Subnetter

The Problem

Every cloud network starts with a simple question: “What IP addresses should we use?”

What seems straightforward quickly becomes a nightmare at scale. A typical enterprise cloud deployment requires:

Exponential Complexity

12 accounts × 4 regions × 3 AZs × 6 subnet types = 864 unique subnets

Each one needs a carefully calculated CIDR block. One overlap, and traffic routes to the wrong place—or nowhere at all.

The Spreadsheet Trap

Teams resort to massive spreadsheets. Formulas break. Rows get deleted. Version control is “final_v3_REAL.xlsx”. The person who built it left the company.

Growth Breaks Everything

You allocated a /24 for production. Now you need 500 hosts. Re-IP the entire VPC? Migrate workloads? Explain to leadership why this “simple change” takes 3 months?

Multi-Cloud Multiplies Pain

AWS uses us-east-1a. Azure uses eastus-1. GCP uses us-central1-a. Three clouds means three naming conventions, three spreadsheets, and three times the chance for human error.

The Hidden Costs

🔥 Incident Response

Hours to days per incident

A developer deploys to staging, but traffic routes to production. Why? Overlapping CIDRs between VPCs. The on-call engineer spends 3am tracing packet flows, comparing subnet tables, and explaining to leadership why customer data might have been exposed.

🏗️ Re-IP Projects

Weeks to months of engineering time

You allocated a /24 for the data tier. Now the ML team needs 500 GPU instances. Options: re-architect the entire VPC, migrate every workload with downtime, or run a parallel network and maintain both. None are good. All are expensive.

🧠 Tribal Knowledge

Institutional risk

“Why is this subnet 10.47.128.0/22?” The answer lives in Sarah’s head. Sarah left 6 months ago. The wiki says “see network diagram” but the diagram is from 2019. New engineers take weeks to become productive because the network is a mystery.

📋 Compliance & Audits

Failed audits, delayed certifications

The auditor asks: “Show me your IP address management policy.” You show them a spreadsheet. They ask: “How do you prevent overlaps?” You say: “We’re careful.” They write: “Finding: No automated controls for IP allocation. Risk: High.”

🤝 M&A Integration

Months of delay, millions in cost

Your company acquires a competitor. Their production network is 10.0.0.0/8. So is yours. Every integration project—shared services, data migration, unified auth—is blocked until someone re-IPs an entire organization. The deal synergies are delayed by a year.

📈 Scaling Paralysis

Opportunity cost

The business wants to launch in 3 new regions by Q2. The network team says: “We need to plan the IP allocation first.” Planning takes 6 weeks. Implementation takes 4 more. The competitor launches first. The window closes.

There’s a Better Way

What if you could describe your entire network structure in a simple config file—and generate every subnet allocation automatically, with mathematical guarantees of zero conflicts?

That’s Subnetter.

Define your accounts, regions, and subnet types once. Subnetter handles the CIDR math, respects cloud provider conventions, and produces a complete allocation table in seconds. Add a new region? One line in the config. Need to audit your IP space? It’s all in version control.

---

Try It Now

Get your first allocation in under a minute:

npm

# Install and run
npm install -g subnetter
subnetter generate --config config.json --output allocations.csv

npx (no install)

# Run directly without installing
npx subnetter generate --config config.json --output allocations.csv

Quick Example

Download a sample config and try it yourself!

---

See It In Action

📄 Your Config (15 lines)

{
  "baseCidr": "10.0.0.0/8",
  "accounts": [
    { "name": "production", "clouds": { "aws": { "regions": ["us-east-1", "us-west-2", "eu-west-1"] } } },
    { "name": "staging", "clouds": { "aws": { "regions": ["us-east-1"] } } },
    { "name": "development", "clouds": { "azure": { "regions": ["eastus", "westeurope"] } } }
  ],
  "subnetTypes": {
    "Public": 24,
    "Private": 24,
    "Data": 26,
    "Management": 28
  }
}

📊 Your Output (144 rows)

Account	Cloud	Region	AZ	Subnet	CIDR
production	aws	us-east-1	us-east-1a	Public	10.0.0.0/24
production	aws	us-east-1	us-east-1a	Private	10.0.1.0/24
production	aws	us-east-1	us-east-1a	Data	10.0.2.0/26
production	aws	us-east-1	us-east-1a	Management	10.0.2.64/28
production	aws	us-east-1	us-east-1b	Public	10.0.4.0/24
…	…	…	…	…	…
development	azure	westeurope	westeurope-3	Management	10.2.28.64/28

3 accounts × 6 regions × 3 AZs × 4 subnets = 144 allocations

Zero Conflicts Guaranteed

Every CIDR is mathematically guaranteed to be non-overlapping. The hierarchical allocation algorithm ensures each account, region, AZ, and subnet gets its own dedicated slice of IP space.

---

Real-World Scenarios

🏢 Enterprise

Scenario: Global financial services company migrating to cloud

• 50+ AWS accounts (prod, staging, dev, sandbox per business unit)
• 8 regions for data residency compliance
• 6 subnet types per VPC (public, private, data, management, endpoints, transit)
• Strict audit requirements for IP allocation

Without Subnetter: 6-month planning project. Dedicated network team. Custom tooling.

