This chapter covers IPv4 and IPv6 addressing in depth, including address structure, classes, subnetting, CIDR, private vs. public addresses, and the transition between protocols. Mastering this topic is critical for the N10-009 exam, as addressing questions appear in roughly 15-20% of all exam items. You will learn exactly how IP addresses work at the binary level, how to calculate subnets quickly, and how IPv6 addresses are formatted and allocated — all essential skills for network configuration and troubleshooting.
Jump to a section
Think of IPv4 as a traditional postal system where addresses are limited to 32 characters (like a 32-bit IPv4 address). Each house gets a unique address like "123 Main St, Apt 4" — the street is the network portion, the apartment is the host portion. With only 4.3 billion possible addresses, we ran out. IPv6 is like switching to a 128-character address system, allowing every grain of sand on Earth to have a unique address. But there's a catch: IPv6 addresses are long and complex, like "2001:0db8:85a3:0000:0000:8a2e:0370:7334". To make them manageable, we use shorthand (omit leading zeros, replace consecutive zeros with ::). Just as ZIP+4 codes help sort mail more efficiently, IPv6's hierarchical structure (global prefix, subnet, interface ID) allows routers to aggregate routes and reduce table sizes. NAT (Network Address Translation) is like a company mailroom that receives all packages for the organization and forwards them to individual employees based on a memo. The outside world only knows the company's main address (public IP), while internal employees have extensions (private IPs). When an employee sends a package, the mailroom records the sender's extension and replaces it with the main address. When a response arrives, the mailroom checks its log and delivers it to the correct extension. This conserves public addresses but breaks end-to-end connectivity — a key reason IPv6 was designed to restore it.
What is an IP Address and Why Does It Exist?
An Internet Protocol (IP) address is a logical identifier assigned to a network interface. It serves two primary functions: network interface identification (who you are) and location addressing (where you are). In the OSI model, IP operates at Layer 3 (Network layer), providing connectionless, best-effort delivery of packets across networks. The IP address is used by routers to forward packets from source to destination, much like a return address on an envelope.
IPv4 (Internet Protocol version 4), defined in RFC 791 (1981), uses a 32-bit address space, allowing approximately 4.3 billion unique addresses (2^32). IPv6 (Internet Protocol version 6), defined in RFC 2460 (1998), uses a 128-bit address space, providing 2^128 addresses — roughly 340 undecillion addresses, enough for every device on Earth to have its own globally unique address.
IPv4 Address Structure
An IPv4 address is a 32-bit binary number, typically represented in dotted-decimal notation (four octets separated by periods). Each octet is 8 bits, ranging from 0 to 255. For example, 192.168.1.1 in binary is 11000000.10101000.00000001.00000001.
#### Address Classes (Classful Addressing)
Originally, IPv4 addresses were divided into classes based on the first few bits: - Class A: First bit 0, network prefix 8 bits, host portion 24 bits. Range: 1.0.0.0 to 126.0.0.0 (127.0.0.0/8 reserved for loopback). Supports 16,777,214 hosts per network. - Class B: First two bits 10, network prefix 16 bits, host portion 16 bits. Range: 128.0.0.0 to 191.255.0.0. Supports 65,534 hosts per network. - Class C: First three bits 110, network prefix 24 bits, host portion 8 bits. Range: 192.0.0.0 to 223.255.255.0. Supports 254 hosts per network. - Class D: First four bits 1110, used for multicast (224.0.0.0 to 239.255.255.255). - Class E: First four bits 1111, reserved for experimental use (240.0.0.0 to 255.255.255.255).
Classful addressing wasted many addresses because networks were assigned entire blocks regardless of need. This led to the development of CIDR (Classless Inter-Domain Routing) in 1993 (RFC 1519).
#### CIDR and Subnet Masks
CIDR allows variable-length subnet masks (VLSM), expressed as a prefix length (e.g., /24). The prefix length indicates the number of bits in the network portion. For example: - 192.168.1.0/24 means the first 24 bits are the network, leaving 8 bits for hosts (256 addresses, 254 usable). - A /30 mask (255.255.255.252) provides only 2 usable hosts, commonly used for point-to-point links.
