From http://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing
Classless Inter-Domain Routing (CIDR) is a method for allocating IP addresses and routing Internet Protocol packets. The Internet Engineering Task Force introduced CIDR in 1993 to replace the previous addressing architecture of classful network design in the Internet. Their goal was to slow the growth of routing tables on routers across the Internet, and to help slow the rapid exhaustion of IPv4 addresses.[1][2]
IP addresses are described as consisting of two groups of bits in the address: the most significant part is the network address which identifies a whole network or subnet and the least significant portion is the host identifier,
which specifies a particular host interface on that network. This
division is used as the basis of traffic routing between IP networks and
for address allocation policies. Classful network design for IPv4
sized the network address as one or more 8-bit groups, resulting in the
blocks of Class A, B, or C addresses. Classless Inter-Domain Routing
allocates address space to Internet service providers and end users on any address bit boundary, instead of on 8-bit segments. In IPv6,
however, the interface identifier has a fixed size of 64 bits by
convention, and smaller subnets are never allocated to end users.
CIDR notation
is a syntax of specifying IP addresses and their associated routing
prefix. It appends to the address a slash character and the decimal
number of leading bits of the routing prefix, e.g., 192.168.0.0/16 for
IPv4, and 2001:db8::/32 for IPv6.
Contents[hide] |
Background
During the first decade of the modern Internet after the invention of the Domain Name System (DNS) it became apparent that the devised system based on the classful network scheme of allocating the IP address space and the routing of IP packets was not scalable.[3]
To alleviate the shortcomings, the Internet Engineering Task Force published in 1993 a new set of standards, RFC 1518 and RFC 1519,
to define a new concept of allocation of IP address blocks and new
methods of routing IPv4 packets. A new version of the specification was
published as RFC 4632 in 2006.[4]
An IP address is interpreted as composed of two parts: a network-identifying prefix followed by a host
identifier within that network. In the previous classful network
architecture of Internet Protocol Version 4, IP address allocations were
based on the bit boundaries of the four octets
of an IP address. An address was considered to be the combination of an
8, 16, or 24-bit network prefix along with a 24, 16, or 8-bit
individual or node address. Thus, the smallest allocation and routing
block contained only 256 addresses—too small for most enterprises, and
the next larger block contained 65,536 addresses—too large to be used
efficiently by even large organizations. This led to inefficiencies in
address use as well as routing because the large number of allocated
small (class-C) networks with individual route announcements, being
geographically dispersed with little opportunity for route aggregation, created heavy demand on routing equipment.
As the experimental TCP/IP network expanded into the Internet during
the 1980s, the need for more flexible addressing schemes became
increasingly apparent. This led to the successive development of subnetting and CIDR. Because the old class distinctions are ignored, the new system was called classless routing. It is supported by modern routing protocols, such as RIP-2, EIGRP, IS-IS and OSPF. This led to the original system being called, by back-formation, classful routing.
Classless Inter-Domain Routing is based on variable-length subnet masking
(VLSM), which allows a network to be divided into different-sized
subnets. CIDR avoids wasting IP addresses. Variable-length subnet masks
are mentioned in RFC 950. [5]
CIDR encompasses several concepts. It is based on the VLSM technique
with effective qualities of specifying arbitrary-length prefixes.
Addresses are represented in CIDR notation,
in which an address or routing prefix is written with a suffix
indicating the number of bits in the address, such as 192.168.0.0/16.
CIDR introduced an administrative process of allocating address blocks
to organizations based on their actual and short-term projected needs.
The aggregation of multiple contiguous prefixes resulted in supernets
in the larger Internet, which when ever possible are advertised as
aggregates, thus reducing the number of entries in the global routing
table.
CIDR blocks
CIDR is principally a bitwise, prefix-based standard for the
interpretation of IP addresses. It facilitates routing by allowing
blocks of addresses to be grouped into single routing table entries.
These groups, commonly called CIDR blocks, share an initial sequence of
bits in the binary representation of their IP addresses. IPv4 CIDR
blocks are identified using a syntax similar to that of IPv4 addresses: a
four-part dotted-decimal address, followed by a slash, then a number
from 0 to 32: A.B.C.D/N. The dotted decimal portion is interpreted, like
an IPv4 address, as a 32-bit binary number that has been broken into
four octets. The number following the slash is the prefix length, the
number of shared initial bits, counting from the most-significant bit of
the address. When emphasizing only the size of a network, the address
portion of the notation is usually omitted. Thus, a /20 is a CIDR block
with an unspecified 20-bit prefix.
An IP address is part of a CIDR block, and is said to match the CIDR
prefix if the initial N bits of the address and the CIDR prefix are the
same. Thus, understanding CIDR requires that IP address be visualized in
binary. Since the length of an IPv4 address has 32 bits, an N-bit CIDR
prefix leaves 32-N bits unmatched, meaning that 232-N IPv4
addresses match a given N-bit CIDR prefix. Shorter CIDR prefixes match
more addresses, while longer prefixes match fewer. An address can match
multiple CIDR prefixes of different lengths.
