CIDR has two main features:
(I)CIDR divides a 32-bit IP address into two parts. The front part is "network-prefix" (or simply "prefix"), which is used to represent the network, and the back part is used to represent the host. Therefore, CIDR makes the IP address return from the third-level addressing (using subnet mask) to the second-level addressing, but this is the second-level addressing without classification. Its symbol is:
IP address: = {; , < host number >} (4-3)
CIDR also uses slash notation, or CIDR notation, that is, add a slash "/"after the IP address, and then write down the number of digits occupied by the network prefix.
(2)CIDR combines consecutive IP addresses with the same network prefix into a "CIDR address block". As long as you know any address in the CIDR address block, you can know the starting address (that is, the minimum address) and the maximum address of this address block, as well as the number of addresses in the address block. For example, it is known that the IP address 128. 14.35.7/20 is an address in the CIDR address block, and now it is written as a binary representation, where the first 20 bits are the network prefix and the following 12 bits are the host number:
128. 14.35.7/20= 1000 0000 0000 1 1 10 00 10 00 1 1 0000 0 1 1 1
The minimum address and maximum address in the address block where this address is located can be easily obtained: find out which byte in the address mask (the number of bits after slash is the number of mask address 1, and 20 bits) appears at the junction of 1 and 0. Now it's in the third byte. Take the following 12 as the minimum address and write 1 as the maximum address.
Minimum address: 128. 14.32.0? 1000? 0000 0000 1 1 10 00 10 0000 0000 0000
Maximum address: 128. 14.47.255? ? 1000 0000 0000 1 1 10 00 10 1 1 1 1 1 1 1 1 1 1 1 1
The host numbers of these two special addresses are both 0, and both are 1. Generally do not use. Usually only the address between these two special addresses is used. This address block * * * has two 12 addresses (the number of hosts is several times). We can use the smallest address in the address block and the number of bits of network prefix to represent this address block. For example, the above address block can be written as 128. 14.32.0/20. When it is not necessary to specify the starting address of an address block, such an address block can also be simply referred to as "/20 address block".
CIDR uses a 32-bit address mask to facilitate routing. The address mask consists of a string of 1 and a string of 0s, and the number of 1 is the length of the network prefix. Although CIDR no longer uses subnets, some networks still use subnets and subnet masks, so the address masks used by CIDR can continue to be called subnet masks. For example, the address mask of /20 address block is:11111165438. In slash notation, the number after the slash is the number 1 in the address mask.
In "CIDR does not use subnet", it means that several bits in the 32-bit address are not designated as subnet fields by CIDR. However, devices assigned to CIDR address blocks can still be divided into some subnets as needed. These subnets also have only one network prefix and one host number field, but the network prefix of the subnet is longer than that of the whole unit. For example, if a unit is assigned to address block /20, it can be further divided into 8 subnets (that is, it needs to borrow 3 bits of the host number to divide the subnets). At this time, the network prefix of each subnet becomes 23 bits (the original 20 bits plus 3 bits borrowed from the host number), which is 3 bits more than the unit network prefix.
Because there are many addresses in the CIDR address block, the CIDR address block is used in the routing table to find the destination network. This kind of address aggregation is usually called route aggregation, which enables an entry in the routing table to represent multiple routes (such as the last one) of the original traditional classified address. Route aggregation is also called supemetting. Routing aggregation is beneficial to reduce the exchange of routing information between routers, thus improving the performance of the whole Internet.
There are many forms of CIDR notation. For example, the address block 10.0.0/ 10 can be abbreviated as110, that is, the consecutive zeros in dotted decimal system are omitted. Another simplified representation is to add an asterisk * after the network prefix, such as: 0000 10 1000*, indicating that the network prefix is before the asterisk *, and the asterisk ◆ indicates the host number in the P address, which can be any value.
When the number of prefix digits is not an integer multiple of 8, some address information can be obtained by simple calculation. Table 47 shows the most commonly used CIDR address blocks. K in the table means 2 10 = 1024, and network prefixes less than 13 or greater than 27 are rarely used. Host numbers of all 1 and all 0s are not excluded in "Number of included addresses".
