What is CIDR (Classless Inter-Domain Routing)?
CIDR replaced the old classful IP addressing system with flexible prefix lengths like /24, /16, and /8. Learn how CIDR notation works, how to calculate usable hosts, and why it saved the internet from running out of addresses sooner.
Classless Inter-Domain Routing (CIDR) is the addressing system that replaced the original class-based method of allocating IP addresses. Before CIDR existed, organizations received IP addresses in fixed blocks of roughly 16 million (Class A), 65,000 (Class B), or 254 (Class C). A company that needed 300 addresses had to take a Class B block of 65,000 and waste the rest. CIDR eliminated that rigid structure in 1993 and is the reason the IPv4 address supply lasted as long as it did.
If you have ever seen an IP address written as 192.168.1.0/24, the /24 part is CIDR notation. It tells you exactly how big the network is without needing to memorize subnet mask values.
How CIDR Notation Works
CIDR notation combines an IP address with a prefix length, separated by a forward slash. The prefix length is a number between 0 and 32 (for IPv4) that specifies how many bits from the left side of the address belong to the network portion. The remaining bits identify individual hosts within that network.
The notation 10.0.0.0/8 means the first 8 bits (the first octet, 10) define the network. Everything after that (the remaining 24 bits) is available for host addresses. That gives you over 16 million addresses in a single block.
The notation 192.168.1.0/24 means the first 24 bits (the first three octets, 192.168.1) define the network. The last 8 bits are for hosts. That gives you 256 addresses, of which 254 are usable.
The notation 192.168.1.128/25 means the first 25 bits define the network. This splits a standard /24 in half. Hosts range from 192.168.1.128 to 192.168.1.255 (126 usable addresses).
Every CIDR block maps to a traditional subnet mask. The prefix length tells you how many bits in the mask are set to 1:
| CIDR | Subnet Mask | Usable Hosts |
|---|---|---|
| /8 | 255.0.0.0 | 16,777,214 |
| /16 | 255.255.0.0 | 65,534 |
| /20 | 255.255.240.0 | 4,094 |
| /24 | 255.255.255.0 | 254 |
| /25 | 255.255.255.128 | 126 |
| /26 | 255.255.255.192 | 62 |
| /27 | 255.255.255.224 | 30 |
| /28 | 255.255.255.240 | 14 |
| /30 | 255.255.255.252 | 2 |
| /32 | 255.255.255.255 | 1 |
Calculating Usable Hosts
The formula for calculating usable hosts in any CIDR block is simple: 2^(32 - prefix) - 2. The exponent gives you the total number of addresses in the block. You subtract 2 because the first address is the network identifier and the last address is the broadcast address. Neither can be assigned to a device.
For a /24 network: 2^(32 - 24) = 2^8 = 256 total addresses. Subtract 2 and you get 254 usable host addresses. The network address is 192.168.1.0 and the broadcast address is 192.168.1.255.
For a /26 network: 2^(32 - 26) = 2^6 = 64 total addresses. Subtract 2 and you get 62 usable hosts. If the block starts at 192.168.1.0/26, hosts range from 192.168.1.1 to 192.168.1.62, with 192.168.1.63 as the broadcast.
For a /30 network: 2^(32 - 30) = 2^2 = 4 total addresses. Subtract 2 and you get 2 usable hosts. This is the smallest practical subnet, used for point-to-point links between two routers.
A /31 is a special case defined by RFC 3021 for point-to-point links, providing exactly 2 addresses with no network or broadcast address. A /32 represents a single host address and is commonly used in routing tables and firewall rules to specify one specific device.
Why Classful Addressing Failed
Before CIDR, the internet used a classful addressing system that divided IPv4 space into five fixed classes. Class A gave organizations a /8 block (16.7 million addresses). Class B gave a /16 block (65,534 addresses). Class C gave a /24 block (254 addresses).
The problem was obvious. A university with 5,000 hosts could not use a Class C (too small at 254 addresses) and had to request a Class B (wildly oversized at 65,534 addresses). Those 60,000 unused addresses were locked away, unavailable to anyone else. This waste was happening across thousands of organizations worldwide.
