Networking Toolbox is an offline-first, self-hosted web application that provides over 100 networking utilities for system administrators and network engineers. It eliminates dependency on external websites by offering tools for subnet calculation, DNS diagnostics, TLS analysis, DHCP configuration, and BGP lookups — all accessible without an internet connection. Built with SvelteKit and TypeScript, it supports deployment via Docker, static hosting, Vercel, Netlify, GitHub Pages, or Node.js servers.
The app is designed for environments with restricted connectivity, featuring zero third-party dependencies, mobile-optimized interfaces, and a modular architecture that allows customization of layouts, themes, and language support. Its comprehensive toolset covers IPv4/IPv6 subnetting, DNS record validation, security header analysis, and RDAP lookups, making it ideal for on-premises network troubleshooting and audit workflows.
What You Get
- IPv4 Subnet Calculator - Calculates subnet masks, network addresses, broadcast addresses, and host ranges from CIDR notation or IP ranges
- CIDR → Mask Converter - Converts CIDR notation (e.g., /24) to dotted-decimal subnet masks (e.g., 255.255.255.0) and vice versa
- MAC Address Converter - Converts MAC formats (colon, hyphen, dot) and identifies manufacturer via OUI database lookup
- DNS Lookup Suite - Includes PTR, SPF, DMARC, CAA, DNSSEC, AXFR, and NS/SOA consistency checks with validation and propagation monitoring
- TLS Certificate Analyzer - Inspects TLS certificates, checks ALPN negotiation, OCSP stapling, cipher suites, and TLS version support
- DHCP Option 43 Generator - Creates vendor-specific DHCP Option 43 configurations for Cisco, Aruba, Ruckus, and UniFi wireless controllers
- BGP Route Lookup - Performs ASN and geolocation lookups for IP prefixes with real-time route analysis
- IPv6 Subnet Calculator - Computes IPv6 subnets, prefix lengths, and address ranges with VLSM and supernetting support
- HTTP Headers Analyzer - Inspects response headers for security policies, compression, cookies, redirects, and CORS misconfigurations
- RDAP Lookup Tools - Queries IP, domain, and ASN registration data via RDAP protocol for compliance and forensic use
- DNS Record Validator - Validates SPF, DKIM, DMARC, TXT, MX, SRV, and TLSA records with syntax and policy error detection
- Subnet Planner & VLSM Calculator - Visualizes variable-length subnet masking and allocates subnets efficiently across network segments
Common Use Cases
- On-site network troubleshooting - A sysadmin uses Networking Toolbox offline during a data center outage to calculate subnets, verify DNS records, and check TLS certificates without internet access
- Security compliance audits - A security engineer runs DNSSEC validation, SPF flattening, and HTTP security header checks to ensure infrastructure meets CIS benchmarks
- DHCP configuration for enterprise WiFi - A network engineer generates Cisco and Aruba DHCP Option 43 configurations to automate wireless controller discovery across multiple sites
- DNS migration planning - A DevOps specialist uses the DNS propagation checker, zone linter, and SOA serial analyzer to validate DNS zone transfers before migrating to a new provider
Under The Hood
Architecture
- SvelteKit-based application with clear separation between client-side hooks for global error handling and server-side routing, enabling centralized error tracking via a dedicated error manager
- Modular component architecture using Svelte stores and composables to encapsulate UI state and logic, promoting reusability across networking tools
- Dependency-free utility modules and type-safe configuration systems that isolate business logic from UI components, enforcing separation of concerns
- Multi-environment deployment support with environment-aware build scripts and global constants for conditional behavior
- Comprehensive theming and accessibility system with theme persistence, ARIA-compliant components, and keyboard/screen reader support
Tech Stack
- Full-stack framework built on SvelteKit with TypeScript and Vite, supporting flexible deployment via Node, Netlify, Vercel, and static adapters
- Robust API layer defined with Swagger 3.0, exposing networking utilities like subnetting, CIDR manipulation, DNS, and DNSSEC through structured endpoints
- Testing ecosystem powered by Vitest and Playwright, with coverage reporting and API mocking via MSW for reliable validation
- Dockerized production deployment using lightweight Node.js images, multi-stage builds, and non-root user execution for security
- CI/CD pipelines integrated with Codecov, Codacy, and GitHub Actions to enforce code quality, linting, and test coverage thresholds
Code Quality
- Extensive test coverage spanning unit, integration, and end-to-end scenarios with rigorous validation of IP parsing, DNS resolution, and CIDR operations
- Strong type safety and structured data modeling using TypeScript interfaces and validation patterns to ensure input integrity before processing
- Consistent, domain-driven naming conventions with clear boundaries between UI, utilities, and API handlers, enhancing maintainability
- Robust error handling with centralized managers and structured responses, supported by comprehensive linting and deliberate test noise suppression
- Content-driven testing where test cases double as educational examples, improving both reliability and user onboarding
What Makes It Unique
- Native Punycode encoding/decoding implementation without external dependencies, enabling accurate internationalized domain name conversion in-browser
- Comprehensive DNSBL lookup system querying 15+ major RBLs server-side with IPv6 support and no API key requirements
- Intelligent theme persistence that gracefully falls back to system preferences or a custom theme, with preloaded fonts to eliminate FOUC
- Client-side usage analytics via derived stores that personalize tool access based on user behavior without server-side tracking
- Advanced IPv6 NAT64 converter with full address expansion/compression logic and step-by-step explanation generation for non-experts
- Unified error handling across client and server layers with context injection and user-friendly fallbacks, preserving UX while enabling diagnostics