What is CIDR and why should you care?

CIDR stands for Classless Inter-Domain Routing, but don't let the technical name scare you. It's simply a way of writing down how big a network is and which devices belong to it. Before CIDR, the internet used a rigid system that wasted millions of IP addresses. CIDR fixed that problem and made the internet more efficient.

Every time you see an IP address followed by a slash and a number (like 192.168.1.0/24), that's CIDR notation. The number after the slash tells you exactly how many devices can fit on that network and helps routers understand how to send data to the right place.

Why does CIDR exist? A bit of history

Back in the "classful" days of the 1980s and early 1990s, networks came in only a few sizes—Class A, B, and C. That wasted space. Organizations received far more addresses than they needed, while others couldn't get enough. CIDR (Classless Inter‑Domain Routing) fixed that by letting us choose exactly how many bits belong to the network. It's like moving from pre‑cut shoe sizes to a tape measure: much better fit, far less waste.

The old system was incredibly inflexible. If you needed 300 IP addresses, you'd get a Class B network with 65,000 addresses, wasting over 64,000 addresses that nobody else could use. If you needed 1,000 addresses, tough luck—Class C only gave you 254 addresses, so you'd need four separate Class C networks, which was complicated to manage.

CIDR was introduced in 1993 as part of a set of changes designed to make the internet more efficient and delay the exhaustion of IPv4 addresses. It allowed network administrators to create networks of exactly the size they needed, reducing waste and making routing more efficient. Today, CIDR is used everywhere, from home routers to the largest internet service providers.

The structure of an IP address

Every IP address—IPv4 or IPv6—is a string of bits split into two parts:

  • Network part: identifies the network itself
  • Host part: identifies a specific device within that network

CIDR tells you how many bits are in the network part. The host part is whatever remains.

Think of it like a postal address. The network part is like the street name and neighborhood—it gets mail to the right area. The host part is like the house number—it identifies the specific destination within that area. Just as postal workers use the street name to get to the right neighborhood before looking for the house number, routers use the network part to get data to the right network before delivering it to the specific device.

Understanding bits and why they matter

Computers think in binary—everything is either a 1 or a 0. An IPv4 address is really just 32 ones and zeros in a row, even though we usually see it written as four numbers separated by dots. Each position in that string of 32 bits can be either 1 or 0, giving us 2³² possible combinations—about 4.3 billion different addresses.

When we write /24, we're saying "the first 24 bits identify the network, and the remaining 8 bits identify individual devices on that network." With 8 bits for devices, we can have 2⁸ = 256 different combinations, numbered from 0 to 255.

This binary foundation might seem abstract, but it's what makes CIDR so powerful. By choosing exactly how many bits to use for the network part, we can create networks of any size we need—not just the limited options that existed before CIDR.

CIDR in IPv4: the everyday examples

IPv4 has 32 bits total. If you see /24, that means the first 24 bits are for the network, leaving 8 bits for hosts. 8 bits can count 0–255, so a /24 has 256 total addresses. We usually subtract 2 for the network and broadcast addresses, leaving 254 usable host addresses. In very small subnets like /31 and /32, the rules are special: a /31 is perfect for point‑to‑point links, and a /32 represents a single host.

Let's break down some common IPv4 CIDR sizes:

  • /24 is by far the most common. It gives you 254 usable addresses, perfect for a typical office network or home subnet.
  • /25 cuts a /24 in half, giving you 126 usable addresses. Useful when 254 is too many but you need more than smaller options.
  • /26 gives you 62 usable addresses. Great for smaller teams or specialized network segments.
  • /30 gives you only 2 usable addresses. This is perfect for connecting two routers together—you only need one address for each router.

The network address (all host bits set to 0) can't be assigned to a device—it represents the network itself. The broadcast address (all host bits set to 1) is used to send messages to all devices on the network. That's why we subtract 2 from the total to get usable addresses.

CIDR in IPv6: thinking bigger

IPv6 has 128 bits total. The most common size for a LAN is /64. That leaves 64 bits for hosts, which is 18 quintillion addresses (264). Because the space is enormous, we don't worry about "wasting" addresses; instead we focus on clean design. You can carve a /56 or /48 into many /64s and give each VLAN its own tidy block.

The abundance of IPv6 addresses changes how we think about network design completely. In IPv4, you carefully calculate exactly how many addresses you need and pick the smallest CIDR block that fits. In IPv6, you can be generous with address space and focus on creating logical, easy-to-manage network hierarchies.

For example, many internet service providers give residential customers a /56 block. That's 2⁸ = 256 individual /64 networks. Even if you created a separate network for every room in your house, every smart device category, every family member, and every project, you'd still have hundreds of networks left over.

