Skip to main content

Tech & Dev Utilities

Essential tools for developers, network engineers, and tech professionals. Calculate subnets, test regex patterns, estimate transfers, convert colors, and more.

Our tech and dev utilities help developers and IT professionals work more efficiently. From network calculations to security assessments, each tool provides accurate results with clear explanations. You might also find our Analyze data correlations, Hex color conversions, Plan across time zones, Calculate SaaS metrics, Estimate transfer times and Calculate probabilities helpful for related calculations.

What these tools are actually for

Most production engineering work isn't dramatic. It's somebody at 10:14 on a Tuesday morning needing to know whether a /27 holds enough hosts, or whether 99.95% uptime is worth the architectural cost over 99.9%. Or why a 1 GB file transfer is taking forty minutes when the link is rated 100 Mbps. The eight calculators in this category are built for those moments. Situations where the math is genuinely simple but doing it wrong costs hours of wasted debugging. Below is what each cluster of tools is for, in the order an engineer's career tends to encounter them.

Network and infrastructure work

Most of the time you don't need a subnet calculator because /24 covers the case for any LAN under 254 hosts, and the math fits in your head. The tools here earn their place when you're working below /24, like splitting a /23 into /25s for departmental segmentation, or fitting a printer VLAN into a /29 with growth headroom. Point-to-point links are where /30 vs /31 actually matters: RFC 3021 lets /31 use both addresses, while /30 burns two for network and broadcast. Estimating file transfer time is a similar story. Bandwidth math is trivial until you account for TCP slow-start and protocol overhead, plus the bandwidth-delay product on long-distance links. All of those compound into the gap between rated speed and actual throughput.

Service reliability and SLAs

Three nines and four nines aren't the same animal. The math is trivial: 99.9% allows 8.76 hours of downtime per year, 99.99% allows 52 minutes. But the engineering between them costs more than ten times as much. Reaching four nines on a single-region service is generally impossible without redundancy. Active-active multi-region deployments are the table stakes for payments, ad-tech, and any SaaS billing as enterprise-grade. The SLA Uptime Calculator surfaces what each tier actually buys you per measurement window, plus the error-budget framing that makes deploy velocity a deliberate tradeoff rather than a guilty secret. Google's SRE book chapter on Service Level Objectives is the canonical reference if you want to go deeper.

API engineering and rate limiting

Rate limits are easy to set and hard to design. The default reflex is “requests per minute,” but bursts and backoff dynamics matter more than the average. Token bucket vs leaky bucket is a real architectural decision. Token bucket allows clients to spike and settle, which matches how real API traffic behaves. Leaky bucket smooths output at a constant rate, which protects downstream systems that genuinely can't tolerate bursts. RFC 6585's 429 Too Many Requests with Retry-After is the contract well-behaved clients can program against. The Rate Limit Planner models all of this from average RPS, peak RPS, and burst duration, plus the 429 risk percentage at your chosen cap.

Security work

NIST SP 800-63B's June 2017 revision changed the conversation by codifying length over composition. A 20-character lowercase passphrase has more entropy than an 8-character password mixing all four character classes, and the password-rotation guidance that produced Password1! to Password2! was retired. The Password Strength & Entropy Estimator is for the entropy math: Shannon-style guessability against brute-force attack, with pattern-detection penalties for keyboard walks, leetspeak substitutions, and breach-corpus matches. Pair it with a Have I Been Pwned check before trusting any password for production use. Entropy is necessary but not sufficient.

Frontend and design work

Color conversion is a syntactic problem until WCAG contrast enters the picture, at which point it's a perceptual one. WCAG 2.1 AA requires 4.5:1 for normal text and 3:1 for large text. These aren't negotiable for accessible design, and they don't always survive first contact with brand color palettes. The Color Converter handles the format math (HEX, RGB, HSL, RGBA, all the same colors in different notations) and lets you check contrast against the actual foreground/background pair you're shipping, including the composited color when alpha transparency is involved.

Print and image production

Print is the one place in modern web work where pixel density still bites you. PPI describes what's in the file, DPI describes what the printer does with it, and most of the surprises happen at the boundary. A designer sends a 150 PPI image expecting it to print sharp at 8x10 and discovers softness only after the proof comes back. The Image DPI Calculator works in PPI because that's what you adjust in your source file before sending it anywhere. Viewing distance changes the requirement. At arm's length you want 300 PPI. Wall-art distance lets you drop to 150, and billboards print at 30 to 70 PPI because nobody views them from 12 inches away. Anyone optimizing print files without knowing the viewing context is generally over-spending on resolution.

The Regex Tester sits across all of these. Whether you're validating IP address strings or pattern-matching color values in CSS, JavaScript regex with lookahead, lookbehind, and Unicode property escapes is the daily-driver tool. (a+)+ patterns that accidentally trigger catastrophic backtracking are the same trap regardless of discipline.

