Subnet Zero and All-Ones-Subnet explained

ip subnet-zero

Table of Contents

In this article we are going to explain what the ip subnet zero is, but first we need to introduce subnetting. The Subnetting is used to partition a network into sub-networks (also called subnets) that are smaller in terms of addressing space. The first and the last subnets calculated during the subnetting process follow special rules that we are going to present.

As example let’s use the subnetting of Class-A IP address that gives 8 sub-networks:

Subnet # Subnet First Usable IP Last Usable IP Broadcast

If you are not familiar on how to calculate the subnetting presented in the table above, you might want to have a look at our Easy Subnetting Technique that allows to solve any subnetting problem in less than a minute.

All-Zeros-Subnet (Subnet-Zero)

The first subnet that we obtain from the subnetting process, that is, is called All-Zeros-Subnet or Subnet-Zero because in the IP address all the bits in the subnet field are set to ‘0’. If we convert from decimal to binary, we obtain the following: = 01010000.00010100.00010100.00010100

The three bits highlighted in red are the ones “stolen” from the host field and used to create the subnet field. As we can see, in the Subnet-Zero they are all set to the value zero.


The last subnet calculated through the subnetting is called All-Ones-Subnet because all the bits are set to ‘1’. From the table above the last subnet is which converted in binary: = 01010000.11100000.00000000.00000000

The three bits highlighted in red are the ones “stolen” from the host field and used to create the subnet field. As we can see, in the All-Ones-Subnet they are all set to the value one.

Problems using All-Zeros/All-Ones Subnets

Traditionally it was strongly recommended avoiding the use of all-zeros-subnet and all-ones-subnet for addressing, as indicated in the RFC-950 where the subnetting rules are defined. For this reason, in the calculation of the available subnets, those sub-networks can’t be used. For example, in the above table we have 3 bits for the subnet field so 2^3 possible subnets, from which we need to subtract the 2 unusable networks: ((2^3) – 2) = 6 available subnets.

Besides recommendations, the whole IP addressing space has always been usable so it was the System Administrator responsibility ensuring the correct use. The RFC-1878 states that all modern software need to be able to use all the possible subnets, so there no more necessity of avoiding the all-zeros-subnet and all-ones-subnets.

Also RFC-1812 now permits the utilisation of the all-zeros and all-ones subnets in a CIDR compliant network architecture. Modern routing protocols do not have a problem with the all-zeros and all-ones subnets.

The use of the subnet zero for addressing was discouraged because of the confusion when having a network and a subnet with indistinguishable addresses.

The use of the all-ones subnet for addressing was discouraged in the past because of the confusion when having a network and a subnet with identical broadcast addresses.

Modern hardware has no problem with the all-zeroes or all-ones subnets, but some very old hardware might get you in trouble.

Router configuration example

In Cisco IOS there is a command to deal with subnet-zero:

ip subnet-zero

Before Cisco IOS version 12, the use of zero subnet was forbidden by default, which means “no ip subnet-zero” command.

Starting with IOS version 12, the default has been changed to “ip subnet-zero”, so now the subnet-zero can be used without amendment to the configuration.

Let’s see an extract of a router configuration involving the use of subnet-zero

router#configure terminal
router(config)#interface loopback 0
router(config-if)#ip address

As we can see above, no errors when using the subnet zero on a loopback interface. Now let’s disable the subnet-zero use:

router#configure terminal
router(config)#no ip subnet-zero
router(config)#interface loopback 1
router(config-if)#ip address
Bad mask /11 for address        

As indicated by the error “Bad mask /11 for address”, when the use of the subnet-zero is disabled, it’s not possible to configure it on an interface. You can find detailed explanation about Subnet Masks in this article.

Certification advice

The all-zeros and all-ones subnets are the typical tricky questions in network certification exams. When preparing the test, you need to make sure you investigate how the all-zeros and all-ones subnets are treated in that particular certification path.

For example, in a subnetting calculation question the restrictions about all-zeros and all-ones do not normally apply, since the subnetting is basically a math exercise. But if the question is asking about the use of those specific addresses on a router, then you need to think twice before answering.

Normally the best way is checking the blueprint of the certification for which you are studying. You can check if all-zeros and all-ones subnets are covered, and investigate if their use is allowed in router configuration questions.


We have presented the all-zeros and all-ones subnet problem, and the implications that might arise in using them in a real network. As mentioned, all modern equipment should be able to deal with these specific networks, but it’s something to keep in mind when dealing with legacy devices.

Nowadays, pretty much all router operating systems have a command to control the use of subnet-zero, as showed in the Cisco example in a previous section. Just make sure which default setting is present in your legacy devices, so to prevent possible issues when an interface is configured with a all-zeros and all-ones subnet.

4/5 - (10 votes)

Daniele Besana

Daniele Besana

Daniele is a freelancer consultant with 15 years of experience in network security, customer support, Linux and Salsa. He worked for Juniper Networks in Netherlands, providing support and consultancy on security projects across Europe and Middle-East.

What do you think about this article?


  1. Hello,
    your article is very clear. Thank you!

    Please change this = 01010000.00010100.00010100.00010100
    with all 0s after the second 1s, could induce something unclear.
    Thanks again.

  2. Hi Thank you for your explaination. This is very helpfull

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.

About us

RouterFreak is a blog dedicated to professional network engineers. We
focus on network fundamentals, product/service reviews, and career advancements.