IP addresses and CIDR blocks, basically
A bit of experience with binary numbers will help, but you don’t need any to follow along. I’ll be releasing a free ebook later this year all about binary and other strange numbers, so consider subscribing to my newsletter to get a download link as soon as it’s ready!
Every device on a network needs a unique address so that data can be routed to it. It’s just like getting packages delivered at home; everyone needs a unique address so that the mail carrier can push a “sorry you weren’t in” note through the right letterbox.
Likewise, your laptop needs to know your lamp’s address so it can turn it on, and your games console needs to know your laptop’s address so it can stream videos from your Plex library.
But what do addresses look like on a network? And how do we ensure that they’re unique across a network as large as the Internet?
Let’s start with a weird little example, and build up from there.
An example using hotel rooms
Imagine that you’re staying in a hotel. You’ve made bank in the music business, and you’re treating yourself to a stay at Le Hotel in Empire City.
Oh, and also imagine that it’s the only hotel in the world.
If you wanted to send a package to Room 6 then you could simply address it to “Room 6” and the postal service would be happy to oblige.
Remember, this is the only hotel in the world, so it’s unambiguous what you mean by “Room 6”. There’s only one room in the world with that address.
But what if there was more than one hotel in the world? What if the Keystone Motel1 opens, and it also has a Room 6?
In the real world, we’d add some additional information to the address. We’d say, “Room 6, Le Hotel” or “Room 6, Keystone Motel”. That’s great for humans, because we can build up a description of an address using our natural language.
But the natural language of computers is mathematics. How can we assign a globally-unique numeric address to each room?
Assigning unique numeric room addresses
How can the managers of Le Hotel and the Keystone Motel ensure that they pick globally-unique numbers for their hotel rooms?
They could call each other up and say “Hey, I want to assign address 12 to one of my rooms. Are you already using that address?” but this isn’t scalable. As more hotels were built, more and more phone calls would be needed before a manager could confirm that an address is available and slap the sign on the door.
Hoteliers have got better things to do.
What if there was an independent organisation in charge of allocating ranges of addresses to hotels? Like, if an organisation could tell Le Hotel to use addresses 1-8 and tell the Keystone Motel to use 9-16?
If all hoteliers agreed to abide by that rule then we could be sure that every address was unique, and each hotel would be free to use their range of addresses however they wanted without needing to check with anyone else first.
So, back in our imaginary world, let’s call this organisation the “Hotel Assigned Numbers Authority”. HANA makes two promises to hoteliers:
- When they allocate a range of addresses to you, that range will be unique to you. It will not overlap or duplicate any ranges given to anyone else.
- The range of addresses assigned to you will be 16-bit binary numbers. No more than 16 bits, and no fewer than 16 bits.
Let’s say our two managers each ask HANA for a block of room addresses. The manager of Le Hotel receives
34.0/8 and the manager of the Keystone Motel receives
But what do they mean?
Describing a range of hotel numbers
34.0/8 tell the manager of Le Hotel how to assign room addresses that she can be sure are unique?
First of all,
34.0 describes the first room address that Le Hotel has been allocated. Now, this is super-important: the dot is not a decimal point. In this notation, the dot is just a separator between numbers. So here,
34.0 describes the two numbers “34” and “0”.
To convert these to the 16-bit binary number that HANA intends us to use, we need to:
- Convert each decimal number to an 8-bit binary number, then:
- Append all the 8-bit numbers together into one huge 16-bit number.
These 8-bit “chunks” are known as octets – with “oct” coming from the Greek “octa”, meaning “eight”.
Alright! We’ve got the first address in the range allocated to us! But this is just one address. How do we work out all the rest in the range?
/ tells us how many of the left-most digits need to stay the same throughout all the numbers in the range. In this case,
/8 tells us that the left-most 8 digits must remain the same. All the remaining digits can be changed. So, all the possible combinations of those “free” digits make up the range that we’re allowed to use.
