IPv4 Renumbering Planner

Maintenance window:

Use the date, start/end time, and timezone from the change record.

Window length:

Include implementation, validation, and DNS cache soak time.

minutes

Wave size:

Smaller waves are easier to validate and roll back when dependencies are uncertain.

hosts

Default cutover method:

Choose the safest normal path for this renumbering window.

Target DNS TTL:

Set the TTL that will be in place before the first wave starts.

minutes

Target DHCP lease:

Use the lease duration planned for affected DHCP-backed hosts.

hours

Implementation time per host:

The timeline multiplies this by each wave's host count.

minutes

Validation time per wave:

Critical rows add a small extra validation allowance automatically.

minutes

Host mappings:

Paste one row per host. Dependencies that match another host are sequenced first.

CSV columns: host, old_ip, new_ip, owner, dependency, criticality, method.

Old prefix boundary:

Example: 10.10.0.0/16. Leave blank to skip the old-prefix audit.

New prefix boundary:

Example: 10.44.0.0/16. Leave blank to skip the new-prefix audit.

Rollback trigger:

Keep this executable during the window, not just a general risk note.

{{ header }}	Copy
{{ cell }}
No rows for the current input.

Export to PDF Fullscreen

Embed:

Customize

Include current inputs

Size

Advanced

Width

Height

Aspect ratio

Max height

Collapsible embed

Allow fullscreen

Referrer policy

Sandbox tokens

IPv4 renumbering changes the addresses that hosts, services, routes, DNS records, access lists, monitoring checks, and dependency notes expect to use. A small address move can still break traffic when one server keeps an old static reference, one firewall rule points at the old host, or one DNS record keeps stale answers longer than the maintenance window allows.

A useful renumbering plan is built around mappings, timing, and reversal. Each host needs an old address, a new address, an accountable owner, and enough dependency context to decide whether another host or service must move first. The plan also needs a realistic window, a DNS time-to-live target, a DHCP lease target for address-managed clients, and a clear trigger for stopping the wave when validation fails.

IPv4 renumbering flow from old addresses to new addresses, dependency waves, readiness checks, and rollback.

Staged changes reduce blast radius, but they do not remove the need for evidence. Parallel old-and-new addressing, DHCP reservation moves, DNS alias shifts, and direct static cutovers all need their own checks. The safer plan keeps each wave small enough to validate, leaves room for DNS and DHCP timing, and records what will be restored if the wave cannot be accepted.

The result should be read as a change-planning aid, not a discovery scan. It can turn a mapping list into waves, ledgers, readiness checks, and rollback rows, but it cannot prove that every embedded address reference has been found or that the live network will accept the change.

Technical Details:

Renumbering is a state transition. Hosts move from old IPv4 addresses to new IPv4 addresses, while dependent records and controls move with them. DNS A and PTR records, firewall and ACL entries, NAT rules, monitoring targets, SNMP managers, VPN policies, replication peers, and application configuration references can all preserve an old address after the host itself has changed.

Wave planning turns that transition into smaller ordered groups. Host dependencies that name another host in the mapping list are placed after the host they depend on. Dependency text that names services such as DNS, firewall, load balancer, monitoring, replication, or VPN remains review context because it may require a separate owner or system change before the host row is safe to execute.

Rule Core:

Each row is parsed as a host mapping, then checked against syntax, duplicate, prefix, dependency, timing, and rollback rules. The checks produce readiness states rather than a single hidden score.

IPv4 renumbering planning rules and readiness effects
Planning rule	How it is evaluated	Readiness effect
IPv4 mapping syntax	Each row needs at least host, old IP, and new IP cells. IPv4 octets must be whole numbers from `0` through `255`.	Invalid or incomplete rows block the plan before wave evidence should be trusted.
Duplicate old or new address	Repeated old IP or repeated new IP values are counted across valid mappings.	Duplicate address sets are `Blocked`; duplicate host names are `Watch`.
Prefix boundary	Optional old and new CIDR boundaries check whether addresses sit inside the approved source and target blocks.	Invalid CIDR boundaries block the audit; address rows outside a valid boundary are `Watch`.
Dependency ordering	Dependencies that match another host name are ordered first. Cycles are detected when rows depend on each other.	A dependency cycle is `Blocked`; matched dependencies create dependency-first wave order.
DNS TTL readiness	Target TTL is read in minutes.	`0` to `15` minutes is `Ready`, more than `15` is `Watch`, and more than `60` is `Blocked`.
DHCP lease readiness	Target lease is read in hours for DHCP-backed hosts.	`0.25` to `4` hours is `Ready`, more than `4` is `Watch`, and more than `24` is `Blocked`.
Window fit	Total planned elapsed time is compared with the approved maintenance window.	Exceeding the window is `Blocked`; using more than 85 percent of the window is `Watch`.
Cutover method risk	Rows using direct static cutover are counted separately from parallel, DHCP, and DNS alias methods.	Any direct static cutover row is `Watch` because console, out-of-band, and revert paths matter more.

