101
0/240
Loading content...
Imagine the global Internet routing table containing a separate entry for every /24 network on Earth—that's over 16 million potential entries just for the "Class C" range alone. In reality, the global BGP routing table holds around 900,000 entries (as of 2024), not millions. The reason? Address aggregation.
Address aggregation—also called supernetting, route aggregation, or CIDR aggregation—is the process of combining multiple contiguous network blocks into a single, shorter-prefix block. This simple concept is what makes Internet routing tractable.
By the end of this page, you will understand how to identify aggregatable networks, calculate the aggregate prefix, recognize when aggregation is impossible, and appreciate the critical role aggregation plays in Internet scalability. You'll be able to perform aggregation calculations that reduce routing complexity.
Address aggregation exploits a fundamental property of CIDR: a larger block (shorter prefix) contains multiple smaller blocks (longer prefixes).
The Basic Principle
If you have multiple network blocks that:
Then they can be represented as a single block with a shorter prefix.
Example: Four /24 networks that are contiguous:
Can be aggregated into: 192.168.0.0/22 (one entry instead of four)
┌─────────────────────────────────────────────────────────────────┐│ BEFORE AGGREGATION: 4 Routing Table Entries │├─────────────────────────────────────────────────────────────────┤│ ││ Entry 1: 192.168.0.0/24 → Gateway A ││ Entry 2: 192.168.1.0/24 → Gateway A ││ Entry 3: 192.168.2.0/24 → Gateway A ││ Entry 4: 192.168.3.0/24 → Gateway A ││ │└─────────────────────────────────────────────────────────────────┘ ┌─────────────────────────────────────────────────────────────────┐│ AFTER AGGREGATION: 1 Routing Table Entry │├─────────────────────────────────────────────────────────────────┤│ ││ Entry 1: 192.168.0.0/22 → Gateway A ││ ││ (Covers all addresses from 192.168.0.0 to 192.168.3.255) ││ │└─────────────────────────────────────────────────────────────────┘ Binary perspective (third octet):192.168.0.0 → 00000000192.168.1.0 → 00000001192.168.2.0 → 00000010192.168.3.0 → 00000011 ────────────── Last 2 bits vary Aggregated as /22: First 22 bits fixed, last 10 bits varyThis includes the 2 varying bits in third octet + 8 bits of fourth octetThe Mathematical Basis
Aggregation works because of binary arithmetic:
Each decrease in prefix length doubles the address space. So 2^n contiguous /24 blocks can potentially be aggregated into a single /(24-n) block.
Aggregating 256 /24 networks into a single /16 reduces 256 routing entries to 1—a 99.6% reduction. Multiply this across thousands of ISPs and millions of networks, and you see why aggregation is essential for Internet routing to function at all.
Not every set of networks can be aggregated. Three conditions must be met:
Condition 1: Contiguity
The networks must be numerically adjacent with no gaps. You cannot aggregate:
Condition 2: Proper Alignment (Power of 2 Sizing)
The combined block must be a power of 2 in size and must start at an address divisible by that size.
Condition 3: Common Routing Information
All networks must share the same routing properties (same next-hop, same policy). If 192.168.0.0/24 goes to Router A and 192.168.1.0/24 goes to Router B, aggregation would create incorrect routing.
12345678910111213141516171819202122232425262728293031
# Example 1: CAN BE AGGREGATEDNetworks: 10.0.0.0/24, 10.0.1.0/24, 10.0.2.0/24, 10.0.3.0/24├── Contiguous? Yes (0, 1, 2, 3 are adjacent)├── Count: 4 = 2^2 (power of 2) ✓├── Starting address: 10.0.0.0├── Block size for /22: 1,024 addresses├── Is 10.0.0.0 divisible by 1,024? Yes (0x0A000000 % 1024 = 0) ✓└── Result: Can aggregate to 10.0.0.0/22 # Example 2: CANNOT BE AGGREGATED (not contiguous)Networks: 10.0.0.0/24, 10.0.1.0/24, 10.0.3.0/24├── Contiguous? No (gap at 10.0.2.0/24)└── Result: Cannot aggregate # Example 3: CANNOT BE AGGREGATED (wrong count)Networks: 10.0.0.0/24, 10.0.1.0/24, 10.0.2.0/24├── Contiguous? Yes├── Count: 3 (not a power of 2)└── Result: Cannot aggregate to single block But CAN aggregate 2 of them: 10.0.0.0/23 + 10.0.2.0/24 # Example 4: CANNOT BE AGGREGATED (misaligned)Networks: 10.0.1.0/24, 10.0.2.0/24, 10.0.3.0/24, 10.0.4.0/24├── Contiguous? Yes├── Count: 4 = 2^2 ✓├── Starting address: 10.0.1.0├── Is 10.0.1.0 a valid /22 boundary? │ Third octet = 1, block size = 4│ 1 % 4 = 1 ≠ 0 └── Result: Cannot aggregate to /22 Must split: 10.0.1.0/24 (alone) + 10.0.2.0/23 + 10.0.4.0/24The Alignment Rule in Detail
The most commonly misunderstood requirement is alignment. A /22 block must start at an address where the third octet is divisible by 4 (since /22 spans 4 /24 blocks).