Key formula: Number of usable hosts = 2^(32 - prefix) - 2. The subtraction accounts for the network address (all host bits 0) and the broadcast address (all host bits 1).
#### Private vs. Public IPv4 Addresses
RFC 1918 defines three private address ranges that are not routable on the public Internet: - 10.0.0.0/8 (10.0.0.0 – 10.255.255.255) - 172.16.0.0/12 (172.16.0.0 – 172.31.255.255) - 192.168.0.0/16 (192.168.0.0 – 192.168.255.255)
Additionally, the loopback address 127.0.0.1/8 (typically 127.0.0.1) is reserved for local testing. APIPA (Automatic Private IP Addressing) uses 169.254.0.0/16 when a DHCP server is unreachable.
#### Special IPv4 Addresses - Network address: All host bits 0 (e.g., 192.168.1.0/24). Cannot be assigned to a host. - Broadcast address: All host bits 1 (e.g., 192.168.1.255/24). Used to send packets to all hosts on the local network. - Default gateway: Usually the first usable host address (e.g., 192.168.1.1). - 0.0.0.0/8: Used as a source address during DHCP discovery or as a default route. - 255.255.255.255: Limited broadcast address for local link.
#### Subnetting Example
To subnet 192.168.1.0/24 into four subnets, you need to borrow 2 bits from the host portion (since 2^2 = 4 subnets). New prefix length = 24 + 2 = 26 bits. Each subnet has 6 host bits, giving 2^6 - 2 = 62 usable hosts. The subnets are: - 192.168.1.0/26 (range: 192.168.1.1 – 192.168.1.62, broadcast 192.168.1.63) - 192.168.1.64/26 - 192.168.1.128/26 - 192.168.1.192/26
IPv6 Address Structure
An IPv6 address is 128 bits long, represented as eight groups of four hexadecimal digits separated by colons. Example: 2001:0db8:85a3:0000:0000:8a2e:0370:7334.
#### Shortening Rules 1. Leading zeros in each group can be omitted. 2001:0db8:0000:0000:0000:0000:1428:57ab → 2001:db8:0:0:0:0:1428:57ab. 2. One or more consecutive groups of all zeros can be replaced with a double colon (::), but only once. 2001:db8:0:0:0:0:1428:57ab → 2001:db8::1428:57ab.
#### IPv6 Address Types - Unicast: One-to-one communication. Includes global unicast (2000::/3), link-local (fe80::/10), unique local (fc00::/7), and loopback (::1/128). - Multicast: One-to-many (ff00::/8). Replaces IPv4 broadcast. - Anycast: One-to-nearest (multiple devices share the same address, packets delivered to the closest).
Note: IPv6 has no broadcast addresses. Broadcast functions are handled by multicast groups (e.g., all-nodes multicast ff02::1).
#### Global Unicast Address (GUA) Structure: 48-bit global routing prefix (assigned by IANA/RIR), 16-bit subnet ID (for internal subnetting), and 64-bit interface ID (EUI-64 or random). - Prefix: 2000::/3 (first three bits 001). - Interface ID: Typically derived from MAC address using EUI-64 format (insert FFFE in the middle and flip the 7th bit). For example, MAC 00:1A:2B:3C:4D:5E becomes 021A:2BFF:FE3C:4D5E.
#### Link-Local Address (LLA) Automatically assigned on every IPv6-enabled interface (prefix fe80::/10). Used for neighbor discovery (NDP) and communication on the same link. LLAs are not routable.
#### Unique Local Address (ULA) Analogous to IPv4 private addresses (fc00::/7). fd00::/8 is typically used. ULAs are routable within a site but not on the global Internet.
#### IPv6 Subnetting IPv6 subnetting is simpler because the subnet ID is a dedicated 16-bit field. For example, a /48 prefix can be divided into 2^16 = 65,536 /64 subnets. The recommended subnet size is /64, which provides 2^64 host addresses — more than enough for any LAN.
IPv4 vs IPv6 Header Comparison
IPv4 header is 20-60 bytes (options). IPv6 header is fixed 40 bytes with no options (extension headers used instead). Key differences:
IPv4 uses checksum; IPv6 does not (relies on Layer 2/4 checksums).
