## -= IDS Communications Blog =-

# Understanding CIDR

CIDR (*sometimes called supernetting*) is a way to allow more flexible allocation of Internet Protocol (IP) addresses than it was possible with the original system of IP address classes.

CIDR stands for **Classless Inter-Domain Routing**was created back in 1993 because IPV4 was slowly running out of IP addresses, that's when IPV6 was created hoping to solve this problem. Although IPV6 is still not widely use, more appliances/devices now support IPV6 Protocols so if need be, people would be able to implement this new standard. IPV4 is a 32-bit standard vs 128-bit for IPV6 which gives us an almost unlimited range of addresses.

Without going into details of IPV4 and IPV6, if you know basic Networking, you are aware of these classes:

- A (255.0.0.0)
- B (255.255.0.0)
- C (255.255.255.0).

The problem with Classes A, B and C was that if you needed 10 public routable IPs, the Class was the way to go as it would provide 256 Hosts which was a waste of addresses and also hard to manage. That's when CIDR came into play.

If you don't know what CIDR is, here is an example: 192.168.1.0 /24 where /24 would be your mask. Maybe now it rings a bell? The /24 tells you everything you need to know to configure your Network as long as you know how to "read it". If not, don’t worry, here are some tricks I found over the years to learn and understand CIDR.

First of all, let's start with a chart. This chart will be helpful with your calculation and it will make things easier. We will get back to it later.

128 |
64 |
32 |
16 |
8 |
4 |
2 |
1 |

Understanding an IPV4 IP Address

Before we start with the explanation, you need to understand what an IPV4 IP Address is. If you already know and understand the principle, you can skip to the next step, if not, bear with me.

First of all, computers speak and understand only binary which means either 0 or 1. An IPV4 IP address has 32-bit. It is composed of 4 "blocks" separated by dots ie: **192.168.1.1 **where **192** is the first block of 8-bit, **168** is the second block of 8-bit, **1** is the third block of 8-bit and **1** is the fourth block of 8-bit for a total of 32-bit.

Each number in this IP (192.168.1.1) has its equivalent in binary so computers can understand, in this case it would be: (11000000.10101000.00000001.00000001, but this is not really important for now, I will demonstrate how to make the calculation a little bit later in this tutorial).

An IP address always comes with a Network mask. The mask determines which part of the address is assigned to the Hosts. A common mask is usually either 255 or 0, where in binary 255 is equal to all 1's and 0 equal all 0's. In this example, 255.255.255.0 would be equal to 11111111.11111111.11111111.00000000. Let's look at the graph below to better understand what I just said:

192 |
168 |
1 |
1 |
IP Address IPV4 |

11000000 | 10101000 | 00000001 | 00000001 | Same IP in binary |

255 |
255 |
255 |
0 |
Subnet Mask |

11111111 | 11111111 | 11111111 | 00000000 | Same Mask in binary |

8-bit | 8-bit | 8-bit | 8-bit | 4 Blocks of 8-bit = 32-bit IP Address |

Bottom line this is a crash course on IPV4!

Finding the Subnet Mask

Let's start by finding the Subnet Mask of a **/24**. Here is the easiest and quickest I found.

Knowing that a standard IPV4 address is equal to 32-bit, your CIDR value of **/24** tells you that you have 24 1's in your mask. Let's look at the graph below:

11111111 | 11111111 | 11111111 | 00000000 | This is /24 binary Mask |

8-bit | 8-bit | 8-bit | 8-bit | 32-bit IP Address |

255 | 255 | 255 | 0 | This is the Mask |

This one was easy, I have to admit. Let’s do another example to show you how simple this is with the 1's method. Let's say find the mask of a CIDR of **/28.**

Now you know that you have to count 28 1's! Let's see what this looks like:

11111111 | 11111111 | 11111111 | 11110000 | This is /28 binary mask |

8-bit | 8-bit | 8-bit | 8-bit | 32-bit IP Address |

255 | 255 | 255 | ??? | Unknow Value! |

Oups! What is **“11110000”**

Not as obvious as 11111111.11111111.11111111.00000000 isn’t it? So how do we convert this? Easy, we know just looking at this that our mask will start with: **255.255.255.??? **To find "???" let's relate to our table at the top of the page.

We have 4 1's and 4 0's in the last block, to find out the last 8-bit of our mask, simply add the numbers from the table where a 1 is present, starting from the left (128). For this example, add the first 4 numbers 128 + 64 + 32 + 16 = 240. Your mask for **/28** is **255.255.255.240**! Let's look at the graph below:

128 | 64 | 32 | 16 | 8 | 4 | 2 | 1 | Table shown above |

1 | 1 | 1 | 1 | 0 | 0 | 0 | 0 | Last 8-bit of the mask in decimal |

128 | 64 | 32 | 16 | 0 | 0 | 0 | 0 | Add these numbers, you get 240 |

Finding the Number of Hosts Available

You have to remember one thing when it comes to the number of Hosts in a CIDR:

You always need to subtract 2 to the total number of Hosts if you want to know how many "usable" IP Address you have in your CIDR!

Why? Simply because the first and the last address are not "usable" IPs. The first one is what we call your Network ID and the last one is your Broadcast address. You can’t assign these addresses to a computer/device.

