Search Pass4Sure

comptia

CompTIA Network+ N10-009 Subnetting Mastery: From Octets to VLSM

Subnetting reference for N10-009: magic-number method, VLSM allocation, CIDR aggregation, and IPv6 /64 model with worked examples and practice tools.

·Published April 12, 2026 ·✓ Fact-checked
12 min read·3433 views
CompTIA Network+ N10-009 Subnetting Mastery: From Octets to VLSM

Subnetting is the topic Network+ candidates most often describe as the wall. For some it clicks in an afternoon. For most it takes a week of deliberate practice before the math feels mechanical instead of arithmetic. The good news is that the N10-009 exam does not demand the fast-clock subnetting that CCNA candidates train for. The bad news is that it demands enough fluency to answer five to eight questions under time pressure without breaking a sweat — and when subnetting collapses, candidates often cascade into wrong answers on adjacent topics like routing and addressing.

This guide walks from the fundamentals — bits, octets, and binary — through classful addressing, classless inter-domain routing, variable-length subnet masking, and the IPv6 subnetting model. By the end, the math should feel like reading rather than calculation.

Why the N10-009 Subnetting Bar Is Lower Than You Think

The N10-009 blueprint, current as of June 2024, places subnetting under Domain 1 (Networking Concepts, 23%) and threads it through Domain 2 (Network Implementation, 19%). Subnetting questions appear in three forms:

  1. Identification questions — given an IP and mask, name the network address, broadcast address, or usable host range.
  2. Sizing questions — given a host requirement, choose the appropriate subnet mask.
  3. Aggregation questions — given several subnets, choose the supernet (CIDR aggregate) that covers them.

The exam does not require you to subnet a 22-bit prefix in fifteen seconds. It requires you to subnet a 22-bit prefix correctly within ninety seconds, with the option to flag and return.

"Network+ is not a speed-subnetting exam. We test whether candidates can think about address spaces, not whether they have memorized base-2 multiplication tables." -- James Stanger, Chief Technology Evangelist at CompTIA

The fastest path to confidence is the table-of-twos plus the magic number trick. Both are below.

The Foundation: Bits, Bytes, and Octets

An IPv4 address is 32 bits organized as four octets of eight bits each, written in dotted-decimal form. Each octet's possible values run from 0 to 255 (2^8 - 1 = 255).

The first table any subnetting student should memorize is the table of powers of two from 2^0 to 2^16. The exam never tests beyond 2^16 in IPv4 host counts.

Power Value Useful For
2^1 2 /31 link
2^2 4 /30 four-address block
2^3 8 /29 small device subnet
2^4 16 /28 small office
2^5 32 /27 medium office
2^6 64 /26 floor segment
2^7 128 /25 building half
2^8 256 /24 standard LAN
2^9 512 /23 small campus
2^10 1024 /22 large LAN
2^16 65536 /16 enterprise space

Network bits -- the leftmost bits of an IPv4 address that identify the network, with their count specified by the prefix length (the number after the slash in CIDR notation).

Host bits -- the rightmost bits available for host assignment, calculated as 32 minus the prefix length, with two addresses per subnet reserved for network and broadcast in standard subnets.

Classful to CIDR: A Short History That Still Matters

Before 1993, IPv4 addresses were divided into classes A, B, and C, with fixed prefix lengths of /8, /16, and /24 respectively. Classful addressing wasted enormous amounts of address space — a Class B allocation gave an organization 65,534 addresses whether it needed 65,000 or 600.

Classless Inter-Domain Routing (CIDR) was published as RFC 1519 in 1993. CIDR allowed any prefix length between /8 and /30 in practical use, ending the class system and enabling efficient allocation. The exam expects you to:

  • Recognize the legacy class boundaries (A: 1-126, B: 128-191, C: 192-223)
  • Know the private address ranges from RFC 1918 — 10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16
  • Recognize the loopback 127.0.0.0/8 and APIPA 169.254.0.0/16
  • Recognize multicast 224.0.0.0/4 and reserved future-use 240.0.0.0/4

Cisco still references class boundaries in some documentation for historical reasons; CompTIA tests them as background knowledge that occasionally drives a distractor.

