Section 1: What Is an IP Address?
Goal: Understand what IPs are and why they matter.
1. What’s an IP Address?
Think of an IP address as a house address for devices (PCs, phones, routers). It tells them where to send or receive data.
IPv4 uses 32 bits, written as 4 numbers (e.g., 192.168.1.1). Each number (0-255) is an octet (8 bits).
Example: Your laptop might be 192.168.1.10, talking to your router at 192.168.1.1.
2. Why Do We Need It?
Devices use IPs to find each other, like how you need a friend’s address to send a letter.
Problem: IPv4 has only 4.3 billion addresses (2³²), and many are reserved, so we’re running low (hello, IPv6!).
Formula: Total IPs = 2³² = 4,294,967,296
FAQs
Why 4 numbers?
32 bits split into 4 octets (8 bits each) make it readable (2⁸ = 256 per octet).
Can IPs change?
Yes, manually or automatically via DHCP (more on that later).
What’s 0.0.0.0?
It means “any IP” or “unknown”—routers use it as a default route.
Section 2: IP Classes (Public and Private)
Goal: Learn how IPs are grouped and the difference between public and private.
1. What Are IP Classes?
IPv4 divides IPs into 5 classes (A, B, C, D, E) based on the first octet. Each has a default size for networks and hosts (devices).
| Class | Range | Default Mask | Network Bits | Host Bits | Total Hosts | Usable Hosts | Use Case |
|---|---|---|---|---|---|---|---|
| A | 1.0.0.0 - 126.0.0.0 | /8 (255.0.0.0) | 8 | 24 | 16,777,216 | 16,777,214 | Big networks |
| B | 128.0.0.0 - 191.255.0.0 | /16 (255.255.0.0) | 16 | 16 | 65,536 | 65,534 | Medium networks |
| C | 192.0.0.0 - 223.255.255.0 | /24 (255.255.255.0) | 24 | 8 | 256 | 254 | Small networks |
| D | 224.0.0.0 - 239.255.255.255 | - | - | - | - | - | Multicast |
| E | 240.0.0.0 - 255.255.255.255 | - | - | - | - | - | Experimental |
Note: 127.0.0.0/8 is loopback (e.g., 127.0.0.1 tests your device).
2. Public vs. Private IPs
Public: Unique worldwide, routable on the internet (e.g., 8.8.8.8 - Google DNS).
Private: Local only, reused in different networks (e.g., 192.168.1.1 at your home and mine).
| Class | Range | Default Mask | Min IP | Max IP | Usable Hosts | Use Case |
|---|---|---|---|---|---|---|
| A | 10.0.0.0 - 10.255.255.255 | /8 | 10.0.0.1 | 10.255.255.254 | 16,777,214 | Big companies |
| B | 172.16.0.0 - 172.31.255.255 | /16 | 172.16.0.1 | 172.31.255.254 | 65,534 | Medium networks |
| C | 192.168.0.0 - 192.168.255.255 | /24 | 192.168.0.1 | 192.168.255.254 | 254 | Home WiFi |
Explanation:
- Class A: /8 = 24 host bits → 2²⁴ - 2 = 16,777,214. Min = 10.0.0.1, Max = 10.255.255.254.
- Class B: /16 = 16 host bits → 2¹⁶ - 2 = 65,534. Min = 172.16.0.1, Max = 172.31.255.254.
- Class C: /24 = 8 host bits → 2⁸ - 2 = 254. Min = 192.168.0.1, Max = 192.168.255.254 (each /24 ends at .254).
Formula: Usable Hosts = 2^(32 - Mask) - 2
FAQs
Why subtract 2?
Network address (e.g., 192.168.0.0) and broadcast (e.g., 192.168.0.255) can’t be used for devices.
Why private IPs?
Saves public IPs—millions of homes use 192.168.1.x without clashing.
Can I mix public and private?
Yes, via NAT (more later).
Section 3: Subnetting and CIDR (Breaking It Down)
Goal: Learn how to split or combine networks, step-by-step.
