IP addressing is the foundation of networking. Understanding how to assign, manage, and subnet IP addresses is critical for every DevOps engineer.
What is an IP Address?
An IP address is a unique identifier for a device on a network. It answers the question: "Which device is this?"
IPv4 Format:
192.168.1.100
Four octets (0-255) separated by dots
Each octet = 8 bits = 1 byte
Total: 32 bits = 4,294,967,296 possible addresses (exhausted!)
IPv6 Format:
2001:0db8:85a3:0000:0000:8a2e:0370:7334
Eight groups of hex values
128 bits = 3.4 × 10^38 possible addresses (effectively unlimited)
IP Address Classes (Legacy - Still Useful)
Before CIDR, addresses were assigned in rigid classes:
| Class | Range | Mask | Networks | Hosts | Use |
|---|---|---|---|---|---|
| A | 1-126 | /8 | 126 | 16M | Large organizations |
| B | 128-191 | /16 | 16K | 65K | Medium organizations |
| C | 192-223 | /24 | 2M | 254 | Small organizations |
| D | 224-239 | - | - | - | Multicast |
| E | 240-255 | - | - | - | Reserved |
Problem with classes: Inflexible, wasteful
- Need 300 addresses? Can't get /25, must get /24 (254 addresses)
- Need 1,000 addresses? Must get /23 (510) or /22 (1,022)
- Solution: CIDR (Classless Inter-Domain Routing)
CIDR Notation
CIDR (Classless Inter-Domain Routing) allows flexible network sizing.
Format:
IP Address / Prefix Length
192.168.1.0 / 24
Meaning:
192.168.1.0/24 means:
- Network: 192.168.1.0
- Prefix length: 24 bits
- Host bits: 32 - 24 = 8 bits
- Hosts available: 2^8 = 256 addresses
Network Mask
The network mask shows which bits are network (1s) and which are host (0s).
Example: /24 Network
IP: 192.168.1.100/24
Binary:
Network: 11000000.10101000.00000001 | 00000100
Mask: 11111111.11111111.11111111 | 00000000
↑ 8 host bits
Dotted Decimal Mask: 255.255.255.0
Network Address: 192.168.1.0 (all host bits = 0)
Broadcast: 192.168.1.255 (all host bits = 1)
Usable: 192.168.1.1 - 192.168.1.254 (254 hosts)
CIDR Notation Examples
| CIDR | Dotted Mask | Hosts | Use Case |
|---|---|---|---|
| /8 | 255.0.0.0 | 16,777,214 | Whole organization |
| /16 | 255.255.0.0 | 65,534 | Large division/department |
| /24 | 255.255.255.0 | 254 | Office floor, building |
| /25 | 255.255.255.128 | 126 | Subnet of office |
| /26 | 255.255.255.192 | 62 | Team subnet |
| /27 | 255.255.255.224 | 30 | Small network |
| /28 | 255.255.255.240 | 14 | Device pair |
| /29 | 255.255.255.248 | 6 | Router-to-router |
| /30 | 255.255.255.252 | 2 | Point-to-point link |
| /31 | 255.255.255.254 | 2 | IPv6-style (RFC 3021) |
| /32 | 255.255.255.255 | 1 | Single host |
Calculating Subnet Sizes
Quick Formula:
Number of addresses = 2 ^ (32 - prefix)
/24 → 2^(32-24) = 2^8 = 256 addresses
/25 → 2^(32-25) = 2^7 = 128 addresses
/26 → 2^(32-26) = 2^6 = 64 addresses
Usable hosts (excluding network and broadcast):
Usable = 2 ^ (32 - prefix) - 2
/24 → 256 - 2 = 254 usable
/25 → 128 - 2 = 126 usable
/30 → 4 - 2 = 2 usable (router links)
Private IP Ranges (RFC 1918)
Reserved for internal networks, never routed on internet:
| Range | CIDR | Scope |
|---|---|---|
| 10.0.0.0 - 10.255.255.255 | 10.0.0.0/8 | Private (Class A) |
| 172.16.0.0 - 172.31.255.255 | 172.16.0.0/12 | Private (Class B) |
| 192.168.0.0 - 192.168.255.255 | 192.168.0.0/16 | Private (Class C) |
Other Reserved Ranges:
| Range | Purpose |
|---|---|
| 127.0.0.0/8 | Loopback (local machine) |
| 169.254.0.0/16 | Link-local (auto-assigned when DHCP fails) |
| 224.0.0.0/4 | Multicast |
| 255.255.255.255/32 | Broadcast all |
| 0.0.0.0/32 | Default route |
Subnetting Example
Scenario: Your company got 192.168.1.0/24, need to create 3 subnets.
