Episode 1 — Fundamentals / 1.1 — How The Internet Works
1.1.d — Domain Names, IP Addresses, MAC Addresses & Routing
In one sentence: Every device on a network needs an address — MAC addresses identify devices on a local network, IP addresses identify devices globally, domain names are human-friendly labels for IP addresses, and routing is how packets navigate between all of them.
Table of Contents
- 1. The Three Addressing Systems
- 2. Domain Names — Human-Readable Addresses
- 3. IP Addresses — The Global Address
- 4. MAC Addresses — The Local ID Card
- 5. How All Three Work Together
- 6. NAT — Network Address Translation
- 7. Routing In Depth
- 8. ARP — Connecting IP to MAC
- 9. Subnetting Basics
- 10. Key Takeaways
1. The Three Addressing Systems
Think of it like a physical mail delivery system:
┌─────────────────────────────────────────────────────────────────┐
│ ADDRESSING ANALOGY │
│ │
│ Domain Name = "John Smith" (human-friendly name) │
│ IP Address = "42 Oak Street, (global mailing address) │
│ NYC, NY 10001" │
│ MAC Address = "Person's face" (local physical ID — │
│ only matters when │
│ you're at the door) │
│ │
│ The postal service (ROUTING) uses the address to get the │
│ letter to the right building. Once there, they look for │
│ the person's face (MAC) to hand it over. │
└─────────────────────────────────────────────────────────────────┘
2. Domain Names — Human-Readable Addresses
What Is a Domain Name?
A domain name is a human-readable alias for an IP address. You type google.com instead of 142.250.190.46.
Structure of a Domain Name
https://www.blog.example.com:443/articles/hello
──┬── ─┬─ ─┬── ───┬─── ─┬─ ─┬─ ────┬────────
│ │ │ │ │ │ │
│ │ │ │ │ │ └── Path
│ │ │ │ │ └── Port (optional)
│ │ │ │ └── TLD (Top-Level Domain)
│ │ │ └── SLD (Second-Level Domain)
│ │ └── Subdomain
│ └── Subdomain (www)
└── Protocol (scheme)
Reading RIGHT to LEFT:
.com ← TLD (managed by registry like Verisign)
example ← SLD (the name you buy from a registrar)
blog ← Subdomain (you create these freely)
www ← Subdomain (tradition, not required)
Types of Top-Level Domains (TLDs)
┌────────────────┬──────────────────────────────────────────┐
│ Type │ Examples │
├────────────────┼──────────────────────────────────────────┤
│ Generic (gTLD) │ .com .org .net .io .dev .app .xyz │
│ Country (ccTLD)│ .us .uk .in .jp .de .fr .au .ca │
│ Sponsored │ .edu .gov .mil .museum │
│ New gTLDs │ .tech .cloud .ai .store .blog │
└────────────────┴──────────────────────────────────────────┘
Domain Name Hierarchy
. (Root)
│
┌───────────┼───────────┐
▼ ▼ ▼
.com .org .net ← TLD servers
│ │
┌───┴───┐ ┌───┴───┐
▼ ▼ ▼ ▼
google amazon wikipedia ← SLD (registered names)
│
┌─┴──┐
▼ ▼
www mail maps drive ← Subdomains (created by owner)
How Domain Registration Works
1. You choose a name: "mysite.com"
2. Check availability: via a REGISTRAR (GoDaddy, Namecheap, Google Domains)
3. Pay yearly fee: ~$10-15/year for .com
4. Registrar tells the: REGISTRY (Verisign for .com)
5. Registry updates the: TLD name servers
6. You configure: DNS records pointing to your server's IP
You ──▶ Registrar ──▶ Registry ──▶ TLD Name Server
(buyer) (store) (database) (phone book)
3. IP Addresses — The Global Address
What Is an IP Address?
An IP (Internet Protocol) address is a unique numerical label assigned to every device connected to a network. It serves two purposes:
- Identification — who are you?
- Location — where are you on the network?
IPv4
Format: 4 numbers separated by dots
Each: 0-255 (8 bits = 1 byte each)
Total: 32 bits
Example: 192.168.1.100
Binary breakdown:
192 . 168 . 1 . 100
11000000 10101000 00000001 01100100
Total possible addresses: 2^32 = 4,294,967,296 (~4.3 billion)
Problem: We ran out in 2011. Earth has 8+ billion people
with multiple devices each.
