The process of subnetting large networks is often restricted by the network mask (netmask) employed. Quite often, we are required to create several subnetworks, each with a different number of host computers (workstations). Problems like this are often solved using variable-length subnetting. With variable-length subnetting, the administrator uses two or more subnet masks and each mask is a different length. In this Daily Drill Down, we will look at how variable subnetting may be used to solve some typical subnetting problems.

Previously on TechProGuild…
In previous articles, we covered the basics of TCP/IP addressing and subnet masking. For this Daily Feature, I recommend that you have a good understanding of TCP/IP address classes, bitwise AND operations, and binary operations.

Subnetting and subnet masking
Subentting is the process of dividing a network into smaller subnetworks, each with its own subnetwork address.

When a network needs to be subnetted, there must be a way to determine which network an IP address belongs to. Let’s assume a workstation with the IP address is located on the network and wants to send an IP packet to a workstation with the address The computer on the network needs to know if is on the same network or if the IP packet needs to be sent to the router, where it will be forwarded to another network.

The subnet mask is used to determine whether or not this IP packet belongs to the local network.

Subnet masking is a process used to extract the physical network address from an IP address. Actually, masking may be done whether there is a subnet in place or not. If there is no subnet, masking extracts the network address. If there is a subnet, masking extracts the subnetwork address.

The problem with subnet masking is that all of the subnets created are the same size. Subnet masking works well if the administrator needs to create several subnetworks with the same number of hosts on each subnet, but problems can arise when the number of hosts on each subnet is different. Variable-length masking provides administrators with an efficient way to create these subnets.

Variable-length subnet masking
Due to the rapid growth of the Internet, the number of available IP addresses is quickly being depleted. This is due to both the number of new networks and because IP addresses are often assigned to organizations where they are inefficiently used. For example, an organization might be assigned an entire block of more than 65,000 class B IP addresses when addresses are required for only 500 hosts.

To solve this problem, variable-length subnet masks (VLSMs) were developed. VLSMs allow network and subnetwork identifiers (netid and subnetid). By using VLSMs, administrators are able to build flexibility into their IP addressing systems and are able to assign IP addresses in a more efficient manner.

Let’s look at a typical situation a network administrator might have to deal with. In this example, the administrator is granted a Class C TCP/IP network address, From this initial address, the organization needs four subnets created; three of the subnets will have 50 hosts each and two will have 20 hosts each. The original Class C network is shown in Figure A.

Figure A
Our original Class C network can quickly become limiting.

The administrator must first consider which subnet masks will work in this situation. The best approach here is to look at the limitations of Class C subnet masks. The limitations include:

  • If the standard Class C netmask of is used, only one network is possible, with a maximum of 256 hosts. Using this mask eliminates any subnets.
  • If the mask is used, only one subnet with a maximum of 128 hosts is possible.
  • Using two bits in the subnetid section of the IP address,, allows four subnets, each with a maximum of 62 hosts (256 / 4 – 2 = 62). Sixty-two hosts are more than we will have on any one subnet, but this allows for only four subnets. The situation requires five subnets.
  • The next subnet mask,, allows for eight subnets to be created, but each subnet is limited to 30 hosts (256 / 8 =32, and 32 –2 = 30).

The solution is to use variable-length subnetting. When variable-length subnetting is employed, the router is supplied with two subnet masks. These masks are applied one after the other. In this situation, the administrator first creates four subnets using the mask The original subnet mask is, written in binary as:
11111111.11111111.11111111.00000000 =

and the original network IP address was, written in binary as:
11000000.10101000.00000011.00000000 =

Now, by applying the new subnet mask of, written in binary as:

we have added two bits to the network identifier section (netid) of the original IP address. This allows the administrator to create up to four (22) subnetworks from the original network address. Each of these newly created subnets may hold up to 64 (26) hosts.

Once the new subnet mask is determined, the administrator uses the following to create the subnets required:

  1. The first step is to apply the mask to the original network address. This new mask creates four new subnetworks (subnets). The subnetwork identifiers (subnetid) available to the administrator are:
    Three of the new subnetworks will each contain 60 hosts. When these first three subnetworks are created, our original Class C network,, looks like the example in Figure A.
  2. To create two more subnets, a second subnet mask of is applied. This divides the remaining subnet into two separate subnets. With five bits remaining to be used as host identifiers (hostids), each of these new subnets may hold up to 32 (25) hosts. Once this step is completed, the network now takes on the configuration shown in Figure B.

Figure B
Here’s our original network subnetted with two subnet masks.

With that step completed, we have now solved our original problem of how to create five subnetworks with 50 hosts on three of the subnets and 20 hosts on the two subnetworks created using variable-length subnet masking.

The rapid growth of the Internet has led to many situations where Class C network addresses are the only ones available to administrators. The ability to create subnetworks using the procedures outlined in this Daily Feature will allow administrators more flexibility in how solutions are applied to some common networking problems.