# Decoding the Complexity of IP Addresses

In the vast expanse of the digital world, IP addresses serve as the linchpin connecting devices to the global network. Understanding the intricacies of IPv4 addresses is crucial in this technologically driven era.
The mathematics behind an IP address.
The mathematics behind an IP address lie in binary representation, the language of computers. While we perceive IP addresses in dotted decimal form, computers process them in binary. Understanding how computers see IP addresses involves exploring binary arithmetic, the foundation for translating and manipulating these numerical identifiers.
To us, an IP address appears as four decimal numbers separated by periods. For example, you might use 204.132.40.155 as an IP for some device in your network. You probably noticed that the four numbers making up an IP are always between 0 to 255. Have you ever wondered why ?
You may also have heard people referring to the four numerical values in an IP address as “octets”. Octet is, in fact, the correct term for describing the four individual numbers that make up an IP address. But doesn’t it seem odd that a word whose root means “eight” describes a number from 0 to 255? What does “eight” have to do with those values ? To understand the answers to these questions, you have to look at an IP address from your computer’s viewpoint.
Computers think in binary
Computers see everything in terms of binary. In binary systems, everything is described using two values or states: on or off, true or false, yes or no, 1 or 0. A light switch could be regarded as a binary system, since it is always either on or off.
By itself, a single bit is kind of useless, as it can only represent one of two things. By arranging bits in groups, the computer is able to describe more complex ideas than just on or off. The most common arrangement of bits in a group is called a byte, which is a group of eight bits.
Binary arithmetic
The act of creating large numbers from groups of binary units or bits is called binary arithmetic. Learning binary arithmetic helps you understand how your computer sees IPs (or any numbers greater than one). In binary arithmetic, each bit within a group represents a power of two.
It’s easy to understand binary because each successive bit in a group is exactly twice the value of the previous bit.
The following table represents the value for each bit in a byte (remember, a byte is 8 bits). In binary math, the values for the bits ascend from right to left, just as in the decimal system you’re accustomed to:

Now that we know how to calculate the value for each bit in a byte, creating large numbers in binary is simply a matter of turning on certain bits and then adding together the values of those bits. So what does an 8-bit binary number like 01101110 represent ? The following table dissects this number. Remember, a computer uses 1 to signify “on” and 0 to signify “off”:

In the table above, you can see that the bits with the values 64, 32, 8, 4 and 2 are all turned on. As mentioned before, calculating the value of a binary number means totaling all the values for the “on” bits. So for the binary value in the table, 01101110, we add together 64+32+8+4+2 to get the number 110. Binary arithmetic is pretty easy once you know what’s going on.
So now that you understand a bit about binary (pun intended), you can understand the technical definition of an IP address. To your computer, an IP address is a 32-bit number subdivided into four bytes.
Remember the example of an IP above, 204.132.40.155? Using binary arithmetic, we can convert that IP address to its binary equivalent. This is how your computer sees that IP:

11001100.10000100.00101000.10011011

Understanding binary also provides you with some of the rules pertaining to IPs. We wondered why the four segments of an IP were called octets. Well, now that you know that each octet is actually a byte, or eight bits, it makes a lot more sense to call it an octet. And remember how the values for each octet in an IP were within the range of 0 to 255, but we didn’t know why ? Using binary arithmetic, it’s easy to calculate the highest number that a byte can represent. If you turn on all the bits in a byte (11111111) and then convert that byte to a decimal number (128 + 64 + 32 + 16 + 8 + 4 + 2 + 1), those bits total 255.
IPv4 addresses are indeed 32-bit numbers, commonly expressed in dotted decimal notation. They consist of two main parts: the network prefix and the host number.
Network Prefix: This part of the IPv4 address identifies the network to which a device belongs.
Host Number: This part specifies the unique address assigned to an individual device within that network.
Devices within a single network share the same network address, and each device on that network has a unique host address. The combination of the network prefix and the host number gives a unique IPv4 address to each device on the network.
Globally Unique IP Addresses: These are addresses that are routable on the public Internet and must be globally unique to ensure proper communication across the entire network of networks. Devices such as webservers or any device that needs to be accessible from the internet must have globally unique IP addresses.
Locally Unique IP Addresses: These are used within private networks and are not routable on the public Internet. Instead, these addresses are meant for internal use within a specific organization or network. This is often achieved using private IP address ranges defined in RFC 1918 (e.g., 192.168.0.0/16, 10.0.0.0/8).
So, devices that are visible outside the local network (e.g., webservers) require globally unique IP addresses, while devices within a local network can use locally unique IP addresses, allowing for efficient use of the limited pool of globally routable IPv4 addresses.
The allocation of IP addresses involves several key entities. The Internet Assigned Numbers Authority (IANA) plays a crucial role by distributing large blocks of IP addresses to Regional Internet Registries (RIRs), which are organizations responsible for specific global regions. These RIRs, such as ARIN and RIPE NCC, further allocate address blocks to Internet Service Providers (ISPs) within their regions.
The ultimate goal of this hierarchical distribution is to ensure that IP addresses are globally unique. This process helps manage the finite pool of available IPv4 addresses efficiently. While there are reserved IP address ranges for specific purposes, such as private networks (as defined in RFC 1918), the primary focus is on the global uniqueness of addresses.
In practice, ISPs receive allocations from RIRs and assign IP addresses to end-users or devices. This structured approach enables the internet to function with a scalable and globally cohesive addressing system.
To provide flexibility in the number of addresses distributed to networks of different sizes, 4-octet (32-bit) IP addresses were originally divided into three different categories or classes: class A, class B, and class C. Each address class specifies a different number of bits for its network prefix and host number:
Class A addresses use only the first byte (octet) to specify the network prefix, leaving 3 bytes to define individual host numbers. To indicate this explicitly, administrators write /8, appended to the end of an IP address. When you see 126.10.11.12/8, you know it’s a Class A address.
Class B addresses use the first 2 bytes (16 bits, written as /16.) to specify the network prefix, leaving 2 bytes to define host addresses.
Class C addresses use the first 3 bytes (appears as /24) to specify the network prefix, leaving only the last byte to identify hosts.
The number after the slash tells you how many bits of an IP address is the **network portion of the address. (You can readily calculate how many bits that leaves for the host portion of the address by subtracting the number of network bits from 32, the total number of bits in an IP address.)
In binary format, with an ‘x’ representing each bit in the host number, the three address classes can be represented as follows:

00000000 xxxxxxxx xxxxxxxx xxxxxxxx (Class A) /8
00000000 00000000 xxxxxxxx xxxxxxxx (Class B) /16
00000000 00000000 00000000 xxxxxxxx (Class C) /24

How the Internet lost its class.
This construct didn’t work out too well, because a Class C network could only contain 254 individual device addresses. By the early '90s, just as the Internet was becoming commercialized, the American Registry for Internet Numbers (ARIN) was running out of Class B network addresses.
The Internet Engineering Task Force (IETF) eventually came up with a workaround. Instead of the original, rigid, network class splits on full-byte boundaries (/8, /16, and /24), they allowed Classless Internet Domain Routing (CIDR, pronounced like ‘cider’).
This birthed the modern way of talking about IP addresses, which ignores classes, and uses network notation instead. So if an organization wanted enough IP address space for one thousand systems, ARIN’s choices were no longer limited to dispensing either four Class C (/24) or a Class B (/16) network. They could assign, for example, a /22. Twenty-two bits of the IP address would be used as the network address, and the remaining 10 bits would be used for host addresses, which would permit 1,024 addresses.
Another problem with IP addressing had surfaced in the mid-eighties. Some organizations wanted multiple network addresses, one for each network within their organization. Instead of giving out multiple network addresses, RFC 950 recommends the use of subnetworking, that is, using some portion of the IP address to indicate internal network addresses.
The problem with both using a CIDR (classless) network address, and splitting a network into subnetworks (abbreviated as subnets), was that TCP/IP was designed with the rigid Class system in mind. Certain addresses were assumed to have one, two or three bytes of network address. Specifically:

0.0.0.0 - 127.255.255.255 Class A, or /8
128.0.0.0 - 191.255.255.255 Class B, or /16
192.0.0.0 - 223.255.255.255 Class C, or /24
Classless Internet Domain Routing (CIDR):
Network administrators use CIDR, to represent IP addresses. The idea behind CIDR is to adapt the concept of subnetting to the entire Internet. In short, classless addressing means that instead of breaking a particular network into subnets, we can aggregate networks into larger supernets.
CIDR is therefore often referred to as supernetting, where the principles of subnetting are applied to larger networks. CIDR is written out in a network/mask format, where the mask is tacked onto the network address in the form of the number of bits used in the mask. An example would be 205.112.45.60/25. What is most important to understand about the CIDR method of subnetting is the use the network prefix (the /25 of 205.112.45.60/25), rather than the classful way of using the first three bits of the IP address to determine the dividing point between the network number and the host number.
So why did CIDR become so popular ? Because it’s a much more efficient allocator of the IP address space. Using CIDR, a network admin can carve out a number of host addresses that’s closer to what is required than with the class approach.
For example, say a network admin has an IP address of 207.0.64.0/18 to work with. This block consists of 16,384 IP addresses. But if only 900 host addresses are required, this wastes scarce resources, leaving 15,484 (16,384 – 900) addresses unused. By using a subnet CIDR of 207.0.68.0/22 though, the network would address 1,024 devices, which is much closer to the 900 host addresses required.
Because of the way networks work having a single network with thousands of hosts isn’t practical.
It is equivalent to have a street with thousands of houses on it. Just imagine trying to get on to the street in the morning to go to work.
Therefore a technique called subnetting was devised that allows you to split a network into smaller networks know as subnets.
The subnet mask is simply a binary value that uses ones to represent how many bits (out of the 32-bit IP address) represent the network portion of the address. Zeros indicate the host portion of the address. So if you want a /26 address, you want 26 bits of the IP address to indicate the network and 6 bits for indicating host addresses, written like this:

11111111.11111111.11111111.11000000

In every class, you can steal bits from the hosts to create more subnets, but you’re also reducing the number of hosts. Notice how stealing just one bit for the network drops the number of hosts significantly.
Class A Subnet Netmasks and Hosts

Network Bits Subnet Mask Number of Subnets Number of Hosts
/8 255.0.0.0 0 16,777,214
/9 255.128.0.0 0 8,388,606
/10 255.192.0.0 2 4,194,302
/11 255.224.0.0 6 2,097,150
/12 255.240.0.0 14 1,048,574
/13 255.248.0.0 30 524,286
/14 255.252.0.0 62 262,142
/15 255.254.0.0 126 131,070
/16 255.255.0.0 254 65,534
/17 255.255.128.0 510 32,766
/18 255.255.192.0 1,022 16,382
/19 255.255.224.0 2,046 8,190
/20 255.255.240.0 4,094 4,094
/21 255.255.248.0 8,190 2,046
/22 255.255.252.0 16,382 1,022
/23 255.255.254.0 32,766 510
/24 255.255.255.0 65,534 254
/25 255.255.255.128 131,070 126
/26 255.255.255.192 262,142 62
/27 255.255.255.224 524,286 30
/28 255.255.255.240 1,048,574 14
/29 255.255.255.248 2,097,150 6
/30 255.255.255.252 4,194,302 2

