Query on class B private address range - ip

This is the range for class B private address range. -
prefix notation for this is
As per prefix notation, 8 bits of left most octet and left most 4 bits in second octet can only be used to derive network ID in the IP address.
So, I can derive network address using x in xxxxxxxx.xxxx0000.00000000.00000000
My question:
Using leftmost 12 bits, How can i derive and network address? In general, How can i derive 172.16-172.31 range using left most 12 bits(mentioned as x)?

I am not clear about what you ask: the notation /12 leads to the net mask
which can be combined with
10101100.0001HHHH.HHHHHHHH.HHHHHHHH (H = host part)
This means that every IPv4 address which starts with these 12 bits belongs to this network.
This counts for all IPv4 addresses whose first octet is 172 and second one is between 16 (00010000) and 31 (00011111).
And this range includes 172.17.* and 172.18.* as well.
What we have talked about here is how the network part of the address forms. Inside one network, each host gets assigned an address, making use of the host part.
These addresses can essentially be freely assigned (except that the host part may not be all 0s or all 1s).
How you use/divide up your 172.16/12 is up to you.
You can see 172.16/12 see as one big network where all hosts are in, but you can as wee split it up even further:
maybe into 172.16/13 and 172.24/13
or into 172.16/14, 172.20/14, 172.24/14 and 172.28/14
or into 172.16/15, 172.18/15, 172.20/15, 172.22/15, 172.24/15, 172.26/15, 172.28/15 and 172.30/15
or into 172.16/16, 172.17/16, 172.18/16, ..., 172.29/16, 172.30/16 and 172.31/16
You can even mix that: you can as well have e. g. 172.16/13, 172.24/14 and 172.28/14.
Commenting on your comment:
can i say that as per prefix notation /12, the possible networks here are 172.00010000.0.0, 172.00100000.0.0, 172.00110000.0.0, 172.01000000.0.0, 172.01010000.0.0 , 172.01100000.0.0, 172.01110000.0.0 etc...
No. As said, 172.16/12 means 172 is constant and the first bits of 16 are constant.
As mentioned, that means 10101100.0001... is fix and the rest is variable.


How does a CIDR range specify the IP addresses within it?

I have read a number of articles and posts about VPCs, CIDR and subnets but I still find the explanations confusing.
Many of the explanation can't help avoiding using domain knowledge or technical terms.
Is there a more basic explanation for someone who gets basic programming, binary, etc. ?
I am wondering in the context of aws VPCs.
How does a CIDR represent an IP address range ?
Start with an IP address:
This actually represents Four 8 bit numbers.
With a dot between each.
As they are 8 bit numbers, they can be from 0 up to 255 (decimal).
They are frequently shown as xx.xx.xx.xx because this is referring to them as four 8 bit numbers, shown in hexadecimal (base 16) format. In 'hex' format 255 (decimal) is written as FF
So the numbers range from to FF.FF.FF.FF - in hex
Or to in decimal
For the purpose of considering how many IP 'addresses' this represents - i.e. how many individual IP addresses - you can do 255 * 255 * 255 * 255 which is 4228250625. Because you have used FOUR 8 bit numbers you multiply them together to produce that number. It is 2*32. You'll notice that the 32 is 8 + 8 + 8 + 8 and that is the four 8 bit numbers in xx.xx.xx.xx
OK, so now to CIDR. Where all the above 8 bit, base 16 and hexadecimal / binary information will be useful...
So a CIDR is a range of IP's.
For example you might want a range of to which is 255 IPs. You can write this using the above format, i.e. to but there is another way to do it and that is by using CIDR - Classless Inter Domain Routing. Lets stick with calling it CIDR. so with CIDR you refer to a range using a format like this:
and that means the range to, i.e. 255 numbers.
So has does that work ? !
ok, first we are given which might be thought of as the starting address of the range -, although this is actually a bit misleading because the CIDR number is going to affect it.
So lets go piece by piece.
The "/24" refers to the number of bits on the left that stay fixed.
This is probably the hardest but also most essential piece to understand.
So taking "24". this means (conveniently with 24!) that you consider the first 24 bits, i.e. the 10.0.0 to be fixed (see bitmask). Only the last 8 bits of the xx.xx.xx.xx can change, i.e. you have a range and it is from to
Here's one of the most surprising facts initially:
The larger the CIDR number, e.g. /28, /30, etc. the smaller the available range of IP addresses !!!
This is because the /nn CIDR number refers to how many bits are FIXED and the more bits are FIXED the less bits are can be changed to produce a range, and thus the smaller the range. This is why with /32 there is NO range because you are saying all 4 xx.xx.xx.xx numbers (8 + 8 + 8 + 8 = 32) are fixed. Whereas with you can have from to because the 24 indicates the first three numbers (again 8 + 8 + 8 bits = first 3 numbers) are fixed) and only the last 8 bits, i.e the 'zz' in xx.aa.bb.zz can change for this range. One more example: (so first two 8 bit numbers are fixed) means to
Because this behavior is due to a netmask, which produces the range to would produce the same result if you supplied, or
See an online converter at https://ipaddressguide.com/cidr
With aws you are given as your VPC which means the "10.0" part will stay fixed. so that means if you want a subnet within that you want something smaller such as or of which you will be able to have many.
The next thing that may be a bit unexpected is that within a VPC subnets must not overlap. However you can have multiple VPCs using that range. The second piece takes some explanation:
There are three IP ranges set aside as PRIVATE so they are never used 'publicly'. These lets each network use those as 'internal' addresses. They are the, probably familiar to to to
So when you get a VPC that uses a range you are getting ONE private network within "a' network. As if you were 'one' user at home using your single network. You can create another VPC because that uses another network (like having a second router in your house) and on that network is available.
You currently have a default limit of 5 VPCs per region. As each VPC is using private subnet ranges, they can actually be the same for different ones as well as different, however if you ever want the VPCs to be able to communicate with each other (using VPC peering) this will be a problem because the subnets can't overlap when you do that (otherwise the router wouldn't know which subnet to pick for a given address that exists in both).
Any other corrections I am happy to incorporate wiki-style. I am not defending my knowledge, just trying to share what I think I know and help others understand this confusing concept!
Here's how you do it in aws:
Nope! You have to avoid within 10.0 - the existing public subet !

