Security Basics mailing list archives
Re: CIDR Explanation
From: Ed Spencer <espencer () usa net>
Date: Tue, 21 Sep 2004 14:32:58 -0800
I'm not sure if you have a problem understanding subnetting, CIDR, or the slash notation that's becoming more common. CIDR or Classless Internet Domain Routing is VERY similar to subnetting and is primarily used to simplify routing tables. TCP/IP is built upon binary and a firm grasp of this subject is imperative to understanding addressing, subnetting, and CIDR. If you're not comfortable with binary, espcially 8 bit binary, I recommend getting Binary Blitz from http://ganns.com/Games/BinaryBlitz/ and playing. It's the fastest way I know that once you have the theory of binary down to getting comfortable with binary numbers and conversions. They also have a Binary Blitz Revenge that is for 16 bit numbers. Ok, back to TCP/IP addressing. All addresses are based on a two part address. This two part address is built of a network address and a host address. In TCP/IP Classes allow for a 'default' subnet mask to identify the network from the host portion of the address. The class default subnet masks break evenly within the dotted decimal notation (the typical 10.1.1.1 is dotted decimal notation). Subnetting allows the breaking of large networks into smaller 'chunks' of addresses by increasing the number of bits in the network portion of the address and reducing the number of bits in the host portion of the address. Example: 10.1.1.1 is a class A address with a default subnet mask of 255.0.0.0 allowing for a total of 16,777,216 addresses of which 1 is sacrificed as the broadcast address (same network address, host address comprised of all bits set high or to 1) and another to the network address (same network address, all host bits set low or to 0). This would mean the total information for the network would be: Network Address: 10.0.0.0 Subnet Mask: 255.0.0.0 Network Broadcast Address: 10.255.255.255 Number of Hosts: 16,777,214 Slash Notation: 10.0.0.0/8 The same would apply to a Class C address: Network Address: 10.1.1.0 Subnet Mask: 255.255.255.0 Network Broadcast Address: 10.1.1.255 Number of Hosts: 254 Slash Notation: 10.1.1.0/24 Note that we broke the Class A address up when we used the different subnet mask in the Class C example above. CIDR simplifies routing tables by allowing us to break from the standard classes and group network together. For example, suppose the class C networks of 209.1.1.0/24, 209.1.2.0/24, 209.1.3.0/24, and 209.1.0.0/24 were all owned by the same ISP (not unusual). Instead of a routing statement for each network, they can be 'grouped' on the router into 10.1.0.0/22. Or in standard notation, a network address of 10.1.0.0 with a subnet mask of 22 bits or 255.255.252.0. So all that CIDR has done is allow more flexibility in the defining of the subnet by taking a bigger block of addresses. If you don't have a firm grasp of how the network address differs from the host address and how the subnet mask is used to identify the differences there are a number of tutorials on the subject to be found. http://www.techtutorials.info/nettcpip.html http://www.learntosubnet.com/ http://techrepublic.com.com/5100-6265-5034563.html http://www.itprc.com/tcp_ip.htm http://www.krkeegan.com/subnet/ If you need the nitty gritty details on why and how look at information on ARP, RARP, DHCP, BOOTP, and routing information to get an understanding of the hows and whys of subnetting, network vs. host address, etc. Don't know if this will help or not, but I wish you luck! Ed Spencer MCSE/MCT/CNA/A+/Network+/Security+ Network Administrator Denali Parks and Resorts, Aramark Corporation. ------ Original Message ------ Received: Tue, 21 Sep 2004 01:37:12 AM AKDT From: ka55ad <ka55ad () gmail com> To: security-basics () securityfocus com Subject: CIDR Explanation
Hi List, I am hoping that somebody might be able to help me out or point me in the right direction. For the life of me I can't seem to get a good grasp on CIDR notation. I see a lot of CIDR addresses every day, but I have trouble figuring out the IP addresses on the fly. I am not a complete newbie - I am quite familiar with the OSI model, TCP handshakes, etc but this one area stumps me. I am particularly interested in it because I am going to be setting up a snort box soon as well as an IP chains firewall to segregate parts of the network. I would much rather use CIDR since it can be much quicker at times, but I don't want to use it right now due to my lack of knowledge which can cause security issues. Can anybody offer advice/help? Thanks. --------------------------------------------------------------------------- Computer Forensics Training at the InfoSec Institute. All of our class
sizes
are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors. Gain the in-demand skills
of
a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse so that it never happens again. http://www.infosecinstitute.com/courses/computer_forensics_training.html
----------------------------------------------------------------------------
--------------------------------------------------------------------------- Computer Forensics Training at the InfoSec Institute. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors. Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse so that it never happens again. http://www.infosecinstitute.com/courses/computer_forensics_training.html ----------------------------------------------------------------------------
Current thread:
- CIDR Explanation ka55ad (Sep 21)
- RE: CIDR Explanation David Gillett (Sep 21)
- Re: CIDR Explanation Bob Radvanovsky (Sep 21)
- Re: CIDR Explanation Alexandros Papadopoulos (Sep 23)
- <Possible follow-ups>
- RE: CIDR Explanation BĂ©noni MARTIN (Sep 21)
- RE: CIDR Explanation Andrew Shore (Sep 21)
- RE: CIDR Explanation Bowes, Ronald (EST) (Sep 21)
- RE: CIDR Explanation David Gillett (Sep 21)
- CIDR Explanation - A good web site to teach you. Chad Thomsen (Sep 23)
- RE: CIDR Explanation David Gillett (Sep 21)
- Re: CIDR Explanation Ed Spencer (Sep 21)
- RE: CIDR Explanation Mike (Sep 21)
- Re: CIDR Explanation Travis Schack (Sep 21)
- RE: CIDR Explanation Bowes, Ronald (EST) (Sep 22)
- Re: CIDR Explanation ka55ad (Sep 22)