OneWebDesk
All tools
한국어|English

IP Range to CIDR

Convert a start and end IP into the minimal set of CIDR blocks.

When you write firewall rules, routing tables, or access control lists, you often deal with arbitrary IP ranges like “192.168.1.10 through 192.168.1.200.” But most network devices and cloud security groups only accept CIDR notation (for example 192.168.1.0/24), not free-form ranges. This tool takes a start IP and an end IP and converts the range into the minimal set of CIDR blocks that cover it exactly.

It uses the standard IP range → CIDR algorithm, and all computation happens in your browser, so the IPs you enter are never sent anywhere. You can copy each CIDR block individually or the whole list at once, and you also get the total block count and total address count — ready to paste straight into a firewall, VPC, or routing configuration. To analyze a single CIDR in detail, use the CIDR calculator instead.

CIDR blocks
  • 192.168.1.0/25
  • 192.168.1.128/31
  • 192.168.1.130/32
Blocks3
Total addresses131

How an IP range becomes CIDR

An arbitrary IP range often cannot be expressed as a single CIDR, because a CIDR block must always be a power-of-two size and must be aligned to that size. So the range has to be split into several aligned blocks. Starting from the first address, the algorithm repeats these steps:

  1. Find the largest block size the current start address can hold without breaking alignment (determined by its lowest set bit).
  2. Find the largest block size that does not exceed the number of remaining addresses.
  3. Pick the smaller of the two as the block, then advance the start address by that amount.

This covers the range exactly while keeping the number of blocks at a minimum. For example,192.168.1.0192.168.1.130 splits into 192.168.1.0/25 (0–127),192.168.1.128/31 (128–129), and 192.168.1.130/32 (130).

Where you use it

  • Firewalls / security groups: AWS Security Groups and GCP/Azure firewall rules accept CIDR only.
  • Routing / static routes: Router and load balancer route entries need CIDR form.
  • ACLs / WAF allowlists: Compressing an IP range into CIDR reduces the number of rules.

Before converting, the Private IP Checker helps you confirm whether the target range is private or reserved.

Things to note

This tool supports IPv4 only. The end IP must be greater than or equal to the start IP; if both are equal it becomes a single /32 host. Conversely, the full range 0.0.0.0255.255.255.255 is expressed as a single 0.0.0.0/0.

Frequently asked questions

Why is one range split into several CIDRs?
A CIDR block must be a power-of-two size and aligned to that size. Arbitrary start/end addresses rarely satisfy this in a single block, so the range is split into several aligned blocks that together cover exactly the same addresses.
Is the result really the minimal number of blocks?
Yes. It uses the standard algorithm that, at each step, picks the smaller of the largest block allowed by the start address's alignment and the largest block allowed by the remaining count — which yields the minimal number of CIDR blocks covering the range.
Does it convert IPv6 too?
This tool is IPv4 only. IPv6 addresses are 128 bits wide and require separate handling.
Are the IPs I enter sent to a server?
No. The conversion runs entirely in your browser (client side). The IP addresses you enter are never transmitted or stored externally.

Related tools

Network / IP
CIDR Calculator
Calculate IP range, subnet mask and host count from CIDR notation.
IPv6 Compress / Expand
Convert IPv6 addresses between compressed and expanded forms.
Public / Private IP Checker
Check whether an IP is private, loopback or a reserved range.
MTU / MSS Calculator
Calculate recommended MTU and MSS for tunnels, VPN and PPPoE.
What Is My IP
Show your current public IP address and connection details.
IP / ASN Lookup
Look up an IP's owning org, ASN and allocation via RDAP.