Wave duration is additive. Host work, shared validation, extra allowance for critical or high rows, and DNS soak all contribute to the elapsed time shown in the summary and the cutover timeline.

{wave}_{minutes} = (hosts \times {perHost}_{minutes}) + {validation}_{minutes} + (criticalOrHighHosts \times 5) + {dnsTtl}_{minutes}

For example, a two-host wave with 8 minutes per host, 15 minutes of validation, one high-criticality host, and a 5 minute TTL estimates 41 minutes. Two such waves estimate 82 cumulative minutes before any manual buffer outside the model.

IPv4 renumbering inputs and result surfaces
Area	Accepted or returned values	Why it matters
`Host mappings`	CSV rows with host, old IP, new IP, owner, dependency, criticality, and method columns.	The mapping table is the source for validation, dependency order, wave assignment, ledger rows, and rollback grouping.
`Default cutover method`	Parallel old and new address, DHCP reservation or scope move, DNS alias or staged record move, or direct static IP cutover.	Blank row-level methods inherit the selected default, while direct static rows add a review warning.
`Wave Runbook`	Pre-wave gates, one action row per host, and post-wave holds.	Use it to see the ordered implementation sequence and the owner-facing checks for each wave.
`Mapping Ledger`	Normalized old and new IP values, owner, dependency, criticality, method, and findings.	Use it to confirm that every source row became the intended mapping before approval.
`Readiness Audit`	Check name, status, evidence, action, and owner for each gate.	Treat `Blocked` as a stop and `Watch` as a condition that needs explicit acceptance.
`Rollback Pack`	One rollback row per wave with trigger, affected hosts, revert action, validation, and owner.	Use it to keep the retreat path tied to the same wave order as the implementation plan.
`Cutover Timeline`	Implementation, validation, DNS soak, cumulative elapsed time, and the maintenance-window line.	Use it to spot waves that consume too much of the approved window.

Everyday Use & Decision Guide:

Start with the mapping list that will appear in the change record. Include owners even when the technical work belongs to one network team, because validation usually needs application, database, DNS, firewall, and monitoring sign-off. Use dependency text for both host names and service cues. A dependency that matches another host can change wave order; a dependency such as VPN, firewall, or replication becomes a review reminder.

Keep the first pass conservative. A small Wave size, a short Target DNS TTL, and a short Target DHCP lease make stale-address behavior easier to observe. Use Parallel old and new address when services can tolerate temporary coexistence. Choose Direct static IP cutover only when the host has a tested console or out-of-band route and a short revert command path.

Set Old prefix boundary and New prefix boundary when an approved source or target block exists.
Put row-specific method values in the mapping CSV when a few hosts need DHCP, DNS alias, or direct static handling.
Lower Validation time per wave only when owners can complete reachability, DNS/PTR, monitoring, and application checks quickly.
Write a concrete Rollback trigger, such as failed DNS/PTR validation or owner sign-off after two passes.
Use Normalize CSV after the mappings parse cleanly so the source rows match the normalized ledger.

The main stop cue is a Blocked status in Readiness Audit. Invalid IPv4 syntax, duplicate new addresses, dependency cycles, long DNS TTL, long DHCP leases, and a plan that exceeds the window should be fixed before the runbook is treated as usable.

A clean readiness result does not prove every static reference has been found. Before the change ticket moves forward, compare Mapping Ledger findings with IPAM, DNS, firewall, monitoring, NAT, VPN, and application-owner evidence, then use Rollback Pack to confirm each wave has a specific revert path.

Step-by-Step Guide:

Build the plan from the mapping rows, then read the readiness gates before copying any runbook text into a change ticket.

Enter the approved Maintenance window and Window length. The summary should later show elapsed time that fits inside that window.
Set Wave size, Default cutover method, Target DNS TTL, Target DHCP lease, Implementation time per host, and Validation time per wave from the change plan.
Paste one row per host in Host mappings. Use the columns host, old IP, new IP, owner, dependency, criticality, and method. If rows are messy, use Normalize CSV after validation succeeds.
Open Advanced when approved prefix boundaries or rollback criteria exist. Add Old prefix boundary, New prefix boundary, and a specific Rollback trigger.
Read the summary badges. Renumbering Readiness Blocked means one or more readiness rows must be corrected before the plan should be used.
Open Readiness Audit. Fix Blocked rows first, then decide whether every Watch row is acceptable for the window.
Open Wave Runbook and Mapping Ledger. Confirm dependency-first order, old and new IP values, owners, method labels, criticality, and row findings.
Open Cutover Timeline and Rollback Pack. The timeline should leave enough window margin, and the rollback rows should name the affected hosts and validation checks for each wave.

