What Is Variable Length Subnet Mask in Networking?
Also known as: Variable Length Subnet Mask, VLSM, subnetting, CCNA subnetting, Network+ subnetting
On This Page
Quick Definition
A Variable Length Subnet Mask, or VLSM, is a way to split a network into smaller pieces that don't all have to be the same size. Instead of giving every subnet the same number of addresses, you can give each subnet exactly as many addresses as it needs. This saves IP addresses and makes the network more efficient.
Must Know for Exams
VLSM is a core topic in the CCNA (Cisco Certified Network Associate) and Network+ certification exams. Both exams test your ability to calculate subnet masks, identify the number of hosts per subnet, and design VLSM schemes. In the CCNA exam, VLSM appears in the IP connectivity and IP addressing sections.
You may be asked to choose the correct subnet mask for a given number of hosts, or to select the valid subnet that meets specific size and range requirements. In Network+, VLSM is part of the networking fundamentals domain. The exam expects you to understand the difference between classful and classless addressing, and to apply VLSM in a scenario.
For example, a typical Network+ question might describe a company with three offices: Office A needs 100 hosts, Office B needs 30 hosts, and Office C needs 10 hosts. You are given a /24 network and must choose the subnet masks and ranges that fit all three offices without overlap. The correct answer uses VLSM: /25 for Office A, /27 for Office B, and /28 for Office C.
In exams, VLSM questions often require you to calculate the subnet mask, broadcast address, and usable host range for each subnet. You must also understand how VLSM affects routing protocol operation. For instance, RIPv2 and OSPF support VLSM, but RIPv1 does not.
A common exam question asks which routing protocol is suitable for a VLSM network. Understanding VLSM is not optional for passing these exams. It is a foundational skill that appears in multiple question types, including multiple-choice, simulation, and drag-and-drop.
Cisco expects CCNA candidates to be able to design a VLSM scheme from scratch within a few minutes.
Simple Meaning
Imagine you are in charge of assigning parking spaces for a large office building. You have a big parking lot that can hold 256 cars. The building has different departments: a small team of 5 people, a medium team of 30 people, and a large team of 100 people.
If you gave each team the same number of parking spots, you would have to give them all, say, 128 spots each. But you only have 256 spots total, so you can only accommodate two teams. The small team would have 123 empty spots, wasting a lot of space.
VLSM is like being able to give the small team 8 spots, the medium team 32 spots, and the large team 128 spots. You use exactly the right number of spaces for each team, and you can fit all three teams in your one parking lot. In networking, an IP address is like a parking spot.
A subnet mask tells you how many spots are in each section. With VLSM, you can use different subnet masks for different sections so that you give each network exactly the number of IP addresses it needs. This prevents waste and lets you fit more networks into a limited address space.
Without VLSM, every subnet in a network must be the same size, which is very inefficient. VLSM is standard practice in modern networking. It is used in almost every corporate network to make the best use of IP addresses.
Full Technical Definition
Variable Length Subnet Masking (VLSM) is a technique used in IP networking to allocate IP address subnets of varying sizes within a major network. It is defined in RFC 950 and is a core part of Classless Inter-Domain Routing (CIDR), which replaced the older classful addressing system. In classful addressing, networks were divided into Class A, B, and C, each with a fixed subnet mask, like 255.
0.0.0 for Class A. This meant every subnet within a network had to use the same mask, leading to wasted addresses. VLSM works by allowing the subnet mask to vary from one subnet to another, based on the number of hosts required in each subnet.
For example, a /26 mask (255.255.255.192) provides 62 usable host addresses, while a /30 mask (255.255.255.252) provides only 2 usable host addresses. An engineer can use a /30 for a point-to-point link between two routers and a /26 for a departmental LAN with 50 computers, all within the same major network.
VLSM is implemented by network administrators during IP address planning. The process involves taking a network block, such as 192.168.1.0/24, and subnetting it into smaller blocks using different prefix lengths.
The key is that subnets must not overlap, and routes must be summarized carefully. Routing protocols like OSPF, EIGRP, and BGP support VLSM by carrying the subnet mask information in their routing updates, a feature known as classless routing. Older protocols like RIPv1 do not support VLSM because they do not include subnet mask information.
