You are currently offline, waiting for your internet to reconnect

Understanding TCP/IP addressing and subnetting basics

This article was previously published under Q164015
When you configure the TCP/IP protocol on a Microsoft Windows computer, anIP address, subnet mask, and usually a default gateway are required in theTCP/IP configuration settings.

To configure TCP/IP correctly, it is necessary to understand how TCP/IPnetworks are addressed and divided into networks and subnetworks. Thisarticle is intended as a general introduction to the concepts of IPnetworks and subnetting. A glossary is included at the end of article.
The success of TCP/IP as the network protocol of the Internet is largelybecause of its ability to connect together networks of different sizes andsystems of different types. These networks are arbitrarily defined intothree main classes (along with a few others) that have predefined sizes,each of which can be divided into smaller subnetworks by systemadministrators. A subnet mask is used to divide an IP address into twoparts. One part identifies the host (computer), the other part identifiesthe network to which it belongs. To better understand how IP addresses andsubnet masks work, look at an IP (Internet Protocol) address and see howit is organized.

IP addresses: Networks and hosts

An IP address is a 32-bit number that uniquely identifies a host (computeror other device, such as a printer or router) on a TCP/IP network.

IP addresses are normally expressed in dotted-decimal format, with fournumbers separated by periods, such as To understand howsubnet masks are used to distinguish between hosts, networks, andsubnetworks, examine an IP address in binary notation.

For example, the dotted-decimal IP address is (in binarynotation) the 32 bit number 110000000101000111101110000100. This numbermay be hard to make sense of, so divide it into four parts of eight binarydigits.

These eight bit sections are known as octets. The example IP address,then, becomes 11000000.10101000.01111011.10000100. This number only makesa little more sense, so for most uses, convert the binary address intodotted-decimal format ( The decimal numbers separated byperiods are the octets converted from binary to decimal notation.

For a TCP/IP wide area network (WAN) to work efficiently as a collectionof networks, the routers that pass packets of data between networks do notknow the exact location of a host for which a packet of information isdestined. Routers only know what network the host is a member of and useinformation stored in their route table to determine how to get the packetto the destination host's network. After the packet is delivered to thedestination's network, the packet is delivered to the appropriate host.

For this process to work, an IP address has two parts. The first part ofan IP address is used as a network address, the last part as a hostaddress. If you take the example and divide it into thesetwo parts you get the following:
   192.168.123.    Network              .132 Host				
-or- - network address.     - host address.				

Subnet mask

The second item, which is required for TCP/IP to work, is the subnet mask.The subnet mask is used by the TCP/IP protocol to determine whether a hostis on the local subnet or on a remote network.

In TCP/IP, the parts of the IP address that are used as the network andhost addresses are not fixed, so the network and host addresses abovecannot be determined unless you have more information. This information issupplied in another 32-bit number called a subnet mask. In this example,the subnet mask is It is not obvious what this number meansunless you know that 255 in binary notation equals 11111111; so, thesubnet mask is:
Lining up the IP address and the subnet mask together, the network andhost portions of the address can be separated:
   11000000.10101000.01111011.10000100 -- IP address (   11111111.11111111.11111111.00000000 -- Subnet mask (				
The first 24 bits (the number of ones in the subnet mask) are identifiedas the network address, with the last 8 bits (the number of remainingzeros in the subnet mask) identified as the host address. This gives youthe following:
   11000000.10101000.01111011.00000000 -- Network address (   00000000.00000000.00000000.10000100 -- Host address (				
So now you know, for this example using a subnet mask, thatthe network ID is, and the host address is When apacket arrives on the subnet (from the local subnet or aremote network), and it has a destination address of, yourcomputer will receive it from the network and process it.

Almost all decimal subnet masks convert to binary numbers that are allones on the left and all zeros on the right. Some other common subnetmasks are:
   Decimal                 Binary         1111111.11111111.1111111.11000000         1111111.11111111.1111111.11100000				
Internet RFC 1878 (available from ) describes the valid subnets and subnet masks that can be used on TCP/IP networks.

