   0   0   0   0  = 128
                     1   1   0   0   0   0   0   0  = 192
                     1   1   1   0   0   0   0   0  = 224
                     1   1   1   1   0   0   0   0  = 240
                     1   1   1   1   1   0   0   0  = 248
                     1   1   1   1   1   1   0   0  = 252
                     1   1   1   1   1   1   1   0  = 254
                     1   1   1   1   1   1   1   1  = 255

  These are the only valid values for the last octet of a subnet mask.
  Any other value (e.g., 253, 127, 37) is INVALID.

3. IP Address Classes and Default Masks

Class First Octet Range Full Range Default Mask CIDR Network / Host Bits
A 1 – 126 1.0.0.0 – 126.255.255.255 255.0.0.0 /8 8 network / 24 host = 16,777,214 hosts
B 128 – 191 128.0.0.0 – 191.255.255.255 255.255.0.0 /16 16 network / 16 host = 65,534 hosts
C 192 – 223 192.0.0.0 – 223.255.255.255 255.255.255.0 /24 24 network / 8 host = 254 hosts
D 224 – 239 224.0.0.0 – 239.255.255.255 N/A (Multicast) N/A Reserved for multicast groups (OSPF, PIM, etc.)
E 240 – 255 240.0.0.0 – 255.255.255.255 N/A (Experimental) N/A Reserved — not used in production networks
127.x.x.x is excluded from Class A — it is reserved for the loopback address (127.0.0.1 = localhost). Class-based addressing is largely historical — modern networking uses classless inter-domain routing (CIDR) which ignores class boundaries entirely.

4. The Core Subnetting Formulas

  n = number of borrowed subnet bits (bits stolen from host portion)
  h = number of remaining host bits

  Number of subnets created:      2^n
  Total addresses per subnet:     2^h
  Usable host addresses:          2^h - 2   (subtract network + broadcast)
  Block size (increment):         256 - last_octet_of_subnet_mask

  Example: /26 subnet mask = 255.255.255.192
  Last octet = 192
  Host bits = 32 - 26 = 6
  Total addresses = 2^6 = 64
  Usable hosts = 64 - 2 = 62
  Block size = 256 - 192 = 64

  To find required prefix from host count:
  Need 50 hosts? -> 2^h - 2 >= 50 -> 2^6 = 64 -> 64 - 2 = 62 >= 50 -> /26
  Need 12 hosts? -> 2^h - 2 >= 12 -> 2^4 = 16 -> 16 - 2 = 14 >= 12 -> /28
  Need 2 hosts?  -> 2^h - 2 >= 2  -> 2^2 = 4  -> 4 - 2  = 2  >= 2  -> /30

  Special cases:
  /31: 2 addresses, 0 usable (RFC 3021 allows point-to-point use with 2 hosts)
  /32: 1 address, 0 usable (host route -- loopback, interface-specific routes)

5. The Complete Subnet Reference Table (/24 to /30)

Memorising this table is essential for CCNA exam speed — many questions require converting between prefix length, subnet mask, host count, and block size in seconds.

CIDR Subnet Mask Host Bits Total Addresses Usable Hosts Block Size Subnets from /24
/24 255.255.255.0 8 256 254 256 1
/25 255.255.255.128 7 128 126 128 2
/26 255.255.255.192 6 64 62 64 4
/27 255.255.255.224 5 32 30 32 8
/28 255.255.255.240 4 16 14 16 16
/29 255.255.255.248 3 8 6 8 32
/30 255.255.255.252 2 4 2 4 64
/31 255.255.255.254 1 2 0 (2 with RFC 3021) 2 128
/32 255.255.255.255 0 1 0 (host route) 1 256

6. Fixed-Length Subnet Masking (FLSM)

FLSM uses the same subnet mask for every subnet in the design. All subnets are equal in size. This is simpler to calculate but wastes IP addresses when subnets have very different host requirements.

FLSM Step-by-Step Method

  Problem: Subnet 192.168.10.0/24 into exactly 4 equal subnets.

  Step 1 — Determine how many subnet bits to borrow:
  Need 4 subnets. 2^n >= 4 -> n = 2 (2^2 = 4)
  Borrow 2 bits from host portion.