1. What’s Subnetting?
It’s like chopping a big cake into smaller slices. You take one network (e.g., 192.168.0.0/24) and make smaller ones (e.g., /26).
Why? Organize devices (e.g., IT vs. HR), improve security, reduce traffic.
2. Subnetting Step-by-Step
Start: 192.168.0.0/24 (254 usable hosts).
Goal: 4 subnets.
- How Many Subnets? Need 4 → 2² = 4, so borrow 2 bits.
- New Mask: /24 + 2 = /26.
- Host Bits Left: 32 - 26 = 6.
- Total IPs per Subnet: 2⁶ = 64.
- Usable Hosts: 64 - 2 = 62.
- Ranges:
| Subnet | Range | Usable IPs |
|---|---|---|
| 0 | 192.168.0.0 - 192.168.0.63 | .1 - .62 |
| 1 | 192.168.0.64 - 192.168.0.127 | .65 - .126 |
| 2 | 192.168.0.128 - 192.168.0.191 | .129 - .190 |
| 3 | 192.168.0.192 - 192.168.0.255 | .193 - .254 |
Subnet 0 Explained: Old systems skipped it (confused with network address), but it’s usable now.
3. CIDR (Flexible Sizing)
CIDR lets you pick any mask (e.g., /23) instead of fixed /8, /16, /24.
Example: 192.168.0.0/23 = 510 hosts (2⁹ - 2).
4. Supernetting (e.g., 192.168.0.0/21 to /16)
Combines smaller networks into a big one.
- /21: Mask: 255.255.248.0, Hosts: 2¹¹ - 2 = 2046, Range: 192.168.0.0 - 192.168.7.255 (usable: .0.1 - .7.254). Use: 1000 devices (school).
- /16: Mask: 255.255.0.0, Hosts: 2¹⁶ - 2 = 65,534, Range: 192.168.0.0 - 192.168.255.255 (usable: .0.1 - .255.254). Use: University.
Formulas: Subnets = 2ᴮ (B = borrowed bits), Hosts = 2^(32 - Mask) - 2
5. Common Subnets
| CIDR | Mask | Subnets (from /24) | Usable Hosts | Example Range | Use Case |
|---|---|---|---|---|---|
| /24 | 255.255.255.0 | 1 | 254 | 192.168.0.1 - .254 | Full office |
| /25 | 255.255.255.128 | 2 | 126 | 192.168.0.1 - .126 | Two departments |
| /26 | 255.255.255.192 | 4 | 62 | 192.168.0.1 - .62 | Four teams |
| /23 | 255.255.254.0 | 1 (supernet) | 510 | 192.168.0.1 - 1.254 | 300 CCTVs |
FAQs
Why borrow bits?
Each bit doubles subnets (2¹ = 2, 2² = 4).
What’s subnet 0?
First range (e.g., 192.168.0.0/26)—usable now, skipped in old systems.
Can /21 replace /24 for 510 devices?
Yes, /21 (2046 hosts) fits 510 easily; /24 (254) doesn’t.
Section 4: VLANs vs. Subnets
Goal: Understand VLANs, how they differ from subnets, and why they’re used.
1. What’s a VLAN?
A VLAN is like separate rooms in a house, but all on one switch. It groups devices without needing extra cables or routers.
Uses tags (VLAN IDs) to mark traffic.
2. VLANs vs. Subnets
| Feature | Subnet | VLAN |
|---|---|---|
| What It Is | Splits IPs | Splits switch traffic |
| Layer | 3 (IP layer) | 2 (MAC layer) |
| Example | 192.168.1.0/24 vs. .2.0/24 | VLAN 10 vs. VLAN 20 |
| Device Needed | Router/Firewall | Switch |
3. Why VLANs Over Subnets?
- Security: Guests (VLAN 30) can’t see Servers (VLAN 40).
- Less Chaos: Cuts broadcast traffic (e.g., ARP floods).
- Easier: Move a PC to VLAN 20 without changing its IP.
