Day 4: IP Addressing, NAT & DHCP

What You'll Learn Today

IPv4 addressing: classful addressing and CIDR
Subnetting: how to divide networks
Private vs. public IP addresses (RFC 1918)
NAT: static, dynamic, and PAT
DHCP and the DORA process
IPv6 overview and addressing

IPv4 Addressing

An IPv4 address is a 32-bit number written in dotted decimal notation: four octets separated by dots (e.g., 192.168.1.100).

Each address has two parts:

Network portion — identifies the network
Host portion — identifies the specific device on that network

Classful Addressing (Historical)

The original IPv4 design divided addresses into classes based on the first few bits.

flowchart TB
    subgraph Classes["IPv4 Address Classes"]
        A["Class A\n1.0.0.0 – 126.255.255.255\n/8 — 16M hosts"]
        B["Class B\n128.0.0.0 – 191.255.255.255\n/16 — 65K hosts"]
        C["Class C\n192.0.0.0 – 223.255.255.255\n/24 — 254 hosts"]
        D["Class D\n224.0.0.0 – 239.255.255.255\nMulticast"]
        E["Class E\n240.0.0.0 – 255.255.255.255\nReserved"]
    end
    style A fill:#3b82f6,color:#fff
    style B fill:#8b5cf6,color:#fff
    style C fill:#22c55e,color:#fff
    style D fill:#f59e0b,color:#fff
    style E fill:#ef4444,color:#fff

Class	First Octet Range	Default Mask	Networks	Hosts per Network
A	1–126	255.0.0.0 (/8)	126	16,777,214
B	128–191	255.255.0.0 (/16)	16,384	65,534
C	192–223	255.255.255.0 (/24)	2,097,152	254
D	224–239	N/A	Multicast	N/A
E	240–255	N/A	Reserved	N/A

Note: 127.0.0.0/8 is reserved for loopback (localhost).

CIDR (Classless Inter-Domain Routing)

Classful addressing wasted huge numbers of addresses. CIDR (introduced in 1993) allows subnet masks of any length, enabling efficient allocation.

CIDR notation: 192.168.1.0/24 — the /24 means the first 24 bits are the network portion.

CIDR	Subnet Mask	Usable Hosts
/8	255.0.0.0	16,777,214
/16	255.255.0.0	65,534
/24	255.255.255.0	254
/25	255.255.255.128	126
/26	255.255.255.192	62
/27	255.255.255.224	30
/28	255.255.255.240	14
/30	255.255.255.252	2
/32	255.255.255.255	1 (host route)

Formula: Usable hosts = 2^(32 - prefix) - 2 (subtract network and broadcast addresses).

Subnetting

Subnetting divides a single network into smaller sub-networks. This improves security, reduces broadcast traffic, and makes efficient use of IP address space.

Subnetting Example

Given: 192.168.10.0/24 — create 4 subnets.

We need 2 extra bits for 4 subnets (2^2 = 4), so the new prefix is /26.

flowchart TB
    subgraph Original["192.168.10.0/24 (254 hosts)"]
        S1["Subnet 1\n192.168.10.0/26\nHosts: .1 – .62"]
        S2["Subnet 2\n192.168.10.64/26\nHosts: .65 – .126"]
        S3["Subnet 3\n192.168.10.128/26\nHosts: .129 – .190"]
        S4["Subnet 4\n192.168.10.192/26\nHosts: .193 – .254"]
    end
    style S1 fill:#3b82f6,color:#fff
    style S2 fill:#8b5cf6,color:#fff
    style S3 fill:#22c55e,color:#fff
    style S4 fill:#f59e0b,color:#fff

Subnet	Network Address	First Host	Last Host	Broadcast
1	192.168.10.0	192.168.10.1	192.168.10.62	192.168.10.63
2	192.168.10.64	192.168.10.65	192.168.10.126	192.168.10.127
3	192.168.10.128	192.168.10.129	192.168.10.190	192.168.10.191
4	192.168.10.192	192.168.10.193	192.168.10.254	192.168.10.255

Subnetting Steps

Determine how many subnets you need.
Calculate the number of bits to borrow: 2^n >= required subnets.
New prefix = original prefix + borrowed bits.
Calculate the block size (increment): 256 - last subnet mask octet.
List the subnets starting from 0, incrementing by the block size.