IPv4 supports fragmentation at routers; IPv6 requires end-to-end fragmentation (Path MTU Discovery).
IPv4 has TTL (Time to Live); IPv6 uses Hop Limit.
IPv4 has Protocol field (TCP=6, UDP=17); IPv6 uses Next Header field.
Transition Technologies
Dual Stack: Both IPv4 and IPv6 stacks run simultaneously on devices. Preferred method.
Tunneling: Encapsulate IPv6 packets inside IPv4 packets (e.g., 6to4, Teredo, ISATAP).
Translation: NAT64/DNS64 translates between IPv6 and IPv4 (similar to NAT).
NDP (Neighbor Discovery Protocol)
IPv6 uses NDP (RFC 4861) for address resolution and router discovery, replacing ARP. Key messages: - Neighbor Solicitation (NS): Similar to ARP request. - Neighbor Advertisement (NA): Similar to ARP reply. - Router Solicitation (RS): Host requests router information. - Router Advertisement (RA): Router advertises prefix and other configuration. - Redirect: Router tells host a better next-hop.
NDP uses ICMPv6 types 133-137.
Configuration and Verification Commands
#### Windows
ipconfig /all
netsh interface ipv4 show config
netsh interface ipv6 show addresses#### Linux
ip addr show
ip -6 addr show
ifconfig#### Cisco IOS
show ip interface brief
show ipv6 interface brief
show ip route
show ipv6 routeExam Tips
Memorize private IPv4 ranges (10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16) and loopback (127.0.0.0/8).
Know the difference between /24 and /30: /24 gives 254 hosts, /30 gives 2 hosts.
For IPv6, remember: link-local always starts with fe80, multicast with ff00.
Understand EUI-64: insert FFFE, flip 7th bit (U/L bit).
Know that IPv6 does not use ARP or broadcast.
Assign IP Address to Interface
When an IP address is configured on a network interface, the operating system adds a local route for the network prefix. For IPv4, the subnet mask determines the network portion. For IPv6, the prefix length (e.g., /64) defines the network. The interface is now reachable via that address. In Windows, you can use `netsh interface ipv4 set address` or the GUI. In Linux, `ip addr add 192.168.1.10/24 dev eth0`. In Cisco IOS, `interface GigabitEthernet0/0` then `ip address 192.168.1.1 255.255.255.0`. The device will respond to ARP requests (IPv4) or NS messages (IPv6) for this address.
ARP for IPv4 / NDP for IPv6
When a host wants to send a packet to another host on the same subnet, it needs the destination MAC address. For IPv4, it broadcasts an ARP request: 'Who has IP 192.168.1.2? Tell 192.168.1.10'. The target responds with its MAC. The sender caches the mapping (typically 2 minutes in Windows, 20 minutes in Cisco). For IPv6, NDP uses Neighbor Solicitation (NS) to a solicited-node multicast address (ff02::1:ffxx:xxxx). The target responds with a Neighbor Advertisement (NA) containing its MAC. No broadcast is used.
Packet Forwarding Decision
The host checks if the destination IP is on the same network by comparing the network portion (using its own subnet mask/prefix). If yes, it sends the frame directly to the destination MAC. If no, it sends to the default gateway's MAC. The gateway (router) then performs a route lookup. The router matches the destination against its routing table (longest prefix match). For example, if the destination is 8.8.8.8, the router may match the default route 0.0.0.0/0. It decrements TTL (IPv4) or Hop Limit (IPv6) and forwards to the next-hop.
Fragmentation (if needed)
If the outgoing interface has a smaller MTU than the packet size, fragmentation occurs. In IPv4, routers can fragment packets. In IPv6, only the source host can fragment (using Path MTU Discovery). The source sends packets with the Don't Fragment (DF) bit set; if a router needs to fragment but cannot, it sends an ICMPv6 Packet Too Big message back to the source with the next-hop MTU. The source then fragments all subsequent packets to that destination. This avoids reassembly at routers.