Step 1: Determine subdivisions
Need 3 subnets → 2^n subnets
2^1 = 2 (not enough)
2^2 = 4 (ok! gives us room to grow)
Borrow 2 bits from host portion
New prefix: /24 + 2 = /26
Step 2: Calculate subnet size
Original: /24 = 256 addresses
New: /26 = 2^(32-26) = 64 addresses per subnet
Step 3: Create subnets
Subnet 1: 192.168.1.0/26 (0-63)
Network: 192.168.1.0
Usable: 192.168.1.1 - 192.168.1.62
Broadcast: 192.168.1.63
Subnet 2: 192.168.1.64/26 (64-127)
Network: 192.168.1.64
Usable: 192.168.1.65 - 192.168.1.126
Broadcast: 192.168.1.127
Subnet 3: 192.168.1.128/26 (128-191)
Network: 192.168.1.128
Usable: 192.168.1.129 - 192.168.1.190
Broadcast: 192.168.1.191
Subnet 4: 192.168.1.192/26 (192-255) [spare]
Supernetting (Summarization)
Combine multiple subnets into one larger network:
Subnets:
┌─ 192.168.0.0/24
├─ 192.168.1.0/24
├─ 192.168.2.0/24
└─ 192.168.3.0/24
Supernet (combined):
└─ 192.168.0.0/22 (covers all four)
Benefit: Fewer routing table entries, better performance
VLSM (Variable Length Subnet Mask)
Use different prefix lengths for different purposes:
Company Network: 192.168.0.0/16 (65,534 hosts)
Subdivisions:
├─ Office 1: 192.168.0.0/24 (254 hosts)
├─ Office 2: 192.168.1.0/24 (254 hosts)
├─ Servers: 192.168.2.0/25 (126 hosts) [smaller, more secure]
├─ Printers: 192.168.2.128/28 (14 hosts) [tiny]
├─ Router Links: 192.168.2.144/30 (2 hosts per link)
└─ Spares: rest
Different subnets for different needs!
IP Addressing Best Practices
1. Design Subnets by Function
✓ Separate: offices, servers, storage, guest WiFi
✗ Don't: dump everything in one /16
2. Leave Headroom
✓ Design for 2x growth
✗ Don't: use 254/254 addresses, no room to grow
3. Use Standard Sizes
✓ /24 for most office subnets (254 hosts)
✓ /28 for small LANs (14 hosts)
✓ /25 for security-isolated servers (126 hosts)
✗ Don't: use /27 for everything (hard to plan)
4. Document Your Plan
Create network diagram:
192.168.0.0/22 (Company)
├─ 192.168.0.0/24 Office
├─ 192.168.1.0/24 Servers
├─ 192.168.2.0/25 Database (critical)
├─ 192.168.2.128/26 Storage
└─ Rest: Future expansion
Tools for IP Calculation
Command-line (Linux):
# Calculate subnet info
ipcalc 192.168.1.0/24
# Output:
# Address: 192.168.1.0
# Netmask: 255.255.255.0
# Broadcast: 192.168.1.255
# Usable: 192.168.1.1 - 192.168.1.254Python:
from ipaddress import ip_network
net = ip_network('192.168.1.0/24')
print(f"Network: {net.network_address}")
print(f"Broadcast: {net.broadcast_address}")
print(f"Hosts: {net.num_addresses - 2}")
# Subnetting
subnets = list(net.subnets(new_prefix=26))
for subnet in subnets:
print(subnet)Online Tools:
- jsfiddle.net ipv4 subnet calculator
- mxtoolbox.com subnet calculator
Kubernetes Pod CIDR Planning
In Kubernetes, you need multiple CIDR blocks:
Cluster CIDR: 10.0.0.0/16 (pods can use this)
Service CIDR: 10.1.0.0/16 (Kubernetes services)
Per-Node allocation:
Node 1: 10.0.0.0/24 (254 pods)
Node 2: 10.0.1.0/24 (254 pods)
Node 3: 10.0.2.0/24 (254 pods)
Example: For 3 nodes with 50 pods each:
- Could use /25 per node (126 pods)
- But /24 standard, easier to manage
Troubleshooting IP Issues
"Device can't reach a server"
1. Is server on same subnet?
ping gateway → reaches?
2. If no: Check routing
traceroute destination
ip route show
3. If yes: Check subnet mask
ifconfig (check netmask)
4. If wrong: Device doesn't know where to send traffic
Result: Can't communicate
"Ran out of addresses"
1. Check current utilization
Number of devices vs /24 (254 hosts)
2. If >80%: Plan to subnet or expand
Split /24 into /25 + /25 (126 each)
Or change to /23 (510 hosts)
3. Plan migration during maintenance window
Key Concepts
- IP Address = Unique identifier for device
- CIDR = X.X.X.X/Y format (Y = network bits)
- Subnet = Logical network division
- Netmask = Shows which bits are network bits
- /24 = standard office subnet (254 hosts)
- Private IPs = 10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16
- Subnetting = divide network into smaller parts
- Supernetting = combine networks into larger group
- Always plan for growth in address space
- Document your addressing scheme clearly