IPv4 Variable Length Subnetting vs Fixed Length Subnetting?

I'm trying to understand the difference between variable length subnetting and fixed length subnetting, from what I know variable length subnetting will create different subnet masks depending on the subnet.
But in fixed length subnetting, the supernet mask is calculated by 32 - (host_bits + subent_bits).
So if the host_bits are going to be changing depending on the subnet, then wouldn't the supernet mask change as well?
Subnets and supernets are just a matter of perspective.
Whether you split a network in four equal parts or in one half and two quarters, the technique is the same: you move the division between network part and host part further right and the bits you add to the network part let you address subnets.
E.g. = to
=> = to
& = to
& = to
Supernetting works the same, only in the opposite direction.
The difference between the variable mask and the fixed mask is the versatility, in the fixed mask you can only make subnets of a single size and this is a great restriction since you waste too many ips, instead with the variable mask it allows us to create the networks of the size that we want, thus being able to waste the least amount of ips possible, thus making network schemes more efficient.

CIDR / subnet mask

I am trying to understand how subnetting is involved in CIDR notation. As far as I understand, there is a network and host portion to every IP address. The netmask specifies how many leading bits should be used in this network portion, while the remaining bits become the possible hosts. Before CIDR was created, I understand that there were different classes A-D (0, 10, 110, 1111 leading bits) that had very specific netmasks, and that you could add a subnet mask by taking away some of the host bits.
What I am confused about is if you want subnets using CIDR notation, do you still need a separate subnet mask along with the CIDR notation? As far as I am aware, CIDR simply supports more flexible netmask length (so you don't end up having something like 65536 possible hosts when you only need like 400). But something like still only has 1 single subnet, and 512 possible hosts. If you wanted subnets for this wouldn't you still need to add a subnet mask like if you wanted 2 different subnets?
You're on the right track. CIDR provides a classless way of allocating subnets that is more versatile than the original Class A-C system. It is another way of specifying a subnet mark, but with a more compact notation than specifying a netmask like
To understand CIDR, you have to first understand that that a subnet mask is four eight bit numbers (called octets) that form a 32 bit value. A CIDR of /24 or /8 is just a way of representing how many of the leftmost bits in that 32 bit value are 1's, with the 0's on the right side representing the size of the subnet (stay with me here...I'll make that clearer in a second).
If you want a subnet with 16 IP's, you need a netmask of 11111111 11111111 11111111 11110000. You'll notice that there are four zeros in that mask, and there are sixteen possible values that you can specify with four bits. Written in CIDR notation, this would be a /28 network (32 minus the four "zero" bits)
Similarly, if you want a subnet with 512 IP's, you need to set nine of the bits in your 32-bit subnet mask to zero (because a nine bit binary number has 512 possible values from 0-511). So that would be 32-9=23, or a /23.
Now one last thing you need to remember. For every CIDR, you will always have some IP addresses that can't be used for hosts (these are used for broadcast and gateway). You can find a nice cheat sheet showing the actual numbers here:
Hope that helps!

