These five terms all refer to somewhat overlapping concepts. As a result, some confusion has surfaced about what each of these terms actually mean, and how they differ from each other. That is what this article is going to pick apart.
These five terms can be broken up into two sets of two terms:
- Classful and Classless — these have to do with the size of networks as they are assigned from IANA.
- FLSM and VLSM — these have to do with how you allocate your IP space within your networks.
But what of CIDR? CIDR stands for Classless Inter-Domain Routing. The terms Classless and CIDR effectively define identical concepts.
Classful vs Classless / CIDR
IANA, or the Internet Assigned Numbers Authority, is responsible for allocating the entire IP address space to any entity that needs a presence on the Internet (0.0.0.0 – 255.255.255.255).
IANA has delegated this responsibility to five Regional Internet Registries (RIRs): ARIN, RIPE, LACNIC, AFRINIC, APNIC, which in turn allocate address space to the various corporations in their regions.
There are two strategies the RIRs use to allocate IP address space: the legacy strategy called Classful addressing, and the current strategy of Classless addressing (commonly referred to as Classless Inter-Domain Routing, or CIDR).
Classful
Classful addressing is how the early Internet was formed. IP assignments were given on the Octet boundaries:
The idea behind Classful address assignments was, if you were a company that …
- … needed 200 IP addresses, a
/24
IP address block from the Class C range would be assigned. - … needed 50,000 IP addresses, a
/16
IP address block from the Class B range would be assigned. - … needed over 65,000~ IP addresses, a
/8
IP address block from the Class A range would be assigned.
However, this led to a lot of wasted IP addresses. If, for instance, you only needed 300 IP addresses, a Class C would not suffice, so you would end up with a Class B and nearly 60,000 IP addresses would be wasted.
You could argue, why not simply assign two /24
blocks from the Class C range (providing 512 IP addresses)? Good point, and this frequently was done. But what if you needed 25,000 IP addresses? That would require 98 different /24
blocks from the Class C range. Instead, a single Class B was assigned — which still meant about 40,000 IP addresses were wasted.
Classful addressing evolved into what we know of as Classless Inter-Domain Routing, or CIDR.
CIDR / Classless
With Classless Inter-Domain Routing (CIDR), IP assignments are not limited to the three classes. The whole unicast range (any IP address with a first octet of 0
– 223
) can be allocated in any size block. In effect, the whole concept of IP address “classes” is done away with entirely.
Instead of requiring the IP assignment from the RIRs to be either a 255.0.0.0
or 255.255.0.0
or 255.255.255.0
block, they could be any size — and for simplicity, slash notation was adopted.
- If you need 300 IP addresses … You get a
/23
. - If you need 500 IP addresses … You also get a
/23
. - If you need 1000 IP addresses … You get a
/22
. - If you need 25,000 IP addresses … You get a
/17
. - If you need 70,000 IP addresses … You get a
/15
. - If you need 250,000 IP addresses … You get a
/14
(instead of the ~16 million IP addresses from the/8
block that would have been assigned in the Classful world).
This creates a system in which IP address ranges are assigned with a much, much smaller rate of wasted IP addresses.
CIDR address assignment was ratified in RFC 1518, back in September of 1993. Making it the ubiquitous standard for the last 30 years (if you’re reading this in 2023).
The concept of Classful address assignment is useful to know from a historical perspective. But in reality, nowhere in the world is Classful addressing still employed.
The rare exception, however, is certain archaic protocols or devices which operate “classfully”. This means they assume a mask based upon the IP address, according to the IP address’s class (i.e., an IP address’s first octet).
For example, if a classful protocol or device is given the IP address 199.22.33.4
— the first octet is 199
, which means this is a Class C address, and the Subnet Mask is assumed to be 255.255.255.0
.
FLSM and VLSM
That brings us to Fixed Length Subnet Masks (FLSM) and Variable Length Subnet Masks (VLSM). FLSM and VLSM refer to how IP address space is assigned within each organization. By comparison, the terms we described above (Classful and CIDR) refer to how IP address space is allocated from IANA/RIRs.
We will demonstrate how FLSM and VLSM work using this topology, and the listed number of IP addresses required for each subnet:
FLSM
Fixed Length Subnet Mask (FLSM) refers to a strategy where every one of your networks within your infrastructure is the same size.
Whether you received a classful assignment or a classless assignment from your RIR, you can deploy the IP addresses in a Fixed Length manner. For example:
You are assigned by your RIR this /24: 9.9.9.0 /24
. Since the biggest segment of your networks requires 30 IP addresses, the smallest size subnet you can utilize is a /27
, which contains 32 total IP addresses and 30 usable IP addresses.
In the FLSM world, every Subnet in your topology must be the same size. Which means if one Subnet needs to be a /27
, then all Subnets need to be a /27
:
In this particular topology, a total of 91 IP addresses is required, but the entire /24 (256 IP addresses) was allocated, leaving no additional room for expansion. This is a very inefficient utilization of the assigned IP address space.
The question remains though, if this was such an inefficient method of allocating IP address space, why did it ever exist? The reason: To save bits on the wire.
The early, early routing protocols (i.g., RIPv1 and its predecessors) saved bits on the wire by not including the subnet mask in advertisements — the subnet mask for all advertised networks was assumed to be the same mask assigned to the receiving interface.