CIDR is also used for IPv6 addresses
and the syntax semantic is identical. A prefix length can range from 0
to 128, due to the larger number of bits in the address, however, by
convention a subnet on broadcast MAC layer networks always has 64-bit
host identifiers. Larger prefixes are rarely used even on point-to-point
links.
Assignment of CIDR blocks
The Internet Assigned Numbers Authority
(IANA) issues to regional Internet registries (RIRs) large,
short-prefix CIDR blocks. For example, 62.0.0.0/8, with over sixteen
million addresses, is administered by RIPE NCC, the European RIR. The
RIRs, each responsible for a single, large, geographic area, such as
Europe or North America, then subdivide these blocks into smaller blocks
and issue them local Internet registries. This subdividing process can
be repeated several times at different levels of delegation. End user
networks receive subnets sized according to the size of their network
and projected short term need. Networks served by a single ISP are
encouraged by IETF
recommendations to obtain IP address space directly from their ISP.
Networks served by multiple ISPs, on the other hand, may obtain provider-independent address space directly from the appropriate RIR.
For example, in the late 1990s, the IP address 208.130.29.33 (since
reassigned) was used by www.freesoft.org. An analysis of this address
identified three CIDR prefixes. 208.128.0.0/11, a large CIDR block
containing over 2 million addresses, had been assigned by ARIN (the
North American RIR) to MCI. Automation Research Systems, a Virginia VAR,
leased an Internet connection from MCI and was assigned the
208.130.28.0/22 block, capable of addressing just over 1000 devices. ARS
used a /24 block for its publicly accessible servers, of which
208.130.29.33 was one.
All of these CIDR prefixes would be used, at different locations in
the network. Outside of MCI's network, the 208.128.0.0/11 prefix would
be used to direct to MCI traffic bound not only for 208.130.29.33, but
also for any of the roughly two million IP addresses with the same
initial 11 bits. Within MCI's network, 208.130.28.0/22 would become
visible, directing traffic to the leased line serving ARS. Only within
the ARS corporate network would the 208.130.29.0/24 prefix have been
used.
Subnet masks
A subnet mask is a bitmask
that encodes the prefix length in quad-dotted notation: 32 bits,
starting with a number of 1 bits equal to the prefix length, ending with
0 bits, and encoded in four-part dotted-decimal format. A subnet mask
encodes the same information as a prefix length, but predates the advent
of CIDR. However, in CIDR notation, the prefix bits are always
contiguous, whereas subnet masks may specify non-contiguous bits.
However, this has no practical advantage for increasing efficiency.
Prefix aggregation
CIDR provides the possibility of fine-grained routing prefix aggregation, also known as supernetting or route summarization. For example, sixteen contiguous /24 networks can be aggregated and advertised to a larger network as a single /20 route, if the first 20 bits of their network addresses match. Two aligned contiguous /20s may then be aggregated to a /19, and so forth. This allows a significant reduction in the number of routes that have to be advertised.
| IP/CIDR | Δ to last IP addr | Mask | Hosts (*) | Class | Notes |
|---|---|---|---|---|---|
| a.b.c.d/32 | +0.0.0.0 | 255.255.255.255 | 1 | 1/256 C | |
| a.b.c.d/31 | +0.0.0.1 | 255.255.255.254 | 2 | 1/128 C | d = 0 ... (2n) ... 254 |
| a.b.c.d/30 | +0.0.0.3 | 255.255.255.252 | 4 | 1/64 C | d = 0 ... (4n) ... 252 |
