The Last Networking Guide You'll Ever Need
At some point today, you probably unlocked your phone, sent a message, watched a video, checked your email, ordered food, or scrolled through social media. Each action felt instant. A tap. A click. A swipe.
What you didn't see was the journey that followed.
The moment you pressed that button, information began traveling through an enormous invisible system. Your request left your device, passed through routers, switches, cables, wireless signals, internet providers, data centers, and servers that may have been hundreds or even thousands of kilometers away. Within fractions of a second, a response made the entire trip back to you. The whole process happened so quickly that your brain simply accepted it as normal.
Imagine explaining this to someone from the 1980s. You take a photograph in Kolkata, share it instantly with a friend in New York, and both of you can see it on your screens before either person has time to speak. It sounds less like engineering and more like science fiction. Yet billions of people rely on this capability every day without ever wondering how it works.
Networking is the reason this modern magic exists. It is the invisible infrastructure that allows devices to find one another, exchange information, recover from failures, defend against attacks, and communicate across continents as if they were sitting on the same desk. Every website you visit, every online game you play, every cloud application you use, and every digital service you depend on stands on top of networking.
In this guide, we'll peel back the layers of that invisible world. We'll start with the fundamental problem networking was created to solve and gradually build our understanding of how data moves across the globe. By the end, concepts like packets, protocols, routing, switching, security, and the Internet itself will no longer feel mysterious; they'll feel inevitable.
Network Basics - What is a network?
Core Network Definitions
Computer Network: A collection of computers that share resources (such as files, pictures, or videos) by using common communication protocols over digital interconnections.
Nodes or Hosts: Any end devices connected to a network. This includes PCs, laptops, phones, servers, switches, and routers.
Network Scale: Networks can range from the massive, global internet down to just two devices, such as two laptops connected by an Ethernet cable or two phones sharing an image via AirDrop. Before networks, sharing data required physically transporting media like floppy discs, CDs, or USB drives.
The Client-Server Model
Servers: Devices that provide a service or share a resource. They can be highly powerful machines in data centres (like those for Amazon or YouTube) or simply a personal laptop running server software (like a Plex Media Server).
Clients: Devices that initiate a connection to request a resource, such as a phone streaming a video from a server.
Dual Roles: A device is not locked into one role; a laptop can act as a server to stream local videos while simultaneously acting as a client when browsing the web.
Network Hardware and Connections
Connection Methods: Networks utilise wired connections like copper Ethernet cables (RJ45) or fibre optic cables, as well as wireless methods like Wi-Fi, Bluetooth, and satellite (e.g., Starlink).
Network Interface Card (NIC): The hardware inserted into or built into a device that gives it access to a network. NICs come in various forms, supporting different media and speeds ranging from 1 Gbps copper connections to 25 Gbps fibre connections.
Addressing and Identification
MAC Addresses: A 48-bit hardware address, written in hexadecimal, that is permanently "burned in" to the NIC by the manufacturer. It identifies a device on a local Ethernet or Wi-Fi network, though modern devices sometimes randomise this address for privacy.
IP Addresses: Logical addresses (formatted as either IPv4 or IPv6) used for both local communication and connecting to external networks.
DHCP (Dynamic Host Configuration Protocol): The protocol responsible for automatically allocating an IP address to a device when it joins a network.
DNS (Domain Name System): A protocol that translates human-readable domain names (like google.com) into the numerical IP addresses that computers require to communicate.
Protocols and Ports
Communication Protocols: The rules or "languages" that dictate how network devices communicate. Major examples include IPv4 (the most common addressing protocol), HTTP (used for web traffic), and HTTPS/SSL (used for secure web traffic).
Port Numbers: Numbers that allow a device to listen for specific services alongside an IP address. For a successful connection, a client must target the correct port; for example, standard web servers use port 80 (HTTP) or 443 (HTTPS), while custom software like Plex uses port 32400.
Topologies, Switch, Router
Knowing how data travels is only half the story. To understand a network completely, we need to answer two fundamental questions:
How are these devices physically connected, and
What hardware makes that communication possible?
Network Topologies & Legacy Systems
Physical vs. Logical Topology: The physical topology is how devices are physically cabled together, whereas the logical topology defines how data actually flows through the network.