From the example above, now that we know our mask 255.255.255.240, let's find out how many Hosts in a /28 CIDR**.**Take

**32**(from 32-bit IPV4 format) -

**28**(Your CIDR) =

**4**.

Knowing that computers understand binaries (0 and 1) this give us 2 possibilities. Now take that 2 and multiply it 4 times by himself, 4 coming from our subtraction (which is 2x2x2x2).

**2 ^ 4 = 16. **In a CIDR of

**/28**you have a total of 16 Hosts minus 2 if you want to exclude your Network ID and Broadcast addresses which leaves you with 14 "usable" IP addresses.

Another example with a CIDR of

**/18**would be

**32 - 18 = 14**

**2 ^ 14 = 16384**In a CIDR of

**/18**, you have a total of 16384 Hosts minus 2 if you want to exclude your Network ID and Broadcast addresses.

Finding the First and Last IP Address

Now let’s find the first and last address for our Network. Let's keep the **/28** CIDR with an IP 192.168.1.50. To find out the answer we need to convert our IP into decimal. We will refer to our table to perform this operation. Take each number of your address and see if each number of the table can be contained in it, ie:

128 |
64 |
32 |
16 |
8 |
4 |
2 |
1 |

Let's start with **192**

Can 128 be contained in 192, No = 0, Yes = 1. In this case it's Yes or **1**.

Then subtract 128 from 192, left over is 64Can 64 be contained in 64, No = 0, Yes 1. In this case it's Yes or **1**.

Then subtract 64 from 64, left over is 0Since we have 0 left over, the rest will be all **0s****192 = 1 1 0 0 0 0 0 0**Now let's do the same with

**168**

Can 128 be contained in 168, No = 0, Yes = 1. In this case it's Yes or

**1**.

Then subtract 128 from 168, left over is 40Can 64 be contained in 40, No = 0, Yes = 1. In this case it's No or

**0**.

Can 32 be contained in 40, No = 0, Yes = 1. In this case it's Yes or

**1**.

Then subtract 32 from 40, left over is 8

Can 16 be contained in 8, No = 0, Yes = 1. In this case it's No or

**0**.

Can 8 be contained in 8, No = 0, Yes = 1. In this case it's Yes or

**1**.

Then subtract 8 from 8, left over is 0Since we have 0 left over, the rest will be all

**0s**

168 = 1 0 1 0 1 0 0 0

And so on for the rest of the IP address...

168 = 1 0 1 0 1 0 0 0

Now that you know how to do this, let's put these number in the chart below for easier reading

192.168.1.50 | 11000000 | 10101000 | 00000001 | 00110010 | IP Address |

255.255.255.240 | 11111111 | 11111111 | 11111111 | 11110000 | /28 Mask |

Now, to find out the first address of your Network, you need to do a calculation also called "bitwise AND" where we will compare bits. To do this we need to compare each bit from your IP address lining up with the same bit in your mask, that's why I put our numbers in a graph. Here are the possible results, very simple:

1 - 1 = 1

1 - 0 = 0

0 - 1 = 0

0 - 0 = 0

Basically, only 2 1's lining up will be equal to 1, everything else is 0. Let's look at it in the graph

192.168.1.50 | 11000000 |
10101000 |
00000001 |
00110010 |
IP Address |

255.255.255.240 | 11111111 |
11111111 |
11111111 |
11110000 |
/28 Mask |

192.168.1.48 | 11000000 |
10101000 |
00000001 |
00110000 |
First available IP |

After the bitwise AND calculation, 00110000 in binary is equal to 48 which complete your IP address of 192.168.1.48. To make sure you are on the right track, everything in yellow should **NOT** change as determined by the subnet mask.

Now to find out the last address of your Network, replace all the 0s in the Host part of the first available IP address you just found by 1's

192.168.1.50 | 11000000 |
10101000 |
00000001 |
00110010 |
IP Address |

255.255.255.240 | 11111111 |
11111111 |
11111111 |
11110000 |
/28 Mask |

192.168.1.48 | 11000000 |
10101000 |
00000001 |
00111111 |
Last available IP |

00111111 in binary is equal to 63 which complete your IP address of 192.168.1.63.

**Recap:**

**The IP Address:** 192.168.1.50 /28**Subnet mask:** 255.255.255.240**Network ID:** 192.168.1.48**Broadcast Address:** 192.168.1.63**Available Hosts:** 16**"Usable" addresses:** 192.168.1.49 - 192.168.1.62

Hope this help you guys, let me know if you have question or feel free to comment!

References:

**Binary math: **

http://www.professormesser.com/network-plus/n10-006/binary-math-3/

CIDR Tutorials:

http://www.professormesser.com/network-plus/n10-006/ipv4-addresses-and-subnetting/

https://www.youtube.com/watch?v=POPoAjWFkGg

https://www.youtube.com/watch?v=ls1mMyfnaC0

Online IP Calculator:

http://jodies.de/ipcalc

## Comments 4

That's an interesting post, technical be good! Thanks for taking the time to do it.

0Cancel ReplyThis post is really very interesting for me. I am very glad to see this useful post. I really impressed by this post.

0Cancel ReplyI am happy to find your website, it has very useful content which is good at reading. You have worked hard in making this post

0Cancel Replythanks to the site administrator you really did a great job. This article is such a nice and interesting one.

0Cancel Reply