D-Link Forums

The Graveyard - Products No Longer Supported => D-Link NetDefend Firewalls => Topic started by: Fatman on February 23, 2010, 08:55:19 AM

Title: CIDR Notation Primer
Post by: Fatman on February 23, 2010, 08:55:19 AM
This is a very quick guide on figuring out CIDR Notation addresses and network identifiers.  Way more information can be found on Wikipedia I am sure.

DFL series firewalls require network addresses to be in CIDR Notation, any time you are asked to fill in a Network for an interface, route, or VPN you will need to know the CIDR Notation for that network.  IP Addresses should NOT be in CIDR notation, I am covering them here however as I will use CIDR notation in my posts.

We are going to start with finding a network ID for the default LAN IP information of the DFL firewall.

The first section if the network identifier (meaning the host portion of the IP Address is all zeros).
Follow that with a forward slash.
Then put the number of bits that are ones in the subnet mask.

So for 192.168.1.1 subnet mask 255.255.255.0 the following is the process for finding the CIDR Notation network address.

Network Part  | Host Part
____________
|255.255.255.|000
|192.168.001.|001

Given the above subnet mask the network part of the IP is 192.168.1. and for a network identifier you zero out the host part so it is 192.168.1.0.

Now we know that 255 is eight ones in binary, so we count the number of ones in the mask and get 24 (8x3).

That makes the completed CIDR Notation network address 192.168.1.0/24.

For a full IP address in CIDR Notation you will need to use the IP address instead of the network address for the first section.  So for the above it would be 192.168.1.1/24.

Now lets do a harder one.  The below was conjured randomly, please don't try calling it for a good time.

IP 86.75.30.9 subnet mask 255.255.248.0

This one does not break down cleanly across octets so we have to do a little more work.

Now when we are trying to find the network portion we can break it down like below.

086.075.030.009
255.255.248.000

The first 2 octets and the last octet are easy 086.075.xxx.000, the 3rd one will be the problem child.  Lets compare just the 3rd one in binary.  We are going to be copying all of the bits in the host address that have a corresponding one in the subnet mask.  This is called a bitwise and.

030 0001 1110
248 1111 1000

024 0001 1000

So our network address is 86.75.24.0.  Now we need to find the number of bits in the subnet mask, lets just count it up.

255.255.248.0

255 has 8 ones, and 248 has 5 ones in it.

(8 * 2) + 5 = 21

So the CIDR Notation network address fore 86.75.30.9 is 86.75.24.0/21, and the CIDR Notation IP Address is 86.75.30.9/21.