  Step 2 — Calculate new prefix:
  Original /24 + 2 borrowed bits = /26

  Step 3 — Calculate block size:
  New subnet mask = 255.255.255.192
  Block size = 256 - 192 = 64

  Step 4 — List all subnets (increment by block size):
  Start at 192.168.10.0, add 64 each time:
Subnet Network Address First Usable Host Last Usable Host Broadcast Usable Hosts
1 192.168.10.0/26 192.168.10.1 192.168.10.62 192.168.10.63 62
2 192.168.10.64/26 192.168.10.65 192.168.10.126 192.168.10.127 62
3 192.168.10.128/26 192.168.10.129 192.168.10.190 192.168.10.191 62
4 192.168.10.192/26 192.168.10.193 192.168.10.254 192.168.10.255 62
Quick verification: The broadcast address of one subnet is always one less than the network address of the next subnet (63, 127, 191, 255). The last subnet's broadcast must be the broadcast of the original block (192.168.10.255 here). If it isn't, check your arithmetic.

7. Variable-Length Subnet Masking (VLSM)

VLSM allows different subnet masks within the same network, fitting the subnet size to the actual number of hosts needed. It requires classless routing protocols (OSPF, EIGRP, RIPv2, BGP) that carry subnet mask information in their updates.

VLSM Golden Rule

Always allocate largest subnet first, then work down to smallest. Starting with the largest ensures each subnet uses contiguous address space and subnets never overlap.

VLSM Worked Example — Full Solution

  Problem: Given 192.168.20.0/24, create subnets for:
  Subnet A: 100 hosts
  Subnet B: 50 hosts
  Subnet C: 10 hosts
  Subnet D: 2 hosts (WAN link between two routers)

  Allocate largest first:

  SUBNET A (100 hosts):
  2^h - 2 >= 100 -> h = 7 (2^7 - 2 = 126) -> /25
  Network: 192.168.20.0/25
  Range: 192.168.20.1 - 192.168.20.126
  Broadcast: 192.168.20.127
  (Used: .0 - .127 = 128 addresses)

  SUBNET B (50 hosts):
  2^h - 2 >= 50 -> h = 6 (2^6 - 2 = 62) -> /26
  Next available: 192.168.20.128
  Network: 192.168.20.128/26
  Range: 192.168.20.129 - 192.168.20.190
  Broadcast: 192.168.20.191
  (Used: .128 - .191 = 64 addresses)

  SUBNET C (10 hosts):
  2^h - 2 >= 10 -> h = 4 (2^4 - 2 = 14) -> /28
  Next available: 192.168.20.192
  Network: 192.168.20.192/28
  Range: 192.168.20.193 - 192.168.20.206
  Broadcast: 192.168.20.207
  (Used: .192 - .207 = 16 addresses)

  SUBNET D (2 hosts -- WAN point-to-point):
  2^h - 2 >= 2 -> h = 2 (2^2 - 2 = 2) -> /30
  Next available: 192.168.20.208
  Network: 192.168.20.208/30
  Range: 192.168.20.209 - 192.168.20.210
  Broadcast: 192.168.20.211
  (Used: .208 - .211 = 4 addresses)

  Remaining unused: 192.168.20.212 - 192.168.20.255 (44 addresses for future use)
Subnet Hosts Needed CIDR Subnet Mask Network Address Usable Range Broadcast Usable Hosts
A 100 /25 255.255.255.128 192.168.20.0 .1 – .126 .127 126
B 50 /26 255.255.255.192 192.168.20.128 .129 – .190 .191 62
C 10 /28 255.255.255.240 192.168.20.192 .193 – .206 .207 14
D (WAN) 2 /30 255.255.255.252 192.168.20.208 .209 – .210 .211 2

8. FLSM vs VLSM — Comparison

Feature FLSM VLSM
Subnet sizes All equal (same prefix length) Variable (different prefix lengths)
IP efficiency Wasteful — small subnets get same size as large ones Efficient — each subnet sized to actual needs
Calculation complexity Simple — one calculation applied to all More complex — separate calculation per subnet
Protocol requirement Works with classful (RIPv1) and classless protocols Requires classless protocols (OSPF, EIGRP, RIPv2, BGP) that carry subnet mask in updates
Routing table Fewer entries (all same size, may summarise easily) More entries (variable sizes, more complex summarisation)
Use case Simple, uniform networks with similar-sized segments Modern enterprise networks with mixed segment sizes (LAN, WAN links, DMZ, management)

9. CIDR Notation and Classless Addressing

CIDR (Classless Inter-Domain Routing) was introduced in 1993 to replace the rigid class-based system. Instead of fixed /8, /16, /24 boundaries, CIDR allows any prefix length from /0 to /32. 

