The Internet Protocol (IP) can be defined as a connectionless protocol for use on packet-switched networks. It does not guarantee delivery, but relies on higher-layer protocols like the Transmission Control Protocol (TCP) to ensure success. As I write these words, in late 2017, the fourth version of IP carries the majority of the Internet’s traffic. In this article, I will introduce IPv4’s addressing scheme, before considering the drawbacks which spurred (if that is the word) the tortoise-like introduction of its successor, IPv6. Interestingly, IPv4 was the first version of the protocol used in practice; the first three versions, during the 1970s, were experimental. In 1983, IPv4 went into production on ARPANET and has powered the Internet ever since.
IPv4 specifies a 32-bit address, which theoretically offers 2^32, or 4,294,967,296 addresses. That’s about 4.3 billion. However, due to the way in which this address space is carved up by the rules of IPv4, not all of these addresses are available for public use. No doubt when the protocol was defined in the early 1980s, 4.3 billion addresses seemed plenty. (I am reminded of Bill Gates’ alleged advice about computer memory, also from the early 80s, that “640K ought to be enough for anybody”.) However, the explosion in Internet growth during the 1990s and 2000s soon threatened to deplete the IPv4 address space, and counter measures like Network Address Translation have been adopted while IPv6 makes its interminable entrance.
The first address of IPv4 is 0.0.0.0 and the last is 255.255.255.255. In between, the space is split into five classes, labelled A, B, C, D and E. To take a very high-level view, class A networks, of which there are few, are designed for large organisations and contain millions of addresses. Class B networks are more numerous while still offering plenty of addresses. Class C networks are the most plentiful of those that can be assigned to organisations, but they allow for comparatively few addresses. Class D addresses are reserved for multicasting (in which one host transmits to many) and class E addresses are reserved for experimental use.
You can tell which class an IP address belongs to by examining its first octet. In particular, you’re interested in the high-order bits, those on the left, when the octet is expressed in binary. All class A networks have a first octet that begins with a 0:
The zero is fixed and cannot be changed, leaving seven bits to be used. Therefore, the lowest and highest numbers available for the first octet of a class A network are:
Converted to decimal, these give 0 to 127. So, any IP address beginning with a number in this range is class A. Let’s say you applied for a class A network back in the day, and were issued network 18.104.22.168. (As it happens, the company that received the 22.214.171.124 network, in 1990, was Apple.) The first octet is your network number, and the following three octets, or 24 bits, are available for use as host IP addresses within your network. This gives 2^24 – 2, or 16,777,214 host addresses. The reason you subtract two is to allow for the first address (126.96.36.199), which identifies the entire network, and for the broadcast address, which is always the highest in the network (188.8.131.52). In between are nearly 17 million usable host addresses.
Class B networks start with a fixed 10 in their first octet, giving low and high numbers of:
In decimal, this is the range 128 to 191. Class B addresses use the first two octets, or 16 bits, to identify the network portion. Because the first two bits are fixed at 10, there are 14 bits in total in the network part, giving 2^14, or 16,384 networks. The remaining two octets are for hosts, giving 2^16 – 2, or 65,534. An example class B network is 184.108.40.206. Its broadcast address would be 220.127.116.11.
Class C networks have a first octet that must begin with 110. Thus, the low and high number are:
In decimal, this is the range 192 to 223. Class C addresses use the first three octets, or 24 bits, to identify the network portion. Because the first three bits are fixed at 110, this leaves 21 bits in total in the network part, giving 2^21, or 2,097,152 networks. Only a single octet, eight bits, is available for hosts, giving 2^8 – 2, or 254 hosts. An example class C network is 18.104.22.168. Its broadcast address would be 22.214.171.124.
Since class A networks designate only the first octet as the network portion, they have a default mask of 255.0.0.0. Class B networks designate the first two octets for the network portion and have a mask of 255.255.0.0. Class C networks designate the first three octets for the network portion, giving a mask of 255.255.255.0. Of course, designers can extend these masks as required to split each network in some number of subnets.
If you add up all of the host-usable addresses in the A, B and C networks, you get 3,753,869,056, which is fewer than the 4.3 billion that a pure 32-bit address would imply. Of course, I’m not including the class D and E addresses, which cannot be assigned to individual hosts anyway. Also, there are further ranges of addresses that cannot be publically assigned and which are called reserved. First, let’s consider the private ranges. Each class, A, B and C, has one or more networks within it that cannot be used over the Internet.
Class A offers the 10.0.0.0 network for private use. This means that any organisation can freely use the addresses in this network for host assignments. Since this class A network has millions of addresses, administrators have plenty of scope for further subnetting; indeed, it is recommended that you use the 10.0.0.0 network when creating LANs in order to allow room for growth. Class B reserves sixteen private networks, from 172.16.0.0 to 172.31.0.0. Class C reserves even more, with 256 available from 192.168.0.0 to 192.168.255.0. However, these networks allow for only 254 hosts each. Home and small office equipment often comes configured to operate in the 192.168.x.x private class C range.
