What Is CIDR? Classless Inter-Domain Routing Explained

CIDR (Classless Inter-Domain Routing), pronounced “cider,” is a method of allocating IP addresses and routing that replaced the old class-based system (Class A, B, C) in 1993. Instead of rigid address classes that came in only three sizes, CIDR allows network addresses to be allocated in any power-of-two size using a prefix length notation like 192.168.1.0/24. The number after the slash indicates how many bits of the address identify the network, and the remaining bits identify individual hosts within that network. CIDR was essential to slowing IPv4 address exhaustion and makes modern internet routing actually manageable.

The Problem CIDR Solved

Before CIDR, IP addresses were divided into classes:

Class	First Octet Range	Network Bits	Host Bits	Addresses per Network
A	1 to 126	8	24	16,777,214
B	128 to 191	16	16	65,534
C	192 to 223	24	8	254

See the problem? If an organization needed 500 IP addresses, a Class C (254 addresses) was too small. So they’d get a Class B (65,534 addresses), wasting over 65,000 addresses. An organization needing 70,000 addresses would get a Class A (16.7 million), wasting 99.6% of the allocation.

This wasteful system burned through IPv4 addresses at an alarming rate. Class B allocations were especially problematic because they were the “right size” for medium organizations that really only needed a few thousand addresses.

CIDR eliminated this waste by allowing allocations of any size (in powers of two). Need 500 addresses? Here’s a /23 (512 addresses). Need 2,000? Here’s a /21 (2,048 addresses). No more forcing organizations into predefined boxes.

How CIDR Notation Works

CIDR notation combines an IP address with a prefix length: 192.168.1.0/24

The prefix length (the /24 part) tells you:

The first 24 bits are the network portion (stays the same for all hosts)
The remaining bits (32 minus 24 = 8 bits) are for host addresses
2^8 = 256 total addresses in this block

Breaking Down the Math

For 10.0.0.0/20:

Network bits: first 20 bits = 10.0. + first 4 bits of third octet
Host bits: 32 minus 20 = 12 bits
Total addresses: 2^12 = 4,096
Usable host addresses: 4,094 (minus network address and broadcast)
Address range: 10.0.0.0 to 10.0.15.255
Subnet mask: 255.255.240.0

Common CIDR Blocks

CIDR	Subnet Mask	Total Addresses	Usable Hosts	Nickname
/32	255.255.255.255	1	1	Single host
/31	255.255.255.254	2	2 (point-to-point)	Link
/30	255.255.255.252	4	2	Point-to-point
/28	255.255.255.240	16	14	Small subnet
/24	255.255.255.0	256	254	Standard LAN
/20	255.255.240.0	4,096	4,094	Large LAN
/16	255.255.0.0	65,536	65,534	Old Class B
/8	255.0.0.0	16,777,216	16,777,214	Old Class A

The /24 is by far the most common block size you’ll encounter in practice. It’s the standard allocation for small networks and the minimum size that most ISPs will route independently (smaller blocks are often filtered by BGP routing policies).

CIDR and Routing

Beyond address allocation, CIDR’s other major contribution is route aggregation (also called supernetting). Instead of routing tables containing individual entries for thousands of small networks, CIDR allows multiple networks to be summarized into a single route.

Example: If an ISP owns the ranges 198.51.100.0/24 through 198.51.103.0/24, their upstream provider can advertise a single route: 198.51.100.0/22 (which covers all four /24 blocks). This dramatically reduces the size of the global routing table, which currently contains about 1 million entries. Without CIDR aggregation, it would be many times larger, making core internet routers slower and more expensive.

This is why CIDR was adopted in 1993 (RFC 1519) and why it’s such a foundational concept. It didn’t just slow address exhaustion; it kept the global routing table manageable as the internet grew from thousands to billions of connected devices.

Practical Application

Reading CIDR notation you encounter in the wild:

AWS security group rule: 0.0.0.0/0 means “any IP address” (all 32 bits are host bits)
Firewall rule: 10.0.0.0/8 means “the entire 10.x.x.x private range”
VPN tunnel: 192.168.1.0/24 means “send traffic for this subnet through the tunnel”
Cloud VPC: 172.16.0.0/12 means “the entire 172.16 to 172.31 private range”

Calculating CIDR in your head

Quick mental shortcut: start from /32 (1 address) and double for each bit you remove:

/32 = 1 address
/31 = 2
/30 = 4
/29 = 8
/28 = 16
/27 = 32
/26 = 64
/25 = 128
/24 = 256

For usable hosts, subtract 2 from the total (network address and broadcast address, except for /31 and /32 which are special cases).

We have a complete subnet cheat sheet with all CIDR blocks at Subnet Cheat Sheet.

Test It Yourself

Check Your IP Block

Look up your IP address and see which CIDR block it belongs to. Free, instant lookup.

Open Tool →

Frequently Asked Questions

A /24 (pronounced 'slash 24') means the first 24 bits of the IP address identify the network, and the remaining 8 bits identify individual hosts. This gives you 256 addresses (254 usable, since the first is the network address and last is broadcast). It's equivalent to the old Class C subnet mask 255.255.255.0.

A /16 has 65,536 addresses (16 bits for hosts), while a /24 has 256 addresses (8 bits for hosts). The smaller the number after the slash, the larger the network. /8 = 16 million addresses, /16 = 65,536, /24 = 256, /32 = 1 address.

The original classful system wasted huge numbers of IP addresses. If an organization needed 300 addresses, they had to get a Class B block of 65,536 addresses. CIDR allows allocating exactly the right size block, dramatically reducing waste and slowing IPv4 address exhaustion.