23 Subnetting and CIDR for IoT Networks

Key Concepts

Subnet: A logical subdivision of an IP network, identified by a network address and prefix length
Prefix Length: The number of bits in the network portion of an IP address (e.g., /24 means 24 bits for network, 8 bits for hosts)
VLSM (Variable Length Subnet Masking): Allocating subnets of different sizes to match the number of hosts in each network segment
Subnetting Calculation: Given a network and required subnets/hosts, determining prefix lengths, network addresses, broadcast addresses, and usable host ranges
Supernetting (Route Aggregation): Combining multiple contiguous subnets into a single summary route to reduce routing table size
Host Count Formula: Usable hosts per subnet = 2^(host bits) − 2 (subtract network and broadcast addresses)
Subnet Zero: The first subnet in a subnetted network, formerly discouraged but now acceptable; contains the network address of the major network

23.1 In 60 Seconds

A subnet mask splits an IP address into a network portion (identifying the segment) and a host portion (identifying individual devices), enabling you to divide large networks into isolated segments. For IoT deployments, plan /24 subnets (254 hosts each) per floor, building, or sensor type, and always include a 30% growth buffer for future device additions.

23.2 Learning Objectives

By the end of this chapter, you will be able to:

Interpret subnet masks: Convert between dotted-decimal and CIDR notation
Calculate network addresses: Use binary AND operations to determine network boundaries
Apply CIDR notation: Calculate host counts from prefix lengths
Design IoT subnets: Plan network segmentation for security and management
Implement VLSM: Allocate variable-sized subnets for efficient address utilization

MVU: Minimum Viable Understanding

Core concept: A subnet mask divides an IP address into network portion (identifies the segment) and host portion (identifies devices within that segment).

Why it matters: Subnetting enables security isolation, broadcast control, and logical organization of thousands of IoT devices.

Key takeaway: Plan /24 subnets (254 hosts) per floor, building, or sensor type - always include 30% growth buffer.

23.3 Prerequisites

Before diving into this chapter, you should be familiar with:

IPv4 Addressing Fundamentals: Understanding of 32-bit address structure and binary representation
Networking Basics: Foundation in networking concepts

For Beginners: What is Subnetting?

Subnetting is dividing a large network into smaller segments. Think of it like organizing a company: instead of one huge department with 10,000 employees, you create smaller teams (engineering, sales, HR).

Each subnet gets a range of IP addresses. For example, 192.168.1.0/24 gives you 254 usable addresses (192.168.1.1 through 192.168.1.254), perfect for a small office or building floor.

Why subnet?

Security: Isolate cameras from HVAC from sensors
Performance: Reduce broadcast traffic in each segment
Management: “All cameras are in 192.168.10.x” simplifies troubleshooting

Term	Simple Explanation
Subnet Mask	Defines which part of IP is network vs device (255.255.255.0)
CIDR Notation	Slash notation for subnet size (/24 = 255.255.255.0)
Network Address	First address in subnet, identifies the segment
Broadcast Address	Last address in subnet, reaches all hosts

Sensor Squad: Dividing the Neighborhood!

“We have 1,000 sensors in this building, and they are all on one big network,” sighed Sammy the Sensor. “When anyone sends a broadcast, ALL of us have to listen. It is so noisy!” Max the Microcontroller had a plan. “Time for subnetting! We are going to divide this big network into smaller neighborhoods.”

“A subnet mask is like a fence between neighborhoods,” Lila the LED explained. “The mask 255.255.255.0 – or /24 in CIDR notation – means the first three numbers are the street name and the last number is the house. So 192.168.1.x is one neighborhood with 254 houses, and 192.168.2.x is another.”

“We will put all temperature sensors on 192.168.1.0/24, motion detectors on 192.168.2.0/24, and cameras on 192.168.3.0/24,” said Max. “Now broadcasts stay within each neighborhood instead of flooding the entire building.”

Bella the Battery was thrilled. “Fewer broadcasts means less radio noise, which means I waste less energy listening to messages that are not even for me. Plus, if a hacker gets into the camera network, they cannot easily reach the temperature sensors – the subnets create security boundaries. Always plan with a 30% buffer for future growth!”

23.4 Understanding Subnet Masks

A subnet mask determines which portion of an IP address represents the network and which represents the host. The mask is a 32-bit number where consecutive 1s represent the network portion, and 0s represent the host portion.

