CIDR notation
CIDR notation and IP blocks explained.
CIDR notation simplifies IP address range management in modern networks. It's essential for network segmentation, routing configuration, and security policies. Understanding CIDR helps you manage IP addresses efficiently and implement effective network controls.
We'll explore CIDR notation's practical applications in network management and security. You'll learn how to read and use CIDR blocks effectively in your network infrastructure.
What is CIDR notation?
CIDR (Classless Inter-Domain Routing) notation expresses IP address ranges using two components: an IP address and a prefix length. The prefix length, written after a forward slash, indicates how many bits are fixed in the network portion.
For example, "192.168.1.0/24" represents all IP addresses from 192.168.1.0 to 192.168.1.255. The "/24" means the first 24 bits are fixed, leaving 8 bits for host addresses (256 possible values).
Understanding IP blocks
IP blocks are continuous ranges of IP addresses expressed in CIDR notation. Network administrators use them to organize and allocate IP addresses efficiently. Smaller networks might use 192.168.1.0/24, while larger corporate networks could need 10.0.0.0/16 for more addresses.
CIDR notation makes it easy to understand how many IP addresses are available in a block. Each decrease in the prefix number doubles the available addresses. For example, moving from /24 to /23 doubles your available IPs.
Common CIDR Block Sizes
| CIDR Notation | Number of IP Addresses | Subnet Mask | Typical Use |
|---|---|---|---|
| /32 | 1 | 255.255.255.255 | Single host |
| /31 | 2 | 255.255.255.254 | Point-to-point links |
| /30 | 4 | 255.255.255.252 | Router-to-router WAN links |
| /29 | 8 | 255.255.255.248 | Small subnet for home or small office |
| /28 | 16 | 255.255.255.240 | Small branch office or department |
| /27 | 32 | 255.255.255.224 | Larger branch office |
| /26 | 64 | 255.255.255.192 | Small business network |
| /25 | 128 | 255.255.255.128 | Medium-sized business network |
| /24 | 256 | 255.255.255.0 | Traditional Class C network, small local network |
| /23 | 512 | 255.255.254.0 | Large branch office or small campus |
| /22 | 1,024 | 255.255.252.0 | Very large branch office |
| /20 | 4,096 | 255.255.240.0 | Small ISP or large enterprise |
| /16 | 65,536 | 255.255.0.0 | Traditional Class B network, large corporate network |
| /8 | 16,777,216 | 255.0.0.0 | Traditional Class A network, major network allocations |
CIDR in network security
Network administrators use CIDR notation in firewall rules and access control lists. For example, "10.0.0.0/8" in a firewall rule applies to all addresses starting with "10". This simplifies security policy management for large networks.
When configuring network security, CIDR notation helps you:
- Define allowed IP ranges in firewall rules
- Set up network segregation policies
- Configure VPN access controls
- Manage cloud network security groups