Subnet Calculator
Calculate subnet mask, network address, broadcast address, and usable host range from an IP address and CIDR prefix.
CIDR to IP Range Calculator
Convert CIDR notation to first and last IP addresses, total host count, and subnet mask. Supports all IPv4 prefixes.
Enter network base address
/20
Network Addressโง
10.0.0.0
First address in subnet
Broadcast Addressโง
10.0.15.255
Last address in subnet
First Usable Hostโง
10.0.0.1
Gateway typical
Last Usable Hostโง
10.0.15.254
Last assignable host
Total Addressesโง
4,096
All IPs in range
Usable Hostsโง
4,094
Available for devices
Network Notation
CIDR Notationโง
10.0.0.0/20
Standard subnet notation
Host Bitsโง
12
2^12 = 4,096 addresses
Wildcard Maskโง
4095
Inverse of subnet mask
Subnet Details
| Type | IP Address | Decimal Value |
|---|---|---|
| Network | 10.0.0.0 | 0 |
| First Host | 10.0.0.1 | 1 |
| Last Host | 10.0.15.254 | 4,094 |
| Broadcast | 10.0.15.255 | 4,095 |
Common Prefix Sizes
/8
16,777,214 hosts
/16
65,534 hosts
/24
254 hosts
/25
126 hosts
/26
62 hosts
/27
30 hosts
/28
14 hosts
/29
6 hosts
/30
2 hosts
Planning notes, formulas, and examples
About the CIDR to IP Range Calculator
CIDR (Classless Inter-Domain Routing) notation compactly represents an IP address range as a base address and prefix length: for example, 192.168.1.0/24 represents the 256 addresses from 192.168.1.0 to 192.168.1.255. This calculator expands any CIDR block to show the full IP range.
Converting CIDR to IP ranges is essential for configuring firewalls, security groups, access control lists, and network monitoring tools that accept IP ranges. It is also useful for verifying that a specific IP is within a given CIDR block.
This calculator supports all IPv4 prefixes from /0 (the entire IPv4 space) to /32 (a single host). It computes the network address (first IP), broadcast address (last IP), and all usable addresses in between.
When This Page Helps
Firewall rules, security groups, and ACLs often require explicit IP ranges. This calculator converts CIDR notation to the corresponding first and last IP addresses.
How to Use the Inputs
- Enter a base IP address (e.g., 192.168.1.0).
- Enter the CIDR prefix length (e.g., 24).
- The calculator shows the first IP, last IP, and total addresses.
- Use the range for firewall rules and access control lists.
Formula used
Network Address = IP AND subnet_mask
Broadcast = Network Address OR (~subnet_mask)
First Usable = Network + 1
Last Usable = Broadcast โ 1
Total = 2^(32 โ prefix)Example Calculation
Result: Range: 10.0.0.0 โ 10.0.15.255 (4,096 addresses)
A /20 has 12 host bits: 2^12 = 4,096 addresses. The network address 10.0.0.0 with mask 255.255.240.0 spans to 10.0.15.255. This is a common VPC subnet size in AWS for large auto-scaling groups.
Tips & Best Practices
- Use CIDR notation in security groups โ it's more concise than IP ranges.
- The base IP should be the network address (aligned to the prefix boundary).
- Common cloud prefixes: /16 for VPCs, /24 for subnets, /32 for single hosts.
- Verify CIDR blocks don't overlap before creating network peering connections.
- /0 matches all IPs (0.0.0.0/0) and is used as the default route.
- Always double-check CIDR ranges before applying to firewall rules.
Understanding CIDR Notation
CIDR replaced the old classful addressing system (Class A, B, C) with flexible prefix lengths. This enables more efficient IP address allocation and more granular routing. Modern networking relies entirely on CIDR for address management.
CIDR in Cloud Networking
Cloud VPCs are defined by CIDR blocks. When creating a VPC, you specify a primary CIDR (e.g., 10.0.0.0/16). Subnets within the VPC use smaller CIDRs (e.g., 10.0.1.0/24). Security groups and NACLs use CIDR for source/destination filtering.
Common CIDR Ranges
RFC 1918 defines three private ranges: 10.0.0.0/8 (16M addresses), 172.16.0.0/12 (1M addresses), and 192.168.0.0/16 (65K addresses). Use these for internal networks. Cloud providers also offer 100.64.0.0/10 (Carrier-Grade NAT) for some internal services.
Sources & Methodology
Last updated:
Frequently Asked Questions
0.0.0.0/0 represents all IPv4 addresses (the entire internet). It's commonly used as the default route in routing tables and as a catch-all in firewall rules. Never use /0 in allow rules for sensitive resources.
Apply the subnet mask to both the CIDR base address and the target IP using bitwise AND. If the results match, the IP is in the block. For example, 10.0.5.100 AND 255.255.240.0 = 10.0.0.0, matching 10.0.0.0/20.
10.0.0.0/16 fully contains 10.0.1.0/24. Overlapping CIDRs cause routing ambiguity. Most cloud providers reject overlapping subnets within a VPC. When planning, map all subnets to verify non-overlap.
AWS VPCs support /16 (65,536 IPs) to /28 (16 IPs). Subnets within VPCs also follow this range. Other clouds have similar constraints. Always check provider documentation for current limits.
CIDR aggregation (supernetting) combines adjacent blocks into a larger block. For example, 10.0.0.0/24 and 10.0.1.0/24 can aggregate to 10.0.0.0/23. This reduces routing table entries and simplifies firewall rules.
Variable Length Subnet Masking (VLSM) allows different subnets to use different prefix lengths within the same network. Instead of uniform /24 subnets, you might use /28 for a small subnet and /20 for a large one, using address space more efficiently.
More in this topic
IP Address Count Calculator
Calculate total and usable IP addresses for any CIDR range. Plan IP allocation for VPCs, subnets, and networks.
VLAN Capacity Calculator
Calculate VLAN capacity and plan broadcast domain sizing based on host count, traffic patterns, and performance targets.