By the early 1990s, the Class B space was almost gone. Organizations that genuinely needed a few hundred addresses were consuming blocks meant for tens of thousands. The internet engineering community recognized that the entire IPv4 address space would be exhausted years ahead of schedule if nothing changed.
CIDR, introduced through RFC 1518 and RFC 1519 in 1993, solved this by allowing any prefix length. That university with 5,000 hosts could receive a /19 (8,190 usable addresses) instead of a wasteful /16. The remaining addresses stayed in the global pool for others to use.
CIDR and Route Aggregation
CIDR does more than allocate addresses efficiently. It also keeps the internet’s routing tables manageable through a technique called route aggregation (also known as supernetting).
Without aggregation, every individual network on the internet would need its own entry in the global routing table. With hundreds of millions of networks, routers would need enormous memory and processing power to look up destinations. Internet backbone routers would grind to a halt.
CIDR allows multiple smaller networks to be represented by a single larger prefix. An ISP that owns the block 203.0.113.0/24 through 203.0.113.255/24 can advertise the entire range as one entry: 203.0.113.0/24. An ISP with a /16 block can summarize thousands of customer routes into one announcement.
This aggregation is hierarchical. Smaller ISPs advertise their blocks to larger transit providers, who aggregate further and advertise to the backbone. The result is a global routing table that stays within the processing capacity of modern routers, even as the internet continues to grow.
Using CIDR in Practice
CIDR notation appears throughout networking, from router configurations to firewall rules to cloud computing.
When you set up a VPC (Virtual Private Cloud) in AWS, Azure, or GCP, you define the network using CIDR notation. A block like 10.0.0.0/16 gives you 65,534 addresses to divide into subnets. You might create 10.0.1.0/24 for web servers, 10.0.2.0/24 for databases, and 10.0.3.0/24 for application servers.
Firewall rules use CIDR to specify which addresses a rule applies to. A rule allowing traffic from 192.168.1.0/24 permits any device on that subnet. A rule targeting 0.0.0.0/0 applies to all IPv4 addresses, while 10.0.5.22/32 targets a single specific host.
On your home network, CIDR works in the background. Your router’s DHCP server assigns addresses from a pool within a CIDR block, typically 192.168.1.0/24. The router uses the prefix to determine which traffic is local (stays on the LAN) and which needs to be forwarded through NAT to the internet.
Understanding CIDR notation is the gateway to configuring VPNs, setting up firewall rules, segmenting networks, and reading any networking documentation. Once you can read /24 as “254 hosts on a single subnet,” the rest of networking notation starts to make sense.
Frequently Asked Questions
What does the /24 in CIDR notation mean?
The /24 means that the first 24 bits of the IP address identify the network and the remaining 8 bits identify individual hosts. This is equivalent to the subnet mask 255.255.255.0 and provides 254 usable IP addresses on that subnet.
How do I calculate the number of usable hosts from a CIDR prefix?
Use the formula 2^(32 - prefix length) - 2. For /24, that is 2^8 - 2 = 254 usable hosts. You subtract 2 because one address is reserved for the network identifier and one for the broadcast address.
What is the difference between CIDR and classful addressing?
Classful addressing locked networks into fixed sizes of /8, /16, or /24 (Class A, B, or C). CIDR allows any prefix length from /0 to /32, enabling precise allocation that matches actual need. This flexibility eliminated massive address waste.
Is CIDR only used for IPv4?
No. CIDR notation is used for both IPv4 and IPv6 addressing. IPv6 networks commonly use /64 for individual subnets and /48 for site allocations. The concept of variable-length prefixes applies to both protocols.
What CIDR block does a typical home network use?
Most home routers use 192.168.1.0/24 or 192.168.0.0/24. The /24 prefix provides 254 usable addresses, which is more than sufficient for residential use. The 192.168.0.0/16 block is the most common private range for home networks.