4. 4 VLAN Example
| VLAN | Purpose | Subnet | Range | Devices |
|---|---|---|---|---|
| 10 | IT | 192.168.1.0/26 | 192.168.1.1 - .62 | 50 PCs |
| 20 | HR | 192.168.1.64/27 | 192.168.1.65 - .94 | 30 PCs |
| 30 | Guests | 192.168.1.128/27 | 192.168.1.129 - .158 | 20 devices |
| 40 | Servers | 192.168.1.192/28 | 192.168.1.193 - .206 | 10 servers |
Why It Matters: Keeps Guests out of Servers, reduces network noise, fits all in one /24.
5. Configuring VLANs
FortiGate (Router)
| Step | Action | Details |
|---|---|---|
| 1 | Add VLAN | Network > Interfaces > New > VLAN, ID: 10, IP: 192.168.1.1/26 |
| 2 | Link to Port | Parent Interface: LAN (e.g., port1) |
| 3 | DHCP | Enable DHCP, Range: 192.168.1.1 - .62 |
| 4 | Policy | Allow VLAN 10 to WAN (internet) |
Cisco Switch
| Step | Action | Details |
|---|---|---|
| 1 | Create VLAN | vlan 10 name IT |
| 2 | Assign Ports | interface range fa0/1-5 switchport mode access switchport access vlan 10 |
| 3 | Trunk to Router | interface fa0/24 switchport mode trunk |
D-Link Switch
| Step | Action | Details |
|---|---|---|
| 1 | VLAN Setup | Web GUI > VLAN > Add, ID: 10, Name: IT |
| 2 | Assign Ports | Ports 1-5: Untagged VLAN 10 |
| 3 | Trunk Port | Port 24: Tagged VLAN 10 |
MikroTik
| Step | Action | Details |
|---|---|---|
| 1 | Add VLAN | /interface vlan add vlan-id=10 interface=ether1 |
| 2 | IP Setup | /ip address add address=192.168.1.1/26 interface=vlan10 |
| 3 | DHCP | /ip dhcp-server add interface=vlan10 |
pfSense
| Step | Action | Details |
|---|---|---|
| 1 | Add VLAN | Interfaces > VLANs > Add, ID: 10, Parent: LAN |
| 2 | Assign Interface | Interfaces > Assign, VLAN 10, IP: 192.168.1.1/26 |
| 3 | DHCP | Services > DHCP Server, Enable on VLAN 10 |
Formula: VLANs don’t change IP math—use Subnet formulas (Hosts = 2^(32 - Mask) - 2)
FAQs
VLANs or subnets alone?
VLANs with subnets are best—VLANs handle traffic, subnets organize IPs.
Why not more subnets?
VLANs save hardware and simplify moves.
How many VLANs?
Up to 4094, but switches limit it (e.g., D-Link might cap at 128).
Section 5: NAT and PAT (Getting Online)
Goal: Learn how private IPs connect to the internet.
1. What’s NAT?
NAT is like a translator—it changes your private IP (e.g., 192.168.1.10) to a public IP (e.g., 203.0.113.1) so you can browse the web.
Types:
- Static NAT: 1 private IP → 1 public IP (e.g., a server).
- Dynamic NAT: Many private IPs → a pool of public IPs.
- PAT (Port Address Translation): Many private IPs → 1 public IP using ports.
2. PAT Explained
PAT is a special NAT that adds port numbers to squeeze lots of devices into one public IP.
How It Works:
- Laptop (192.168.1.10:12345) → Router (203.0.113.1:54321).
- Phone (192.168.1.11:56789) → Router (203.0.113.1:98765).
Real-World: Your home WiFi—10 devices share 1 public IP via PAT.
