Classless Inter-Domain Routing
and
Variable-Length Subnet Masks

CIDR and VLSM

CIDR, or Classless Inter-Domain Routing, and VLSM, or Variable-Length Subnet Masks, are two tools for modern network design. They aren't new, by "modern" I mean after the mid-1990s! But many people still use outdated simple designs. Those old design techniques may seem "good enough" and easy, but there are much better ways to design networks. And, the modern techniques aren't difficult to understand!

Make sure you understand IP addresses before starting, including slash notation and netmasks that aren't multiples of 8. For example, something like 192.168.2.203/26. See my introduction to IP addresses and subnets to get up to speed.

Amazon 013608530X

Amazon 0321336313

Really Simple CIDR Block Rule

CIDR is an acronym for Classless Inter-Domain Routing. It has to do with higher level abstractions of IP address blocks. It leads to address aggregation or route aggregation, a technique that keeps routing tables from growing too large.

To answer the question, "Does this set of network addresses form a CIDR block?", you instead answer the following question:

Is there a netmask /N such that:

1. The first N bits of all addresses in the set are identical, and
2. The remaining bits of all addresses exhibit all possible patterns.

If so, the answer is "Yes", and the CIDR block description is the first address followed by /N.

This works for IPv4 and IPv6.

As an example, 200.201.202.0/22 is an IPv4 CIDR block. We can divide it as shown here with colors, where "*" means any base-10 number 0 through 255, and "x" means either 0 or 1 as a bit:

But 200.201.201.0/21 is not a CIDR block. Not all eight possible combinations of the first three bits of the hostid are used. 000, 101, 110 and 111 are missing.

The following shows us what would have to be added to make it a CIDR block: the hostids starting 000, 101, 110, and 111.

Variable Length Subnet Masks

VLSM stands for Variable Length Subnet Mask, a concept used with CIDR.

A great detailed explanation is in the famous 3com paper, but here's a fairly simple example that may get enough of the point across for your needs.

Let's say you have been allocated the /24 address space 200.201.202.0/24, and you need a subnet design to address hosts on the following networks:

• Six point-to-point WAN links (2 IP addresses each for end points)
• Six LANs:
  • 60 hosts (LAN #1)
  • 50 hosts (LAN #2)
  • 25 hosts (LAN #3)
  • 20 hosts (LAN #4)
  • 10 hosts (LAN #5)
  • 10 hosts (LAN #6)

Assign the addresses as below, where bits marked "x" can take all possible patterns other than all zeros and all ones.

sipcalc

The sipcalc tool provides command-line IP subnet calculations. It's available as Linux and BSD packages.

$ sipcalc 73.103.82.147/21
-[ipv4 : 73.103.82.147/21] - 0

[CIDR]
Host address            - 73.103.82.147
Host address (decimal)  - 1231508115
Host address (hex)      - 49675293
Network address         - 73.103.80.0
Network mask            - 255.255.248.0
Network mask (bits)     - 21
Network mask (hex)      - FFFFF800
Broadcast address       - 73.103.87.255
Cisco wildcard          - 0.0.7.255
Addresses in network    - 2048
Network range           - 73.103.80.0 - 73.103.87.255
Usable range            - 73.103.80.1 - 73.103.87.254

-
$ sipcalc 2001:558:600d:16:9937:9580:ac52:27f5/64
-[ipv6 : 2001:558:600d:16:9937:9580:ac52:27f5/64] - 0

[IPV6 INFO]
Expanded Address        - 2001:0558:600d:0016:9937:9580:ac52:27f5
Compressed address      - 2001:558:600d:16:9937:9580:ac52:27f5
Subnet prefix (masked)  - 2001:558:600d:16:0:0:0:0/64
Address ID (masked)     - 0:0:0:0:9937:9580:ac52:27f5/64
Prefix address          - ffff:ffff:ffff:ffff:0:0:0:0
Prefix length           - 64
Address type            - Aggregatable Global Unicast Addresses
Network range           - 2001:0558:600d:0016:0000:0000:0000:0000 -
                          2001:0558:600d:0016:ffff:ffff:ffff:ffff

-