IPv6
Format: 8 groups of 4 hex digits, separated by colons
Total: 128 bits
Example: 2001:0db8:85a3:0000:0000:8a2e:0370:7334
Shortened: 2001:db8:85a3::8a2e:370:7334
(consecutive zero groups → ::)
Total possible addresses: 2^128 = 340 undecillion
= 340,282,366,920,938,463,463,374,607,431,768,211,456
That's enough for every grain of sand on Earth
to have trillions of addresses.
IPv4 vs IPv6 Comparison
┌──────────────────┬──────────────────────┬──────────────────────┐
│ Feature │ IPv4 │ IPv6 │
├──────────────────┼──────────────────────┼──────────────────────┤
│ Address size │ 32 bits │ 128 bits │
│ Format │ Decimal (dotted) │ Hexadecimal (colon) │
│ Example │ 192.168.1.1 │ 2001:db8::1 │
│ Total addresses │ ~4.3 billion │ ~340 undecillion │
│ NAT required? │ Yes (address sharing)│ No (enough for all) │
│ Security │ Optional (IPsec) │ Built-in (IPsec) │
│ Header │ Variable (20-60 B) │ Fixed (40 B) │
│ Broadcast │ Yes │ No (uses multicast) │
│ Adoption (2026) │ ~60% of traffic │ ~40% of traffic │
└──────────────────┴──────────────────────┴──────────────────────┘
Public vs Private IP Addresses
┌─────────────────────────────────────────────────────────────────┐
│ YOUR HOME NETWORK │
│ │
│ ┌──────────┐ Private IP │
│ │ Laptop │ 192.168.1.10 ───┐ │
│ └──────────┘ │ │
│ ┌──────────┐ Private IP │ ┌────────────┐ │
│ │ Phone │ 192.168.1.11 ───┼──▶│ Router │ │
│ └──────────┘ │ │ │──▶ INTERNET│
│ ┌──────────┐ Private IP │ │ Public IP: │ │
│ │ Smart TV │ 192.168.1.12 ───┘ │ 203.0.113.5│ │
│ └──────────┘ └────────────┘ │
│ │
│ Private IPs: Only visible inside your home network │
│ Public IP: The one address the internet sees │
│ Your router translates between them using NAT │
└─────────────────────────────────────────────────────────────────┘
Reserved Private IP Ranges:
┌─────────────────────┬────────────────────────┬──────────────────┐
│ Range │ CIDR │ # of Addresses │
├─────────────────────┼────────────────────────┼──────────────────┤
│ 10.0.0.0 – │ 10.0.0.0/8 │ 16,777,216 │
│ 10.255.255.255 │ │ │
├─────────────────────┼────────────────────────┼──────────────────┤
│ 172.16.0.0 – │ 172.16.0.0/12 │ 1,048,576 │
│ 172.31.255.255 │ │ │
├─────────────────────┼────────────────────────┼──────────────────┤
│ 192.168.0.0 – │ 192.168.0.0/16 │ 65,536 │
│ 192.168.255.255 │ │ │
└─────────────────────┴────────────────────────┴──────────────────┘
Special IP Addresses
127.0.0.1 ── Localhost (your own machine — "home")
0.0.0.0 ── "All interfaces" / unspecified
255.255.255.255 ── Broadcast (send to everyone on local network)
8.8.8.8 ── Google's public DNS server
1.1.1.1 ── Cloudflare's public DNS server
169.254.x.x ── Link-local (auto-assigned when DHCP fails)
4. MAC Addresses — The Local ID Card
What Is a MAC Address?
A MAC (Media Access Control) address is a hardware identifier burned into every network interface card (NIC) at the factory. It's used for communication on the local network segment only.
Format: 6 pairs of hexadecimal digits
Size: 48 bits (6 bytes)
Example: A4:83:E7:2F:5B:01
Breakdown:
A4:83:E7 : 2F:5B:01
──────── ────────
OUI Device ID
(vendor) (unique serial)
OUI = Organizationally Unique Identifier
Apple = A4:83:E7
Intel = 00:1B:21
Samsung= 00:07:AB
You can look up any MAC address vendor at: macvendors.com
MAC vs IP — Key Differences
┌──────────────────┬────────────────────┬────────────────────┐
│ Feature │ MAC Address │ IP Address │
├──────────────────┼────────────────────┼────────────────────┤
│ Layer │ Data Link (L2) │ Network (L3) │
│ Scope │ Local network only │ Global (internet) │
│ Assigned by │ Hardware vendor │ DHCP / ISP / admin │
│ Changes? │ No (burned in) │ Yes (can change) │
│ Format │ Hex (AA:BB:CC...) │ Decimal or Hex │
│ Survives routing?│ NO — rewritten at │ YES — preserved │
│ │ every hop │ end-to-end │
│ Analogy │ Your face │ Your mailing │
│ │ │ address │
└──────────────────┴────────────────────┴────────────────────┘
Why MAC Addresses Don't Survive Routing
Your Laptop ──── Router A ──── Router B ──── Server
hop 1 hop 2
Hop 1: Laptop → Router A
Source MAC: Laptop's MAC
Dest MAC: Router A's MAC
Source IP: Your IP ← stays same
Dest IP: Server's IP ← stays same
Hop 2: Router A → Router B
Source MAC: Router A's MAC ← CHANGED
Dest MAC: Router B's MAC ← CHANGED
Source IP: Your IP ← still same
Dest IP: Server's IP ← still same
IP addresses stay constant end-to-end.
MAC addresses change at every hop.
5. How All Three Work Together
Full Workflow: You Type "google.com"
Step 1: DOMAIN NAME → IP ADDRESS (DNS)
┌──────────────┐
│ "google.com" │ ──── DNS Lookup ────▶ 142.250.190.46
└──────────────┘
Your browser now knows the destination IP.
Step 2: IP ADDRESS → MAC ADDRESS (ARP)
Your computer needs to send the packet to your router first.
But Ethernet uses MAC addresses, not IPs.
┌──────────────────┐
│ "What is the MAC │
│ address of │ ── ARP Request ──▶ Router replies:
│ 192.168.1.1?" │ "My MAC is AA:BB:CC:DD:EE:FF"
└──────────────────┘
Step 3: PACKET SENT WITH ALL ADDRESSES
┌──────────────────────────────────────────────────────────┐
│ Ethernet Frame: │
│ Source MAC: Your laptop's MAC │
│ Dest MAC: Router's MAC (AA:BB:CC:DD:EE:FF) │
│ │
│ IP Packet (inside the frame): │
│ Source IP: 192.168.1.10 (your private IP) │
│ Dest IP: 142.250.190.46 (Google's IP) │
│ │
│ TCP Segment (inside the packet): │
│ Source Port: 52431 (random ephemeral port) │
│ Dest Port: 443 (HTTPS) │
└──────────────────────────────────────────────────────────┘
Step 4: ROUTING
At each router hop:
• MAC addresses are REWRITTEN (new source/dest MAC)
• IP addresses STAY THE SAME
• Until the packet reaches Google's server
6. NAT — Network Address Translation
The Problem
You have 5 devices at home. Your ISP gives you ONE public IP. How do all 5 devices use the internet?
The Solution: NAT
┌─────────────────────────────────────────────────────────────────┐
│ YOUR HOME INTERNET │
│ │
│ Laptop: 192.168.1.10:52431 ─┐ │
│ Phone: 192.168.1.11:48920 ─┤ NAT │
│ Tablet: 192.168.1.12:61003 ─┼─────▶ 203.0.113.5:xxxxx │
│ Smart TV: 192.168.1.13:33210 ─┤ (one public IP) │
│ Gaming PC: 192.168.1.14:44550 ─┘ │
│ │
│ The router keeps a NAT TABLE: │
│ ┌──────────────────┬────────────────────┐ │
│ │ Internal │ External │ │
│ ├──────────────────┼────────────────────┤ │
│ │ 192.168.1.10:52431│ 203.0.113.5:10001 │ │
│ │ 192.168.1.11:48920│ 203.0.113.5:10002 │ │
│ │ 192.168.1.12:61003│ 203.0.113.5:10003 │ │
│ └──────────────────┴────────────────────┘ │
│ │
│ When a response comes back to port 10002, │
│ the router knows to forward it to the phone. │
└─────────────────────────────────────────────────────────────────┘
7. Routing In Depth
Types of Routing
┌──────────────────┬──────────────────────────────────────────────┐
│ Type │ Description │
├──────────────────┼──────────────────────────────────────────────┤
│ Static routing │ Admin manually configures routes. │
│ │ Simple but doesn't adapt to changes. │
├──────────────────┼──────────────────────────────────────────────┤
│ Dynamic routing │ Routers automatically learn and share │
│ │ routes using protocols (OSPF, BGP, RIP). │
│ │ Adapts to failures and congestion. │
├──────────────────┼──────────────────────────────────────────────┤
│ Default routing │ "If I don't know where it goes, send it │
│ │ to the default gateway." │
└──────────────────┴──────────────────────────────────────────────┘
How BGP Runs the Internet
BGP (Border Gateway Protocol) is the protocol that connects ISPs and large networks:
┌──────────────────────────────────────────────────────────────────┐
│ THE INTERNET (simplified) │
│ │
│ ┌───────────┐ ┌───────────┐ ┌───────────┐ │
│ │ ISP A │◀──BGP──▶│ ISP B │◀──BGP──▶│ ISP C │ │
│ │ (AS 100) │ │ (AS 200) │ │ (AS 300) │ │
│ └─────┬─────┘ └─────┬─────┘ └─────┬─────┘ │
│ │ │ │ │
│ Users A Users B Users C │
│ │
