An IP (Internet Protocol) address is a unique numerical identifier assigned to every device connected to the Internet. IP addresses allow devices to communicate over a network using a standardised set of rules.
There are two main types of IP addresses:
- IPv4
- IPv6
At the moment, many systems worldwide use both types of addressing, although there are some networks which only use IPv4, and some which only use IPv6.
The two addressing systems are not directly compatible with each other, and so a series of intermediate technologies also exist to aid data being passed across the Internet using either variant.
Regardless of the variant used, the role of the IP address is to uniquely identify a device within a network. As such, some of the bits in the IP address are used to signify the network, and the remaining bits signify the host device within the network.
IPv4
IPv4 addresses are the traditional format used by the Internet and are comprised of 32 binary digits (bits). This allows for approximately 4 billion unique addresses.
Due to the ever increasing number of devices connected to the internet, IPv4 numbers are becoming more and more scarce and as such a replacement scheme was developed – IPv6, which uses 128 bits and allows for a much larger number of unique addresses.
IPv4 Address structure
IPv4 addresses are 32-bits in length and are often divided into 4x 8-bit (1-byte) segments called octets. These values are then typically represented as a series of four numbers separated by dots (e.g. 192.168.0.1). This style of IP address is known as dotted decimal.
Octet values
A series of 8 bits has 256 possible combinations ranging from 00000000 to 11111111
In decimal, these values convert to 0 – 255
If you multiply 256 x 256 x 256 x 256 (232) you arrive at the total possible number of permutations of 32 bits – 4,294,967.296
If you need to understand binary a bit more (get it!) check out my Binary & Hex primer
Classful addressing
In the early days of the Internet, IP addresses were divided into five classes, “A” through “E”, with different address ranges assigned to each class.
Class A
Class A addresses utilise the 1st 8-bits for the network ID, and the remaining 24-bits for the host IDs. Class A addresses always start with a binary digit of 0, giving a range of 00000000 – 01111111 bits for the network ID.
This class allows for 27 networks (128), each with a large number of hosts (224 = 16,777,216).
In dotted decimal notation, the range of Class A addresses is from 0.0.0.0 to 127.255.255.255.
Class B
Class B addresses utilise the 1st 16-bits for the network ID, and the remaining 16-bits for the host IDs. Class B addresses always start with the binary digits of 10, giving a range of 10000000.00000000 – 10111111.11111111 bits for the network ID.
This class allows for 214 networks (16,384), each with a fairly large number of hosts (216 = 65,536).
In dotted decimal notation, the range of Class B addresses is from 128.0.0.0 to 191.255.255.255.
Class C
Class C addresses utilise the 1st 24-bits for the network ID, and the remaining 8-bits for the host IDs. Class C addresses always start with the binary digits of 110, giving a range of 11000000.00000000.00000000 – 11011111.11111111.11111111 bits for the network ID.
This allows for a large number of networks (221 = 2,097,152 ), but each network can only have up to 256 (28) hosts.
In dotted decimal notation, the range of Class C addresses is from 192.0.0.0 to 223.255.255.255.
Class D
Class D addresses also utilise the 1st 24-bits for the network ID, and the remaining 8-bits for the host IDs. Class D addresses always start with the binary digits of 1110, giving a range of 11100000.00000000.00000000 – 11101111.11111111.11111111 bits for the network ID.
Class D addresses are used for the role of multicasting – in that a number of similar devices can listen for packets addressed to a multicast IP and respond to the data they hold.
In dotted decimal notation, the range of Class D addresses is from 124.0.0.0 to 239.255.255.255.
Class E
Class E addresses utilise the remaining bits of an IPv4 address. Class E addresses always start with the binary digits of 1111, giving a range of 11110000.00000000.00000000 – 11111111.11111111.11111111 bits
In dotted decimal notation, the range of Class E addresses is from 240.0.0.0 to 255.255.255.255.
Class E addresses are reserved for special purposes and as such are never allocated to devices in networks.
IPv4 addressing rules
When allocating an IP address to a host device, you cannot allocate a value with all the bits set to 0, or all set to 1.
An IP address with all bits set to 0 in the host portion is typically reserved for the network address, and an IP address with all bits set to 1 in the host portion is typically reserved for the broadcast address. Therefore, assigning a host IP address with all bits set to 0 would cause confusion and potential issues on the network.
For example, if a device on the network had an IP address with all bits set to 0 in the host portion, other devices might interpret that as the network address and try to send traffic to that address, resulting in connectivity issues. Similarly, if a device had an IP address with all bits set to 1 in the host portion, other devices might interpret that as the broadcast address and send traffic to all devices on the network, which could cause congestion and other issues.
