Given a start and an end IPv4 address, this tool calculates a valid IPv4 subnet along with its CIDR notation.
CIDR aggregation finds the smallest set of network prefixes that exactly covers a given IP range.
IP ranges that do not align on power-of-2 boundaries require multiple CIDR blocks to represent exactly.
CIDR blocks must be power-of-2 in size and aligned to corresponding boundaries. An arbitrary start-to-end IP range (e.g. 10.0.0.5 to 10.0.0.20) cannot be expressed as a single CIDR — it decomposes into multiple non-overlapping blocks. This tool performs that decomposition automatically for firewall rules.
Practical uses of IP range expansion: firewall rules (allow only specific IP ranges); VPN routing tables (specify which traffic goes through the VPN tunnel); Nginx/Apache allow/deny directives; cloud security group rules (AWS Security Groups, Alibaba Cloud); CDN whitelists; database access control. CIDR is the most concise notation — a single IP range may map to multiple CIDR blocks.