Interpreting Results:

Renumbering Readiness Blocked means at least one readiness check says the plan should not be executed as written. The strongest blockers are invalid address rows, duplicate old or new IP mappings, dependency cycles, invalid CIDR boundaries, DNS TTL above 60 minutes, DHCP lease above 24 hours, or elapsed time beyond the window.

Renumbering Readiness Review means the plan has no blocking checks, but one or more conditions still need operator judgment. Common watch items include duplicate host names, rows outside prefix boundaries, TTL above 15 minutes, DHCP lease above 4 hours, window use above 85 percent, direct static cutovers, static-reference keywords, and missing rollback criteria.

A ready plan badge should still be checked against the actual network evidence. The planner cannot see live routes, DNS zones, DHCP servers, firewall policies, or application configuration. Trust the result only after Mapping Ledger matches the approved address plan and Rollback Pack matches the stop criteria the change owner will use during the window.

How to read IPv4 renumbering readiness outcomes
Result cue	Read it as	Next check
`Blocked`	The runbook is not ready for execution under the entered settings.	Fix the row or timing value named in `Readiness Audit`.
`Watch`	The plan can be reviewed, but a condition deserves explicit acceptance.	Record the owner decision, especially for direct cutovers, TTL, DHCP lease, and narrow window margin.
`Ready`	The specific check found no issue under the entered data.	Confirm the evidence still matches DNS, DHCP, firewall, IPAM, monitoring, and application-owner records.

Worked Examples:

A four-host application move uses the sample-style pattern: app01 and app02 move from 10.10.1.x to 10.44.20.x, db01 moves from 10.10.2.10 to 10.44.30.10, and jump01 moves to 10.44.99.10. With Wave size set to 2, 8 minutes per host, 15 validation minutes, and a 5 minute DNS TTL, the runbook splits the rows into two waves and the timeline estimates about 82 cumulative minutes. Readiness Audit should still show watch items for direct cutover and static-reference dependency text if the jump host uses that method and mentions VPN or firewall work.

A boundary review starts with old prefix 10.10.0.0/16 and new prefix 10.44.0.0/16. If one row maps printer01 from 10.12.5.20 to 10.44.40.20, Mapping Ledger records that the old IP sits outside the configured old boundary. Readiness Audit should put Prefix boundaries into Watch, which is a prompt to correct the row or document an approved exception.

A troubleshooting case is a table with two hosts assigned the same new address, such as 10.44.20.10. The summary should move to Renumbering Readiness Blocked, Mapping Ledger should show Duplicate new IP, and Readiness Audit should mark duplicate addresses as Blocked. Fix the conflicting address before using Wave Runbook or Rollback Pack as change evidence.

FAQ:

What columns do my mapping rows need?

Use host, old IP, and new IP as the minimum. Owner, dependency, criticality, and method add better wave order and readiness evidence. A header row is optional when the columns are in that order.

Why did a dependency not change the wave order?

Only dependency text that matches another host name in the mapping list changes ordering. Terms such as DNS, firewall, VPN, replication, or load balancer are kept as review cues because they refer to outside work rather than another row.

Why is my plan blocked when the addresses look valid?

Address syntax is only one gate. Duplicate old or new IP values, a dependency cycle, invalid prefix boundary, DNS TTL above 60 minutes, DHCP lease above 24 hours, or elapsed time beyond the window can also block readiness.

Does a ready plan mean the network change is safe?

No. A ready result means the entered mapping rows and timing settings passed the planner's checks. It does not inspect live routes, DNS records, DHCP state, firewall rules, monitoring targets, or application configuration references.

Does my mapping table leave the browser?

The planning calculations run in the browser session, and the planner does not submit the mapping table for server-side calculation. Copy and download actions use browser features to save the result text, tables, chart, or structured output.

Glossary:

IPv4 renumbering: Changing host addresses and the related references that point to those addresses.
Wave: A small group of host mappings planned, validated, and either accepted or rolled back together.
DNS TTL: The time a DNS answer may remain cached before clients should request it again.
DHCP lease: The period during which a DHCP client may keep using an assigned address.
Prefix boundary: An optional CIDR range used to confirm that old or new addresses sit inside the approved block.
Rollback trigger: The specific condition that stops a wave and starts the restore path for affected hosts.

References:

Network Renumbering Overview, RFC Editor, January 1997.
Router Renumbering Guide, Internet Engineering Task Force, January 1997.
Address Allocation for Private Internets, RFC Editor, February 1996.
IPv4 Address Blocks Reserved for Documentation, RFC Editor, January 2010.
Domain Names - Implementation and Specification, RFC Editor, November 1987.
Dynamic Host Configuration Protocol, RFC Editor, March 1997.

IPv4 Renumbering Planner

{{ result.summary.title }}

Technical Details:

Rule Core:

Everyday Use & Decision Guide:

Step-by-Step Guide:

Interpreting Results:

Worked Examples:

FAQ:

Glossary:

References: