Expressvpn Glossary
Class A IP address
What is a Class A IP address?
A Class A IP address is part of the original IPv4 classful addressing system and is designed for very large networks. Each Class A network supports up to 16,777,214 usable host addresses.
This system was defined in RFC 791, a technical specification published by the Internet Engineering Task Force (IETF) that describes how the Internet Protocol (IP) works. Classful addressing remained the standard until Classless Inter-Domain Routing (CIDR) replaced it in 1993. CIDR allows IP address blocks to be allocated more flexibly, without fixed address classes.
How does a Class A IP address work?
Class A IP addresses use a two-part structure based on octets, which are units of digital information consisting of 8 bits. The first octet identifies the network, while the remaining three octets identify individual hosts within that network.
When a router receives a packet destined for a Class A address, it examines the first octet to determine the target network. The remaining 24 bits specify the exact host within that network, allowing the router to forward traffic correctly.
For example, in the IP address 10.20.30.40, the first octet (10) represents the network portion, while the remaining three octets (20.30.40) represent the host portion.
Where is a Class A IP address used?
Class A networking is mostly a historical concept today, as it’s been largely replaced by CIDR. However, many original Class A blocks, also known as /8 networks, where the first octet defines the network portion, are still in active use.
Each /8 block contains 16,777,216 total addresses. Many of these large blocks remain assigned to organizations that internally divide them into smaller subnets using CIDR to manage routing, security, and address efficiency.
Types of Class A IP addresses
Class A IP addresses can be divided into the following types:
- Public addresses: Ranging from 1.0.0.0 to 126.255.255.255, these addresses can be routed over the public internet.
- Private addresses: The range 10.0.0.0 to 10.255.255.255 is reserved for private networks and cannot be routed on the public internet.
- Loopback addresses: The 127.0.0.0/8 range is reserved for loopback traffic. These addresses are used to test network functionality on a local device and never leave the host.
- Reserved addresses: Certain addresses have special purposes. For example, 0.0.0.0 represents an unspecified address and is used when a device has not yet been assigned an IP address.
Risks and privacy concerns
Class A IP addresses introduce some risks when improperly configured:
- Revealing network topology: Exposing large IP address ranges can give attackers insight into internal network design. Network address translation (NAT) helps reduce this risk by masking internal IP addresses behind a shared public address.
- Risk of lateral movement: Large, flat networks that use broad address ranges without segmentation make it easier for attackers to move between systems. Organizations typically mitigate this by dividing networks into smaller subnets with access controls.
- Spoofed allowlists: Attackers may falsify packet source addresses to appear as trusted systems. Ingress and egress filtering help detect and block packets with suspicious or invalid source addresses.
Further reading
- What are IP address classes? Importance for VPNs and cybersecurity
- What is a subnet? A complete guide to subnetting, VPNs, and network security
- What is a subnet mask? Why it matters for your network
- Types of IP addresses explained: Complete guide
- What are non-routable IP addresses?