Prefixes and human‑friendly rules of thumb

  • IPv4:
    • /24 → about 254 hosts (typical for a VLAN)
    • /23 → about 510 hosts (combine two /24s)
    • /30 → 2 usable hosts (point‑to‑point)
    • /31 → also point‑to‑point (no broadcast)
  • IPv6:
    • /64 → standard for LANs
    • /56 → often delegated to homes/small offices (256 × /64s)
    • /48 → often delegated to sites (65,536 × /64s)
    • /127 → common for IPv6 point‑to‑point links

The math behind CIDR (made simple)

Calculating host counts doesn't require complex math—just remember the formula:

  • Hosts in IPv4 2(32 − prefix) minus 2 (except /31 and /32)
  • Addresses in IPv6 = 2(128 − prefix) (we show it as a power because the number is huge)

Example: 10.0.12.0/26. 32−26 = 6. 26 = 64 total. Subtract 2 → 62 usable hosts. For IPv6, 2001:db8:1::/68 has 128−68 = 60 host bits → 260 addresses. That's… a lot.

You can also think about CIDR prefixes in terms of doubling and halving. Each time you increase the prefix by 1 (like going from /24 to /25), you cut the number of available addresses in half. Each time you decrease the prefix by 1 (like going from /24 to /23), you double the number of available addresses.

This doubling/halving relationship makes it easy to estimate sizes in your head: /25 is half of /24, /23 is twice /24, /22 is four times /24, and so on.

Subnet masks: the old way of expressing the same thing

Before CIDR notation became standard, network administrators used subnet masks to express the same information. A /24 network corresponds to a subnet mask of 255.255.255.0, and a /26 network corresponds to 255.255.255.192. The subnet mask uses 1s and 0s in binary to mark which bits belong to the network part.

CIDR notation is much simpler and clearer than subnet masks. Instead of having to remember that 255.255.255.192 means 26 bits of network, you just write /26. Both notations work, and you'll still see subnet masks in some older network equipment and documentation, but CIDR is the modern standard.

If you ever need to convert between CIDR and subnet mask notation, just remember that each group of 8 bits that belong entirely to the network part becomes 255 in the subnet mask, and each group that belongs entirely to the host part becomes 0. Partial groups require binary math, but those are less common.

How the calculator helps (and when to use it)

You can do this math by hand, but it's easy to slip up. Our IP Prefix Calculator takes an input like 192.168.10.25/27 or 2001:db8:1234::/64 and instantly shows:

  • Network address (the first address in the range)
  • Broadcast address (IPv4 only)
  • First usable host, last usable host
  • Total hosts / total addresses
  • Subnet mask (IPv4)

The calculator is especially helpful when you're planning network changes or troubleshooting connectivity issues. Instead of doing binary math in your head, you can quickly see exactly which addresses belong to which network. This is invaluable when you're trying to figure out why two devices can't communicate or when you're planning how to divide up available address space.

Picking the "right" subnet size

Start with the number of devices you expect on the segment, then add a safety buffer for growth and devices you forgot (printers, cameras, IoT, test laptops). For IPv4, you want enough space that you don't hit the ceiling too soon, but not so large that broadcasts get noisy. For IPv6, stick with /64 for LANs; use routing and VLANs to segment, not smaller host sizes.

Here's a practical approach for IPv4 networks:

  • Count current devices and estimate growth over 3-5 years
  • Add 25-50% buffer for unexpected devices and future expansion
  • Round up to the next power of 2
  • Choose the CIDR prefix that gives you at least that many addresses

For example, if you have 40 devices and expect to grow to 80, add a 50% buffer to get 120. The next power of 2 bigger than 120 is 128, so you'd want a /25 network (126 usable addresses).

For IPv6, the calculation is much simpler: use /64 for everything unless you have a specific reason not to. The address space is so vast that efficiency isn't a primary concern—clarity and simplicity are more important.

Worked IPv4 example: designing a small office network

Say you need around 40 devices on a lab VLAN. Try /26. That gives 62 usable hosts, which is comfy. Your network might be 192.168.50.0/26, with usable hosts .1 through .62, and broadcast .63. If you outgrow it, you can plan for /25 next time (126 hosts) or re‑address into a /24 (254 hosts).

Let's walk through this example step by step:

  1. Network address: 192.168.50.0 (you can't assign this to a device)
  2. First usable host: 192.168.50.1 (often assigned to the router/gateway)
  3. Last usable host: 192.168.50.62
  4. Broadcast address: 192.168.50.63 (you can't assign this to a device)
  5. Total addresses: 64 (0 through 63)
  6. Usable addresses: 62 (1 through 62)

This gives you plenty of room for growth while not wasting too much address space. If you need more addresses later, you could switch to a /25 network, which would give you 126 usable addresses in the range 192.168.50.1 to 192.168.50.126.

Worked IPv6 example: home network organization

Imagine an office where you want one VLAN for users, one for servers, one for printers, and one for IoT. Your ISP delegates a /56. Great—you have 256 individual /64s to hand out. Make a small chart:

  • Users: 2001:db8:abcd:100::/64
  • Servers: 2001:db8:abcd:101::/64
  • Printers: 2001:db8:abcd:102::/64
  • IoT: 2001:db8:abcd:103::/64

Each VLAN is a clean /64 with a simple, symmetric firewall policy.

Notice how clean and logical this is compared to IPv4. You don't have to worry about overlapping address ranges, running out of space, or complicated subnet calculations. You can create as many VLANs as you want, each with its own /64 network, and still use less than 2% of your available /56 space.