│ AS = Autonomous System (a network under one organization) │
│ BGP announces: "I can reach these IP ranges" │
│ Other ASes learn the best paths to reach those IPs │
│ │
│ If ISP B goes down, BGP automatically reroutes through │
│ alternative paths — the internet is self-healing │
└──────────────────────────────────────────────────────────────────┘
Traceroute — See the Hops Yourself
You can actually see the path your packets take:
Command: traceroute google.com (macOS/Linux)
tracert google.com (Windows)
Example output:
1 1ms 192.168.1.1 ← Your router
2 5ms 10.0.0.1 ← ISP local node
3 12ms 172.16.0.1 ← ISP backbone
4 25ms 209.85.142.1 ← Google's edge
5 28ms 142.250.190.46 ← Google's server
Each line = one hop (one router the packet passed through)
The ms value = round-trip time to that hop
8. ARP — Connecting IP to MAC
ARP (Address Resolution Protocol) translates IP addresses to MAC addresses on a local network:
Scenario: Your laptop (192.168.1.10) wants to reach the router (192.168.1.1)
Step 1: ARP Request (BROADCAST)
Your laptop shouts to EVERYONE on the local network:
"WHO HAS IP 192.168.1.1? TELL 192.168.1.10"
Source MAC: AA:AA:AA:AA:AA:AA (your laptop)
Dest MAC: FF:FF:FF:FF:FF:FF (broadcast — everyone)
Step 2: ARP Reply (UNICAST)
The router responds DIRECTLY to your laptop:
"I AM 192.168.1.1. MY MAC IS BB:BB:BB:BB:BB:BB"
Source MAC: BB:BB:BB:BB:BB:BB (the router)
Dest MAC: AA:AA:AA:AA:AA:AA (your laptop)
Step 3: ARP Cache
Your laptop saves this mapping so it doesn't have to ask again:
ARP Cache:
┌──────────────┬────────────────────┬──────────┐
│ IP Address │ MAC Address │ TTL │
├──────────────┼────────────────────┼──────────┤
│ 192.168.1.1 │ BB:BB:BB:BB:BB:BB │ 300 sec │
└──────────────┴────────────────────┴──────────┘
9. Subnetting Basics
Subnetting divides a large network into smaller sub-networks:
CIDR Notation
192.168.1.0/24
──
│
└── Subnet mask: the first 24 bits are the NETWORK part
the remaining 8 bits are for HOSTS
/24 = 255.255.255.0 = 256 addresses (254 usable hosts)
Common subnet sizes:
┌──────────┬─────────────────┬───────────────┬──────────────────┐
│ CIDR │ Subnet Mask │ Total IPs │ Usable Hosts │
├──────────┼─────────────────┼───────────────┼──────────────────┤
│ /32 │ 255.255.255.255 │ 1 │ 1 (single host) │
│ /24 │ 255.255.255.0 │ 256 │ 254 │
│ /16 │ 255.255.0.0 │ 65,536 │ 65,534 │
│ /8 │ 255.0.0.0 │ 16,777,216 │ 16,777,214 │
└──────────┴─────────────────┴───────────────┴──────────────────┘
Why -2 for usable hosts?
First address = Network address (identifies the network)
Last address = Broadcast address (send to all on network)
10. Key Takeaways
- Domain names (
google.com) are human-friendly labels translated to IP addresses by DNS. - IP addresses are global routable addresses (IPv4: 32-bit, IPv6: 128-bit).
- MAC addresses are hardware-level IDs used only on the local network — they change at every router hop.
- NAT lets many private devices share one public IP address.
- ARP bridges the gap between IP addresses and MAC addresses on local networks.
- Routing is hop-by-hop decision making using routing tables and protocols like BGP and OSPF.
- Subnetting divides networks into manageable pieces using CIDR notation.
Explain-It Challenge
What's the difference between an IP address and a MAC address? Why do we need both? Bonus: explain what happens to each one as a packet crosses 3 routers.
Previous → 1.1.c — How Data Travels Worldwide Next → 1.1.e — How ISP and DNS Work Together