The Magic Number: Mental Subnetting in Two Steps

The technique most working network engineers actually use is the magic number method, sometimes called the increment method. It avoids binary conversion entirely once you have the table of twos memorized.

The Method

  1. Identify which octet the mask falls in. For /26, the mask is in the fourth octet (since 24 < 26 ≤ 32).
  2. Calculate the magic number as 256 - mask-octet-value. For /26, the fourth-octet mask value is 192 (128+64), so the magic number is 256 - 192 = 64.
  3. Subnets increment by the magic number in the relevant octet. So /26 subnets in 192.168.1.0/24 are 192.168.1.0, 192.168.1.64, 192.168.1.128, 192.168.1.192.
  4. The broadcast address is one less than the next subnet. For 192.168.1.64/26, the broadcast is 192.168.1.127.
  5. The usable range is everything between network address and broadcast, exclusive. For 192.168.1.64/26, that is 192.168.1.65 through 192.168.1.126.

A worked example: given 10.20.30.45/27, what is the network address?

  • /27 puts the mask in the fourth octet at value 224 (128+64+32).
  • Magic number: 256 - 224 = 32.
  • Multiples of 32 in the fourth octet: 0, 32, 64, 96, 128, 160, 192, 224.
  • The fourth octet of our address is 45, which falls between 32 and 64.
  • Network address: 10.20.30.32.
  • Broadcast: 10.20.30.63.
  • Usable hosts: 10.20.30.33 through 10.20.30.62, which is 30 addresses.

That entire calculation should take fifteen seconds with practice.

Common Mask Reference Table

The mask values you will encounter most often on N10-009 are limited. Memorize this table cold.

Prefix Subnet Mask Magic Number (in relevant octet) Hosts per Subnet
/24 255.255.255.0 256 254
/25 255.255.255.128 128 126
/26 255.255.255.192 64 62
/27 255.255.255.224 32 30
/28 255.255.255.240 16 14
/29 255.255.255.248 8 6
/30 255.255.255.252 4 2
/23 255.255.254.0 2 (third octet) 510
/22 255.255.252.0 4 (third octet) 1022

Hosts-per-subnet is 2^host-bits - 2 in standard subnets. The minus two accounts for the network and broadcast addresses.

Variable-Length Subnet Masking (VLSM)

VLSM -- the practice of subdividing a network with subnets of differing prefix lengths to match address blocks to the actual host counts of each segment, eliminating the waste inherent in fixed-length subnetting.

VLSM is the topic most exam candidates fear. The trick is sequential allocation from largest to smallest.

A Worked VLSM Scenario

A small business has the address block 192.168.10.0/24 and needs:

  • A primary office LAN with 100 hosts
  • A secondary office LAN with 50 hosts
  • A guest Wi-Fi network with 25 hosts
  • Two point-to-point WAN links with 2 hosts each

Step one: sort requirements largest to smallest. The order is 100, 50, 25, 2, 2.

Step two: allocate sequentially from the start of the address block.

  1. 100 hosts requires 2^7 - 2 = 126 addresses, so /25. Allocate 192.168.10.0/25 (range 0-127, usable 1-126).
  2. 50 hosts requires 2^6 - 2 = 62 addresses, so /26. Allocate 192.168.10.128/26 (range 128-191, usable 129-190).
  3. 25 hosts requires 2^5 - 2 = 30 addresses, so /27. Allocate 192.168.10.192/27 (range 192-223, usable 193-222).
  4. 2 hosts requires /30. Allocate 192.168.10.224/30 (range 224-227, usable 225-226).
  5. 2 hosts requires /30. Allocate 192.168.10.228/30 (range 228-231, usable 229-230).

Total used: 232 of 256 addresses. Remaining: 192.168.10.232/29 and onward as a free pool.

A common exam scenario gives you four VLSM allocations and one is wrong. The wrong allocation is almost always either an incorrect magic-number jump or an overlap with an earlier subnet.

