CIDR and subnet calculator

IP to CIDR - simple

Input lower and upper IP (either IPv4 or IPv6) of the range - the tool will calculate best matching CIDR range. Subnet will be included in result.

IP to CIDR - advanced

Input at least two IP's (IPv4 and/or IPv6), domainnames or CIDR ranges to include - the tool will calculate best matching CIDR ranges. Subnet will be included in result. Seperate by space, tab, newline or comma.

IPv4 max network prefix:

IPv6 max network prefix:

Reverse - CIDR to IP + subnet

Input one or more CIDR ranges to get info of IP addresses and subnet.

CIDR calculator and subnet info

About the tool

The simple tool allows you to enter lower and upper IP addresses to calculate the best matching CIDR range. The tool will come with subnet info as well.

With the advanced tool, you can enter many IP addresses, existing CIDR ranges and domain names - and the advanced tool will group it all together in CIDR ranges according to your wishes (you can specify max prefix).

Last but not least, you can also use the "CIDR to IP" tool to enter one or more CIDR ranges, and get information about lower, upper and subnet addresses for each of the entered ranges.

All three sub-tools will output bitmasks for educational purposes as well - a bit easier to understand visualized.


Try out these, if you would like to give it a go, and see how it works:

CIDR ranges TLDR

Classless inter-domain routing - or better known as CIDR - was invented in 1993 as the successor to the former classful network architecture.

CIDR is a method for describing IP ranges primarily for use in allocating IP addresses (subnets) and for routing traffic on the Internet.

However, CIDR's are also used de facto everywhere else if you need to describe IP ranges - for example in SPF records, in firewalls and the like.

A CIDR describes a range of IP addresses. CIDR ranges are always written as "BaseIpAdress/NetworkPrefix" - for example "" - which refers to the range of addresses between and The base (or start) of the CIDR is "" and "/26" is the network prefix (which describes how many IP addresses the CIDR includes).

But how can /26 describe 64 addresses?

It's actually super logical when you understand the background - but without understanding the background, it's just black magic.

An IP address consists of four numbers, e.g. "". In reality, it's just four bytes, each with a value between 0 and 255. That we write them as "" is only because it's easier to read and say out loud.

Each of the four bytes consists of 8 bits - therefore an IP address consists of 4 bytes of 8 bits = 32 bits.

/26 of the CIDR then tells that this range describes the first 26 bits of the address. As long as bits 1 to 26 match in an IP address, it is part of the specified CIDR.

Example: The bitmask for looks like this:
First byte, bits 1 to 8 127 01111111
Second byte, bits 9 to 16 10 00001010
Third byte, bits 17 to 24 12 00001100
Fourth byte, bits 25 to 32 0 00000000

And as you might notice, the bit patterns are actually binary numbers - 01111111 in binary equals 127 in decimal.

The prefix of "/26" then means that it is the first 26 bits that describe this CIDR range. That is "01111111 00001010 00001100 00". As long as an IP address only varies in the last 6 bits (32-26=6), it is part of the current /26 CIDR range.

And here comes the kicker: Binary, with 6 bits, you can have 64 different variations. Therefore /26 can describe 64 addresses.

I said there was a bit of black magic about it :)

But how can and describe the same CIDR range?

As mentioned above, /26 means that only the first 26 bits are significant in the description of the range of IP addresses. If you only look at the first 26 bits, then and are identical.

Although the range can easily be written as, and that form of writing is also technically legal, it is much more readable for humans to start with the first address in the range.

This also means that you can't just take a random IP number and then add "/26" to say that the CIDR describes a range from IP x.x.x.x and 64 addresses onwards. CIDR's work in blocks due to the binary foundation.

So what is subnet?

With subnets, you can divide a network into smaller chunks.

For example, if you have a network from to, you can divide it into subnets. With subnet address, the network is split into 4 subnets of 64 addresses.

When a device is assigned an IP address and a subnet address, the device automatically knows which network (or which CIDR range) it is part of - and whether it can route traffic locally on the subnet, or if the traffic must go to the nearest gateway for external routing.

Using the subnet mask, it can compare its own address with the recipient's address - and if the network bits match, the sender and recipient are on the same network.

Would you like to know more?

Wikipedia has - as always - an excellent article about CIDR.

Cisco also has a very short description of subnets and how they work in practice - best description I've seen to date.

Microsoft also has extensive article about TCP/IP addresses and subnetting.


These tools are still in active development. If you have any kind of feedback, please let me know. Send me an e-mail on iamrootdottech(a)