That means the original iteration of RIP only needs to send: 9.9.9.0
, 9.9.9.32
, 9.9.9.64
, etc. Instead of: 9.9.9.0 255.255.255.224
, 9.9.9.32 255.255.255.224
, 9.9.9.64 255.255.255.224
, etc.
In today’s high capacity networks, saving these few bits is entirely inconsequential, but there was a time in the early history of building computer networks (1960s, 1970s), where transmitting bits was comparatively expensive.
The key point being: FLSM is not the same thing as Classful assignments. FLSM is simply using one size subnet mask on all the router interfaces, for all the routers in your topology.
Whether the IP address space you received from IANA/RIRs was a Classful or Classless assignment is irrelevant to FLSM.
VLSM
As we can see in the example above, FLSM leads to many wasted IP addresses. The evolution from FLSM is what brought us to VLSM, or Variable Length Subnet Mask.
If FLSM is a subnet deployment strategy that requires all subnet masks to be the same size, then VLSM is a subnet deployment strategy that allows all subnet masks to be variable sizes.
The same IP assignment example above can be redone much more efficiently using VLSM.
Notice, we still required 91 host IP addresses, but we were able to accommodate that by only assigning 116 IP addresses, leaving another 140 IP addresses in our /24 to expand and scale this topology.
Granted, VLSM is not perfect — it doesn’t prevent all wasting of IP addresses, but it is a significant improvement over FLSM. VLSM is also the defacto standard for how every network is designed today.
Summary
To summarize:
- Classful addressing is IANA/RIRs assigning IP space from Class A, B, or C blocks (legacy).
- Classless or CIDR is IANA/RIRs assigning IP space in any size block, as required (modern standard).
- FLSM mandates that every IP subnet within your deployment be the same size (legacy).
- VLSM allows any IP subnet within your deployment to be any size (modern standard).
Hopefully now you understand of the individual definitions for each of these terms.
Brilliant!
Hi Mate, love your stuff, going through it here, bit by bit 😉
Found 1 typo: The early, early routing protocols (i.g., RIPv1 and its predecessors) saved bits on the wire by not included..
I think it should be including?
Thanks! love your information.
Oops, good catch! Thanks Iain! I’ve fixed it. Glad you enjoy the content =).
OMG!
Why do most of the published books on Network+ fail to make these things clear (and much else besides)? I have read many sections most of them and they are either just confusing (usually because the grammar is horrible), or too technical, or both. I hate to say it but even Wikipedia is a better resource in many cases.
Just 30 mins of reading through your articles cleared two nagging issues up for me: I was confused why I could do DNS requests even though my port 53 was closed, and the difference between VLSM and classless routing.
Have you ever thought about writing a complete guide to Network+? I would definitely buy that if it was up to the same standards as these articles.
Hi Andrew. Thanks for the kind words! I’m so happy you got so much from these articles =). Your comment almost perfectly encompasses my goal when I create this content… “to provide the happy, practical medium between overly simplistic and overly detailed“. So it’s nice to hear I’m achieving that. =)
Out of curiosity, which article cleared up your ability to make DNS requests with port 53 closed? 🙂
Well Explained in an easy way. Thank you
You’re welcome, Mudssar!
Thank you, however, I found it confusing on the VLSM section the reason the subnetworks jumped around?
What do you mean, jumped around? This might be a better question for discord: pracnet.net/discord
This is a great article! I would suggest putting your name at the top and the date you posted this. I am using this as a reference to a paper I am writing for college. I was able to find your name by going to you about tab. I don’t think most people will do that. If you put both at the top of the page your work could be cited easier. Just an idea. Anyhow, very detailed with some great examples!
Great point. I had that in my old blog theme. But it wasn’t enabled in the new theme. I’ll dig through the settings to re-enable it. Glad you enjoyed the article!
many thnaks! just a remark on last VLSM section two transport networks should be /30 not /31
You can actually use a /31 on point to point links =)
https://datatracker.ietf.org/doc/html/rfc3021
I also mention it in my VLSM explained video.
Thank you
Really enjoyed the article. Topic well explained 🙂
Thank you, Oren.
I would argue that FLSM (subnetting) is NOT legacy. And in fact is still used to aggregate networks together, that can then be distributed to regions for efficient route aggregation. Once the subnet is distributed to a region, we can then fall back to using VLSM to distribute that subnet out to meet our needs in that particular region. Let me explain. Let’s say you start with a 10.0.0.0/8 network for a large enterprise. We might first FLSM (subnet) this by geographical region. For argument sake, we will divide the ‘world’ into four segments. So we might FLSM our original 10.0.0.0/8 into four networks of /10 each. (Subnet A 10.0.0.0 /10, Subnet B 10.64.0.0 /10, Subnet C 10.128.0.0 /10 and finally Subnet D 10.192.0.0 /10) Subnet A might go to North America. We then use VLSM to segment this supernet network according to our needs within that region. Subnet B might go to the EU, then VLSM to split it out according to our needs in that particular region. So on and so forth… Point is, we still to this day utilize both subnetting and VLSM, they are just used for different purposes. Subnetting is more for route aggregation and ensuring networks remain contiguous within a particular region. This facilitates the ability to keep route tables small, leading to efficient and quick routing from region to region.
OMG, this is brilliant! I’ve read a lot of resources to get a better understanding of CIDR & VLSM and always ended up confused. But when I read through your article, I can understand it easily. Thank you soo much 🙂