What is Subnetting?

Hello Giovanni

When planning IPv4 or IPv6 addressing schemes, almost everything you need to know is found within the subnetting course on the site:

Some fundamental principles to keep in mind:

  1. Separate your network into subnets based on department or usage, or some other characteristic of grouping your hosts together. For example: Sales, Marketing, Management, Servers, Wi-Fi users, voice etc…
  2. Estimate a growth rate for each subnet so that you have enough addresses within that subnet for the number of hosts and the expected number of hosts over the coming years. This is especially important for IPv4 implementations as subnets generally have limited number of addresses.
  3. Remember that IP address schemes are also important for security, since placing different entities within different subnets will separate them logically, and security parameters (ACLs for example) can be placed at the locations of routing between those subnets.

Going through the lessons in this course will give you a very good idea of strategies for IP addressing. If you have any other specific questions after that, feel free to ask!

I hope this has been helpful!


Thanks for your reply.

Are there any best practise to choose the actual ip addresses to use ? and about the number of the vlans?


Hello Giovanni

The approaches for IPv4 and IPv6 differ due to the different structure of the addressing as well as the different limitations in the number of addressing and subnetting.

For IPv4 the choice of actual addressing space doesn’t make much difference. If you are given a set of public addresses and are expected to use those in your network, then you really have no choice. However, if you use private addresses, then you can use any of those in the private address ranges equally well. Just make sure that you make the subnets large enough

For IPv6 it matters even less what addresses you choose, as long as they are within the range provided for you by the ISP (if they are public) or they are within the range of the Unique Local Addresses (ULA), which can be considered the IPv6 counterpart to IPv4 private addresses.

In both cases, you should separate your network into VLANs in order to provide security, for ease of administration, network efficiency, and limited broadcast domains. VLANs should be separated based on the following:

  • use - voice VLAN, server VLAN, management VLAN, datacenter VLAN etc
  • VLANs should be separated based also on departments
  • they should also be created such that each one has a limited number of hosts

Remember that communication between VLANs requires routing, which means that you can apply security mechanisms (ACLs for example) between these VLANs thus giving you more flexibility in segregating your network.

I hope this has been helpful!