Bus Networks (10Base5 & 10Base2): Legacy setups where devices were connected to one long continuous cable.
These networks were highly fragile; a single break in the cable or a missing "terminator" at the end of the line would destroy the entire network.
They operated on baseband, meaning only one device could speak at a time; data collisions would occur.
Hubs & The Star Topology
Star Topology: Replaced the bus topology by using UTP (Unshielded Twisted Pair) cabling with RJ45 connectors. Devices connect individually to a central point, meaning a single broken cable only affects one device.
Hubs: Early central devices that physically create a star network but logically operate like a bus network.
They are "dumb" multi-port repeaters that receive traffic on one port and flood it out of all other ports.
Hubs create a single collision domain and a single broadcast domain, meaning all devices share the bandwidth and receive everyone's broadcast messages.
To manage collisions, devices use CSMA/CD (Carrier Sense Multiple Access Collision Detection) to listen before transmitting and back off randomly if a collision occurs.
Unicast / Broadcast / Multicast
Unicast is a form of one-to-one communication where a single device talks directly to another single device. A helpful analogy for a unicast is sending a direct, personal email to just one specific person.
Broadcast is a form of one-to-everyone communication where a message sent by one device is delivered to all other devices on the network. An analogy for a broadcast is sending a mass email to the entire company so that everyone receives it. In certain network setups, such as those connected by a hub, the entire network acts as a single broadcast domain, meaning a broadcast sent by any single computer is forced out to everyone else in the topology.
Multicast is communication targeted to a specific subgroup of people or devices rather than the entire network. You can think of a multicast like an email newsletter subscription; only the individuals who have specifically subscribed to the list will receive the message, while everyone else will not.
Bridges & Switches
Functionality: Unlike hubs, bridges, and switches, which learn the MAC addresses of connected devices and build a MAC address table. They forward traffic only to the specific port where the destination device resides, which reduces collisions and improves bandwidth.
Bridges vs. Switches: Bridges process data using software (CPU) and have very few ports. Switches process data much faster using dedicated hardware called ASICs (Application Specific Integrated Circuits) and provide many ports.
Collision Domains: A switch creates multiple collision domains (one per port) but still operates as a single broadcast domain.
Managed vs. Unmanaged: Unmanaged switches are basic plug-and-play devices. Managed switches are more expensive but allow configuration, such as creating VLANs (Virtual Local Area Networks) to contain broadcasts and improve security.
Routers
Purpose: Routers connect a LAN (Local Area Network) to other networks, such as a WAN (Wide Area Network) or the Internet. They can utilize various connections like 5G, Fiber, ADSL, or Starlink satellites.
Broadcast Control: Importantly, routers stop broadcast traffic. Every routed interface on a router represents a separate broadcast domain and a separate collision domain.
Security Devices
Firewalls: Protect internal networks from bad actors on the internet. They can be standalone devices or built into small home routers. They permit or deny traffic flowing between internal networks and outside connections.
A dedicated firewall can be installed either in front of the router or behind the router, and the primary factor determining this placement is the type of internet connection your network utilises. If you have an Ethernet-based connection, such as fibre, you can place the firewall directly in front of the router by connecting it straight to the ISP's modem. However, if you rely on alternative technologies like ADSL, 5G, or Starlink, the firewall must be placed behind the router; this is because the specific router is required to establish the physical connection to the internet or satellite network before the traffic can be passed to your firewall.
IDS (Intrusion Detection System): Compared to a "small barking dog," an IDS sits out of the direct traffic flow, detects malicious activity, and alerts you, but it cannot stop the attack.
IPS (Intrusion Protection System): Compared to a "large attacking dog," an IPS sits directly in the traffic flow and not only detects attacks but actively blocks and stops them.
Wi-Fi & Access Points (APs)
Purpose: Access points take wireless transmissions from devices (like phones or laptops) and place them onto the wired Ethernet network to reach the internet.
Autonomous APs: "Smart" access points that must be individually configured, typically via a web browser.