3. Configuring NAT/PAT
FortiGate
| Step | Action | Details |
|---|---|---|
| 1 | PAT (Default) | Policy & Objects > IPv4 Policy, LAN-to-WAN, Enable NAT |
| 2 | Static NAT | Virtual IPs > New, External: 203.0.113.2, Mapped: 192.168.1.10 |
| 3 | Policy | Allow WAN-to-LAN to Virtual IP |
Cisco
| Step | Action | Details |
|---|---|---|
| 1 | PAT | ip nat inside source list 1 interface Gi0/0 overload access-list 1 permit 192.168.1.0 0.0.0.255 |
| 2 | Static NAT | ip nat inside source static 192.168.1.10 203.0.113.2 |
MikroTik
| Step | Action | Details |
|---|---|---|
| 1 | PAT | /ip firewall nat add chain=srcnat out-interface=ether1 action=masquerade |
| 2 | Static NAT | /ip firewall nat add chain=dstnat dst-address=203.0.113.2 to-addresses=192.168.1.10 |
pfSense
| Step | Action | Details |
|---|---|---|
| 1 | PAT | Firewall > NAT > Outbound, Enable Hybrid Mode |
| 2 | Static NAT | Firewall > NAT > 1:1, External: 203.0.113.2, Internal: 192.168.1.10 |
Formula: PAT Ports = 2¹⁶ = 65,536 per public IP
FAQs
NAT vs. PAT?
NAT is broader (1-to-1 or pool); PAT is many-to-1 with ports.
Why PAT at home?
One public IP handles all your devices cheaply.
Can I skip NAT?
Yes, with public IPs, but they’re rare and costly.
Section 6: Multicast and Experimental IPs
Goal: Understand special IPs for group messaging and testing.
1. Multicast (Class D)
Range: 224.0.0.0 - 239.255.255.255.
Sends data to many devices at once (e.g., live TV).
Examples: 224.0.0.1 (all local devices), 239.255.255.250 (smart TVs).
2. Experimental (Class E)
Range: 240.0.0.0 - 255.255.255.255.
For research, not internet-ready.
Formula: No host calc—fixed ranges
FAQs
Can I set 224.0.0.251 on my PC?
No, you need a private IP (e.g., 192.168.1.10) and join the group.
What if two companies use 224.0.0.252?
Streams clash unless they use unique IPs (e.g., 239.1.1.x).
Class E at home?
Works locally, but no internet.
Section 7: Dynamic IP to Static IP
Goal: Make a changing IP act like a fixed one.
1. Tools
- No-IP: Free DDNS (e.g., myhome.no-ip.com).
- Cloudflare Zero Trust: Secure tunneling.
- DynDNS: DDNS with domains.
2. Configs
FortiGate
| Step | Action | Details |
|---|---|---|
| 1 | Enable DDNS | System > Network > DNS, No-IP, myhome.no-ip.com |
| 2 | WAN | Network > Interfaces, WAN to DHCP, Apply DDNS |
| 3 | VIP | Virtual IPs, Map WAN to 192.168.1.10 |
Cisco
| Step | Action | Details |
|---|---|---|
| 1 | DDNS | ip ddns update method NOIP http add http://user:[email protected] |
| 2 | Apply | interface Gi0/0 ip ddns update NOIP |
MikroTik
| Step | Action | Details |
|---|---|---|
| 1 | DDNS | /ip ddns set enabled=yes hostname=myhome.no-ip.com |
| 2 | NAT | /ip firewall nat add chain=dstnat to-addresses=192.168.1.10 |
pfSense
| Step | Action | Details |
|---|---|---|
| 1 | DDNS | Services > Dynamic DNS, Add No-IP client |
| 2 | Port Forward | Firewall > NAT, Redirect WAN to 192.168.1.10 |
3. Better Protocols
| Protocol | Speed | Security | Use Case |
|---|---|---|---|
| WireGuard | Fast | High | Modern VPN |
| GRE | Fast | Low | Simple tunnels |
| IPsec | Medium | High | Common VPN |
Formula: No math—just config steps
FAQs
Can I skip VPN with dynamic IP?
No, use DDNS or tunnels unless you get static IP.
Why WireGuard?
Faster than IPsec, less lag.
Section 8: Advanced IPv4 Topics
Goal: Explore extra tools and concepts.
