Classless Inter-Domain Routing
Classless Inter-Domain Routing (CIDR, /ˈsaɪdər/ or /ˈsɪdər/) is a method for allocating IP addresses and IP routing[1]. The Internet Engineering Task Force introduced CIDR in 1993 to replace the previous addressing architecture of classful network design in the Internet. Its goal was to slow the growth of routing tables on routers across the Internet, and to help slow the rapid exhaustion of IPv4 addresses.[2][3]
IP addresses are described as consisting of two groups of bits in the address: the most significant bits are the network prefix, which identifies a whole network or subnet, and the least significant set forms the host identifier, which specifies a particular interface of a host on that network. This division is used as the basis of traffic routing between IP networks and for address allocation policies. Classful network design for IPv4 sized the network prefix as one or more 8-bit groups, resulting in the blocks of Class A, B, or C addresses. Classless Inter-Domain Routing allocates address space to Internet service providers and end users on any address bit boundary, instead of on 8-bit segments. In IPv6, however, the interface identifier has a fixed size of 64 bits by convention, and smaller subnets are never allocated to end users.
CIDR encompasses several concepts. It is based on the variable-length subnet masking (VLSM) technique with effective qualities of specifying arbitrary-length prefixes. CIDR introduced a new method of representation for IP addresses, now commonly known as CIDR notation, in which an address or routing prefix is written with a suffix indicating the number of bits of the prefix, such as 192.168.2.0/24 for IPv4, and 2001:db8::/32 for IPv6. CIDR introduced an administrative process of allocating address blocks to organizations based on their actual and short-term projected needs. The aggregation of multiple contiguous prefixes resulted in supernets in the larger Internet, which whenever possible are advertised as aggregates, thus reducing the number of entries in the global routing table.
Background
During the first decade of the Internet after the invention of the Domain Name System (DNS) it became apparent that the devised system based on the classful network scheme of allocating the IP address space and the routing of IP packets was not scalable.[4]
An IP address is interpreted as composed of two parts: a network-identifying prefix followed by a host identifier within that network. In the previous classful network architecture, IP address allocations were based on the bit boundaries of the four octets of an IP address. An address was considered to be the combination of an 8, 16, or 24-bit network prefix along with a 24, 16, or 8-bit host identifier. Thus, the smallest allocation and routing block contained only 256 addresses—too small for most enterprises, and the next larger block contained 65536 addresses—too large to be used efficiently by even large organizations. This led to inefficiencies in address use as well as inefficiencies in routing, because it required a large number of allocated class-C networks with individual route announcements, being geographically dispersed with little opportunity for route aggregation.
As the initial TCP/IP network grew to become the Internet during the 1980s, the need for more flexible addressing schemes became increasingly apparent. This led to the successive development of subnetting and CIDR. The network class distinctions were removed, and the new system was described as being classless, with respect to the old system, which became known as classful. In 1993, the Internet Engineering Task Force published a new set of standards, RFC 1518 and RFC 1519, to define this new concept of allocation of IP address blocks and new methods of routing IPv4 packets. An updated version of the specification was published as RFC 4632 in 2006.[5]
Classless Inter-Domain Routing is based on variable-length subnet masking (VLSM), which allows a network to be divided into variously sized subnets, providing the opportunity to size a network more appropriately for local needs. Variable-length subnet masks are mentioned in RFC 950.[1] Accordingly, techniques for grouping addresses for common operations were based on the concept of cluster addressing, first proposed by Carl-Herbert Rokitansky.[6][7]
CIDR notation
CIDR notation is a compact representation of an IP address and its associated routing prefix. The notation is constructed from an IP address, a slash ('/') character, and a decimal number. The number is the count of leading 1 bits in the routing mask, traditionally called the network mask. The IP address is expressed according to the standards of IPv4 or IPv6.
The address may denote a single, distinct interface address or the beginning address of an entire network. The maximum size of the network is given by the number of addresses that are possible with the remaining, least-significant bits below the prefix. The aggregation of these bits is often called the host identifier.
For example:
- 192.168.100.14/24 represents the IPv4 address 192.168.100.14 and its associated routing prefix 192.168.100.0, or equivalently, its subnet mask 255.255.255.0, which has 24 leading 1-bits.
- the IPv4 block 192.168.100.0/22 represents the 1024 IPv4 addresses from 192.168.100.0 to 192.168.103.255.
- the IPv6 block 2001:db8::/48 represents the block of IPv6 addresses from 2001:db8:0:0:0:0:0:0 to 2001:db8:0:ffff:ffff:ffff:ffff:ffff.
