Local IP addresses like 192.168.1.1 are used within your home network to identify devices. They help your devices communicate with each other and aren’t visible on the internet. 192.168.x.x and 10.x.x.x are common ranges for these private addresses.

Public IP addresses allow other networks to send data to you. Your ISP assigns you a public IP when you go online. Public IPs can reveal your general location because ISPs distribute them based on regions.

This is where your internet provider comes in. They are the ones who assign you a public IP. Nations reserve large blocks of IP addresses and assign them to companies, who assign them to you. That way, a request that gets sent from you to your ISP can be then sent to another ISP, based on who that IP address should belong to. If Comcast has a big block (73.x.x.x for example), other companies know to send those requests to Comcast, who uses their internal servers to route the request to you.

https://en.wikipedia.org/wiki/List_of_assigned_/8_IPv4_address_blocks

https://en.wikipedia.org/wiki/American_Registry_for_Internet_Numbers

Internet service providers or big companies like Google buy blocks of IP addresses. An IP block can be something like all IP addresses in the form of 123.x.x.x or something smaller like 123.1.2.x

The owner of these IP blocks can assign them to their devices or customers however they want. For Internet customers the assigned IPs often change or multiple users share a single IP addresses (via technologies like CNAT).

There are some special IP blocks like 192.168.x.x or 10.x.x.x which don’t get assigned to organizations, but are reserved for use in internal networks. There are also some other blocks (like 127.0.x.x) which are reserved for other special applications.

An message in the Internet (in form of a TCP package), has a sender and a receiver IP addresses, and that tells the routers, which the message passes, where to send the message.

In the Internet there is actually another important protocol called BGP, which does the mapping between IP addresses and (physical) networks/routers. Basically an Internet provider tells other Internet providers, if you wanna send a message to 123.123.123.1 then send it to router 1235 in my network. From this the other routers can derive where to send a package too, even if they can not directly reach router 1235 (and maybe need to send it to router 432, which then forwards it to router 1235).

I remember IPv4…. people still use that? /s

The IP address is actually two different things, it is the host address and the network address, it is why you need something called a ‘subnet mask’. The subnet mask tells routers and hosts where the network address ends and host address starts.

Lets play ‘a day in the life of a packet,’ that is a data packet that starts at your local computer and wants to get to some website, say [www.reddit.com](http://www.reddit.com).

1. Host does a DNS lookup to resolve [www.reddit.com](http://www.reddit.com) to an IP address
2. Host looks in their local routing table for a route to that network, more than likely it won’t have one so it uses its ‘route of last resort’, or more commonly called a default gateway.
3. The default gateway receives the packet and checks its routing table to see if it has a route to the destination network. At this point, more than likely, it will strip the originator IP address and replace it with its own, this is called a NAT, or network address translation. Strictly speaking, you don’t need to NAT, but more than likely you are. Essentially the router tacks on a port number or some other number so the address looks like this [publicIPofrouter:sequencenumber] and that allows the router to understand how to “NAT back” when it gets a response.
4. The next router gets the packet and looks at its routing table to see if it has a route to that network, if it doesn’t, it sends it to its route of last resort.

5 …

6 …

7 … Hooray, we have found a router that ‘owns’ the network address in question. The router will ARP out of the interface that shares the network address asking for the host at the specified host address to send the router its MAC address. When it responds, the router will deliver the packets to the host at its MAC address.

This is specific to IPV4, IPV6 is 64 bits and the network/host addresses are evenly split in 32 bit blocks, and they don’t use ARP, but that is a whole different animal.

It’s an identifier. Just like your phone number. If someone knows your phone number, they can call you. And with the access to proper information, they can tell where you are (much easier back in the day of landlines). If someone knows your IP address, they can send things to you. And with access to the proper information, they can tell where you are.

Now access to that information typically means phone company or ISP records. So unless they know someone or have a court order, that shouldn’t happen.

And in the case of the general public using the internet, you’re probably getting an IP address through DHCP. Which means you don’t have a permanent IP address. It’s a dynamic address and could be changing daily. So if they know your IP address today, that may not be useful tomorrow.

As for how the addresses are assigned to billions of people, there are about 3 billion possible public IPv4 addresses. That’s not nearly enough for all the devices in the world. So for most people with residential service (and many businesses), a function known as NAT (Network Address Translation) is used. This allows all the different devices in your home to use the single public IP address that your home is using.

“IP” addresses are meant to be a hierarchical system, where you could divide the world into 256 “regions” (much like countries… and country codes in telephone numbers…) then divide each region into 256 smaller regions (in a country those would in telephone numbers typically be “regional number”, in Sweden 08 is for Stockholm… ) And you then divide each of those region into 256 even smaller regions, and then one more division into 256 individual machines within that smallest region.

Since what matters is not always physical proximity, these regions may relate more by how close they are “electronically” (a good cable could make two regions seem more connected, even if they are further apart than some others, etc… )

The thing with “internet protocol” addresses is that there has not been a very organized way to decide who or what should get what address. Sure, it isn’t entirely organized, but, it is still a bit chaotic. So the “topological” information that you’d need to route efficiently is not always there. It can be a bit random, such as some company owning a number of addresses and using them in a way that isn’t geographically or connection-wise related.

> You hear online about not leaking or sharing your public IP or it can be used to find (pretty close to) where you live.

This is BS the vast majority of the time. Most ISPs rotate public IPs among their customers with at least some regularity, and none of those IPs trace back to more than a fairly broad region. Nobody’s knocking on your door because you leaked your IP.

You hear online about “protecting” your IP address because they want to sell you a subscription to a service you probably don’t need. There are lots of much better ways to track you online than your source IP address. (In fact, that’s a pretty terrible way to track someone; there’s a lot of much-better mechanisms.)

Your IP address can often be traced to your general metro area, but this isn’t very interesting information.

Public IP addresses are allocated in blocks of various sizes, and then assigned to individual endpoints by those that own those blocks. Your router holds a single public IP, and does some internal wizardry to map that one public IP to however many devices you have behind it.