Lightweight APs: Used in larger networks, these are managed centrally by a WLC (Wireless LAN Controller) rather than individually. They are typically powered directly by the Ethernet switch using PoE (Power over Ethernet), eliminating the need for separate power cables in the ceiling.
Physical Devices (Labelled)
Routers
Switches
Home Routers
Firewall
Build a Network
Enough theory— let's build a simple one and watch how machines find, reach, and respond to each other. You can use Cisco Packet Tracer for this.
Building a network w/ 2 Devices
Ping a Device/Server from another device to check if it’s connected or not
ping 192.168.1.1
Shows IP address of a device along with/ other infos
ipconfig
ipconfig /all
Building a network w/ a web server
MAC Address: Hardware ID burned into your network card (like a car's VIN number). Purpose: Identifies devices on the same local network (Layer 2). Analogy: Your device's unique fingerprint for local apartment building communication.
IP Address: Network address assigned to your device (like a postal address). Purpose: Routes traffic across the internet/LAN (Layer 3). Analogy: Your house address so the mail knows where to go globally.
Subnet Mask: Defines which part of the IP is the network vs the device (like ZIP code length). Purpose: Group devices into the same local network. Analogy: Tells devices "talk directly if in the same neighbourhood, else ask the router."
Default Gateway: Your router's IP address (like your neighbourhood mailbox). Purpose: Forwards traffic outside your local network to the Internet. Analogy: Post office where local mail becomes national/international.
DNS Server: Translates domain names to IP addresses (like a phone book). Purpose: Converts google.com → 142.250.190.14. Analogy: Directory assistance - you say "pizza place," they give the phone number.
How does a Switch learn MAC addresses? What is a MAC address table?
User Mode (Switch>): Basic monitoring access only. Purpose: View status (show version, ping) - no changes allowed. Analogy: Library guest - can read books, can't check out or damage anything.
Privileged Mode (Switch#): Full admin access (enable command). Purpose: Configuration, debugging, save changes (configure terminal, show running-config). Analogy: Library administrator - can reorganize shelves, add/remove books, and set policies.
Switch between modes:
Switch> **enable** # User → Privileged
Switch# **disable** # Privileged → User
Switch# **configure terminal** # Enter config mode (global configuration mode)
Security: Protect privileged mode with enable password cisco or enable secret cisco(hashed). Essential for production switches.
Shows the MAC address table from the switch of the connected devices, as traffic flows
Switch> show mac address-table
Why is ARP used in networks?
Displays the ARP cache mapping IP addresses to MAC addresses
arp -a
Deletes a specific entry from the ARP cache by IP address
arp -d
MAC Addresses for Local Communication: Technologies like Ethernet and Wi-Fi require MAC addresses, as they are essential for devices to communicate with one another on a local network or subnet.
IP Addresses for Remote Communication: In modern networks, you will constantly see both MAC addresses and IP addresses (either IPv4 or IPv6). While MAC addresses handle the local connections on a switch, IP addresses are typically used to connect to remote networks.
Address Resolution Protocol (ARP)
Because local communication requires a MAC address, devices use ARP to discover and learn the MAC addresses of other devices within their local topology. This protocol functions across both physical Ethernet and Wi-Fi networks.
TCP/IP Model vs OSI Model
Imagine being asked to build an entire city by yourself.
You would need to design roads, construct buildings, install electricity, manage water supply, create traffic systems, and coordinate public services. The project would quickly become impossible because there are simply too many responsibilities.
Instead, cities are built by dividing the work among specialists. Architects focus on design, civil engineers build infrastructure, electricians handle power systems, and planners coordinate transportation. By separating responsibilities, complexity becomes manageable.
Networking faces the same challenge. Sending a simple message across the Internet involves dozens of different tasks happening simultaneously. Rather than treating networking as one giant problem, engineers split it into layers, each with a specific responsibility. The result was the creation of networking models such as OSI and TCP/IP.
Why Models and the need for standardisation?
Network models are essential for standardisation and interoperability. Before these models, vendors created proprietary systems and cables that could not communicate with one another. By establishing standardised rules, models ensure that hardware and protocols from different manufacturers can seamlessly connect and work together without requiring separate networks. Additionally, the layered approach splits network responsibilities, allowing different developers and engineers to focus on specific tasks—such as manufacturing physical cables, configuring routers, or writing application software—without needing to build the entire system from scratch.
