IP Subnet Calculator 2026 – IPv4 CIDR & Network Tool

  • Adam
  • January 6, 2026

Free IP subnet calculator for IPv4 networks. Calculate subnet masks, CIDR, network/broadcast addresses & host ranges. For AWS, Azure, GCP & enterprises.

IP Subnet Calculator 2026 - IPv4 & CIDR Calculator

Calculate IPv4 subnet masks, network addresses, broadcast addresses, usable host ranges, and CIDR notation. Essential tool for network administrators, cybersecurity professionals, IT students, and cloud engineers working with AWS, Azure, GCP, and enterprise networks.

🔒 Network Security & Standards Compliance:

This calculator implements RFC 1518/1519 CIDR standards and follows NIST cybersecurity guidelines for proper IP address allocation and subnet design. Accurate subnetting is critical for network segmentation, security zones, and zero-trust architecture implementation as recommended by CISA's 2024-2026 Cybersecurity Strategic Plan.

📡 What This IP Calculator Provides:

Network Address: First address in the subnet (network identifier)

Broadcast Address: Last address in the subnet

Usable Host Range: Available IP addresses for devices

Subnet Mask: Decimal and binary notation

CIDR Notation: Slash notation (e.g., /24)

Wildcard Mask: For ACLs and routing configurations

Total Hosts: Maximum addresses in subnet

IP Class: Classful network classification

IPv4 Subnet Calculator

Enter any IPv4 address in dotted decimal notation (0-255.0-255.0-255.0-255)
Choose your preferred input format
Prefix bits (0-32), common: /8, /16, /24, /30

Subnet Calculation Results

What is an IP Address?

An IP (Internet Protocol) address is a unique numerical identifier assigned to each device connected to a computer network that uses the Internet Protocol for communication. IPv4 addresses are 32-bit numbers typically displayed in dotted decimal notation as four octets (0-255) separated by periods, such as 192.168.1.1. These addresses enable routing and delivery of data packets across networks, forming the foundation of internet and intranet communications.

IP addresses serve two primary functions: host or network interface identification and location addressing. They allow devices to find and communicate with each other across local networks and the global internet, with routers using IP addresses to determine optimal paths for data transmission.

IPv4 Address Structure

An IPv4 address consists of 32 binary bits divided into four octets (8 bits each). Each octet is converted to decimal format (0-255) for human readability.

IPv4 Address Binary Structure:

\[ \text{IPv4} = \underbrace{8 \text{ bits}}\_{\text{Octet 1}} \cdot \underbrace{8 \text{ bits}}\_{\text{Octet 2}} \cdot \underbrace{8 \text{ bits}}\_{\text{Octet 3}} \cdot \underbrace{8 \text{ bits}}\_{\text{Octet 4}} = 32 \text{ bits total} \]

IPv4 Address Example: 192.168.1.100

Decimal Notation: 192.168.1.100

Binary Representation:

• Octet 1: 192 = 11000000

• Octet 2: 168 = 10101000

• Octet 3: 1 = 00000001

• Octet 4: 100 = 01100100

Full Binary: 11000000.10101000.00000001.01100100

Total Possible IPv4 Addresses: \(2^{32}\) = 4,294,967,296 addresses

Subnet Masks and CIDR Notation

A subnet mask is a 32-bit number that divides an IP address into network and host portions. It uses consecutive 1s for the network portion and consecutive 0s for the host portion. CIDR (Classless Inter-Domain Routing) notation expresses the subnet mask as a slash followed by the number of network bits.

Subnet Mask Relationship:

\[ \text{Network Address} = \text{IP Address} \land \text{Subnet Mask} \] \[ \text{Host Portion} = \text{IP Address} \land \neg\text{Subnet Mask} \]

Where \( \land \) is bitwise AND and \( \neg \) is bitwise NOT

Common Subnet Masks

CIDRSubnet MaskWildcard MaskTotal HostsUsable HostsTypical Use
/8255.0.0.00.255.255.25516,777,21616,777,214Class A networks
/16255.255.0.00.0.255.25565,53665,534Class B networks
/24255.255.255.00.0.0.255256254Class C networks, typical LAN
/25255.255.255.1280.0.0.127128126Small office subnets
/26255.255.255.1920.0.0.636462Medium office subnets
/27255.255.255.2240.0.0.313230Small department
/28255.255.255.2400.0.0.151614Very small subnet
/29255.255.255.2480.0.0.786Point-to-point links
/30255.255.255.2520.0.0.342Point-to-point WAN links
/31255.255.255.2540.0.0.122Point-to-point (RFC 3021)
/32255.255.255.2550.0.0.011Single host route

Calculating Network Address

The network address is the first address in a subnet and identifies the subnet itself. It's calculated by performing a bitwise AND operation between the IP address and subnet mask.