Subnet mask diagram showing how 192.168.10.45/24 is divided into network portion (192.168.10, 24 bits of 1s) and host portion (45, 8 bits of 0s), with corresponding subnet mask 255.255.255.0 — Figure 23.1: Subnet mask 255.255.255.0 dividing IP into network and host portions

Alternative View: IoT Subnet Planning by Device Count

This variant shows subnet selection based on actual IoT deployment needs:

Subnet selection chart showing recommended CIDR prefix sizes for different IoT deployment scales, from /28 for small clusters up to /22 for large campus deployments

Subnet size selection guide based on IoT device count

Planning tip: Always allocate at least 30% more addresses than current needs to accommodate growth. A home with 20 sensors (26 with 30% buffer) should use /27 (30 hosts), not /28 (14 hosts, which does not fit).

Alternative View: Subnet Mask Binary Visualization

This variant shows how the binary mask pattern determines network/host division:

Binary visualization of 255.255.255.0 subnet mask showing 24 network bits as 1s (11111111.11111111.11111111) followed by 8 host bits as 0s (00000000), illustrating network/host boundary

Binary representation of a /24 subnet mask showing the 24 consecutive 1-bits and 8 zero-bits

Each borrowed bit doubles the number of subnets but halves the hosts per subnet.

Common Subnet Masks:

CIDR	Subnet Mask	Binary	Network Bits	Host Bits	Total Hosts	Usable Hosts
/8	255.0.0.0	11111111.00000000…	8	24	16,777,216	16,777,214
/16	255.255.0.0	11111111.11111111.0…	16	16	65,536	65,534
/24	255.255.255.0	11111111.11111111.11111111.0	24	8	256	254
/25	255.255.255.128	…11111111.10000000	25	7	128	126
/26	255.255.255.192	…11111111.11000000	26	6	64	62
/27	255.255.255.224	…11111111.11100000	27	5	32	30
/28	255.255.255.240	…11111111.11110000	28	4	16	14
/29	255.255.255.248	…11111111.11111000	29	3	8	6
/30	255.255.255.252	…11111111.11111100	30	2	4	2

Why “Usable Hosts” is Less Than Total

Two addresses in each subnet are reserved: - Network address (all host bits = 0): Identifies the subnet itself (e.g., 192.168.1.0) - Broadcast address (all host bits = 1): Sends to all hosts on subnet (e.g., 192.168.1.255 for /24)

A /24 subnet has 256 total addresses, but only 254 are assignable to devices.

23.5 Calculating Network and Broadcast Addresses

Example: 192.168.10.45/26

Step 1: Convert subnet mask to binary - /26 = 255.255.255.192 = 11111111.11111111.11111111.11000000

Step 2: Calculate network address (AND operation)

Value	First Octet	Second Octet	Third Octet	Last Octet
IP address	192	168	10	00101101 (45)
Subnet mask	255	255	255	11000000 (192)
Network result	192	168	10	00000000 (0)

Network Address: 192.168.10.0

Step 3: Calculate broadcast address (set all host bits to 1)

A /26 has 6 host bits. The network address last octet in binary is 00000000. Setting all 6 host bits (rightmost) to 1: 00111111 = 63.

Address Type	Last-Octet Pattern	Result
Network	`00\|000000` where `\|` marks the network/host boundary	192.168.10.0
Broadcast	`00\|111111` with all host bits set to 1	192.168.10.63

Step 4: Determine usable range - First usable host: 192.168.10.1 - Last usable host: 192.168.10.62 - Total usable hosts: 62 (2^6 - 2 = 64 - 2)

23.6 CIDR Notation and Classless Addressing

CIDR (Classless Inter-Domain Routing) replaced the rigid class-based system with flexible prefix lengths, enabling efficient address allocation.

CIDR Format: network-address/prefix-length - Example: 192.168.1.0/24 - /24 means “first 24 bits are network, remaining 8 bits are host”

CIDR notation examples showing different prefix lengths: /24 (254 hosts, small), /26 (62 hosts, smaller), /22 (1022 hosts, large), and /30 (2 hosts, point-to-point) — Figure 23.2: CIDR prefix lengths from /24 to /30 with host counts and use cases

23.6.1 CIDR Calculation Formula

Number of addresses = 2^(32 - prefix length)

Examples:

/24: 2^(32-24) = 2^8 = 256 addresses
/26: 2^(32-26) = 2^6 = 64 addresses
/30: 2^(32-30) = 2^2 = 4 addresses (2 usable, for point-to-point links)

Putting Numbers to It

Subnet sizing follows the power-of-2 formula. For a /24 subnet (common for IoT deployments):

\[\text{Total addresses} = 2^{32-24} = 2^8 = 256\] \[\text{Usable addresses} = 256 - 2 = 254\]

The “minus 2” accounts for network (.0) and broadcast (.255) addresses.

