CIDR in Networking
By Leo Vegoda
May 10, 2022
CIDR (Classless Inter-Domain Routing) is a routing system in which network engineers can distribute IP addresses based on the size of their specific network. This is more efficient than the previous system, which assigned IP addresses depending on whether the size of a network fit into one of only three sizes: Class A, Class B, and Class C.
ClDR vs. Classful Routing
CIDR is a much more advanced system of IP routing that solves multiple issues caused by traditional “classful” routing, including wasting unused space and more secure networks. The Downsides of Classful Routing In 1981, the “Classful Routing” system only allowed for three network sizes:
- Class A networks had about 16 million addresses
- Class B networks had just over 65,000 addresses
- Class C networks had 256 addresses
When organizations needed multiple Class C networks, they would get a Class B, even if they’d only use a small portion of it. An organization that needed just 2,000 IPv4 addresses would have needed eight Class C networks. At the time, the technology required each of those networks to be treated as an independent network on the Internet. Having lots of unused space might seem like an advantage, but it also requires extra caution and monitoring to make sure it isn’t being used by other organizations. Such use can make it harder to send email or use services that are restricted to a particular geography. And sometimes, bad actors use someone else’s addresses for cyber attacks.
Advantages of Classless (CIDR) Routing
CIDR (pronounced ‘cider’) was introduced in the early 1990s as a classless domain routing system. This new system empowers organizations to only get the amount of IP addresses they need in their networks, without wasting unused space.
For instance, a network that would have needed eight Class Cs could have received a /20 (pronounced slash 20), which is just over 8,000 addresses. This would have given them all the addresses they needed and room to double in size. This leaves less space to monitor while still leaving plenty for growth. And, it would have left about 57,000 addresses for other organizations.
CIDR Network Sizes
In CIDR, the size of the network is determined by its prefix length. IPv4 has 32 bits shared between identifying the network and the number of addresses in that network. The more bits taken by the prefix, the fewer addresses it contains. An old Class B network has 16 bits of prefix and 16 bits left for addresses. The 16 bits of prefix give it just over 65,000 addresses.
This block size is known as a /16 (pronounced slash 16) in CIDR. But cut it in two and you have two /17s, each with about 32,000 addresses. Here’s a table showing all the sizes of all the prefixes introduced between Class B and Class C by using CIDR.
Prefix Length | Address Count |
---|---|
/24 | 256 |
/23 | 512 |
/22 | 1,024 |
/21 | 2,048 |
/20 | 4,096 |
/19 | 8,192 |
/18 | 16,384 |
/17 | 32,768 |
/16 | 65,536 |
Flexible Routing for Better Internet Management
The Classful Routing system offered some variety in how big a network could be. It offered little flexibility in how those addresses could be routed on the internet. If you had a Class B you could only assign all your addresses to the networks you connected to. You couldn’t allocate half to one network and half to another.
CIDR, and an update to the BGP routing protocol, gave organizations the opportunity to cut up their address space. This lets them influence where traffic arrives. It can improve user experience and cost management.
For example, an organization was struggling to decide how to route the addresses they use. They had sites in two different cities, so they had a tough choice to make with Classful Routing. They could choose to interconnect the sites with a Class B, or they could announce the Class B from one site and have the other site as a dead end. They are forced to route lots of traffic between sites for both of these choices.
But if they cut the network prefix into smaller pieces, they can manage where traffic arrives. Each site can announce the exact prefix it uses. BGP chooses this most specific prefix and so sends traffic directly to the right site. If a site ever loses direct internet connectivity, it can retain internet access through the other site, because both sites also announce the encompassing prefix. BGP will fall back to the less efficient route if the best one fails.
Downsizing with Classful Routing
You can optimize your routing and improve risk management if your organization has a Class B network and plenty of unused address space. Renumbering can pay for this.
Renumbering means either using IPv4 addresses from just one part of the Class B, or exchanging it for a smaller block. The current price of IPv4 addresses will generally cover the cost of extra help to do this work and still provide a surplus.
One Class B
In this example, based on the original organization of IP addresses, in a system with two sites, both are assigned to a Class B network, now known as a /16. Other internet networks can reach them through either site but don’t have enough information to choose an efficient route. Traffic for City A will arrive at City B, and vice versa. Losing the inter-site link hinders internet access for both sites, as traffic for both sites is directed to the other.
One City, one Inter-site Connection
Just one site has internet access in example B. Traffic is only directed in a one-way path, so the site in City B has no connection if the inter-site link fails.
CIDR Solution
Both cities connect directly to the internet. They are each assigned their own addresses, so other internet networks will send traffic directly to the right site. And because they both announce the whole /16, both sites have internet access through the other if one internet connection fails. BGP’s routing algorithm lets organizations use CIDR to manage their incoming traffic better. This can improve network performance without reducing resilience.