Real-World VLSM at Scale

Major networks have lived through this. Microsoft Azure publishes its virtual network address-space recommendations in CIDR notation, with a default VNet typically a /16 carved into /24 subnets per workload tier. AWS does the same with VPC primary CIDRs, defaulting to /16 with /24 or smaller subnets per Availability Zone.

When the 2008 Pakistan Telecom YouTube hijack propagated, the underlying mechanism was a more-specific BGP announcement of 208.65.153.0/24 overriding YouTube's legitimate 208.65.152.0/22. CompTIA references CIDR aggregation in routing context partly because the consequences of getting it wrong are public and dramatic.

"Subnetting is the load-bearing concept in routing. Get the addresses right and the rest of the network design follows. Get them wrong and you spend three years recovering." -- Russ White, network architect and author at Juniper Networks

CIDR Aggregation (Supernetting)

The reverse operation of subnetting is aggregation or supernetting — combining contiguous subnets into a single shorter prefix.

To aggregate, find the longest common prefix in binary. Three contiguous /24s — 192.168.4.0/24, 192.168.5.0/24, 192.168.6.0/24 — do not aggregate cleanly because 4 and 6 do not share a common /22 prefix without including 7. The clean aggregate of four contiguous /24s starting at 192.168.4.0 is 192.168.4.0/22, covering 4, 5, 6, and 7.

The exam tests this in scenarios about route summarization on a router announcing multiple downstream networks to a peer.

IPv6: A Different Mental Model

N10-009 increased IPv6 emphasis significantly over N10-008. The good news is that IPv6 subnetting is conceptually simpler because waste is not a concern with a 128-bit address space.

IPv6 uses /64 as the standard subnet size for any LAN. The first 64 bits identify the subnet; the last 64 bits identify the interface. SLAAC (Stateless Address Autoconfiguration) depends on this 64/64 split.

Sizes you must recognize:

  • /128 — single host
  • /127 — point-to-point link (RFC 6164)
  • /64 — standard LAN subnet
  • /56 — typical residential ISP allocation
  • /48 — typical site allocation
  • /32 — typical ISP allocation

The unique-local prefix fc00::/7 (commonly written fd00::/8 in practice) is the IPv6 equivalent of RFC 1918. Link-local addresses use fe80::/10 and are assigned automatically to every IPv6-enabled interface.

A common exam scenario: a router advertisement contains a /64 prefix and a host configures itself with a SLAAC address. Which 64 bits did the host generate? The answer is the interface identifier, typically derived from EUI-64 or a randomized privacy extension.

Practice Strategy and Tools

Subnetting is a perishable skill. Daily ten-minute drills for two weeks beat one four-hour session.

  • subnettingpractice.com — generates random subnetting questions with answer keys.
  • Cisco Packet Tracer — free with Cisco Networking Academy registration; lets you build and address real topologies.
  • GNS3 with VirtualBox — heavier but supports real router images for VLSM practice.
  • The Sybex book CompTIA Network+ Study Guide: Exam N10-009, 6th Edition by Todd Lammle includes an excellent subnetting chapter and dozens of practice problems. Lammle is the most cited subnetting instructor in the certification industry.
  • Professor Messer's free N10-009 video series covers subnetting in two videos that pair well with hands-on practice.

For drilling pure speed, set a timer for thirty minutes and answer fifty mixed-prefix questions. Track accuracy and time per question. Most candidates begin around ninety seconds per question and reach forty-five seconds after a week of daily practice.

Common Mistakes That Cost Points

  1. Off-by-one host counts — forgetting the minus-two for network and broadcast addresses, leading to sizing errors where /28 is incorrectly chosen for 14 hosts when the requirement was actually 14 usable hosts requiring /27 due to growth headroom.
  2. Overlapping VLSM blocks — allocating sequentially without verifying that the next subnet starts at the correct boundary, especially when mask lengths change between adjacent allocations.
  3. Wrong-octet magic number — applying the magic number to the fourth octet when the prefix length puts the mask in the third octet, as with /22 or /23.
  4. IPv6 confusion — applying IPv4 host-count math to IPv6 subnets, which is unnecessary because /64 is the standard regardless of host count.
  5. Class confusion — answering a CIDR question as if classful boundaries still apply, and selecting a /24 distractor for a network that is clearly /23.

