Okay! Subnet masks, here we go. So we're familiar with the concept of an IP address right? Four numbers between 0 and 255, separated by a dot. What you might not know (and most people don't) is that this is actually a single 32 bit number. The dotted decimal notation is just an easier way of representing it.
So really when we say something like 0.0.0.1 what we're really talking about a binary number:
0000 0000 0000 0000 0000 0000 0000 0001
The reason we separate it into dotted decimal is so it's easier for humans to work with. The thing is that this can also be represented as a single base-10 number. IP addresses allow for every single number between 0 and 4,294,967,295. Every possible combination of 1s and 0s between:
0000 0000 0000 0000 0000 0000 0000 0000
and
1111 1111 1111 1111 1111 1111 1111 1111
So a small lesson in binary, if you're unfamiliar. This isn't particularly integral in terms of actually working with addresses but it's good to understand to know why things work the way they do.
Given that in binary, each number can be either 0 or 1, each number allows for two values. So if you have one binary number that's two possible combinations.
0 or 1
If you have two, that's four. 00, 01, 10, 01. Three, eight combinations. 000, 001, 010, 011, 100, 101, 110, 111. Notice a pattern? Every time you add one extra binary number, you're doubling the number of possible combinations. Every possible number with a 0 at the start, or with a 1. So the number of possible combinations with any binary number is 2 to the power of the number of bits. So 23 = 8. 28 is 256. So 8 bits is each of our 256 number blocks.
So getting back to how that related to real numbers, and that every IP is just a number between 0 and about 4.3 billion:
121.209.163.50 is really just the number 2043781938.
It's also 01111001110100011010001100110010.
Each block of 8 bits is one of our dotted decimal numbers. So let's split it up:
01111001.11010001.10100011.00110010
01111001 = 121
11010001 = 209
10100011 = 163
00110010 = 50
SO. Now that we understand what builds an IP address, what the hell is a subnet mask!?
The internet is big. Like, really big. A subnet mask has one purpose - determining whether another IP address is on the same LAN as us, or whether it needs to be sent out somewhere else to be delivered. For the sake of keeping it reasonably simple, let's look at a basic home LAN.
IP: 10.0.0.0
Subnet mask: 255.255.255.0
At a basic level, a subnet mask says how much of the IP address belongs to the network you're on. I'm going to stop using dotted decimal notation for subnet masks immediately after this because they're stupid. Let's look at this subnet mask and IP in binary:
10 = 00001010, and we know 0s are 0. So IP and subnet mask:
00001010.00000000.00000000.00000000 11111111.11111111.11111111.00000000
A subnet mask is just literally, starting from the left, how many bits are 1s. Anything where all the 1s match with your IP, is on the same LAN as you. That's it.
So 10.0.0.1 is on the same LAN as 10.0.0.2, 10.0.0.10, 10.0.0.235, etc etc.
10.0.1.0 is on a different LAN.
00001010.00000000.00000000.00000000
11111111.11111111.11111111.00000000
00001010.00000000.00000001.00000000
1 portion doesn't match == different network == send to default gateway rather than broadcast to local LAN.
So you can see pretty easily that a subnet mask here is just 'how many 1s there are' in a 32 bit number. So why do we represent it as 255.255.255.0? Because of reasons. Professionals refer to that subnet mask as a /24, because the first 24 bits are 1s. Similarly, 255.255.0.0 is /16, 255.0.0.0 is /8, and all the numbers in between. I'm using those as an example because they fall on the boundaries of the dotted decimal notation which makes it easy to identify which parts are the same and which are different.
So 10.0.0.0/8 is a different network to 11.0.0.0/8.
That's it really. Anything within the same subnet gets sent to the local LAN, anything outside of it gets sent to the router to go off to InternetLand. And the subnet mask allows the computer to calculate which is which.
So if your computer is sitting on 10.0.0.2/24 and it has a packet destined for 10.0.0.3 it will look at its own subnet mask and realise that 10.0.0 matches 10.0.0 of the packet destination and send it to the LAN. If there was a packet for 10.0.1.3 or 10.2.4.6 or 111.203.215.5 it will compare those with 10.0.0 and go 'nope that's for a remote destination' and send it to the router.
I've dug very deep into the /why/ here, and the why annoyed the piss out of me when I was first learning so let me know what needs more explanation. This is all a setup for an advanced lesson later, so although some of this seems useless, it's leading somewhere :)