OSI Model- layers
The OSI (Open Systems Interconnection) model is a seven-layer framework created by the International Organisation for Standardisation (ISO) to ensure standardisation and interoperability across different networking vendors. It was developed to stop manufacturers from creating proprietary, incompatible systems.
By utilising a layered approach, the model splits network responsibilities, allowing standard hardware, interfaces, and protocols to communicate seamlessly together regardless of who manufactured them.
The TCP/IP model is the practical standard that "won" and is what we actually use to build and run modern real-world networks (like the internet), whereas the OSI model is largely used as a theoretical reference point.
Here are the primary differences and how they compare:
Number of Layers: The OSI model is a strict seven-layer framework consisting of Physical, Data Link, Network, Transport, Session, Presentation, and Application layers. The modern hybrid TCP/IP model consists of just five layers: Physical, Data Link, Network, Transport, and Application.
Layer Consolidation: The TCP/IP model takes the top three layers of the OSI model (Session, Presentation, and Application) and combines them into a single Application layer.
Source- Internet Protocol Suite, Wikipedia
TCP/IP Model- layers
Protocol: A set of rules or procedures that govern how tasks, communication, or interactions are conducted in a specific context.
The OSI and TCP/IP models are ultimately just theoretical frameworks, much like how a model of a house is not exactly the same as the physical house built from it. Because they are just models, there will naturally be variations when it comes to real-world physical implementations.
The primary reason protocols do not always fit neatly into specific layers is that application developers may choose not to follow the established rules or conventions, leading them to place their protocols in "weird places" rather than strictly adhering to the model.
Therefore, network engineers are advised not to get too hung up on trying to force every protocol perfectly into a specific layer or arguing over exact placements, as the real world is often messier than the theoretical models suggest.
TCP/IP Model Functions
5-7 Application: Represents data users, encodes and controls the dialog.
—> Deals w/ application like HTTP, FTP etc.
4 Transport: Supports communication between end devices across a diverse network
—> TCP or UDP
3 Network: Provides logical addressing and determines the best path through the network
—> Deals w/ IP address
2 Data Link: Manages physical addressing (MAC), framing, and error correction between directly connected devices.
—> Deals w/ MAC address
1 Physical: Transmits raw bitstream as electrical, optical or radio signals over physical media like cables or wireless.
—> Deals w/ Bits
TCP/IP Model: Where are the devices and protocols?
Network Devices by Layer
Layer 1 (Physical Layer): This layer is home to "dumb" devices like hubs and repeaters. Because they do not understand the data they receive, they operate as multiport repeaters that simply flood incoming traffic out of all other ports. At this layer, data is transmitted as bits (ones and zeros represented by electrical signals or flashes of light).
Layer 2 (Data Link Layer): Bridges and switches reside here. Unlike hubs, switches are intelligent devices that use MAC address tables to forward traffic, specifically from one port to another. Switches can be "unmanaged" (basic plug-and-play) or "managed" (allowing for configuration via a console port). Data at this layer is packaged into frames.
Layer 3 (Network Layer): Routers operate at this layer, utilizing IP addresses (IPv4 or IPv6) to route traffic from one distinct network to another, such as connecting a local Ethernet network to a 5G or Starlink satellite connection. Data at this layer is formatted as packets.
In modern networking, device roles often overlap:
Multi-layer (Layer 3) Switches: While pure Layer 2 switches only understand MAC addresses, "Layer 3 switches" combine routing and switching capabilities. They maintain MAC address tables but can also use IP addresses and routing protocols (like OSPF or EIGRP) to route traffic between different Subnets or Virtual LANs (VLANs).
Routers with Switch Ports: Conversely, many modern routers come with built-in switch ports, allowing them to switch traffic locally using MAC addresses while still routing outbound traffic using IP addresses.