Network Address Formula:

\[ \text{Network Address} = \text{IP Address} \land \text{Subnet Mask} \]

Bitwise AND operation on all 32 bits

Network Address Calculation Example:

Given:

• IP Address: 192.168.1.100

• Subnet Mask: 255.255.255.0 (/24)

Binary Calculation:

IP Address:    11000000.10101000.00000001.01100100

Subnet Mask:  11111111.11111111.11111111.00000000

AND Operation: 11000000.10101000.00000001.00000000

Network Address: 192.168.1.0

The network address represents the entire subnet and cannot be assigned to a host.

Calculating Broadcast Address

The broadcast address is the last address in a subnet, used to send data to all hosts within that subnet simultaneously.

Broadcast Address Formula:

\[ \text{Broadcast Address} = \text{Network Address} \lor \text{Wildcard Mask} \]

Where Wildcard Mask = NOT(Subnet Mask)

Broadcast Address Calculation Example:

Given:

• Network Address: 192.168.1.0

• Subnet Mask: 255.255.255.0 (/24)

Binary Calculation:

Network Address: 11000000.10101000.00000001.00000000

Wildcard Mask:  00000000.00000000.00000000.11111111

OR Operation:   11000000.10101000.00000001.11111111

Broadcast Address: 192.168.1.255

Packets sent to this address reach all hosts in the 192.168.1.0/24 subnet.

Usable Host Range

The usable host range includes all IP addresses between the network address and broadcast address. These addresses can be assigned to network devices like computers, servers, routers, and IoT devices.

Usable Host Range Formula:

\[ \text{First Usable Host} = \text{Network Address} + 1 \] \[ \text{Last Usable Host} = \text{Broadcast Address} - 1 \] \[ \text{Total Usable Hosts} = 2^{(32-n)} - 2 \]

Where \( n \) is the CIDR prefix length

Usable Host Range Example (192.168.1.0/24):

Network Address: 192.168.1.0 (reserved, not usable)

First Usable Host: 192.168.1.1

Last Usable Host: 192.168.1.254

Broadcast Address: 192.168.1.255 (reserved, not usable)

Total Addresses: \(2^{(32-24)}\) = \(2^8\) = 256

Usable Hosts: 256 - 2 = 254 addresses

The first usable IP is typically assigned to the default gateway (router).

IP Address Classes (Classful Addressing)

Before CIDR was adopted in 1993, IP addresses were allocated using classful addressing, which divided the IPv4 address space into five classes (A, B, C, D, E) based on the first octet. While largely obsolete for routing, classful addressing remains relevant for understanding IP address ranges.

ClassFirst Octet RangeDefault MaskNetwork BitsHosts per NetworkPurpose
Class A1-126255.0.0.0 (/8)816,777,214Large organizations
Class B128-191255.255.0.0 (/16)1665,534Medium organizations
Class C192-223255.255.255.0 (/24)24254Small organizations
Class D224-239N/AN/AN/AMulticast groups
Class E240-255N/AN/AN/AExperimental/Reserved

Note: 127.0.0.0/8 is reserved for loopback addresses (localhost).

Private vs. Public IP Addresses

IP addresses are divided into public and private ranges. Public IPs are globally routable on the internet, while private IPs are used within local networks and require NAT (Network Address Translation) for internet access.

Private IP Ranges (RFC 1918)

Cannot be routed on the public internet:

10.0.0.0 - 10.255.255.255
CIDR: 10.0.0.0/8
Addresses: 16,777,216
Use: Large private networks

172.16.0.0 - 172.31.255.255
CIDR: 172.16.0.0/12
Addresses: 1,048,576
Use: Medium private networks

192.168.0.0 - 192.168.255.255
CIDR: 192.168.0.0/16
Addresses: 65,536
Use: Home and small office networks

Special IP Ranges

Reserved for specific purposes:

127.0.0.0/8
Loopback addresses (localhost)
127.0.0.1 most common

169.254.0.0/16
APIPA (Automatic Private IP Addressing)
Auto-assigned when DHCP fails

0.0.0.0/8
"This network" - special use

255.255.255.255
Limited broadcast address

CIDR (Classless Inter-Domain Routing)

CIDR, introduced in 1993 via RFC 1518 and RFC 1519, replaced classful addressing with a flexible, hierarchical method of IP allocation. CIDR allows variable-length subnet masks (VLSM), enabling more efficient use of IPv4 address space and reducing routing table sizes through route aggregation.

