What Is IPv4 address in Networking?
This page mentions older exam versions. See the Current Exam Context and Legacy Exam Context sections below for the updated mapping.
On This Page
What do you want to do?
Quick Definition
An IPv4 address is like a digital mailing address for your computer, phone, or any device on the internet. It is made up of four numbers separated by dots, such as 192.168.1.1. This address lets other devices find and send data to your device, just like a mailing address lets the post office deliver mail to your home.
Common Commands & Configuration
ip addr add 192.168.1.10/24 dev eth0Assigns a static IPv4 address 192.168.1.10 with /24 subnet mask to the eth0 interface on a Linux system. Used for manual configuration or temporary IP assignment without netmask specification.
Appears in Linux+ and Network+ exams where candidates must know how to use 'ip' commands to set IPs. Tests understanding of CIDR notation in command-line context.
ipconfig /renewForces a Windows client to release its current DHCP lease and request a new IPv4 address from the DHCP server. Useful when a client has a stale or 169.254.x.x address.
Common A+ and Network+ troubleshooting command. Exam scenarios often ask what to do when a user gets an APIPA address after moving to a new network.
ping -n 4 192.168.1.1Sends 4 ICMP echo requests to 192.168.1.1 to test IPv4 connectivity. Used to verify that the local host can reach a gateway or another host on the same subnet.
Fundamental for all exams; tests understanding of ICMP, round-trip time, packet loss interpretation. Often the first step in troubleshooting IPv4 connectivity.
ip dhcp pool LAN_POOL
network 192.168.2.0 255.255.255.0
default-router 192.168.2.1
dns-server 8.8.8.8Configures a DHCP server on a Cisco router with a pool for subnet 192.168.2.0/24, sets the default gateway to .1, and DNS to Google's public DNS.
CCNA requires understanding of DHCP server configuration on routers. Questions may ask which pool parameters are mandatory or how to exclude addresses using 'ip dhcp excluded-address'.
show ip nat translationsDisplays the current NAT translation table on a Cisco router, showing inside local IPs mapped to inside global IPs, protocols, and ports. Used for debugging NAT issues.
CCNA and Network+ exam expects you to read the output to identify which private IP is mapped to which public IP, and to verify if a translation is active.
aws ec2 describe-subnets --filters Name=vpc-id,Values=vpc-12345 --query 'Subnets[].CidrBlock'Lists all CIDR blocks of subnets in a specific VPC using the AWS CLI. Helps verify subnet IP ranges during VPC design or troubleshooting.
AWS SAA and SAP exams test your ability to use CLI to inspect VPC/subnet configurations. May appear in scenario-based questions about CIDR overlap or subnet allocation.
route add -net 10.0.0.0/8 gw 192.168.1.1 eth0Adds a static route on a Linux system for the 10.0.0.0/8 network via gateway 192.168.1.1. Used when you need to reach a remote network without a default route.
Network+ and Linux+ include static routing. Exam may ask to correct a misconfigured static route or identify the correct syntax for adding a route.
ip address showDisplays all IPv4 (and IPv6) addresses assigned to interfaces on a Linux system. Equivalent to 'ifconfig -a' but more modern.
Used in troubleshooting to quickly verify assigned IPs, subnet masks, and interface state. Network+ and A+ questions may require interpretation of output to detect misconfigurations.
IPv4 address appears directly in 46exam-style practice questions in Courseiva's question bank — one of the most-tested concepts on Cisco CCNA. Practise them →
Must Know for Exams
IPv4 addressing is a core topic across multiple IT certification exams. For the CompTIA Network+ (N10-008), you need to demonstrate mastery of IPv4 addressing, including subnetting (Classful, CIDR), assigning IPs (DHCP, static, APIPA), and understanding default gateways, subnet masks, and broadcast addresses. Expect scenario-based questions where you calculate usable hosts, identify the network ID and broadcast ID, or choose the correct subnet mask for a given requirement.
For the CCNA (200-301), IPv4 subnetting is essential and tested heavily. You must be able to quickly subnet using VLSM (Variable Length Subnet Mask), determine the number of subnets and hosts per subnet, and configure IP addresses on Cisco devices. CCNA labs often require you to assign IPs to router interfaces, set up DHCP pools, and troubleshoot connectivity issues caused by misconfigured IP addresses or subnet mask mismatches.
In the CompTIA A+ (220-1101/1102), IPv4 addressing is tested at a more fundamental level. You should know how to configure IP settings on a Windows or macOS client, use commands like ipconfig and ping to verify connectivity, and understand the difference between static and dynamic IP assignments. Questions may ask about APIPA addresses (169.254.x.x) and troubleshooting when a device cannot reach the internet.
For cloud certifications like AWS Solutions Architect (SAA-C03), Azure Administrator (AZ-104), and Google Cloud Associate (ACE), IPv4 addressing is light supporting but still important. You need to understand CIDR notation when creating VPCs and subnets, know the difference between public and private IPs, and know how NAT gateways, internet gateways, and elastic IPs work. Cloud exam questions often present a scenario requiring you to select an appropriate CIDR block or troubleshoot a connectivity issue related to IP address configuration.
For CompTIA Security+ (SY0-601), you must understand how IPv4 addressing relates to network security concepts like network segmentation, firewalls, and ACLs. Questions may ask about private IP addresses used in DMZs, how to identify a potential IP spoofing attack, or how to configure a network firewall rule based on IP ranges.
Simple Meaning
Imagine you live in a very large city with millions of houses and apartments. For the postal service to deliver a letter to your specific house, it needs a unique address that includes your street number, street name, city, and zip code. In the same way, every device that connects to the internet, like your laptop, smartphone, or smart TV, needs its own unique address so that data can be sent to it and from it. This address is called an IPv4 address.
