What is an IP Address?

Published on August 24, 2022

IP Address in IPv4 and IPv6 formats

Everything you wanted to know about IP addresses is in this article. If you do not find what you were looking for, please contact me and I will add the relevant information to this article.

What is an IP Address?

An IP address is a series of numbers that uniquely identifies a device on the network. Think of it as a telephone number or mailing address. Any device that gets on the network or Internet will be allocated an IP address by the Internet Service Provider (ISP). An IP address is retained by the device for a limited period of time, either temporarily or permanently.

There are two types of IP addresses versions - IPv4 and IPv6.

  • IPv4 version: An example of an IPv4 address is 129.130.10.18. The default IP address that you see is an IPv4 address.
  • IPv6 version: An example of an IPv6 address is 0000:0000:0000:0000:0000:ffff:8182:0a12.

IPv4 address

An IP address in IPv4 consists of four numbers separated by dots. This is written in the regular decimal notation. Each of these decimal numbers is called an octet. In reality, the computer deals with binary numbers (base-2) instead of decimal numbers. An IPv4 address is a 32-bit number. There are four 8-bit octets in an IPv4 address. Each octet has a range of 00000000 to 111111112, which, in decimal, is 0 to 255.

Therefore, valid IP addresses in IPv4 format have a range from 0.0.0.0 to 255.255.255.255. If you see an IP address with an octet greater than 255, it is not valid and you probably would have seen it in the movies.

Doing the math, there are 256 x 256 x 256 x 256 = 4,294,967,296, which is about 4.3 billion IP addresses in the IPv4 format. What if there are more than 4.3 billion devices on the Internet? That's where IPv6 comes in.

IPv4 format

[0-255].[0-255].[0-255].[0-255]

IPv6 address

An IP address in IPv6 format is a 128-bit number. Instead of four decimal numbers separated by dots, there are eight hexadecimal numbers separated by colons. Each of these hexadecimal numbers is called a hextet. A hextet is a 4-digit hexadecimal number with values from 0000 to FFFF (232 = 65,536 values). You can skip the leading zeroes in a hextet.

Doing the math, there are 65,5368 = 340282366920938463463374607431768211456. Mathematically, that number is 340 undecillion, and we may never run out of so many devices connected to the network. 😀

IPv6 format

[0000-FFFF]:[0000-FFFF]:[0000-FFFF]:[0000-FFFF]:[0000-FFFF]:[0000-FFFF]:[0000-FFFF]:[0000-FFFF]

What is a Hostname?

A hostname is a label, computer name or site name assigned to a device on a network. A hostname uniquely identifies the computer on the local network. An IP address can be associated with one or more hostnames, and a hostname can be associated with one or more IP addresses.

For example, the hostname bing.com points to multiple IP addresses 13.107.21.200 and 204.79.197.200. The IP address 17.253.144.10 resolves to multiple hostnames apple.com and icloud.com.

Hostname to IP address mapping is done by Domain Name System (DNS). Think of DNS as a phonebook which contains phone numbers and their associated names and addresses. Hostnames are resolved to their IP address(es) using DNS lookups.

Private IP address vs public IP address

A private IP address is an IP address that allows it to communicate with other devices which belong to the same local area network (LAN). It cannot be used to communicate with devices outside of the LAN.

Your router will assign private IP addresses to all devices that connect to the LAN. Every home network, corporate network or LAN will have its own private IP addresses.

The IP address ranges of private IP addresses are:

  • 192.168.0.0 to 192.168.255.255
  • 10.0.0.0 to 10.255.255.255
  • 172.16.0.0 to 172.16.255.255

If your home computer is connected to your home LAN with a private IP address of 192.168.1.10, and your office computer is connected to the office LAN with an IP address of 192.168.1.20, you cannot make a network connection using the two private IP addresses because they are not on the same local network.

Your router would be assigned a public IP address by the ISP, and this public IP address is displayed as the public IP address for all the devices connected on the local network.

Two devices on a local network cannot have the same private IP address at the same time.

Similarly, two devices on the Internet cannot have the same public IP address at the same time.