As such:
- In a class A network, the number of available hosts is 224-2 = 16,777,214
- In a class B network, the number of available hosts is 214-2 = 65,534
- In a class C network, the number of available hosts is 28-2 = 254
To avoid these problems, IP addresses with all bits set to 0 or 1 in the host portion are typically not assigned to hosts on the network. Instead, they are reserved for other purposes, such as identifying the network or broadcast address.
Reserved IPv4 addresses
There are a range of IP addresses which have been reserved for specific purposes.
Loopback address
The loopback IP address uses the Class A address range of 127.0.0.0 – 127.0.0.1, although most people only ever use 127.0.0.1
It is a special IP address used to send traffic only to the local host. When a service sends traffic to the loopback address, the network stack on the device intercepts the traffic and sends it back to the same service without actually sending it over the network.
The loopback address is commonly used by network applications and services to communicate with themselves, test connectivity or functionality without affecting the external network or to simulate a network environment. For example, a web developer might test a new website on their local machine using the loopback address to ensure that everything works correctly before deploying the website to a production server.
Internal IP addresses
In the early Internet, all devices were directly reachable over the Internet, but it soon became apparent that the addressing scheme in use was not going to be able to cope as more networks and hosts joined the network.
As such, the decision was taken to create smaller sub-networks within the Internet and have a system where inside these sub-networks devices could use a range of dedicated non-Internet routable addresses (private IPs) and outside of networks, the existing range of Internet-routable (public IPs) can be used.
To facilitate this approach, a series of IP address ranges were selected for the private IP ranges:
A 24-bit block was allocated for use by large networks. This IP address range uses 10.0.0.0 – 10.255.255.255, giving 16,777,216 host IP addresses to use.
A 20-bit block was allocated for mid-sized networks. This IP range uses 172.16.0.0 – 172.31.255.255, giving 1,048,576 host IP addresses to use.
A 16-bit block was allocated for small networks. This IP range uses 192.168.0.0 – 192.168.255.255, giving 65,536 host IP addresses to use.
The method of using public and private IP addresses means that whereas in the original approach, a company might have been allocated millions of IP addresses, now they only need 1 public address, but can still have millions of private addresses.
To facilitate the movement of data between the internal and external networks, a mechanism called NAT (Network Address Translation) is used. See my dedicated NAT page for more on how this process works.
APIPA addresses
Another IP address range which is only used in specific cases is the APIPA (Automatic Private IP Address) range.
APIPA addresses use the range 169.254.0.0 – 169.254.255.255 to self-allocate an IP address if no DHCP service can be found in the network.
This range of addresses is non-Internet routable, but will still allow devices within the same sub-network to communicate with each other.
For more information on APIPA and DHCP, see my dedicated DHCP page.
Classless IP addresses
In a further attempt to make the most of the available IPv4 addresses, a decision was made to move away from the old Classfull systems of IP address allocation and rather than use fixed-length network IDs to use a variable length network ID instead.
This system is known as the Classless Inter Domain Routing system (CIDR).
With this method, an IP address is represented with a number after the IP address which indicates how many bits are being used to identify the network ID.
For example, an address written in CIDR notation could look like this 80.27.16.4/20 indicating that the first 20 bits of the address represent the network ID, while the remaining 12 bits represent the host ID.
This would result in a network with up to 4094 hosts (212-2), and the range of IP addresses for this network would be 80.27.16.1 to 80.27.31.254.
Network Masks
When a device is given an IPv4 address, it must also be given a network mask which allows the device to know how many bits are being used for the network ID and thus, how many are being used for the host ID.
A network mask is a binary value where all the bits representing the network ID are set to a value of 1 and the bits representing the host are set to 0. When using classfull IP addresses, the network masks would be as follows:
- Class A – 11111111.00000000.00000000.00000000 (255.0.0.0)
- Class B – 11111111.11111111.00000000.00000000 (255.255.0.0)
- Class C – 11111111.11111111.11111111.00000000 (255.255.255.0)
When using CIDR notation, the value after the slash represents the number of bits being used as the network ID. So an IP address of 80.27.16.4/20 would have a network mask of 11111111.11111111.1111.0000.00000000 (255.255.240.0)
When a device needs to transmit data to another device, it needs to determine if the destination device in on the same network or not. To do this it performs a Binary AND calculation of the source IP address and net mask and then a Binary AND calculation of the destination IP address and net mask.
