An IP address often comes with a number called the subnet mask, which determines the subnetwork of which the host is a part. This subnet allows administrators to divide their private network into virtually defined segments. Subnets provide a lot of benefits for network administrators, and ultimately users, by making administration and routing more efficient.
Prevents Unnecessary Broadcasts
Computers connected to a network regularly send information to whichever computer is on their network, referred to as a broadcast. Broadcasts are caused by viruses and malware, as well as many legitimate programs. On smaller networks (e.g., fewer than 50 people), this may not pose a problem, but organizations with hundreds or thousands of users may quickly find their network slowed.
Broadcasts, however, are not forwarded beyond a user’s subnet. By dividing a larger IP address space into smaller subnets, you can stop broadcasts from affecting the whole physical network, and restrict them to the individual subnets.
Increases Security Options
Most network security appliances work by evaluating traffic between networks. By putting sensitive resources on the same subnet as every other user, you make it more difficult to deploy security measures. Separating vital functions into subnets allows you to deploy security measures such as firewalls. Firewalls can be configured to ensure that only authorized hosts or other subnets gain access to these servers as well as other networks.
Oftentimes an organization has different departments that require access to different types of resources. If the accounting and janitorial departments are on the same subnet, for example, then their access restrictions have to be controlled on a host-by-host basis. But when the two departments are placed on separate subnets, then security options can be applied based on those subnetworks.
When planning a network, you can control the number of subnet masks available and how many hosts will be available for each subnet. For example, 192.168.1.0 with a subnet mask of 255.255.255.0 allows eight bits to be used to define the hosts (2 ^ 8 = 256, minus network and broadcast addresses, for a total of 254 potential hosts), but provides for over 16 million networks (2 ^ 24). A subnet mask of 255.255.0.0, however, would allow for over 65,000 networks and hosts each. With a little bit of planning, administrators can scale their subnets in a way that matches the number of networks anticipated to the number of hosts expected in each subnet.