1. Library
  2. IP Addresses
  3. Fundamentals

Understanding IP Address Ranges

Обновено 5 hours ago

Look up any IP address on the Internet, and you'll find something like this:

NetRange:  98.0.0.0 - 98.255.255.255
CIDR:      98.0.0.0/8
OrgName:   AT&T Corp

That's a WHOIS record. It tells you that every IP address from 98.0.0.0 through 98.255.255.255—over 16 million addresses—belongs to AT&T. Not scattered randomly across the number space. All of them, in one contiguous block.

This isn't a coincidence. It's how the entire Internet was built.

What an IP Address Range Actually Is

An IP address range is exactly what it sounds like: a starting address, an ending address, and every address in between. When you see 203.0.113.0 - 203.0.113.255, that means 203.0.113.0, 203.0.113.1, 203.0.113.2... all the way through 203.0.113.255. That's 256 addresses.

The dash notation is the most human-readable way to express this. You see the boundaries immediately. No math required.

But there's a reason these ranges always start and end at specific numbers—and it has everything to do with how binary works.

Why Ranges Follow Binary Boundaries

IP addresses are 32-bit numbers. We write them as four decimal numbers separated by dots for our convenience, but routers see them as a single string of 32 ones and zeros.

Here's what matters: routers make forwarding decisions by looking at the leftmost bits of an address. If two addresses share their first 24 bits, they belong to the same network. A router doesn't need separate instructions for each one—it can handle all of them with a single rule.

This only works if addresses are allocated in contiguous blocks that fall on binary boundaries. A block of 256 addresses starts where the last 8 bits are all zeros and ends where they're all ones. A block of 65,536 starts where the last 16 bits are all zeros.

That's why you'll see ranges like:

RangeSizePattern
10.0.0.0 - 10.0.0.255256 addressesLast 8 bits vary
172.16.0.0 - 172.16.255.25565,536 addressesLast 16 bits vary
44.0.0.0 - 44.255.255.25516,777,216 addressesLast 24 bits vary

You'll never see a range like 10.0.0.100 - 10.0.1.50. That would straddle a binary boundary, and no single routing rule could describe it. The range would be invisible to the routing system.

Range Notation vs. CIDR Notation

The same block of addresses can be written two ways:

  • Range notation: 198.51.100.0 - 198.51.100.255
  • CIDR notation: 198.51.100.0/24

Range notation spells out the first and last address. CIDR notation gives the first address and a number after the slash that tells you how many leading bits are fixed. The /24 means the first 24 bits are the network part, leaving 8 bits for individual addresses—which gives you 256 addresses (2⁸ = 256).

Both describe the same thing. Range notation is easier for humans to read at a glance. CIDR notation is more compact and is what routers, firewalls, and most networking tools actually use.

Here's a quick reference:

CIDRRange SizeExample Range
/321 addressA single IP
/24256 addresses192.168.1.0 - 192.168.1.255
/1665,536 addresses172.16.0.0 - 172.16.255.255
/816,777,216 addresses10.0.0.0 - 10.255.255.255

The smaller the CIDR number, the larger the block. A /8 is enormous. A /32 is a single address.

How the Internet Got Carved Up

Every IP address on the Internet has a chain of custody. The allocation works like this:

IANA (the Internet Assigned Numbers Authority) holds the master list. It allocates large blocks—historically in /8 chunks of 16.7 million addresses—to five Regional Internet Registries (RIRs), each responsible for a different part of the world1:

  • ARIN — North America, parts of the Caribbean
  • RIPE NCC — Europe, the Middle East, Central Asia
  • APNIC — Asia Pacific
  • LACNIC — Latin America, parts of the Caribbean
  • AFRINIC — Africa

Each RIR then allocates smaller blocks to Internet Service Providers and organizations in their region. Those ISPs may further subdivide blocks for their customers.

The result: when you see 98.0.0.0 - 98.255.255.255 assigned to AT&T, you're looking at a piece of the Internet that traveled from IANA → ARIN → AT&T. That range is AT&T's deed to that slice of address space.

Where You'll Encounter IP Ranges

WHOIS Lookups

Run a WHOIS query on any public IP address, and you'll see the range it belongs to. This is one of the most common places people encounter range notation for the first time:

NetRange:  104.16.0.0 - 104.31.255.255
CIDR:      104.16.0.0/12
NetName:   CLOUDFLARENET
OrgName:   Cloudflare, Inc.

The WHOIS record shows both notations side by side. The range tells you the boundaries. The CIDR tells you the same thing in compact form. The organization name tells you who controls those addresses.

Firewall Rules

Firewalls use ranges (usually in CIDR notation) to allow or block traffic from entire networks at once. Instead of writing millions of individual rules, an administrator writes one:

# Block all traffic from this network
deny from 203.0.113.0/24

# Allow your office's IP range
allow from 198.51.100.0/28

When you encounter a firewall rule like deny from 203.0.113.0/24, you now know what it means: block every address from 203.0.113.0 through 203.0.113.255.

Network Documentation

Internal network documentation often maps out which IP ranges are assigned to which departments, floors, or functions:

Guest Wi-Fi:     10.10.0.0 - 10.10.0.255
Engineering:     10.10.1.0 - 10.10.3.255
Printers:        10.10.4.0 - 10.10.4.255

Reading this, you can immediately see that Engineering has four times as many addresses as the guest network. The ranges tell you how the organization thinks about its own infrastructure.

How to Read Any Range You Encounter

When you see an IP range, ask three questions:

  1. How big is it? Subtract the first address from the last (roughly). Or if it's in CIDR, subtract the prefix length from 32 and raise 2 to that power. A /24 gives you 2⁸ = 256 addresses.

  2. Who owns it? Paste any address from the range into a WHOIS lookup tool. The record will show you the organization, when it was allocated, and which registry assigned it.

  3. What's the context? A range in a WHOIS result tells you about ownership. A range in a firewall rule tells you about access control. A range in network documentation tells you about internal organization.

The notation is the same everywhere. Once you can read it, you can read it anywhere.

The Paper Trail of the Internet

Here's what's genuinely remarkable about IP ranges: the entire Internet has a paper trail.

Every address was allocated. Every allocation was recorded. Every range traces back through a chain of registries to IANA. You can pick any IP address in the world, look it up, and find out who has it, when they got it, and which regional registry assigned it.

No other global resource works quite like this. You can't look up who owns a specific radio frequency in another country with a single query. But IP addresses? The records are public, the tools are free, and the chain of custody is unbroken.

When you read an IP range, you're not just reading a technical notation. You're reading a record of how a finite resource—4.3 billion IPv4 addresses2—was divided among every organization on Earth that wanted to connect to the Internet.

Frequently Asked Questions About IP Address Ranges

Предишна

How to Find Your Private IP Address

Следваща

Reserved IP Address Ranges Explained

Беше ли полезна тази страница?

😔
🤨
😃