What is a subnet in computer networking?



Was talking to one of the IT guys at work today and he mentioned that he had to work on something called a subnet. I tried Googling it but found myself even more confused on its definition.

In: Technology

It’s a way to divide a network kind of like a hard drive partition. If you’re a store that has wifi for the customers you don’t want your public wifi to be on the same network as your credit card machines are on, you also don’t want your wifi thermostat to be on the same network as well. So you create an seperate network for each of those and you don’t allow them to talk to each other even though they are connected to the same switch or router.

It is a way to break down IP addresses into smaller sets. It allows the routers and computers to know what is “local” vs “outside” of the network. That way it can be determined if servers are here or if the traffic needs to be sent to the gateway.

Subnetwork, part of a network.

Imagine a city. A district would be a subnet of that city, a street would be a subnet of that district, etc. Same thing except with a network of computers (the internet is such a network for instance, just a bunch of computers connected together).

The statement “working on a subnet” doesn’t really mean anything though.

Others have explained it but just know, it can get confusing as hell to understand the details of subnetting.

If you have no reason to believe otherwise and need to provide a subnet mask, go with it’s the most common value used.

Computer networks as we commonly encounter them are governed by a system called the TCP/IP standard.

TCP/IP networks are hierarchical, just like governmental districts in real life. You live on Earth, just like everyone else, but you also live in a very specific continent, in some specific country, in some specific state/province, in some specific county/parish, possibly in some specific city, in some specific precinct, in some specific neighborhood, on a specific street, at a specific street address, and maybe at a specific apartment number.

Internet networks are like this, too. You could be connected to the Internet, the global network, but you are also a part of a specific ISP’s subnetwork, maybe in one of their subnetworks set up for a specific city, further subdivided down to a neighborhood, and then down to your home or business network. If you’re connected to a very large business campus network, their own network may be further subdivided.

Each of these subnets can be controlled as an entire block. That is, if you want to keep a bunch of computers logically separated from others on your big network, and want them governed by a special set of rules (who they can see, talk to, what kinds of network requests are allowed in and out of the network, etc), you can take a chunk of your network and define it as its own standalone subnetwork.

Before a computer goes to send network traffic it checks the destination address against its own address. If the computer has a subnet mask of then it will check the first 24 bits of its address against the first 24 bits of the destination address. (Remember 8 bits in a byte and if all 8 bits equal “1” then the value is 255).

If those first 24 bits (in this example) of both addresses match then the source knows that it’s target is on the same “subnet” and it can speak directly to it. If the first 24 bits do not match, then the source knows that it must send the traffic to a different subnet (or really “network”) and therefore the traffic must be sent to a router first in order to be sent on to its destination. If there is no router (AKA gateway) then you’re out of luck!

Hypothetically all IP addresses could exist across one single, flat, giant network with no rules. This would lead to total chaos however by allowing anyone to talk to anyone no matter what. By breaking the total number of available addresses into smaller blocks (subnets) it becomes easier to apply security rules and to send traffic only to the place where it is required.