Subnetting and VLSM Design Lab
Key Takeaways
- Performance-based questions reward a repeatable method - size networks, allocate largest first, then verify - more than mental shortcuts.
- Variable Length Subnet Masking (VLSM) allocates larger subnets before smaller ones so aligned address space is not wasted or trapped.
- Each subnet design must identify network ID, usable host range, broadcast address, prefix length, and default gateway.
- Plan for growth, point-to-point links, management networks, and reserved space before assigning any addresses.
- Fast verification checks block size, overlap, gateway placement inside the subnet, and host capacity.
Why Subnetting PBQs Matter on N10-009
The CompTIA Network+ N10-009 exam contains a maximum of 90 questions in 90 minutes, a mix of multiple-choice and performance-based questions (PBQs). PBQs usually appear in the first few minutes of the exam, are weighted more heavily than single multiple-choice items, and consume time quickly. The passing score is 720 on a 100-900 scale. A common mistake is to burn fifteen minutes on the first subnetting PBQ - flag it, move on, and return after answering the faster multiple-choice items.
Subnetting PBQs typically ask you to complete a table, drag subnets into the correct slot, or choose the best mask for several departments. The safest approach is always the same: size each network, allocate the largest network first, then verify that no ranges overlap.
Scenario
You are given the private block 10.40.8.0/22. Design subnets for a branch office:
| Network | Required usable hosts | Notes |
|---|---|---|
| Staff | 220 | User workstations and printers |
| Voice | 110 | IP phones |
| Wireless corporate | 70 | Managed laptops |
| Servers | 26 | Local services and appliances |
| Network management | 12 | Switch, AP, and firewall management |
| WAN link A | 2 | Point-to-point link |
| WAN link B | 2 | Point-to-point link |
The /22 spans 10.40.8.0 through 10.40.11.255 - that is 1024 total addresses. A /22 borrows two host bits from a /24, so it covers four contiguous /24 blocks (8, 9, 10, 11).
Step 1: Choose Prefix Lengths
Usable hosts = 2^(host bits) - 2. The minus two accounts for the reserved network and broadcast addresses.
| Required usable hosts | Smallest prefix | Usable hosts | Block size |
|---|---|---|---|
| 220 | /24 | 254 | 256 |
| 110 | /25 | 126 | 128 |
| 70 | /25 | 126 | 128 |
| 26 | /27 | 30 | 32 |
| 12 | /28 | 14 | 16 |
| 2 | /30 | 2 | 4 |
| 2 | /30 | 2 | 4 |
Note that 70 hosts will not fit in a /26 (62 usable), so it rounds up to a /25. This rounding catches many test takers.
Step 2: Allocate Largest to Smallest
| Network | Subnet | Usable range | Broadcast | Gateway |
|---|---|---|---|---|
| Staff | 10.40.8.0/24 | .8.1 - .8.254 | 10.40.8.255 | 10.40.8.1 |
| Voice | 10.40.9.0/25 | .9.1 - .9.126 | 10.40.9.127 | 10.40.9.1 |
| Wireless | 10.40.9.128/25 | .9.129 - .9.254 | 10.40.9.255 | 10.40.9.129 |
| Servers | 10.40.10.0/27 | .10.1 - .10.30 | 10.40.10.31 | 10.40.10.1 |
| Management | 10.40.10.32/28 | .10.33 - .10.46 | 10.40.10.47 | 10.40.10.33 |
| WAN A | 10.40.10.48/30 | .10.49 - .10.50 | 10.40.10.51 | 10.40.10.49 |
| WAN B | 10.40.10.52/30 | .10.53 - .10.54 | 10.40.10.55 | 10.40.10.53 |
Unused space remains from 10.40.10.56 through 10.40.11.255 - roughly 456 addresses for growth, another VLAN, loopbacks, or future WAN circuits.
PBQ Method (Repeatable Six Steps)
- Write host requirements from largest to smallest.
- Convert each requirement to the smallest prefix that fits (round up).
- Start at the first address in the assigned block.
- Move forward by the block size of each subnet (block size = 256 minus the mask value in the interesting octet).
- Place the default gateway at the first usable address consistently.
- Verify each broadcast address is exactly one less than the next network ID - no gaps, no overlap.
Fast Mask Reference
Memorize this table cold; it eliminates arithmetic under pressure.
| Prefix | Mask | Usable hosts | Block size |
|---|---|---|---|
| /24 | 255.255.255.0 | 254 | 256 |
| /25 | 255.255.255.128 | 126 | 128 |
| /26 | 255.255.255.192 | 62 | 64 |
| /27 | 255.255.255.224 | 30 | 32 |
| /28 | 255.255.255.240 | 14 | 16 |
| /29 | 255.255.255.248 | 6 | 8 |
| /30 | 255.255.255.252 | 2 | 4 |
A fast trick: the interesting octet is wherever the mask is neither 255 nor 0. The block size is 256 minus that octet value. For /27 (mask .224) the block size is 256 - 224 = 32, so subnets start at .0, .32, .64, .96, and so on.
Worked Mental Check
Given 10.40.10.32/28, which subnet does host 10.40.10.40 belong to? Block size for /28 is 16, so subnets begin at .0, .16, .32, .48. Address .40 falls in the .32 block; usable range .33 - .46; broadcast .47. The gateway .33 is valid; .47 would be the broadcast and must never be a gateway.
Common PBQ Traps
- Allocating small subnets first, leaving no aligned space for a larger network.
- Using the broadcast or network address as a host or gateway.
- Forgetting a /30 has only two usable addresses for a point-to-point link.
- Overlapping two subnets in the same range because block size was miscalculated.
- Choosing a prefix that meets today's count but ignores a stated growth requirement.
- Mixing CIDR notation with the wrong dotted-decimal mask (for example pairing /26 with 255.255.255.128).
A subnet must support 70 usable IPv4 hosts. What is the smallest common prefix length that satisfies the requirement?
Using block size, what is the broadcast address of 10.40.10.32/28?
Which VLSM allocation method most reduces wasted space and overlap risk?
Which values should you verify in a completed subnetting PBQ? Select three.
Select all that apply