purpose, story and theory down below

How To Use

Visual Subnets is a tool that makes it easier to understand how IP subnetting works. Here's how you use it:

• Put an IP into the IP Address field
• Pick a subnet using one of these methods:
  • Enter the IP in CIDR notation, e.g. "169.34.33.105/29". The tool will automatically pick it up.
  • Select a subnet mask from the second field e.g. 255.255.255.248.
  • Select a size from the third field e.g. /29
• The list will populate with the entire /24 subnet (every address beginning with the same three octets)
• Now you can use the tool one of two ways:
  • Click the Focus IP button to highlight and scroll to the IP you've selected. Network and broadcast IPs will be highlighted.
  • Scroll through the list and mouse over the IPs to see in realtime where the block boundaries are.

That's all there is to it. Play with the non-focused mode, roll your mouse over the IPs and try different block sizes. If you're like me, you'll understand subnets a lot better afterwards.

FAQ

Q: Why aren't the gateway IPs labeled?

A: There's no such thing as a "gateway IP." This is a term of convenience that network techs use, and almost everyone puts the gateway (or "default route") on the first usable IP in a block, but the gateway for a network device can be anywhere within the subnet. Comcast, for instance, universally puts their gateways at the end of the block, not the beginning.

Q: Can I see a /16?

A: Sorry, not at the moment. I used some shortcuts in my code that make it hard, but I'll try my best to add larger blocks when I can.

Q: It doesn't highlight the IP when I click Focus IP.

A: That's a bug, my bad. Click again and it'll go.

What does "the block can be divided[...]" mean?

Read "Dividing Blocks" down below.

Q: It's great that I can use this, but I'd like to understand better, and the tutorials out there are just terrible.

A: Read the "Theory" section, I've tried my best to put this in really layman-y terms.

Why I Made This

It's not surprising or something to be ashamed of. They're based on "bitmasks", an efficient, but very archaic computer programming trick. A lot of subnetting and CIDR tutorials or "cheatsheets" will show you these binary masks. Unless you're a programmer, they probably don't make a lot of sense.

I am a programmer, they do make sense to me, and I still can't use them - the information's too abstract. I had to make this tool to model it for myself because I couldn't figure it out either, after years of trying.

I want you to succeed in networking, and you shouldn't need to understand binary to do it. You probably aren't going to use that knowledge anywhere else, and 95% of the time you don't need it as much as you just need a practical understanding.

Try selecting different subnets and rolling your mouse over the IPs. You'll probably come to understand what's going on very quickly. Read the blue infobox and even more of it will make sense. The concepts are simple once you understand the rules - see the Theory section below for a little more on that.

Theory

Here's a description of an IP block:

The real secret is in this phrase: "A /29 must begin on a multiple of 8."

For every subnet size, the block has to begin on a particular multiple. /30 has to start on a multiple of 4, so 0, 4, 8, 12, etc. /29 has to start on a multiple of 8, so 0, 8, 16, etc.

You can find the edges of an IP block very easily once you know this. Say you have the IP 20.30.40.53, and the CIDR size is /29:

• Divide the last octet by 8: 53 / 8 = 6.875
• Round down: round(6.875) = 6
• Multiply by 8: 6 * 8 = 48
• The block begins at 20.30.40.48.
• Now add the size of the block minus one: 48 + 7 = 55
• The block ends at 20.30.40.55.

That is precisely how this tool works, and now you can do it on the calculator on your phone - the only trick is learning the size of the blocks, which you can get from any reference sheet. For convenience, here's everything you'll need for most non-enterprise jobs:

	Starts on	Netmask
/30	4	255.255.255.252
/29	8	255.255.255.248
/28	16	255.255.255.240
/27	32	255.255.255.224
/26	64	255.255.255.192
/25	128	255.255.255.128
/24	0	255.255.255.0

Dividing Blocks

When using this tool you might notice the phrase in the infobox, "The block can be divided into a maximum of n blocks". This gets to the core of IP routing.

Say your ISP provides you with a /29 block, 25.30.100.24/29.

You have a router hooked up to your modem, and it's using a public IP. Your IP layout looks like this:

25.30.100.24	Network address
25.30.100.25	ISP gateway
25.30.100.26	Router WAN
25.30.100.27
25.30.100.28
25.30.100.29
25.30.100.30	Broadcast address

Now you want to put a server behind that router, on a public IP. Some routers have methods for passing just a single IP through, but perhaps yours doesn't. You need to divide the block.

Because this block contains eight IPs, it can be divided into two blocks of four IPs - two /30s.

To do this, you need to find where the second block begins and set the first usable IP as the LAN-side address of your router. Then the second usable IP goes on your server. Both devices change from a .248 subnet mask to a .252. That looks like this:

25.30.100.24	Network address
25.30.100.25	ISP gateway
25.30.100.26	Router WAN
25.30.100.27	Broadcast address
25.30.100.28	Network address
25.30.100.29	Router LAN
25.30.100.30	Server WAN
25.30.100.31	Broadcast address

The servers IP is the second usable address of the new block, its subnet mask is 255.255.255.252, and its default gateway is the first usable address of the new block.

You'll notice that it causes you to lose three IPs (broadcast, network, router LAN). This makes it inconvenient for small blocks in particular, hence the aforementioned single-IP passthrough capability some routers have.