CIDR Notation:

\[ \text{IP Address/Prefix Length} \] \[ \text{Example: } 192.168.1.0/24 \]

Prefix length indicates number of network bits

CIDR Block Sizing

Choosing the Right CIDR Block Size:

For 2-6 hosts: Use /29 (6 usable hosts) - ideal for small point-to-point links

For 10-25 hosts: Use /27 (30 usable hosts) - small department or workgroup

For 50-100 hosts: Use /25 (126 usable hosts) - medium office floor

For 200-250 hosts: Use /24 (254 usable hosts) - typical LAN, standard configuration

For 500-1000 hosts: Use /22 (1,022 usable hosts) - large campus building

For data centers: Use /23, /22, /21 depending on scale

Remember: Always plan for 20-30% growth when sizing subnets!

Subnetting for Network Segmentation

Subnetting divides a larger network into smaller sub-networks, improving security, reducing broadcast domains, and enabling efficient IP address management. Modern zero-trust architectures and NIST cybersecurity frameworks emphasize network segmentation as a critical security control.

Benefits of Proper Subnetting

- **Security Isolation:** Separate sensitive systems (servers, IoT devices, guest WiFi) into different subnets - **Broadcast Domain Reduction:** Smaller broadcast domains improve network performance - **Traffic Management:** Implement routing policies and QoS between subnets - **IP Address Efficiency:** Allocate appropriate subnet sizes for each department/function - **Compliance Requirements:** Meet regulatory standards (HIPAA, PCI-DSS) requiring network segmentation - **Cloud Architecture:** Design VPCs in AWS, Azure, GCP with proper subnet allocation

Enterprise Subnetting Example (Company with 10.0.0.0/16):

Total Available: 10.0.0.0/16 = 65,534 usable hosts

Subnet Allocation:

Management Network: 10.0.0.0/24 (254 hosts) - Network devices, switches, routers

Servers: 10.0.1.0/24 (254 hosts) - Production application servers

DMZ: 10.0.2.0/25 (126 hosts) - Public-facing web servers

Employee VLANs: 10.0.10.0/22 (1,022 hosts) - Office workstations

Guest WiFi: 10.0.100.0/24 (254 hosts) - Isolated guest access

IoT Devices: 10.0.150.0/23 (510 hosts) - Cameras, sensors, printers

VoIP: 10.0.200.0/24 (254 hosts) - IP phones with QoS priority

This segmentation improves security, manageability, and allows granular firewall rules.

Wildcard Masks

Wildcard masks (also called inverse masks) are the logical inverse of subnet masks, used primarily in Cisco IOS access control lists (ACLs) and OSPF routing configurations. Where subnet masks use 1s for network bits, wildcard masks use 0s.

Wildcard Mask Formula:

\[ \text{Wildcard Mask} = 255.255.255.255 - \text{Subnet Mask} \] \[ \text{Wildcard Mask} = \neg\text{Subnet Mask} \]

Wildcard Mask Example:

Subnet Mask: 255.255.255.0 (/24)

Calculation:

255.255.255.255
- 255.255.255.0
= 0.0.0.255

Wildcard Mask: 0.0.0.255

Cisco ACL Usage:
access-list 10 permit 192.168.1.0 0.0.0.255

This permits all hosts in the 192.168.1.0/24 subnet.

IPv4 Address Exhaustion and IPv6

The IPv4 address space of 4.3 billion addresses was exhausted in 2011 when IANA allocated the last /8 blocks. This exhaustion drove adoption of IPv6, which provides 340 undecillion addresses (\(2^{128}\)). However, IPv4 remains dominant due to NAT, careful CIDR allocation, and slow IPv6 adoption.

⚠️ IPv4 Scarcity Management:

NAT (Network Address Translation): Allows multiple devices to share a single public IP

CIDR and VLSM: Efficient IP allocation prevents waste

IPv4 Address Markets: Organizations buy/sell unused IPv4 blocks

IPv6 Transition: Dual-stack networks running both IPv4 and IPv6

Cloud Providers: AWS, Azure, GCP charge extra for public IPv4 addresses to encourage IPv6

Cloud Network Architecture

Modern cloud platforms (AWS, Azure, Google Cloud) require careful IP planning for VPCs (Virtual Private Clouds), subnets, and hybrid connectivity.