If the two results are the same, then it knows that the destination device is on the same network and that it now needs to use ARP to obtain the MAC address of the receiving devices interface in order to send the data.
| Src IP address | 80.27.16.4/20 | 01010000 | 00011011 | 00010000 | 00000100 |
| Net mask | 255.255.240.0 | 11111111 | 11111111 | 11110000 | 00000000 |
| AND result | 01010000 | 00011011 | 0001 | ||
| Dest IP address | 80.27.16.9/20 | 01010000 | 00011011 | 00010000 | 00001001 |
| Net mask | 255.255.210.0 | 11111111 | 11111111 | 11110000 | 00000000 |
| AND result | 01010000 | 00011011 | 0001 |
If the two results are different, then it knows that the destination device is on a different network, and as such it needs to send the data to the router for it to forward the data to the correct network. In this case, and ARP request is made to get the MAC address of the router so that the data can be sent.
| Src IP address | 80.27.16.4/20 | 01010000 | 00011011 | 00010000 | 00000100 |
| Net mask | 255.255.240.0 | 11111111 | 11111111 | 11110000 | 00000000 |
| AND result | 01010000 | 00011011 | 0001 | ||
| Dest IP address | 124.16.80.6/20 | 01111100 | 00010000 | 01010000 | 00000110 |
| Net mask | 255.255.210.0 | 11111111 | 11111111 | 11110000 | 00000000 |
| AND result | 01111100 | 00010000 | 0101 |
IPv6
No matter how many techniques developers come up with to squeeze the last remaining IPv4 addresses out, the comes a time when a new system needs to be used. That time came in 2000 with the creation of IPv6.
When designing IPv6, a number of changes were made to the entire IP header to remove some issues inherent with IPv4 – it is those changes which make IPv4 & IPv6 incompatible without some form of intermediate mechanism to manage the exchange of data between the systems.
The main change for IPv6 however is the amount of available addresses.
IPv6 is a 128-bit addressing system which gives a huge address space many, amny times larger than IPv4.
2128 = 340,282,366,920,938,463,463,374,607,431,768,211,456 possible values.
In written form this is 340 undecillion, 282 decillion, 366 nonillion, 920 octillion, 938 septillion, 463 sextillion, 463 quintillion, 374 quadrillion, 607 trillion, 431 billion, 768 million, 211 thousand and 456 IP addresses.
IPv6 Address structure
Unlike an IPv6 address which is typically written in dotted decimal, IPv6 addresses are written in colon-separated Hexadecimal values. The 128 bits of an IPv6 address are represented in 8 groups of 16 bits each. Each group is written as four hexadecimal digits sometimes called hextets.
There are some different ways in which the same IPv6 address can be written, as some shortcuts can be used.
For example, in its full form, an IPv6 address could look like this:
fdd7:500e:cf40:0ab5:0000:0c79:6d79:07d4
Another way of writing the same address could be by removing any leading 0’s in any hextet as they are deemed superfluous. If a hextet contains only 0’s then they can be removed in their entirety. As such, the same IPv6 address as above could be written thus:
fdd7:500e:cf40:ab5::c79:6d79:7d4
If more than 1 hextet contains all 0’s, then only the first set of consecutive hextets with all 0’s can be removed the other hextets must show a 0 to remove any ambiguity:
Take the following example IPv6 address
fdd7:0000:0000:0ab5:0000:0000:6d79:07d4
If all the 0’s were removed it would look like this:
fdd7::0ab5::6d79:07d4
In this example, it is not possible to determine how many hextets contained all 0’s
Was the original address:
fdd7:0000:0000:0000:0ab5:0000:6d79:07d4
or was it:
fdd7:0000:0ab5:0000:0000:0000:6d79:07d4
or was it:
fdd7:0000:0000:0ab5:0000:0000:6d79:07d4
To remove any ambiguity, the address would be written thus:
fdd7::0ab5:0:0:6d79:07d4
Reserved IPv6 addresses
As with IPv4, there is a reserved value for the loopback address, in the case of IPv6 this address is 0000:0000:0000:0000:0000:0000:0000:001 or alternatively ::1
Types of IPv6 addresses
Link-local
The Link-local address is the equivalent of the IPv4 internal/private address. There are two types of link-local address:
- Unique-Local Unicast
- Link-Scoped Unicast
The Unique Local Unicast address is the equivalent of the non-routable internal IP address and is reserved for local use in home and enterprise environments and are not public address space.
Unique Local Unicast addresses have the prefix fc00::/7, which results in the range of addresses from fc00::/7 to fdff::/7
Packets with these addresses in the source or destination fields are not intended to be routed on the public Internet but are intended to be routed internally within the enterprise or organisation.
The Link-Scoped Unicast address is the equivalent of the IPv4 APIPA address and is used on a single link or a non-routed common access network. They do not need to be unique outside of that link.
Link-Scoped Unicast addresses have the prefix fe80::/10, which results in the range of addresses from fe80 to febf
Routers must not forward IPv6 packets if the source or destination contains a Link-Scoped Unicast address.
Global Unicast
The Global Unicast address is the equivalent of the IPv4 public address and is the address used when data is intended to be routed across the Internet.
Global Unicast addresses have the prefix 2000::/3, which results in the range of addresses from 2000to 3fff
A full list of allocated IPv6 addresses can be obtained from the IANA website