IP Addressing, Subnets & CIDR

What an IP address is

An IP address is the network-layer identity of a host — the "where" that routing uses to move a packet across networks. Two versions coexist:

• IPv4 — 32 bits, written as four octets (192.168.0.1). ~4.3 billion addresses, long since exhausted, which is why NAT and private ranges are everywhere.
• IPv6 — 128 bits (2001:db8::1). An effectively unlimited space that removes the need for NAT, though IPv4 persists for compatibility.

Public vs private addresses

Certain IPv4 ranges are reserved as private — routable only inside a local network, never on the public internet. A NAT gateway translates many private hosts behind one public address. Knowing these ranges on sight is genuinely useful when reading any cloud VPC config:

CIDR — how address blocks are sized

CIDR (Classless Inter-Domain Routing) notation appends a prefix length: 10.0.1.0/24. The number is how many leading bits are fixed (the network part); the remaining bits are host addresses. The rule of thumb:

Each step down in prefix length doubles the block. A /24 holds 2^(32−24) = 256 addresses; a /16 holds 65,536.

This is the math behind sizing a cloud subnet, writing a firewall/security-group rule, or reading a routing table. When you allocate 10.0.0.0/16 to a VPC and carve /24s out of it for each availability zone, you are just spending host bits.

Takeaways

• IP = network-layer host identity; IPv4 (32-bit, scarce) vs IPv6 (128-bit, abundant).
• Private ranges (10/8, 172.16/12, 192.168/16) stay off the public internet; NAT bridges them.
• CIDR /N fixes N network bits; addresses = 2^(32−N). Smaller N = bigger block.

Re-authored for this guide, with concepts and diagrams adapted from Karan Pratap Singh’s System Design (course, MIT licence) and the System Design Primer (CC BY 4.0). Diagrams © their respective authors.