How to Calculate a Subnet Mask

Work out a subnet mask, network and broadcast address, and host range from any IP and CIDR prefix. The bit-level method, with worked examples and the /31 and /32 rules.

Updated 6 min read By CodingEagles
Free tool IP Subnet Calculator Network, broadcast, host range, mask and wildcard from an IP/CIDR. Open tool

A subnet mask marks which part of an IP address is the network and which part is the host. To calculate it from a CIDR prefix, write that many 1 bits, fill the remaining bits with 0 to reach 32, and group the result into four octets. A /24 gives 255.255.255.0. The subnet calculator does this for any prefix and also returns the network address, broadcast address and usable host range.

That is the short version. Here is why it works, and how to get the other numbers a network plan needs.

A mask is just bits

An IPv4 address is 32 bits, written as four 8-bit octets in decimal. The mask is also 32 bits, but it is a single run of 1s followed by a run of 0s. The 1s cover the network part of the address and the 0s cover the host part.

The CIDR prefix is simply the count of 1 bits. So a /24 mask is 24 ones and 8 zeros:

11111111.11111111.11111111.00000000  =  255.255.255.0

To convert any octet of 1s and 0s to decimal, add the place values of the bits that are set: 128, 64, 32, 16, 8, 4, 2, 1. A full octet (11111111) is 255. An octet of 11111100 is 128+64+32+16+8+4 = 252, which is where a /22 mask gets its 255.255.252.0.

Network and broadcast address

Once you have the mask, two key addresses fall out of it.

  • Network address: the IP with every host bit set to 0. You compute it by a bitwise AND of the IP and the mask. For 192.168.1.40 and a /24, the result is 192.168.1.0.
  • Broadcast address: the IP with every host bit set to 1. For the same subnet, that is 192.168.1.255.

Every address between those two, not counting the two themselves, is a usable host address. So a /24 gives the range 192.168.1.1 to 192.168.1.254.

Counting usable hosts

The number of host bits is 32 minus the prefix. The total number of addresses is 2 raised to that power, and the usable count is two fewer, because the network and broadcast addresses cannot be assigned to a device.

PrefixMaskTotalUsable hosts
/24255.255.255.0256254
/25255.255.255.128128126
/26255.255.255.1926462
/22255.255.252.010241022

Two prefixes break the minus-two rule. A /31 is meant for point-to-point links, where RFC 3021 allows both addresses to be used, so it has 2 usable hosts and no broadcast. A /32 describes one exact host.

The wildcard mask

Some equipment, especially Cisco access lists, wants the inverse of the subnet mask, called the wildcard mask. It has 0s where the subnet mask has 1s, and 1s where the mask has 0s. The wildcard for a /24 is 0.0.0.255. The subnet calculator shows both forms so you can paste whichever a device expects.

Doing it without the maths

The bit method is worth understanding, because it is what the hardware actually does, and it is what exams test. Day to day, though, you will want the answer in one step. Enter an IP and a prefix (or paste a full CIDR such as 192.168.1.0/24) into the subnet calculator and it returns the mask, wildcard, network, broadcast and host range at once, with the binary shown so you can verify the bit pattern yourself.

Frequently asked questions

How do I calculate a subnet mask from a CIDR prefix?
Write the prefix number of 1 bits, then fill the rest of the 32 bits with 0, and group into four octets. A /24 is 24 ones then 8 zeros, which is 11111111.11111111.11111111.00000000, or 255.255.255.0. A /22 is 255.255.252.0. The subnet calculator does this and shows the binary, so you can check the bit pattern.
How many usable hosts does a subnet have?
Take the number of host bits (32 minus the prefix), raise 2 to that power for the total, then subtract 2 for the network and broadcast addresses. A /26 has 6 host bits, so 64 total and 62 usable. The exceptions are a /31, where both addresses are usable on point-to-point links, and a /32, which is a single host.
What is the network address?
The network address is the IP with all host bits set to 0. You get it by ANDing the IP with the subnet mask. For 192.168.1.40 with a /24 mask, the network is 192.168.1.0. The broadcast is the same with all host bits set to 1, which is 192.168.1.255.

Ready to try it?

Network, broadcast, host range, mask and wildcard from an IP/CIDR. Free, in-browser, and 100% private — your data never leaves your device.

Open the IP Subnet Calculator

Related guides

What Is CIDR Notation? CIDR notation packs an address and a prefix length into one string like 192.168.0.0/22. Here is how to read it and what range it covers. How to Convert an IP Address to Binary An IPv4 address is 32 bits in disguise. Here is how to convert each octet to binary, and how the same bits read as an integer and hex.

More tools

JSON Formatter & ValidatorBeautify, minify, validate JSON with a collapsible tree view.Code Formatter & MinifierPretty-print or minify JS, TS, CSS, HTML, JSON, SQL and more.YAML ⇄ JSON ⇄ TOML ConverterConvert config between YAML, JSON and TOML, both ways.JSON Schema Viewer & ValidatorRender a JSON Schema as a tree and validate data against it.Markdown Editor (Live Preview)Write Markdown with a live, side-by-side HTML preview.Mermaid Live EditorTurn Mermaid text into flowcharts and diagrams, live.

More from the Hivly network

Free sister tools on our other sites.

Color Palette GeneratorShuffle palettes with the spacebar, lock favourites, copy hex codes.Length ConverterMetres, feet, miles, inches, km and more, instantly.Word CounterCount words, characters, sentences and reading time live.