As can be seen from Table 4-7, the number of addresses in each CIDR address block must be an integer power of 2. Most CIDR address blocks can contain multiple Class C addresses (twice as many as Class C addresses, and n is an integer), which is the origin of the term "forming a supernet".
One advantage of using CIDR is that the address space of PV4 can be allocated more effectively, and CIDR address blocks with appropriate size can be allocated according to the needs of customers. Suppose an ISP already has an address block of 206.0.64.0/ 18 (equivalent to 64 Class C networks). Now a university needs 800 IP addresses. ISP can assign an address block 206.0.68.0/22 to the university, which contains 1024 (that is, two10)/p addresses, which is equivalent to four consecutive Class C (/24 address blocks), accounting for/kloc-of the address space owned by ISP. Then the university can freely allocate address blocks to all departments of the university, and each department can further divide the address blocks of its own department.
The concept of address aggregation can be clearly seen in Figure 4-25. This ISP*** has 64 Class C networks. If CIDR technology is not used, there will be 64 entries in the routing table of each router to exchange routing information with SP routers. However, after the address aggregation, the ISP can be found by only one entry after the route aggregation, that is, 206.0.64.0/ 18. Similarly, this university has four departments, 18. This project is like a university mail room. The postman does not consider the addresses of all departments in the school, but delivers them to the school's mail room in a centralized way, and then the school's mail room makes the next delivery. This reduces the workload of V delivery personnel (equivalent to simplifying the lookup of routing tables).
From the binary address in the table below Figure 4-25, it can be seen that aggregating the routes of four departments into one route of the university (that is, forming a supernet) is to shorten the network prefix. The shorter the network prefix, the more addresses its address block contains. In the three-level structure of P address, the subnet is divided to make the chromium prefix longer.
When using CIDR, because of the representation of network prefix, IP address consists of network prefix and host number, so the entries in the routing table should be changed accordingly. At this point, each item consists of "network prefix" and "next hop address". However, when looking up the routing table, you may get multiple matching results. This brings us a question: which route should we choose from these matching results?
The answer is that the route with the longest network prefix should be selected from the matching results. This is called longest prefix matching, because the longer the chromium prefix, the smaller the address block, so the more specific the route. Longest prefix matching is also called longest matching or best matching to illustrate the concept of longest prefix matching.
Suppose the fourth department under the university wants to send the datagram forwarded to the fourth department directly to the fourth department without going through the router of the university, but is unwilling to change the P address block it uses. Therefore, there must be at least two items in the router routing table of SP, which are 206.0.68.0/22 (university) and 206.0.7 1. 128/25 (four systems). Now suppose that the ISP receives a datagram with the destination IP address of D=206.0.7 1. 130. Perform bitwise AND D operation with the masks of these two items in the routing table. Write the results of bitwise AND operation in the following order:
D and1111111165438+. 0000 Bitwise Sum = 206.0.68.0/22 Matching
D and1111111165438+. 38+0111000000 Bitwise AND = 206.0.71.128/25 matching.
It is not difficult to see that there are two destination networks (University and Department 4) matching the same IP address D in the routing table. According to the principle of matching the longest prefix (1 digit), the latter should be selected and the received datagram should be forwarded to the destination network (quaternary) of the latter, that is, the more specific one of the two matching addresses should be selected.
As can be seen from the above discussion, if CIDR is used in the allocation of IP addresses from the beginning, then we can allocate address blocks according to the geographical location of the network, which can greatly reduce the routing items in the routing table. For example, the world can be divided into four regions, and each region is assigned a CIDR address block:
Address blocks 194/7 (194.0.0 to195255.255,25) are allocated to Europe:
The address blocks 198/7 (198.0.0 to199.255.255,255) are allocated to Baylor Mainland.
Address blocks 2007 (200.0.0 to 20 1255.255.255) are allocated to Central America and South America:
Address blocks 202/7 (202.0.0 to 203255.255.255) are allocated to Asia and the Pacific.