Think of the internet as a giant postal system. When you send a letter, you put the recipient's address on the envelope and your own return address. The postal service uses these addresses to route the letter correctly. When your computer sends a request to a website, it puts the website's IPv4 address as the destination and your device's IPv4 address as the source. The internet routers, which are like postal sorting offices, read these addresses and forward the data packets along the right path until they reach the website's server. The server then uses your source address to send back the webpage or information you requested.
An IPv4 address is a 32-bit number, but for humans, it is written as four decimal numbers separated by dots, for example, 172.16.254.1. Each of these numbers can range from 0 to 255. This format is called dotted decimal notation. Why 0 to 255? Because each of the four parts is actually an 8-bit binary number, and the largest number you can represent with 8 bits is 255.
Because the internet grew so quickly, we started running out of unique IPv4 addresses. It is like a city where the number of houses is greater than the available street addresses. This is why new devices often use special private IP addresses that work only inside your home or office network, and they share one public IP address for the outside world, a technique called Network Address Translation (NAT). Your home router typically has one public IPv4 address that the internet sees, and it assigns private IPv4 addresses to all your devices inside your home.
In short, an IPv4 address is the fundamental identifier that allows devices to find and communicate with each other over the internet. Without it, your computer wouldn't know where to send a request for a web page, and the web server wouldn't know where to send the response.
Full Technical Definition
An IPv4 (Internet Protocol version 4) address is a 32-bit binary number that uniquely identifies a network interface on an IP network. It is the core addressing scheme of the Internet Protocol, as defined in IETF RFC 791 (1981). The 32-bit address space allows for approximately 4.3 billion unique addresses (2^32), though practical usage is lower due to reserved blocks and network overhead.
The address is typically written in dotted decimal notation, consisting of four octets (8-bit bytes) separated by periods, for example, 192.168.1.10. Each octet ranges from 0 to 255. The binary representation of 192.168.1.10 is 11000000.10101000.00000001.00001010.
IPv4 addresses are hierarchical and consist of two main parts: the network portion and the host portion. The network portion identifies the specific network, and the host portion identifies the specific device on that network. The boundary between network and host is determined by the subnet mask, which is a 32-bit number that indicates which bits belong to the network and which to the host. For example, with a subnet mask of 255.255.255.0, the first three octets represent the network, and the last octet represents the host.
Address classes were originally used to define network sizes. Class A (first octet 1-126) used an 8-bit network and 24-bit host, supporting large networks. Class B (128-191) used 16-bit network and 16-bit host. Class C (192-223) used 24-bit network and 8-bit host, supporting many small networks. Class D (224-239) was reserved for multicast, and Class E (240-255) for experimental use. Classful addressing is largely obsolete, replaced by Classless Inter-Domain Routing (CIDR), which allows arbitrary prefix lengths (e.g., /24, /16) and more efficient allocation.
Certain address ranges have special meanings. The loopback address (127.0.0.1) always points back to the local device for testing. Private address ranges (10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16) are not routable on the public internet and are used within local networks. Link-local addresses (169.254.0.0/16) are automatically assigned when a device cannot obtain an address from a DHCP server. The address 0.0.0.0 represents an unknown or default route. Broadcast addresses, such as 255.255.255.255 and network-specific broadcasts (e.g., 192.168.1.255 for a /24 network), send packets to all devices on the local segment.
IPv4 packet headers include source and destination addresses, along with other fields like Time to Live (TTL), protocol, and checksum. TTL prevents packets from looping indefinitely; each router decrements TTL by 1, and when it reaches 0, the packet is discarded.
Modern networks heavily use NAT (Network Address Translation) to conserve IPv4 address space. NAT allows multiple devices on a private network to share a single public IP address. This is implemented at the router, which maintains a translation table mapping internal private addresses and ports to the public address and unique ports for outbound traffic.
DHCP (Dynamic Host Configuration Protocol) automates IPv4 address assignment. A DHCP server, often built into a home router, leases IP addresses to devices for a set period (lease time). When the lease expires or the device disconnects, the address can be reassigned. Static IP addresses can be manually configured for devices like servers or printers that need a fixed address.
IPv4 is still dominant but is being gradually replaced by IPv6, which offers a vastly larger 128-bit address space. However, IPv4 remains critical for IT certifications, as many legacy systems, internal networks, and exam scenarios still focus on IPv4 addressing, subnetting, and troubleshooting.
Real-Life Example
Imagine a large apartment building with a main office on the ground floor. The building has a single street address, for example, 500 Main Street. This is like your public IPv4 address, the one the internet sees for your home network. Inside the building, there are individual apartments, each with its own unit number, like Apartment 3B or Apartment 7A. These are like the private IPv4 addresses your router assigns to your devices, such as 192.168.1.101 for your laptop and 192.168.1.102 for your phone.
When a delivery person arrives with a package for you, they go to the main office (500 Main Street) and tell the front desk the package is for you. The front desk knows you are in Apartment 7A, so they hold the package for you, or they may call your apartment to tell you to come pick it up. In this analogy, the front desk is the router. The router receives all the data coming from the internet to your public IP address (500 Main Street). But the data is actually intended for a specific device in your home, for example, your laptop at 192.168.1.101. The router looks at its internal records (the NAT table) and forwards the data to the correct private IP address.
Now, when you request a webpage, your laptop creates a packet with its own private IP address (Apartment 7A) as the source and the website's public IP address as the destination. It sends this to the router (front desk). The router then changes the source address from your private IP to its public IP (500 Main Street) and sends the packet out to the internet. The web server sees the request coming from 500 Main Street and sends the response back to that address. When the router receives the response, it checks its records and forwards it to your laptop's private IP address.
This system works well because many devices in the building can use the same street address, but the front desk knows exactly which apartment each package belongs to. The challenge is that if the building had no front desk and every apartment had its own unique street address, we would quickly run out of available street addresses. That is exactly why we use NAT: to let many devices share a single public IP, conserving the limited supply of IPv4 addresses.
