What is a subnet mask?

Masks. We all wear them. But folks, this is The Solid Signal Blog. It’s not some sort of pop psychology seminar. We’re here to talk about subnet masks, what they are and why we use them.

Let’s talk about the internet and its masks

First off a bit of an admission: The internet and its associated science is something very few people truly understand. I’m not going to be one of those people who pretends to understand the ins and outs of history’s most complex system; I’ll freely admit I’m not that smart. But that said, I have a little bit of networking knowledge, and some understanding of the history of computers, and it may help you to satisfy your curiosity about how computers talk to each other in a basic way. This article isn’t going to be part of anyone’s Ph.D. thesis, in other words.

If you have any experience at all with computer networks, you’re probably aware that computers identify themselves with two sets of numbers. These let information get routed from place to place efficiently. There are other ways to identify computers, but when it comes to the basics of getting that cat GIF to your screen, it’s “IP addressing” that does a lot of the heavy lifting. IP addressing has gotten a lot more complicated in recent years, but we’ll start with the basics.

When the internet started, it was a network of a few computers, but the founders already planned how information would travel. They assigned each computer connected to the internet an address. The computers that are connected to the internet are called “gateways,” and they reasoned that every computer that connected to a gateway would also need an address, so everyone would talk the same language. However, since the computers connected to the gateway weren’t directly connected to the internet, they could all use the same addresses without confusion. Gateway computers, on the other hand, had to be unique in their addresses.

Backing up…

…this is what I mean by an address:

It’s a series of four numbers between 0 and 255. Originally, the first number (in this case 192) determined a computer’s location in the grand scheme. Addresses from 1 to 127 were the backbone of the internet, addresses from 128-191 were for large enterprises, and addresses from 192-223 were for small networks. This lasted about 20 years in practice until it became obvious that the scheme wasted a lot of useful addresses and the internet was growing too quickly. Internet scientists and designers abandoned that scheme way back in 1993. The idea of subnet masks was part of that original scheme, and that part is still with us.

There’s a second set of numbers used to define a computer’s identity, and it’s called the subnet mask. In almost every case at home, your subnet mask is This simply reinforces to any computer that asks that you’re in that third group. That group designates small networks, once referred to as “Class C.” The idea of breaking the internet into groups is obsolete, Still this scheme works very well to help classify small networks.

For the most part, you should never mess with that second set of numbers. Subnet masks you keep your home network separate from the rest of the internet. They also make sure everything in your network can talk to each other. That said, the very purpose of the subnet mask is to allow you to create a situation where two computers can not talk to each other without a gateway between them. Setting two different subnet masks for two different computers should make them invisible to each other, and sometimes that’s a good thing.

How IT Directors use subnet masking

Fancypants IT directors sometimes set up different subnet masks for different parts of their networks to keep things both organized and private. There are online calculators you can use to help you figure out which numbers to use, but the biggest concern is that by using the subnet mask in this way, you create smaller groups of computers than can see each other. The subnet mask also defines how many computers can see each other. Without getting too detailed, you define the possible number of computers by specifying numbers that are not 255 in the mask. The more numbers aren’t 255, and the lower they are, the more addresses are available. If your subnet mask is, you actually can talk to over 65,000 computers on your local network, but if your subnet mask is, you can only talk to 64.

And then… IPv6

Everything you just learned is important, but it all applies to the old “IPv4” way of giving numbers. Believe it or not, the scheme of identifying computers by four unique numbers has been out of space for a while, even though there were over four billion unique addresses. Let’s face facts people, the internet is popular. That’s why the new system, called IPv6, which has something like 3.8 gadzillion possible addresses, more than there are stars in the sky. It’s also much harder for regular humans to understand, consisting of eight sets of four numbers in base-16. That’s why most local networks still use the old-style numbers. Most of us really don’t have more than 4 billion computers in our offices.

Subnet masks in IPv6 work just like the ones in the IPv4 system. They’re equally confusing since the numbers are so much longer.

So dear readers…

Kudos for actually getting to the bottom of this article! (I know a lot of you didn’t!) By now you’ve probably concluded that you don’t need to know a whole lot about subnet masks. You’ve decided that they’re just the sort of thing that you can get along without. Unless you’re an IT professional, you’re probably right. Most likely you’re just fine with using and not touching it. That’s really the right way to go.

About the Author

Stuart Sweet
Stuart Sweet is the editor-in-chief of The Solid Signal Blog and a "master plumber" at Signal Group, LLC. He is the author of over 8,000 articles and longform tutorials including many posted here. Reach him by clicking on "Contact the Editor" at the bottom of this page.