DHCP Address Assignment
When a host boots and is configured for DHCP, it sends a DHCP Discover broadcast (IPv4) or a Solicit message (IPv6 DHCPv6). The DHCP server responds with an Offer (IPv4) or Advertise (IPv6). The host then sends a Request (IPv4) or Request/Confirm (IPv6). The server acknowledges with an ACK (IPv4) or Reply (IPv6). The host receives its IP address, subnet mask, default gateway, and DNS servers. The lease time is typically 8 days for IPv4 (configurable). For IPv6, stateless address autoconfiguration (SLAAC) uses Router Advertisements to assign addresses without DHCP.
Enterprise Scenario 1: Data Center Subnetting with IPv4
A large e-commerce company has a /16 public IPv4 block (e.g., 203.0.113.0/16). They need to allocate subnets to different environments: production (5000 hosts), staging (500 hosts), and development (200 hosts). Using VLSM, they assign: production 203.0.113.0/19 (8190 hosts), staging 203.0.113.128/23 (510 hosts), development 203.0.113.64/24 (254 hosts). The remaining space is reserved for future use. They use private RFC 1918 addresses internally (10.0.0.0/8) with NAT at the border. Common issues include misconfigured subnet masks causing hosts to think destinations are local when they are not, leading to ARP failures. Engineers use ping and traceroute to verify connectivity. They also monitor ARP tables for spoofing attacks using dynamic ARP inspection (DAI) on switches.
Enterprise Scenario 2: IPv6 Deployment in a Campus Network
A university is deploying IPv6 across its campus. They receive a /48 from their ISP (2001:db8:abcd::/48). They allocate /64 subnets to each building: building A gets 2001:db8:abcd:1::/64, building B gets 2001:db8:abcd:2::/64, etc. Each building uses SLAAC for host addressing, with routers sending RAs every 200 seconds. Devices generate their interface ID using EUI-64. The network team configures DHCPv6 for DNS server information (stateless DHCPv6). They enable OSPFv3 for routing. Problems arise when hosts receive multiple RAs from different routers, causing duplicate address detection (DAD) failures. They mitigate by setting router priorities and using ipv6 nd ra-interval. They also monitor neighbor cache entries to detect ND spoofing.
Scenario 3: Cloud Networking with IPv4 and IPv6
A SaaS provider runs on AWS. They use VPCs with IPv4 CIDR blocks (e.g., 10.0.0.0/16) and optionally assign IPv6 CIDRs (e.g., 2001:db8:1234::/56). Instances get both IPv4 and IPv6 addresses (dual stack). The VPC has an internet gateway for IPv4 and an egress-only internet gateway for IPv6 (since IPv6 is public by default). They use NAT gateways for private IPv4 instances to reach the internet. Common misconfiguration: forgetting to add a route for the IPv6 default route (::/0) to the internet gateway, causing IPv6 traffic to fail. They use tcpdump or VPC Flow Logs to diagnose. Security groups and network ACLs must be updated for IPv6.
What N10-009 Tests on IPv4 and IPv6 Addressing
The exam objectives under 1.4 include: comparing and contrasting IPv4 and IPv6 addressing, subnetting, address types (unicast, multicast, broadcast, anycast), private vs. public addresses, and transition technologies. Expect about 15-20% of questions to involve addressing concepts. You must be able to calculate subnets quickly, identify address classes, and convert between dotted-decimal and binary.
Common Wrong Answers and Why Candidates Choose Them
Confusing IPv4 broadcast with IPv6 multicast: Many candidates think IPv6 has broadcast addresses. It does not. Broadcast is replaced by multicast groups like ff02::1 (all-nodes). Wrong answer: 'IPv6 uses broadcast for NDP.' Correct: 'IPv6 uses multicast for NDP.'
Misidentifying private IPv4 ranges: Candidates often think 172.16.0.0/16 is the entire range, but it's /12 (172.16.0.0 – 172.31.255.255). Also, 192.168.0.0/16 is often mistaken as /24. Wrong answer: '192.168.0.0/24 is private.' Correct: '192.168.0.0/16 is private.'
Forgetting the /30 subnet yields only 2 usable hosts: Candidates think /30 gives 4 usable addresses, but the network and broadcast reduce it to 2. Wrong answer: 'A /30 subnet has 4 usable addresses.' Correct: 'A /30 subnet has 2 usable addresses.'