For a building with 180 sensors needing 30% growth buffer: \[\text{Required} = 180 \times 1.3 = 234 \text{ devices}\]

Checking /24: $256 - 2 = 254$ usable ✓ (fits with 20 addresses spare)

But if infrastructure uses 40 IPs (gateway, DHCP, switches, cameras): \[\text{Available for sensors} = 254 - 40 = 214\]

This fails! Need /23 instead: \[2^{32-23} = 2^9 = 512 - 2 = 510 \text{ usable}\] \[510 - 40 = 470 \text{ available} \gg 234 \text{ needed}\]

The math shows why subnet planning must account for all infrastructure, not just endpoint devices.

Try It: CIDR Subnet Calculator

Show code

{
  const totalAddresses = Math.pow(2, 32 - prefix);
  const usableHosts = totalAddresses - 2;
  const hostBits = 32 - prefix;
  const networkBits = prefix;
  const lastOctetMask = prefix >= 24 ? 256 - Math.pow(2, 32 - prefix) : 255;
  let subnetMask;
  if (prefix <= 8) subnetMask = `${256 - Math.pow(2, 8 - prefix)}.0.0.0`;
  else if (prefix <= 16) subnetMask = `255.${256 - Math.pow(2, 16 - prefix)}.0.0`;
  else if (prefix <= 24) subnetMask = `255.255.${256 - Math.pow(2, 24 - prefix)}.0`;
  else subnetMask = `255.255.255.${256 - Math.pow(2, 32 - prefix)}`;

  let useCase;
  if (prefix <= 20) useCase = "Large campus / enterprise deployment";
  else if (prefix === 21) useCase = "Very large building complex";
  else if (prefix === 22) useCase = "Large campus, industrial facility";
  else if (prefix === 23) useCase = "Multi-building campus segment";
  else if (prefix === 24) useCase = "Typical building network (standard IoT choice)";
  else if (prefix === 25) useCase = "Large floor or small building";
  else if (prefix === 26) useCase = "Medium floor / lab environment";
  else if (prefix === 27) useCase = "Single floor sensors and actuators";
  else if (prefix === 28) useCase = "Small room automation (lighting, HVAC)";
  else if (prefix === 29) useCase = "Very small sensor cluster";
  else useCase = "Point-to-point link (gateway to gateway)";

  return html`<div style="background:#f8f9fa;border-left:4px solid #16A085;padding:1rem;border-radius:4px;font-family:Arial,sans-serif">
    <table style="width:100%;border-collapse:collapse">
      <tr><td style="padding:4px 8px;color:#7F8C8D;width:50%">Subnet Mask:</td><td style="padding:4px 8px;font-weight:bold;font-family:monospace">${subnetMask}</td></tr>
      <tr style="background:#fff"><td style="padding:4px 8px;color:#7F8C8D">Network Bits:</td><td style="padding:4px 8px;font-weight:bold">${networkBits}</td></tr>
      <tr><td style="padding:4px 8px;color:#7F8C8D">Host Bits:</td><td style="padding:4px 8px;font-weight:bold">${hostBits}</td></tr>
      <tr style="background:#fff"><td style="padding:4px 8px;color:#7F8C8D">Total Addresses:</td><td style="padding:4px 8px;font-weight:bold">${totalAddresses.toLocaleString()} (2^${hostBits})</td></tr>
      <tr><td style="padding:4px 8px;color:#7F8C8D">Usable Hosts:</td><td style="padding:4px 8px;font-weight:bold;color:#16A085">${usableHosts.toLocaleString()}</td></tr>
      <tr style="background:#fff"><td style="padding:4px 8px;color:#7F8C8D">Typical Use:</td><td style="padding:4px 8px;font-style:italic">${useCase}</td></tr>
    </table>
  </div>`;
}