- ::1/128 represents the IPv6 loopback address. Its prefix size is 128, the size of the address itself.
Before the implementation of CIDR, IPv4 networks were represented by the starting address and the subnet mask, both written in dot-decimal notation. Thus, 192.168.100.0/24 was often written as 192.168.100.0/255.255.255.0.
The number of addresses of a subnet may be calculated as 2address size − prefix size, in which the address size is 128 for IPv6 and 32 for IPv4. For example, in IPv4, the prefix size /29 gives: 232 − 29 = 23 = 8 addresses.
Subnet masks
A subnet mask is a bitmask that encodes the prefix size in quad-dotted notation: 32 bits, starting with a number of 1 bits equal to the prefix size, ending with 0 bits, and encoded in four-part dotted-decimal format: 255.255.255.0. A subnet mask encodes the same information as a prefix size, but predates the advent of CIDR. In CIDR notation, the prefix bits are always contiguous, whereas subnet masks may specify non-contiguous bits. However, since IP addresses are almost always allocated in contiguous blocks, a subnet mask has no practical advantage over CIDR notation.
CIDR blocks
CIDR is principally a bitwise, prefix-based standard for the representation of IP addresses and their routing properties. It facilitates routing by allowing blocks of addresses to be grouped into single routing table entries. These groups, commonly called CIDR blocks, share an initial sequence of bits in the binary representation of their IP addresses. IPv4 CIDR blocks are identified using a syntax similar to that of IPv4 addresses: a dotted-decimal address, followed by a slash, then a number from 0 to 32, i.e., a.b.c.d/n. The dotted decimal portion is the IPv4 address. The number following the slash is the prefix size, the number of shared initial bits, counting from the most-significant bit of the address. When emphasizing only the size of a network, the address portion of the notation is usually omitted. Thus, a /20 block is a CIDR block with an unspecified 20-bit prefix.
An IP address is part of a CIDR block, and is said to match the CIDR prefix if the initial n bits of the address and the CIDR prefix are the same. The size of an IPv4 address is 32 bits, an n-bit CIDR prefix leaves 32 − n bits unmatched, meaning that 232 − n IPv4 addresses match a given n-bit CIDR prefix. Shorter CIDR prefixes match more addresses, while longer prefixes match fewer. An address can match multiple CIDR prefixes of different sizes.
CIDR is also used for IPv6 addresses and the syntax semantic is identical. The prefix size can range from 0 to 128, due to the larger number of bits in the address. However, by convention a subnet on broadcast MAC layer networks always has 64-bit host identifiers. Larger prefixes are rarely used even on point-to-point links.
Assignment of CIDR blocks
The Internet Assigned Numbers Authority (IANA) issues to regional Internet registries (RIRs) large, short-prefix CIDR blocks. For example, 62.0.0.0/8, with over sixteen million addresses, is administered by RIPE NCC, the European RIR. The RIRs, each responsible for a single, large, geographic area, such as Europe or North America, subdivide these blocks and allocate subnets to local Internet registries (LIRs). Similar subdividing may be repeated several times at lower levels of delegation. End-user networks receive subnets sized according to the size of their network and projected short term need. Networks served by a single ISP are encouraged by IETF recommendations to obtain IP address space directly from their ISP. Networks served by multiple ISPs, on the other hand, may obtain provider-independent address space directly from the appropriate RIR.
For example, in the late 1990s, the IP address 208.130.29.33 (since reassigned) was used by www.freesoft.org. An analysis of this address identified three CIDR prefixes. 208.128.0.0/11, a large CIDR block containing over 2 million addresses, had been assigned by ARIN (the North American RIR) to MCI. Automation Research Systems, a Virginia VAR, leased an Internet connection from MCI and was assigned the 208.130.28.0/22 block, capable of addressing just over 1000 devices. ARS used a /24 block for its publicly accessible servers, of which 208.130.29.33 was one. All of these CIDR prefixes would be used, at different locations in the network. Outside MCI's network, the 208.128.0.0/11 prefix would be used to direct to MCI traffic bound not only for 208.130.29.33, but also for any of the roughly two million IP addresses with the same initial 11 bits. Within MCI's network, 208.130.28.0/22 would become visible, directing traffic to the leased line serving ARS. Only within the ARS corporate network would the 208.130.29.0/24 prefix have been used.