- IP Fragmentation: Splits big packets (e.g., 4000 bytes → 1500-byte chunks).
- IPv4 Header: Contains Source IP, Destination IP, TTL (hops).
- ARP: Links IPs to MAC (e.g., 192.168.1.1 → router’s MAC).
- DHCP: Auto-assigns IPs (e.g., 192.168.1.100 - .150). FortiGate: Network > Interfaces > LAN, Enable DHCP.
- Default Gateway: Exit point (e.g., 192.168.1.1 to internet).
- QoS: Prioritizes traffic (e.g., VoIP over downloads).
Formula: No specific math—concept-based
FAQs
Why fragmentation?
Big data needs splitting; avoid with smaller MTU.
What’s TTL?
Limits packet life—drops at 0 to avoid loops.
Section 9: IP-to-IP Routing and Virtual IPs
Goal: Understand how packets travel and why VIPs work.
1. IP-to-IP Routing
Packets hop from IP to IP via routers using tables (e.g., “192.168.2.0/24 go to 203.0.113.1”).
2. Virtual IPs (VIPs)
Why Gateway IP? The public IP (e.g., 203.0.113.1) is what outsiders see; VIP maps it to private (e.g., 192.168.1.10).
FortiGate: Virtual IPs > New, External = WAN IP.
Formula: No math—routing logic
FAQs
Why not internal IP for VIP?
Private IPs don’t work outside your network.
Routing without gateway?
No, it’s your network’s door to the world.
Section 10: Buying and Routing ICANN IPs
Goal: Get and use your own public IPs.
1. How to Buy
Go to an RIR (e.g., ARIN.net). Pay ($500 + $150/year for /24, e.g., 203.0.114.0/24).
2. Routing
Use BGP with your ISP or cloud (e.g., AWS) to announce IPs.
Formula: No math—process-based
FAQs
Why not use locally?
Possible, but public IPs are for internet use.
What’s BGP?
Protocol to share your IPs globally.
Simple Notes for Daily Use
Quick Reference: Key ideas and formulas you can check anytime.
- IP Basics: IPv4 = 32 bits (e.g., 192.168.1.1). Public = Internet, Private = Local.
- Classes: A: /8, 16M hosts (10.x.x.x). B: /16, 65K (172.16-31.x.x). C: /24, 254 (192.168.x.x).
- Subnetting: Subnets = 2ᴮ (B = borrowed bits), Hosts = 2^(32 - Mask) - 2. Example: /24 → /26 = 4 subnets, 62 hosts each.
- VLANs: Splits switch traffic (e.g., VLAN 10 = IT). vs. Subnet: VLAN = Layer 2, Subnet = Layer 3.
- NAT/PAT: NAT: Private → Public. PAT: Many private → 1 public with ports.
- Multicast: 224-239.x.x.x for groups (e.g., streaming).
- Configs (e.g., VLAN 10): FortiGate: Network > VLAN, ID 10, IP 192.168.1.1/26. Cisco: vlan 10, switchport access vlan 10.
IP Subnet Calculator
Calculate Subnets for Your Network
This calculator helps you determine the number of subnets, hosts per subnet, and IP ranges when you subnet a network. It’s directly related to Section 3 of the IPv4 syllabus blog, where we discuss subnetting step-by-step.
CIDR Calculator
Determine Usable Hosts and IP Ranges
This calculator helps you calculate the number of usable hosts and IP ranges for a given CIDR notation (e.g., 192.168.0.0/23). It ties into Section 3 of the blog, where we discuss CIDR and supernetting.
Binary to Decimal Converter
Convert IP Addresses Between Formats
This converter helps you understand IP addresses in binary form, which is useful for learning how IPs work (Section 1 of the blog). For example, convert 192.168.1.1 to binary or vice versa.
Wildcard Mask Calculator
Generate Wildcard Masks for Configurations
This calculator generates wildcard masks for subnet masks, which are used in Cisco configurations (Section 4 and 5 of the blog). For example, a subnet mask of 255.255.255.0 has a wildcard mask of 0.0.0.255.