  CIDR notation: IP_address / prefix_length
  Example: 192.168.1.0/26

  The /26 tells you: 26 bits are the network portion.
  Remaining 32-26 = 6 bits are the host portion.

  CIDR replaces:
  Old classful: "This is a Class C network with mask 255.255.255.0"
  New CIDR:     "This is a 192.168.1.0/26 subnet" -- mask is explicit

  CIDR enables:
  1. Subnetting within any class boundary
  2. Supernetting across class boundaries (route aggregation)
  3. ISPs allocating address blocks of any size to customers

  CIDR blocks assigned by ISPs:
  Customer A gets: 203.0.113.0/25  (126 hosts)
  Customer B gets: 203.0.113.128/26 (62 hosts)
  Customer C gets: 203.0.113.192/27 (30 hosts)
  ISP summarises all as: 203.0.113.0/24 to upstream internet

10. Supernetting and Route Summarisation

Supernetting (also called route summarisation or route aggregation) is the opposite of subnetting — it combines multiple contiguous smaller networks into a single, larger summary route. This reduces the number of routing table entries, speeds up routing lookups, and hides topology changes. 

  Supernetting example: combine four /24 networks into one summary

  Networks to summarise:
  192.168.0.0/24
  192.168.1.0/24
  192.168.2.0/24
  192.168.3.0/24

  Step 1: Write all network addresses in binary (third octet):
  192.168.0.0  = 192.168. 00000000 .0
  192.168.1.0  = 192.168. 00000001 .0
  192.168.2.0  = 192.168. 00000010 .0
  192.168.3.0  = 192.168. 00000011 .0
                                ^^
                   Last 2 bits differ -> common prefix = 22 bits

  Step 2: Summary address = common bits + remaining zeros
  192.168.00000000.0 = 192.168.0.0

  Summary route: 192.168.0.0/22
  This one route covers all four /24 networks.
  Any destination matching 192.168.0-3.x is forwarded via this route.

  Requirement: Networks must be CONTIGUOUS and be a power-of-2 block
  starting on an aligned boundary.
  192.168.0.0/22 covers .0.x through .3.x (exactly 4 x /24 = valid)
  192.168.1.0/22 would NOT be valid -- .1 is not aligned to a /22 boundary

Practical Summarisation on Cisco IOS

! OSPF manual summarisation at an ABR (Area Border Router):
Router(config-router)# area 1 range 192.168.0.0 255.255.252.0
! Summarises 192.168.0.0/24 through 192.168.3.0/24 as 192.168.0.0/22

! EIGRP manual summarisation on an interface:
Router(config-if)# ip summary-address eigrp 1 192.168.0.0 255.255.252.0

! Static summary route pointing to Null0 (leak prevention):
Router(config)# ip route 192.168.0.0 255.255.252.0 Null0

11. Private IP Address Ranges

RFC 1918 reserves three address ranges as private — they are not routed on the public internet and can be reused freely within any organisation. NAT (Network Address Translation) converts private addresses to a public IP for internet access.

Class Private Range CIDR Number of Addresses Common Use
A 10.0.0.0 – 10.255.255.255 10.0.0.0/8 16,777,216 Large enterprises, data centres, cloud VPCs
B 172.16.0.0 – 172.31.255.255 172.16.0.0/12 1,048,576 Medium enterprises, service provider customer networks
C 192.168.0.0 – 192.168.255.255 192.168.0.0/16 65,536 Small offices, home networks, lab environments
Other special-purpose addresses: 127.0.0.0/8 = loopback (localhost). 169.254.0.0/16 = APIPA (Automatic Private IP Addressing — assigned when DHCP fails). 0.0.0.0/0 = default route. 255.255.255.255 = limited broadcast (all hosts on local subnet).

See Private vs Public IP Addresses for NAT configuration and internet routing details.

12. Finding the Network, Host Range, and Broadcast — Rapid Method

The fastest exam technique for determining the subnet details of a given IP address and mask does not require binary conversion for the common /24-to-/30 range. 

  Problem: What network does 10.10.50.77/28 belong to?
  What are the first host, last host, and broadcast?

