TCP/IP: Classless Inter-Domain Routing (CIDR) As covered earlier in the article Netmasking Transmission Control Protocol/Internet Protcol (TCP/IP), I mentioned that netmasking had some difficulties. CIDR is where the difficulties arise in TCP/IP. Looking at the possible addresses and the default netmasks, it is easy to see that there are a limited number of IP Addresses. The number of hosts on the Internet far exceeds the possibilities of default netmasks. NOTE: The default netmasks are referred to as ‘Classful’, while the CIDR netmasks are ‘Classless’. You may also see CIDR referred to as Variable Length Subnet Masking (VLSM). To get around the problem of needing more IP Addresses, the Classless method of netmasking was used, or CIDR. NOTE: TCP/IP (version 4) has around 4.3 billion available addresses. The shortage has brought about CIDR, Network Address Translation (NAT) and TCP/IP version 6. With CIDR, more bits are used to define the Network ID and less is used to specify the Host ID. For example, in the following figure you can see the various possibilities: Before we go too far, let’s make sure you understand binary. Binary is a number system represented only by two digits – 0 and 1. A byte is made up of eight binary bits. For example, 255 in binary is 11111111. To calculate binary, the values of the bits start on the right and double in value. The first bit is 1 and the left most bit is 128. The values are as follows: 128 64 32 16 8 4 2 1 One byte then represents eight bits. Let's look at an example such as 231 to binary. We start at the left side and check if our number is larger than 128. It is, so we place a one in the first place. We then subtract 128 from 231 since we used the bit place. We now have 103 left and have a binary number so far of 1??????. The next bit space is 64. Since our remaining number is greater than 64, we place a one in that spot and subtract 64 from 103 to get 39. Our binary number is now 11??????. The next bit space has a value of 32 which is less than 39 so we place a one there and subtract 32 to get 7. Now our binay number is 111?????. The next place is for 16 which is too much for our 7 left. A zero is put in the fourth bit place to get a binary value of 1110????. The next bit space is for 8 which is greater than 7, so another zero is placed in the binary number 11100???. The next value is 4, which is less than 7, so we put a one in the bit spot and subtract 4 from our value to leave 3. Our binary number is now 111001??. The next space represents 2, so we place another one in the binary number and subtract 2 from our value to get 1. Since one is the last place value, it also beomes a one and our binary number is 11100111 to represent 231. To test the value we can look at the place values for the ones in binary and add them together. The values would be 128+64+32+4+2+1 which equals 231. Hopefully, this example shows you how to convert decimal to binary and back. If you do not have a firm grasp on the conversion, look over it a few times and keep trying. Now, look back at the section at the bottom of Figure 1. Seven possibilities exist for Classless Addressing: 128, 192, 224, 240, 248, 252 and 254. The Figure shows how these break down into binary. You can see that the values place a one at the left most bit and add one until all are ones except the final bit. If the final bit were a one, then the subnet would change from Class A to Class B or Class B to Class C. Let’s look at an example where we have a Class A address of 220.127.116.11. The default subnet mask is 255.0.0.0, making the network ID 5 and the host ID 150.58.201. In this case we will use 255.240.0.0 as the Netmask. To look deeper into the addressing, we need to figure out which part is the network ID and the host ID. To do this we need to convert the two numbers to binary. IP Address ----- 00000101. 10010110.00111010. 11001001 Netmask -------- 11111111. 11110000.00000000.00000000 Now, we can AND the two together. To AND the two is to take any values where a one is located on the Netmask, the value from the IP Address carries through. Any place that the Netmask contains a zero, a zero follows though. The result is the network ID as follows: 00000101.10010000.00000000.00000000 Converting the value to decimal would be 18.104.22.168 (a one must be placed in the last octet since a host ID of all zeroes represents the subnet itself). Now, the starting IP Address of the new subnet is 22.214.171.124 and if we place a one in for the remaining section making up the host ID, we get the ending value. NOTE: An octet is represented by eight bits and is one of the four numbers in the IP Address. Ending value: 00000101.10011111.11111111.11111111 After converting this to decimal, the value is 126.96.36.199 (of course to have a host ID of all ones represents a broadcast on the subnet, so we must make the last bit place a zero). The usable addresses are then 188.8.131.52 – 184.108.40.206. Now, for instance, let’s assume we have two systems on a network connected to a hub. The subnet is 255.240.0.0 for both systems. One system has an IP Address of 220.127.116.11 and the other is 18.104.22.168. As we saw from the previous example, the two are on different subnets. The network IDs are different so the two systems cannot communicate without some type of routing device. The systems may physically be on the same network, but logically are on two separate networks. Let’s try another example where we have three systems as follows: System A, IP – 22.214.171.124, Netmask – 255.255.224.0 System B, IP – 126.96.36.199, Netmask – 255.255.224.0 System C, IP – 188.8.131.52, Netmask – 255.255.224.0 Now, to convert the subnet mask to binary would give us 11111111.11111111.11100000000.00000000. To make this a little simpler we can look at the first two octets which have a Netmask of all ones and be able to tell that the first two octets must be the same for all IP Addresses. All three systems have the first two octets of 150.10, so this is a good sign. To determine if the systems are on different subnets we must look more closely at the third octet. The Netmask shows we need to concentrate on the first three bit places. So, let’s convert the third octet of each IP Address to binary. System A – 11000000 System B – 10111111 System C – 11011111 Just looking at the first three bits designated by the Netmask of 224 (11100000), we can see that System A and System C match. We can then say that System A and System C are on the same Logical subnet, while System B is not. For System B to communicate with Systems A and C, it requires a routing device. Using Classless Netmasks can make things difficult to determine if two systems are on the same logical network. CIDR can cause numerous connectivity problems on a network. CIDR requires some math skills, but once it is understood, it is not too hard to deal with and correct connectivity issues.