IPv4 CIDR blocks
Address format |
Difference to last address |
Mask | Addresses | Relative to class A, B, C |
Restrictions on a, b, c and d (0..255 unless noted) |
Typical use | |
---|---|---|---|---|---|---|---|
Decimal | 2n | ||||||
a.b.c.d / 32 | +0.0.0.0 | 255.255.255.255 | 1 | 20 | 1/ 256 C | Host route | |
a.b.c.d / 31 | +0.0.0.1 | 255.255.255.254 | 2 | 21 | 1/ 128 C | d = 0 ... (2n) ... 254 | Point to point links (RFC 3021) |
a.b.c.d / 30 | +0.0.0.3 | 255.255.255.252 | 4 | 22 | 1/ 64 C | d = 0 ... (4n) ... 252 | Point to point links (glue network) |
a.b.c.d / 29 | +0.0.0.7 | 255.255.255.248 | 8 | 23 | 1/ 32 C | d = 0 ... (8n) ... 248 | Smallest multi-host network |
a.b.c.d / 28 | +0.0.0.15 | 255.255.255.240 | 16 | 24 | 1/ 16 C | d = 0 ... (16n) ... 240 | Small LAN |
a.b.c.d / 27 | +0.0.0.31 | 255.255.255.224 | 32 | 25 | ⅛ C | d = 0 ... (32n) ... 224 | |
a.b.c.d / 26 | +0.0.0.63 | 255.255.255.192 | 64 | 26 | ¼ C | d = 0, 64, 128, 192 | |
a.b.c.d / 25 | +0.0.0.127 | 255.255.255.128 | 128 | 27 | ½ C | d = 0, 128 | Large LAN |
a.b.c.0 / 24 | +0.0.0.255 | 255.255.255.0 | 256 | 28 | 1 C | ||
a.b.c.0 / 23 | +0.0.1.255 | 255.255.254.0 | 512 | 29 | 2 C | c = 0 ... (2n) ... 254 | |
a.b.c.0 / 22 | +0.0.3.255 | 255.255.252.0 | 1,024 | 210 | 4 C | c = 0 ... (4n) ... 252 | |
a.b.c.0 / 21 | +0.0.7.255 | 255.255.248.0 | 2,048 | 211 | 8 C | c = 0 ... (8n) ... 248 | Small ISP / large business |
a.b.c.0 / 20 | +0.0.15.255 | 255.255.240.0 | 4,096 | 212 | 16 C | c = 0 ... (16n) ... 240 | |
a.b.c.0 / 19 | +0.0.31.255 | 255.255.224.0 | 8,192 | 213 | 32 C | c = 0 ... (32n) ... 224 | ISP / large business |
a.b.c.0 / 18 | +0.0.63.255 | 255.255.192.0 | 16,384 | 214 | 64 C | c = 0, 64, 128, 192 | |
a.b.c.0 / 17 | +0.0.127.255 | 255.255.128.0 | 32,768 | 215 | 128 C | c = 0, 128 | |
a.b.0.0 / 16 | +0.0.255.255 | 255.255.0.0 | 65,536 | 216 | 256 C = B | ||
a.b.0.0 / 15 | +0.1.255.255 | 255.254.0.0 | 131,072 | 217 | 2 B | b = 0 ... (2n) ... 254 | |
a.b.0.0 / 14 | +0.3.255.255 | 255.252.0.0 | 262,144 | 218 | 4 B | b = 0 ... (4n) ... 252 | |
a.b.0.0 / 13 | +0.7.255.255 | 255.248.0.0 | 524,288 | 219 | 8 B | b = 0 ... (8n) ... 248 | |
a.b.0.0 / 12 | +0.15.255.255 | 255.240.0.0 | 1,048,576 | 220 | 16 B | b = 0 ... (16n) ... 240 | |
a.b.0.0 / 11 | +0.31.255.255 | 255.224.0.0 | 2,097,152 | 221 | 32 B | b = 0 ... (32n) ... 224 | |
a.b.0.0 / 10 | +0.63.255.255 | 255.192.0.0 | 4,194,304 | 222 | 64 B | b = 0, 64, 128, 192 | |
a.b.0.0 / 9 | +0.127.255.255 | 255.128.0.0 | 8,388,608 | 223 | 128 B | b = 0, 128 | |
a.0.0.0 / 8 | +0.255.255.255 | 255.0.0.0 | 16,777,216 | 224 | 256 B = A | Largest IANA block allocation | |
a.0.0.0 / 7 | +1.255.255.255 | 254.0.0.0 | 33,554,432 | 225 | 2 A | a = 0 ... (2n) ... 254 | |
a.0.0.0 / 6 | +3.255.255.255 | 252.0.0.0 | 67,108,864 | 226 | 4 A | a = 0 ... (4n) ... 252 | |
a.0.0.0 / 5 | +7.255.255.255 | 248.0.0.0 | 134,217,728 | 227 | 8 A | a = 0 ... (8n) ... 248 | |
a.0.0.0 / 4 | +15.255.255.255 | 240.0.0.0 | 268,435,456 | 228 | 16 A | a = 0 ... (16n) ... 240 | |
a.0.0.0 / 3 | +31.255.255.255 | 224.0.0.0 | 536,870,912 | 229 | 32 A | a = 0 ... (32n) ... 224 | |