VLSM is essential for efficient IP address management in modern networks. It reduces routing table size through route summarization, conserves IPv4 address space, and allows networks to grow flexibly. In exam contexts, you will be asked to calculate subnet masks, determine the number of hosts per subnet, and design a VLSM scheme for a given set of requirements.
Real-Life Example
Think of a library with a large main reading room that has a single set of shelves. The librarian wants to organize books into sections: fiction, non-fiction, reference, and children's books. If the librarian used the same size shelf for every section, each shelf would hold exactly 50 books.
The fiction section has 200 books, so it needs 4 shelves. The reference section has only 10 books, so it would get one shelf with 40 empty spaces. The children's section has 30 books, so it would get one shelf with 20 empty spaces.
This wastes a lot of shelf space. Now, the librarian decides to use VLSM. She buys shelves of different sizes: small shelves that hold 10 books, medium shelves that hold 30 books, and large shelves that hold 100 books.
The fiction section gets two large shelves (200 books). The reference section gets one small shelf (10 books). The children's section gets one medium shelf (30 books). Every shelf is almost full, and no space is wasted.
The librarian can fit more sections in the same reading room. In networking terms, the reading room is your IP address block. The shelves are subnets. The different shelf sizes are the different subnet masks.
The librarian is the network administrator. By using shelves of the right size (VLSM), you can fit more subnets into your address space and avoid wasting IP addresses. This is exactly how VLSM works in a real network: you assign a /30 subnet to a link that only needs 2 IP addresses, and a /24 subnet to a department that needs 250 addresses.
Why This Term Matters
VLSM matters because IP addresses are a limited resource, especially in IPv4. Without VLSM, you would have to use the same subnet mask for every subnet in your network, which leads to massive waste. For example, if you have a network with a point-to-point link that needs only 2 IP addresses, and you give it a /24 subnet, you waste 252 addresses.
Multiply that by hundreds of links in a large organization, and you waste thousands of addresses. VLSM allows you to give each link exactly what it needs, conserving addresses for other uses. In real IT work, VLSM is used in network design, IP address planning, and routing configuration.
When you build a new network, you calculate the number of hosts needed in each subnet and then assign the smallest possible subnet that meets the requirement. For example, a small office with 10 employees needs a /28 subnet (14 usable addresses), while a large data center with 500 servers needs a /23 subnet (510 usable addresses). VLSM also affects routing efficiency.
With VLSM, you can summarize routes, which reduces the size of routing tables. This makes routers faster and reduces network overhead. In cloud infrastructure, such as AWS VPCs or Azure virtual networks, VLSM is used to design subnets for different tiers (web, application, database) with appropriate sizes.
Security is also improved because you can create small subnets that limit broadcast domains and reduce attack surfaces. For system administrators, VLSM is essential for DHCP scopes, VLAN design, and VPN address pools. Without a solid understanding of VLSM, you cannot design efficient, scalable networks.
How It Appears in Exam Questions
In certification exams, VLSM appears in several distinct question patterns. First, there are concept questions that ask for the definition or purpose of VLSM. For example, Which of the following best describes VLSM?
The answer is dividing a network into subnets of different sizes. Second, there are calculation questions where you are given a base network and a set of host requirements. You must determine the correct subnet masks and assign ranges without overlap.
An example: You have the 10.0.0.0/8 network. You need subnets for 500 hosts, 200 hosts, and 50 hosts. Which subnet masks would you use? The correct response is /23, /24, and /26 respectively.
Third, there are troubleshooting questions where a network is not working because of VLSM issues. For instance, two routers are configured with overlapping subnets, causing routing table conflicts. You must identify the overlap and suggest a fix.
Fourth, there are scenario questions that combine VLSM with routing protocols. A question might describe a network running RIPv1 that uses VLSM, and the routes are not being advertised. The learner must realize that RIPv1 does not support VLSM and recommend upgrading to RIPv2 or OSPF.
Fifth, there are design questions where you must choose an addressing scheme for a network diagram. You are shown a topology with multiple LANs and WAN links, and you must assign subnets of appropriate sizes to each segment. These questions test your ability to plan efficiently.