Why This Term Matters
Understanding IPv4 addressing is fundamental for any IT professional because it is the backbone of how devices communicate across networks and the internet. Without a solid grasp of IPv4, you cannot effectively configure routers, troubleshoot connectivity issues, set up firewalls, or manage IP address allocation. Every device you work with, from servers to printers to IoT sensors, will have an IPv4 address, and knowing how to assign, verify, and troubleshoot them is a daily task for network and system administrators.
For security professionals, IPv4 addressing is crucial for understanding network segmentation, access control lists (ACLs), and firewall rules. You need to know which IP addresses are allowed or blocked, how to identify suspicious traffic based on source or destination IPs, and how private IP ranges are used to isolate internal networks from the public internet. Security vulnerabilities like IP spoofing, ARP poisoning, and DDoS attacks all involve manipulating or targeting IPv4 addresses.
In the context of cloud computing, IPv4 addressing remains essential. When you create a virtual private cloud (VPC) in AWS, Azure, or Google Cloud, you must plan IP address ranges for subnets, assign IPs to instances, and configure routing. Many cloud exam questions revolve around CIDR notation, subnetting, and understanding how public vs. private IPs work in a cloud environment. Without this foundation, you will struggle to pass cloud certification exams or effectively design cloud networks.
How It Appears in Exam Questions
In certification exams, IPv4 questions appear in several common patterns. One common format is a scenario where you are given a network requirement, for example, a company needs at least 30 subnets with at least 500 hosts per subnet, and you must choose the appropriate subnet mask or CIDR notation. These questions test your ability to perform subnetting calculations and understand VLSM.
Another common pattern is a troubleshooting scenario. For example, a user reports that their computer cannot access the internet, and you are given the output of ipconfig. The output shows an IP address of 169.254.17.32 with a subnet mask of 255.255.0.0. You must recognize this as an APIPA address, meaning the DHCP server failed to assign a valid IP, and then suggest a solution such as checking the network cable, restarting the DHCP client service, or verifying the DHCP server is running.
Configuration-based questions also appear. You might be asked to select the correct syntax for configuring a static IP address on a Cisco router interface (e.g., ip address 192.168.1.1 255.255.255.0) or to identify which command displays the current IPv4 configuration on a Windows system (ipconfig /all). For cloud exams, you may be asked to choose the correct CIDR block for a VPC subnet that needs to accommodate a specific number of instances, or to identify which IP address is a valid private IP (e.g., 10.0.0.5 vs. 192.0.2.10).
Some exams include multiple-choice questions that ask about the purpose of specific IPv4 addresses. For example, you might be asked what the address 127.0.0.1 is used for (loopback testing) or what the address 255.255.255.255 is used for (local network broadcast). You might also be asked to identify which address range is reserved for multicast (224.0.0.0 to 239.255.255.255) or which is a class B private address range (172.16.0.0 to 172.31.255.255).
Simulation or lab-based questions might require you to assign IP addresses to devices, troubleshoot a misconfigured subnet mask, or diagnose why two devices on the same physical network cannot communicate. For example, if Device A has IP 192.168.1.10/24 and Device B has IP 192.168.2.20/24, they will not be able to communicate directly because they are on different subnets, even if they are plugged into the same switch. This tests your understanding of subnetting and routing.
Practise IPv4 address Questions
Test your understanding with exam-style practice questions.
Example Scenario
You are a junior IT support technician at a small company. A sales employee named Maria calls you saying her laptop cannot connect to the internet. She can access some internal company drives, but when she opens her web browser, she gets an error that the page cannot be displayed. You ask Maria to press the Windows key and type cmd, then type ipconfig and tell you the output. She reads you the following:
Ethernet adapter Local Area Connection: Connection-specific DNS Suffix . : IPv4 Address. . : 169.254.37.142 Subnet Mask . . : 255.255.0.0 Default Gateway . . :
You immediately notice that the IP address starts with 169.254, which is an Automatic Private IP Addressing (APIPA) address. This address is automatically assigned by Windows when it fails to get a valid IP address from a DHCP server. The default gateway is blank, confirming that the laptop has no route to the internet.
You ask Maria to check if her network cable is plugged in firmly at both ends (her laptop and the wall jack). She says it looks fine. You then ask her to open a command prompt as administrator and type ipconfig /release and then ipconfig /renew. She does this, and the new ipconfig output shows:
IPv4 Address. . : 192.168.1.102 Subnet Mask . . : 255.255.255.0 Default Gateway . . : 192.168.1.1
Maria now has a valid IP address in the 192.168.1.x range, which is the company's private network. The default gateway is set to the router's address. You ask her to try browsing the web again, and it works. The issue was that her DHCP lease might have expired or there was a temporary problem with the DHCP server. The /renew command forced her laptop to request a new IP, and this time it succeeded.
Common Mistakes
Confusing the network ID with the broadcast address.
The network ID is the first address in a subnet (all host bits set to 0) and cannot be assigned to a device. The broadcast address is the last address (all host bits set to 1). Using either as a device IP will cause communication failures.
Remember: network ID is the base address for the subnet, broadcast is the highest. For a /24 network 192.168.1.0, the network ID is 192.168.1.0 and the broadcast is 192.168.1.255. Valid host IPs are 192.168.1.1 through 192.168.1.254.
Using the wrong subnet mask when calculating hosts.
Using a /24 mask (255.255.255.0) instead of a /23 (255.255.254.0) will miscalculate the number of usable hosts and could cause overlapping subnets or insufficient IPs.
Always calculate usable hosts using the formula (2^n - 2), where n is the number of host bits. For /24, n=8, so hosts = 254. For /23, n=9, so hosts = 510.
Thinking 127.0.0.1 is a public IP address.
The 127.0.0.0/8 range is reserved for loopback addresses. 127.0.0.1 is the standard loopback and is never used to communicate with another device. It is only for local testing.
Know that 127.0.0.1 is the localhost and cannot be assigned to a network interface or used as a source/destination on the actual network.
Confusing private IP ranges with public IP ranges.
