Need help with CIDR

[hellohello]

Hi guys. I am new to CIDR ban. I have some questions to ask.

If I ban an ip lets say 123.0.0.0/8. Then it means all ip from 123.0.0.0 to 123.255.255.255 will be banned.

However if I ban 123.0.0.10/8, does that means all ip from 123.0.0.10 to 123.255.255.255 will be banned? Or it will still the same as 123.0.0.0/8

Another question is, let's say I ban 123.0.0.0/6, does that means all ip from 120.0.0.0 to 123.255.255.255 will be banned?

Thanks

[Jobe]

123.0.0.10/8 does mean exactly the same as 123.0.0.0/8

The way CIDR works is like this. If you write the IP out in binary bits (1's and 0's) then it's from the left, its only as many bits as the number after the / that MUST match to make it match someone. So in your 123.0.0.10/8 example, the .0.0.10 is outside of the portion that matters so is efectivly ignored.

Now onto you /6 example, you are right in your guess.

[SpaceDoG]

123.0.0.0/8 effectively has a subnet mask of 255.0.0.0 which means everything in the 123 network would be banned. The 123.0.0.0/6 gives it an effective subnet mask of 252.0.0.0 which still pretty much means everything in 123 is going to be banned...

[hellohello]

Thanks for the reply. I do read about CIDR from wiki. It does mentioned the binary (bits) stuff. Lol I don't understand what it means. Anyway, I think I can now use CIDR ban better

[SpaceDoG]

Well a CIDR like /8 and /6 are too vague IMHO you want to get into something more restrictive like /12 or /16... What you really need to read up on is subnets and creating them.... that's what determines what your CIDR will block.