23.6.2 Quick Reference: Common IoT Subnet Sizes

Prefix	Hosts	Usable	Typical IoT Use Case
/30	4	2	Point-to-point links (gateway to gateway)
/29	8	6	Very small sensor clusters
/28	16	14	Small room automation (lighting, HVAC)
/27	32	30	Single floor sensors and actuators
/26	64	62	Medium building floor, lab environment
/25	128	126	Large floor, small building
/24	256	254	Typical building network, standard choice
/23	512	510	Multi-building campus segment
/22	1024	1022	Large campus, industrial facility
/20	4096	4094	Smart city district

23.7 Subnetting for IoT Networks

23.7.1 Why Subnet IoT Deployments?

1. Security Isolation

Separate IoT devices from corporate networks
Contain breaches (compromised camera can’t access HR data)
Apply different firewall rules per device type

2. Broadcast Domain Management

IoT devices often use mDNS, DHCP broadcasts
Large broadcast domains degrade performance
Subnetting reduces broadcast traffic

3. Logical Organization

Group devices by function, floor, building, or security level
Simplifies troubleshooting (“all cameras are in 192.168.10.x”)
Enables targeted firmware updates

4. QoS and Traffic Prioritization

Route critical sensor data (fire alarms) through priority paths
Throttle non-critical traffic (environmental sensors)

5. Scalability

Plan for growth (reserve address space for future devices)
Hierarchical addressing supports large deployments

23.7.2 IoT Subnetting Design Principles

IoT subnetting design showing smart building network divided by device type: cameras (/24, 254 hosts), sensors (/23, 510 hosts), lighting (/22, 1022 hosts), access control (/25, 126 hosts), and infrastructure (/28, 14 hosts) — Figure 23.3: Smart building IoT subnets organized by device type with appropriate sizes

Design Checklist:

Inventory all device types and quantities
Add 20-30% buffer for growth
Choose subnet sizes that accommodate growth
Reserve subnets for future expansion
Document IP ranges in network diagram
Plan for DHCP ranges vs static assignments
Consider VLAN tagging if using managed switches

Try It: IoT Subnet Size Planner

Show code

viewof deviceCount = Inputs.range([1, 2000], {value: 50, step: 1, label: "Number of IoT devices:"})
viewof growthBuffer = Inputs.range([0, 50], {value: 30, step: 5, label: "Growth buffer (%):"})
viewof infraDevices = Inputs.range([0, 50], {value: 5, step: 1, label: "Infrastructure devices (gateway, DHCP, DNS, APs):"})

Show code

{
  const withGrowth = Math.ceil(deviceCount * (1 + growthBuffer / 100));
  const totalNeeded = withGrowth + infraDevices;

  // Find the smallest subnet (highest prefix /30→/8) that still has enough usable hosts.
  // Search downward from /30; first p where usable >= totalNeeded is the tightest fitting subnet.
  let bestPrefix = 8; // fallback: /8 always fits
  for (let p = 30; p >= 8; p--) {
    const usable = Math.pow(2, 32 - p) - 2;
    if (usable >= totalNeeded) {
      bestPrefix = p;
      break;
    }
  }

  const totalAddresses = Math.pow(2, 32 - bestPrefix);
  const usableHosts = totalAddresses - 2;
  const utilization = Math.round((totalNeeded / usableHosts) * 100);
  const headroom = usableHosts - totalNeeded;

  let statusColor = utilization > 80 ? "#E74C3C" : utilization > 60 ? "#E67E22" : "#16A085";
  let statusMsg = utilization > 80 ? "Warning: high utilization — consider next larger subnet" :
                  utilization > 60 ? "Caution: moderate utilization" : "Good: comfortable headroom";

