Managing IP addresses is essential in the operation and security of modern computer networks. However, the original IP addressing system based on address classes A, B, and C was extremely inefficient in allocating addresses. Many addresses were wasted, rapidly depleting the available IPv4 space. To address this pressing issue, Classless Inter-Domain Routing (CIDR) was introduced in 1993.
So, if you’re wondering what is CIDR, read on to learn everything you need to know. We’ll be covering everything from what it is and how CIDR notation and blocks work to the benefits and drawbacks and more.
A go-to guide for IT pros of every level
Understand spanning tree config, get strategies for why and where to put switches, calculate ports needed, and more best practices to keep your network operating smoothly.
What is CIDR?
CIDR stands for Classless Inter-Domain Routing. As the name suggests, it is a classless method of allocating IP addresses and routing traffic across the internet.
The old, classful system allocated IP addresses in fixed blocks based on address classes—A, B, and C. Each address class had predefined subnet masks which determined how many IP addresses each block contained.
For instance, Class C addresses came in blocks of 256 IP addresses each, based on a 255.255.255.0 subnet mask. This was very inefficient when allocating addresses to organizations. Even if you needed only 25 IP addresses, you had to allocate a full Class C block, wasting 231 addresses.
As you can imagine, this accelerated the depletion of the IPv4 address space rapidly. The internet was running out of assignable IP addresses using classful addressing.
CIDR brought a flexible and scalable solution by allowing the allocation of IP addresses based on variable-length subnet masks (VLSMs). This means that any number of IP addresses could be allocated – not just the fixed blocks.
CIDR blocks can be sized based on the organization’s host requirements. For example, smaller CIDR blocks like /27 (32 IP addresses) or /26 (64 IP addresses) became available. This right-sized allocation drastically reduced wasted IP addresses.
Network routers also route traffic more efficiently using CIDR. The blocks can be aggregated together into larger super-networks and summarized to minimize routing table entries. Route summarization is not possible in classful addressing.
By allowing optimized IP allocation and improved routing, CIDR helped solve IPv4 exhaustion issues effectively and paved the way for today’s internet to scale. The internet could not have grown to its current size if we’d still been relying on a classful system versus a classless one.
What is CIDR notation?
CIDR notation offers a compact and extremely useful way to represent IP addresses and their associated subnet masks. It works by appending a forward slash followed by a number to the end of a regular IP address, with this additional suffix denoting what is known as the prefix length.
The prefix length simply refers to the number of bits that make up the network portion of the complete IP address. For example, if you take the IP address 192.168.1.0/24, the /24 here indicates that the first 24 bits constitute the network prefix for this address.
This /24 CIDR notation is equivalent to saying that the subnet mask is 255.255.255.0, which is the same as using those first 24 bits for identifying the network in the IP address. To take another example, an IP address denoted as 172.16.0.0/16 has 16 bits for the network prefix according to its CIDR notation. This means the associated subnet mask would be 255.255.0.0.
The main benefit of expressing IP addresses using CIDR notation is that it allows you to summarize routes and address blocks in a very compact format.
Long subnet mask values do not need to be repeatedly typed out. Instead, you just need to specify the prefix length once after the / delimiter.
This route summarization capability is very useful for keeping routing tables condensed. Without CIDR notation, actual subnet masks would need to be entered separately for each route. That is inefficient and takes up more space.
CIDR notation essentially provides a shorthand way of defining subnets concisely. The IP address denotes the network, while the /prefix length denotes the subnet mask. This improves readability and saves space.
The flexibility of being able to specify any number of bits as the subnet mask allows you to carve up address space into just the right-sized blocks.
What are CIDR blocks?
CIDR blocks are essential components that structure IP address allocation on the internet. They allow optimal distribution of the scarce IPv4 address space among organizations.
CIDR blocks are assigned to Regional Internet Registries (RIRs) by the Internet Assigned Numbers Authority (IANA). These large CIDR blocks consist of millions of IP addresses each.