AWS VPC Subnet Design

AWS VPC Example (10.0.0.0/16):

VPC CIDR: 10.0.0.0/16 (65,536 addresses)

Subnet Design across 3 Availability Zones:

Public Subnet AZ1: 10.0.1.0/24 - Internet-facing load balancers, NAT gateways

Public Subnet AZ2: 10.0.2.0/24 - Redundant public resources

Private Subnet AZ1: 10.0.11.0/24 - Application servers (no direct internet)

Private Subnet AZ2: 10.0.12.0/24 - Redundant application tier

Database Subnet AZ1: 10.0.21.0/24 - RDS, DynamoDB VPC endpoints

Database Subnet AZ2: 10.0.22.0/24 - Database redundancy

Management Subnet: 10.0.100.0/24 - Bastion hosts, VPN endpoints

AWS Reserves 5 IPs per subnet: Network (1), Router (1), DNS (1), Future (1), Broadcast (1)

Official Government & Standards Resources (2026)

NIST - National Institute of Standards and Technology

CISA - Cybersecurity & Infrastructure Security Agency

U.S. Department of Defense

Internet Standards (IETF RFCs)

Frequently Asked Questions

How do I calculate a subnet mask from CIDR notation?
Convert the CIDR prefix to binary: create 32 bits with the first n bits as 1s (where n is the CIDR number) and remaining bits as 0s, then convert to decimal. For /24: first 24 bits are 1s (11111111.11111111.11111111.00000000), which equals 255.255.255.0. Our calculator automates this conversion instantly.
What is the difference between network address and broadcast address?
The network address is the first address in a subnet (all host bits are 0) and identifies the network itself—it cannot be assigned to a device. The broadcast address is the last address (all host bits are 1) used to send packets to all hosts in the subnet simultaneously. Neither can be assigned to hosts; only addresses between these two are usable.
How many usable hosts are in a /24 subnet?
A /24 subnet has 254 usable host addresses. Calculation: 2^(32-24) = 2^8 = 256 total addresses, minus 2 (network address and broadcast address) = 254 usable hosts. The range would be x.x.x.1 through x.x.x.254, with x.x.x.0 as network and x.x.x.255 as broadcast.
What subnet mask should I use for my home network?
For most home networks, use 255.255.255.0 (/24) which provides 254 usable addresses—more than enough for typical households. Use an IP range from the private address space: 192.168.0.0/24 or 192.168.1.0/24 are most common. Your router typically uses .1 (gateway), and DHCP assigns .2-.254 to devices. Larger homes with many IoT devices might use /23 (510 hosts).
Can I use any IP address range for my private network?
No, use only RFC 1918 private ranges: 10.0.0.0/8 (10.0.0.0-10.255.255.255), 172.16.0.0/12 (172.16.0.0-172.31.255.255), or 192.168.0.0/16 (192.168.0.0-192.168.255.255). These ranges are reserved for private networks and won't conflict with public internet addresses. Using other ranges can cause routing conflicts. Home networks typically use 192.168.x.0/24.
What is CIDR notation and why is it used?
CIDR (Classless Inter-Domain Routing) notation expresses IP networks as IP/prefix (e.g., 192.168.1.0/24), where the number after the slash indicates how many bits are used for the network portion. CIDR replaced classful addressing in 1993, allowing flexible subnet sizes and efficient IP allocation. /24 means 24 network bits and 8 host bits (256 addresses). It's more flexible and efficient than old Class A/B/C system.
How do I choose the right subnet size for my network?
Calculate required hosts, add 20-30% growth buffer, then choose the next CIDR block size. For 50 hosts, you need at least 62 usable addresses (/26 = 62 hosts). For 200 hosts, use /24 (254 hosts). Remember: smaller prefix numbers = larger subnets (/16 is bigger than /24). Consider future growth, network segmentation needs, and whether you're designing for on-premises or cloud infrastructure.
What is a wildcard mask and when is it used?
A wildcard mask is the inverse of a subnet mask, used in Cisco router ACLs and OSPF configurations. Calculate by subtracting subnet mask from 255.255.255.255. For subnet mask 255.255.255.0, wildcard is 0.0.0.255. In ACLs, 0 means "must match" and 1 means "don't care." Example: "access-list 10 permit 192.168.1.0 0.0.0.255" matches all IPs in 192.168.1.0/24.
Why can't I use all 256 addresses in a /24 subnet?
Two addresses are reserved: the first address (all host bits = 0) is the network address identifying the subnet itself, and the last address (all host bits = 1) is the broadcast address for sending to all hosts. In 192.168.1.0/24: .0 is network, .255 is broadcast, leaving .1 through .254 (254 addresses) usable for devices. This is true for all subnets except /31 and /32.
How do cloud providers handle IP addressing differently?
Cloud providers (AWS, Azure, GCP) reserve additional IPs per subnet beyond network/broadcast. AWS reserves 5 IPs: network address, VPC router, DNS server, future use, and broadcast. So a /24 subnet in AWS has 251 usable IPs instead of 254. They also charge for public IPv4 addresses to encourage IPv6 adoption. Design VPCs with non-overlapping CIDR blocks if you plan VPC peering or hybrid connectivity.

Related Calculators