Private vs. Public IP Addresses

RFC 1918 defines three ranges of private IP addresses that are not routable on the public Internet. Any organization can use them internally.

flowchart LR
    subgraph Private["Private Network (RFC 1918)"]
        PC["192.168.1.10"]
        SRV["10.0.0.5"]
    end
    subgraph NAT_Device["NAT Router"]
        NAT["Translates\nPrivate ↔ Public"]
    end
    subgraph Public["Public Internet"]
        WEB["203.0.113.50\n(Web Server)"]
    end
    PC --> NAT
    SRV --> NAT
    NAT --> WEB
    style Private fill:#3b82f6,color:#fff
    style NAT_Device fill:#f59e0b,color:#fff
    style Public fill:#22c55e,color:#fff

RFC 1918 Range	CIDR	Class	Number of Addresses
10.0.0.0 – 10.255.255.255	10.0.0.0/8	A	16,777,216
172.16.0.0 – 172.31.255.255	172.16.0.0/12	B	1,048,576
192.168.0.0 – 192.168.255.255	192.168.0.0/16	C	65,536

Public IP addresses are globally unique and routable on the Internet. They are assigned by Regional Internet Registries (RIRs) such as ARIN, RIPE, and APNIC.

NAT (Network Address Translation)

NAT translates private IP addresses to public IP addresses (and vice versa), allowing multiple internal devices to share one or a few public IPs.

Types of NAT

flowchart TB
    subgraph NAT_Types["NAT Types"]
        subgraph Static["Static NAT"]
            S_Desc["1 private IP ↔ 1 public IP\nPermanent mapping"]
        end
        subgraph Dynamic["Dynamic NAT"]
            D_Desc["Private IPs → Pool of public IPs\nFirst-come, first-served"]
        end
        subgraph PAT["PAT (Overload)"]
            P_Desc["Many private IPs → 1 public IP\nDifferentiated by port number"]
        end
    end
    style Static fill:#3b82f6,color:#fff
    style Dynamic fill:#8b5cf6,color:#fff
    style PAT fill:#22c55e,color:#fff

NAT Type	Mapping	Use Case
Static NAT	One-to-one (permanent)	Hosting a public server behind NAT
Dynamic NAT	Many-to-many (from a pool)	Organizations with multiple public IPs
PAT (Port Address Translation)	Many-to-one (port-based)	Home routers — most common NAT type

How PAT Works

PAT (also called NAT Overload) is the most common form. A home router uses a single public IP but differentiates connections using port numbers.

Internal Source	NAT Translation	External Destination
192.168.1.10:50001	203.0.113.1:40001	8.8.8.8:53
192.168.1.11:50002	203.0.113.1:40002	8.8.8.8:53
192.168.1.12:50003	203.0.113.1:40003	93.184.216.34:443

The router maintains a NAT translation table mapping each internal IP:port to a unique external port.

DHCP (Dynamic Host Configuration Protocol)

DHCP automatically assigns IP addresses and other network configuration to devices. Without DHCP, every device would need manual IP configuration.

The DORA Process

DHCP uses a four-step process called DORA:

sequenceDiagram
    participant C as Client
    participant S as DHCP Server
    C->>S: 1. DISCOVER (broadcast)
    Note over C: "Is there a DHCP server?"
    S->>C: 2. OFFER (unicast/broadcast)
    Note over S: "Here's an available IP"
    C->>S: 3. REQUEST (broadcast)
    Note over C: "I'll take that IP"
    S->>C: 4. ACK (unicast/broadcast)
    Note over S: "Confirmed — it's yours"

Step	Message	Direction	Description
D	Discover	Client → Broadcast	Client searches for DHCP servers
O	Offer	Server → Client	Server offers an IP address and configuration
R	Request	Client → Broadcast	Client requests the offered address
A	Acknowledge	Server → Client	Server confirms the lease

DHCP Lease

The assigned IP address has a lease time. When the lease expires, the client must renew it. Renewal typically happens at 50% of the lease time (T1) and again at 87.5% (T2).

What DHCP Provides

Parameter	Example
IP address	192.168.1.100
Subnet mask	255.255.255.0
Default gateway	192.168.1.1
DNS servers	8.8.8.8, 8.8.4.4
Lease time	86400 seconds (24 hours)
Domain name	example.local

IPv6 Overview

IPv4's 32-bit address space provides roughly 4.3 billion addresses — not enough for the modern world. IPv6 uses 128-bit addresses, providing 3.4 × 10^38 addresses.

