IPv4 Supernet Calculator

IPv4 CIDR blocks:

Paste route candidates such as 10.44.0.0/24. CIDR and dotted-mask forms are accepted.

Route goal:

Choose the primary recommendation shown in the summary and Route Brief.

Exposure policy:

Use strict when the route must not cover unassigned or separately routed space.

Review CIDR input

{{ error }}

Field	Value	Decision note	Copy
{{ row.field }}	{{ row.value }}	{{ row.note }}

Plan	#	CIDR	Range	Addresses	Use	Copy
{{ row.plan }}	{{ row.order }}	{{ row.cidr }}	{{ row.range }}	{{ row.addresses }}	{{ row.use }}

Line	Input	Normalized CIDR	Range	Addresses	Status	Copy
{{ row.line }}	{{ row.input }}	{{ row.cidr }}	{{ row.range }}	{{ row.addresses }}	{{ row.status }}

Exposure type	CIDR	Range	Addresses	Action	Copy
{{ row.type }}	{{ row.cidr }}	{{ row.range }}	{{ row.addresses }}	{{ row.action }}

Export to PDF Fullscreen

Embed:

Customize

Include current inputs

Size

Advanced

Width

Height

Aspect ratio

Max height

Collapsible embed

Allow fullscreen

Referrer policy

Sandbox tokens

Introduction

IPv4 supernetting turns several smaller routes into a shorter advertisement when their address ranges can be represented by a broader CIDR block. That saves route-table entries, makes routing policies easier to review, and helps network teams see when a proposed summary would accidentally include space that was not in the original list.

This calculator accepts IPv4 CIDR blocks one per line, including dotted-mask forms such as 10.44.0.0/255.255.255.0 or 10.44.0.0 255.255.255.0. Host addresses are normalized back to their network boundary before any summary is calculated, so 10.44.1.77/24 is treated as 10.44.1.0/24. Blank lines are ignored, trailing commas and semicolons are tolerated, and text after a # comment marker is ignored.

The result compares two planning choices. The smallest single covering route gives one broad CIDR that contains the full submitted span. The exact aggregate route set keeps every advertised CIDR inside the unique input address space. The difference between those two outputs is the exposure you must review before publishing a summary route.

The calculator shows the short route and the exact route set side by side so exposure is visible before a route change.

The CIDR math runs in your browser. The tool can load small text, CSV, log, or config files, but route inputs may still appear in the page URL when the scenario is shared, so handle copied links with the same care as the address plan itself.

Technical Details

IPv4 addresses are 32-bit values. A CIDR prefix such as /24 fixes the leading 24 bits as the network portion and leaves the remaining 8 bits as the address span inside that block. The calculator converts each accepted input into its integer start and end address, sorts the ranges, merges adjacent or overlapping coverage, and removes duplicate coverage before it builds recommendations.

The single cover route is calculated from the lowest covered address and the highest covered address. The calculator finds the longest common leading bit pattern shared by those two endpoints, then turns that common prefix back into CIDR notation. That route is always one line, but it can cover addresses before the first input, between separated input ranges, or after the last input.

The exact aggregate route set is stricter. After input ranges are merged, each continuous covered span is converted into the smallest list of aligned CIDR blocks that represents only that span. This may still reduce many submitted routes to fewer advertisements, but it refuses to include uncovered addresses.

Supernet Arithmetic

\begin{array}{lcl} Network & = & IP & Mask \\ BlockSize & = & 2^{32 - Prefix} \\ Broadcast & = & Network + BlockSize - 1 \\ Exposure & = & CoverSize - UniqueInputCoverage \end{array}

How the IPv4 supernet calculator treats inputs and route choices
Stage	What happens	Why it matters
Input parsing	Each non-blank line is read as CIDR, slash plus dotted mask, or address plus dotted mask.	Ticket, router, and spreadsheet formats can be checked without manual cleanup first.
Normalization	Host bits are cleared to recover the actual network boundary for that prefix.	A pasted host address does not shift the route math away from the intended block.
Merge pass	Overlapping and adjacent input ranges are combined into unique covered spans.	Duplicate addresses do not inflate coverage or hide overlap in the result.
Single cover	One CIDR is built around the lowest and highest covered address.	It gives the shortest advertisement, but it may include gap or padding addresses.
Exact aggregate	Covered spans are decomposed into aligned CIDR blocks with no outside addresses.	It is the safer plan when unassigned or separately routed space must not be advertised.

The visible tables are capped for readability when a result becomes very large. In that case, the page warns that the exact route or gap ledger is previewed. The structured JSON keeps the summary, full exact route list, input ledger, capped gap ledger, and warnings generated during the run.

Everyday Use & Decision Guide

Start with the route list exactly as you received it. Pasting the raw list first lets the input ledger show which lines were already on network boundaries, which lines were normalized from host addresses, and where overlaps, adjacency, or gaps appear. That first read is often enough to catch a copied prefix, a missing route, or an accidental duplicate.

Choose Smallest single covering route when you want to know the shortest possible advertisement. This is useful for design review, route-table cleanup, and explaining how a set of contiguous blocks could be represented by one prefix. Read the exposure badge before using that answer. A one-line summary that covers extra addresses can be dangerous if those addresses belong to another site, another customer, or a block that should stay dark.

