Carving up the Internet into CIDR blocks.

I recently had to understand what CIDR blocks are and how they describe blocks of IP addresses and I figured I’d share what I learned.

I’ll stick to IPv4 addresses here, since that’s what most people are still dealing with these days.

##Anatomy of an IP address
The Internet Protocol (IP) provides every device on a network with an IP address. They take the form a.b.c.d, where a, b, c and d are numbers from 0 to 255.
Each of these four numbers is called an octet.
It’s called an octet because it is a representation of 8 bits. If you’re not comfortable with how binary numbers work, you should stop here and take a quick tutorial.

Since an IP address has four octets and each octet has a value from 0-255, there are a total of 256 × 256 × 256 × 256 or 4,294,967,296 possible IP addresses (incidentally, the 4 billion limit is one of the reasons IPv6 came about).

##Organisation of IP addresses
Although there are over 4 billion IP addresses available, they are not given out at random. There are specific IP ranges that are dedicated to specific purposes. For instance, you may have noticed that your home computer’s IP address is something like or That’s because the group of IP addresses that start 192.168 has been reserved for private networks. Another group that has been reserved for private use is the group that starts with a 10.

The Internet Assigned Numbers Authority (IANA) maintains the list of reserved IP addresses in a publicly available list. If you take a look you’ll notice that they use a special notation to define groups of IP address (or “CIDR Blocks”). The format is a.b.c.d/e. In this notation, e is the number that indicates the CIDR block and is called the prefix length.

Outside of the reserved blocks, CIDR blocks of different sizes are given out to organizations of different sizes. For instance, IBM has the block. The UK Ministry of Defence has the block.

##CIDR blocks
The spectrum of IP address can be readily carved up into groups of IP addresses. Rather than create groups of arbitrary IP addresses, contiguous blocks are used; these blocks constitute networks within the Internet (the network of networks). As such, they are known as subnets.
The CIDR notation allows us to concisely express a block of IP address that make up a subnet.

Subnets are identified by an IP address and the CIDR prefix length. An IP address is in a /e subnet if the first e bits of that IP address match the first e bits of the subnet address. Let’s see an example.

Suppose we have a subnet Is the IP address in this subnet?

First, convert the IP address to bits:

     192 .      168 .        1 .       34
11000000 . 10101000 . 00000001 . 00100010

Then take the first 24 bits, replace the remainder with zeros and convert them back to octets

11000000 . 10101000 . 00000001 . 00100010
11000000 . 10101000 . 00000001 . 00000000
     192 .      168 .        1 .        0

Here, we have our subnet address, so this IP address is in this subnet.

The prefix length tells us something about the size of the subnet. For a prefix length of n, we know that the last (32-n) bits of the IP address do not make a difference as to whether that IP address is in a given subnet. Thus, we can work out the size of the subnet.

CIDR prefix length Size of network Notes
32 1
31 2
30 4 For subnets this size and larger, the number of server IP addresses is usually reduced by 2. The lowest IP address is used as the network’s IP address and the highest IP address is used as the broadcast address.
29 8
16 65,536 This is the size of the 192.168.x.x block, reserved for private networks
8 16,777,216 This is the size of the 10.x.x.x block, also reserved for private networks
0 4,294,967,296 This is the total set of IP addresses. Since many of the CIDR blocks are reserved, no practical network would have this prefix length.

Using a prefix on its own can be used when talking about non-specific CIDR blocks. Thus, we can talk about a /24 network and and know that we’re talking about a network with 4096 IP addresses in it.

##CIDRs and subnet masks
If you’ve configured the network card of a computer before, you may recall that, along with the IP address of the computer, you sometime need to set the subnet mask. This is directly related to the CIDR prefix length. Essentially, the subnet mask for a prefix length n is the four octets you get when you set the first n bits to 1 and the remaining to 0. For example

CIDR prefix length Subnet mask

##What are they for?
The main use of CIDR blocks is routing. When you request a web page from a server, your request needs to get out of your network, onto the Internet, into the network that contains the target webserver and to that actual server.
In order to do this, it must go through several routers. These routers do not contain information about how to reach every single individual IP address on the internet. But the do contain information about how to get to different CIDR blocks.

Thus, your request can be passed through the internet to the appropriate CIDR block. From there, the router might know about other subnets within that CIDR block. For instance, can, potentially, contain any number of subnets, so long as they are smaller and fit within that IP range. For instance, it could contain or
By comparing the target IP address with the CIDR blocks that a router knows about, it can figure out where to send the packets next.

CIDR blocks can also be used by firewalls. CIDR blocks can be used to define whether packets to or from a specific block should be accepted or dropped.

Why Barrel Of Monkeys is important

Those of you who know me are probably aware that I spend a lot of time performing with Barrel Of Monkeys. I could happily tell you why I think they’re important, but I’m going to let 15-year-old Sebby D, who attended our Loyola Park After School Program tell you in his own words:

When I was 7 years old my grandmother came to Chicago for a visit, and we looked for something to entertain us with. We came across a show titled “That’s Weird Grandma”. We decided to see it out of love for the name. The show made us laugh until we cried from the very beginning to the end of the performance. The performers called themselves “Barrel of Monkeys” and we were intrigued to find out more about the program. I was signed up as soon as we heard that Barrel of Monkeys had a creative writing/acting class for kids.

I went into the first class nervous not knowing what to expect. The Barrel of Monkeys instructors were nice and funny and they made me laugh right away. My fears went away and I had the opportunity to act and be as silly or weird as I had wanted. The teachers were very talented and welcoming to me which made me felt like I belonged there. I was so sad that the hour and a half was over and I couldn’t wait to go back the next week.

The teachers had us write in journals near the end of the class. They said that I was supposed to write a story and be as creative as I wanted. I had originally thought that it would be a boring routine journal entry, and that the idea of a class that wasn’t a little boring seemed to good to be true. I was wrong. I was able to allow my story to run off in any direction it decided to go, which is a concept that I had never heard before. I was confident in doing this because one of the rules they had that they had repeated over and over is that every idea is a good idea.

Barrel of Monkeys has helped me throughout grade school. I was able to speak in front of my class with confidence, and throughout my years in school there were a total of 3 plays for my class to be in. I was given the largest speaking role in all three of them and I had the best time making all my roles have an interesting personality, voice and look. It was the training that Barrel of Monkeys used that gave me the advantage over my classmates and the resources that I needed to nail the parts that were given to me. They taught me to love learning my lines, and they gave me the confidence to have the little character quirks that I used to spice up my performance.

I am nearly fifteen years old now and have reached the maximum age to be a Barrel of Monkeys student. This past year they gave me the privilege of returning as an assistant teacher for the youngest kids in the program. It helped me to learn how to teach and be a role model around little kids. But what most impressed me was seeing how dedicated the Barrel of Monkeys staff is to the students. They seem to give endlessly and never ask for anything in return. Being a part of that is something that will guide me for the rest of my life.

One of the greatest things that Barrel of Monkeys does for its students, is perform the stories that the kids have written in front of an audience. Every year Barrel of Monkeys has a celebration of authors where they invite all the students of the program to come and see the teachers perform a few of the stories that the kids have written. One year they picked one of my stories for the celebration show, and I was extremely excited to see what they were going to do with my story. When my story was being performed, the actors were being so dramatic and silly, my story truly came to life and everyone was laughing the entire time. After the performance was over and the actors came out they all congratulated me on a great story and they told me to continue writing.

Now that we have been in the program for a while, my two sisters had joined in too. All the teachers would say hi to us whenever they saw us and made sure that we knew that they loved having all three of us kids in their program. My sisters and I all loved coming to the class every week and laughing and writing/acting our hearts out. Any kid would be lucky to have the opportunity to work with these amazing people.

Figuring out Method Resolution Order in Dojo

Dojo allows the simulation of class-based inheritance with the declare function. It even allows for multiple inheritance. However, this raises questions of how to figure out which Function to call, when a method of an instantiated Object is provided by a parent object. This article provides guidance on how to figure it out and a handy little function to determine MRO for certain.

Read more

Problems with Event handling and AOP advice in Dojo when hitch is in play

Anyone who has spent time developing web-apps with Dojo will have found the need to associate their own functionality with the raising of events and calling of methods on other objects that may not be within their control. Dojo allows developers to attach Listeners (callback methods) to Actions (DOM events or object method calls) in order to allow such wiring.

Some of you may have stumbled across an issue whereby a Listener has been attached to an Action, but isn’t being called when that Action executes. This article explains what’s going on an how to avoid it.

Read more

Handling wrapping buffers with Perl

I’m currently working on some Perl that processes memory dumps from a hardware appliance.

Frequently, within these dumps, I’m face with a buffer that wraps. That is to say, each entry in the buffer is filled and, once the buffer is full, the next entry to be filled is the first, again (overwriting the old value).

At the point in time that the dump is taken, there is an index value that points to the ‘start’ of this buffer (i.e. the point in the buffer that is the oldest). Unfortunately, when Perl gets hold of the buffer, it represents it as an array, with the first entry in the array being the buffer entry with the lowest memory address.

So… given an array representing a buffer and an index to the logical start of the buffer, what’s the simplest way to rejig it, so that the array represents the logical order of the buffer instead of the physical order?


splice @buffer, 0, 0, (splice @buffer, $start_index);

Handling arbitrary sort order in a database table

There are times when your web application needs to retain an arbitrary sort order for object. For example, you may have a slideshow of photographs and you want to be able to arrange them in any order you like. The simplest way to do this is to assign an attribute to each object that explicitly represents its sort position.

