What is a Subnet? A Subnet is a subnetwork of computers, partitioned from a larger computer network (such as the Internet). In essence, your home network is a subnet of the Internet network itself. However, it is often necessary to create further separation. One example is to separate your business computers from your personal computers.
Do I need a subnet?
Most homeowners do not need to segment their home network. So unless you have unusual requirements, the short answer is “no.” Examples where you might want to employ subnets include:
- A Home office with both business and personal computers in which separation is an absolute necessity.
- Creating a separate WLAN (Wireless Local Area network) for guests so that they can only access the Internet, without accessing the computers on your default LAN.
- Sharing internet access with a neighbor (Oops! Did I just say that?).
Carefully look at the IP addresses of the LAN’s below. The top of the image illustrates a subnet using private IP addresses ending in 192.168.1.x. The bottom of the image illustrates a subnet with IP addresses ending in 192.168.7.x. The following diagram illustrates each network as a separate group of computers.
Physical Subnet
A subnet represents all of the devices within a LAN, including all client, server, and host computers within that group. One benefit of creating a subnet is that it allows different computer groups to be connected to the Internet using a single shared public IP address.
In the illustration above, each router has it’s own private LAN IP address. But they can share one single public WAN IP address. Your public WAN IP address is issued by your Internet Service Provider and this is what identifies your network on the Internet. So, anything that goes on in your network (whether legal or illegal) can be tracked back to your public WAN IP address.
What are the different types of subnets?
There are basically two types of subnetworks. One is separated physically using hardware. The other type is separated virtually. Virtual separation can be achieved using the firmware installed on your router or switch. This is known as a Virtual Local Area Network (VLAN).
In the next diagram, there are two switches wired to one router via Ethernet cable. Most switches don’t route or control anything (unless it’s a “managed” switch). They just connect devices. So, technically speaking, this is one LAN. However, depending on your router, you can accomplish the same objective by creating a Virtual Local Area Network (VLAN). In this environment, the LAN’s are separated virtually using the firmware inside of the router.
Virtual Subnet
In the image above, the router is wired to two switches. But the switches are not necessary. In fact, once a VLAN is created, you can simply assign one of your router ports as a dedicated line to a specific VLAN. You can also create a separate wireless guest account and assign it to that VLAN only. This way, your guests will be able to access the Internet but they will be unable to see other computers in your LAN. Guest networks and VLAN’s can be very handy. This is just another reason Tomato firmware is a “must have” for so many home networks.