The essential point about these private networks is that Internet routers will drop any packets destined for them. Ergo, none of the LAN devices placed into these networks will be able to reach, or will be reachable from, the Internet directly. There are millions of these private networks in homes and offices throughout the world. Such duplication does not matter, as the networks are isolated from the wider Internet. Indeed, this isolation is a benefit, since most of the hosts on a private network are not servers and need no external access; hence, security is improved. It is likely that these hosts may wish to surf the web, though, and Network Address Translation is used to facilitate this.
The entire class A network 0.0.0.0 is reserved for housekeeping (according to RFC 6890) and is thus unavailable for public assignment. Too bad—that’s 16 million addresses gone to waste! The last class A network, 127.0.0.0, is also reserved, this time for loopback testing. Whenever you use the 127.0.0.1 address, when hosting a website on the same machine as the development environment for instance, you’re using this loopback range. It directs packets back to the sender, not unlike mailing yourself Christmas cards, only minus the self-pity.
A further reserved class A range is from 100.64.0.0 to 100.127.255.255. This corresponds to the 100.64.0.0 network with a /10 mask of 255.192.0.0. This block offers over four million addresses and is designed for use with Carrier-grade NAT, now called Large Scale NAT. It’s a scheme for service providers designed to further counter the depletion of IPv4 addresses. It solves some problems while introducing others; either way, it reserves another cache of addresses.
When a host is configured to get an IP address via the Dynamic Host Configuration Protocol (DHCP), and this process fails, it will often assign itself an address in the class B 169.254.0.0 range, which is reserved for these so-called link-local addresses. Microsoft refers to this as Automatic Private IP Addressing (APIPA). In fact, the usable range is 169.254.1.0 to 169.254.254.255; the remaining addresses are reserved for future use. When DHCP fails, the host will choose a random address from this range, and then test it using the Address Resolution Protocol (ARP). If no other host replies to the ARP request, the chosen address is used, else another is tried. The idea is that, should a DHCP server fail, all the hosts on the same data-link should give themselves IP addresses in the same network and thus remain able to communicate. In practice, if you see a host with such an address, you know that DHCP has problems and you direct your attention to fixing them.
A handful of other networks and ranges are set aside for specialist Internet and documentation purposes, but I’ve covered the major reservations. Class D networks have a first octet that must begin with 1110. Thus, the low and high number are:
In decimal, this is the range 224 to 239. Thus, the first class D address is 126.96.36.199 and the last is 188.8.131.52. IPv4 reserves this class for multicasting. Class E networks have a first octet that must begin with 1111. Thus, the high and low numbers are:
In decimal, this is the range 240 to 255. Thus, the first class E address is 240.0.0.0 and the last is 255.255.255.255. IPv4 reserves this class and it cannot be used over the Internet.
As of 2017, the Internet has run out of IPv4 addresses, and is, for the most part, relying on Network Address Translation while IPv6 is slowly introduced. Some time ago, the notion of classes, as described above, had to be abandoned when allocating addresses, as it was too wasteful. If you’re a small company, and you want to host a few Internet-reachable servers, then even a class C network, with its 254 hosts, would be overkill.
These days, service providers are allocated blocks of addresses that could conceivably come from classes A, B or C in the traditional sense. They split these blocks into smaller chunks and allocate them to subscribers. We no longer worry about what class an address is part of, because networks are no longer divided in a classful way. For instance, if you discover that a company’s public IP address, used for their web server, is 184.108.40.206, you would be wrong to assume that every address in the class C network 220.127.116.11 was also owned by this company. Rather, the addresses assigned to the company would be just a small chunk of a larger block assigned by their provider. This approach, introduced in 1993, is known as Classless Inter-Domain Routing (CIDR). It effectively allows networks of any size to be allocated, rather than the traditional A, B and C networks with fixed identifiers of one, two or three octets.
Don’t get me wrong, learning the classes is still important, as it describes the initial vision of IPv4 and its early working practice. Moreover, the Cisco exams still quiz you on the subject of classes, since they provide the major geometry into which modern classless addressing fits.
In a future article, I will cover the essentials of IPv6. It will suffice here to say that it uses a 128-bit addressing scheme. This provides a theoretical total of 3.4 × 10^38 addresses, a number so vast that every device in the world will be able to have a public IP address. You, your children, your pets, and the fleas on your pets (or children) could all have public IP addresses—and still we’d be nowhere near exhaustion. This is an exciting prospect in some ways, as it will sweep away the need for Network Address Translation. Every device in your smart home, for example, will be reachable directly from the Internet. However, this will bring security implications; it is likely that you won’t want all your devices to be publically visible, and controlling access with firewalls and their ilk will become even more important than it is today.