Aggregating CIDR Networks
Since posting information regarding some of our upcoming IP network aggregation block lists many members and site visitors have contacted us expressing their appreciation and have requested more information on this feature and have also asked whether we will be releasing a product to aggregate networks and produce the results in a CIDR format.
The initial release of this product to Premium and Premium Plus Members is expected within the next few weeks and the output of our first network aggregation script will include results in a network range format. This means the data will show the starting and ending IP of the aggregated network(s).
We have also started the development of software to produce results in a CIDR format.
Generally speaking, the network range format will produce the least number of lines of output. CIDR aggregation will significantly reduce the size of Access Control Lists, but the results will be at least slightly larger than network range.
For example, if we aggregated the following US networks:
CIDR: 220.127.116.11/8 Network Range: 18.104.22.168 - 22.214.171.124
CIDR: 126.96.36.199/8 Network Range: 188.8.131.52 - 184.108.40.206
CIDR: 220.127.116.11/8 Network Range: 18.104.22.168 - 22.214.171.124
CIDR: 126.96.36.199/8 Network Range: 188.8.131.52 - 184.108.40.206
The network range results would be 220.127.116.11 - 18.104.22.168. This makes for a much smaller ACL.
The CIDR result would need two ranges: 22.214.171.124/7 and 126.96.36.199/7. This is still a 50% decrease in the output over the regular results but produces more data in the Access Control Lists than the network range format.
Please keep in mind that these aggregated lists are not to be used for routing purposes. They are meant to be used to allow or deny access only.