ToolBelt

IP CIDR Notation Builder

Suggest CIDR notation for IP ranges.

Open tool

Overview

Enter a start and end IP address (IPv4 or IPv6) and the builder suggests the smallest set of CIDR blocks that exactly covers the range. Output includes each block's prefix length, host count, and network/broadcast addresses.

It's for network engineers and DevOps folks who manage firewall rules, security group ranges, route tables, or VPC subnetting. Reach for it when an upstream vendor hands you a flat range and you need CIDRs for a security group, when subdividing a /24 into smaller blocks, or when documenting the prefixes your service occupies.

How it works

CIDR notation (RFC 4632 for IPv4, RFC 5952 for IPv6) describes a range as a network address plus a prefix length, e.g. 10.0.0.0/24. An arbitrary range from address A to B may not collapse to a single CIDR; the builder runs the standard range-to-CIDR aggregation: at each step, pick the largest power-of-two block that starts at A and ends at or before B, output it, advance A, and repeat.

The result is the minimal set of disjoint CIDRs that exactly covers the input range, sorted from low to high. For IPv6 the same algorithm runs against 128-bit addresses.

Examples

  • A single contiguous block: 
    10.0.0.0 - 10.0.0.255  ->  10.0.0.0/24
  • An odd range: 
    192.168.1.5 - 192.168.1.10
->
192.168.1.5/32
192.168.1.6/31
192.168.1.8/30
  • Crossing a /24 boundary: 
    10.0.0.250 - 10.0.1.5
->
10.0.0.250/31, 10.0.0.252/30, 10.0.1.0/30, 10.0.1.4/31
  • IPv6: 
    2001:db8::1 - 2001:db8::ff  ->  2001:db8::1/128, 2001:db8::2/127, ... 2001:db8::80/121

FAQ

Why does my small range need multiple CIDRs?

Because CIDR boundaries are aligned to powers of two. A range like .5-.10 straddles three alignment boundaries, so it can't collapse to a single block.

Is /32 the same as a single host?

For IPv4, yes - /32 is one address. For IPv6, the equivalent is /128. Some platforms (AWS security groups, route tables) require explicit /32 for hosts.

Does the broadcast address count as a host?

In standard IPv4 subnets, the lowest (network) and highest (broadcast) addresses are reserved, so usable hosts in a /24 is 256 - 2 = 254. In /31 and /32 ranges (used for point-to-point links), all addresses are usable.

Can I supply a CIDR and get back a range?

Yes - the same maths runs in reverse. Enter 10.0.0.0/24 to see 10.0.0.0 through 10.0.0.255.

Try IP CIDR Notation Builder

An unhandled error has occurred. Reload ×