Mixing up EUI-64: Candidates forget to flip the 7th bit (U/L bit). Wrong answer: 'EUI-64 inserts FFFE without any bit flip.' Correct: 'The 7th bit (U/L) is flipped from 0 to 1 for globally unique addresses.'
Specific Numbers and Terms That Appear on the Exam
Private IPv4 ranges: 10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16.
Loopback: 127.0.0.0/8 (IPv4), ::1/128 (IPv6).
Link-local IPv6: fe80::/10.
Multicast IPv6: ff00::/8.
Default subnet masks: Class A /8, B /16, C /24.
/30 subnet: 2 usable hosts.
/29 subnet: 6 usable hosts.
/27 subnet: 30 usable hosts.
IPv6 prefix lengths: /64 is standard for LANs.
EUI-64: insert FFFE, flip bit.
Edge Cases the Exam Loves to Test
APIPA: When DHCP fails, Windows assigns 169.254.x.x/16. This is a common question: 'What address does a host get if DHCP is unavailable?'
Anycast: Multiple devices share the same IP; the network routes to the nearest. Often tested with DNS root servers.
IPv6 multicast scope: ff02::1 (link-local all-nodes), ff02::2 (all-routers).
SLAAC vs. DHCPv6: SLAAC uses RAs; DHCPv6 is optional.
How to Eliminate Wrong Answers
If an answer mentions 'broadcast' for IPv6, eliminate it.
If an answer says 'IPv4 uses 128 bits,' eliminate it.
For subnet questions, calculate the number of hosts: 2^n - 2. If the answer doesn't match, eliminate it.
For private IP questions, check if the address falls in RFC 1918 ranges. If not, eliminate.
Private IPv4 ranges: 10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16.
APIPA uses 169.254.0.0/16 when DHCP fails.
IPv6 does not use broadcast; it uses multicast (ff00::/8).
IPv6 link-local addresses start with fe80::/10.
EUI-64: insert FFFE and flip the 7th bit (U/L bit).
A /30 subnet provides 2 usable host addresses.
IPv6 loopback is ::1/128; IPv4 loopback is 127.0.0.0/8.
CIDR notation (e.g., /24) replaced classful addressing.
SLAAC uses Router Advertisements for address configuration; DHCPv6 is optional.
Dual stack is the preferred transition technology (both IPv4 and IPv6).
IPv6 header is fixed at 40 bytes; no checksum.
Multicast addresses: ff02::1 (all nodes), ff02::2 (all routers).
These come up on the exam all the time. Here's how to tell them apart.
IPv4
32-bit address space (4.3 billion addresses)
Dotted-decimal notation (e.g., 192.168.1.1)
Uses ARP for address resolution
Uses broadcast for some functions
Header includes checksum; routers can fragment packets
IPv6
128-bit address space (340 undecillion addresses)
Colon-hexadecimal notation (e.g., 2001:db8::1)
Uses NDP (Neighbor Discovery Protocol) with ICMPv6
No broadcast; uses multicast (e.g., ff02::1)
No header checksum; only source host can fragment (Path MTU Discovery)
Mistake
IPv6 addresses are always 128 bits long, but you can shorten them arbitrarily.
Correct
IPv6 addresses are 128 bits. Shortening rules allow omitting leading zeros and replacing one contiguous block of zeros with ::. You cannot replace multiple blocks with :: because it would be ambiguous. For example, 2001:0db8:0000:0000:0000:0000:1428:57ab can be shortened to 2001:db8::1428:57ab, but not to 2001:db8::1428::57ab (invalid).
Mistake
IPv4 addresses are divided into classes A, B, C, D, and E, and this is still used today.
Correct
Classful addressing is obsolete. Modern networks use Classless Inter-Domain Routing (CIDR) with variable-length subnet masks. The exam may test classful ranges for historical understanding, but real-world subnetting uses CIDR notation (e.g., /24).
Mistake
The loopback address for IPv4 is 127.0.0.1 and for IPv6 it's 0:0:0:0:0:0:0:1.
Correct
While 127.0.0.1 is the most common loopback address, the entire 127.0.0.0/8 block is reserved for loopback. IPv6 loopback is ::1/128, often written as ::1.