With Subnetter: Single config file. Version-controlled. Auditable. Done in a day.

🚀 Startup

Scenario: Fast-growing SaaS company expanding internationally

• Started with 1 region, now need 5
• Adding new microservices weekly
• Can’t afford downtime for re-IP projects
• Small team wearing many hats

Without Subnetter: Outgrow your IP scheme. Painful re-architecture. Production incidents.

With Subnetter: Plan for 10x growth upfront. Add regions in minutes. Sleep at night.

☁️ Multi-Cloud

Scenario: Healthcare company with multi-cloud strategy

• AWS for compute, Azure for AI/ML, GCP for analytics
• Need consistent IP strategy across all three
• Each cloud has different AZ naming conventions
• Compliance requires documented network architecture

Without Subnetter: Three different spreadsheets. Manual translation. Inevitable conflicts.

With Subnetter: One config. All clouds. Provider-aware AZ naming. Single source of truth.

---

How It Works

Subnetter divides your IP space hierarchically—no overlaps, guaranteed:

flowchart LR A["🌐 Base CIDR<br/>10.0.0.0/8<br/><i>16M addresses</i>"] --> B["☁️ Accounts<br/>/16 each<br/><i>65K per account</i>"] B --> C["🗺️ Regions<br/>/20 each<br/><i>4K per region</i>"] C --> D["📍 AZs<br/>/22 each<br/><i>1K per AZ</i>"] D --> E["🔲 Subnets<br/>/24-/28<br/><i>16-254 per subnet</i>"] style A fill:#1a1a2e,color:#fff,stroke:#4a4a6a,stroke-width:2px style B fill:#16213e,color:#fff,stroke:#4a4a6a,stroke-width:2px style C fill:#0f3460,color:#fff,stroke:#4a4a6a,stroke-width:2px style D fill:#1a5276,color:#fff,stroke:#4a4a6a,stroke-width:2px style E fill:#1e8449,color:#fff,stroke:#4a4a6a,stroke-width:2px

Deterministic

Same config always produces the same output. Perfect for GitOps, disaster recovery, and reproducible infrastructure.

Extensible

Add new accounts or regions anytime. Subnetter finds the next available space without touching existing allocations.

Provider-Aware

Knows that AWS uses us-east-1a, Azure uses eastus-1, and GCP uses us-central1-a. You don’t have to.

Validation Built-In

Catches errors before they reach production: overlapping CIDRs, invalid prefixes, exhausted address space.

---

Why Teams Choose Subnetter

🕐 Save Days of Planning

What takes a team days in spreadsheets takes Subnetter seconds. Focus your engineers on building, not IP math.

🛡️ Eliminate Human Error

No more typos in CIDR notation. No more “oops, that overlaps with prod.” Mathematically guaranteed correctness.

📈 Scale Confidently

Plan for 10x growth from day one. Add accounts, regions, and subnets without re-architecting your network.

📋 Audit-Ready Documentation

Your network allocation is a version-controlled config file. Every change is tracked. Every allocation is explainable.

---

The Manual Approach vs. Subnetter

Aspect	Manual (Spreadsheets)	Subnetter
Time to plan 100 subnets	Hours to days	Seconds
Risk of overlap	High (human error)	Zero (algorithmic)
Adding a new region	Recalculate everything	Add one line to config
Multi-cloud consistency	Three separate docs	One unified config
Onboarding new team members	”Ask Sarah, she knows”	Self-documenting config
Disaster recovery	Hope the spreadsheet is current	Regenerate from Git
Audit trail	”Check the wiki”	Git history

---

Choose Your Path

🚀 New to Subnetter?

Start with the Quick Start guide for installation, configuration basics, and your first allocation.

Get Started →

📋 Ready to Configure?

Jump to the Configuration Reference for the complete schema and all available options.

View Config Reference →

🔧 Using Programmatically?

Check the API Documentation to integrate Subnetter into your Node.js applications.

Browse API Docs →

🎓 Learn CIDR Basics?

New to IP subnetting? The CIDR Primer covers everything you need to know.

Read CIDR Primer →

---

Key Capabilities

Multi-Cloud Native

First-class support for AWS, Azure, and GCP with provider-specific region and AZ naming conventions built in.

Flexible Subnet Sizing

Define different prefix lengths for different workloads. Large /24s for compute, small /28s for management.

Account-Level Overrides

Need a specific CIDR for one account? Override defaults without breaking the hierarchy.

CSV & Programmatic Output

Export to CSV for spreadsheet users, or use the TypeScript API for automation pipelines.

---

More Resources

Architecture

Understand Subnetter’s technical design and allocation algorithms.

View Architecture →

Troubleshooting

Solutions for common issues and error messages.

Troubleshooting Guide →

Kubernetes Guide

Specialized network design for multi-AZ Kubernetes deployments.

K8s Network Design →

Developer Guide

Contributing to Subnetter? Start here.

Developer Guide →