3.3 Subnet Masks, CIDR, and Prefix Lengths
Key Takeaways
- CIDR writes the mask as a slash prefix length (/24, /30) counting the number of 1 bits from the left.
- Host bits = 32 minus prefix; usable hosts in a normal IPv4 LAN subnet = 2^host_bits minus 2.
- Longer prefixes create smaller subnets; recognize the /24–/30 dotted-decimal masks on sight.
- Routers choose the longest matching prefix (most specific route); 0.0.0.0/0 is the default route.
From subnet masks to CIDR
CIDR stands for Classless Inter-Domain Routing. In day-to-day support it means writing an address or network with a slash and a prefix length. 192.168.10.25/24 means the first 24 bits are network bits; the equivalent dotted-decimal mask is 255.255.255.0. CIDR is shorter, fits cleanly in diagrams, and works for both IPv4 and IPv6.
A prefix length counts the mask's 1 bits from left to right. Because IPv4 is 32 bits total, host bits = 32 − prefix length. A /24 leaves 8 host bits, /26 leaves 6, /30 leaves 2. As the prefix number grows, the subnet shrinks. Memorize the common masks — they appear in client settings, router interfaces, DHCP scopes, and exam diagrams:
| Prefix | Dotted-decimal mask | Host bits | Total addrs | Usable hosts |
|---|---|---|---|---|
| /24 | 255.255.255.0 | 8 | 256 | 254 |
| /25 | 255.255.255.128 | 7 | 128 | 126 |
| /26 | 255.255.255.192 | 6 | 64 | 62 |
| /27 | 255.255.255.224 | 5 | 32 | 30 |
| /28 | 255.255.255.240 | 4 | 16 | 14 |
| /29 | 255.255.255.248 | 3 | 8 | 6 |
| /30 | 255.255.255.252 | 2 | 4 | 2 |
Usable hosts equal 2^host_bits − 2 in a normal LAN subnet, because one address is the network and one is the broadcast. A /30 therefore offers only 2 usable hosts, which is why it became the classic point-to-point link mask. Modern designs sometimes use /31 (RFC 3021) to recover both addresses on point-to-point links, but for CCST fundamentals, learn the network/broadcast rule first.
Classless thinking, planning, and route selection
CIDR replaced classful addressing. You may still hear "Class A/B/C" in casual talk, but modern networks use explicit prefixes — never assume every 10.x.x.x is /8 or every 192.168.x.x is /24. An enterprise might carve 10.20.30.0/24 for a user VLAN and 10.20.30.128/25 for a smaller server subnet. The mask is the authority, not the address class.
Prefix length drives capacity planning. If a help desk is asked whether a subnet can hold 60 endpoints, a /26 (62 usable) is tight once you subtract the gateway, printers, access points, and growth headroom; a /25 (126 usable) is comfortable. You may not design the subnet, but recognizing an undersized pool lets you escalate with evidence instead of just "DHCP ran out."
Read CIDR labels on diagrams as boundaries:
192.168.50.0/24— describes the subnet.192.168.50.1/24— describes a host interface, often the gateway.0.0.0.0/0— the default route: any destination not matched by something more specific.
Longest prefix match
When multiple routes overlap, a router picks the most specific — the longest matching prefix. For destination 10.1.2.55, a router prefers 10.1.2.0/24 over 10.0.0.0/8 because /24 matches more network bits. This rule explains why a specific static route can override a broad summary, and why the default route is the last resort.
Notation traps the exam likes:
255.255.255.0/24is redundant but readable in notes.192.168.1.10/255.255.255.0is not standard CIDR — use either dotted mask or slash prefix, not both joined by a slash./255is not a valid prefix; IPv4 prefixes range /0 to /32.
When a field asks for a mask, give dotted decimal (255.255.255.0); when it asks for CIDR, give the slash form (/24). Mixing them is the single most common formatting mistake on intake tickets, and translating cleanly between the two is exactly the skill 100-150 tests.
Reading the mask table both directions
The exam tests the mask-to-prefix mapping in both directions, so do not just memorize "/24 is 255.255.255.0" — practice going the other way. Given 255.255.255.240, count the 1 bits: the first three octets are all ones (24 bits) and 240 is 11110000 (4 more ones), so the prefix is /28. Given 255.255.255.224, 224 is 11100000 (3 ones), giving /27. A fast shortcut for the fourth octet is to remember the eight "magic" values that have contiguous high bits: 128, 192, 224, 240, 248, 252, 254, 255 — corresponding to one through eight set bits, or prefixes /25 through /32.
Those magic numbers also reveal subnet sizes at a glance. Subtract the fourth-octet mask value from 256 to get the block size, which is the number of addresses per subnet: 256 − 192 = 64, so a /26 has 64 addresses; 256 − 240 = 16, so a /28 has 16. Block size and usable-host counts are two sides of the same calculation, and an examiner can ask for either. Practicing the subtraction keeps you from freezing when a question gives a mask you did not directly memorize.
Keep the planning angle in mind too, because CCST framing is practical rather than theoretical. If asked which prefix fits a department of 25 devices plus a gateway and two printers, count the real need — roughly 28 addresses — then pick the smallest subnet that covers it with growth room. A /27 offers 30 usable hosts and fits; a /28 with only 14 usable would not. Being able to map a head-count to a prefix, and a prefix back to a mask, is the everyday literacy this objective is checking, and it is the foundation for the host-range arithmetic in the next section.
What dotted-decimal mask matches IPv4 prefix /26?
Which IPv4 prefix provides the fewest usable host addresses?
A router has routes for 10.0.0.0/8 and 10.1.2.0/24. Which does it use to reach 10.1.2.55?