Protocol Data Units (PDUs) and Breaking Down Data
When sending large files (like a 2GB movie), the data must be broken down into smaller pieces to be transmitted across the network, largely dictated by a network's Maximum Transmission Unit (MTU), such as Ethernet's 1500-byte frame limit. The terminology for these pieces—known as Protocol Data Units (PDUs)—changes depending on the layer:
Layer 5-7 (Application Layer - HTTP, FTP): Data
Layer 4 (Transport Layer - TCP, UDP): Segments
Layer 3 (Network Layer - IP): Packets
Layer 2 (Data Link Layer - MAC): Frames
Layer 1 (Physical Layer): Bits
Encapsulation and Horizontal Communication
As data is prepared for transmission by the sender, it moves down through the layers in a process called encapsulation, where headers are continually added at each step. Once the zeros and ones cross the physical wire and reach the destination, the receiving device de-encapsulates the data by stripping those headers as it moves back up the layers. Because of this structured process, each layer effectively communicates "horizontally" with its equivalent layer on the remote device (e.g., HTTP talks to HTTP, and TCP talks to TCP).
TCP/IP Model: PDUs and Encapsulation & Decapsulation
Protocol Data Units (PDUs) and Encapsulation
When an application wants to send data across a network, the data must move down the networking model in a process called encapsulation, where it is broken into smaller pieces and specific headers are added at each layer.
At Layer 4 (Transport), a header (such as TCP or UDP) is added to the user data to create segments.
At Layer 3 (Network), an IP header (like IPv4 or IPv6) is added to the segment to create packets.
At Layer 2 (Data Link), a header (such as Ethernet) and a frame check sequence are added to the packet to create frames. The frame check sequence ensures the data hasn't been corrupted in transit.
At Layer 1 (Physical), the frame is finally transmitted by the Network Interface Card (NIC) as bits (ones and zeros) across the physical medium using light pulses, electrical signals, or wireless electromagnetic signals.
De-encapsulation on the Receiving End
When the receiving device gets the bits, it works in reverse—moving up the layers and stripping off headers in a process called de-encapsulation.
The Network Interface Card (NIC) receives the bits, reads the destination MAC address in the Layer 2 header, and if the frame is destined for that local device, it strips off the Layer 2 header.
The remaining packet is sent to Layer 3, which checks if the destination IP address is for the local computer, strips the Layer 3 header, and passes the segment up.
Finally, Layer 4 reads and strips its header, delivering the raw user data directly to the receiving application.
How Layers Identify Protocols and Applications
For data to successfully move up the layers during de-encapsulation, each layer uses a specific identifier to tell the next layer above it who should process the data:
Layer 2 uses a type field (or type number) in the Ethernet frame to determine which Layer 3 protocol the data is destined for, such as IPv4 or IPv6.
Layer 3 uses a protocol number to specify whether the data should be sent to TCP or UDP at Layer 4.
Layer 4 uses a port number to identify the exact application listening for the data. Common well-known port numbers include port 80 for HTTP, port 443 for HTTPS, port 22 for SSH, and port 23 for Telnet.
Application Protocol Agreement
For communication to be successful, both the sending and receiving devices must use the exact same application protocol. For example, a web browser sending data via HTTP must communicate with a receiving application that also speaks HTTP, as trying to mix different protocols (like HTTP and Telnet) is like speaking two different languages.
IP Address and Subnetting (In Detail)
Now our devices can talk. Great.
But there's one small problem: how do they know who they're talking to?
Just like every house needs an address and every neighborhood needs boundaries, every device on a network needs an IP address, and every network needs a way to stay organized. That's exactly what IP addressing and subnetting help us achieve.
IP Addressing
Binary Basics
While humans naturally use decimal numbers (base 10, relying on powers of 10), computers communicate using binary numbers (base 2), which consist entirely of 0s and 1s. In networking, IP addresses are built on these binary numbers, where a group of 8 bits is called an octet or byte. Because an octet contains 8 bits, it can generate 256 different combinations (28), meaning its decimal equivalent ranges from a minimum of 0 to a maximum of 255.
1 Byte = 8 Bits —> Octet
Where,
In Decimal Number System —→. Works on Power of 10
In Binary Number System —→. Works on Power of 2
IPv4 Structure
An IPv4 address is a 32-bit logical address that operates at the network layer to give every connected device a unique identity. It is typically displayed in a human-readable dotted-decimal format composed of four 8-bit octets separated by dots.