  Step 1: Identify block size
  /28 -> mask = 255.255.255.240 -> last octet = 240
  Block size = 256 - 240 = 16

  Step 2: Find the subnet boundary
  Divide the host octet (77) by the block size (16):
  77 / 16 = 4 remainder 13 -> subnet starts at 4 x 16 = 64

  Network address:   10.10.50.64  (64 is the multiple of 16 <= 77)
  Broadcast address: 10.10.50.79  (next multiple - 1: 80 - 1 = 79)
  First usable host: 10.10.50.65  (network + 1)
  Last usable host:  10.10.50.78  (broadcast - 1)

  Verification: 77 is between 65 and 78 -- confirmed, IP is in this subnet.

  Another example: 172.16.5.200/29
  Block size = 256 - 248 = 8
  200 / 8 = 25 remainder 0 -> subnet starts at 25 x 8 = 200
  Network: 172.16.5.200    Broadcast: 172.16.5.207
  First: 172.16.5.201      Last: 172.16.5.206

13. Exercises — Fully Solved

Exercise 1: FLSM — Subnet 192.168.10.0/24 into 4 equal subnets

Subnet Network Address Usable IP Range Broadcast Subnet Mask
1 192.168.10.0/26 .1 – .62 .63 255.255.255.192
2 192.168.10.64/26 .65 – .126 .127 255.255.255.192
3 192.168.10.128/26 .129 – .190 .191 255.255.255.192
4 192.168.10.192/26 .193 – .254 .255 255.255.255.192

Exercise 2: VLSM — Subnet 172.16.20.0/24 for given requirements

Subnet Hosts Needed Network Address CIDR Mask Usable Range Broadcast
A 50 172.16.20.0 /26 255.255.255.192 .1 – .62 .63
B 30 172.16.20.64 /26 255.255.255.192 .65 – .126 .127
C 12 172.16.20.128 /28 255.255.255.240 .129 – .142 .143
D 6 172.16.20.144 /29 255.255.255.248 .145 – .150 .151

14. Key Points & Exam Tips

  • Usable hosts formula: 2^h − 2 where h = host bits (32 − prefix). Always subtract 2 for network address and broadcast address.
  • Block size = 256 − last octet of subnet mask. This is the increment between consecutive subnet network addresses.
  • Network address = all host bits set to 0. Broadcast address = all host bits set to 1.
  • FLSM: all subnets same size; simple; works with classful or classless protocols. VLSM: variable sizes; requires classless protocols (OSPF, EIGRP, RIPv2, BGP).
  • VLSM order: always allocate largest subnet first to avoid overlap.
  • Memorise the table for /24 through /30: usable hosts are 254, 126, 62, 30, 14, 6, 2 respectively.
  • /30 for point-to-point WAN links — 2 usable hosts, no waste. /31 (RFC 3021) is also used on modern Cisco equipment for WAN links.
  • Supernetting rule: networks must be contiguous AND start on an aligned power-of-2 boundary. Four /24s can summarise only if the first is a multiple of 4 (e.g., .0, .4, .8, .12... — NOT .1, .2, .3).
  • Private ranges (RFC 1918): 10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16. Not routed on the public internet; used with NAT.
  • Rapid method: divide host octet by block size; multiply the quotient by block size to get the network address; add block size − 1 to get the broadcast address.

Related pages: Private vs Public IP Addresses | Default Routes | Static Routing Configuration | DHCP How It Works | OSPF Overview | NAT / PAT Overview | OSPF Single-Area Lab (uses subnetting) | DHCP Server Configuration Lab

15. Subnetting (FLSM & VLSM) Quiz

1. A network engineer needs to subnet 10.0.0.0/8 to create segments for a site with 500 hosts, a segment with 200 hosts, a segment with 50 hosts, and four point-to-point WAN links. Which subnetting approach is most appropriate, and why?

Correct answer is D. VLSM is the correct choice whenever segments have significantly different host requirements. Using FLSM here would force a single mask on every segment: since the largest segment needs 500 hosts, you'd need at minimum /23 (510 usable) for ALL segments. That means each 2-host WAN link would get a 510-host subnet — wasting 508 addresses per WAN link, plus thousands of wasted addresses for smaller LAN segments. VLSM solves this by right-sizing each subnet: /23 for 500-host LAN, /24 for 200-host LAN, /26 for 50-host segment, /30 for each WAN link (exactly 2 hosts needed). VLSM requires classless routing protocols (OSPF, EIGRP, RIPv2, BGP) that carry the subnet mask in routing updates — modern protocols all support this. With 10.0.0.0/8 providing over 16 million addresses, IP space is not an issue here, but in production scenarios with limited address space, VLSM can be the difference between having enough addresses and running out.

