Variable Length Subnet Masking (VLSM)
How to carve an address space into subnets of different sizes — avoiding waste while giving each segment exactly what it needs.
The Problem with Fixed Subnets
Imagine you have been given 10.10.0.0/22 — 1,024 addresses — and need to set up
four network segments:
- Office LAN: 200 devices
- Wi-Fi: 80 devices
- Server VLAN: 15 devices
- Management network: 5 devices
If you split the /22 into four equal /24s (256 addresses each), every segment gets 254 usable addresses. Your management network uses 5 of those 254 — wasting 249. Multiply that across a larger network and the waste becomes significant: unused addresses you can never reclaim for other subnets.
VLSM (Variable Length Subnet Masking) solves this by letting each segment use a prefix length that matches its actual requirements.
Choosing the Right Prefix Length
The rule is: find the smallest subnet that fits your required number of hosts. Since usable hosts = 2^(host bits) − 2, work upwards from your requirement:
| Hosts needed | Minimum prefix | Usable hosts |
|---|---|---|
| 1 – 2 | /30 | 2 |
| 3 – 6 | /29 | 6 |
| 7 – 14 | /28 | 14 |
| 15 – 30 | /27 | 30 |
| 31 – 62 | /26 | 62 |
| 63 – 126 | /25 | 126 |
| 127 – 254 | /24 | 254 |
For the example above: office LAN needs 200 → /24, Wi-Fi needs 80 → /25, servers need 15 → /27, management needs 5 → /29.
The Golden Rule: Allocate Largest First
Always allocate your largest subnets first. Each subnet's network address must align on a boundary that is a multiple of its own size. If you start with a small subnet and then try to fit a larger one beside it, the larger subnet's address may not align correctly — leaving gaps you cannot use.
Largest-first guarantees every subnet lands on a clean boundary and no space is orphaned.
A Worked Example
Starting with 10.10.0.0/22 (addresses 10.10.0.0 through 10.10.3.255), allocating largest-first:
10.10.0.0/22 ─ 1,024 addresses total │ ├── 10.10.0.0/24 Office LAN 254 usable (200 needed) │ 10.10.0.1 – 10.10.0.254 │ ├── 10.10.1.0/25 Wi-Fi 126 usable (80 needed) │ 10.10.1.1 – 10.10.1.126 │ ├── 10.10.1.128/27 Server VLAN 30 usable (15 needed) │ 10.10.1.129 – 10.10.1.158 │ ├── 10.10.1.160/29 Management 6 usable (5 needed) │ 10.10.1.161 – 10.10.1.166 │ └── 10.10.1.168 – 10.10.3.255 Unallocated — available for future growth
Total addresses consumed by the four subnets: 416. Total wasted within those subnets: 111 (the unused addresses in each block). If we had used four equal /24s, the waste would have been 735 — over six times more.
Point-to-Point Links
Router-to-router links only ever need two addresses — one for each end. Use /30 (4 addresses, 2 usable) rather than wasting a /24 on a link with two interfaces. Modern networks often use /31 for these links, which is supported by most enterprise routers and gives 2 usable addresses with no network or broadcast overhead.
Keeping Track
VLSM planning on a small network is manageable on paper. At 20+ subnets it becomes error-prone: subnets overlap, gaps appear, and the next person to join the team cannot decode the spreadsheet.
An IPAM tool tracks allocations, shows gaps visually, warns about overlaps, and gives you a running view of utilisation in each block — so the network documentation stays accurate without manual effort.
Try VLSM planning in the calculator
Enter a parent CIDR and a list of requirements — the calculator will assign subnets largest-first and show you exactly what fits where.
Open calculator