Home / Network Fundamentals / Understanding CIDR vs VLSM in subnetting

Understanding CIDR vs VLSM in subnetting

Classless Inter Domain Routing (CIDR) e Variable Length Subnet Mask (VLSM) were introduced to use the IP addressing space in a more efficient way, but also to improve the scalability for the global routing mechanism.

The exponential growth of the Internet in the past 20 years highlighted shortcomings in the original IP protocol. CIDR and VLSM allow greater flexibility in the creation of sub-networks, overcoming the strict rules of the A-B-C Class mechanism (explained with details here).

Classless Inter Domain Routing (CIDR)

Using CIDR a Subnet Mask is assigned to the IP address. This mask indicated the length of the Network+Subnet part. The subnet mask can be expresses either in binary, decimal or ‘/x’ notation. The meaning is always the same. An example of subnet mask is the following:

<IP Address>

Converting the subnet mask in binary:  =  11111111.11111111.1110000.0000

So the subnet mask is an uninterrupted string of  ‘1’ that always starts from the left side. We can count nineteen ‘1’ in the string, that’s why the compact notation is /19.

In summary the most common ways to represent the Subnet Mask are:

  • <IP Address>
  • <IP Address>  /19

The binary form clearly shows how many ‘1’ are in the mask, but as usual it’s difficult to use for manual calculations. Much better rely on compact notations such as the two aforementioned ones.

Variable Length Subnet Mask (VLSM)

Let’s now see an example of IP address with associated a Subnet Mask: = /18

The first part (i.e. represents the traditional IP address that is now extended with a Subnet Mask. Without the Subnet Mask, an IP address is always considered classful which means it is always using the default Subnet Mask. In case of default the Subnet Mask does not need to be specified because can only assume values /8, /16, /24 depending on the class A, B or C. In the example the IP address belongs to Class B because the first octet is in the range 128-191), but the subnet mask is not the default /16 but /18, allowing an additional partitioning of a Class B address. This is the basic of IP subnetting using Variable Length Subnet Mask (VLSM).

The Variable Length Subnet Mask (VLSM) is a mechanisms that works closely with CIDR. VLSM allows to “steal” bits from the host part of an IP address so to create a new field called Subnet. The details about how this field is created are explained here.

CIDR, using the /18 notation seen in the example above, allows to indicate the length of the Network+Subnet parts, so it is possible to understand how to route that IP address in the network. Being a classless IP address, is not any longer tied to the rules of A-B-C Class. At the same time, VLSM enables the creation of the Subnet field located between the Network and Host parts in the IP address.

With the use of CIDR and VLSM is possible to preserve a significant amount of IP addresses that would be wasted. Let’s see a practical example about that.



A company called XYZ needs to interconnect its 25 offices located around the World. In order to do that, it requires 25 public IP addresses that are requested to the ICANN. Without CIDR/VLSM, the obvious choice would be the use of a Class C address. By default a Class C address offers 8 bits for the host part, so up to 254 devices can be uniquely identified and connected to the network. The IP address block assigned by ICANN is the following:

It’s clear that the company needs to pay for 254 public IP addresses (range from to even though it is only using 25 of them. What happens to the remaining 232 IP addresses? Unluckily they are unused and no other organization can utilize them because already assigned to company XYZ. The wasting of addressing space is relevant and has economic implications (the public IP addresses are expensive) but also technical implications (wasting of IP addresses so accelerating the exhaustion). 

The introduction of CIDR/VLSM allowed the allocation of a smaller block of IP addresses:

The Subnet Mask was /24 (Class C) but is now /27 and that means 3 bits have been stolen to create the subnet field. The range of public IP assigned to the XYZ company is now from to, a total of 30 IP addresses. This means having all 25 offices connected to the network, with a minimum waste of 5 IP addresses (while before it was 232). Summarising everything in a table:

Without CIDR/VLSM (classful)With CIDR/VLSM (classless)
IP Block Assigned195.1.1.0/24195.1.1.0/27
Number of Networks Available11
Number of Hosts Available25430
Usable IP Rangeda

If you are not familiar on how to calculate the IP subnetting presented in the table above, you might want to have a look at our Easy Subnetting Technique that allows to solve any subnetting problem in less than a minute.

From IPv4 to IPv6

As explained, VLSM and CIDR are two components of the same mechanism that allows an efficient partitioning of the IP addressing space. All modern networks work this way, and often the terms VLSM and CIDR are interchangeable. Besides the terminology, what is important is understanding how the introduction of the Subnet field allowed the IP Protocol to survive for 30 years of field use, avoiding wasting of addressing space that would have caused the IP exhaustion much earlier than that.

ARIN recently announced the exhaustion of free IPv4 addresses, so the IPv4 addressing space is now depleted. The IP protocol was first conceived in 1974 and presented in a paper entitled “A Protocol for Packet Network Intercommunication” (authors: Vint Cerf and Bob Kahn). IP versions from 0 to 3 were experimental, used between 1977 and 1979. The following one, IP Version 4 (IPv4), is the one that we all know. Mechanisms like CIDR and VLSM allowed this glorious network protocol to last 40+ years before running out of space.

Kudos to IPv4, and long live IPv6 !


Understanding CIDR vs VLSM in subnetting
5 (100%)

About Valerio Plessi

Valerio is a CCIE R&S certified Network Consultant Engineer with 10+ years of experience in IT. In the past he worked for Cisco Systems as High Touch Technical Support Engineer, then he switched to Network Consulting taking care of large Enterprise and Service Provider customers. When not in front of his MacBook, he is probably travelling and photographing the world!

Check Also

ip address class

IP Address Classes: the Definitive Guide

Article Contents1 IP Address representations2 IP Address terminology3 IP Address classes4 IP Address default subnet …

Leave a Reply

Your email address will not be published. Required fields are marked *