AKS Subnet Calculator (Azure Kubernetes Service CIDR Calculator)

Correct AKS subnet sizing is critical when deploying Azure Kubernetes Service (AKS).

Depending on your networking mode, AKS may require:

  • A shared subnet for nodes and pods (Azure CNI – flat)
  • A node subnet + separate pod CIDR (Azure CNI Overlay or Kubenet)

Azure reserves 5 IP addresses per subnet, and high pod density can quickly exhaust small CIDR ranges.

This AKS subnet calculator helps you determine the correct CIDR prefix before deployment.

If you’re unsure what values to use, these are common real-world AKS planning assumptions:

Max pods per node (AKS)

  • Azure CNI default: 30
  • Overlay / Kubenet: typically 30–50
  • Conservative planning value: 50

If unsure, use 50 to avoid subnet exhaustion.

Growth buffer

  • Recommended: 20–30%
  • Common production value: 25%
  • Fast-growing workloads: 40%+

Always size for future scaling — not just day-one deployment.

Subnet rule of thumb (Azure CNI – flat)

Because pods consume subnet IPs in Azure CNI (flat):

Worker NodesMax PodsSuggested Minimum
1030/23 safer than /24
2030/22 recommended
30+30–50/22 or larger

The calculator computes exact minimum prefixes, but these guidelines help during architecture design.

How AKS Networking Modes Affect Subnet Size

AKS subnet planning depends entirely on the selected network plugin.

1️⃣ Azure CNI (Flat / Shared Subnet)

Most common production configuration.

  • Nodes and pods share the same Azure subnet.
  • Subnet must support:
    • Node count
    • Max pods per node
    • Growth buffer
  • Azure reserves 5 IP addresses per subnet.

This is the #1 cause of AKS IP exhaustion.

If you underestimate subnet size, you cannot scale the cluster.

2️⃣ Azure CNI Overlay

  • Nodes consume Azure subnet IPs.
  • Pods use a separate overlay CIDR.
  • Subnet sizing depends only on node count.
  • Azure still reserves 5 IPs in the node subnet.

Overlay dramatically reduces subnet pressure compared to flat mode.

3️⃣ Kubenet

  • Nodes consume Azure subnet IPs.
  • Pods use a separate pod CIDR.
  • Similar subnet behavior to Overlay from an IP planning perspective.

How the AKS Subnet Calculator Works

The planner calculates:

Planned nodes

plannedNodes = nodes + futureGrowth bufferFactor = 1 + (buffer% / 100)

Azure CNI (Flat Mode)

Subnet must support:

(nodeCount × bufferFactor) + (nodeCount × maxPodsPerNode × bufferFactor)

Azure reserved IPs (5) are included when calculating usable capacity.

Overlay / Kubenet Mode

  • Node subnet: ceil(plannedNodes × bufferFactor)

  • Pod CIDR: ceil(plannedNodes × maxPodsPerNode × bufferFactor)

Overlay pods do NOT consume Azure subnet IPs.

Most Common AKS Subnet Sizing Mistakes

  • Using /24 with Azure CNI flat and running out of IPs
  • Forgetting Azure reserves 5 IPs
  • Ignoring maxPods setting
  • Not planning for scaling
  • Deploying into small corporate VNets without subnet headroom

IP exhaustion is one of the most common AKS scaling failures.

Why AKS Subnets Run Out of IPs

Azure CNI (flat mode) assigns pod IP addresses directly from the Azure subnet.
When maxPods per node is high, IP consumption increases exponentially.

If the subnet CIDR is too small, AKS cannot scale nodes or schedule new pods.

Read the full breakdown here: → Why Azure CNI Runs Out of IPs (AKS Explained)

AKS vs ARO Subnet Differences

FeatureAKS Azure CNI (Flat)ARO
Pods use Azure subnet IPsYesNo
Separate master subnetNoYes
Overlay by defaultNoYes
Subnet exhaustion riskHigh in flat modeMostly worker subnet

If you are planning Azure Red Hat OpenShift instead: → ARO Subnet Calculator

For other kubernetes solutions, look at the tool: → Kubernetes Subnet Calculator (AKS, EKS, GKE)

Production AKS Subnet Design Considerations

When designing AKS in enterprise Azure environments, also consider:

  • Corporate VNet CIDR allocation strategy
  • Hub-spoke architecture constraints
  • Peered VNet address space conflicts
  • Private endpoint IP consumption
  • Future node pool expansion
  • Blue/green cluster migration space

In many enterprise deployments, subnet size is constrained by pre-allocated address space. Planning larger CIDR ranges early avoids future re-architecture.

If you expect long-term cluster growth, choose the next larger prefix than the calculator minimum.

FAQ – AKS Subnet Sizing

How many IP addresses does Azure reserve per subnet?

Azure reserves 5 IP addresses per subnet.

Do pods consume subnet IPs in AKS?

  • Yes, in Azure CNI (flat mode).
  • No, in Overlay or Kubenet.

What happens if my AKS subnet runs out of IPs?

  • You cannot scale nodes.
  • Pod scheduling may fail.
  • Fixing it usually requires migration or redeployment.

Can I change max pods per node later?

Yes, but it may require:

  • Node pool recreation
  • Scaling operations
  • Careful rollout planning

What is the safest subnet size for production AKS?

There is no single answer, but for Azure CNI flat:

  • Small clusters: /23
  • Medium clusters: /22
  • Large clusters: /21 or larger

Always validate using the calculator above.