Who assigns IP addresses?

Your Internet Service Provider (ISP) assigns a public IP address to your router.

Your router assigns private IP addresses to all devices connected to your local network.

Can people be tracked using their IP address?

It may or may not be possible; the accuracy varies depending on many factors. You can track an IP address up to its ISP's geographical location. This is done using a whois command. The output of whois may include the address of the ISP, or at least the city and country.

In a few cases where the IP addresses are statically assigned, you may get to the actual physical location of the person who was assigned that IP address. This is not very common, though.

Real Incident #1 where I tracked an abusive email

22 years ago, an Indian classmate received a bigoted email targeting his religion. I tracked the email using a simple whois and found that the email was sent by another Indian guy in the same computer lab in Kansas. The lab had many public computers that could be used by anyone, but they were all hardwired using ethernet cables and had fixed hostnames. The hostnames were of the pattern computer1.dept.ksu.edu, computer2.xyz.dept.ksu.edu and so on. I figured that the culprit was the guy who regularly sat there. He also had a notorious reputation of verbally saying nasty things to everyone around.

Real Incident #2 where I helped a friend track an email from a cheating spouse

Two decades ago, a friend suspected her husband of cheating on her. The husband was supposedly out of the country at that time. My friend forwarded me an email sent by him to her. After finding the IP address from the email headers, I traced his physical location to a dorm room in the same country as his wife (he was not in the other country). This was possible because the ISP of that University hardcoded hostnames with a pattern that contained the dorm room number; something like room #12b in dorm ABC, denoted by 12b.abcdorm.up.edu.ph.

Not all dorms or universities have naming patterns like this, but this one did, almost two decades ago.

Most cases of tracking IP addresses in emails

I helped a number of people track emails down to the city or province of the ISP. Many of the email senders were at their homes or an Internet cafe where the IP address is dynamic, that is, it changes everytime the router is rebooted or the ISP decides it's time to cycle through the IP addresses.

In that case, the margin of error would increase and there would sometimes be an 80% chance that the city/province was correct. A few times, the IP address tracing would wrongly show a different country. This was because there was a gateway was set up elsewhere, and the IP addresses would be assigned from there.

Do emails contain IP addresses?

Yes, emails contain IP addresses of the sender. But in recent years, the emails have contained proxy IP addresses of the email provider. So when you do a lookup, you end up getting the email provider's IP address and not the real sender's IP address.

IP address in email sent from a Gmail account

If you send an email using Gmail from the web browser, your real IP address will never be included in the email. Instead, Gmail email server's IP address will be sent as the recipient's email.

However, if you send an email using a desktop email client such as Outlook, Apple Mail or Thunderbird, your real IP address will be sent in the email header.

IP address in email sent from an Outlook 365 email account

Similarly, if you send an email using Outlook 365 from the web browser, your real IP address will never be included in the email. The recipient will only see Live or Outlook's email server's IP address as the recipient's email.

And, if you send an email using Outlook, Apple Mail or Thunderbird, your real IP address will be sent in the email header.

Is IPv6 faster than IPv4?

Yes, IPv6 is slightly faster than IPv4. Akamai recently measured their speeds and concluded that websites load 5% faster on IPv6. The real benefit of IPv6 is it supports way more devices on the Internet than IPv4.

How many IP addresses exist worldwide?

There are more than 4.294 billion IPv4 IP addresses. In November 2019, RIPE made the final IPv4 allocation. However, IP address pool get allocated and deleted/released all the time.

There are 340 trillion trillion trillion IPv6 IP addresses. That is 3.4 x 1038 unique IP addresses. That should be enough for earthlings and possibly residents of other planets in our solar system.

What is a subnet?

A subnet is a segmented piece of a larger network. An IP network is logically partitioned into smaller network fragments. When you divide a network into two or more networks, it is called subnetting.

Examples of subnet

As an example, look at IP address 129.130.1.1

If we use a subnet mask of 255.255.255.0, we have an IP range from 129.130.1.0 to 129.130.1.255.

We can have up to 256 IP addresses in this subnet.