Sixth, there are comparison questions where you must distinguish VLSM from Fixed Length Subnet Masking (FLSM). An example: Which characteristic is true of VLSM but not FLSM? Answers often include the ability to use multiple subnet masks within the same major network.
In simulation questions, you may be required to configure IP addresses and subnet masks on routers and verify connectivity. Understanding VLSM is critical for these hands-on tasks. You must also be able to read a routing table and identify VLSM subnets.
Practise Variable Length Subnet Mask Questions
Test your understanding with exam-style practice questions.
Example Scenario
A small company, BrightStar IT, has been given the IP network 192.168.10.0/24. They have three departments. The Sales department has 60 employees, each needing a computer. The Engineering department has 25 employees.
The Management department has 10 employees. Additionally, there are two point-to-point connections between routers that each need exactly two IP addresses. The network administrator wants to use VLSM to assign subnets to each department and each link without wasting IP addresses.
First, he calculates the smallest subnet that can hold 60 hosts. A /26 mask provides 62 usable addresses, so Sales gets 192.168.10.0/26. Next, Engineering needs 25 hosts. A /27 mask provides 30 usable addresses, so he assigns 192.
168.10.64/27. Management needs 10 hosts, so a /28 mask (14 usable addresses) works. He gives them 192.168.10.96/28. Now for the point-to-point links, each needs only 2 hosts, so a /30 mask (2 usable addresses) is perfect.
He assigns the first link 192.168.10.112/30 and the second link 192.168.10.116/30. The remaining addresses from 192.168.10.120 to 192.168.10.255 are free for future growth. All departments and links have exactly the number of addresses they need.
The network uses VLSM to maximize efficiency. Without VLSM, the administrator would have had to use the same mask for everything, perhaps /27 for each, and would have run out of addresses or wasted many.
Common Mistakes
Assuming all subnets within a network must use the same subnet mask.
This is the old fixed-length subnet masking approach. VLSM explicitly allows different masks within the same major network, which is more efficient.
Remember that with VLSM, you can choose a different subnet mask for each subnet based on the number of hosts needed. There is no rule that masks must be the same.
Overlapping subnet ranges when designing a VLSM scheme.
Overlapping subnets cause routing confusion and duplicate IP addresses, leading to network failures. Each IP can belong to only one subnet.
Always list your subnets in order of size, from largest to smallest, and assign ranges sequentially without gaps. Double-check that the end of one subnet does not go beyond the start of the next.
Thinking that VLSM only applies to IPv4 and not IPv6.
VLSM applies to IPv6 as well. IPv6 uses prefix lengths, and you can assign different prefix lengths to different subnets, just like in IPv4.
Understand that VLSM is a general concept of variable-length prefix allocation. It works in both IPv4 and IPv6 environments.
Forgetting that the first and last IP in a subnet are reserved for network and broadcast addresses.
When calculating usable hosts, you must subtract 2 from the total addresses. Many learners forget this and design subnets that are too small.
Always use the formula usable hosts = 2^(32 - prefix length) - 2. For a /30, that is 2^2 - 2 = 2 usable addresses.
Confusing subnet mask notation between slash notation and dotted decimal.
Misreading /24 as 255.255.0.0 instead of 255.255.255.0 leads to wrong subnet calculations.
Memorize common prefix lengths: /8 = 255.0.0.0, /16 = 255.255.0.0, /24 = 255.255.255.0, /30 = 255.255.255.252. Practice conversion until it becomes automatic.
Exam Trap — Don't Get Fooled
A question asks for the subnet mask that provides the fewest usable hosts while supporting a given number of devices, but the answer choices include both /30 and /29. The learner might choose /30 because it is the smallest, but the question specifies that the subnet must support 5 devices. Always calculate the number of usable hosts for each option.
/30 gives 2 usable hosts (not enough), while /29 gives 6 usable hosts (enough). The correct answer is /29 because it is the smallest mask that meets the requirement. Do not pick a mask that is too small.
Commonly Confused With
Classful subnetting uses the same subnet mask for every subnet in a network, while VLSM allows different masks for different subnets. FLSM wastes IP addresses because you must use the largest required mask everywhere.