Mistake
NAT is required to connect to the internet, and IPv6 eliminates the need for it.
Correct
NAT is not required for IPv4 either — you can have public IPs on all devices. However, due to IPv4 exhaustion, NAT is commonly used. IPv6 provides enough addresses so that every device can have a globally unique public IP, restoring end-to-end connectivity without NAT.
Mistake
IPv6 addresses are case-sensitive.
Correct
IPv6 hexadecimal digits are case-insensitive. '2001:DB8::1' is equivalent to '2001:db8::1'. However, lowercase is conventionally used for consistency.
Reveal each answer, then mark whether you got it right. Score 60%+ to unlock the next chapter.
Public IPv4 addresses are globally routable on the internet, assigned by IANA and RIRs. Private IPv4 addresses (RFC 1918: 10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16) are not routable on the public internet and are used within private networks. Devices with private addresses need NAT to communicate with the internet. The exam tests your ability to identify which addresses are private.
Use the formula 2^(32 - prefix) - 2. For a /24 subnet, 2^(32-24) - 2 = 2^8 - 2 = 256 - 2 = 254 usable hosts. Subtract 2 for the network address (all host bits 0) and broadcast address (all host bits 1). For a /30, it's 2^2 - 2 = 4 - 2 = 2 usable hosts. Common exam values: /24 = 254, /25 = 126, /26 = 62, /27 = 30, /28 = 14, /29 = 6, /30 = 2.
EUI-64 is a method to generate a 64-bit interface ID from a 48-bit MAC address for IPv6 stateless address autoconfiguration (SLAAC). Steps: 1) Split the MAC into two 24-bit halves. 2) Insert FFFE (16 bits) in the middle. 3) Flip the 7th bit (U/L bit) — if the MAC is globally unique, set the bit to 1. Example: MAC 00:1A:2B:3C:4D:5E becomes 021A:2BFF:FE3C:4D5E. The resulting interface ID is combined with a /64 prefix to form the full IPv6 address.
IPv6 replaced broadcast with multicast to reduce network overhead. Instead of sending a packet to all hosts (which forces every host to process it), IPv6 sends to a specific multicast group that only interested hosts join. For example, the all-nodes multicast address ff02::1 replaces the limited broadcast (255.255.255.255). Neighbor Discovery uses solicited-node multicast (ff02::1:ffxx:xxxx) instead of ARP broadcast. This reduces unnecessary processing on hosts not involved in the communication.
SLAAC (Stateless Address Autoconfiguration) allows hosts to generate their own IPv6 address using Router Advertisements (RAs) from the local router. The host combines the prefix from the RA with its own interface ID (EUI-64 or random). SLAAC does not provide DNS server information unless combined with stateless DHCPv6. DHCPv6 (stateful) assigns addresses and other configuration (DNS, domain) from a DHCPv6 server, similar to IPv4 DHCP. SLAAC is simpler and requires no server, but DHCPv6 offers more control. The exam expects you to know that SLAAC uses RAs and that DHCPv6 can be stateless (only additional info) or stateful (addresses).
The loopback address (127.0.0.1 for IPv4, ::1 for IPv6) is used to test network software on the local host without sending packets onto the physical network. It is a virtual interface that always points back to the same device. Network engineers use `ping 127.0.0.1` or `ping ::1` to verify that the TCP/IP stack is installed and functioning correctly. The entire 127.0.0.0/8 block is reserved for loopback, but 127.0.0.1 is the standard address.
In IPv4, routers can fragment packets when the MTU is smaller than the packet size. The router splits the packet and sets the More Fragments (MF) flag. The destination reassembles. In IPv6, only the source host can fragment. Routers do not fragment; instead, they drop the packet and send an ICMPv6 Packet Too Big message back to the source with the next-hop MTU. The source then uses Path MTU Discovery (PMTUD) to determine the smallest MTU along the path and fragments all subsequent packets to that size. This reduces router processing and avoids reassembly overhead at intermediate nodes.
You've just covered IPv4 and IPv6 Addressing — now see how well it sticks with free N10-009 practice questions. Full explanations included, no account needed.
Done with this chapter?