| a.b.c.d/29 | +0.0.0.7 | 255.255.255.248 | 8 | 1/32 C | d = 0 ... (8n) ... 248 |
| a.b.c.d/28 | +0.0.0.15 | 255.255.255.240 | 16 | 1/16 C | d = 0 ... (16n) ... 240 |
| a.b.c.d/27 | +0.0.0.31 | 255.255.255.224 | 32 | 1/8 C | d = 0 ... (32n) ... 224 |
| a.b.c.d/26 | +0.0.0.63 | 255.255.255.192 | 64 | 1/4 C | d = 0, 64, 128, 192 |
| a.b.c.d/25 | +0.0.0.127 | 255.255.255.128 | 128 | 1/2 C | d = 0, 128 |
| a.b.c.0/24 | +0.0.0.255 | 255.255.255.000 | 256 | 1 C | |
| a.b.c.0/23 | +0.0.1.255 | 255.255.254.000 | 512 | 2 C | c = 0 ... (2n) ... 254 |
| a.b.c.0/22 | +0.0.3.255 | 255.255.252.000 | 1,024 | 4 C | c = 0 ... (4n) ... 252 |
| a.b.c.0/21 | +0.0.7.255 | 255.255.248.000 | 2,048 | 8 C | c = 0 ... (8n) ... 248 |
| a.b.c.0/20 | +0.0.15.255 | 255.255.240.000 | 4,096 | 16 C | c = 0 ... (16n) ... 240 |
| a.b.c.0/19 | +0.0.31.255 | 255.255.224.000 | 8,192 | 32 C | c = 0 ... (32n) ... 224 |
| a.b.c.0/18 | +0.0.63.255 | 255.255.192.000 | 16,384 | 64 C | c = 0, 64, 128, 192 |
| a.b.c.0/17 | +0.0.127.255 | 255.255.128.000 | 32,768 | 128 C | c = 0, 128 |
| a.b.0.0/16 | +0.0.255.255 | 255.255.000.000 | 65,536 | 256 C = 1 B | |
| a.b.0.0/15 | +0.1.255.255 | 255.254.000.000 | 131,072 | 2 B | b = 0 ... (2n) ... 254 |
| a.b.0.0/14 | +0.3.255.255 | 255.252.000.000 | 262,144 | 4 B | b = 0 ... (4n) ... 252 |
| a.b.0.0/13 | +0.7.255.255 | 255.248.000.000 | 524,288 | 8 B | b = 0 ... (8n) ... 248 |
| a.b.0.0/12 | +0.15.255.255 | 255.240.000.000 | 1,048,576 | 16 B | b = 0 ... (16n) ... 240 |
| a.b.0.0/11 | +0.31.255.255 | 255.224.000.000 | 2,097,152 | 32 B | b = 0 ... (32n) ... 224 |
| a.b.0.0/10 | +0.63.255.255 | 255.192.000.000 | 4,194,304 | 64 B | b = 0, 64, 128, 192 |
| a.b.0.0/9 | +0.127.255.255 | 255.128.000.000 | 8,388,608 | 128 B | b = 0, 128 |
| a.0.0.0/8 | +0.255.255.255 | 255.000.000.000 | 16,777,216 | 256 B = 1 A | |
| a.0.0.0/7 | +1.255.255.255 | 254.000.000.000 | 33,554,432 | 2 A | a = 0 ... (2n) ... 254 |
| a.0.0.0/6 | +3.255.255.255 | 252.000.000.000 | 67,108,864 | 4 A | a = 0 ... (4n) ... 252 |
| a.0.0.0/5 | +7.255.255.255 | 248.000.000.000 | 134,217,728 | 8 A | a = 0 ... (8n) ... 248 |
| a.0.0.0/4 | +15.255.255.255 | 240.000.000.000 | 268,435,456 | 16 A | a = 0 ... (16n) ... 240 |
| a.0.0.0/3 | +31.255.255.255 | 224.000.000.000 | 536,870,912 | 32 A | a = 0 ... (32n) ... 224 |
| a.0.0.0/2 | +63.255.255.255 | 192.000.000.000 | 1,073,741,824 | 64 A | a = 0, 64, 128, 192 |
| a.0.0.0/1 | +127.255.255.255 | 128.000.000.000 | 2,147,483,648 | 128 A | a = 0, 128 |
| 0.0.0.0/0 | +255.255.255.255 | 000.000.000.000 | 4,294,967,296 | 256 A |
(*) For routed subnets bigger than /31 or /32, two
reserved addresses need to be subtracted from the number of available
host addresses: the largest address, which is used as the broadcast
address, and the smallest address, which is used to identify the network
itself. [6][7]
It is also common for the IP gateway for that subnet to use an address,
meaning that three addresses would have to be subtracted from the
number of hosts that can be used on the subnet.
Shortcut Formulas
Hosts: 2(32-CIDR)
IPv4 CIDR to Mask:
IPv4 CIDR (24-32): 255.255.255.256-2(32-CIDR)
IPv4 CIDR (16-23): 255.255.256-2(24-CIDR).0
IPv4 CIDR (08-15): 255.256-2(16-CIDR).0.0
IPv4 CIDR (00-07): 256-2(8-CIDR).0.0.0
Ex1:
a.b.c.d/24=255.255.255.(256-2(32-CIDR))
256-2(32-24)=256-2(8)=256-256=0
Thus, the mask is 255.255.255.0
Ex2:
a.b.c.0/18=255.255.(256-2(24-CIDR)).0
256-2(24-18)=256-2(6)=256-64=192
Thus, the mask is 255.255.192.0
Ex3:
a.b.0.0/12=255.(256-2(16-CIDR)).0.0
256-2(16-12)=256-2(4)=256-16=240
Thus, the mask is 255.240.0.0
Ex4:
a.0.0.0/2=(256-2(8-CIDR)).0.0.0
256-2(8-2)=256-2(6)=256-64=192
Thus, the mask is 192.0.0.0