Classes of IP addresses-CIDR in Cisco routers

IP Routing works by comparing the destination addresses of IP packets to a list of possible destinations called the Routing Table. The destination address in a packet usually identifies a single host. It is also possible to use the multicast functions of the IP protocol to send packets to many hosts simultaneously, as we will discuss in Chapter 23. In this chapter, however, we will focus on routing to a specific single destination.

In a very large network such as the public Internet or a large corporate network, it is impractical keep track of every device individually. So the IP protocol groups devices into subnets. A subnet is, in effect, a summary address representing a group of adjacent hosts. Similarly, you can summarize adjacent groups of subnet addresses. The result is an extremely efficient hierarchical addressing system.

There are two different sets of rules for how groups of subnets can be summarized together. The older method uses a concept called class, while the newer method is classless, and is often referred to by the acronym Classless Interdomain Routing (CIDR). CIDR is described in detail in RFC's 1517, 1518, and 1519. Both methods are still in common use, although the public Internet makes extensive use of CIDR, and all new registered IP addressing follows the new rules.

You can turn on CIDR in Cisco routers with the global configuration command ip classless. Classless routing has been the default since IOS Version 11.3. If the older rules are required, you have to explicitly disable CIDR with the no ip classless command.

For small networks the distinction is often irrelevant, particularly if they don't use a dynamic routing protocol. However, using a mixture of classful and classless addressing and routing models in a network can cause some extremely strange and unexpected routing behavior. Many network administrators are unclear on the distinctions. So a brief review is in order.

The biggest difference between classful and classless addressing is that classful addressing assumes that the first few bits of the address can tell you how big the network is. Table 5-1 shows how address classes are defined. As you can see, a Class A address is any network from 0.0.0.0 to 127.0.0.0, and all of these networks are assumed to have a mask of 255.0.0.0 (/8).

Table 5-1. Classes of IP addresses
Class Range of network addresses Mask Mask bits
A 0.0.0.0127.0.0.0 255.0.0.0 8
B 128.0.0.0191.255.0.0 255.255.0.0 16
C 192.0.0.0223.255.255.0 255.255.255.0 24
D 224.0.0.1239.255.255.255 255.255.255.255 32
E 240.0.0.1255.255.255.255 255.255.255.255 32


You can create several subnets within a Class A, B, or C network. However, it is harder to work with structures that are larger than the network. For example, if you wanted to work with the networks 192.168.4.0/24, 192.168.5.0/24, 192.168.6.0/24, and 192.168.7.0/24, CIDR would allow you to address this entire group (called a supernet) as 192.168.4/22 (or 192.168.4.0 255.255.252.0 in netmask notation). However, with classful routing, the router would have to maintain routes to all of these ranges as separate Class C networks.

A router decides where to send a packet by comparing the destination address in the header of the IP packet with its routing table. The rule is that the router will always use the most specific match in the table. This will be the entry that has the most bits in its netmask, so it is often called the longest match. This longest match rule is required because the routing table will often contain several possible matches for a particular destination.

For example, suppose the destination address in a particular packet was 10.5.15.35. The router will look in its routing table for possible matches and the accompanying next hop information that will tell it where to send this packet. If there is a match for the specific host, 10.5.15.35/32, then it doesn't need to look any further. But, it is more likely that the router will find a more general route such as 10.5.15.0/24 or 10.5.0.0/16. And if it can't find any reasonable matches, there will usually be a default route or gateway of last resort, 0.0.0.0/0, that matches anything. If there is no match at all, then the router must drop the packet.

Classless routing can use a mask of any length when looking for the best route to a destination. But in classful routing this is not true. For example, CIDR would allow the four networks 192.168.4.0/24, 192.168.5.0/24, 192.168.6.0/24, and 192.168.7.0/24 to be written together as 192.168.4.0/22. But if a router uses classful routing, it would not consider the destination address 192.168.5.15 to be a part of 192.168.4.0/22 because it knows that anything beginning with 192 must be a Class C network. Instead, if there was no specific route for 192.168.5.0/24 or a subnet containing this destination, the router will skip straight to the default route. If you mix classless and classful routing, this could be the wrong path, and in the worst case, it could even cause a routing loop.

This is why it is so important to make sure that you are consistent about which type of routing and addressing you want to use. In general, it is better to use CIDR because of the improved flexibility. Also, since CIDR allows more levels of route summarization, you can often simplify your routing tables so that they take up less memory in the routers. This, in turn, can improve network performance.

Summary routes have another important benefit. The router will keep its summary route as long as any of its subnets exist. This means that the summary route is as stable as the most stable route in the summarized range. Without summarization, if there is one route that repeatedly flaps up and down, the routing protocol must propagate every transition throughout the network. But a summary route can hide this instability from the rest of the network. The routing protocol doesn't need to waste resources installing and removing the flapping route, which improves overall network stability.

Unregistered Addresses

Most of the IP addresses used in examples in this book are unregistered. The Internet Engineering Task Force (IETF) and the Internet Assigned Numbers Authority (IANA) have set aside several unregistered ranges of addresses for anybody to use at any time. The only stipulation is that because anybody and everybody is using these numbers, they cannot be allowed to leak onto any public sections of the Internet. The allowed ranges of unregistered IP addresses are defined in RFC 1918, and summarized in Table 5-2. It is a good practice to address all private networks using these address ranges.

Table 5-2. RFC 1918 allowed unregistered IP addresses
Class Network Mask Comment
Class A 10.0.0.0 255.0.0.0 One large Class A network
Class B 172.16.0.0 through 172.31.0.0 255.255.0.0 16 Class B networks
Class C 192.168.0.0 through 192.168.255.0 255.255.255.0 256 Class C networks


Note that RFC 3330 defines a number of other special ranges, including a special TEST-NET range, 192.0.2.0/24, which is reserved for documentation purposes. We occasionally use this address range in this book. You should not use it in production networks, however.