  return html`<div style="background:#f8f9fa;border-left:4px solid #16A085;padding:1rem;border-radius:4px;font-family:Arial,sans-serif">
    <p style="margin:0 0 8px;color:#2C3E50"><strong>Planning Summary</strong></p>
    <table style="width:100%;border-collapse:collapse;font-size:0.95em">
      <tr><td style="padding:3px 8px;color:#7F8C8D">Devices with ${growthBuffer}% growth:</td><td style="padding:3px 8px;font-weight:bold">${withGrowth}</td></tr>
      <tr style="background:#fff"><td style="padding:3px 8px;color:#7F8C8D">Infrastructure devices:</td><td style="padding:3px 8px;font-weight:bold">${infraDevices}</td></tr>
      <tr><td style="padding:3px 8px;color:#7F8C8D">Total IPs needed:</td><td style="padding:3px 8px;font-weight:bold">${totalNeeded}</td></tr>
      <tr style="background:#fff"><td style="padding:3px 8px;color:#7F8C8D">Recommended subnet:</td><td style="padding:3px 8px;font-weight:bold;color:#16A085">/${bestPrefix} (${usableHosts.toLocaleString()} usable hosts)</td></tr>
      <tr><td style="padding:3px 8px;color:#7F8C8D">Address headroom:</td><td style="padding:3px 8px;font-weight:bold">${headroom.toLocaleString()} addresses</td></tr>
      <tr style="background:#fff"><td style="padding:3px 8px;color:#7F8C8D">Day-1 utilization:</td><td style="padding:3px 8px;font-weight:bold;color:${statusColor}">${utilization}% — ${statusMsg}</td></tr>
    </table>
  </div>`;
}

23.7.3 Practical Subnetting Example: Smart Building

Scenario: Design addressing for a 10-floor smart office building with: - 50 HVAC sensors per floor (500 total) - 200 LED lighting controllers per floor (2,000 total) - 30 security cameras per floor (300 total) - 20 access control readers per floor (200 total) - 10 environmental sensors per floor (100 total) - 5 network infrastructure devices per floor (50 total)

Total devices: ~3,150 devices

Solution 1: By Device Type (Flat Network)

Device Type	Count	Buffer	Total	Subnet	CIDR	Usable IPs	IP Range
HVAC Sensors	500	150	650	192.168.1.0	/22	1,022	.1.1 - .3.254
Lighting	2,000	600	2,600	192.168.4.0	/21	2,046	.4.1 - .11.254
Cameras	300	100	400	192.168.12.0	/23	510	.12.1 - .13.254
Access Control	200	60	260	192.168.14.0	/23	510	.14.1 - .15.254
Environmental	100	30	130	192.168.16.0	/24	254	.16.1 - .16.254
Infrastructure	50	15	65	192.168.17.0	/26	62	.17.1 - .17.62

Solution 2: By Floor (Hierarchical)

Each floor is assigned a /16 address block as its namespace (10.X.0.0/16, where X = floor number), then subdivided into smaller subnets per device type. The /16 is a hierarchical reservation, not a single broadcast domain: - Floor 1: 10.1.0.0/16 → subdivided into /24, /26, /27 etc. per device type - Floor 2: 10.2.0.0/16 → similarly subdivided - Floors 3-10: Same pattern

Example Floor 1 subdivision:

Device Type	Subnet	CIDR	Usable IPs
HVAC	10.1.1.0	/26	62 (50 needed)
Lighting	10.1.2.0	/24	254 (200 needed)
Cameras	10.1.3.0	/26	62 (30 needed, room for growth)
Access Control	10.1.4.0	/27	30 (20 needed)
Environmental	10.1.5.0	/28	14 (10 needed)
Infrastructure	10.1.6.0	/29	6 (5 needed)

Recommendation: Solution 2 (hierarchical by floor) offers better: - Scalability: Easy to add floors - Troubleshooting: “Problem on Floor 3” = check 10.3.x.x - Physical topology mapping: IP matches physical location - Firewall rules: Floor-level access controls

23.7.4 VLSM (Variable Length Subnet Masking)

VLSM allows different subnet sizes within the same network, maximizing address efficiency.

Example: Subdividing 192.168.10.0/24

VLSM example showing 192.168.10.0/24 subdivided into variable-sized subnets: two /26 (64 hosts each), two /27 (32 hosts each), two /28 (16 hosts each), with efficient use of all 256 addresses — Figure 23.4: VLSM subdividing /24 into variable-sized subnets for different IoT device types

Breakdown:

192.168.10.0/26 (64 addresses) → Cameras
192.168.10.64/26 (64 addresses) → HVAC
192.168.10.128/27 (32 addresses) → Access Control
192.168.10.160/27 (32 addresses) → Environmental
192.168.10.192/28 (16 addresses) → Infrastructure
192.168.10.208/28 (16 addresses) → Future expansion
192.168.10.224/27 (32 addresses) → Reserved

Total: 256 addresses allocated with zero waste!

