IP Subnet Calculator — CIDR & Subnet Mask

Calculate subnet mask, network address, broadcast, and host range from any IP and CIDR — free and browser-based.

Last updated:

What is subnetting?

Subnetting is the practice of dividing a single IP network into two or more smaller segments called subnets. Each subnet operates as an independent logical network, which improves routing efficiency, reduces broadcast traffic, and makes security policies easier to enforce.

Every IPv4 address is a 32-bit number. A subnet mask splits those 32 bits into two parts: the network portion (shared by every host on the subnet) and the host portion (unique to each device). The more bits you allocate to the network side, the more subnets you can create -- but each subnet contains fewer host addresses.

Modern networks express this split with CIDR notation (Classless Inter-Domain Routing). Instead of writing a full dotted-decimal mask like 255.255.255.0, you append a prefix length to the address -- for example, 192.168.1.0/24. The number after the slash tells you how many leading bits are the network part.

CIDR notation explained

CIDR notation replaced the old classful addressing system (Class A, B, C) in 1993. A prefix length like /24 means the first 24 of the 32 bits are fixed as the network identifier, leaving 8 bits for host addresses. Those 8 host bits give you 28 = 256 total addresses, of which 254 are usable (the first is the network address, the last is the broadcast address).

Here are the prefix lengths you will encounter most often:

  • /8 -- 16,777,216 addresses (Class A equivalent). Used by large organizations and the private 10.0.0.0 range.
  • /16 -- 65,536 addresses (Class B equivalent). Common in corporate campus networks.
  • /24 -- 256 addresses (Class C equivalent). The most typical LAN subnet size.
  • /30 -- 4 addresses (2 usable). Standard for point-to-point links between routers.
  • /32 -- 1 address. Identifies a single host, often used in routing tables and firewall rules.

Each additional prefix bit halves the number of available host addresses. Going from /24 to /25 splits one 256-address block into two 128-address blocks, each with 126 usable hosts.

Subnet mask cheat sheet

The table below lists the most commonly used CIDR prefix lengths with their dotted-decimal subnet masks, total addresses, usable host count, and typical use cases.

  • /8 = 255.0.0.0 -- 16,777,214 usable hosts. Large enterprise or cloud provider internal networks.
  • /16 = 255.255.0.0 -- 65,534 usable hosts. Campus or multi-building site networks.
  • /20 = 255.255.240.0 -- 4,094 usable hosts. AWS default VPC subnet size.
  • /24 = 255.255.255.0 -- 254 usable hosts. Standard office or home LAN.
  • /25 = 255.255.255.128 -- 126 usable hosts. Splitting a /24 into two segments.
  • /28 = 255.255.255.240 -- 14 usable hosts. Small DMZ or management VLAN.
  • /30 = 255.255.255.252 -- 2 usable hosts. Point-to-point router links.
  • /32 = 255.255.255.255 -- 1 host. Loopback or host route entries.

The formula for usable hosts is 2(32 - prefix) - 2. You subtract two because the first address in every subnet is the network identifier and the last is the directed broadcast address. The only exception is a /31, which RFC 3021 allows for point-to-point links with no broadcast address.

Private vs public IP ranges

RFC 1918 reserves three IPv4 address blocks for private use. These ranges are not routable on the public internet and can be used freely within any organization:

  • 10.0.0.0/8 -- 16,777,216 addresses. The largest private block, widely used in cloud VPCs and large enterprises.
  • 172.16.0.0/12 -- 1,048,576 addresses (172.16.0.0 through 172.31.255.255). Common in data centers and Docker default bridge networks.
  • 192.168.0.0/16 -- 65,536 addresses. The default range for most home routers and small office networks.

Beyond RFC 1918, there are other special-purpose ranges worth knowing:

  • 127.0.0.0/8 -- Loopback. Traffic sent here never leaves the host. 127.0.0.1 is the conventional localhost address.
  • 169.254.0.0/16 -- Link-local (APIPA). Automatically assigned when a device cannot reach a DHCP server.
  • 100.64.0.0/10 -- Carrier-grade NAT (RFC 6598). Used by ISPs for NAT between their network and customers.

Everything outside these reserved blocks is considered public IP space, allocated by Regional Internet Registries (ARIN, RIPE NCC, APNIC, LACNIC, AFRINIC) and routable across the global internet.

Related tools on CodeBoxTools

Subnetting involves binary math, hexadecimal masks, and number base conversions. These tools can help with related calculations:

  • Number Base Converter -- convert between binary, octal, decimal, and hexadecimal. Useful for inspecting subnet masks at the bit level.
  • Hex to Decimal Converter -- quickly translate hexadecimal values to decimal. Helpful when reading subnet masks in hex notation (e.g., 0xFFFFFF00 for a /24).
  • Binary to Decimal Converter -- convert binary octets to their decimal equivalents. Essential for understanding how each octet of a subnet mask maps to its dotted-decimal form.

Frequently Asked Questions

What is CIDR notation?
CIDR (Classless Inter-Domain Routing) notation uses a slash followed by the number of network bits. For example, /24 means the first 24 bits are the network portion, leaving 8 bits for hosts (254 usable addresses).
How many hosts does a /24 subnet have?
A /24 subnet has 256 total addresses (2^8), but 254 usable host addresses. The first address is the network address and the last is the broadcast address.
What are private IP ranges?
RFC 1918 defines three private ranges: 10.0.0.0/8, 172.16.0.0/12, and 192.168.0.0/16. These addresses are not routable on the public internet.
What is the difference between a /24 and a /23?
A `/24` has 256 addresses (254 usable); a `/23` has 512 (510 usable) — each step down doubles the range. The prefix length tells you how many bits identify the network; the remaining bits are host addresses.
Does it handle IPv6 subnets?
Yes. IPv6 CIDR blocks (like `2001:db8::/32`) work the same way — the prefix length tells you how many bits are fixed. Unlike IPv4, IPv6 end networks are usually `/64` because that is what SLAAC requires.
Why are the first and last addresses excluded from host count?
In classful IPv4, the first address is the network identifier and the last is the broadcast address. Neither can be assigned to a host. This convention does not apply to IPv6.

Related Tools

Hex to Decimal Converter
Convert hex to decimal or decimal to hex — instant results, free, and fully browser-based.
Binary to Decimal Converter
Convert binary to decimal or decimal to binary — instant results, free, and fully browser-based.
Number Base Converter
Convert numbers between binary, octal, decimal, and hexadecimal — free, instant, and browser-based.