IT Certification and Training Blog

Class B Subnetting

Sep 10, 2014 9:31:00 AM / by Kelson Lawrence

By John Oden

In our video series entitled Subnetting Demystified, I have attempted to create a learning resource that provides a good overview of Internet Protocol version 4 (IPv4), focusing on topics that are important to those of you who are preparing for certification exams. In the first few video presentations, we discuss some historical aspects of IPv4 and compare that to where we are today.

For quite some time, the IPv4 address space was allocated based on the idea of classful addressing, whereby IPv4 addresses could be categorized as Class A, Class B, or Class C by examining the first few bits of the IPv4 address. Check out this video for more information on classful addressing. In short, classful networking provided an addressing model with only three sizes: small, medium, and large. This method of address allocation was very inefficient because there was no way to precisely match the size of an address allocation to the size of a particular organization’s network.

Years ago, the networking world moved away from classful networking to a classless address allocation model wherein the boundaries between the network, subnetwork, and host portions of an IPv4 address could fall anywhere along the 32-bit length of the address. This allowed for a more precise allocation of IPv4 addresses because the size of the allocation could be more closely matched to size of the organization’s network. It was no longer necessary to assign an entire Class C address block to an organization with only a few network-connected devices.

Keeping it Classy

So why are we here to talk about Class B subnetting? Why do we continue to discuss address classes at all in the context of subnetting? I suppose we could list a number of reasons, one of which might be tradition. However, when we refer to an address class within the context of IPv4 subnetting these days, what we are really referring to is a network prefix length. In other words, what we are really saying when we talk about a Class B subnet is that we have been given an IPv4 address allocation with a /16 (16-bit) prefix and we will use the remaining 16 bits for some combination of subnet bits and host bits.

An Example

In the video Class B Subnetting, we are given the address allocation of and are asked to use subnetting techniques to create a subnetting plan that will provide at least 50 subnets that can accommodate at least 350 hosts each. You might already be thinking, “Isn’t this supposed to be a Class B subnetting example? Isn’t that a Class A ( network you’ve got there? And what’s up with the /17 prefix? Aren’t Class B networks supposed to be /16?”

The allocation does indeed fall within the private Class A network. Furthermore, is the second of two subnets that are created when we take and use the first bit in the third octet for subnetting, thus creating the and subnets. So what we really mean when we say “Class B Subnetting” is that the subnetting action takes place in the third octet – as opposed to Class C subnetting where all the action happens in the fourth octet.

In the video, you saw how we created multiple subnets from the network allocation. The first of these subnets was, the next was, and so on. Our requirement was to be able to accommodate at least 50 such subnets. Since we used 6 subnet bits, we saw that the maximum number of subnets was 26, which is 64 subnets. We went through the process of determining the first seven subnet addresses, their respective broadcast addresses, and the first and last host in each. What if we wanted to know the value of the last subnet?

To find the answer, let’s look at the whiteboard from the Class B Subnetting video. Remember that the bits we are using for subnetting are highlighted in yellow. We know that the first subnet is, the next is, and so on. I suppose we could just keep counting, but how would we know where to stop? We have no choice but to stop when all the subnet bits are set to a value of 1. When all the subnet bits are set to 1, we are at the last subnet. To find the value of the last subnet, we add up the bit weights of all of the network and subnet bits in the third octet. In this case, the value would be 128 + 64 + 32 + 16 + 8 + 4 + 2 = 254. Our last subnet is

Also, how did we know that the subnets increase by 2 each time? Just remember the magic number! In the video, we learned that the magic number is the bit weight of the least-significant (rightmost) subnet bit. In our example, the rightmost yellow subnet bit is the next-to-last bit in the third octet, which has a bit weight of 2. There’s your magic number. 

subnetting demystified least significant subnet bit resized 600                                      

Too Many Hosts in Each Subnet?

You might be thinking, “Should there really be 350 hosts in one subnet?” The answer depends on the implementation details of the specific network, but it is generally accepted that subnets that are used for host-address assignments should be no larger than /24. The subnets created in the video are /23, which leaves 9 bits for host addressing with 29  – 2 = 510 available host IP addresses. As you might imagine, this is somewhat large for a single subnet. Why are large subnets undesirable? There are several reasons:

  1. Each subnet is a single broadcast domain, and every host in the subnet must process all the broadcast traffic for the entire subnet.
  2. Managing IP addresses in a large subnet can be unwieldy.
  3. Large subnets are less secure because of the wider potential impact of a compromised host.

In this scenario, it is most likely that each of the /23 subnets that we create will be assigned to different parts of the same organization. Each geographically separate office location might receive its own /23 allocation that could be further subnetted into smaller subnets, such as /26 or /27 subnets with 62 or 30 hosts each.


Determining the subnets in the fourth octet is pretty straightforward. Some folks find they hit a roadblock when creating larger subnets in the third octet. Just keep in mind that everything works the same regardless of which octets contain the subnet bits. The subnet address is always identified by forcing all host bits to 0 and then determining the values of the network and subnet bits in the remaining octets. The broadcast address is still identified by subtracting 1 from the next subnet.

The only thing that really changes is that, when you subtract 1 from the next subnet to get the broadcast address, you are modifying the values in both the third and fourth octets. This is because, when you subtract 1 from the value of the next subnet, the last octet is all zeros. In order to do the subtraction, you must borrow from the next column to the left all the way across, as shown in the video.

In the video, I went through this in some detail to show how it works in binary. In practice, it is as simple as subtracting 1 from the all-zeros fourth octet to get the value 255. Then, subtract 1 from the third octet in the next subnet to get the value of the third octet of the broadcast address in the current subnet. Since you’ve seen the bit manipulation in binary, you now know why it works the way it does. Happy subnetting!

View the next video in this series:

Free Utilites

Check out our free networking utilites at!

Topics: Class B Subnetting, hosts, subnets

Kelson Lawrence

Written by Kelson Lawrence

Subscribe to Email Updates

Lists by Topic

see all

Posts by Topic

see all

Recent Posts