Subnet Mask — Formal Length & Notation
Binary Mask Values and Formula
8-bit Binary Values
Each bit position in an 8-bit number represents a power of 2:
| Bit Position | Value |
|---|---|
| 7 | 128 (2^7) |
| 6 | 64 (2^6) |
| 5 | 32 (2^5) |
| 4 | 16 (2^4) |
| 3 | 8 (2^3) |
| 2 | 4 (2^2) |
| 1 | 2 (2^1) |
| 0 | 1 (2^0) |
Maximum 8-bit value:
11111111 = 128 + 64 + 32 + 16 + 8 + 4 + 2 + 1 = 255
Common Binary Masks
| Binary | Decimal | Formula |
|---|---|---|
| 11111111 | 255 | 256 – 1 |
| 11111110 | 254 | 256 – 2 |
| 11111100 | 252 | 256 – 4 |
| 11111000 | 248 | 256 – 8 |
| 11110000 | 240 | 256 – 16 |
| 11100000 | 224 | 256 – 32 |
| 11000000 | 192 | 256 – 64 |
| 10000000 | 128 | 256 – 128 |
| 00000000 | 0 | 256 – 256 |
Formula
For an 8-bit mask consisting of leading 1s followed by trailing 0s:
11111111
11111110
11111100
11111000
...
The decimal value is:
Value = 256 – 2^n
where:
n= number of trailing zeros256 = 2^8
Examples
11111100
Trailing zeros = 2
256 - 2²
= 256 - 4
= 252
11110000
Trailing zeros = 4
256 - 2⁴
= 256 - 16
= 240
11000000
Trailing zeros = 6
256 - 2⁶
= 256 - 64
= 192
10000000
Trailing zeros = 7
256 - 2⁷
= 256 - 128
= 128
00000000
Trailing zeros = 8
256 - 2⁸
= 256 - 256
= 0
Common Subnet Masks
| CIDR | Dotted Decimal | Binary Representation | Usable Hosts | Typical Use |
|---|---|---|---|---|
/8 |
255.0.0.0 |
11111111.00000000.00000000.00000000 |
16,777,214 | Large private networks |
/16 |
255.255.0.0 |
11111111.11111111.00000000.00000000 |
65,534 | VPC CIDR block |
/24 |
255.255.255.0 |
11111111.11111111.11111111.00000000 |
254 | Standard subnet |
/28 |
255.255.255.240 |
11111111.11111111.11111111.11110000 |
14 | Small subnet |
Formula: Usable Hosts = 2^(32 − prefix) − 5
Internet Protocol (IP) is the communication protocol used to identify and route devices across networks. The two major versions in use today are IPv4 and IPv6.
IPv4
Definition
Internet Protocol Version 4 (IPv4) is the fourth version of the Internet Protocol and has been the primary protocol used on the Internet for decades.
Address Format
IPv4 addresses are 32-bit numbers, typically written as four decimal octets separated by periods.
Example:
192.168.1.1
Characteristics
- 32-bit address length
- Approximately 4.3 billion unique addresses
- Uses dotted-decimal notation
- Widely supported by legacy systems
- Requires NAT (Network Address Translation) in many networks due to address exhaustion
Advantages
- Simple and well-established
- Broad compatibility
- Easy to configure and troubleshoot
Limitations
- Limited address space
- Address exhaustion
- Increased reliance on NAT
IPv6
Definition
Internet Protocol Version 6 (IPv6) was developed to overcome the address limitations of IPv4 and provide improved networking capabilities.
Address Format
IPv6 addresses are 128-bit numbers represented as eight groups of hexadecimal digits separated by colons.
Example:
2001:0db8:85a3:0000:0000:8a2e:0370:7334
Compressed form:
2001:db8:85a3::8a2e:370:7334
Characteristics
- 128-bit address length
- Approximately 340 undecillion unique addresses
- Uses hexadecimal notation
- Supports auto-configuration
- Built-in support for modern networking features
Advantages
- Vast address space
- Improved routing efficiency
- Better support for mobile devices
- Simplified network configuration
- Enhanced security capabilities
Limitations
- Migration complexity
- Not all legacy systems support IPv6
- Requires updates to some network infrastructure
IPv4 vs IPv6 Comparison
| Feature | IPv4 | IPv6 |
|---|---|---|
| Address Length | 32 bits | 128 bits |
| Address Format | Decimal | Hexadecimal |
| Address Example | 192.168.1.1 | 2001:db8::1 |
| Address Space | ~4.3 Billion | ~340 Undecillion |
| NAT Required | Often | Usually Not |
| Auto Configuration | Limited | Built-in |
| Header Complexity | More Complex | Simplified |
| Security | Optional IPSec | Native IPSec Support |
AWS reserves 5 IPs per subnet (network, router, DNS, future, broadcast).
Rule:
Mask Octet = 256 - 2^(number of host bits)
AWS Subnet Sizing Example
For a VPC with CIDR 10.0.0.0/16 and 4 subnets:
| Subnet Name | CIDR Block | AZ | Type | AWS Reserved IPs | Usable IPs |
|---|---|---|---|---|---|
| web1 (public) | 10.0.1.0/24 |
ap-south-1a | Public | 5 | 251 |
| web2 (public) | 10.0.2.0/24 |
ap-south-1b | Public | 5 | 251 |
| app1 (private) | 10.0.3.0/24 |
ap-south-1a | Private | 5 | 251 |
| app2 (private) | 10.0.4.0/24 |
ap-south-1b | Private | 5 | 251 |
AWS VPC Concepts
Key Components
| Component | Description |
|---|---|
| Internet Gateway (IGW) | Allows VPC resources to communicate with the internet |
| Route Table | Set of rules (routes) that determine where network traffic is directed |
| Public Subnet | Subnet with a route to the Internet Gateway; instances can have public IPs |
| Private Subnet | Subnet with no direct route to the internet |
| Jumpbox / Bastion Host | A machine in the public subnet used to SSH into machines in private subnets |
AWS Regions & Availability Zones (AZs)
Region
An AWS Region is a physical geographic area in the world that contains multiple, isolated data centers (Availability Zones).
| Property | Detail |
Activity — VPC with 4 Subnets
Goal: Create a VPC with 2 public and 2 private subnets, then launch EC2 instances to observe public IP behaviour.
Steps
- Create a VPC (e.g., CIDR
10.0.0.0/16) - Create 4 subnets (2 public, 2 private) across 2 AZs
- Attach an Internet Gateway to the VPC
- Create a Route Table for public subnets — add route
0.0.0.0/0 → IGW - Associate public subnets with the public route table
- Launch EC2 instance with public IP in a public subnet → accessible from internet
- Launch EC2 instance with public IP in a private subnet → not accessible (no IGW route)