Tradeoff: Static IP Assignment vs DHCP for IoT Devices

Option A: Static IP addresses - Each device configured manually with fixed IP, subnet mask, gateway. No DHCP dependency (works during network outages), predictable firewall rules, easy asset tracking. Management cost: 2-5 minutes per device setup, spreadsheet/IPAM database required, IP conflicts if mismanaged.

Option B: DHCP with reservations - Server assigns IPs automatically, reservations tie MAC address to specific IP. Self-healing (device reboots get correct IP), centralized management, automatic DNS registration. Dependencies: DHCP server must be available at boot, reservation database must be maintained, potential delays (DORA: 4 packets, 50-500ms).

Decision Factors: Use static for critical infrastructure (<20 devices), devices that must work during network failures (safety systems, gateways), or extremely constrained devices without DHCP client. Use DHCP for large deployments (>50 devices), devices with easy configuration interfaces, or when devices move between locations. Hybrid approach: static for gateways/servers, DHCP for sensors.

Interactive: Subnet Mask and Network Calculation

23.8 Real-World Case Study: Retrofit Subnetting for a University Smart Campus

A mid-size university (12,000 students, 45 buildings) deployed 8,500 IoT devices over three years with no subnetting plan – all devices shared a single 10.0.0.0/16 network. By year three, the network was failing.

The Problem: With 8,500 devices on one flat /16 subnet, broadcast traffic consumed 12% of the 100 Mbps backbone. ARP storms during peak hours caused 3-8 second latency spikes on the building management system, and a compromised IP camera in the library gave attackers lateral access to HVAC controllers in the chemistry building – a safety incident that triggered an emergency network redesign.

Initial Flat Network (Before):

Flat-Network Inventory	Count
Address space	10.0.0.0/16, 65,534 usable addresses
HVAC and environmental sensors	3,200
Lighting controllers	2,100
IP cameras	1,500
Access control readers	800
Lab equipment monitors	500
Digital signage displays	400
Total	8,500 devices with zero segmentation
Broadcast traffic	About 1,200 packets/second, or 12% of link capacity

Redesigned Hierarchical Subnetting (After):

The network team allocated 10.{building}.{type}.0/24 per device category per building:

Building ID	HVAC Subnet	Cameras Subnet	Access Control	Lighting
Science (10.1.x.x)	10.1.1.0/24	10.1.2.0/24	10.1.3.0/27	10.1.4.0/24
Library (10.2.x.x)	10.2.1.0/25	10.2.2.0/25	10.2.3.0/28	10.2.4.0/25
Admin (10.3.x.x)	10.3.1.0/26	10.3.2.0/26	10.3.3.0/28	10.3.4.0/26
… (42 more)	…	…	…	…

Firewall rules between subnets:

Cameras cannot initiate connections to any other subnet (outbound to NVR only)
HVAC sensors can reach BMS server (10.100.1.0/28) only
Access control readers connect to door controller server only
No inter-building IoT traffic permitted without explicit rule

Quantitative Results:

Metric	Flat /16 (Before)	Hierarchical (After)	Improvement
Broadcast traffic per segment	1,200 pkt/s	15-40 pkt/s	30-80x reduction
ARP resolution latency	3-8 seconds (storms)	<10 ms	300-800x faster
Lateral attack surface	8,499 reachable devices	30-60 per subnet	140-280x smaller
Troubleshooting time (avg)	4.2 hours	35 minutes	7x faster
Annual downtime	127 hours	8 hours	94% reduction

Key Insight: Subnetting is not optional for IoT deployments exceeding 500 devices. The university’s flat network worked for the first 500 devices but degraded quadratically as broadcast traffic scales with N-squared (every device ARPs every other device). At 8,500 devices, the broadcast storm consumed more bandwidth than actual sensor data. The /24-per-type-per-building scheme provides natural security boundaries, manageable broadcast domains, and an IP addressing scheme that doubles as an asset inventory (10.1.2.x = “Science building, cameras”).

