About the tool
The simple tool allows you to enter lower and upper IP addresses to
calculate the best matching CIDR range. The tool will come with
subnet info as well.
With the advanced tool, you can enter many IP addresses, existing
CIDR ranges and domain names - and the advanced tool will group
it all together in CIDR ranges according to your wishes (you can
specify max prefix).
Last but not least, you can also use the "CIDR to IP" tool to
enter one or more CIDR ranges, and get information about lower,
upper and subnet addresses for each of the entered ranges.
All three sub-tools will output bitmasks for educational purposes as
well - a bit easier to understand visualized.
Samples
Try out these, if you would like to give it a go, and see how it works:
CIDR ranges TLDR
Classless inter-domain routing - or better known as CIDR - was
invented in 1993 as the successor to the former classful network
architecture.
CIDR is a method for describing IP ranges primarily for use in
allocating IP addresses (subnets) and for routing traffic on
the Internet.
However, CIDR's are also used de facto everywhere else if you
need to describe IP ranges - for example in SPF records, in
firewalls and the like.
A CIDR describes a range of IP addresses. CIDR ranges are
always written as "BaseIpAdress/NetworkPrefix" - for example
"127.10.12.0/26" - which refers to the range of addresses between
127.10.12.0 and 127.10.12.63. The base (or start) of the CIDR
is "127.10.12.0" and "/26" is the network prefix (which describes
how many IP addresses the CIDR includes).
But how can /26 describe 64 addresses?
It's actually super logical when you understand the background - but
without understanding the background, it's just black magic.
An IP address consists of four numbers, e.g. "127.10.12.0". In reality,
it's just four bytes, each with a value between 0 and 255. That we
write them as "127.10.12.0" is only because it's easier to read and
say out loud.
Each of the four bytes consists of 8 bits - therefore an IP address
consists of 4 bytes of 8 bits = 32 bits.
/26 of the CIDR then tells that this range describes the first 26
bits of the address. As long as bits 1 to 26 match in an IP address,
it is part of the specified CIDR.
Example: The bitmask for 127.10.12.0 looks like this:
First byte, bits 1 to 8 |
127 |
01111111 |
Second byte, bits 9 to 16 |
10 |
00001010 |
Third byte, bits 17 to 24 |
12 |
00001100 |
Fourth byte, bits 25 to 32 |
0 |
00000000 |
And as you might notice, the bit patterns are actually binary numbers -
01111111 in binary equals 127 in decimal.
The prefix of "/26" then means that it is the first 26 bits that describe
this CIDR range. That is "01111111 00001010 00001100 00". As long as an
IP address only varies in the last 6 bits (32-26=6), it is part of the
current /26 CIDR range.
And here comes the kicker: Binary, with 6 bits, you can have 64 different
variations. Therefore /26 can describe 64 addresses.
I said there was a bit of black magic about it :)
But how can 127.10.12.0/26 and 127.10.12.10/26 describe the same CIDR range?
As mentioned above, /26 means that only the first 26 bits are significant
in the description of the range of IP addresses. If you only look at the
first 26 bits, then 127.10.12.0 and 127.10.12.10 are identical.
Although the range can easily be written as 127.10.12.10/26, and that
form of writing is also technically legal, it is much more readable
for humans to start with the first address in the range.
This also means that you can't just take a random IP number and then
add "/26" to say that the CIDR describes a range from IP x.x.x.x and
64 addresses onwards. CIDR's work in blocks due to the binary foundation.
So what is subnet?
With subnets, you can divide a network into smaller chunks.
For example, if you have a network from 127.10.12.0 to 127.10.12.255, you
can divide it into subnets. With subnet address 255.255.255.192, the
network is split into 4 subnets of 64 addresses.
When a device is assigned an IP address and a subnet address, the device
automatically knows which network (or which CIDR range) it is part of -
and whether it can route traffic locally on the subnet, or if the
traffic must go to the nearest gateway for external routing.
Using the subnet mask, it can compare its own address with the recipient's
address - and if the network bits match, the sender and recipient are on
the same network.
Would you like to know more?
Wikipedia has - as always -
an excellent article about CIDR.
Cisco also has a very short description of subnets and how they
work in practice -
best description I've seen to date.
Microsoft also has
extensive article about TCP/IP addresses
and subnetting.