The RIRs then split these blocks into smaller chunks to distribute among Local Internet Registries (LIRs) representing Internet Service Providers (ISPs). The LIRs and ISPs allocate smaller CIDR blocks optimally to end-user organizations based on their IP requirements.
For example, a small organization might receive a /24 CIDR block with 256 IP addresses from their ISP. A larger organization could receive a /20 CIDR block with 4096 IP addresses.
CIDR blocks fundamentally include:
- The network prefix: This identifies the network portion of the CIDR block using the standard dotted decimal IP address notation.
- The prefix length: Denoted by the suffix after the slash, this indicates the number of bits in the network prefix. This helps distinguish CIDR blocks of different sizes.
So, in a /24 CIDR block, the first 24 bits constitute the network prefix that remains constant. The remaining 8 bits can be allocated to define unique hosts.
The ability to allocate multiple CIDR blocks of optimal sizes makes IP assignment very efficient. Larger CIDR blocks also require fewer routing entries.
Route aggregation is done by summarizing multiple smaller CIDR blocks into a bigger one using a shorter prefix length. This leads to optimized routing tables.
How does CIDR work?
CIDR works by allowing the allocation of IP addresses in arbitrary blocks instead of the fixed sizes defined by the old classful system. This is done using variable-length subnet masks.
A subnet mask identifies the network and host portions of an IP address—the network prefix and host identifier. Subnetting further divides a network into smaller sub-networks.
CIDR enables subnetting using customized subnet masks instead of the default masks. More network bits allow fewer hosts per subnet. Fewer network bits allow more hosts per subnet.
This makes it possible to allocate just the right amount of IP addresses. You can subnet a network down to any size that meets your requirements. Super-netting lets you combine multiple networks into a larger summarized route.
CIDR brings efficiency and flexibility which is needed for today’s large and complex networks on the internet.
When to use CIDR
CIDR is very useful in the following situations:
- When you need to allocate only a specific number of IP addresses instead of blocks with fixed sizes. For example, if you need 200 IP addresses instead of a /24 block with 256 addresses.
- When you want to split a network into optimal-sized subnets based on departments or geographical locations. CIDR lets you size the networks exactly based on host requirements.
- When you want to combine multiple contiguous networks into a summarized route or super-network. This reduces overhead on routers within the network.
Here is an example demonstrating a use case for CIDR:
You have the 192.168.0.0/24 IP address block allocated by your ISP. This contains 256 IP addresses even though you only have 150 devices on your network.
Using CIDR, you can split this into two logical subnets—a 192.168.0.0/25 network with 126 hosts, and a 192.168.0.128/26 network with 62 hosts. This perfectly aligns with your requirements instead of wasting IP addresses.
Benefits of using CIDR notation
CIDR comes with several important benefits that make it vastly superior to the old classful IP addressing system.
Efficient IP address allocation
CIDR lets you divide IP address space into flexible blocks that precisely match your address requirements. Instead of selecting fixed blocks with more addresses than you need, you can custom-size subnets based on the number of hosts needed. This preserves IPs more efficiently compared to classful addressing by preventing unused addresses.
Optimized route summarization
CIDR makes it easy to combine multiple smaller networks into summarized “super-networks” using aggregated CIDR blocks. This route summarization leads to much fewer routing table entries within your network infrastructure. Reduced routing table size improves performance and scalability.
Enhanced network scalability
CIDR permits almost unlimited levels of subnetting, making it massively scalable for large enterprise networks. The old classful addressing could only support a maximum of three possible network tiers. But with CIDR, you get flexible subnet hierarchies that suit networks of any size.
Improved traffic management
Being able to allocate right-sized tailored subnets using VLSM optimizes traffic flow and data routing, eliminating wasted address space and enhancing overall network performance. You get subnets scaled precisely to the number of hosts they need to support.
Organized network structure
CIDR’s hierarchical flexible allocation method lets you design an organized IP addressing plan. You can assign address blocks according to geography, department, or network purpose. This structural organization of addresses improves day-to-day network management.