When to reach for which tool

Designing a new service

Start with the API Rate Limit & Throttling Planner to model burst behavior and 429 risk. Pair with the SLA Uptime Calculator to set internal SLOs against your customer-facing SLA. If the service authenticates users, run candidate password policies through the Password Strength & Entropy Estimator before adopting them.

Debugging a slow transfer

The File Transfer Time Calculator gives you the theoretical floor. If your actual transfer is 2x longer, the usual culprit is some mix of protocol overhead and TCP slow-start, with the bandwidth-delay product becoming dominant on long-distance links. For LAN transfers the gap is usually under 20%. For WAN transfers it can be 5 to 10x.

Provisioning networks

The IP Subnet & CIDR Calculator handles the segmentation math, including the /31 and /32 edge cases most subnetting cheat sheets don't cover. Sanity-check by running the result through manually for non-octet-aligned masks (anything outside the standard /24 or /16 boundaries). Bit-arithmetic mistakes are how on-call engineers find broadcast addresses in unexpected places.

Working on UI accessibility

The HEX/RGB/HSL Converter validates WCAG 2.1 contrast for any color pair, including the composited color when transparency is in play. Run brand colors against intended backgrounds before they ship, not after a compliance audit raises them.

Preparing files for print

The Image DPI & Print Size Calculator works in PPI, which is what you actually control in Photoshop or Lightroom. Two common workflows: converting megapixels to print size to figure out what your camera can deliver at quality, and going the other direction (print size to pixels) to size up your source file for a custom enlargement.

Top Picks

All Tech & Dev Utilities Tools

Back to All Tools

Frequently Asked Questions

When do I actually need a CIDR subnet calculator vs just memorizing /24, /25, /26?

For most LAN segments under 254 hosts, /24 covers the case and you don't need a calculator. The tool earns its keep when you're working below /24. Examples: splitting a /23 into /25s for departmental segmentation, fitting a printer VLAN into a /29 with growth headroom, or setting up point-to-point links where the /30 vs /31 distinction changes the math (RFC 3021 lets /31 use both addresses, /30 burns two for network and broadcast). It's also worth reaching for whenever wildcard masks come up in Cisco ACLs or OSPF network statements, since most engineers compute those wrong by hand on the first try. The IP Subnet & CIDR Calculator handles all of these.

What's the right way to think about API rate limits when designing a new service?

Three quantities matter: average RPS for steady-state load, peak RPS for the spike during launches and retry storms, and burst duration (how long peaks last). The bucket model falls out of those numbers. Token bucket if bursts should be allowed, leaky bucket if they shouldn't. Decide upfront what 429 means in your contract. Most well-behaved clients (Stripe SDK, GitHub Octokit, AWS SDK) honor Retry-After per RFC 6585. Naive or abusive clients won't, and you'll need defense in depth, like per-key rate limits backed by Redis plus clear exponential backoff guidance in your docs. The API Rate Limit Planner models all of this.

How do I decide between bcrypt, argon2, and scrypt for password hashing?

For greenfield projects, argon2id is the right default. OWASP recommends it, and it resists both GPU and ASIC attacks better than the alternatives. bcrypt is fine if your runtime doesn't have a maintained argon2 binding. Just don't pick it because you saw it in a 2014 tutorial. scrypt is rarely the right choice anymore unless you have specific memory-hardness requirements bcrypt can't meet. None of these protect against rate-limited online attacks or breach-corpus matching. The Password Strength & Entropy Estimator covers the entropy math, but algorithm choice lives in your auth layer.

What's the difference between PPI and DPI, and which one matters for my project?

PPI (pixels per inch) describes the digital image's pixel density, which is what you control in Photoshop or Lightroom. DPI (dots per inch) describes the printer's ink-droplet density, which is your output device's spec. The two don't have to match. A 300 PPI image sent to a 1200 DPI inkjet uses 16 ink dots per pixel to render tone. The Image DPI & Print Size Calculator works in PPI because that's the number you actually adjust in your file before sending it to print.

Why do my files transfer slower than my ISP's rated speed?

Three things eat into the gap. Protocol overhead (TCP/IP headers, TLS handshakes, application framing) takes 5 to 15% on most transfers. TCP slow-start ramps the congestion window over the first 5 to 10 round trips, so short transfers never hit steady state. The bandwidth-delay product caps single-flow throughput on long-distance links: a 1 Gbps line from US to Europe maxes a single TCP connection around 150 Mbps without window scaling. The File Transfer Time Calculator wraps all three into an efficiency parameter.

What does "four nines" actually buy me in production reliability?

Four nines (99.99%) allows 52 minutes of downtime per year. That's a tight budget. You can't reboot the whole cluster during quarterly patching. Single-AZ deployments need automated failover or the budget burns the moment one AZ has issues. Three nines (99.9%) is more realistic for single-region services without HA. It allows about 8.8 hours per year, which absorbs reasonable maintenance windows and a bad deploy or two. The SLA Uptime & Downtime Calculator shows exactly how much downtime each tier allows across daily, monthly, and yearly windows.