• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 687
  • Last Modified:

CIDR and 10.x.x.x block

I am configuring a relay in Exchange 2010 to send email to external sources. Needless to say, I want to make sure this address is the only one that can relay. My internal ip's are 10.x.x.x on subnet The address I want to be able to relay is The example I saw said to use the /32 prefix, but that was on a subnet. Will the setting only allow that address to relay, or does the use a different prefix?
  • 2
1 Solution
Fred MarshallPrincipalCommented:
The notation is used in two different ways:

If one is referring to  a network subnet as in / or /16 in CIDR notation... same thing ... then that means: is the *network* address. is the *broadcast* address.
All addresses in between are available for "hosts", i.e. computers, printers, servers, routers, etc.

In this context, the smallest subnet must have 4 addresses in total:
- one for nettwork
- two for hosts
- one for broadcast.
That's because the next power of 2 below 2 is zero so a network: /31 or would have: for the network for the broadcast
and no addresses for any hosts at all!
Some IP calculators won't accept CIDR numbers greater than 30 for that reason.


Let's say that you want to specify an address range in a firewall for filtering purposes.
Let's say that the range is to for a total of 16 addresses within
Some devices will let you enter
Some devices will let you enter / 28 meaning the same thing.
BUT this isn't a subnet.  It's just an address range so ALL the addresses from 16 to 31 are affected.

... a small difference perhaps but possibly a source of confusion.

In the latter case, /32 means "this address only".  Certainly used often in Juniper Networks equipment.

imccoyAuthor Commented:
I tried understanding CIDR, but I didn't even have to duck when it went over my head. Thanks for the solution, I'll use the /32 to specify to only use that address.
QlemoBatchelor, Developer and EE Topic AdvisorCommented:
Note: The broadcast address as stated above is not correct. A CIDR notation of means that the broadcast address is, not . Broadcast address is always all-ones (in bits) for the host part, which is 16 bit in this case.
Fred MarshallPrincipalCommented:
Olemo:  You are correct.  My mistake!
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now