With FLSM, if one subnet needs 100 hosts, you use a /25 mask for all subnets, even if another subnet only needs 2 hosts. With VLSM, you use /25 for the 100-host subnet and /30 for the 2-host link.
CIDR is the overall standard that replaced classful addressing, and VLSM is a specific technique used within CIDR. CIDR allows route aggregation and variable-length subnet masks. VLSM is the practical application of CIDR for subnet design.
CIDR allows you to write 192.168.0.0/16 instead of 192.168.0.0 with a classful mask. VLSM is what you do when you break that /16 into smaller pieces of different sizes.
Supernetting combines multiple smaller networks into one larger network to reduce routing table entries. VLSM does the opposite: it breaks a large network into smaller pieces. Supernetting uses a prefix length shorter than the classful mask, while VLSM uses longer prefix lengths.
If you have four /24 networks (192.168.0.0/24 to 192.168.3.0/24), supernetting combines them into 192.168.0.0/22. VLSM would take a /22 and split it into the four /24s.
Step-by-Step Breakdown
Identify the total address block
Start with a larger network address and prefix length, such as 192.168.1.0/24. This block contains 256 total addresses (0-255). You will divide this block into smaller subnets.
List host requirements for each subnet
Determine how many usable host addresses each subnet needs. For example, Subnet A needs 50 hosts, Subnet B needs 20 hosts, Subnet C needs 5 hosts. Remember to reserve 2 addresses per subnet for network and broadcast.
Sort requirements from largest to smallest
Assign subnets in descending order of size. This prevents fragmentation and ensures that larger subnets get contiguous blocks. In this case, Subnet A (50 hosts) comes first, then Subnet B (20 hosts), then Subnet C (5 hosts).
Choose the smallest prefix length that meets the requirement
For 50 usable hosts, you need at least 52 total addresses (50+2). The smallest subnet with at least 52 addresses is /26 (64 total, 62 usable). So Subnet A gets a /26 mask. Similarly, Subnet B needs 22 total addresses, so /27 (32 total, 30 usable). Subnet C needs 7 total, so /28 (16 total, 14 usable).
Assign network addresses sequentially
Start with the base network address. Subnet A gets 192.168.1.0/26 (range 0-63). The next available address is 192.168.1.64. Subnet B gets 192.168.1.64/27 (range 64-95). The next is 192.168.1.96. Subnet C gets 192.168.1.96/28 (range 96-111). The remaining addresses 112-255 are free for future use.
Verify no overlap and record the design
Check that each subnet range ends before the next begins. For example, Subnet A ends at 63, Subnet B starts at 64. There is no overlap. Document the network address, prefix length, usable range, and broadcast address for each subnet for future reference.
Practical Mini-Lesson
VLSM is not just a theoretical exam topic; it is a daily tool for network engineers. When you design a network for a company, you start by gathering the number of hosts needed for each VLAN, each branch office, and each point-to-point link. You then take the IP block assigned to you (often from an ISP or internal address plan) and apply VLSM.
The key is to work from largest to smallest, as shown in the step-by-step breakdown. In practice, you will use subnet calculators or spreadsheets for complex designs, but you must understand the underlying math to verify results. One common real-world task is configuring DHCP scopes.
If you mis-calculate the subnet mask, you may assign a /28 scope to a segment that needs 20 hosts, leaving 4 devices without IP addresses. Another task is configuring router interfaces. Each interface must have an IP address that falls within the subnet assigned to that link.
With VLSM, a serial link might use a /30 mask, while an Ethernet LAN uses a /24. You set the IP address and subnet mask directly on the interface. Routing protocols like OSPF and EIGRP automatically include the subnet mask in their updates, so they support VLSM.
However, if you use an older protocol like RIPv1, the router will assume the classful mask and your VLSM subnets will not be reachable. That is why modern networks use classless routing protocols. Another practical aspect is network documentation.
When you create a VLSM plan, you must record the subnet, mask, VLAN ID, location, and purpose. This documentation is critical for troubleshooting. If a new device cannot get an IP address, you check the DHCP scope and the subnet mask.
