IP addresses don’t need any introduction today. We use them so frequently on a daily basis that we don’t even notice them (mostly because of user friendly domain names masking them). But what exactly is an IP address, and how does one decide which address will they get, and who is managing all this worldwide? Let’s first look at what is an IP address:
An Internet Protocol address (IP address) is a numerical label assigned to each device connected to a computer network that uses the Internet Protocol for communication
This means that every device communicating in a network has an IP address and that address has a numerical value. This address is used by devices to identify each other in the network, similar to how it works with real life addresses used to identify places. The IP address space is managed globally by the Internet Assigned Numbers Authority (IANA), and by five regional Internet registries (RIRs) responsible in their designated territories for assignment to local Internet registries, such as Internet service providers (ISPs), and other end users. So we know who manages IP addresses and their assignment, but why does an IP address look like 184.108.40.206 and not simply like ‘David’s computer’ or ‘Lisa’s device’? To understand this, let’s first look at world of binary numbers.
A quick word on binary format
Much like the world in the movie Matrix, the environment inside a computer network is formed by only two digits – 0 and 1 (hence called binary). We see an IP address in a numerical decimal value like 220.127.116.11, but for the machine it is a combination of 0 and 1 which are also called bits. A binary number can be converted to a decimal number as shown below:
The relevant part for us here is to understand that out of 4 numbers in an IP address separated by a dot, each one in binary form, is an 8 bit digit. This 8 bit digit is also known as an octet. So the IP address consists of four octets in the form of ‘Octet1.Octet2.Octet3.Octet4‘. In an octet, the smallest number can be 0 in all 8 bits (00000000) and the highest number can be 1 in all bits (11111111). This means that the decimal number in place of each octet can range only between these two numbers. When we convert these two numbers into decimal value, we see that the range is between 0 and 255. This looks oddly familiar.
IP address can range from 0.0.0.0 to 255.255.255.255
This is the reason we never see an IP address like 341.268.10.192 as no octet value can go beyond 255. Also, as an IP address consists of 4 octets which in turn consists of 8 bits each, the IP address is a 32-bit binary number (4×8 bits).
But why is that? Why do we have only 8 bits in a number, and why do we use only 4 octets and not 5 or 10?
Managed by IANA, the IPv4 addresses were introduced first back in 1983 in its 32 bit binary form and was used to identify a computer device in a network. In order to reach a distant device, the IPv4 address needs to first find the network where the device is located, and then locate the actual device inside that network. This is similar to a real life address consisting of ‘Pin code + actual address’. Therefore, the IPv4 address is divided into two parts: Network ID and Host ID. This is where we have to decide how many octets to assign to the network ID and how many to the host ID, depending on the size of the network and number of hosts in it. The reason we have to think about this comes from the fundamental issue of running out of IP addresses. We know that every octet value can range from 0-255, and we have 4 octets in an IPv4 address, so the total number of 32 bit IPv4 addresses that can be there is 256*256*256*256 (or 28*28*28*28) which comes out to a little more than 4 billion (232). While this number looked sufficient to cover every device on the planet back in 1983, with the rapid expansion of IT, IANA soon realized that running out of IPv4 addresses is a possibility. This impending shortage forces us to use IP addresses judiciously which leads us to our next discussion of IP classes.
To ensure IP addresses were used with caution and not wastefully, IP classes were introduced. IP address range is divided into different classes as per division between network and host IDs quantities.
We know that every octet can contain 256 (28) values. So every octet can have values between 0 and 255. The class A address is reserved for range where the first octet ranges from 1-126. So the class A range looks like:
Class A IPv4: 1-126.xxx.xxx.xxx
This means we can have 126 values in the first octet, and 255 values in each of the following three octets. Another important thing to note is that the first octet is reserved for network IDs while the following three are used for host IDs. This means the number of networks in Class A can be 126 while the number of hosts can be 256*256*256 which is 16.7 million.
Clearly, this class can only be allocated to networks which have a really high number of hosts to avoid wastage of IP address. This class of IP address has been provided to worldwide networks like IBM, AT&T etc and is not provided to small and medium networks.
In class B, we have IP address range for first octet from 128-191, and we allocate first 2 octets for network IDs and last 2 for host IDs. This means we have 216 values available for both network and host IDs.