Valid /22 start addresses (third octet): 0, 4, 8, 12, 16, 20, ...
This is why 10.0.1.0/24 through 10.0.4.0/24 cannot form a /22—they don't start on a /22 boundary. Instead, they span two /22 blocks:
The networks 10.0.1.0 through 10.0.4.0 cross this boundary.
Even contiguous networks may not aggregate cleanly. Always verify alignment before assuming aggregation will work. A common mistake is assuming any 4 consecutive /24 blocks form a /22—they only do if the first one starts on a /22 boundary.
Given a set of networks to aggregate, follow this systematic algorithm to find the optimal aggregation:
1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253
ALGORITHM: Aggregate CIDR Blocks INPUT: List of CIDR blocks to aggregateOUTPUT: Minimal list of aggregated blocks STEP 1: Sort all blocks by starting address (numerically) STEP 2: Normalize to the same prefix length - Find the longest (most specific) prefix - Express all blocks as sets of this prefix size - Example: 10.0.0.0/23 becomes 10.0.0.0/24 + 10.0.1.0/24 STEP 3: Apply binary aggregation iteratively FOR each pair of adjacent blocks with prefix /n: a. Check if they form a valid /(n-1) block: - First block's address must have a 0 in position n - Second block's address must have a 1 in position n - All other bits must match b. If valid, replace the pair with the /(n-1) block c. Repeat until no more pairs can be aggregated STEP 4: Output the resulting list of blocks ───────────────────────────────────────────────────────────────── EXAMPLE: Aggregate 192.168.0.0/24 through 192.168.7.0/24 Step 1: Already sorted 0.0, 1.0, 2.0, 3.0, 4.0, 5.0, 6.0, 7.0 (third octet) Step 2: All are /24, already normalized Step 3: Binary aggregation Round 1 (aggregate /24 pairs to /23): ├── 192.168.0.0/24 + 192.168.1.0/24 → 192.168.0.0/23 ├── 192.168.2.0/24 + 192.168.3.0/24 → 192.168.2.0/23 ├── 192.168.4.0/24 + 192.168.5.0/24 → 192.168.4.0/23 └── 192.168.6.0/24 + 192.168.7.0/24 → 192.168.6.0/23 Round 2 (aggregate /23 pairs to /22): ├── 192.168.0.0/23 + 192.168.2.0/23 → 192.168.0.0/22 └── 192.168.4.0/23 + 192.168.6.0/23 → 192.168.4.0/22 Round 3 (aggregate /22 pairs to /21): └── 192.168.0.0/22 + 192.168.4.0/22 → 192.168.0.0/21 Step 4: Output 192.168.0.0/21 (covers all 8 original /24 networks) Verification: 8 networks × 256 addresses = 2,048 = 2^11 = /21 ✓Binary Pair Rule
Two blocks with prefix /n can be aggregated into one block with prefix /(n-1) if and only if:
In practice, this means:
Two networks that can be aggregated are sometimes called 'buddies' or 'siblings.' Each network has exactly one buddy at its prefix level. 192.168.0.0/24's buddy is 192.168.1.0/24. 192.168.2.0/24's buddy is 192.168.3.0/24. A network and its buddy together form their 'parent' block.
Let's work through several aggregation scenarios of increasing complexity.