IPv6 Address Format

IPv6 addresses are written as eight groups of four hexadecimal digits, separated by colons:

2001:0db8:85a3:0000:0000:8a2e:0370:7334

Shortening rules:

Leading zeros in each group can be omitted: 2001:db8:85a3:0:0:8a2e:370:7334
One consecutive group of all-zero fields can be replaced with ::: 2001:db8:85a3::8a2e:370:7334

IPv4 vs. IPv6

Feature	IPv4	IPv6
Address size	32 bits	128 bits
Address notation	Dotted decimal (192.168.1.1)	Hexadecimal colon (2001:db8::1)
Address space	~4.3 billion	~3.4 × 10^38
Header size	20–60 bytes	40 bytes (fixed)
Fragmentation	Routers and sender	Sender only
Broadcast	Yes	No (uses multicast)
NAT	Widely used	Generally unnecessary
IPsec	Optional	Built-in
Auto-configuration	DHCP	SLAAC + DHCPv6

IPv6 Address Types

flowchart TB
    subgraph Types["IPv6 Address Types"]
        UC["Unicast\nOne-to-one"]
        MC["Multicast\nOne-to-many"]
        AC["Anycast\nOne-to-nearest"]
    end
    style UC fill:#3b82f6,color:#fff
    style MC fill:#8b5cf6,color:#fff
    style AC fill:#22c55e,color:#fff

Type	Prefix	Description
Global Unicast	2000::/3	Equivalent to public IPv4 addresses
Link-Local	fe80::/10	Auto-configured, used on local link only
Unique Local	fc00::/7	Equivalent to private IPv4 (RFC 1918)
Multicast	ff00::/8	One-to-many delivery
Loopback	::1/128	Equivalent to 127.0.0.1

Summary

Summary Table

Concept	Key Point
IPv4 classes	A (/8), B (/16), C (/24) — historical; replaced by CIDR
CIDR	Classless addressing allowing any prefix length
Subnetting	Borrowing host bits to create smaller networks
Private IPs	10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16 — not routable on Internet
Static NAT	1:1 permanent mapping (servers)
PAT	Many:1 mapping using port numbers (home routers)
DHCP DORA	Discover → Offer → Request → Acknowledge
IPv6	128-bit addresses; eliminates need for NAT

Key Takeaways

CIDR replaced wasteful classful addressing with flexible prefix-length subnetting.
Subnetting divides networks for better security, performance, and address efficiency.
RFC 1918 private addresses require NAT to access the public Internet.
PAT is the most common NAT type — your home router uses it right now.
DHCP automates IP assignment via the DORA process.
IPv6 solves address exhaustion with 128-bit addresses and eliminates the need for NAT.

Practice Problems

Beginner

What are the three RFC 1918 private address ranges? Which class does each correspond to?
A device receives the IP address 192.168.1.50/24. What is the network address, broadcast address, and default gateway (assuming the gateway is .1)?
What does DORA stand for in DHCP? Briefly describe each step.

Intermediate

You are given the network 10.0.0.0/8 and need to create 16 subnets. What is the new prefix length? How many hosts can each subnet support? List the first three subnet addresses.
Explain how PAT allows 100 devices on a home network to share a single public IP address. What happens if two internal devices use the same source port?
Convert the IPv6 address 2001:0db8:0000:0000:0000:0000:0000:0001 to its shortest form. What type of address is it?

Advanced

A company has been allocated 172.20.0.0/16. They need: 1 subnet with 500 hosts, 4 subnets with 100 hosts each, and 8 subnets with 25 hosts each. Design a VLSM (Variable Length Subnet Mask) addressing scheme that wastes the fewest addresses.
Explain why NAT breaks end-to-end connectivity and how this affects protocols like FTP (active mode), SIP, and IPsec. What mechanisms (e.g., STUN, TURN, ALG) are used to work around these issues?
An organization is transitioning from IPv4 to IPv6. Compare three migration strategies: dual stack, tunneling (6to4, Teredo), and NAT64/DNS64. What are the trade-offs of each approach?

References

RFC 1918 — Address Allocation for Private Internets
RFC 4632 — Classless Inter-domain Routing (CIDR)
RFC 2131 — Dynamic Host Configuration Protocol (DHCP)
RFC 8200 — Internet Protocol, Version 6 (IPv6) Specification
Odom, W. — CCNA 200-301 Official Cert Guide, Volume 1

Next Up

In Day 5, we explore Routing — how routers make forwarding decisions using routing tables, the difference between static and dynamic routing, and the key protocols: RIP, OSPF, and BGP.