VLSM Design Examples for Enterprise Networks
Learn Variable Length Subnet Masking (VLSM) through practical enterprise design scenarios with step-by-step allocation examples.
What Is VLSM?
Variable Length Subnet Masking (VLSM) allows you to use different subnet sizes within the same network. Instead of applying a uniform subnet mask everywhere, you allocate subnets sized to actual need -- reducing IP address waste.
Without VLSM (uniform /24):
HQ Office: 192.168.1.0/24 (200 hosts, OK)
Branch: 192.168.2.0/24 (15 hosts, wastes 237)
WAN Link: 192.168.3.0/24 (2 hosts, wastes 250)
With VLSM (variable masks):
HQ Office: 192.168.1.0/24 (254 hosts)
Branch: 192.168.2.0/28 (14 hosts)
WAN Link: 192.168.2.16/30 (2 hosts)
VLSM Design Process
- List all subnets needed with their host requirements.
- Sort by size -- largest subnet first.
- Allocate sequentially -- assign the largest first, then fit smaller ones in remaining space.
- Verify no overlaps -- ensure each subnet boundary is clean.
Enterprise Example: Multi-Site Office
Given: 172.16.0.0/16. Design subnets for:
| Department | Hosts Needed | Subnet Size |
|---|---|---|
| HQ Engineering | 500 | /23 (510 hosts) |
| HQ Sales | 120 | /25 (126 hosts) |
| Branch Office A | 50 | /26 (62 hosts) |
| Branch Office B | 25 | /27 (30 hosts) |
| Server VLAN | 10 | /28 (14 hosts) |
| WAN Link 1 | 2 | /30 (2 hosts) |
| WAN Link 2 | 2 | /30 (2 hosts) |
Allocation (sorted largest first):
172.16.0.0/23 -> HQ Engineering (510 hosts)
172.16.2.0/25 -> HQ Sales (126 hosts)
172.16.2.128/26 -> Branch Office A (62 hosts)
172.16.2.192/27 -> Branch Office B (30 hosts)
172.16.2.224/28 -> Server VLAN (14 hosts)
172.16.2.240/30 -> WAN Link 1 (2 hosts)
172.16.2.244/30 -> WAN Link 2 (2 hosts)
Total addresses used: 746 out of 65,536. Remaining space from 172.16.2.248 onward is available for growth.
Common VLSM Mistakes
- Overlapping subnets -- Always verify that the next subnet starts after the previous one ends. A /23 starting at .0.0 ends at .1.255, so the next subnet starts at .2.0.
- Forgetting alignment -- A /26 subnet must start at an address divisible by 64 (0, 64, 128, 192). Misalignment causes overlap.
- No growth room -- Allocating exactly what is needed today leaves no room for expansion. Plan for 50-100% growth.
WAN Links: Why /30 and /31?
Point-to-point WAN links only need two usable addresses. A /30 provides exactly 2 usable IPs (plus network and broadcast). RFC 3021 also allows /31 for point-to-point links, saving one additional address by eliminating the broadcast address.
/30: 4 addresses total, 2 usable (traditional)
/31: 2 addresses total, 2 usable (point-to-point only)
Most modern routers support /31 on point-to-point interfaces, and it is recommended for new deployments.