This abundance also makes network documentation simpler. Instead of cryptic subnet calculations, you can use meaningful patterns in your addressing scheme. For example, you might use :100: for user networks, :200: for servers, :300: for infrastructure, and so on.

How to read IPv6 prefixes without fear

Break the address into eight groups. A /64 means the first four are network. With 2001:db8:abcd:42::/64, anything that starts with those first four groups is inside the subnet. Everything else is outside. If you use /68, you're borrowing four more bits for sub‑subnetting (16 smaller chunks inside the original /64).

Here's a simple trick for reading IPv6 CIDR notation: divide the prefix length by 16 to see how many complete groups belong to the network part. /64 ÷ 16 = 4, so the first four groups are the network. /48 ÷ 16 = 3, so the first three groups are the network. If there's a remainder, that tells you how many bits of the next group are also part of the network.

Common mistakes and easy fixes

  • Off‑by‑one host counts (IPv4) — Remember to subtract network and broadcast except for /31 and /32.
  • Forgetting prefix lengths — Always write the /number. If you omit it in our tool, we assume /32 for IPv4 and /128 for IPv6 to keep things explicit.
  • IPv6 fear — Use the calculator. Seeing ranges written out makes the pattern click.
  • Confusing network size with prefix length — Remember that larger prefix numbers mean smaller networks. /30 is smaller than /24.
  • Forgetting about growth — Always plan for more devices than you currently have. Networks tend to grow over time.

Advanced CIDR concepts: supernetting and VLSM

CIDR enables two powerful techniques that weren't possible with the old class-based system: supernetting and Variable Length Subnet Masking (VLSM).

Supernetting (also called route aggregation) lets you combine multiple smaller networks into one larger route advertisement. For example, if you have four /26 networks, you can advertise them all as one /24 route to external routers, simplifying routing tables and improving performance.

VLSM lets you create networks of different sizes within the same address space. You might carve a /24 into two /25s for user networks, four /27s for smaller departments, and several /30s for point-to-point links between routers. This flexibility was impossible with the old class-based system.

CIDR cheat sheet for quick reference

Some quick IPv4 mental math:

  • /24 → 256 total → 254 usable
  • /25 → 128 total → 126 usable
  • /26 → 64 total → 62 usable
  • /27 → 32 total → 30 usable
  • /28 → 16 total → 14 usable
  • /29 → 8 total → 6 usable
  • /30 → 4 total → 2 usable

IPv6: remember "/64 for LANs" and "powers of two" for counts.

For quick estimation, remember these common boundaries:

  • /8 = 16 million addresses (Class A equivalent)
  • /16 = 65,000 addresses (Class B equivalent)
  • /24 = 256 addresses (Class C equivalent)
  • /32 = 1 address (single host)

Try these examples in the calculator

  • 10.10.10.10/28 — small lab segment
  • 172.16.5.10/23 — combined two /24s
  • 2001:db8:1:2::123/64 — standard IPv6 LAN
  • 2001:db8:1:2::/68 — one of 16 sub‑chunks inside a /64
  • 192.168.0.0/22 — four /24 networks combined
  • 10.0.0.0/8 — the entire 10.x.x.x private range

Design tips you can use tomorrow

  • Document your prefixes in a simple spreadsheet.
  • Reserve a few blocks for future projects so you don't paint yourself into a corner.
  • Use meaningful VLAN names like users‑lan, servers‑dmz, and include the prefix in the description.
  • In IPv6, don't fight /64—embrace it and focus on clean segmentation.
  • Test your CIDR calculations with the IP Prefix Calculator before implementing changes.
  • Keep a cheat sheet of common prefix sizes handy until the math becomes second nature.

Real-world CIDR applications

Understanding CIDR isn't just academic—it has practical applications in everyday network management:

Firewall rules: CIDR notation makes it easy to write firewall rules that apply to entire networks rather than individual addresses. Instead of listing hundreds of individual IP addresses, you can write one rule that covers an entire /24 network.

VPN configuration: When setting up VPNs, you need to specify which networks should be routed through the VPN tunnel. CIDR notation lets you specify these networks precisely and efficiently.

Network monitoring: Many monitoring tools use CIDR notation to define which networks to scan or monitor. Understanding CIDR helps you configure these tools correctly.

Cloud networking: All major cloud providers (AWS, Azure, Google Cloud) use CIDR notation extensively in their networking configurations. Understanding CIDR is essential for working with cloud infrastructure.

Wrap‑up: CIDR makes networking flexible

CIDR is the language of modern IP addressing. Once you understand that the slash just marks how many bits belong to the network, everything else becomes consistent. You can estimate sizes, read logs with confidence, and design networks that scale. And when you don't want to do the math, let the IP Prefix Calculator do it for you—instantly and accurately.

The key insight is that CIDR gives you flexibility. Instead of being stuck with predetermined network sizes, you can choose exactly the right size for each segment of your network. This efficiency was crucial in extending the life of IPv4 and making the internet work at scale.

Whether you're managing a home network, designing enterprise infrastructure, or working with cloud services, CIDR notation will be part of your daily vocabulary. Master these concepts, and you'll find network design and troubleshooting much more intuitive and manageable.