Category: Infrastructure

A Simple explanation of the CIDR IP address scheme

I really struggled to find an explanation of CIDR addresses that used plain language and didn’t assume a lot of esoteric knowledge, so I’m writing some simple notes here.
With a CIDR address, you get something that looks like an IP address but then you get /nn at the end.

Like this: 123.231.145.0/24

Instead of specifying one IP address, this represents a range of IP addresses.

Decoding a CIDR address

If you want to decode a CIDR address, you can use this useful tool. If you give it your CIDR address, it will tell you the first IP in the range, the last IP, the total number of hosts and more.

Reading a CIDR address

So what does it mean?

The number at the end specifies how many bits of the IP address will be used for the network address. The rest of the bits will be used for host addresses.

There are always 32 bits available, because the highest IP address is 255.255.255.255. If those numbers were written in binary instead of decimal, each of the 255s would require 8 bits (255 is 11111111).

In the example above (123.231.145.0/24), 24 bits are used for the network address and this leaves 8 bits (32 minus 24) for the host addresses.

The range of numbers you can create when you have 8 bits is 256 (from 0000000 to 11111111), so if you have 8 bits available for host addresses, the number of host addresses is 256.

This means that in our example, the actual range of IP addresses described is 123.231.145.0 to 123.231.145.255.

The first three decimals (123.231.145) are the fixed network address, and will use up 24 bits when expressed in binary. The last decimal (which in our example will take values ranging from 0 to 255) uses up the last 8 bits.

A useful table

You can use the table below (via) to find out how many IP addresses are represented by the number after the forward slash (in our case, that number is 24).

The “decimal” column is telling you how many IP addresses will be in the range.

The “class” refers to the old way of allocating IP addresses, where class A was a range of over 16 million addresses, class B was a range of 65,535 addresses and class C was a range of 254 addresses. More here: https://www.keycdn.com/support/what-is-cidr

The “mask” refers to bit multiplication / bitwise operations, which is a whole other topic.