Network classes

Internet addresses are allocated by the InterNIC( ), the organization that administers the Internet. These IP addresses are divided into classes. The most common of these are classes A, B, and C. Classes D and E exist, but are not generally used by end users. Each of the address classes has a different default subnet mask. You can identify the class of an IP address by looking at its first octet. Following are the ranges of Class A, B, and C Internet addresses, each with an example address:
  • Class A networks use a default subnet mask of and have 0-127 as their first octet. The address is a class A address. Its first octet is 10, which is between 1 and 126, inclusive.
  • Class B networks use a default subnet mask of and have 128-191 as their first octet. The address is a class B address. Its first octet is 172, which is between 128 and 191, inclusive.
  • Class C networks use a default subnet mask of and have 192-223 as their first octet. The address is a class C address. Its first octet is 192, which is between 192 and 223, inclusive.
In some scenarios, the default subnet mask values do not fit the needs ofthe organization, because of the physical topology of the network, orbecause the numbers of networks (or hosts) do not fit within the defaultsubnet mask restrictions. The next section explains how networks can bedivided using subnet masks.


A Class A, B, or C TCP/IP network can be further divided, or subnetted, bya system administrator. This becomes necessary as you reconcile thelogical address scheme of the Internet (the abstract world of IP addressesand subnets) with the physical networks in use by the real world.

A system administrator who is allocated a block of IP addresses may beadministering networks that are not organized in a way that easily fitsthese addresses. For example, you have a wide area network with 150 hostson three networks (in different cities) that are connected by a TCP/IProuter. Each of these three networks has 50 hosts. You are allocated theclass C network (For illustration, this address is actuallyfrom a range that is not allocated on the Internet.) This means that youcan use the addresses to for your 150 hosts.

Two addresses that cannot be used in your example are and192.168.123.255 because binary addresses with a host portion of all onesand all zeros are invalid. The zero address is invalid because it is usedto specify a network without specifying a host. The 255 address (in binarynotation, a host address of all ones) is used to broadcast a message toevery host on a network. Just remember that the first and last address inany network or subnet cannot be assigned to any individual host.

You should now be able to give IP addresses to 254 hosts. This works fineif all 150 computers are on a single network. However, your 150 computersare on three separate physical networks. Instead of requesting moreaddress blocks for each network, you divide your network into subnets that enable you to use one block of addresses on multiple physical networks.

In this case, you divide your network into four subnets by using a subnetmask that makes the network address larger and the possible range of hostaddresses smaller. In other words, you are 'borrowing' some of the bitsusually used for the host address, and using them for the network portionof the address. The subnet mask gives you four networks of62 hosts each. This works because in binary notation, isthe same as 1111111.11111111.1111111.11000000. The first two digits of thelast octet become network addresses, so you get the additional networks00000000 (0), 01000000 (64), 10000000 (128) and 11000000 (192). (Someadministrators will only use two of the subnetworks using a subnet mask. For more information on this topic, see RFC 1878.) Inthese four networks, the last 6 binary digits can be used for hostaddresses.

Using a subnet mask of, your network thenbecomes the four networks,, These four networks would have as valid hostaddresses:				
Remember, again, that binary host addresses with all ones or all zeros areinvalid, so you cannot use addresses with the last octet of 0, 63, 64,127, 128, 191, 192, or 255.

You can see how this works by looking at two host addresses, and If you used the default Class C subnetmask of, both addresses are on the network.However, if you use the subnet mask of, they are ondifferent networks; is on the network, is on the network.

Default gateways

If a TCP/IP computer needs to communicate with a host on another network,it will usually communicate through a device called a router. In TCP/IPterms, a router that is specified on a host, which links the host's subnetto other networks, is called a default gateway. This section explains howTCP/IP determines whether or not to send packets to its default gateway toreach another computer or device on the network.

When a host attempts to communicate with another device using TCP/IP, itperforms a comparison process using the defined subnet mask and thedestination IP address versus the subnet mask and its own IP address. Theresult of this comparison tells the computer whether the destination is alocal host or a remote host.

If the result of this process determines the destination to be a localhost, then the computer will simply send the packet on the local subnet.If the result of the comparison determines the destination to be a remotehost, then the computer will forward the packet to the default gatewaydefined in its TCP/IP properties. It is then the responsibility of therouter to forward the packet to the correct subnet.


TCP/IP network problems are often caused by incorrect configuration of thethree main entries in a computer's TCP/IP properties. By understanding howerrors in TCP/IP configuration affect network operations, you can solvemany common TCP/IP problems.