When configuring a home or office network, many beginners mistakenly assign a public IP like 8.8.8.8 as a static IP for a device, thinking it is valid. Public IPs are globally unique and must be leased from an ISP. Using them internally can cause conflicts and routing issues.
Use only the three private ranges for internal networks: 10.0.0.0/8, 172.16.0.0/12, and 192.168.0.0/16. Never assign a public IP to a device inside your network.
Forgetting to subtract the network ID and broadcast address when counting usable hosts.
Many students use 2^n instead of (2^n - 2). This overestimates the usable IP count, leading to incorrect network design.
Always subtract 2: one for the network ID and one for the broadcast. In a /24, 2^8 = 256, but usable hosts = 254.
Mistaking a /16 subnet mask for a /24.
A /16 mask (255.255.0.0) creates one large subnet with 65,534 hosts, while a /24 creates many subnets with 254 hosts each. Using the wrong mask can make a small network segment too large or too small.
Always note the CIDR prefix length. /16 is 255.255.0.0, /24 is 255.255.255.0. Practice converting between CIDR notation and dotted decimal masks.
Exam Trap — Don't Get Fooled
{"trap":"The exam presents a scenario where a computer has an IP address of 169.254.x.x and asks what the issue is. Many learners incorrectly choose 'the computer is not connected to the network' or 'the DNS server is down'."
,"why_learners_choose_it":"Because a 169.254.x.x address often appears when there is a network cable issue or DHCP failure, but learners may not recognize the specific APIPA range."
,"how_to_avoid_it":"Memorize that 169.254.0.0/16 is the APIPA range used by Windows when DHCP fails. The correct answer is typically 'the DHCP server is unreachable' or 'the computer could not obtain an IP address from DHCP'.
Do not assume physical disconnect; the device is often still on the local link."
Commonly Confused With
IPv6 is the newer version of Internet Protocol, using 128-bit addresses written in hexadecimal (e.g., 2001:db8::1), while IPv4 uses 32-bit decimal addresses. IPv6 was developed because we ran out of IPv4 addresses. IT certifications often test both, so you need to recognize which format is which.
192.168.1.1 is IPv4. fe80::1 is IPv6.
A MAC (Media Access Control) address is a 48-bit hardware identifier burned into a network interface card (e.g., 00-1A-2B-3C-4D-5E). It works at Layer 2 (Data Link layer) of the OSI model, while an IPv4 address works at Layer 3 (Network layer). MAC addresses are used for communication within a local network segment; IPv4 addresses are used for routing across different networks.
A router uses the destination MAC address to forward a frame to the correct device on the same switch, but uses the destination IPv4 address to decide which router to send the packet to next.
A subnet mask is a 32-bit number that defines which part of an IPv4 address is the network portion and which part is the host portion. The IPv4 address is the actual identifier of a device, while the subnet mask is a configuration parameter that tells the device how to interpret the IPv4 address for routing and communication. They are used together.
For the IP 192.168.1.10 with subnet mask 255.255.255.0, the device knows the network is 192.168.1.0 and the host is .10.
A default gateway is the IP address (usually a router interface) that a device uses to send traffic to destinations outside its own subnet. An IPv4 address identifies the device itself; the default gateway is a separate configuration that tells the device where to send packets that are not on the local network.
A computer with IP 192.168.1.10 and default gateway 192.168.1.1 will send all outbound traffic to the router at .1, which then forwards it to the internet.
CIDR (Classless Inter-Domain Routing) notation is a way to represent an IP address and its subnet mask together, like 192.168.1.0/24. The /24 indicates that the first 24 bits are the network portion. IPv4 address is the actual address; CIDR is a compact notation for the address and its mask.
Writing 10.0.0.0/8 instead of 10.0.0.0 with subnet mask 255.0.0.0.
A public IP address is globally unique and routable on the internet. A private IP address (like 192.168.x.x) is not routable on the internet and is only used inside a local network. An IPv4 address can be either public or private; the term 'IPv4 address' itself does not specify which type.
8.8.8.8 is a public IP (Google DNS). 192.168.1.1 is a private IPv4 address.
Step-by-Step Breakdown
Understanding the 32-bit structure
An IPv4 address is a 32-bit binary number. For human readability, it is divided into four 8-bit groups called octets, and each octet is converted to decimal. For example, the binary 11000000 10101000 00000001 00001010 becomes 192.168.1.10. Understanding this structure is the foundation for all subnetting.
Identifying the network and host portions
Every IPv4 address has two logical parts: the network prefix and the host identifier. The subnet mask defines the boundary. For instance, with IP 192.168.1.10 and mask 255.255.255.0, the network part is the first three octets (192.168.1) and the host part is the last octet (10). The device uses this to decide whether a destination is on the same local network or needs to go through a router.
Calculating the network ID
The network ID is found by performing a bitwise AND operation between the IP address and the subnet mask. This yields the first address of the subnet, where all host bits are set to 0. For 192.168.1.10 /24, the network ID is 192.168.1.0. This address cannot be assigned to a host.
Calculating the broadcast address
The broadcast address is the last address in the subnet, where all host bits are set to 1. For a /24 network, the broadcast is 192.168.1.255. This address is used to send a packet to all devices on the subnet simultaneously. It also cannot be assigned to a host.
Determining usable host addresses
The usable host addresses are all IPs between the network ID and the broadcast address. For a /24, that is 192.168.1.1 to 192.168.1.254, a total of 254 addresses. For larger subnets, the formula 2^n - 2 (where n is the number of host bits) gives the count of usable addresses.
Applying the subnet mask for routing
When a device wants to send a packet, it compares its own network ID with the destination's network ID using its subnet mask. If they match, the destination is on the same local network, and the device sends the packet directly using ARP to find the destination MAC. If they do not match, the device forwards the packet to its default gateway.
Using CIDR notation for efficiency
CIDR notation (e.g., 192.168.1.0/24) simplifies subnet design by specifying the number of bits in the network prefix. It replaces the older classful system, allowing variable-length subnet masks (VLSM). This enables efficient allocation of IP addresses by matching network size to actual need.
