CIDR (Classless Inter-Domain Routing) is a method for allocating IP addresses and routing IP packets. It is used extensively in AWS networking, including VPC configuration, subnetting, and Security Group rules.
Key Concepts
- CIDR Notation defines a range of IP addresses using:
- A Base IP – starting point of the range (e.g.,
10.0.0.0) - A Subnet Mask – indicates how many bits are fixed for the network portion.
- Common Examples:
WW.XX.YY.ZZ/32→ A single IP address0.0.0.0/0→ All IP addresses (anywhere)192.168.0.0/26→ Range from192.168.0.0to192.168.0.63(64 total IPs)
Subnet Mask Representation
The subnet mask can be expressed in:
- Slash notation (CIDR):
/0,/24,/32, etc.
- Dotted decimal:
/8→255.0.0.0/16→255.255.0.0/24→255.255.255.0/32→255.255.255.255
IP Range Examples
CIDR Block | Total IPs | Range Example |
192.168.0.0/32 | 1 | 192.168.0.0 |
192.168.0.0/31 | 2 | 192.168.0.0 – 192.168.0.1 |
192.168.0.0/30 | 4 | 192.168.0.0 – 192.168.0.3 |
192.168.0.0/28 | 16 | 192.168.0.0 – 192.168.0.15 |
192.168.0.0/26 | 64 | 192.168.0.0 – 192.168.0.63 |
192.168.0.0/24 | 256 | 192.168.0.0 – 192.168.0.255 |
192.168.0.0/16 | 65,536 | 192.168.0.0 – 192.168.255.255 |
0.0.0.0/0 | 4,294,967,296 | All IPv4 addresses |
Quick Memory Guide
/32→ No octets change (single IP)
/24→ Last octet can change
/16→ Last two octets can change
/8→ Last three octets can change
/0→ All octets can change
AWS Relevance
- VPC CIDR Block – Defines the overall IP space for your VPC.
- Subnet CIDR Blocks – Must fit inside the VPC CIDR and cannot overlap.
- Security Groups & NACLs – CIDR ranges define allowed/denied IPs.
- Best Practice – Plan CIDR blocks in advance to avoid overlap when peering VPCs.