3.1 IP addressing, subnets, IPv4/IPv6 & DNS
Key Takeaways
- IPv4 is a 32-bit address written as four octets (0-255); each octet converts to 8 binary bits.
- The three private RFC 1918 ranges are 10.0.0.0/8, 172.16.0.0/12, and 192.168.0.0/16.
- Usable hosts per subnet = 2^(32-n) - 2; a /24 gives 254 hosts and a /26 gives 62.
- IPv6 uses 128-bit hexadecimal addresses, compresses zero-runs with ::, and has no broadcast.
- DNS resolves names to IPs over UDP port 53 using record types A, AAAA, CNAME, MX, and PTR.
Why IP Addressing Matters
Every device that speaks on a network needs a unique IP address so packets can find it, just as a house needs a mailing address. For a cyber aptitude screener you must read addresses fluently, do basic subnet math in your head, and know the difference between public and private space.
How IPv4 Works
An IPv4 address is a 32-bit number written as four decimal octets separated by dots (dotted-decimal notation), such as 192.168.1.10. Each octet is 8 bits and ranges 0-255, giving about 4.3 billion total addresses. Because the address is really binary, converting between decimal and binary is a core skill.
Converting an IP to binary
Convert each octet using the place values 128, 64, 32, 16, 8, 4, 2, 1:
- 192 = 128 + 64 ->
11000000 - 168 = 128 + 32 + 8 ->
10101000 - 1 ->
00000001 - 10 = 8 + 2 ->
00001010
So 192.168.1.10 = 11000000.10101000.00000001.00001010. To reverse it, simply sum the place values of the 1-bits in each octet.
Classes and private ranges
Legacy IPv4 was divided into classes by leading bits: Class A (1-126, default /8), Class B (128-191, /16), Class C (192-223, /24), Class D (224-239, multicast), and Class E (240-255, experimental). The block 127.x.x.x is reserved for loopback. Three blocks are private (RFC 1918), meaning they are not routable on the Internet and are reused behind NAT (Network Address Translation):
| Range | CIDR | Class | Approx. hosts |
|---|---|---|---|
| 10.0.0.0 - 10.255.255.255 | 10.0.0.0/8 | A | 16.7 million |
| 172.16.0.0 - 172.31.255.255 | 172.16.0.0/12 | B | 1 million |
| 192.168.0.0 - 192.168.255.255 | 192.168.0.0/16 | C | 65,536 |
Memorize all three; they appear on almost every screener. Your home router's 192.168.x.x LAN is the classic example of private space.
Subnets and CIDR Math
A subnet mask marks which bits are the network portion (1s) and which are the host portion (0s). CIDR notation (/n) states how many leading bits are network bits. Usable hosts per subnet = 2^(32 - n) - 2; you subtract 2 for the network address (all host bits 0) and the broadcast address (all host bits 1).
Worked example: /24 vs /26
A /24 (mask 255.255.255.0) has 8 host bits, so 2^8 - 2 = 254 usable hosts. For 192.168.1.0/24, hosts run .1 through .254 and .255 is the broadcast.
A /26 (mask 255.255.255.192) borrows 2 more bits, leaving 6 host bits, so 2^6 - 2 = 62 usable hosts. The block size is 256 - 192 = 64, so 192.168.1.0/26 divides into four subnets: .0, .64, .128, and .192. In the .0 subnet the hosts are .1 through .62 and .63 is the broadcast. More network bits means more subnets but fewer hosts each. Any packet destined outside the local subnet is sent to the default gateway (the router).
Public vs private addressing and NAT
Public addresses are globally unique and handed out by regional registries; private addresses can be reused in millions of separate networks. Because private hosts cannot be reached directly from the Internet, the router performs NAT, rewriting the private source address to the router's single public address on the way out and reversing it for the replies. This both conserves scarce IPv4 space and hides internal hosts. Two more reserved blocks are worth knowing: 169.254.0.0/16 is APIPA / link-local, which a host self-assigns when no DHCP server answers, and 0.0.0.0 means this host or the default route. In normal operation a DHCP server leases addresses to clients automatically so you rarely set them by hand.
Reading a subnet mask
A mask can be written in dotted-decimal or as a prefix. 255.255.255.0 is 24 one-bits, so it equals /24. 255.255.255.192 is 24 + 2 = 26 one-bits, because 192 is 11000000 in binary, so it equals /26. Converting the last non-255 octet to binary and counting the leading 1-bits is the fastest way to translate a decimal mask into CIDR notation, and the reverse also works.
IPv6 Basics
IPv4 addresses ran short, so IPv6 uses 128-bit addresses, written as eight groups of four hexadecimal digits separated by colons, for example 2001:0db8:85a3:0000:0000:8a2e:0370:7334. Leading zeros in a group may be dropped, and one run of all-zero groups can be compressed to ::, giving 2001:db8:85a3::8a2e:370:7334. IPv6 provides roughly 3.4 x 10^38 addresses, has no broadcast (it uses multicast instead), and ::1 is the loopback.
DNS: Names to Numbers
Humans use names; machines use IP addresses. The Domain Name System (DNS) translates between them, mostly over UDP port 53. Key record types:
- A - maps a hostname to an IPv4 address
- AAAA - maps a hostname to an IPv6 address
- CNAME - an alias pointing one name to another name
- MX - the mail exchanger for a domain's email
- PTR - reverse lookup: an IP back to a name
Resolution flow
When you request www.example.com, your resolver first checks its local cache. On a miss it queries a recursive resolver, which asks a root server (which refers it to .com), then the TLD server for .com (which refers it to example.com's server), then the authoritative name server, which returns the A record. The answer is cached for its TTL (time to live), so the next lookup is instant. The browser then opens a connection to that IP address.
How many usable host addresses does a single /26 subnet provide?
Which of the following is a private RFC 1918 address range?
Which DNS record type maps a hostname to an IPv6 address?