This raises the question, when you decide to move an object to a new position in the sort order, what is the simplest way to update the other objects to ensure that you maintain consecutive sort positions.

Imagine the following SQL table:

CREATE TABLE "projects" (
    "name" VARCHAR(255),
    "sort_order" INTEGER UNSIGNED

The ‘sort_order’ field contains a simple integer that indicates the position that the object should appear in. To get the ‘projects’ in the desired order, you’d execute:

SELECT * FROM projects ORDER BY sort_order DESC

To move an object from one position to another is a fairly simple operation. Each object has a unique (and immutable) “id”.  An appropriate method signature would be something like this:

def change_sort_location(object_id, new_location)

The following steps should be followed:

  1. Identify the current location of the objects as old_location
  2. If old_location < new_location
    1. Subtract 1 from sort_order for all objects where old_location < sort_order ≤ new_location
  3. If new_location < old_location
    1. Add 1 to sort_order for all objects where new_location < sort_order ≤ old_location
  4. Set sort_order for the provided id to new_location

The SQL for this is pretty straightforward:

UPDATE projects SET sort_order = sort_order-1
  WHERE sort_order > @old_location AND sort_order <= @new_location


UPDATE projects SET sort_order = sort_order+1
  WHERE sort_order > @new_location AND sort_order <= @old_location

followed by

UPDATE projects SET sort_order = @new_location
  WHERE id = @object_id

Clearly, in a full implementation, you'd probably not be using SQL variables, but the point stands.

One complaint might be that the object that is getting moved can get updated twice here, but that's unlikely to be a major performance impact.

Currently, once object move requires 2 SQL queries. N object moves will require 2N SQL queries. I'm currently trying to figure out a method to reduce the number of SQL queries needed for multiple moves.

How to point your Web address to your Web site

Many readers will already know this, but I’ve had call to walk people through this process a few times, recently, so I’m putting directions online for future reference.

Let’s say you have a website hosted somewhere, and you’ve bought the domain name from Go Daddy. How do you make that web address point to your website? Well, it’s pretty straightforward.

First, log on to your account. Once you have, you should see a page similar to this:

Select ‘Domain Manager’ and the next window will open up:

On this page, select the domain name that you’re interested in and then click on the Nameservers. The following window will pop up:

Choose ‘I have specific nameservers for my domain’ and insert the nameservers that your hosting solution provided.

Once you click OK, it may take some minutes for the change to propagate throughout the internet. Technically speaking, it can take many hours to get to every part of the Internet, but most people will see the change within a few minutes.

That’s it… easy, eh?

Making your tweets ReTweetable

We all know, by now, that Twitter limits its tweets to 140 characters. We’ve all got pretty good at limiting ourselves to 140 characters, but many overlook a hidden limit. This post outlines what that is and how we can avoid it.

Many users of Twitters are hoping that their followers will retweet (RT) their tweets. Twitter recently made a change to how these work, but in general, the following pattern is followed:

   UserXYZ tweets: Hey... here's something that's fascinating
   UserABC tweets: RT @UserXYZ: Hey... here's something that's fascinating

User XYZ’s tweet was 42 characters. UserABC’s RT was 52 characters, i.e. 10 characters were added in order to RT.

Put another way, if UserXYZ creates a tweet that was longer than 130 characters, nobody would be able to RT it with modifying the original tweet. If you’re trying to get a specific message out to the world, you might not be happy with lots of people fiddling with it.

I’ve created a new Greasemonkey script which will help you with this. I’ve written about Greasemonkey plugins before and this is another Twitter helper. If you install the script, you will see the following change:

You can now see, next to the normal character countdown, a bracketed countdown. This is the number of characters that you have left, before a tweet can no longer be RTed without modification. In this example, you would be able to send the tweet (as you have 6 characters left), but Twitter users would have to remove 8 characters before they could RT your Tweet.

To use this, it’s simple:

  1. If you haven’t already, install Greasemonkey
  2. Install the ReTweetable Alert script

That’s it! As ever, your questions and comments are most welcome

SEO concerns regarding Rotating Banners

I recently wrote about a script designed to generate Rotating Banners. The script works fine, but using JavaScript to present a user with links creates a few problems of its own:

  • Google Analytics will not be able to track these external links (if, for instance, you’re using my Google Analytics for external links)
  • Non-visual User Agents will not be able to access these links
  • As a subset, Google will not be able to crawl these links and so associate your site with the sites those banners point to.

Read more

Rotating Banners in random order

I was recently sent a script designed to take a series of advertising banners and rotate them on a page. By ‘rotate’, I mean display on banner in a designated position and then, after a certain period of time, replace it with another, and then another, and so on. To be fair to those who paid for the banners, each banner was chosen at random so that each new visitor to the site would see a different banner first, second, third, etc. After taking a look at it, I spotted some problems and decided to fix them.
Read more