Does this tool send my data anywhere?

No. Everything runs in your browser via standard Web APIs. The page makes no network calls after the initial load.

Yes. No signup, no usage limits, no ads in the input form.

Does it work offline?

After the first visit, the service worker caches the assets so the tool keeps working without a connection.

Inputs are remembered locally in your browser via localStorage. They never leave your device.

Yes. Use the Copy or Share button on the result, or copy the page URL once you have entered values.

CIDR Notation Explained

Where CIDR came from

Before 1993 the IPv4 world was carved into fixed classes: Class A (/8), Class B (/16), Class C (/24). If your company outgrew a Class C, your only option was a full Class B - 65,536 addresses, far more than most needed. CIDR (RFC 4632, "Classless Inter-Domain Routing") replaced the rigid classes with arbitrary prefix lengths. Now you can have a /22 (1,024 addresses), a /28 (16 addresses), or anything in between.

The notation, decoded

A CIDR block is just address/prefix:

The address picks a starting point in the IP space.
The prefix (the /N) says how many leading bits identify the network. Everything beyond identifies a specific host.

For 192.168.1.0/24:

192.168.1.0
↓ as 32 bits ↓
11000000.10101000.00000001.00000000
└──────── 24 network bits ─────┘└── 8 host bits ──┘

24 network bits + 8 host bits = 32 bits total (IPv4 is always 32 bits). The 8 host bits give you 2⁸ = 256 addresses. Subtract 2 (network address + broadcast) and you get 254 usable hosts.

The subnet mask is just the prefix in disguise

Every CIDR prefix has an equivalent dotted-decimal mask. The first N bits are 1, the rest are 0:

CIDR	Subnet mask	Total IPs	Usable hosts
`/8`	255.0.0.0	16,777,216	16,777,214
`/16`	255.255.0.0	65,536	65,534
`/24`	255.255.255.0	256	254
`/27`	255.255.255.224	32	30
`/30`	255.255.255.252	4	2
`/31`	255.255.255.254	2	2 (RFC 3021)
`/32`	255.255.255.255	1	1

The "usable hosts" formula is 2^{(32 − N)} − 2 for /N ≤ 30. The two reserved addresses are the network address (all host bits 0) and the broadcast (all host bits 1). For /31 and /32 the rules change: /31 was redefined by RFC 3021 to allow 2 usable hosts on point-to-point links (no broadcast needed), and /32 represents a single host route.

Special "wildcard mask"

Some routing platforms (Cisco IOS, ACL syntax) use the inverted mask, called the wildcard mask. A /24's wildcard is 0.0.0.255 (the bits you don't care about). It's the same information; just flipped. Modern Linux iptables and most firewalls use the regular mask.

RFC 1918 - the private ranges everyone uses

Three IPv4 ranges are reserved for private use - they don't route on the public internet, and any organization can use them internally without coordinating with anyone:

10.0.0.0/8 - 16.7M addresses. Most enterprise.
172.16.0.0/12 - 1M addresses. Includes 172.16.0.0/16 through 172.31.0.0/16. Less common.
192.168.0.0/16 - 65,534 addresses. Almost every home router defaults to a /24 inside this.

Plus 100.64.0.0/10 (CGNAT - RFC 6598) for carrier-grade NAT, and 169.254.0.0/16 for link-local autoconfig.

Network address vs. broadcast vs. usable

For 192.168.1.0/24:

Network address: 192.168.1.0 (all host bits 0). Identifies the network. Don't assign to a host.
Broadcast address: 192.168.1.255 (all host bits 1). Sends to every host on the subnet. Don't assign to a host.
Usable host range: 192.168.1.1 through 192.168.1.254. Hosts go here.

IPv6 - same idea, much bigger numbers

IPv6 addresses are 128 bits, written in 8 groups of 4 hex digits. Common prefix lengths:

/48 - site-level allocation. Common for organizations.
/56 - smaller site (some ISPs hand out /56 to home customers).
/64 - single LAN. The default for SLAAC autoconfiguration. Most LANs use this.
/128 - single host.

IPv6 has no broadcast address. The all-ones-host pattern is just a regular unicast address. Multicast handles "send to many" needs differently. So the math for usable hosts in IPv6 is just 2^{(128 − N)} with no -2 deduction.

VLSM and supernetting

Two CIDR-era concepts worth knowing:

VLSM (Variable Length Subnet Masking): using different prefix lengths within the same parent network. E.g. give one team a /24 and another a /27 within a /16. Pre-CIDR you couldn't.
Supernetting (route aggregation): announcing a single short prefix to cover many longer ones. Instead of advertising 256 /24 routes, advertise one /16. Crucial for keeping internet routing tables small.

JustKit's role

The JustKit CIDR calculator takes a CIDR block and returns the network/broadcast/host range, mask, wildcard, and binary breakdown - handy when you're staring at a network diagram or a firewall rule. Works for IPv4 and IPv6.