Problem: Aggregate these networks: 172.16.32.0/24, 172.16.33.0/24, 172.16.34.0/24, 172.16.35.0/24
12345678910111213141516171819202122232425262728293031
Given networks (4 × /24):172.16.32.0/24 Third octet binary: 00100000172.16.33.0/24 Third octet binary: 00100001172.16.34.0/24 Third octet binary: 00100010172.16.35.0/24 Third octet binary: 00100011 Step 1: Check contiguity32, 33, 34, 35 → Contiguous ✓ Step 2: Check count4 networks = 2^2 → Valid power of 2 ✓ Step 3: Check alignmentFirst network: 172.16.32.0For /22 (4 × /24), need third octet divisible by 432 ÷ 4 = 8 (no remainder) → Aligned ✓ Step 4: Calculate aggregateOriginal prefix: /24Aggregate prefix: /24 - 2 = /22 (2 fewer bits to cover 2^2 networks)Aggregate: 172.16.32.0/22 Verification:172.16.32.0/22 covers: 172.16.32.0 - 172.16.35.255 = 4 × 256 = 1,024 addresses = 2^10 = /22 ✓ Binary verification:All addresses share first 22 bits: 10101100.00010000.001000xx.xxxxxxxx ↑ 22nd bit positionISPs and enterprises should aggregate their address space into the largest possible blocks at every network boundary. This is not just a best practice—many tier-1 ISPs filter prefixes longer than /24, meaning unaggregated routes may not even reach their destinations.
Different routing protocols implement aggregation in various ways. Understanding these mechanisms is crucial for network design.
| Protocol | Aggregation Method | Configuration Location | Notes |
|---|---|---|---|
| BGP | Manual aggregate routes | Border routers | Most control; critical for Internet |
| OSPF | Area boundary summarization | ABR (Area Border Router) | Automatic within areas, manual at boundaries |
| EIGRP | Manual or auto-summary | Any router | Auto-summary can cause issues |
| RIP | Auto or manual summary | Network boundaries | Legacy; auto-summary at classful boundaries |
| IS-IS | Route leaking with summarization | L1/L2 boundary | Similar to OSPF area concept |
1234567891011121314151617181920212223242526272829303132333435363738
! BGP Aggregation Example! ISP has customers with 198.51.100.0/24 through 198.51.103.0/24 router bgp 65001 ! Method 1: Simple aggregate ! Creates aggregate, suppresses component routes aggregate-address 198.51.100.0 255.255.252.0 summary-only ! Method 2: Aggregate with as-set ! Includes AS path info from all components (prevents loops) aggregate-address 198.51.100.0 255.255.252.0 as-set summary-only ! Method 3: Aggregate without suppression ! Advertises both aggregate AND specific routes aggregate-address 198.51.100.0 255.255.252.0 ! What gets advertised:! Method 1: Only 198.51.100.0/22! Method 2: Only 198.51.100.0/22 with combined AS-SET! Method 3: 198.51.100.0/22 AND all four /24 routes ! The 'summary-only' keyword is critical for proper aggregation! Without it, specific routes still leak, defeating the purpose --- ! OSPF Area Summarization Examplerouter ospf 1 ! Summarize routes from Area 1 to backbone (Area 0) area 1 range 10.1.0.0 255.255.0.0 ! Summarize routes from backbone to Area 1 area 0 range 10.0.0.0 255.0.0.0 ! OSPF automatically aggregates within an area! Manual summarization only needed at area boundariesThe Aggregation Dilemma: Precision vs. Efficiency
Aggregation involves a tradeoff:
More Aggregation (shorter prefixes):
Less Aggregation (longer prefixes):
The optimal balance depends on network requirements.
If you advertise 198.51.100.0/22 but only have routes to 198.51.100.0/24 and 198.51.101.0/24, traffic to 198.51.102.0 and 198.51.103.0 will reach your router and be dropped (black-holed). Only aggregate what you can actually route!
Address aggregation is what makes Internet routing possible. Without it, the global routing table would be unmanageable.
Current Internet Routing Table Size
As of 2024, the global BGP routing table contains approximately:
Without aggregation, these numbers would be orders of magnitude higher—potentially tens of millions of entries just for IPv4.
The RIR Allocation Strategy
Regional Internet Registries allocate addresses to maximize aggregation potential:
Provider Aggregatable vs. Provider Independent
Provider Aggregatable (PA) addresses:
Provider Independent (PI) addresses:
Every PI allocation adds at least one entry to the global table. This is why RIRs are conservative about PI allocations.
Most tier-1 networks filter routes longer than /24 (more specific). This means a /25, /26, etc., typically cannot be announced as a standalone route on the global Internet. Organizations need at least a /24 for global routability, and larger blocks are strongly preferred for aggregation.
Address aggregation transforms the seemingly impossible task of routing between billions of IP addresses into a manageable problem. By combining contiguous, aligned networks into larger blocks, we reduce routing table size exponentially.
What's Next:
Now that you understand how to combine networks through aggregation, we'll explore route summarization—the application of aggregation principles to reduce routing complexity within networks and at their boundaries.
You now understand address aggregation—the technique that enables Internet routing to scale. You can identify when networks can be aggregated, calculate the aggregate prefix, and appreciate the role aggregation plays at every level of the Internet hierarchy.