Choose Exact aggregate route set when the route must not include outside space. This mode can still reduce a messy list, but it may return several CIDRs rather than one. For production change planning, the exact set is usually the better starting point unless you have confirmed that every exposed address in the single cover is safe to advertise.

Allow cover route with warning lets the calculator show a broad cover route while still naming the exposure. Require exact coverage makes the decision stricter: when the single cover includes extra addresses, the brief tells you to use the exact aggregate set instead. The policy changes the recommendation wording, not the underlying CIDR math.

Use the chart as a quick sanity check after the tables. The route-count bars compare the submitted route count, the exact aggregate count, and the one-line cover. The address balance bar shows how much of the cover route is real input coverage versus gap exposure. If the orange gap segment is large, the single cover needs a stronger justification.

Step-by-Step Guide

Paste one IPv4 route per line, or use Browse to load a small text, CSV, log, or config file.
Use CIDR notation, slash plus dotted mask, or address plus dotted mask. Add comments after # if you need labels in the source list.
Pick the Route goal: one smallest cover route for comparison, or exact aggregate routes when outside coverage is not acceptable.
Pick the Exposure policy. Use strict mode when extra address coverage should block the one-line route.
Review Brief first for the primary recommendation, cover route, exact route count, input union, exposure, and route reduction.
Open Routes, Inputs, and Gaps to audit the actual CIDR rows behind the summary.
Copy or download the table you need, save the coverage chart, or export the JSON record when the route plan needs to be reviewed elsewhere.

Interpreting Results

The primary CIDR is not automatically the best route to publish. It is the route that matches the selected goal. If the goal is the single cover, the primary value may be one broad route with exposed addresses. If the goal is exact aggregation, the primary value is a count of exact routes rather than a single CIDR.

Exposure is the address count inside the single cover route that was not part of the unique input coverage. Exposure can come from internal gaps between submitted blocks or from padding at the edges of the cover route. A zero-exposure result means the one-line cover and the exact route set describe the same address span.

How to read IPv4 supernet result fields
Result	Read it as	Common mistake to avoid
Single cover route	The shortest CIDR that contains the whole submitted span.	Treating it as safe without checking gap exposure.
Exact aggregate routes	The smallest route set that stays inside the submitted coverage.	Expecting one route when the inputs have gaps or awkward alignment.
Input union	The unique number of addresses covered after overlap removal.	Adding duplicate or overlapping blocks as if they were new space.
Gap ledger	The CIDR blocks that would be covered by the single route but were not submitted.	Ignoring small gaps that map to another routing domain.
Route reduction	The drop from submitted routes to the selected advertised route count.	Using the percentage as a safety score. It measures count reduction, not correctness.

Overlaps deserve special attention. The calculator removes duplicate address coverage before it reports the input union, but an overlap may still point to a source-list problem. If two teams believe they own the same address range, a mathematically tidy aggregate does not settle the ownership question.

Worked Examples

Four adjacent /24 networks. Enter 10.44.0.0/24, 10.44.1.0/24, 10.44.2.0/24, and 10.44.3.0/24. The single cover is 10.44.0.0/22, and the exact aggregate route set is the same one route because the four blocks are adjacent and aligned.
A gap inside the cover. Enter 10.44.0.0/24, 10.44.1.0/24, and 10.44.3.0/24. The smallest cover is still 10.44.0.0/22, but the gap ledger flags 10.44.2.0/24 as exposed address space. Strict policy points you to the exact aggregate route set instead.
Host addresses in source notes. Enter 192.168.8.19/26 # branch users and 192.168.8.64/26 # branch voice. The input ledger normalizes the first line to 192.168.8.0/26, keeps the second on its boundary, and then shows whether the selected route goal can summarize the pair without extra coverage.

FAQ

What is the difference between a supernet and an exact aggregate?

A supernet is a broader CIDR that contains smaller routes. In this calculator, the single cover route is the broadest useful one-line answer for the submitted span. An exact aggregate is a CIDR set that represents only the submitted coverage, so it avoids advertising gaps.

Why did my host address change to a network address?

CIDR routes start on binary network boundaries. When you enter a host address with a prefix, the host bits are cleared so the row reflects the actual route that prefix describes.

Why can one cover route include addresses I did not enter?

CIDR blocks must be aligned powers of two. If the lowest and highest input addresses do not form a perfect aligned block, the one-line cover expands to the next valid boundary and includes the addresses between or around the inputs.

Does a lower route count mean the plan is better?

Not by itself. Fewer routes can simplify routing, but a route that covers the wrong space can create reachability, blackhole, or ownership problems. Read the exposure and gap ledger before treating count reduction as a win.

How many routes can I paste?

The calculator accepts up to 512 non-blank CIDR lines per run. File import is limited to small text-style files under 256 KiB.

Glossary

CIDR: Classless Inter-Domain Routing notation, written as an IPv4 address plus a slash prefix such as 10.44.0.0/22.
Supernet: A broader prefix that contains multiple smaller networks and can sometimes replace them in route advertisements.
Prefix length: The slash number that states how many leading bits belong to the network portion of an IPv4 address.
Exposure: Addresses inside the single cover route that were not present in the submitted input coverage.
Exact aggregate: A minimal set of aligned CIDR blocks that covers the submitted address space without including outside addresses.

References

RFC 4632: Classless Inter-domain Routing (CIDR): The Internet Address Assignment and Aggregation Plan, RFC Editor.
RFC 791: Internet Protocol, RFC Editor.