IP Addresses, Subnetting & CIDR
An IP address is a unique numerical label for a device on a network. Like a house address tells the postal service where to deliver, an IP address tells the network where to deliver packets.
House address → physical location
IP address → device location on a network (e.g. 192.168.1.10)
IPv4: four octets
IPv4 uses 32 bits, split into 4 octets (8 bits each), written in decimal and separated by dots:
192 . 168 . 1 . 10
11000000 . 10101000 . 00000001 . 00001010
Each octet ranges from 0 to 255 (that is what 8 bits can count: 0–255). So the lowest possible address is 0.0.0.0 and the highest is 255.255.255.255.
Network part vs host part
An address has two pieces:
- the network part, which network you are on, and
- the host part, which specific device on that network.
The subnet mask decides where the split happens. CIDR notation is the short way to write it: /24 means "the first 24 bits are network, the rest are host."
/24 = 255.255.255.0 → 24 network bits, 8 host bits
Reading a /24
Take 192.168.5.133/24:
- Subnet mask: /24 = 255.255.255.0
- Host bits: 32 − 24 = 8, so 2⁸ = 256 total addresses
- Network address: 192.168.5.0 (all host bits 0)
- Broadcast address: 192.168.5.255 (all host bits 1)
- First usable host: 192.168.5.1
- Last usable host: 192.168.5.254
- Usable hosts: 256 − 2 = 254 (one reserved for the network, one for broadcast)
Subnetting simply means dividing one large IP network into smaller logical ones. A smaller prefix (
/16) means more hosts; a larger prefix (/26) means fewer hosts but more separate networks.
Why a tester cares
When you scan a range like 10.0.20.0/24, the CIDR tells you exactly how many hosts could be alive (254) and where the boundaries are. Subnets also hint at structure: web tier, app tier, database tier, often live on different subnets. We will use that idea later when we talk about segmentation.
Try it
Open the terminal and run ip to see an interface, its address, and the /prefix. Then try ifconfig for the classic view of the same thing.