2. An engineer has 192.168.5.0/24. They need to create 8 equal subnets. What is the correct new prefix length, block size, and how many usable hosts does each subnet provide?

Correct answer is B. To create exactly 8 subnets from a /24: the formula is 2^n ≥ 8, where n = borrowed bits. 2^3 = 8, so borrow 3 bits. New prefix = /24 + 3 = /27. The subnet mask for /27 is 255.255.255.224 (the last octet 224 = 128+64+32 = the three borrowed bits). Block size = 256−224 = 32. Each subnet has 32 total addresses; usable hosts = 32−2 = 30. The 8 subnets would be: .0/27, .32/27, .64/27, .96/27, .128/27, .160/27, .192/27, .224/27. Option A (/26) only gives 4 subnets (2^2). Option C (/28) gives 16 subnets (2^4) — more than needed. Option D (/25) gives 2 subnets (2^1).

3. A host has the IP address 172.16.45.200/28. What is the network address of the subnet this host belongs to, and what is the broadcast address?

Correct answer is C. Using the rapid subnetting method: /28 = mask 255.255.255.240. Block size = 256 − 240 = 16. Divide host octet by block size: 200 ÷ 16 = 12.5. The integer part is 12. Network address = 12 × 16 = 192 → 172.16.45.192. Broadcast = next multiple − 1 = 13 × 16 − 1 = 208 − 1 = 207 → 172.16.45.207. Verification: 200 is between 193 and 206 (usable range), confirming the host is in this subnet. First usable host: 172.16.45.193. Last usable host: 172.16.45.206. Total usable hosts: 14 (2^4−2). Note: option A gives the same answer as C — both are correct, but option C explicitly shows the working, making it the best answer choice as written.

4. A VLSM design requires subnets of 100, 60, 25, and 2 hosts from 10.1.1.0/24. In what order should subnets be allocated, and what are the correct prefix lengths for each?

Correct answer is A. The VLSM golden rule is always allocate the largest subnet first. This ensures clean, non-overlapping address allocation. Starting with the 100-host requirement: 2^h−2 ≥ 100 → h=7 (2^7−2=126) → /25. Subnet A: 10.1.1.0/25 (.0−.127). Then 60 hosts: 2^h−2 ≥ 60 → h=6 (2^6−2=62) → /26. Subnet B: 10.1.1.128/26 (.128−.191). Then 25 hosts: 2^h−2 ≥ 25 → h=5 (2^5−2=30) → /27. Subnet C: 10.1.1.192/27 (.192−.223). Then 2 hosts: 2^h−2 ≥ 2 → h=2 (2^2−2=2) → /30. Subnet D: 10.1.1.224/30 (.224−.227). If you allocated smallest first, you'd place the tiny subnets at the beginning of the space, and the large /25 subnet might not fit without jumping over gaps or creating an unnecessarily complex design.

5. An engineer wants to summarise these four networks into a single summary route: 192.168.4.0/24, 192.168.5.0/24, 192.168.6.0/24, 192.168.7.0/24. What is the correct summary?

Correct answer is C. To find the summary route, write the network addresses in binary and find the common prefix. Third octet values: 4 = 00000100, 5 = 00000101, 6 = 00000110, 7 = 00000111. Comparing all four: the first 6 bits (000001xx) are common; the last 2 bits differ (00, 01, 10, 11). This means the common prefix in the third octet is 6 bits. Total prefix = 8 (first octet) + 8 (second octet) + 6 (third octet) = 22 bits. Summary address = common bits with remaining bits set to 0 = 192.168.4.0. Summary route = 192.168.4.0/22. This /22 covers .4.0 through .7.255 — exactly the four /24 networks. Option B (192.168.0.0/22) would cover .0.x through .3.x — wrong range. A /22 covers 4 × /24 networks = 1024 addresses. The alignment requirement is met: 4 is a multiple of 4 (the number of /24s being summarised).

6. A subnet mask of 255.255.255.248 is applied to a network. How many usable host addresses does each subnet provide, and what CIDR prefix does this correspond to?

