adaptive.run TECH BLOG

Cloud can be tricky sometimes. Find out what scenarios we've ran into that are worth being mentioned and explained.

Subnetting in Azure Bicep: Automating Network Addressing

Level: 300
Publishing date: 07-Feb-2025
Author: Catalin Popa

Subnetting is an essential part of Azure networking, ensuring efficient IP allocation and network segmentation. With Bicep CIDR functions, subnetting can now be done programmatically, simplifying the process of defining and managing IP address ranges within Azure Virtual Networks (VNets).

This guide covers:

      • Understanding CIDR and its role in subnetting
      • Using CIDR functions (parseCidr(), cidrSubnet(), cidrHost()) in Bicep
      • Automating subnet allocation for a virtual network
      • Example deployment with an alternative IP range
_______________________________________________________________________________

What is CIDR?

Classless Inter-Domain Routing (CIDR) is a method used to allocate IP addresses and route network traffic efficiently.

      • CIDR notation represents an IP block as IP/PrefixLength
      • The prefix length determines the number of available IP addresses
      • Example: 10.50.0.0/24 means:
        o First 24 bits define the network (10.50.0.0)
        o Remaining 8 bits are available for hosts (10.50.0.1 to 10.50.0.254)

By using CIDR functions in Azure Bicep, you can dynamically split address spaces, calculate subnet sizes, and extract IPs programmatically.
_______________________________________________________________________________

Bicep CIDR Functions: Parsing, Splitting, and Assigning IPs

1. Extracting Network Details with parseCidr()

The parseCidr() function retrieves details about a given CIDR block, including network address, netmask, first/last usable IPs, and broadcast address.
Example: Parsing a New CIDR Block

output outCidrDetails object = parseCidr('10.50.0.0/24')

Expected Output:

{
"broadcast": "10.50.0.255",
"cidr": 24,
"firstUsable": "10.50.0.1",
"lastUsable": "10.50.0.254",
"netmask": "255.255.255.0",
"network": "10.50.0.0"

This function helps when designing address spaces by ensuring the correct network size is allocated.
_______________________________________________________________________________

2. Creating Subnets Dynamically with cidrSubnet()

The cidrSubnet() function splits a network into smaller subnets based on a given prefix and returns a specific subnet by index.

Example: Splitting 10.50.0.0/24 into /26 Subnets

output outSubnet1 string = cidrSubnet('10.50.0.0/24', 26, 0) // First /26 subnet
output outSubnet2 string = cidrSubnet('10.50.0.0/24', 26, 1) // Second /26 subnet 

Expected Output:

{
"outSubnet1": "10.50.0.0/26",
"outSubnet2": "10.50.0.64/26"

• Subnet Index 0 gives 10.50.0.0/26
• Subnet Index 1 gives 10.50.0.64/26
This allows automated allocation of subnets within an address space.
_______________________________________________________________________________

3. Assigning Specific IPs with cidrHost()

The cidrHost() function retrieves an exact host IP from a subnet.

Example: Extracting Specific Host IPs from 10.50.0.0/26

output outHostIps array = [for i in range(0, 5): cidrHost('10.50.0.0/26', i)]

Expected Output:

{
"outHostIps": [
"10.50.0.1",
"10.50.0.2",
"10.50.0.3",
"10.50.0.4",
"10.50.0.5"
]

This is useful for reserving IPs for specific devices or whitelisting IP addresses dynamically.
_______________________________________________________________________________

Subnetting a Virtual Network Using cidrSubnet()

Now, let’s deploy an Azure Virtual Network (VNet) with dynamically generated subnets using cidrSubnet().

Full Bicep Template

@description('The primary IP address space for the virtual network. Default: 10.50.0.0/24')
param parAddressSpace string = '10.50.0.0/24'

@description('The CIDR prefix for subnets. Default: /26')
param parSubnetCidr int = 26

@description('The number of subnets to create. Default: 4')
param parSubnetCount int = 4

var varSubnets = [for i in range(0, parSubnetCount): {
name: 'subnet-${i}'
properties: {
addressPrefix: cidrSubnet(parAddressSpace, parSubnetCidr, i)
   }
}]

resource resVirtualNetwork 'Microsoft.Network/virtualNetworks@2023-05-01' = {
name: 'my-vnet'
location: 'eastus'
properties: {
addressSpace: {
addressPrefixes: [parAddressSpace]
}
subnets: varSubnets
  }
}

output outSubnets array = varSubnets 

Explanation of the Deployment

      1. Parameters allow customization of:
          o The VNet’s IP address space (default: 10.50.0.0/24)
          o The subnet size (default: /26)
          o The number of subnets (default: 4)
      2. The varSubnets variable uses a loop (for i in range(0, parSubnetCount)) to:
          o Generate multiple subnets dynamically
          o Use cidrSubnet() to assign each subnet’s address range
      3. The Virtual Network (resVirtualNetwork) is deployed with the dynamically created subnets.
_______________________________________________________________________________

Expected Output: Subnet Allocation

If parSubnetCount = 4, the output will be:

[
{ "name": "subnet-0", "properties": { "addressPrefix": "10.50.0.0/26" } },
{ "name": "subnet-1", "properties": { "addressPrefix": "10.50.0.64/26" } },
{ "name": "subnet-2", "properties": { "addressPrefix": "10.50.0.128/26" } },
{ "name": "subnet-3", "properties": { "addressPrefix": "10.50.0.192/26" } }

Each subnet contains 64 IPs, following the /26 CIDR notation.

Deploying the Bicep Template

To deploy this Bicep file, run the following command:

az deployment group create --resource-group myResourceGroup --template-file ./subnetting.bicep

This will create:

✔ A VNet (my-vnet)
✔ Multiple subnets dynamically assigned using CIDR
________________________________________

Conclusion

With Azure Bicep CIDR functions, subnetting can be fully automated, making IP allocation simpler and more scalable.

Key Takeaways:

parseCidr() extracts details from an IP range
cidrSubnet() dynamically generates subnets
cidrHost() retrieves specific IP addresses
✔ Subnetting can be automated when deploying Azure Virtual Networks

This approach reduces manual effort, ensures efficient address allocation, and adapts dynamically to different network designs.

By leveraging CIDR functions in Azure Bicep, subnet management becomes more flexible, scalable, and programmatic, making it easier to deploy cloud-native networking solutions. 🚀

Mobirise
adaptive.run

Transform your business.
Run adaptive.

Contact

Phone: +40 73 523 0005
Email: hello@adaptive.run

Legal and Privacy

Privacy Policy - PPD
A.N.P.C.
A.N.P.C - SAL

Mobirise Website Builder
Mobirise Website Builder

© Copyright  2019-2025 adaptive.run- All Rights Reserved