VLSM and CIDR

Overview

The ability of routing protocols to route to networks with Variable Length Subnet Masks (VLSM) and Classless Interdomain Routing (CIDR), along with the creation of NAT and private addressing, has enabled IPv4 to remain a viable network address solution well beyond its original design limitations.

When IPv4 addressing was first developed it was designed as a class based system with Class A, B, C, D, E addresses.

Class A:  0.0.0.0   – 127.255.255.255
Class B:  128.0.0.0 – 191.255.255.255
Class C:  192.0.0.0 – 223.255.255.255
Class D:  224.0.0.0 – 239.255.255.255
Class E:  240.0.0.0 – 255.255.255.255

The IP address class system is based on the IP address as read in binary. This means there is a logic to the classes based on the bit pattern, or the first 4 bits (higher order bits) read left to right. In other words, in all Class A addresses, the first two bits (left to right), in binary, will start with a 01, a Class B address will start with a 10, a Class C address with a 110, a Class D address a 1110, and a Class E address with a 1111.

This class based system was divided into networks and hosts based on a netmask system with the following class-based netmasks:

Class A:  255.0.0.0  (255 network addresses and 16,777,216 hosts)
Class B:  255.255.0.0  (65,536 network addresses and 65,536 host addresses)
Class C:  255.255.255.0  (16,777,216 network addresses and 256 host addresses)

In this system, the networks are defined by the portion of 255s and the hosts are defined by the portion of zeros. Of course, in binary this is simply the ones on the left hand side and the zeros on the right. This class structure creates a hierarchy of larger to smaller networks, and a publicly available class range from Class A to Class C.

We can see the limitations in the system if we set up a hypothetical scenario of a country that reserves one of the two hundred and fifty six available Class A address’ for its country. Let’s say hypothetically that the country reserves the Class A address 23.0.0.0 /8. How would it divide its networks and addresses? In a class based system of networks and hosts it is limited to classful networks. For example:

a hierarchical classful network scenario

1 Class A network for 1 country 256 Class B networks for 256 cities 256 Class C networks for 256 businesses per city 256 Class C public IP addresses per business
23.0.0.0 /8 23.0.0.0 /16
23.1.0.0 /16
23.2.0.0 /16
23.3.0.0 /16
…to…
23.255.0.0 /16
23.1.0.0 /8
23.1.1.0 /8
23.1.2.0 /8
23.1.3.0 /8
…to…
23.1.255.0 /8
23.1.1.0 /8
23.1.1.1 /8
23.1.1.2 /8
23.1.1.3 /8
…to…
23.1.1.255 /8

So in this scenario, a business would be restricted to having one Class C network with 256 public IP addresses. You can easily see the limitations of classful addressing. What if a business only needed 10 IP addresses, the rest would be waisted? Luckily, VLSM, CIDR, NAT and the development of Private Address spaces: 10.0.0.0/8, 172.16.0.0 /20, and 192.168.0.0 /16 were designed to help save IP addresses and make networks more flexible by allowing them to be different sizes then the ones mandated by the Classful IPv4 address structure.

If every computer on the internet needed a public IP address we would have run out of IPv4 addresses a long time ago. The development of VLSM and CIDR, NAT, and Private Addressing helped the conservation of IPv4 addresses that was brought about by the need to deal with the exponential growth of the internet and the realisation that IPv4 was simply running out of address space. Since then, IPv4 address space has indeed run out, and IPv6 has been developed which will never run out, but VLSM, CIDR, NAT, and private addressing enabled IPv4 to last much longer than expected and because of those developments IPv4 is still very much in use today.

VLSM – Variable Length Subnet Masks and CIDR – Classless Interdomain Routing

So how does VLSM and CIDR work? CIDR basically means that when routing you are not limited to networks based on /8, /16, or /24 subnet masks, and VLSM means that as long as the address spaces do not overlap, you can divide a classful network like 192.168.1.0 /24 into networks of different sizes and subnet masks like this:

192.168.1.0 /24 (1 network with 256 hosts)
or in the example below, 7 networks of different sizes

192.168.1.0 ..to.. 192.168.1.127 /25 (1 network with 128 hosts),
192.168.1.128 ..to.. 192.168.1.191 /26 (1 network with 64 hosts),
192.168.1.192 ..to.. 192.168.1.223 /27 (1 network with 32 hosts),
192.168.1.224 ..to.. 192.168.1.239 /28 (1 network with 16 hosts),
192.168.1.240 ..to.. 192.168.1.247 /29 (1 network with 8 hosts),
192.168.1.248 ..to.. 192.168.1.251 /30 (1 network with 4 hosts),
192.168.1.252 ..to.. 192.168.1.255 /30 (1 network with 4 hosts)

How I divide the networks above into variable sizes is based on the subnet mask and the binary place value of the last “1” bit. I like to call this method the “Magic Number.” Notice that the networks above are the same size as the Magic Number of the subnet mask.

the magic number is bold

/25 = 11111111.11111111.11111111.10000000  (the last 1 is in the 128 place)
/26 = 11111111.11111111.11111111.11000000  (the last 1 is in the 64 place)
/27 = 11111111.11111111.11111111.11100000  (the last 1 is in the 32 place)
/28 = 11111111.11111111.11111111.11110000  (the last 1 is in the 16 place)
/29 = 11111111.11111111.11111111.11111000  (the last 1 is in the 8 place)
/30 = 11111111.11111111.11111111.11111100  (the last 1 is in the 4 place)
you cannot do /31 and /32, but you can do /7, /8, /15, /16, /23 /24 etc.
/23 = 11111111.11111111.11111110.00000000  (the last 1 is in the 2 place)
/24 = 11111111.11111111.11111111.00000000  (the last 1 is in the 1 place)

 Summary Routes and Supernets

With CIDR and classless addressing, not only can you divide subnets into smaller subnets you can also generalize or summarize subnets into supernets. A supernet allows a router to put one summary route in its routing table instead of many routes. Take the following example:

Let’s say you have a router that is connected to another router that has the following connected networks:

192.168.0.0 /24
192.168.1.0 /24
192.168.2.0 /24
192.168.3.0 /24
192.168.4.0 /24
..to..
192.168.15.0 /24

Instead of configuring 16 static routes to reach all of those networks you could configure one supernet route of 192.168.0.0 /16 thus basically saying, all of the 192.168 networks are over there! Of course, if in fact it is only networks 192.168.0 through 192.168.15 then a more correct supernet route would be 192.168.0.0 /20 which says: networks 192.168.0.0 through 192.168.15.0 are over there, because the /20 subnet mask has a magic number of 16, and networks 192.168.16 and up, are not in the range being summarized.

Video Tutorials on VLSM and CIDR

Video Tutorials – A Packet Tracer walkthrough of VLSM CIDR and Summary Routes

Author: Dan

Dan teaches computer networking and security classes at Central Oregon Community College.

Leave a Reply

Your email address will not be published. Required fields are marked *