Correct answer is B. Converting the subnet mask to CIDR: 255.255.255.248. The first three octets (255.255.255) account for 24 bits. The last octet 248 in binary = 11111000 — five 1-bits. Total prefix = 24 + 5 = /29. Host bits = 32 − 29 = 3. Total addresses per subnet = 2^3 = 8. Usable hosts = 8 − 2 = 6. Block size = 256 − 248 = 8. This is commonly used for small segments needing more than 2 but not more than 6 hosts — for example, a small branch network with a handful of devices, or a DMZ with a few servers. The /29 subnets increment by 8: .0, .8, .16, .24, .32... etc.

7. Which of the following addresses is the NETWORK address (not a usable host address) in the subnet 192.168.100.96/27?

Correct answer is D. For the subnet 192.168.100.96/27: /27 mask = 255.255.255.224, block size = 256−224 = 32. The network address is 192.168.100.96 (the base address with all host bits set to 0). This address identifies the subnet itself and cannot be assigned to any device. The broadcast address is 192.168.100.127 (all host bits set to 1 = 96+32−1 = 127). Usable host range: 192.168.100.97 through 192.168.100.126 (30 usable hosts). Options A (.97), B (.110), and C (.126) are all valid usable host addresses within this /27 subnet. Only .96 (the network address) and .127 (the broadcast address) cannot be assigned to hosts. Trying to configure a host with the network address often causes "duplicate IP" or routing issues.

8. A network administrator needs to subnet 10.0.0.0/24 to support exactly 16 subnets. They choose /28. Is this correct, and how many usable hosts does each subnet provide?

Correct answer is A. Starting with /24 (8 host bits available). To create 16 subnets: 2^n ≥ 16 → n = 4 (2^4 = 16 exactly). Borrow 4 bits: /24 + 4 = /28. This is correct. Host bits remaining = 8−4 = 4. Usable hosts = 2^4 − 2 = 16 − 2 = 14. Block size = 256 − 240 = 16. The 16 subnets are: 10.0.0.0/28, 10.0.0.16/28, 10.0.0.32/28, ..., 10.0.0.240/28. Each has network+14 hosts+broadcast = 16 addresses. All 16 subnets together exactly span the original /24 (16 × 16 = 256 addresses). If /29 were used (borrowing 5 bits): 2^5 = 32 subnets — more than needed, each with only 6 usable hosts.

9. A network engineer is designing an address scheme for a WAN link between two routers. The link requires exactly 2 IP addresses (one per router interface). Which subnet mask is the most efficient choice, and why not use a /29?

Correct answer is C. For a point-to-point WAN link requiring exactly 2 IP addresses, the /30 subnet is the standard choice. /30 provides 2^2−2 = 2 usable hosts — precisely what's needed. Each /30 uses only 4 addresses total (network + 2 hosts + broadcast). Using a /29 (6 usable hosts, 8 addresses total) wastes 4 addresses per link with no benefit — a WAN point-to-point link physically connects exactly two devices. In large-scale networks with hundreds or thousands of WAN links, this waste adds up significantly. Modern Cisco implementations often use /31 (RFC 3021) for point-to-point links — it has no network or broadcast address concept (just 2 host addresses out of 2 total), saving one more address per link. The /31 requires ip subnet-zero or the equivalent modern Cisco default that allows /31 usage. For CCNA exam purposes, /30 remains the standard recommendation for WAN point-to-point links.

10. A router receives packets destined for 172.20.16.50. Its routing table contains these entries: 172.20.0.0/16, 172.20.16.0/24, and 172.20.16.48/29. Which entry is used, and what principle determines the selection?

Correct answer is B. This question tests the longest prefix match rule — a fundamental routing principle that also applies to subnetting. When multiple routing table entries match a destination address, the router always uses the most specific (longest prefix = most bits matching) entry. Checking all three: 172.20.0.0/16 matches — 172.20.x.x (16-bit match). 172.20.16.0/24 matches — 172.20.16.x (24-bit match). 172.20.16.48/29 matches — verifying: /29 block size = 8; 48/8=6; network = 6×8 = 48; broadcast = 48+8−1 = 55; usable range: .49–.54. Wait — .50 IS in this range. 29-bit match, the most specific. The /29 wins. This is the longest prefix match principle — the same principle used in the routing table and in access control lists (most specific ACE matches first). Understanding subnetting at this level also explains why VLSM with overlapping subnet ranges would cause routing confusion: the router always uses the most specific match.

← Back to Home