Worked Example: Subnetting a 3-Floor Smart Office Building

You’re designing the network for a new 3-floor office building with the following requirements:

Floor 1 (Lobby/Public): 50 IoT devices (cameras, access control, digital signage) Floor 2 (Offices): 120 devices (workstations, VoIP phones, sensors) Floor 3 (Operations): 200 devices (servers, printers, HVAC, lighting control) Allocated address space: 10.50.0.0/22 (1,022 usable addresses)

Step 1: Calculate needed addresses per floor (with 30% growth buffer)

Floor	Current Devices	With 30% Growth	Subnet Needed
Floor 1, lobby/public	50	65	/25, 126 usable hosts
Floor 2, offices	120	156	/24, 254 usable hosts
Floor 3, operations	200	260	/23, 510 usable hosts
Total	370	481	1,022 available in 10.50.0.0/22, about 47% utilization

Step 2: Assign subnets using VLSM (largest first)

Area	Subnet	Network	Broadcast	Usable Range
Floor 3, largest	10.50.0.0/23	10.50.0.0	10.50.1.255	10.50.0.1 - 10.50.1.254
Floor 2, medium	10.50.2.0/24	10.50.2.0	10.50.2.255	10.50.2.1 - 10.50.2.254
Floor 1, smallest	10.50.3.0/25	10.50.3.0	10.50.3.127	10.50.3.1 - 10.50.3.126
Reserved for future	10.50.3.128/25	10.50.3.128	10.50.3.255	10.50.3.129 - 10.50.3.254

Step 3: Verify no subnet overlap

Allocation	Address Span	Overlap Check
Floor 3	10.50.0.0 - 10.50.1.255	Occupies the first 512 addresses
Floor 2	10.50.2.0 - 10.50.2.255	Starts after Floor 3 ends
Floor 1	10.50.3.0 - 10.50.3.127	Starts after Floor 2 ends
Reserved	10.50.3.128 - 10.50.3.255	Starts after Floor 1 ends

There is no overlap, and the allocations remain contiguous, so the whole building can still be summarized as 10.50.0.0/22.

Result: Efficient use of allocated space with room for growth, clean subnet boundaries, and hierarchical organization that maps to physical building layout.

Decision Framework: Flat vs Hierarchical Subnetting

Criterion	Flat Network (Single /16)	Hierarchical Subnetting (Multiple /24-/27)
Device count	<500 devices	>500 devices
Broadcast traffic	~50-100 pkt/s (tolerable for 100 Mbps)	~5-10 pkt/s per subnet (isolated)
Security isolation	None (all devices see each other)	Per-floor or per-type isolation possible
Troubleshooting	Harder (“IP conflict somewhere in building”)	Easier (“Floor 2 DHCP issue: check 10.50.2.x”)
Hardware requirements	Simple switch ($200)	Layer 3 switch or router ($800-$2,000)
Setup complexity	Low (1 DHCP server, 1 VLAN)	Medium (multiple VLANs, inter-VLAN routing)
Scalability	Poor (broadcast storms >500 devices)	Excellent (add floors = add subnets)
Firewall rules	Difficult (by IP address only)	Easy (by subnet: “Block Floor 1 → Floor 3”)
Best for	Single-floor office, home network	Multi-floor buildings, security-sensitive environments

Decision Factors:

Broadcast threshold: If >500 devices OR >1% of link capacity consumed by broadcasts → subnet
Security requirements: Regulated industries (HIPAA, PCI-DSS) → subnet by department minimum
Physical layout: Multiple buildings or floors → subnet per location (simplifies troubleshooting)
Growth rate: Rapid expansion expected → hierarchical from day one (avoid re-IP later)

Example Decision:

Home network (20 devices): Flat 192.168.1.0/24 - simple, no subnetting needed
Small business (150 devices, 1 floor): Flat 10.0.0.0/23 - still manageable
Mid-size office (300 devices, 3 floors): Hierarchical /24 per floor - security + troubleshooting benefits outweigh cost
Enterprise campus (5,000 devices, 10 buildings): Hierarchical /24 per building-floor - mandatory for scale

Rule of thumb: Subnet when broadcast traffic exceeds 1% of link capacity OR when security isolation is required.

Common Mistake: Failing to Account for Infrastructure Device Consumption

The Error: “I have a /24 subnet (254 usable addresses) for 200 workstations. That leaves 54 addresses for growth - plenty of headroom!”

What’s Missing: Infrastructure devices consume IPs before user devices even start:

Infrastructure Consumer	Addresses Used
Default gateway	1
DHCP server	1
DNS servers	2
Network printers	3
Wi-Fi access points	5
IP cameras	8
Building automation	4
Network management station	1
Reserved static assignments	10
Total infrastructure	35

A /24 provides 254 usable addresses. After 35 infrastructure addresses, only 219 remain for workstations. With 200 workstations, actual headroom is 19 addresses, not 54, and utilization is roughly 91%.