Practical Mini-Lesson
In a real-world IT environment, configuring and troubleshooting IPv4 addresses is a daily task. When setting up a new office network, you typically receive a single public IP address from your ISP to use as your public face, often through a router. Your router then creates a private network using one of the reserved private IP ranges, most commonly 192.168.1.0/24. You will configure the router's internal interface with a static IP (usually the first usable host, like 192.168.1.1) and enable DHCP to automatically assign IPs to the connected devices.
As an IT professional, you need to understand the lease processes. When a device joins the network, it broadcasts a DHCP discovery message. The DHCP server responds with an offer, the device requests the offered address, and the server acknowledges the lease. Knowing the DHCP lease time is important for planning; if the lease expires and the device cannot renew, it will default to an APIPA address (169.254.x.x) and lose internet access. Troubleshooting DHCP issues often involves checking if the DHCP service is running, if the scope has available addresses, or if there is a rogue DHCP server on the network.
In enterprise environments, you may use static IPs for critical servers like domain controllers, DNS servers, and printers. Static IPs are configured manually on the device and do not change, ensuring these services are always reachable at the same address. However, with statics, you must ensure you do not assign an IP that is already in use by another device (IP conflict), which can cause network instability. Using a DHCP reservation is often preferred; you reserve a specific IP for a device's MAC address, so the device always gets the same IP from DHCP but you avoid manual configuration mistakes.
When performing network upgrades or migrations, you must plan IP address schemes carefully. For example, if you are merging two offices, you might need to redesign subnetting to avoid overlapping IP ranges. Overlapping subnets occur when both offices use the same private range, causing routing issues when connecting the networks. You would need to implement subnetting or re-address one network to a different range.
Misconfiguration of subnet masks is a common cause of connectivity issues. If a device's subnet mask is too broad (e.g., /16 instead of /24), it may think a destination is local when it is actually remote, and it will try to communicate directly without sending traffic to the default gateway. This often leads to timeouts because the direct ARP request never reaches the remote device. Conversely, if the mask is too narrow (e.g., /28 instead of /24), the device may incorrectly assume a local device is on a different network and try to send traffic to the gateway, which may not have a route to that device. Either case requires manual correction of the subnet mask.
Finally, in cloud environments like AWS, you create VPCs with a CIDR block of your choice, for example, 10.0.0.0/16. You then partition that VPC into subnets, each with its own CIDR, such as a public subnet 10.0.1.0/24 and a private subnet 10.0.2.0/24. You assign public IPs only to instances in the public subnet that need direct internet access. Understanding how to calculate CIDR ranges and ensure they do not overlap is essential for designing scalable cloud architectures.
IPv4 Address Structure and Classful Addressing
An IPv4 address is a 32-bit numeric identifier assigned to each device on an IP network. It is typically written in dotted-decimal notation, consisting of four octets separated by periods, for example 192.168.1.1. Each octet ranges from 0 to 255, giving a total of approximately 4.3 billion possible addresses. The address is divided into two fundamental parts: the network portion and the host portion. The boundary between these two parts is defined by the subnet mask, which is also expressed in dotted-decimal or CIDR notation (e.g., 255.255.255.0 or /24).
Historically, IPv4 addresses were assigned using classful addressing, which divided the address space into five classes: A, B, C, D, and E. Class A addresses start with a first octet from 1 to 126, reserving 8 bits for the network and 24 bits for hosts, supporting up to 16 million hosts per network. Class B uses first octets 128 to 191, with 16 bits for network and 16 for hosts, supporting 65,534 hosts. Class C uses first octets 192 to 223, with 24 bits for network and 8 for hosts, supporting only 254 hosts per network. Class D is reserved for multicast (224-239), and Class E is reserved for experimental use (240-255). Classful addressing wastes many addresses because organizations rarely fit perfectly into these fixed sizes.
To overcome this inefficiency, classless inter-domain routing (CIDR) was introduced in the early 1990s. CIDR allows variable-length subnet masks (VLSM), meaning the boundary between network and host bits can be placed anywhere, not just at octet boundaries. For example, a /26 mask uses 26 network bits and 6 host bits, providing 62 usable host addresses. This flexibility significantly reduces address waste and allows more efficient route aggregation. In modern networking, classful addressing is largely obsolete, but it remains important for exam contexts because it explains the origin of many default subnet masks and routing behaviors. Exams, especially CCNA and Network+, often test your ability to differentiate classful and classless routing protocols (RIPv1 vs. RIPv2).
certain addresses are reserved for special purposes. 127.0.0.0/8 is the loopback range, with 127.0.0.1 commonly used for local testing. Addresses starting with 0.0.0.0/8 represent default or unknown networks. The address 255.255.255.255 is the limited broadcast. Private addresses (10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16) are reserved for internal use and are not routable on the public internet. Understanding these reserved blocks is critical for exam scenarios that ask about internal vs. external addressing, NAT, or routing misconfigurations. You should also know that the first address in a subnet is the network identifier and the last is the broadcast address; neither can be assigned to a host.
In practice, the IPv4 address structure is foundational to all IP-based networking. When you configure a device, you must assign an address and a subnet mask that matches the network segment. Incorrect subnet masks lead to communication failures because a host considers addresses outside its subnet as unreachable without routing. For cloud exams like AWS SAA and Google ACE, you must understand how IPv4 addresses work within VPCs and subnets, including how CIDR blocks (e.g., 10.0.0.0/16) dictate the number of available IPs. Security+ and AZ-104 also test your awareness of how IP addresses relate to firewall rules, ACLs, and network security groups. Mastering the structure and classful history gives you a strong foundation for subnetting and advanced routing topics.
