Glossary term
CIDR (Classless Inter-Domain Routing)
CIDR is the notation and allocation scheme that writes IP address blocks as a base address plus a prefix length, such as 1.1.1.0/24.
What CIDR (Classless Inter-Domain Routing) means
CIDR stands for Classless Inter-Domain Routing, and it is both a way of writing IP address ranges and the underlying scheme by which the internet allocates and routes address space today. A CIDR block is written as a base address followed by a slash and a number — for example 1.1.1.0/24 — where the number is the prefix length: how many leading bits of the address are fixed and identify the network, leaving the remaining bits to enumerate the individual addresses inside the block.
To understand CIDR it helps to remember what it replaced. The early internet divided address space into rigid classes: Class A networks held a vast number of addresses, Class C networks held only a couple hundred, and there was little in between. This was wasteful — an organization that needed a few thousand addresses had to take a whole Class B and waste most of it, or stitch together many small Class C blocks and bloat the routing table. CIDR threw out the fixed classes and made the boundary between network and host adjustable, one bit at a time. That is the "classless" in the name.
The prefix length is the heart of the notation. In IPv4, an address is 32 bits, so a /24 fixes the first 24 bits and leaves 8 bits for hosts, which is 256 addresses; a /16 fixes 16 bits and leaves 65,536; a /32 fixes all 32 bits and therefore identifies a single address. A smaller prefix-length number means a larger block. This bit-level flexibility lets registries hand out address space in sizes that match actual need, and it lets networks aggregate many small blocks into one announcement when they are contiguous, which keeps the global routing table far smaller than it would otherwise be. That aggregation — combining adjacent prefixes into a single shorter prefix — is the routing efficiency CIDR was designed to deliver.
CIDR is inseparable from how the Border Gateway Protocol (BGP) works. Networks announce CIDR prefixes, not individual addresses, and routers choose the most specific matching prefix when forwarding a packet. "Most specific" means the longest prefix length that still contains the destination address: if both a /16 and a /24 cover an address, the /24 wins because it is more specific. This longest-prefix-match rule is elegant and powerful, but it has a security consequence. An attacker who announces a more-specific prefix — a /24 carved out of someone's legitimate /16 — can attract traffic away from the rightful holder, because the more-specific announcement is preferred. More-specific hijacks and the Multi-Origin AS events that often accompany them are read in exactly these CIDR terms.
The same notation applies to IPv6, where addresses are 128 bits and prefix lengths run correspondingly longer; a /48 or /64 are common allocation and subnet sizes there. The principle is identical: a base address and a prefix length describe a contiguous block, and routing operates on those blocks.
For anyone analyzing infrastructure, CIDR is the vocabulary of address space. The question "which network does this IP belong to?" is answered by finding the CIDR prefix that contains it and the Autonomous System that announces that prefix. The question "how big is this allocation?" is answered by the prefix length. The question "is this announcement legitimate?" often comes down to comparing the announced prefix against the address space its origin is authorized to hold.
Whisper Canon publishes a page for every announced prefix it observes, written in CIDR notation, and links each prefix to the Autonomous System that originates it and the addresses it contains. From a CIDR block you can move up to the routing layer or down to individual addresses, which makes the prefix the connective tissue between an abstract address range and the concrete networks and hosts that live inside it.
Examples in Whisper Canon
Concrete pages in the directory that illustrate CIDR (Classless Inter-Domain Routing).