VLSM and CIDR

Variable Length Subnet Masking and Classless Inter-Domain Routing techniques.

The Problem of Wasted Space: A Recap of Fixed-Size Subnetting

In the previous topic on subnetting, we learned how to divide a large network block into smaller, more manageable subnets. While this was a major step forward from the rigid classful addressing system, it had a critical flaw: all the created subnets had to be the same size.

Imagine you're designing a parking lot for a company. Using traditional subnetting is like making every single parking space large enough to fit a bus. This works perfectly for the company's bus, but it's incredibly wasteful when you need to park employee cars, motorcycles, and delivery vans. You end up wasting a huge amount of valuable space.

This is precisely the issue we face in networks. A point-to-point link between two routers only needs two usable IP addresses, yet with fixed-size subnetting, we might be forced to allocate a subnet with 30, 62, or even more addresses, wasting the rest. This inefficiency was a major driver in the rapid depletion of IPv4 addresses. To solve this, two revolutionary concepts were developed: VLSM for internal network efficiency, and CIDR for global internet scalability.

VLSM: Variable Length Subnet Masking

is the technique of "subnetting a subnet." It breaks free from the limitation of having one subnet mask for the entire network. With VLSM, you can take a large block of addresses, create a few medium-sized subnets, and then take one of those medium-sized subnets and further divide it into even smaller ones.

This is analogous to a well-planned office building. You start with the entire building (the main network block). You divide it into floors (large subnets). Then, you take one floor and divide it into variably sized spaces: a large open-plan area for the sales team, a few medium-sized offices for managers, and a small closet for network equipment. Each space is sized perfectly for its purpose, minimizing wasted square footage.

The Critical Prerequisite: Classless Routing Protocols

For VLSM to work, there's a non-negotiable requirement: the network must use a classless routing protocol.

Classful Protocols (e.g., RIPv1, IGRP): These older protocols do not send the subnet mask along with the IP address in their routing updates. They assume a default classful mask (e.g., /24 for a Class C address). Because they don't know the mask, they cannot understand that `192.168.10.64/26` and `192.168.10.128/27` are different, valid subnets of the same parent network.
Classless Protocols (e.g., RIPv2, OSPF, EIGRP): These modern protocols do include the subnet mask (or prefix length) with the IP address in their updates. This allows routers to have an unambiguous understanding of the network structure, regardless of how it has been subnetted with VLSM.

In-Depth Example: Designing a Network with VLSM

Let's put VLSM into practice with a realistic scenario. An organization is given the Class C network block 203.0.113.0/24. They need to create four subnets with the following host requirements:

Network A (Engineering): 100 hosts
Network B (Sales): 50 hosts
Network C (WAN Link 1): 2 hosts
Network D (WAN Link 2): 2 hosts

The Golden Rule of VLSM: Start with the Largest Requirement

To avoid fragmenting your address space and making it unusable, the most important rule when planning a VLSM scheme is to always allocate addresses for the largest subnets first. By satisfying the biggest needs first, you are left with contiguous blocks that can then be further divided for smaller needs.

Step 1: Network A (Engineering) - 100 hosts

We need space for 100 hosts. We use the formula $2^H - 2 \ge \text{required hosts}$ to find the number of host bits ( $H$ ) needed. $2^6-2=62$ is too small. $2^7-2=126$ is sufficient. So, we need 7 host bits.
The prefix length is $32 - 7 = 25$ . The mask is `/25`, or 255.255.255.128.
We allocate the first available block: 203.0.113.0/25.

Network Address: `203.0.113.0`
Host Range: `203.0.113.1` to `203.0.113.126`
Broadcast: `203.0.113.127`

Step 2: Network B (Sales) - 50 hosts

We need space for 50 hosts. $2^5-2=30$ is too small. $2^6-2=62$ is sufficient. So, we need 6 host bits.
The prefix length is $32 - 6 = 26$ . The mask is `/26`, or 255.255.255.192.
The first subnet used up to `.127`, so the next available address is `.128`. We allocate: 203.0.113.128/26.

Network Address: `203.0.113.128`
Host Range: `203.0.113.129` to `203.0.113.190`
Broadcast: `203.0.113.191`

Step 3 & 4: WAN Links C and D - 2 hosts each

We need 2 hosts for each point-to-point link. $2^2-2=2$ is perfect. So, we need 2 host bits.
The prefix length is $32 - 2 = 30$ . The mask is `/30`, or 255.255.255.252.
The last used address was `.191`. We allocate the next two available `/30` blocks.

Network C: 203.0.113.192/30
(Network: `.192`, Hosts: `.193, .194`, Broadcast: `.195`)
Network D: 203.0.113.196/30
(Network: `.196`, Hosts: `.197, .198`, Broadcast: `.199`)

Conclusion of VLSM

With VLSM, we have perfectly tailored each subnet to its specific need, using addresses from `.0` to `.199` of our `/24` block. We have successfully addressed all requirements while still having a large block of addresses from `203.0.113.200` to `203.0.113.255` available for future expansion. This is a dramatic improvement in efficiency compared to using a fixed mask for all subnets.

CIDR: Classless Inter-Domain Routing

VLSM was a brilliant solution for fixing address waste within an organization's network. However, the internet faced a much larger, existential crisis: the classful system was causing the global routing tables to grow exponentially, threatening to overwhelm the routers that form the internet's backbone.

was introduced to solve this. CIDR essentially applies the concept of variable-length masking to the entire internet. It achieves two monumental things:

It completely abolishes the Class A, B, and C system. Under CIDR, an IP address block is defined solely by its address and its prefix length (e.g., `198.51.100.0/22`). The concept of "class" is no longer relevant for routing. This is why you must use a classless routing protocol.
It enables Route Summarization (or Aggregation). This is the key to managing the size of the global routing table.

The Power of CIDR: Route Summarization

Route summarization, also known as aggregation or supernetting, is the process of combining several smaller, contiguous network routes into a single, larger summary route.

Analogy: Imagine a central postal sorting office in New York. Without summarization, it would need a separate mail bin for every single street in London. The list of bins would be impossibly long. With summarization, it only needs one large bin labeled "All Mail for London." When the container arrives in London, a local sorting office takes over and handles the detailed sorting by street. CIDR allows an internet router to do the same, advertising one general route for a large block of addresses instead of many specific ones.

Example: Summarizing Four Networks

An Internet Service Provider (ISP) serves four customers, giving each a `/24` block of addresses:

`198.51.100.0/24`
`198.51.101.0/24`
`198.51.102.0/24`
`198.51.103.0/24`

Without CIDR, the ISP would have to announce four separate routes to the rest of the internet. With CIDR, we can summarize them.

Step 1: Convert to Binary

We focus on the third octet, which is where the addresses differ:

`100` → `01100100`
`101` → `01100101`
`102` → `01100110`
`103` → `01100111`

Step 2: Find the Common Prefix

We look for the number of bits that are identical from left to right for all addresses.

01100100
01100101
01100110
01100111

The first 6 bits of the third octet are common to all four networks.

Step 3: Calculate the Summary Route

The first two octets were already part of the common prefix (16 bits). We add the 6 common bits from the third octet.
Total common bits (new prefix length) = $16 + 6 = 22$ .
The summary address is the first address in the block with the new, shorter prefix: 198.51.100.0/22.

The Result

Thanks to CIDR, the ISP now advertises only one route (`198.51.100.0/22`) to the rest of the world instead of four. This act of summarization, performed by thousands of ISPs worldwide, is what keeps the internet's global routing table manageable and efficient.