If the mask is wrong, the device may think it is on a different network. VLSM also interacts with security. For example, you can create a very small subnet (like /30) for a management interface, limiting exposure.
Security teams often use VLSM to isolate critical assets in small address spaces. What can go wrong? The most common mistake is overlapping subnets. This happens when you assign a subnet without checking that its range does not conflict with another.
Overlaps cause routing loops and silent connectivity failures. Another problem is using too large a subnet, which wastes addresses and can lead to broadcast storms. The best practice is to always use the smallest subnet that meets your current need, leaving room for growth.
Do not allocate a /24 to a department with 10 people; give them a /28 and assign the rest later. VLSM connects to broader concepts like IPAM (IP Address Management) and network automation. Many enterprises use tools like SolarWinds or NetBox to automate VLSM calculations and track assignments.
In cloud environments, VPCs use VLSM natively. For example, in AWS, you create a VPC with a /16 block, then create subnets with different prefix lengths within that block. The same principles apply.
To master VLSM, practice with sample scenarios. Take a /24 block and try to allocate subnets for 100, 50, 30, and 10 hosts. Check your answers with a subnet calculator. Repeat until you can do it quickly without tools.
This skill will serve you well in exams and in real network design.
Memory Tip
To remember VLSM, think Vary the Length, Save the Mask. Each subnet gets its own mask based on need, not a one-size-fits-all approach. The largest requirement gets the smallest mask number (like /26), and the smallest requirement gets the largest mask number (like /30).
Covered in These Exams
Current Exam Context
Current exam versions that test this topic — use these objectives when studying.
Related Glossary Terms
802.1Q is the networking standard that allows multiple virtual LANs (VLANs) to share a single physical network link by tagging Ethernet frames with VLAN identification information.
An A record is a DNS record that maps a domain name to the IPv4 address of the server hosting that domain.
32-bit File Allocation Table (FAT32) is a file system that organizes data on storage devices like hard drives and USB flash drives using a 32-bit addressing scheme to track where files are stored.
Frequently Asked Questions
What is the main benefit of using VLSM over FLSM?
VLSM saves IP addresses by allowing different subnet sizes for each part of the network, avoiding the waste that occurs when all subnets must be the same size.
Can VLSM be used with IPv6?
Yes, VLSM works with IPv6. The same principle applies: you can assign different prefix lengths to different subnets within a larger IPv6 block.
Do all routing protocols support VLSM?
No. Classless routing protocols like OSPF, EIGRP, and RIPv2 support VLSM because they include the subnet mask in routing updates. Classful protocols like RIPv1 and IGRP do not support VLSM.
How do I calculate usable hosts for a VLSM subnet?
Use the formula 2^(32 - prefix length) - 2. For example, a /28 gives 2^(32-28) - 2 = 2^4 - 2 = 16 - 2 = 14 usable hosts.
What is the biggest mistake when implementing VLSM?
Creating overlapping subnets. Always assign subnets from largest to smallest and verify that the ranges do not overlap before configuring devices.
Is VLSM used in cloud networking?
Yes. In AWS, Azure, and Google Cloud, you create VPCs and subnets using VLSM principles to allocate IP space for different tiers of applications.
What is the difference between VLSM and CIDR?
CIDR is the standard that enables classless addressing and route aggregation. VLSM is a subnetting technique used within CIDR to create subnets of different sizes.
Summary
Variable Length Subnet Mask (VLSM) is a fundamental networking technique that allows you to divide an IP address space into subnets of varying sizes, using different subnet masks for each subnet. This is more efficient than fixed-length subnet masking because it matches the address allocation to the actual number of hosts required, reducing waste. VLSM is a core skill for the CCNA and Network+ certification exams, where you will be tested on calculating subnet masks, designing addressing schemes, and identifying valid configurations.
In real-world IT work, VLSM is used in network design, routing protocol configuration, cloud subnetting, and IP address management. Understanding VLSM helps you build scalable, efficient networks and conserve limited IPv4 addresses. To succeed in exams and practice, remember to sort subnets by size, choose the smallest mask that meets the requirement, and always check for overlaps.
VLSM is not just a theory; it is a practical tool that every network professional must master.