Skip to content →

AKS network planning with ipcalc


Whenever I am setting up K8s, I need to do a fair bit of network range planning. There are networks with their ranges, subnets, CIDR blocks, and all that good stuff. One tool that is indispensable in that work is ipcals. This short blog post is a tribute to that tool.


The platform typically gets some CIDR blocks from the operations departments. They give you that particular range, so any routing does not crash with other networks during peerings. They often use a hub-and-spoke model.

Then what do you do with a classless interdomain routing IP range such as Using K8s, for example, you will have to be very careful with the ranges as not to mess up any routing of packets. The ipcalc tool comes to the rescue.

I use the Windows Subsystem for Linux; see my setup at Windows setup for working effectively with K8s – fredrkl with the Debian distro. Installing ipcalc is as easy as:

> sudo apt-get install ipcalc

The man pages for ipcalc are straightforward. For example, let us break down the network into two subnets. The first subnet will be holding the ingress controller for K8s. It needs just a couple of IP addresses. We can divide the rest of the available addresses into the reminding subnet. Simply type:

> ipcalc --s 10

The command divides the range into two subnets, where the first one holds as close to 10 addresses but not below. The output of the command is:

Output from ipcalc tool

We can then choose some unused CIDR range and further divide up our network if necessary.

If you are in the process of planning your K8s networking setup, then check out the Azure Kubernetes Service – AKS docs for guidance: Configure Azure CNI networking in Azure Kubernetes Service (AKS) – Azure Kubernetes Service | Microsoft Docs

Published in k8s tips&tricks tools


Leave a Reply

Your email address will not be published.