Incorrect Subnet Mask: If a network uses a subnet mask other than thedefault mask for its address class, and a client is still configured withthe default subnet mask for the address class, communication will fail tosome nearby networks but not to distant ones. As an example, if you createfour subnets (such as in the subnetting example) but use the incorrectsubnet mask of in your TCP/IP configuration, hosts will notbe able to determine that some computers are on different subnets thantheir own. When this happens, packets destined for hosts on differentphysical networks that are part of the same Class C address will not besent to a default gateway for delivery. A common symptom of this is when acomputer can communicate with hosts that are on its local network and cantalk to all remote networks except those that are nearby and have the sameclass A, B, or C address. To fix this problem, just enter the correctsubnet mask in the TCP/IP configuration for that host.

Incorrect IP Address: If you put computers with IP addresses that shouldbe on separate subnets on a local network with each other, they will notbe able to communicate. They will try to send packets to each otherthrough a router that will not be able to forward them correctly. Asymptom of this problem is a computer that can talk to hosts on remotenetworks, but cannot communicate with some or all computers on their localnetwork. To correct this problem, make sure all computers on the samephysical network have IP addresses on the same IP subnet. If you run outof IP addresses on a single network segment, there are solutions that gobeyond the scope of this article.

Incorrect Default Gateway: A computer configured with an incorrect defaultgateway will be able to communicate with hosts on its own network segment,but will fail to communicate with hosts on some or all remote networks. Ifa single physical network has more than one router, and the wrong routeris configured as a default gateway, a host will be able to communicatewith some remote networks, but not others. This problem is common if anorganization has a router to an internal TCP/IP network and another routerconnected to the Internet.
Two popular references on TCP/IP are:

"TCP/IP Illustrated, Volume 1: The Protocols," Richard Stevens, AddisonWesley, 1994

"Internetworking with TCP/IP, Volume 1: Principles,Protocols, and Architecture," Douglas E. Comer, Prentice Hall, 1995

It is strongly recommended that a system administrator responsible forTCP/IP networks have at least one of these references available.


Broadcast address -- An IP address with a host portion that is all ones.

Host -- A computer or other device on a TCP/IP network.

Internet -- The global collection of networks that are connected togetherand share a common range of IP addresses.

InterNIC -- The organization responsible for administration of IPaddresses on the Internet.

IP -- The network protocol used for sending network packets over a TCP/IPnetwork or the Internet.

IP Address -- A unique 32-bit address for a host on a TCP/IP network orinternetwork.

Network -- There are two uses of the term network in this article. One isa group of computers on a single physical network segment; the other is anIP network address range that is allocated by a system administrator.

Network address -- An IP address with a host portion that is all zeros.

Octet -- An 8-bit number, 4 of which comprise a 32-bit IP address. Theyhave a range of 00000000-11111111 that correspond to the decimal values 0-255.

Packet -- A unit of data passed over a TCP/IP network or wide areanetwork.

RFC (Request for Comment) -- A document used to define standards on theInternet.

Router -- A device that passes network traffic between different IPnetworks.

Subnet Mask -- A 32-bit number used to distinguish the network and hostportions of an IP address.

Subnet or Subnetwork -- A smaller network created by dividing a largernetwork into equal parts.

TCP/IP -- Used broadly, the set of protocols, standards and utilitiescommonly used on the Internet and large networks.

Wide area network (WAN) -- A large network that is a collection of smallernetworks separated by routers. The Internet is an example of a very largeWAN.

Article ID: 164015 - Last Review: 09/23/2011 22:03:00 - Revision: 6.0

  • Microsoft Windows 2000 Server
  • Microsoft Windows 2000 Advanced Server
  • Microsoft Windows 2000 Professional Edition
  • Microsoft Windows NT Server 3.51
  • Microsoft Windows NT Server 4.0 Standard Edition
  • Microsoft Windows NT Workstation 3.1
  • Microsoft Windows NT Workstation 3.5
  • Microsoft Windows NT Workstation 3.51
  • Microsoft Windows NT Workstation 4.0 Developer Edition
  • Microsoft Windows NT Advanced Server 3.1
  • Microsoft Windows 95
  • kbnetwork kbusage KB164015