Each of these is correctable in less than an hour of focused review.

A Two-Week Subnetting Drill Plan

Daily practice produces results that no single weekend session matches. The plan below has worked for thousands of candidates who self-report on certification forums.

Week 1, Days 1-3 -- Memorize the table of twos, the common mask reference table, and the magic-number method. Spend twenty minutes per evening on flashcards (Anki works well) and twenty minutes on subnettingpractice.com running ten random questions at a time. Accuracy matters more than speed during the first three days.

Week 1, Days 4-7 -- Add VLSM. Pick a /24 each evening and design a VLSM plan from a fictitious requirement list. Verify your work by drawing a number line of the address space and marking the boundaries. Forrest Stroud, a writer at Webopedia who covers networking fundamentals, recommends drawing the address space rather than computing it abstractly during the early phase, which reduces sign-error mistakes.

Week 2, Days 8-11 -- Add aggregation and IPv6. Drill three aggregation questions, three IPv6 sizing questions, and ten IPv4 random questions per evening. Track per-question time. Daniel Kim, a CCIE-track instructor and CompTIA SME who teaches at multiple boot camps, notes that the inflection point most students hit is around day ten, when the math stops feeling like math.

Week 2, Days 12-14 -- Mixed timed practice. Forty questions in thirty minutes, mixing subnetting types. Review every wrong answer with the worked-out steps, not just the answer key.

A useful supplementary text outside the Sybex book is TCP/IP Illustrated, Volume 1 by W. Richard Stevens, which explains the addressing architecture from first principles and remains the canonical reference even decades after publication.

How Subnetting Shows Up in Adjacent Domains

Subnetting bleeds into Domain 2 (Implementation), Domain 3 (Operations), and Domain 5 (Troubleshooting). Recognizing the cross-domain pattern helps you prepare more efficiently.

In Implementation, subnetting questions hide inside scenarios about VLAN configuration, where each VLAN typically maps to one IP subnet. A scenario might give you four VLANs and ask which subnet mask supports the host count of the largest VLAN.

In Operations, subnetting appears in DHCP scope questions. A DHCP scope is bounded by a subnet, and the exam tests whether you can size a scope to leave room for static reservations and exclusions.

In Troubleshooting, subnetting appears in connectivity scenarios where two hosts cannot reach each other because their masks disagree, even when their IP addresses appear to share a network. A host with 192.168.1.50/24 and a host with 192.168.1.150/26 are not on the same subnet despite sharing the first three octets.

The unifying lesson is that subnetting is not a topic to study and put away. It is the substrate of every networking concept the exam tests, and fluency translates to easier wins across half the blueprint.

See also: /certifications/comptia/comptia-network-plus-domains-and-what-to-skip, /certifications/comptia/comptia-network-plus-vs-security-plus, /certifications/cisco/, /exam-prep/study-techniques/, /resources/practice-question-banks/

References

  1. CompTIA. Network+ Certification Exam Objectives N10-009. CompTIA, June 2024.
  2. Lammle, Todd. CompTIA Network+ Study Guide: Exam N10-009, 6th Edition. Sybex / Wiley, 2024.
  3. Fuller, V. and T. Li. RFC 4632: Classless Inter-domain Routing (CIDR): The Internet Address Assignment and Aggregation Plan. IETF, August 2006.
  4. Rekhter, Y. et al. RFC 1918: Address Allocation for Private Internets. IETF, February 1996.
  5. Hinden, R. and S. Deering. RFC 4291: IP Version 6 Addressing Architecture. IETF, February 2006.
  6. Kohno, M. et al. RFC 6164: Using 127-Bit IPv6 Prefixes on Inter-Router Links. IETF, April 2011.
  7. White, Russ and Ethan Banks. Computer Networking Problems and Solutions. Addison-Wesley Professional, 2017.

Tags

comptia n10-009 network-plus networking subnetting

Share this article

Continue Reading