IP Addressing, Subnetting & CIDR

Every device on the internet has an address. Understanding how IP addresses work — how they're structured, how subnets divide them, and how NAT lets millions of devices share a handful of public IPs — is fundamental to understanding networks.

IPv4 Structure

An IPv4 address is a 32-bit number written as four decimal octets (0–255):

text

Two parts: the network prefix (identifies the network) and the host portion (identifies the device within that network).

Subnet Masks

The subnet mask separates the network from the host portion. It's a 32-bit number with all 1s for the network part, then all 0s for the host part.

text

CIDR Notation

CIDR (Classless Inter-Domain Routing) notation writes the mask as a prefix length after a slash:

text

Usable hosts = 2^(32 - prefix) - 2
(Subtract 2: network address and broadcast address are reserved)

CIDR	Hosts	Use case
/8	16,777,214	Large corporate / ISP blocks
/16	65,534	Medium networks
/24	254	Typical home / small office LAN
/28	14	Small subnet
/30	2	Point-to-point links
/32	1 (host route)	Single host

Subnetting

Subnetting divides a larger network into smaller sub-networks. Useful for:

Security isolation (HR, finance on separate subnets)
Reducing broadcast domains
Efficient IP allocation

Example: divide 192.168.1.0/24 into 4 equal subnets.

4 subnets = 2² → borrow 2 bits from host portion → /26 mask

text

Public vs Private Addresses

Private ranges (RFC 1918) — not routable on the public internet:

Range	CIDR	Size
`10.0.0.0` — `10.255.255.255`	10.0.0.0/8	16M addresses
`172.16.0.0` — `172.31.255.255`	172.16.0.0/12	1M addresses
`192.168.0.0` — `192.168.255.255`	192.168.0.0/16	65K addresses

Your home devices (phone, laptop) have private IPs. Your router's WAN interface has a public IP assigned by your ISP.

NAT — Network Address Translation

NAT lets many devices share a single public IP address. Your home router does this:

text

The router maintains a NAT table mapping internal (IP, port) pairs to external port numbers.

Consequence: devices behind NAT cannot accept incoming connections without port forwarding — they're not directly reachable.

Special Addresses

Address	Meaning
`127.0.0.1` / `127.0.0.0/8`	Loopback — your own machine
`0.0.0.0`	This machine (unspecified)
`255.255.255.255`	Limited broadcast
`169.254.0.0/16`	Link-local (APIPA — no DHCP server found)
`224.0.0.0/4`	Multicast

IPv6

IPv4 has only ~4.3 billion addresses — exhausted. IPv6 uses 128-bit addresses:

text

Features:

340 undecillion addresses
No NAT required — every device can have a globally unique address
Built-in IPsec (encryption and authentication)
Stateless address autoconfiguration (SLAAC) — no DHCP needed

Python: Working with IPs

python

Key Takeaways

IPv4 addresses are 32-bit numbers; the network prefix and host are separated by the subnet mask
CIDR /n notation specifies how many bits are the network prefix
Subnetting divides a block into smaller ranges; each /1 added halves the block size
Private ranges (10.x, 172.16-31.x, 192.168.x) are used inside LANs; NAT maps them to public IPs
IPv6 solves address exhaustion with 128-bit addresses — no NAT needed

IP Addressing, Subnetting & CIDR

IPv4 Structure

An IPv4 address is a 32-bit number written as four decimal octets (0–255):

text

Two parts: the network prefix (identifies the network) and the host portion (identifies the device within that network).

Subnet Masks

The subnet mask separates the network from the host portion. It's a 32-bit number with all 1s for the network part, then all 0s for the host part.

text

CIDR Notation

CIDR (Classless Inter-Domain Routing) notation writes the mask as a prefix length after a slash:

text

Usable hosts = 2^(32 - prefix) - 2
(Subtract 2: network address and broadcast address are reserved)

CIDR	Hosts	Use case
/8	16,777,214	Large corporate / ISP blocks
/16	65,534	Medium networks
/24	254	Typical home / small office LAN
/28	14	Small subnet
/30	2	Point-to-point links
/32	1 (host route)	Single host

Subnetting

Subnetting divides a larger network into smaller sub-networks. Useful for:

Security isolation (HR, finance on separate subnets)
Reducing broadcast domains
Efficient IP allocation

Example: divide 192.168.1.0/24 into 4 equal subnets.

4 subnets = 2² → borrow 2 bits from host portion → /26 mask

text

Public vs Private Addresses

Private ranges (RFC 1918) — not routable on the public internet:

Range	CIDR	Size
`10.0.0.0` — `10.255.255.255`	10.0.0.0/8	16M addresses
`172.16.0.0` — `172.31.255.255`	172.16.0.0/12	1M addresses
`192.168.0.0` — `192.168.255.255`	192.168.0.0/16	65K addresses

Your home devices (phone, laptop) have private IPs. Your router's WAN interface has a public IP assigned by your ISP.

NAT — Network Address Translation

NAT lets many devices share a single public IP address. Your home router does this:

text

The router maintains a NAT table mapping internal (IP, port) pairs to external port numbers.

Consequence: devices behind NAT cannot accept incoming connections without port forwarding — they're not directly reachable.

Special Addresses

Address	Meaning
`127.0.0.1` / `127.0.0.0/8`	Loopback — your own machine
`0.0.0.0`	This machine (unspecified)
`255.255.255.255`	Limited broadcast
`169.254.0.0/16`	Link-local (APIPA — no DHCP server found)
`224.0.0.0/4`	Multicast

IPv6

IPv4 has only ~4.3 billion addresses — exhausted. IPv6 uses 128-bit addresses:

text

Features:

340 undecillion addresses
No NAT required — every device can have a globally unique address
Built-in IPsec (encryption and authentication)
Stateless address autoconfiguration (SLAAC) — no DHCP needed

Python: Working with IPs

python

Key Takeaways

IPv4 addresses are 32-bit numbers; the network prefix and host are separated by the subnet mask
CIDR /n notation specifies how many bits are the network prefix
Subnetting divides a block into smaller ranges; each /1 added halves the block size
Private ranges (10.x, 172.16-31.x, 192.168.x) are used inside LANs; NAT maps them to public IPs
IPv6 solves address exhaustion with 128-bit addresses — no NAT needed