a.0.0.0 / 2 | +63.255.255.255 | 192.0.0.0 | 1,073,741,824 | 230 | 64 A | a = 0, 64, 128, 192 | |
a.0.0.0 / 1 | +127.255.255.255 | 128.0.0.0 | 2,147,483,648 | 231 | 128 A | a = 0, 128 | |
0.0.0.0 / 0 | +255.255.255.255 | 0.0.0.0 | 4,294,967,296 | 232 | 256 A |
In routed subnets larger than /31 or /32, the number of available host addresses is usually reduced by two, namely the largest address, which is reserved as the broadcast address, and the smallest address, which identifies the network itself.[8][9]
IPv6 CIDR blocks
The large address size used in IPv6 permitted implementation of worldwide route summarization and guaranteed sufficient address pools at each site. The standard subnet size for IPv6 networks is a /64 block, which is required for the operation of stateless address autoconfiguration.[10] At first, the IETF recommended in RFC 3177 as a best practice that all end sites receive a /48 address allocation,[11] however, criticism and reevaluation of actual needs and practices has led to more flexible allocation recommendations in RFC 6177 [12] suggesting a significantly smaller allocation for some sites, such as a /56 block for home networks.
Prefix aggregation
CIDR provides fine-grained routing prefix aggregation. For example, sixteen contiguous /24 networks can be aggregated and advertised to a larger network as a single /20 routing table entry, if the first 20 bits of their network prefixes match. Two aligned contiguous /20 blocks may be aggregated as /19 network. This reduces the number of routes that have to be advertised.
See also
References
- 1 2 RFC 950, Internet Standard Subnetting Procedure, J. Mogul, J. Postel, Eds. (August 1985), Section 2.1
- ↑ RFC 1518, An Architecture for IP Address Allocation with CIDR, Y. Rekhter, T. Li (September 1993)
- ↑ RFC 1519, Classless Inter-Domain Routing (CIDR): an Address Assignment and Aggregation Strategy, V. Fuller, T. Li, J. Yu, K. Varadhan (September 1993)
- ↑ RFC 1517, Applicability Statement for the Implementation of Classless Inter-Domain Routing (CIDR), R. Hinden, Ed., (September 1993)
- ↑ RFC 4632, Classless Inter-domain Routing (CIDR): The Internet Address Assignment and Aggregation Plan, V. Fuller, T. Li (August 2006)
- ↑ Carl-Herbert Rokitansky, "Internet Cluster Addressing Scheme and its Application to Public Data Networks", Proc. 9th International Conference on Computer Communication (ICCC' 88), pp. 482-491, Tel Aviv, Israel, Oct./Nov. 1988
- ↑ Cluster Addressing and CIDR in the mail archives of the IETF
- ↑ J. Mogul (Ed.) (October 1984). Broadcasting Internet Datagrams in the Presence of Subnets. sec. 7. RFC 922. https://tools.ietf.org/html/rfc922#section-7.
- ↑ F. Baker (Ed.) (June 1995). Requirements for IP Version 4 Routers. sec. 4.2.3.1. RFC 1812. https://tools.ietf.org/html/rfc1812#section-4.2.3.1.
- ↑ RFC 4862
- ↑ RFC 3177, IAB/IESG Recommendation on IPv6 Address Allocations to Sites, IAB/IESG (September 2001)
- ↑ RFC 6177, IPv6 Address Assignment to End Sites, T. Narten, G. Huston, L. Roberts (March 2011)
External links
- RFC 2317, Classless IN-ADDR.ARPA delegation
- RFC 3021, Using 31-Bit Prefixes on IPv4 Point-to-Point Links
- CIDR Report (updated daily)
- CIDR FAQ