IPv4 Address Subnetting and CIDR Calculations
Subnetting is the practice of dividing a larger IP network into smaller, more manageable subnetworks by extending the default subnet mask. This technique improves network performance, enhances security by segmenting traffic, and conserves address space. The process involves borrowing bits from the host portion of the address to create additional network bits. For example, a Class C network 192.168.1.0 with default mask /24 can be subnetted into /26 blocks, yielding 4 subnets each with 62 usable host addresses. The number of subnets is 2^(borrowed bits), and the number of usable hosts per subnet is 2^(remaining host bits) minus 2 (network and broadcast addresses).
To perform subnetting quickly for exams, you should master the powers of two and binary conversion. For instance, a /28 mask uses 4 host bits (32-28=4), so there are 16 addresses per subnet (2^4 = 16). Of these, 14 are usable (16-2). The subnet increment is 16 in the last octet. So subnets would be 0, 16, 32, 48, etc. Each subnet also has a broadcast address one less than the next subnet (e.g., subnet 0 broadcast is 15). This pattern holds for any CIDR prefix. For /30 masks, used for point-to-point links, there are only 2 usable host addresses (4 total, minus network and broadcast). Many exam questions test your ability to identify the subnet ID, broadcast address, and usable range given any IP and mask.
CIDR (Classless Inter-Domain Routing) is the notation used to express subnet masks, e.g., /24 for 255.255.255.0. The number after the slash indicates how many consecutive 1s appear in the binary subnet mask. A /24 mask has 24 ones followed by 8 zeros. Understanding this binary representation helps you quickly compute the wildcard mask for ACLs (the inverse of the subnet mask) and the network address by performing a bitwise AND between the IP and the mask. For example, IP 192.168.1.55 with mask 255.255.255.0 (or /24) gives network 192.168.1.0. If the mask were 255.255.255.192 (/26), the AND gives 192.168.1.0 as well, but the broadcast would be different.
Variable-length subnet masking (VLSM) allows you to use different subnet masks within the same major network. This is extremely important for efficient address allocation in real networks. For instance, you might assign a /30 for a WAN link and a /24 for a large LAN. Without VLSM, you would waste addresses by using a single subnet mask across the entire network. Routing protocols like OSPF, EIGRP, and RIPv2 support VLSM, while RIPv1 and IGRP do not. This distinction is a common exam point: you must know which protocols support VLSM and which do not, and why that matters when designing a network.
In cloud environments, subnetting is crucial for designing VPCs. AWS allows you to create subnets within a VPC that span multiple Availability Zones. Each subnet must have a CIDR block that is a subset of the VPC's CIDR. For example, a VPC with 10.0.0.0/16 can have subnets like 10.0.1.0/24. You cannot overlap CIDRs across subnets. If you misconfigure a CIDR block, AWS will reject it. Exam questions for AWS SAA often present a scenario where you need to pick a subnet CIDR that fits within a given VPC and provides enough IPs for an Auto Scaling group. Google ACE has similar questions regarding VPC networks and subnet creation. Even for security exams like Security+, understanding subnetting helps you identify the scope of a network attack or misconfiguration, such as a firewall rule that is too permissive due to an incorrect network address calculation.
Finally, practice using the slash notation and binary arithmetic until it becomes second nature. Memorize common subnetting constants: for /24, 256 addresses, 254 usable; for /25, 128 addresses, 126 usable; for /26, 64 addresses, 62 usable; for /27, 32 addresses, 30 usable; for /28, 16 addresses, 14 usable; for /29, 8 addresses, 6 usable; for /30, 4 addresses, 2 usable. Knowing these values by heart will save you valuable time in exams. Also remember that subnet zero (the first subnet) and the all-ones subnet (the last) are now permitted for use, thanks to RFC 1878. This is a shift from older practices that prohibited subnet zero, and exams may test your awareness of this change.
IPv4 Address Private and Public Addressing with NAT
IPv4 addresses are categorized as either public or private. Public IP addresses are globally unique and are assigned by the Internet Assigned Numbers Authority (IANA) through regional internet registries (RIRs) such as ARIN, RIPE, and APNIC. Devices with public IPs are directly reachable over the internet. In contrast, private IP addresses are defined in RFC 1918 and are reserved for use within private networks. These addresses are not routable on the public internet, meaning any packets with a private source or destination IP are dropped by internet routers. The three blocks are: 10.0.0.0/8 (single Class A), 172.16.0.0/12 (16 Class Bs), and 192.168.0.0/16 (256 Class Cs). These ranges allow for enormous internal address spaces, which are widely used in corporate networks, home routers, and cloud VPCs.
Network Address Translation (NAT) is the key technology that allows private IP addresses to communicate with the public internet. Typically implemented on routers or firewalls, NAT translates the private source IP and port to a public IP and a different source port. This allows multiple devices behind a single public IP to share that address, reducing the demand for public IPv4 addresses. The most common form is Source NAT (SNAT), also known as IP masquerading. The router maintains a translation table that maps each outbound session to a specific public IP and port. When a response returns, the router uses the table to forward it back to the correct private device. Without NAT, you would need a public IP for every device, which is impossible given the shortage of public IPv4 addresses.
There are different types of NAT: static NAT (one-to-one mapping between a private and public address), dynamic NAT (a pool of public addresses is used, assigned on a first-come-first-served basis), and PAT (Port Address Translation) which is the most common. PAT uses TCP/UDP port numbers to distinguish between different sessions from different private IPs. For example, two different hosts may both use source port 12345, but the NAT router will map each to a different public port (e.g., 55000 and 55001). This is why PAT is often called NAT overload. Exams like CCNA and Network+ ask you to configure NAT on Cisco routers and interpret the output of 'show ip nat translations' to see mappings.
In cloud environments, NAT works differently. AWS offers a NAT Gateway service that allows private subnets to access the internet for updates, patches, and other outbound-only communications. The NAT Gateway resides in a public subnet and has an Elastic IP. You must ensure that the route table in the private subnet points to the NAT Gateway for 0.0.0.0/0. Similarly, Azure has NAT Gateway, and Google Cloud uses Cloud NAT. Security+ and AZ-104 exams often test your understanding that private IPs in a VNet or VPC cannot directly reach the internet unless you deploy a NAT device, and that NAT is not a security feature-it is an address translation function, but it does provide a level of obfuscation.
