Varying interpretations of improper CIDRs
What I mean by a 'CIDR' is a network address specification in CIDR notation (more at the Wikipedia entry for Classless Inter-Domain Routing).
A 'proper' CIDR is one where the host address portion is all zero. It's easiest to see this for /8's, /16's, and /24's; for example, 220.127.116.11/16 is a 'proper' CIDR, with the last two octets zero, but 18.104.22.168/16 is not.
Every so often people argue for flexible interpretations of CIDRs that allow for 'improper' ones. This is a bad idea. Assuming that your software accepts something like '22.214.171.124/16' at all, what IP address range does it mean? There are at least three possibilities:
- The proper /16 that contains 126.96.36.199.
- A /16 sized address range starting at 188.8.131.52.
- The portion of the proper /16 starting at 184.108.40.206.
All three are plausible answers. Which one any particular piece of software uses depends on the implementation details of how it parses CIDRs. And of course this means that different programs you have, or your programs and my programs, may well have different views on what they cover.
Sidebar: it's probably best to write CIDRs out in full
It's popular to abbreviate CIDRs by leaving off zero octets that are part of the host address portion, for example writing '200/8' instead of '220.127.116.11/8'. Unfortunately, as someone found recently, not all software accepts the short form. And worse, not all software that doesn't really accept the short form will tell you about it; sometimes it will try to guess what it thinks you really meant and get it wrong.