Crucially, every IP address is divided into two parts: the Network ID, which identifies the broader network, and the Host ID, which identifies the specific device residing on that network.
To determine how many bits of an IP address belong to the Network ID versus the Host ID, IPv4 is divided into specific classes:
Class A: Spans the range of 1 to 126. It dedicates the first octet to the network and the remaining three octets to the hosts, allowing for a massive 16 million hosts per network (ideal for giant organizations). The 127 range is specifically reserved for loopback testing (like
localhost).Class B: Spans the range of 128 to 191. It splits the address evenly, using two octets for the network and two for the hosts, yielding around 65,000 hosts.
Class C: Spans the range of 192 to 223. It dedicates three octets to the network and only one to the host portion, limiting each network to 254 usable hosts.
Class D and Class E are specifically reserved for multicast and experimental work. Because of these highly specialised use cases, their exact IP ranges are not discussed in detail in the provided material. However, the technical rule for identifying a Class D address is that its first three bits are always set to
1and the fourth bit is set to0.
Public vs Private IP
Public IPs: These are globally unique addresses required to identify a device directly over the public internet.
Private IPs: These addresses are reserved strictly for local area networks (LANs) and internal organisational use. Because they are not routable on the public internet, multiple organisations can safely reuse the exact same private IP ranges internally without causing conflicts.
IPv4 vs IPv6
| Feature | IPv4 | IPv6 |
|---|---|---|
| Address Size | 32-bit (4.3B addresses) 192.168.1.1 |
128-bit (340 undecillion) 2001:db8::1 |
| Format | Decimal (dotted quad) | Hexadecimal (colon-separated) |
| Address Exhaustion | Exhausted (NAT workaround) | Unlimited (no NAT needed) |
| Header | Variable (20-60 bytes, complex) | Fixed (40 bytes, simpler/faster) |
| Security | Optional (IPsec add-on) | Built-in IPsec mandatory |
| Broadcast | Yes (floods network) | No (multicast/anycast) |
| Configuration | DHCP/manual | SLAAC (auto-config) + DHCPv6 |
| Fragmentation | Routers fragment | Source only (faster routing) |
The legacy IPv4 protocol relies on a 32-bit structure, which caps out at a maximum of about 4 billion unique addresses. Because of the explosion of internet-connected devices, this pool of addresses is running out. To solve this exhaustion, IPv6 was introduced. It utilises a 128-bit structure, offering a nearly infinite number of unique IP addresses. However, the total transition to IPv6 has been slow because advancements in network design (like subnetting) have successfully prolonged the lifespan of existing IPv4 networks.
Subnetting
Based on your need, you decide whether you need a Class A, Class B or Class C IP address range.
The practice of dividing a network into two or more networks is called subnetting.
Subnetting Real-world Examples
Example- 1:
Think of subnetting like managing a long-distance train with 100 seats. The train starts full, but halfway through the journey, 50 passengers get off. If the remaining passengers stay spread out, many coaches run half-empty, wasting space. Instead, the railway staff reorganizes everyone into a few coaches, filling them properly and leaving the unused ones empty.
Subnetting works the same way in networking: instead of leaving a large block of IP addresses underused, the network is divided into smaller, well-sized sub-networks so resources are efficiently utilized. This avoids wasting IP addresses and improves network performance.
Example- 2:
Think of subnetting like organising a large office building.
You have one building with 500 employees (a large IP network), but they belong to different departments—engineering, marketing, HR, etc. Instead of letting everyone sit randomly across all floors (wasting space and creating chaos), you divide the building into dedicated sections or floors for each department (subnets). Each section has a fixed number of desks (IP addresses), just enough for that team.
Now:
Each department communicates internally faster (less unnecessary traffic).
Security and management improve (you can control access per department).
No desks are wasted like empty seats in random areas.
In networking terms, subnetting splits one large network into smaller, more efficient segments so IPs, traffic, and control are better organized and not wasted.
Subnetting Fundamentals
What is Subnetting and Why is it Used?
