What is CIDR?

Revised June 27, 2018

What could be simpler?

Questions? Comments? AL "at" CatSpace "dot" com

I've had several CatSpace fans ask for an overview of CIDR, so here it is.

CIDR (Classless Inter-Domain Routing) is discussed in RFC 1519. There are three parts to it ...

Part 1: In "CIDR notation", masks are represented by the number of bits (starting from the left) that are set to "one". For example, a mask of (the default mask for a class C network) is "/24". The default mask for a class A network ( is "/8", and the default mask for a class B ( is "/16". Since there are 32 bits in a mask, the range of masks is from "/0" ( to "/32" ( As a final example, a subnet mask of is a "/29" in CIDR notation.

Part 2: Classful addressing (A, B, C, etc) is obsolete. Instead of handing out an entire A, B or C network to an organization, address space can be assigned in "chunks" that fit the need. For example, suppose that an organization needs a "class C" worth of address space (254 hosts). What difference does it make whether they are given (a class C), (1/256th of a class B), or (1/65,536th of a class A)? Because each of these specifies eight host bits, they all support 254 hosts.

Suppose that an organization needs only 126 addresses. To give them an entire class C network would be wasteful. They could be given half of a C, such as (the lower half of or (the upper half of Of course, or (either is 1/512th of a B) would do the trick. Likewise for or (either is 1/131,072th of an A). If they needed only 62 addresses, how about, or For those of you who think that you can't use the "all-zeros" and "all-ones" subnets, you're living in the past. It's been legal since 1995 (see RFC 1812 and RFC 1878 for details).

Part 3: Let's say that an organization needing about 500 addresses is given two class C's. If whoever hands out the addressing is clever enough to give them two consecutive networks that start on a multiple of two in the third octet (say and, then that address space could be advertised to the rest of the Internet as (since the two class C's have the first 23 bits in common). If an ISP owns all of the 200.201.x.0 networks, why should it advertise all of them seperately? Instead, it could simply advertise (anything with the first 16 bits in common with 200.201.x.0, which would be through, and thereby reduce the size of the routing tables on the routers to which the routes are advertised. If all of the ISP's did that, it would have a dramatic impact on the size of the Internet core routing tables ... and so they do!

The summary route is called a "CIDR block" (or a "supernet"), and this is commonly done when advertising class C networks (although it can be done with B's, or even A's). For example, the CIDR block contains the class C networks through This is 32 of them, which makes sense, because the mask has been moved 5 bits to the left (from the default for a class C of "/24"), and 2 to the 5th power is 32. ISPs generally don't advertise anything smaller than a "/19" block to one another. That is, they don't advertise individual class C's, they advertise blocks of at least 32 of them (and often bigger blocks than that). Because we are dealing with binary, the block size is always a power of two (i.e., 32, 64, 128, or 256 class C's, when using summary masks of /19, /18, /17 or /16, respectively). Note that for this to work, the ISP has to own all of the class C networks in that block, and for that reason address space is now handed out geographically (in other word, there is a geographic hierarchy to the Internet).

An interesting effect occurs when CIDR is used to aggregate blocks of classful networks. Suppose that an organization is given networks and They could treat them as two separate networks (or even subnet them). If they chose not to subnet them, the usable range of host addresses would be (254 addresses) and (another 254 addresses), for a total of 508 usable host addresses. If, however, the organization combines the two networks, and treats it as, the usable range of host addresses is, which includes the addresses and This is 510 usable host addresses (which is what we would expect given nine host bits), and the net result is that they gain two host addresses. Granted that most organizations would not want a "subnet" that supports 500+ hosts, but if they needed it, they could do it, and gain those two host addresses in the process. Amazing, eh?

That's CIDR in a nutshell: hand out pieces of classful networks (to avoid wasting addresses), and advertise blocks of networks (to reduce the size of routing tables). What it means operationally is that routers don't generally care about the "class" of an address, they only care about the number of bits specified by the mask. The part the router cares about is referred to as the "prefix", from which we get the term "prefix routing", which means to look for the best (longest) match (most bits in common).


Consult RFC 1519 for additional details.

Return to the top of this Exercise!

Return to the directory of Goodies!

Copyright © 2018 Alchemy, Inc. All rights reserved.