If a hotel ever uses up their entire range of numbers and needs more, they need to go back to HANA and ask for an additional range. They must not change any of the locked digits to create bigger numbers, because that would take them out of their allocated range. They’d risk using room numbers that were actually allocated to someone else, and they’d be immediately uninvited from the HANA Christmas Party.2
So now, both hotel managers have a range of addresses which they can assign to their rooms.
|Room||Address at Le Hotel (“34.0/8”)||Address at Keystone Motel (“35.0/8”)|
Both hotel managers can be confident that every address they assign to a room will be unique, and they don’t even need to talk to each other to verify it. All it took was a bit of organisation and a little mathematics.
Making the room addresses easier for human to read
If you think an address like
0010001000000110 isn’t very human-friendly, then you’re entirely correct. Computers love long binary numbers but the rest of us… not so much.
We could just convert the binary directly to decimal and get “8710”, but that’s still not really useful. There’s meaning in the number, but we can’t see it in this form.
The good news is, we can easily make a human-readable form of any address just by reversing the steps we followed above. Instead of converting a number from dotted notation to a binary number, we can convert a binary number to dotted notation. We only need to break the binary number back into octets, then convert each octet to its decimal value.
It’s super important to remember that the “dot” here isn’t a decimal point. “34.6” doesn’t mean “34 and 6⁄10”. It’s literally read as “thirty four dot six”.
Following that rule, we could write out all the room addresses in a human-readable form.
|Room||Human-readable address at Le Hotel (“34.0/8”)||Numeric address at Le Hotel (“34.0/8”)|
|Room||Human-readable address at the Keystone Motel (“35.0/8”)||Numeric address at the Keystone Motel (“35.0/8”)|
And, look! Now that we’ve described the address in dotted notation, we can glean some meaning from it. We can see that rooms with addresses starting with “34” are in Le Hotel, and rooms with addresses starting with “35” are in the Keystone Motel.
Remember, each room has only one address. We can write the address in different ways, depending on whether a human wants it readable or a computer wants it numeric. Either way, the value is the same and the address is unique.
How close is this to real networking?
What we’ve called hotel rooms above, we could call devices on a network. Each device needs a unique address, just like rooms do. These addresses are called IP addresses, where “IP” is “Internet Protocol”, which is the set of rules that makes all of this work.
Our real world doesn’t have a “Hotel Assigned Numbers Authority”, but we do have something cooler. The Internet Assigned Numbers Authority is a real organisation that really assigns ranges of IP addresses.
While our hotel room addresses were 16-bit numbers made up of two octets, IP addresses are much, much bigger. IPv4 addresses are 32-bit numbers made up of four octets. IPv6 addresses are even bigger: 128-bit numbers made up of eight 4-digit hexadecimal numbers.
These are huge numbers. Like, really huge. Yowser.
The notation we used earlier to describe a range of addresses is called a CIDR block. Since IPv4 addresses have four octets, so do their CIDR blocks.
10.0.0.0/8, for example, means “every IPv4 address between
The number after the
/ can be any number between – and inclusive of – 0 and 32. For example:
0.0.0.0/0has no locked digits, so this range includes literally all IPv4 addresses.
22.214.171.124/31allows only one digit to change. Since that digit can be only “0” or “1”, this range contains only two addresses:
126.96.36.199/32has 32 locked digits, which means there are no digits left to change. This “range” contains
188.8.131.52and nothing else.
But what about…
But how do addresses get assigned to devices on a network? How does traffic actually get directed to the right place? Why didn’t you need to talk to IANA to get your own IP address range when you plugged in your Wi-Fi router?
Ah, my buddies, these are topics for another time. How about you smash that subscribe button and get an email notification when new articles are published?
And leave a comment if you have any questions or if there’s an aspect of this you’d like me to cover in the future!
This introduction to networks continues with my explanation of why 255 is such a special number in IPv4 addresses and my introduction to subnets. If you liked this article then you’ll love those!
I know, I know, motels aren’t hotels. But this place has a pool and free ice, and it’s right next to the best diner in the world. ↩
It’s not just a fun party; it’s incredibly well-organised too. ↩
Why do octets only go up to
255? Why not
256or more? “Why do numbers in IPv4 addresses only go up to 255?” gives a brief introduction. ↩