At its core, subnetting is the practice of dividing a single large network into multiple smaller sub-networks, or "subnets". If a network administrator assigns a massive block of IP addresses to a location that only needs a few devices, the unused IP addresses are wasted. Subnetting solves this by reallocating those unused addresses, which helps prevent IP wastage and utilizes network bandwidth much more intelligently.
Reason For Subnetting
Maintenance of a very big network, like class A and class B, is very difficult for network administration. Like how India is divided into states and further into districts.
Having all the computers from different departments in a company on the same network is less secure from a company perspective. Basically, security.
So, if an organisation was granted a large block in class A or B, it could divide the addresses into several contiguous groups and assign each group to smaller networks(called subnets) or, in rare cases, share part of the address with neighbours.
Advantages vs Disadvantages of Subnetting
Advantages
It improves the security
The maintenance and administration of subnets is easy
Disadvantages
Identification of a station is difficult
Not possible to redirect the broadcast from outside the network
Types of Subnetting
Subnets can be of two types:
1. Fixed Length Subnetting— (FLSM)
In this method, a network is divided into strictly equal-sized parts. Every sub-network created through this approach will have the exact same subnet length and an identical number of allocated IP addresses.
- How it works: If you take a standard network block that contains 256 total addresses, you must divide it symmetrically. For instance, you could split it into two equal subnets containing 128 addresses each, or four equal subnets containing 64 addresses each.
2. Variable Length Subnetting— (VLSM)
Unlike the fixed method, variable length subnetting allows administrators to create subnets of different sizes from the same parent network. This means some sub-networks can be intentionally designed to be large, while others are kept small to match specific requirements.
- How it works: Instead of enforcing equal divisions, you can allocate IP addresses based on the exact proportions needed. For example, if you need to create three subnets from a pool of 256 addresses, you can assign 50% of the addresses (128 IPs) to the first, largest subnet, and then split the remaining 50% equally between the other two subnets, giving them 25% (64 IPs) each.
Subnetting of IPv4 Address
Q. Consider the network with IP address 200.1.2.0. Divide this network into two subnets.
# 1st Subnet
- IP address/subnet ID = **200.1.2.0**
- Direct broadcast address = **200.1.2.127**
- Total number of IP addresses = **2^7 = 128**
- Range of IP addresses = **200.1.2.0 to 200.1.2.127**
- Total usable hosts = **128 - 2 = 126**
- Allocated host range = **200.1.2.1 to 200.1.2.126**
# 2nd Subnet
- IP address/subnet ID = **200.1.2.128**
- Direct broadcast address = **200.1.2.255**
- Total number of IP addresses = **2^7 = 128**
- Range of IP addresses = **200.1.2.128 to 200.1.2.255**
- Total usable hosts = **128 - 2 = 126**
- Allocated host range = **200.1.2.129 to 200.1.2.254**
Similarly, what if we divide the single network into 4 subnets??
The process remains the same. Do give it a try :)
How Subnetting Works: Borrowing Bits
Every IPv4 address is divided into a network portion and a host portion. Subnetting works by taking an existing IP address class (like Class C) and "borrowing" bits from the host portion (reading left to right) and dedicating them to the network portion.
To track this, administrators use two main tools:
Subnet Masks: A series of numbers that define exactly how many bits belong to the network and how many belong to the hosts. For example, a default Class C network has a subnet mask of 255.255.255.0, meaning the first 24 bits are for the network. If you borrow bits for subnetting, this mask will change (e.g., to 255.255.255.192).
CIDR / Slash Notation: This is a shorthand way to write the subnet mask. Instead of writing out the full mask, you simply write a slash followed by the total number of network bits. For example, if you take a default Class C network (24 network bits) and borrow 3 bits from the host portion, your new notation is /27.
Role of the subnet mask along with IP address(V. Imp)
In subnetting, the problem is how to identify which subnet an incoming packet from outside the network should be delivered to. To solve this, we use the subnet mask.
A subnet mask is a 32-bit number made of a sequence of 1s followed by a sequence of 0s:
1s represent the Network ID part along with the Subnet ID.
0s represent the Host ID part.
Default subnet masks for different IP classes are:
Class A =
255.0.0.0Class B =
255.255.0.0Class C =
255.255.255.0
Networks of the same size always have the same subnet mask.
