IPv6 Address Range in CIDR Range Tool

Check whether an IPv6 start/end range is fully contained within a CIDR block for allowlists, subnet plans, and IP allocation checks.

Setup
Ready
Enter any address inside the source prefix, then choose its prefix length.
Enter any address inside the target prefix, then choose its prefix length.
Share
To share your settings, paste this link in an email, web page, or on social media
Get share link
Enter values and run the tool to generate subnet results, relationship checks, and Mermaid diagrams.
Topology View
A generated Mermaid view of the current network relationship.
Waiting for input
Mermaid preview appears here after a successful calculation.
No result yet.
Run the tool to inspect normalized details and copy-ready values.
Quick Copy
Copy buttons appear here after a successful result.
Task Fit
Problem solved
Focus
Best with
Watch for
Compare Next
Try These Related Tools
IPv4 CIDR Range Checker
IPv6 Address Within Subnet Network Range
IPv4 Address in CIDR Range
IPv6 Addresses CIDR Notations Boundary
IPv4 Subnet Calculator
IPv4 Addresses CIDR Notations Boundary
IPv6 Subnet Calculator
Class C IP Checker

IPv6 CIDR to range validation and range-in-range checks

This page is a containment validator: is this IPv6 address range fully inside that CIDR block? It’s a fast, low-risk check before you commit changes to firewalls, routing, or IPAM. If you searched for “IPv6 CIDR to Range Calculator” but what you really need is “does this range fit,” this tool is the direct answer.

Key Features

  • Full containment validation: confirms both endpoints (start and end) are inside the CIDR network.
  • Boundary detection: catches ranges that straddle the next subnet boundary (a common off-by-one mistake).
  • CIDR notation support: works with standard address/prefix formats.
  • Operationally useful output: designed for day-to-day tasks like allowlists, ACL objects, and inventory cleanup.

Use Cases

  • Firewall / WAF allowlists: ensure the permitted range is inside the intended subnet and doesn’t widen access unintentionally.
  • Cloud network allocation: validate that a requested child block fits within the parent VPC/VNet range you reserved.
  • IPAM documentation checks: verify that recorded ranges actually match the CIDR they’re filed under.
  • Single IP membership: if you only need to validate one address (not an entire range), use address-in-range instead.

How To Use

  1. Enter the range start (example: 2001:db8::10).
  2. Enter the range end (example: 2001:db8::ff).
  3. Enter the CIDR network (example: 2001:db8::/48).
  4. Run the check:
  • In range means the entire range is contained.
  • Not in range means at least one endpoint escapes the CIDR block, or the range is invalid (start > end).

Result interpretation tip: if your start is inside but your end is outside, you probably meant a different prefix length (for example /23 instead of /24) or you captured the first address of the next subnet.

How It Works

A CIDR block represents a contiguous set of addresses. Containment is true when:

  • both endpoints are members of the network, and
  • the start address is less than or equal to the end address.

In practice, the tool normalizes the CIDR into a network boundary and compares both endpoints against that boundary. If you’re still deciding what the parent CIDR should be (rather than validating it), start with a calculator view like subnet calculator to see network/broadcast/host ranges and block sizes.

Examples

  • CIDR range checker: 2001:db8::10–2001:db8::ff inside 2001:db8::/48

Expected: in range (both endpoints sit within the parent block).

  • CIDR range table sanity check: does 10.0.1.0–10.0.1.255 fit inside 10.0.0.0/23?

Yes—/23 covers two consecutive /24 blocks.

  • IP range calculator boundary failure: range 192.168.1.250–192.168.2.10 inside 192.168.1.0/24

Expected: not in range because the end address is in the next /24.

  • Excel-style bulk validation: if you’re validating hundreds of entries, spot-check a few examples online first, then automate with a script and compare.

python

import ipaddress
net = ipaddress.ip_network("2001:db8::/48", strict=False)
start = ipaddress.ip_address("2001:db8::10")
end = ipaddress.ip_address("2001:db8::ff")
contained = (start in net) and (end in net) and (int(start) <= int(end))
print("contained:", contained)

Edge Cases & Troubleshooting

  • Start/end swapped: IPv6 ranges must be ordered. If start > end, the range is invalid.
  • Boundary straddle: the most common failure—your range overlaps two adjacent subnets because the end address is just past the boundary.
  • Prefix confusion: /16, /24, /25 mistakes are frequent when copying rules between environments.
  • Formatting and typos: extra spaces, missing octets/hextets, or non-decimal characters will cause parsing errors.

Reverse Intent

If you have the opposite requirement—convert a range into the smallest set of CIDR blocks that covers it—that’s a conversion problem, not containment. After converting, run containment checks again to confirm you didn’t accidentally widen the allowed space.

FAQ

What’s the difference between a CIDR block and an IP range?

CIDR is defined by a prefix (network + /n). A range is defined by a start and end. A CIDR block always maps to one contiguous range; a manually-entered range may not align to subnet boundaries.

What is IPv6 address in CIDR format?

It’s an address written with a prefix length (example: 192.168.1.10/24 or 2001:db8::1/64).

What is 255.255.255.0 in CIDR format?

It is /24.

What is the range of 100.64.0.0/10?

It runs from 100.64.0.0 through 100.127.255.255 (CGNAT space). Use this tool to confirm whether a smaller range is contained within it.

Next Steps / Related Workflows

  • If the range is not contained, either adjust the parent CIDR or split your range so each segment aligns to a boundary.
  • Keep an audit trail of your allocations (CIDR, purpose, owner, environment) so allowlists and route summaries stay maintainable.
  • When you need the complementary check in the other address family or for adjacent workflows, continue with the related tool.

Make everything as simple as possible, but not simpler.

Albert Einstein

CodersTool Categories
Data & Format
Data & Format Tools
Encode Decode Tools
Base64 Tools
Unicode UTF Tools
Text Tools
Database Tools
Developer
Developer Tools
Code Editor Tools
Database Tools
Test Data Tools
Dev Calculators
Web & Markup
Site Diagnostics
Meta & Schema Tools
Network & Security
Network Tools
Security Tools
Encryption Tools
Reference
Cheat Sheets
Blog