Real-World Failure (Hospital Floor, 2022):

Planned: 180 medical devices on 192.168.5.0/24 subnet

Planning View	Result
Expected headroom	254 - 180 = 74 IPs
Infrastructure actually consumed	42 IPs, because there were more printers and cameras than expected
Medical devices	180 IPs
Total consumed	222 IPs
Remaining	254 - 222 = 32 IPs, only a 13% buffer

Then they added 40 new patient monitoring devices:

Expansion Check	Result
Needed after adding monitors	222 + 40 = 262 IPs
Available	254 IPs
Failure mode	8 devices could not get addresses because the DHCP pool was exhausted

Emergency fix cost:

Weekend network re-IP project: $12,000 in overtime
Changed to /23 (510 usable) with proper infrastructure audit

Correct Sizing Formula:

Count infrastructure first: gateway, DHCP, DNS, printers, cameras, access points, automation, reserved static addresses, and a 20% miscellaneous allowance.
Add user devices with growth: current device count x 1.3 for a 30% growth buffer.
Add infrastructure and user-device requirements.
Choose the next subnet size that provides at least that many usable addresses.
Keep deployment-day utilization below 70%.

Example (corrected):

Corrected Sizing Step	Result
Infrastructure	35 IPs
Workstations with growth	200 x 1.3 = 260 IPs
Total needed	295 IPs
/24 capacity	254 usable, too small
/23 capacity	510 usable, correct choice at about 58% utilization

Key Insight: Always audit infrastructure before sizing subnets. The “hidden” 30-50 IPs for infrastructure turn a comfortable /24 into an overloaded one. Factor in reality, not just the user device count from the spreadsheet.

23.9 Review: Match Subnet Concepts

23.10 Review: Order Subnet Calculation Steps

Common Pitfalls

1. Off-by-One Errors in Host Count Calculations

A /25 subnet has 7 host bits → 2^7 = 128 addresses, but only 126 usable hosts (subtract network and broadcast). Forgetting to subtract 2 leads to address shortages. Fix: always subtract 2 from 2^(host bits) to get the usable host count.

2. Not Aligning Subnets to Power-of-Two Boundaries

A /26 subnet (64 addresses) must start at a multiple of 64 (0, 64, 128, 192). Starting at 192.168.1.50 is invalid. Fix: always verify that the network address is a multiple of the subnet size (2^host bits).

3. Creating Subnets That Are Too Small for IoT Deployments

Assigning a /28 (14 usable hosts) to an IoT VLAN that starts with 10 devices seems adequate, but adding sensors over time quickly exhausts the space. Fix: allocate at least 3× the current device count as the subnet size to allow for growth.

23.11 Label the Diagram

23.12 Code Challenge

23.13 Summary

Subnet masks divide IP addresses into network and host portions using consecutive 1s (network) and 0s (host)
CIDR notation expresses masks compactly: /24 = 255.255.255.0 = 256 addresses (254 usable)
Network address is calculated by ANDing the IP with the mask; broadcast address has all host bits set to 1
Subnet sizing formula: 2^(32 - prefix length) = total addresses, minus 2 for network and broadcast
IoT subnetting provides security isolation, broadcast control, logical organization, and scalability
VLSM enables efficient address allocation with variable-sized subnets for different device types
Design best practice: Inventory devices, add 30% growth buffer, document everything, and consider hierarchical addressing for large deployments

23.14 What’s Next

Now that you can design and calculate subnets for IoT networks, continue building your networking knowledge:

Ports and NAT: Ports and NAT - Identify services with port numbers and enable internet access for private IoT subnets using Network Address Translation.
IPv6 for IoT: IPv6 for IoT - Apply the next-generation addressing protocol with its vastly larger address space designed for IoT scale.
DHCP and Address Resolution: DHCP and Address Resolution - Configure automatic IP assignment for large IoT deployments and understand ARP and Neighbour Discovery protocols.
IPv4 Addressing Fundamentals: IPv4 Fundamentals - Reinforce the 32-bit address structure and binary representation that underpins all subnet calculations.
Networking Basics: Networking Basics - Review foundational networking concepts including OSI layers, frames, and packet forwarding.