Using another example, look at IP address 129.130.4.52

If we use a subnet mask of 255.255.0.0, we have an IP range from 129.130.0.0 to 129.130.255.255.

We can have up to 256 x 256 = 65,536 IP addresses in this subnet.

Subnetting and CIDR are far more complex than this and beyond the scope of this article. This is just an introduction to subnetting.

Broadcast vs multicast vs unicast

Every network or subnet has a fixed broadcast IP address. A message can be sent to all devices on the subnet using a broadcast IP address. You do not need to know their individual IP addresses of the recipients.

A multicast IP address is an IP address where a specific group of devices act as default recipients for messages.

A unicast IP address is an IP address where all messages go to one device on the network.

In all these three modes (BUM traffic), network traffic is forwarded to multiple destinations without knowing the IP addresses of the recipients. They are not individually addressed.

Ping vs traceroute

Ping is a command to verify if a device is on the network. It decides whether a device is reachable.

For example, to check whether bing.com is accessible, I run this:

$ ping bing.com
PING bing.com (13.107.21.200): 56 data bytes
64 bytes from 13.107.21.200: icmp_seq=0 ttl=117 time=9.943 ms
64 bytes from 13.107.21.200: icmp_seq=1 ttl=117 time=11.856 ms
64 bytes from 13.107.21.200: icmp_seq=2 ttl=117 time=15.763 ms
64 bytes from 13.107.21.200: icmp_seq=3 ttl=117 time=14.743 ms
^C
--- bing.com ping statistics ---
4 packets transmitted, 4 packets received, 0.0% packet loss
round-trip min/avg/max/stddev = 9.943/13.076/15.763/2.308 ms

The hostname bing.com is resolved to its IP address 13.107.21.200 and a packet is sent to it. The server at IP address 13.107.21.200 acknowledges the ping and sends an acknowledgement. It also measures round trip time and errors.

Traceroute is like a longer form of ping, where it not only checks for the reachability of the device, but also tracks the route in the form of number of hops, or intermediate devices between your computer and the device you are trying to traceroute to.

For example, running a traceroute to bing.com, I run this:

$ traceroute bing.com
traceroute: Warning: bing.com has multiple addresses; using 13.107.21.200
traceroute to bing.com (13.107.21.200), 64 hops max, 52 byte packets
 1  192.168.1.1 (192.168.1.1)  5.837 ms  1.279 ms  1.152 ms
 2  lo0-100.washdc-vfttp-303.verizon-gni.net (108.51.157.10)  14.730 ms  11.891 ms  8.535 ms
 3  100.41.25.156 (100.41.25.156)  10.350 ms  11.432 ms
    100.41.25.154 (100.41.25.154)  13.099 ms
 4  * * *
 5  internet-gw.customer.alter.net (204.148.79.2)  16.798 ms  12.781 ms  9.838 ms
 6  ae34-0.icr01.bl7.ntwk.msn.net (104.44.233.18)  12.918 ms  21.679 ms
    ae37-0.icr01.bl20.ntwk.msn.net (104.44.233.233)  8.506 ms
 7  ae26-0.ier01.ash.ntwk.msn.net (104.44.40.62)  9.541 ms  9.459 ms
    ae20-0.bl2-96c-1a.ntwk.msn.net (104.44.237.24)  11.650 ms
 8  * * *
 9  * * *
10  * *^C

I pressed Ctrl+C to stop the process halfway because it got stuck at hop #8.

Conclusion

This is just a lay person's introduction to IP addresses and associated terminology. For more academic or detailed information, please stay tuned. You can also subscribe to our RSS feeds or email subscription.

If you have any questions, please contact me at arulbOsutkNiqlzziyties@gNqmaizl.bkcom. You can also post questions in our Facebook group. Thank you.

Related Posts

If you have any questions, please contact me at arulbOsutkNiqlzziyties@gNqmaizl.bkcom. You can also post questions in our Facebook group. Thank you.

Disclaimer: Our website is supported by our users. We sometimes earn affiliate links when you click through the affiliate links on our website.

Published on August 24, 2022