Each address block above contains 32 million addresses. This method of allocating addresses makes IP addresses associated with geographical locations. Its advantage is that it can greatly reduce the number of entries in the routing table. For example, any IP datagram from China to North America (no matter which address in the address block 198/7) is sent to a router in the United States first, so it is enough to use one of the routing tables.
After using CIDR, it becomes more complicated to find the longest prefix match. When the number of entries in the routing table is large, how to reduce the search time of the routing table becomes a very important problem. For example, if the line speed connected to the router is 10Gbit/s and the average packet length is 2000 bits, then the router should be able to handle 5 million packets per second on average (usually 5 Mbps). In other words, the average time for a router to process a packet is only 200 s (1ns = 10-9 seconds). Therefore, the time required to find each route is very short.
For unclassified routing tables, the simplest search algorithm is to search all possible prefixes circularly. For example, given the destination address d. For each possible network prefix length m, the router extracts the first m bits from d into the network prefix, and then looks up the network prefix in the routing table. The longest match found corresponds to the route to be found.
"The obvious disadvantage of this simplest algorithm is that there are too many searches. In the worst case, the route is not in the routing table. In this case, the algorithm still needs to be done 32 times (the 32-bit network prefix is a specific host route). Even if you want to find the traditional class B address (i.e./16), you should search 16 times. This algorithm has to go through 3 1 unnecessary searches for frequently used songs to identify routes. "
In order to search more effectively, unclassified addressed routing tables are usually stored in a hierarchical data structure, and then searched hierarchically from top to bottom. The most commonly used tree here is binary trie, which is a kind of tree with special structure. The bit value from left to right in the IP address determines the path extending from the root node to the lower layer, and each path in the binary thread represents each address stored in the routing table.
Figure 4-26 illustrates the structure of binary clues. The figure shows five IP addresses. In order to simplify the structure of binary clues, we can first find out the unique prefix corresponding to each P address. The so-called unique prefix means that it is unique among all P addresses in the table. In this way, these unique prefixes can be used to construct binary clues. When searching, as long as you can match the unique prefix.
The root node of a binary thread has a depth of at most 32 layers from top to bottom, and each layer corresponds to a bit in an IP address. The rules for storing binary clues in IP addresses are simple. First, check the first bit on the left of the IP address. If 0, the node of the first level is located at the lower left of the root node. If it is 1, it is at the lower right. Then check the second bit of the address to construct the node of the second layer. And so on until the last digit of the unique prefix. Because the unique prefix is generally less than 32 bits, the depth of binary clues constructed with unique prefixes is often less than 32 layers. The thick dotted line in the figure is the path with the prefix 0 10 1 in this binary clue. The small circle in the binary clue is the middle node, and the small box at the end of the path is the leaf node (also known as the external node). Each leaf node represents a unique prefix. The number next to the connecting line between nodes indicates that the corresponding bit of the edge in the unique prefix is 0 or 1.
Suppose there is an IP address of100110110/0000000? 0000000000, we need to find out whether the address is in this binary clue. Let's start from the far left. It is easy to find that when the third character (0 after the prefix 10) is found, there is no match in the binary clue, indicating that this address is not in this binary clue.
Only the usage of binary clues as data structure is given above, but the relationship between "matching with unique prefix" and "matching with network prefix" is not explained. Obviously, in order to use the binary thread in the routing table, each leaf node in the binary thread must also contain the corresponding network prefix and subnet mask. When searching for a leaf node, the destination address and subnet mask of the leaf node must be bitwise AND to see if the result matches the corresponding network prefix. If there is a match, the packet is forwarded according to the interface of the next hop. Otherwise, the packet will be discarded.
In short, binary clues only provide a mechanism to quickly find matching leaf nodes in the routing table. But whether this matches the network prefix requires a logical AND operation with the subnet mask.
"In order to improve the speed of finding binary clues, various compression technologies are widely used. For example, the first four digits of the last two addresses in Figure 4-26 are 10 1 1. Therefore, as long as the first four bits of an address are 10 1 1, you can skip the first four bits (that is, compress four levels) and start the comparison directly from the fifth bit. This can reduce the search time. Of course, making compressed binary clues requires more calculation, but it is worthwhile because it can improve the search speed every time you look up the routing table. "