Understanding CIDR Basics for Network Management

Karishma Kochar

Karishma Kochar

Senior AWS Corporate Trainer

In the realm of computer networking, understanding the structure and calculation of IP addresses is fundamental. This guide will explore essential concepts such as bits and octets, the calculation of total IP addresses, and the significance of CIDR blocks in Virtual Private Clouds (VPCs). Additionally, we will cover methods for finding the ending address of a CIDR block and delve into subnetting, including subnet CIDR blocks and the use of subnet calculators.

Bits and Octets

IPv4 Addressing

An IPv4 address (e.g. 10.0.0.0) has four 8-bit decimal numbers (separated by dots) for a total of 32 bits.

Each number separated by a dot is called an Octet.

Why is this important? The CIDR block (e.g. /16) tells us what our starting range is, how many IP addresses will be allocated, how many bits are being used, and how the octets will be affected.

Calculating Total IP Addresses

Determining IP Addresses in a CIDR Block

How do we determine how many IP addresses are in, for example, a /16 CIDR block?

Since there are 32 bits in IPv4 addresses, we can use the following formula:

32 - 16 = 16.
216 = 65,536 addresses

Another example with /20:

32 - 20 = 12
212 = 4,096 addresses

This shows us that a CIDR block of /20 will have fewer addresses than a CIDR block of /16 or /18, /19, etc.

VPC CIDR Block

AWS only allows VPC CIDR block sizes to be between /16 and /28. Typically, we will want to create VPCs with a CIDR block of /16, so we will have plenty of IPs to allocate to our subnets and resources. With this in mind, let us start with creating a VPC with a CIDR range of 10.0.0.0/16. In this case, /16 specifies that the first 16 bits (two octets) will not change, only the 3rd and 4th octets will change.

This means that any Private IP address in our VPC network will always start with 10.0. For example, let's say we want to make another VPC outside of this network of IPs. 10.1.0.0/16 will work because it is outside the range of IPs being allocated by our 10.0 network.

Understanding CIDR Basics for Network Management | NovelVista Learning Solutions

Finding the ending address of a CIDR block

To calculate the ending address, we need to write out the bits in binary form.

10.0.0.0/16 will be written as:
11111111.11111111.00000000.00000000

Notice how there are sixteen (16) 1s (8 per octet)?

Flip the 0s to 1s and vice versa:
00000000.00000000.11111111.11111111

Now we can convert the binary bits to decimal to get the ending address:

Ending address: 10.0.255.255/16.

Subnet CIDR Block

Determine the total IPs allocated in a CIDR block and what the ending address will be; this should make creating subnets really easy.

Using the example of a subnet with a starting address of 10.0.0.0/20, we can determine that this will have an ending address of 10.0.15.255/20.

Since all of the addresses between 10.0.0.0/20 and 10.0.15.255/20 will be allocated to this subnet, we can create another subnet using 10.0.16.0/20, which will have an ending address of 10.0.31.255/20.

This shows us that CIDR blocks of /20 will iterate by 16 on the 3rd octet.

Example:
Subnet1: 10.0.0.0/20
Subnet2: 10.0.16.0/20
Subnet3: 10.0.32.0/20

What if we want to slot in a smaller subnet of /24 between our /20 subnets?

We would not be able to since the addresses would all be used up. However, we could slot them afterwards.

Example:
Subnet1: 10.0.0.0/20 (4,096 addresses)
Subnet2: 10.0.16.0/20 (4,096 addresses)
Subnet3: 10.0.32.0/20 (4,096 addresses)
Subnet4: 10.0.48.0/24 (256 addresses)
Subnet5: 10.0.49.0/24 (256 addresses)

Could we then use 10.0.50.0/20 for Subnet6?
We could not because remember, the scheme of /20 CIDR blocks is that they iterate by 16 on the third octet, so we should have to use 10.0.64.0/20 instead.

Subnet Calculator

Simply input the VPC starting address (e.g. 10.0.0.0) and select the subnet CIDR (e.g. /20) to see all of the possible subnets that can be created by referencing the left-most column.

Understanding CIDR basics is important for anyone interested in how networks operate. At its core, CIDR enables the grouping of IP addresses in a way that maximizes the use of available addresses. This means that rather than being limited to fixed group sizes, network administrators can allocate addresses based on actual needs. By learning CIDR basics, individuals can appreciate how this system supports the growth of the internet and the increasing number of devices connected to it. Overall, CIDR is crucial for maintaining an efficient and scalable network environment.