Another related concept is the distinction between link-local addresses (169.254.0.0/16) and private addresses. Link-local addresses are automatically assigned when a device fails to obtain an IP via DHCP (APIPA). They are used only within a single link and are not routable at all. This is a common troubleshooting scenario: if you see a 169.254.x.x address, it indicates a DHCP failure. Public IPs are often associated with a domain name via DNS, while private IPs are not globally resolved. For the A+ exam, you must be able to explain why a home user might see 192.168.1.1 as the router IP and why that address is not accessible from outside the home network.
Understanding private and public addressing is also essential for security. A firewall rule that allows incoming traffic from a private IP would only be effective if the traffic originates from within the network. Security+ and AZ-104 tests often include questions about which IP ranges should be blocked in inbound/outbound rules to prevent spoofing or to restrict access to internal resources. You should also know that IPv4 addresses like 0.0.0.0/0 in a routing context represent all IPs, but in an ACL it might represent a source or destination. Being precise about address ranges is critical for passing subnetting and security exam questions.
IPv4 Address Configuration and DHCP Operation
Configuring an IPv4 address on a device can be done manually (static), or automatically via Dynamic Host Configuration Protocol (DHCP). Static configuration is necessary for servers, network devices, and printers that must always have the same IP address. To configure a static IPv4 address, you must specify the IP address, subnet mask, default gateway, and DNS server addresses. Incorrect configuration of any of these parameters will break network connectivity. For example, if the subnet mask is wrong, the device may not be able to reach hosts on a different subnet, even if they are physically connected. If the default gateway is missing or incorrect, the device can only communicate with hosts in its own subnet.
On a typical Linux system, you can set a static IP using commands like 'ip addr add 192.168.1.100/24 dev eth0', and set the gateway with 'ip route add default via 192.168.1.1'. On Windows, you use the Network and Sharing Center or PowerShell commands like 'New-NetIPAddress -InterfaceAlias Ethernet0 -IPAddress 192.168.1.100 -PrefixLength 24 -DefaultGateway 192.168.1.1'. On Cisco devices, you enter interface configuration mode and type 'ip address 192.168.1.1 255.255.255.0'. In cloud environments, assigning an IPv4 address to a virtual machine can be done via the cloud console, CLI, or SDK. For example, AWS assigns a primary private IP to an EC2 instance from the subnet's CIDR range, and you can also attach secondary private IPs. The exam may ask about how to assign a static IP to an instance in AWS (using an Elastic IP) or in Azure (using a reserved public IP).
DHCP simplifies IP address management. A DHCP server maintains a pool of addresses and leases them to clients. The client sends a DHCPDISCOVER broadcast, the server responds with a DHCPOFFER, the client sends a DHCPREQUEST, and the server confirms with a DHCPACK. The lease duration can vary; when the lease expires, the client must renew or request a new address. DHCP servers can also provide other configuration parameters, such as the default gateway, DNS servers, domain name, and NTP servers. This is why DHCP is so powerful-it centralizes configuration and reduces manual errors. The Network+ and A+ exams heavily test the DHCP process and the four-step DORA process (Discover, Offer, Request, Acknowledge). You should be able to identify what happens if a client fails to receive an ACK (it may fall back to APIPA).
In enterprise networks, DHCP can be configured on servers or on network devices like routers and switches. Cisco routers can act as DHCP servers using the 'ip dhcp pool' commands. For example, you define a network pool, exclude specific addresses, and set default router and DNS. This is a common CCNA lab skill. You might also see DHCP relay agents used when the DHCP server is on a different subnet, as DHCP broadcasts do not cross routers. A relay agent (configured with 'ip helper-address' on a Cisco router) forwards DHCP requests to the server as unicast. This concept is tested in Azure and AWS exams too, because VPC subnets have a built-in DHCP service, but you can also configure custom DHCP option sets.
Security considerations for DHCP include DHCP snooping, which is a security feature on switches that prevents unauthorized DHCP servers from offering addresses (rogue DHCP servers). An attacker could set up a rogue DHCP server to assign IP addresses with a malicious gateway, enabling man-in-the-middle attacks. DHCP snooping is configured on switches and is a common Security+ and CCNA exam topic. Also, DHCP starvation attacks can exhaust the address pool, causing a denial of service. Port security (limiting the number of MAC addresses per port) helps mitigate this. For AZ-104, you should know that Azure VMs can obtain their IP addresses from a virtual network DHCP managed by the platform, and you cannot run your own DHCP server within Azure unless you deploy it in a VM and configure IP forwarding.
Finally, when troubleshooting connectivity issues, always check the IP configuration first. If a device has an IP starting with 169.254.x.x, it means DHCP failed. Try releasing and renewing the lease (on Windows: ipconfig /release and ipconfig /renew; on Linux: dhclient -r and dhclient). If a device has a static IP but cannot reach the internet, verify the default gateway and DNS settings. Misconfigured static IPs, such as an IP already in use (duplicate IP detection via ARP), can cause intermittent issues. The A+ and Network+ exams include simulation questions where you must identify why a user cannot get an IP address based on diagnostic output. Remember that the DHCP server must be reachable from the client's subnet, either directly or via a relay agent.
Troubleshooting Clues
Duplicate IP address conflict
Symptom: A user receives a 'Windows has detected an IP address conflict' error message, or intermittent connectivity loss.
Two devices on the same subnet are configured with the same static IPv4 address, or a static address falls within the DHCP pool range. ARP requests show two MAC addresses for the same IP, causing confusion for switches and other hosts.
Exam clue: Exams test your ability to identify that duplicate IPs cause ARP table instability. The fix is to assign a unique IP or configure DHCP reservation/static IP outside the pool.
DHCP server not responding
Symptom: Client gets an APIPA address (169.254.x.x) after attempting DHCP.
