Premium Member Database last update: Thursday, September 29, 2016 10:02:49 GMT-0700

Aggregated CIDR Lists

Using an Access Control List is less daunting when the list is small. When the list includes tens of thousands of lines it can consume firewall and system resources. To alleviate this problem Country IP Blocks has created a new aggregation product and is now in the final stage of beta-testing. The results are outstanding.

Imagine being able to select a country or group of countries, sort them into contiguous networks, aggregate the result into network ranges then process this data into the fewest legal networks (supernets) possible and do it all instantly on the fly. We can do it.

Last year we introduced a network aggregation script that did an excellent job aggregating network ranges. The output consolidated the networks into large network range blocks. Unfortunately, not all firewalls or systems could handle blocks that merely had starting and ending IP addresses. Many needed the data in legal network ranges and required CIDR or Netmask in order to use the data.

In addressing this issue we developed a script to aggregate blocks into as few supernets or subnets as possible. We then combined the two algorithms and created a product which should deliver large volumes of data in the smallest possible Access Control Lists.

Country(ies)#NetworksAggregation ConversionReduction in ACL size
Canada6.4083.13551.08%
USA42.31245.09564.3%
Canada/USA48.72012.87773.57%

As you combine additional countries with contiguous network blocks your Access Control Lists continue to get smaller.

We expect to release this new feature soon. We would like to get some feedback from you in advance of this release.

Do you think this is this a beneficial feature? Is this a feature you would use?

Please send us your feedback to connecting@countryipblocks.net

As a courtesy we are including our CIDR aggregation of USA/Canada networks from June 2, 2012 below.