Class B Subnet Netmasks and Hosts

Network Bits Subnet Mask Number of Subnets Number of Hosts
/16 255.255.0.0 0 65,534
/17 255.255.128.0 0 32,766
/18 255.255.192.0 0 16,382
/19 255.255.224.0 0 8,190
/20 255.255.240.0 0 4,094
/21 255.255.248.0 0 2,046
/22 255.255.252.0 2 1,022
/23 255.255.254.0 6 510
/24 255.255.255.0 14 254
/25 255.255.255.128 30 126
/26 255.255.255.192 62 62
/27 255.255.255.224 126 30
/28 255.255.255.240 254 14
/29 255.255.255.248 510 6
/30 255.255.255.252 1,022 2

Class C Subnet Netmasks and Hosts

Network Bits Subnet Mask Number of Subnets Number of Hosts
/24 255.255.255.0 0 254
/25 255.255.255.128 2 126
/26 255.255.255.192 4 62
/27 255.255.255.224 8 30
/28 255.255.255.240 16 14
/29 255.255.255.248 32 6
/30 255.255.255.252 64 2

Why Subnet ?
If you’ve followed the logic thus far, you might wonder, “Was this trip really necessary ?” The answer: yes, because subnetting lets you split a single network address into many subnets.
Remember, every time an individual host on your network receives another packet of data, the one thing that host wants to know is, What do I do with this ? For example, take a typical networked host, called X. X assesses every outgoing packet’s Destination field in its IP header to decide whether the packet’s destination is “local” or “not local.” If the destination is local, X consults an ARP table for the MAC address of the destination machine, then sends the packet to it. If the destination is not local, X forwards the packet to his all-knowing buddy that handles everything else, a device we refer to as the default gateway. (This is some kind of device that routes, whether an actual router or something that can perform routing.) How does X define “local” ? Simple: local is any device having the same subnet address as X.
Subnets are used throughout the Internet. But you can decide to use subnetting yourself on your own network, if you want. You can subnet for any reason, including security reasons – for example, to split a single network into two or more parts, using one or more routers to connect each subnet together. Using routers means that broadcasts will (generally) be limited to each subnet. You can subnet to ease troubleshooting. Tracing a problem on a network segment is easier if the network has been cut into halves through subnetting; you’re dealing with fewer hosts at a time.
Though at one time subnetting implied breaking your network down into shorter physical segments, today subnetting is not necessarily tied to the physical world. You can subnet simply because you want each department (or remote office, or floor in your highrise, or building on your campus, or …) to have its own subnet address. You can decide, for example, that anything beginning with 192.168.100 indicates mobile users, and, say, 192.168.200 indicates executive users. You can make wireless addresses instantly recognizable to you, so you can keep an eye on them in your logs easily.
In IPv4 networking, each subnet has a network address, a broadcast address, and a default gateway. Understanding these components is crucial for efficient data transmission and routing.
Network Address: The network address is the first address in a subnet and identifies the network itself. It has all host bits set to zero. In a subnet with a specific network address, devices within that subnet share the same network identifier.
Broadcast Address: The broadcast address is the last address in a subnet and is used to send data to all devices within that subnet simultaneously. It has all host bits set to one. When a device sends data to the broadcast address, all devices on the same subnet receive it.
Default Gateway: The default gateway is the router’s IP address that connects a local network to external networks, such as the internet. It serves as the exit point for traffic leaving the local network. Devices use the default gateway to reach destinations outside their subnet.
It is common for the default gateway to be assigned the first or last assignable IPv4 address in a subnet. This is not a technical requirement, but has become a de-facto standard in network environments of all sizes.

A 1.0.0.0 1.0.0.1 127.255.255.255 255.0.0.0
B 128.0.0.0 128.0.0.1 191.255.255.255 255.255.0.0
C 192.0.0.0 192.0.0.1 223.255.255.255 255.255.255.0
D 224.0.0.0 224.0.0.1 239.255.255.255 Multicast
E 240.0.0.0 240.0.0.1 255.255.255.255 Reserved