The DHCP server is unreachable, either because it is down, the network is down, or a router does not have DHCP relay configured (if server is on a different subnet). The client fails the DORA process and assigns itself a link-local address.
Exam clue: Appears in A+ and Network+ simulations asking why a computer gets a 169.254 address. The answer usually involves checking DHCP server status, enabling IP helper on router, or verifying network cabling.
Wrong subnet mask configured
Symptom: Host can reach some devices but not others on the same physical network; can't reach the default gateway.
If the subnet mask is too restrictive (e.g., /28 instead of /24), the host incorrectly determines that some local IPs are on a different network and attempts to send traffic to gateway, which may fail. If mask is too permissive, the host may try to ARP for addresses that are actually remote.
Exam clue: CCNA and Network+ questions present a scenario where a host cannot ping devices on the same physical segment but can ping others. The diagnosis is incorrect subnet mask, and the fix is to correct the mask to match the network design.
Default gateway not set or wrong gateway IP
Symptom: Host can communicate within its local subnet but cannot access the internet or other subnets.
Without a default gateway, the host has no route for packets destined outside its subnet. If the gateway IP is incorrect, the host sends packets to a device that does not forward them, or the gateway itself is misconfigured.
Exam clue: Common in A+ troubleshooting: user can see local network shares but no internet. The solution is to set the correct gateway IP (usually the router's LAN interface).
NAT translation table full
Symptom: New outbound connections to the internet fail while existing ones work; error messages about 'NAT pool exhausted' on a router.
PAT (NAT overload) uses source ports to differentiate sessions. When all available ports (up to 65,535 per public IP) are consumed, new translations cannot be created. This is more common with many concurrent connections, like in a busy office or a P2P application.
Exam clue: CCNA exams may show a 'show ip nat translations' output full of entries. The fix is to increase the NAT pool by adding more public IPs or changing the port range (ip nat translation port-range).
Rogue DHCP server on the network
Symptom: Clients randomly get IP addresses from a different range, losing connectivity; intermittent network problems.
An unauthorized device (malicious or accidental, like a home router plugged into the corporate network) responds to DHCPDISCOVER faster than the legitimate server. Clients accept the lease, which may have a different gateway, causing traffic to route incorrectly.
Exam clue: Security+ and CCNA test your knowledge of DHCP snooping. The fix is to enable DHCP snooping on switches to only allow trusted DHCP server ports. Exam questions ask which feature prevents this.
IPv4 address from a different subnet range misassigned via DHCP
Symptom: Some clients get IPs from the same subnet but with a mask that doesn't match the subnet, or they get IPs from a completely different subnet due to DHCP scope misconfiguration.
DHCP server may have multiple scopes and a rogue client may get an address from the wrong scope if the server is misconfigured or if VLAN membership is wrong. This leads to unreachability since the gateway for that scope may not be accessible on the VLAN.
Exam clue: Network+ and AZ-104 ask about how VLAN and DHCP interact. The solution is to ensure DHCP scopes are aligned with VLAN subnet configuration, and use IP helper-address on each VLAN interface.
IPv4 address expired or DHCP lease not renewed
Symptom: Client suddenly loses network connectivity after a period of normal operation; ipconfig shows no IP or a 0.0.0.0 address.
The DHCP lease time has expired, and the client failed to renew its lease (usually because the DHCP server is not reachable at renewal time, or the client's network stack malfunctioned). The system eventually deconfigures the address.
Exam clue: A+ troubleshooting questions: user says 'it was working yesterday but now not'. The solution is to run ipconfig /renew or check DHCP server availability. Exam may also ask about lease timers.
Memory Tip
To remember the private IP ranges: 10.0.0.0/8 is like a full 10-hour work day (large), 172.16.0.0/12 is like a 17-to-2 time block (16 to 31), and 192.168.0.0/16 is like a 1920s style with 168 (easy to remember as 192.168).
Learn This Topic Fully
This glossary page explains what IPv4 address means. For a complete lesson with labs and practice, see the topic guide.
Covered in These Exams
Current Exam Context
Current exam versions that test this topic — use these objectives when studying.
SY0-701CompTIA Security+ →AZ-104AZ-104 →200-301Cisco CCNA →N10-009CompTIA Network+ →ACEGoogle ACE →SAA-C03SAA-C03 →220-1101CompTIA A+ Core 1 →Legacy Exam Context
Older materials may mention these exam versions, but learners should use the current objectives for their target exam.
N10-008N10-009(current version)SY0-601SY0-701(current version)Related Glossary Terms
AAA (Authentication, Authorization, and Accounting) is a security framework that controls who can access a network, what they are allowed to do, and tracks what they did.
An A record is a type of DNS resource record that maps a domain name to an IPv4 address.
An AAAA record is a DNS record that maps a domain name to an IPv6 address, allowing devices to find each other over the internet using the newer IP addressing system.
802.1Q is the networking standard that allows multiple virtual LANs (VLANs) to share a single physical network link by tagging Ethernet frames with VLAN identification information.
802.1X is a network access control standard that authenticates devices before they are allowed to connect to a wired or wireless network.
5G is the fifth generation of cellular network technology, designed to deliver faster speeds, lower latency, and support for many more connected devices than previous generations.
Two-factor authentication (2FA) is a security method that requires two different types of proof before granting access to an account or system.
A 3D printer is a device that creates physical objects by depositing layers of material based on a digital model.
Quick Knowledge Check
1.An engineer is troubleshooting a host on the 10.0.1.0/24 network. The host can ping its default gateway 10.0.1.1 but cannot reach a server at 10.0.2.10. What is the most likely cause?
2.What is the valid host range for a subnet with the address 192.168.1.32/27?
3.Which type of NAT allows multiple private IP addresses to share a single public IP address using port numbers?
4.A user's PC has the IP address 169.254.1.15. What does this indicate?
5.Which of the following is a valid public IPv4 address?
6.A network administrator needs to create a subnet that provides exactly 30 usable host addresses. What is the minimum subnet mask that should be used?