Why is it that we have 65,534 (216) host IDs, and only 16,384(214) network IDs despite giving 2 octets (16 bits) each to both of them?
The reason for reduced network IDs is the reservation of first few bits in all classes for identification of the class. The reservation of the bits for different classes can be seen below. Class B has first 2 bits reserved, and hence total number of available network IDs are 2(16-2) i.e 214 .
One more thing! Class A has 1-126 for first octet and class B has 128-191. What happened to 127?
The 127 address range has been reserved for loopback, which means it point to the same machine i.e. localhost. This is the reason we often use 127.0.0.1/<some port number> to access servers deployed on our local machines.
In class C, value in the first octet ranges from 192-223 and the first three octets are reserved for network IDs and the last octet is reserved for host IDs. For the purpose of IP class identification, the first 3 bits of first octet are reserved leaving 221 values for network IDs and 28 for host IDs.
It is important to note that two host IPs are always reserved and hence not available for allocation. One of them is used for storing the network IP and other is used as a broadcast IP. Hence, in class C only 254 hosts are available and not 256 (28). Similar reduction of two IPs in host IDs can be seen in Class A and B also.
Class D and E
Class D and E IPs are not used in ‘normal’ networking scenarios. Class D is reserved for multicast applications, and Class E addresses are reserved but not yet defined. They are mostly used for experiments and R&D purpose.
Private IPs are used for intranet communication inside the network. With a private IP, we cannot reach out to a device in another network. Private IPs are an important component of network security as they ensure access is provided only to trusted sources in the same network. In IPv4 addresses, the following three IP ranges have been reserved for use as private IPs:
We would have noticed while creating VPCs and vSwitches in a public cloud network that the subnet IP range for private IPs is always one of the three ranges. Due to these ranges being reserved only for private IPs, it is possible for two devices in different networks to have the same private IP.
When I create VPC or vSwitch on cloud, I see the IP range is one of the above ranges, but why do I see it as 192.168.0.0/24 or 172.16.0.0/26 and so on. What does /24 and /26 mean here?
The effort to reduce wastage of IP addresses has led to widespread usage of CIDR range. An IPv4 address is a 32 bit binary number, and the value after ‘/’ tells the network how many bits we want to employ in the range. We subtract that number from 32, and its decimal conversion gives us the number of IPs available in that range.
For ex: CIDR is 192.168.0.0/24. Here we take the number 24, subtract it from 32 resulting in the number 8. If we convert this to decimal form, we get the total number of IPs in this CIDR range. Here it will be 28 which is 256. This means in this CIDR range, the IPs available are 192.168.0.1 to 192.168.0.254 (Two IPs 192.168.0.0 and 192.168.0.255 are reserved for network IP and broadcast IP, hence not available).
Another ex: CIDR is 172.16.0.0/26. Here the number of available IPs would be 2(32-26) = 26 = 64 (including two IPs reserved for network and broadcast).
It can be deduced that as we move towards /32, the number of available IPs in the CIDR range reduces. Hence it is important for the network administrator of an organization to ensure enough number of IPs are available while creating a network, and also be judicious about the wastage of IPs that could result through over-allocation.
With the limit of 4 billion IPs, it is predictable that IPv4 addresses will be exhausted in time to come. Therefore, the relevant authority working on this issue – Internet Engineering Task Force (IETF), developed IPv6 which can offer a much bigger pool of IP addresses. Instead of a 32 bit binary number divided in octets, IPv6 is a 128 bit binary number and is represented in 8 groups of 16 bits each with each group consisting of four hexadecimal digits. An example of IPv6 address is
Due to a 128 bit binary structure, the total number of IP addresses provided by IPv6 is a massive number(2128), exhausting which would certainly be an impossible task.
Number of IPs in IPv6: 340,282,366,920,938,463,463,374,607,431,768,211,456
In addition to offering more addresses, IPv6 also implements features not present in IPv4. It simplifies aspects of address configuration, network renumbering, and router announcements when changing network connectivity providers.
Expecting exhaustion of IPv4 addresses in near future, organizations around the world have started moving to IPv6 format, a task which has been ongoing, albeit slowly, for more than 15 years now. While the transition from IPv4 to IPv6 is not straightforward, both protocols are expected to be compatible with each other till total transition to IPv6 is completed in future. For more details on this, you can refer to IPv6 transition mechanism.