The primary importance of a subnet mask is to explicitly define the boundary between the Network ID and the Host ID, which becomes obscured once a network is subnetted.
In traditional "classful" IP addressing, this boundary is automatically known. For instance, a standard Class C address automatically defaults to dedicating 24 bits to the network and 8 bits to the hosts. However, once you perform subnetting and borrow bits from the host portion to create smaller sub-networks, it creates confusion because it is no longer obvious how many bits are dedicated to the new network (e.g., whether the network now uses 25 bits, 26 bits, or has been divided into 4 or 8 parts).
The subnet mask solves this confusion by explicitly stating the exact length of the new Network ID and Host ID. It achieves this by using a straightforward binary rule: it assigns a 1 for every bit that belongs to the network portion, and a 0 for every bit that belongs to the host portion.
Because writing out a long sequence of 32 ones and zeros is highly cumbersome, this binary mask is converted into an easy-to-read dotted-decimal notation. For example, a default Class C network mask is written as 255.255.255.0. If you borrow one bit for subnetting (making it 25 network bits and 7 host bits), the subnet mask changes to 255.255.255.128. By always providing this subnet mask alongside the IP address, you ensure that any network administrator or routing device instantly understands exactly how the network has been structured and divided.
IPv4 Normal(Dotted Decimal Notation) vs CIDR Notation
| Aspect | Normal Notation | CIDR Notation |
|---|---|---|
| Format | 192.168.1.0 + 255.255.255.0 |
192.168.1.0/24 |
| Example | IP: 192.168.1.10Mask: 255.255.255.0 |
192.168.1.10/24 |
| Network | 192.168.1.0 - 192.168.1.255 |
Same range |
| Hosts | 254 usable | Same count |
| Usage | Old classful (A/B/C) | Modern, precise |
From CIDR notation 192.168.1.0/24, You can identify:
Network Address:
192.168.1.0(fixed prefix)Subnet Mask:
/24=255.255.255.0Total Addresses: 256 (
2^(32-24))Usable Hosts: 254 (256 - network - broadcast)
Broadcast Address:
192.168.1.255Host Range:
192.168.1.1 - 192.168.1.254Network Size/Class:
/24= small LAN (typical home/office)
Quick Math:
CIDR /n → Hosts = 2^(32-n) - 2
/24 → 2^8 = 256 total, 254 usable
/23 → 2^9 = 512 total, 510 usable
Your network: 10.0.0.0/24 = 254 devices max per subnet. Need more? Use /23.
The Anatomy of a Subnet
Whenever you create a new subnet, it will always be defined by three critical components:
Network ID: This is always the very first IP address in the subnet range. It cannot be assigned to a computer; it is strictly used by routing devices to identify the network itself. It is calculated by performing a binary "logical AND operation" between the IP address and the subnet mask.
Broadcast ID: This is always the very last IP address in the subnet range. It is used when a device needs to send a broadcast message to every single host within that specific network.
Usable Hosts: These are all the IP addresses sandwiched between the Network ID and the Broadcast ID. These are the actual, valid IP addresses you can assign to devices like laptops, phones, and servers.
The Golden Formulas for Subnetting
To quickly calculate how many subnets and hosts you can create, you must use the power of 2.
Calculating Total Subnets: Use the formula 2n, where n is the number of bits you borrowed for the network. (For example, if you borrow 2 bits, 22 = 4 possible subnets).
Calculating Usable Hosts: Use the formula 2n−2, where n is the number of bits remaining in the host portion. You must always subtract 2 from the total because the Network ID and Broadcast ID are reserved and cannot be assigned to individual devices.
Networking is one of those subjects where the deeper you go, the more there is to discover. We haven't covered everything—and honestly, nobody ever truly does. There's always another protocol, another architecture, or another layer of complexity waiting beneath the surface.
But if you've read all the way to this point, pat yourself on the back. You've already built a stronger understanding of networking than most people who use the Internet every day. More importantly, you've developed the mental models needed to understand how computers communicate, how data travels, and why the Internet works the way it does.
And that's a pretty good place to start. Thanks for reading :)