Calculate a network between two 2 IP address non CIDR

I have problem Where I have given two IPv4 address and I have to calculate best possible network between them . For example I have and and I have to find all minimum available subnets between.
Please note that these two IP addresses are not CIDR notation.
The solution which I thought .i.e
get the number of host between them (it is 4096 here)
find set bit in 4096 which is 12th bit
Now create a subnet mask of 20 i.e
This way I will get subnet masks in between those two IP addresses
Now the question is suppose I got then anding it with start IP it will give network which will serve to but I started with to hence It would be breaking wrongly
Feels like I will be doing huge mistake If I go with my version of story.
Anyone here please help me.
I was looking for pre-made code and stumbled on this thread. I ended up writing the following in python. You always have the chance that you will span 2 subnets. You were just missing the last step here to check and expand by one bit on the netmask if necessary.
def calc_inclusive_subnet(ip1, ip2): #accepts 2 IP strings
#make IP Address objects
if ip1_obj<=ip2_obj:
distance = int(max_ip)-int(min_ip)
ip_range=0 #increment powers of 2 until you have subnet distance
while 2**ip_range < distance:
ip_range += 1
net = ipaddress.IPv4Network(str(min_ip) + '/' +str(32-ip_range), strict=False)
if max_ip not in net:
# i.e. if the distance implies one size network, but IPs span 2
net = ipaddress.IPv4Network(str(min_ip) + '/' +str(32-ip_range), strict=False)
return net
You're using the wrong mask. You should use a /19 instead of /20.
A /20 offers you 16 subnets. Simple math learns us 192+16 = 208 (192 is the result of 0 + 16 = 16, 16 + 16 = 32, 32 + 16 = 48, etc)
A /19 offers you 32 subnets --> 192 + 32 = 224
Keep in mind 224 is the start of the next network. Your /19 network will have subnets starting from to and belong to the network.

Understanding subnetting

Assume your company is given an address of, 5 subnets are required.
I found that:
Binary: 1111111.11111111.11111111.111000
Create a table that contains the network addresses of the subnets created within your network? Write down the Network Addresses, 1st and 2nd valid IP addresses in CIDR
(table displayed in below link)
Can someone do the first few for me and explain the process on how to do it? Thanks
The process of dividing a network into smaller network sections is called subnetting. This can be useful for many different purposes and helps isolate groups of hosts together and deal with them easily.
Each address space is divided into a network portion and a host portion. The amount the address that each of these take up is dependent on the class that the address belongs to. For instance, for class C addresses, the first 3 octets are used to describe the network. For the address, the 192.168.0 portion describes the network and the 15 describes the host.
By default, each network has only one subnet, which contains all of the host addresses defined within. A netmask is basically a specification of the amount of address bits that are used for the network portion. A subnet mask is another netmask within used to further divide the network.
Each bit of the address that is considered significant for describing the network should be represented as a "1" in the netmask.
For more details, please r
You already figured out that with this mask 1111111.11111111.11111111.11100000 you can create 5 networks, just put numbers in them:
Mask: 11100000
00000000 = 0
00100000 = 32
01000000 = 64
01100000 = 96
10000000 = 128
10100000 = 160 - 192
The problem here is that you are not using the upper 64 addresses (192-255).
You can make 4 subnetworks and split the last one:
Mask: 11000000
00000000 = 0
01000000 = 64
10000000 = 128
11000000 = 192 (split this one)
Mask: 11100000
11000000 = 192
11100000 = 224