Simplified IPv6 transition
CIDR makes it easier to implement IPv6 alongside legacy IPv4 infrastructure. The flexible addressing helps seamlessly bridge subnets between old and new IP versions. You get an organized framework to transition gradually without network disruption.
Disadvantages of CIDR
While CIDR improves IP allocation significantly, that doesn’t mean it doesn’t have its drawbacks, such as the following.
Implementation complexity
Configuring and troubleshooting CIDR networks is more complex than classful addressing, with the level of expertise required scaling up as the network size increases.
With classful addressing, the subnet masks were fixed so configuring subnets was simpler. On the other hand, with CIDR, custom subnet masks require more skilled planning, configuration, and management.
As networks grow very large, administrators must carefully track IP assignments across a multitude of subnets. This adds overhead compared to managing fewer classful networks.
Fragmented address space
The variable-sized allocation permitted by CIDR can fragment the IP address space over long periods of time. This may require periodic clean-up and consolidation efforts.
Careful planning is required while designing variable-sized subnets. The address space can get fragmented if contiguous blocks are not available for assignment as the network grows.
Consolidating fragmented address spaces to create larger contiguous blocks requires downtime and impacts network availability. This overhead can be avoided with careful ongoing administration.
Security issues
Route summarization with CIDR can negatively impact network security in some cases. Firewall rules need special consideration for summarized routes.
Since multiple routes get aggregated into one summarized route, firewall rules should analyze traffic based on the original subnet information instead of just the summary route.
More analysis is required to allow intended traffic but block unwanted traffic arriving via a summarized route. This could add more overhead compared to firewall rules for classful networks.
CIDR and subnetting
CIDR and subnetting work very closely together when designing and implementing network addressing schemes. Understanding how they interrelate is key to leveraging their full potential.
At the most basic level, CIDR provides the capability to create subnets flexibly, while subnetting helps in efficiently dividing those networks into smaller sub-networks.
As we’ve covered, in the classful system, IP addresses were allocated in fixed blocks based on address classes—Class A, B, and C. This was very wasteful and could not accommodate specific host requirements efficiently.
With CIDR, though, it was now possible to allocate addresses in variable-sized blocks, using customizable subnet masks instead of the default masks. This is where subnetting comes in. It lets you segment a network into smaller sub-networks by expanding the subnet mask and borrowing bits from the host identifier portion of the IP address.
For example, consider you have been allocated a /24 CIDR block by your ISP. This contains 256 IP addresses.
You could divide this into two /25 subnets with 126 hosts each using a 255.255.255.128 subnet mask. Or maybe 4 /26 subnets with 62 hosts each using a 255.255.255.192 mask.
See how the subnet mask expanded from 24 bits to 25 or 26 bits by borrowing host bits?
This is only possible thanks to CIDR and subnetting!
The key benefit is that you can right-size the subnet sizes exactly to the number of hosts needed. This prevents IP address wastage.
In contrast, with classful addressing, if you needed 150 hosts you had to stick with one giant Class C network instead of tailored subnets. That meant 106 IP addresses would be wasted.
Furthermore, appropriate subnetting also helps with security, network management overhead, traffic containment, and routing optimizations.
For instance, you can isolate departments into dedicated subnets instead of one flat network. And use route summarization to combine subnets administratively.
So, CIDR’s configurable subnet masks and the ability to subnet networks easily work hand-in-hand to allow precise, optimized, and scalable IP allocation schemes.
Embrace the efficiency of CIDR
CIDR is a far more efficient alternative to the old classful IP addressing system because you can divide networks into flexible subsets using variable-length subnet masks matched to host requirements.
This prevents IP addresses from being wasted when compared to fixed-size class A, B, and C networks. And this efficient address allocation has helped slow IPv4 address exhaustion significantly.
With capabilities like route summarization, almost unlimited scalability, and performance optimization, CIDR brings invaluable capabilities to modern networks. Using CIDR for allocating, managing, and routing network addresses is considered a best practice today.
