IP Address Formats: Decimal, Binary, Hex, and How to Convert

When most people think of an IP address, they picture four numbers separated by dots: 192.168.1.1. That is the dotted-decimal IP address format, designed to be easy for humans to read. But your computer does not think in decimal. It thinks in binary, ones and zeros.

The same address can also be written in hexadecimal, as a single large integer, or even in octal. Each IP address format exists because different contexts demand different representations. Network engineers convert IP to binary to calculate subnets. Developers store IPs as integers for database efficiency. Security analysts read hex in packet dumps. Same address, different lens.

This guide walks through every major IP address format. It shows exactly how to convert between them with real math, and explains when and why each one matters. It also covers a security angle most format guides skip: how format ambiguity has caused real vulnerabilities. IP addresses are just one type of network identifier. Devices also use MAC addresses at the hardware level. These formats interact at different layers of the OSI model. This guide serves certification students, network coders, and the simply curious. You will leave able to read any IP address format.

The Dotted-Decimal Format

Dotted-decimal notation is the standard IP address format for IPv4. An address is made up of four groups called octets, separated by dots. Each octet represents 8 bits of the underlying 32-bit address, with a value range of 0 to 255. The format exists because humans cannot easily read long strings of binary.

Dotted-decimal notation is the standard IP address format for IPv4. It looks like this:

192.168.1.1

The address is made up of four groups called octets, separated by dots. Each octet represents 8 bits of the underlying 32-bit address. The term “octet” literally means a group of eight, referring to the 8 binary digits that make up each section.

Each octet is 8 bits wide. The smallest value is 0, with all eight bits off. The largest is 255, with all eight bits on. That gives each octet a range of 0 to 255. If you ever see a number outside this range in an IP address, something is wrong.

  192   .   168   .    1    .    1
   |         |        |        |
 Octet 1  Octet 2  Octet 3  Octet 4

Each octet: 8 bits = values 0 through 255
Total:      4 octets x 8 bits = 32 bits

This format was chosen because humans are terrible at reading long strings of binary. Breaking the 32-bit address into four decimal numbers makes it manageable. You can quickly tell someone to ping 192.168.1.1. Try telling them to ping 11000000101010000000000100000001 over the phone.

Dotted-decimal is what you will see in router configurations, DNS records, firewall rules, and virtually every networking interface. When you check your public IP, the result comes back in this format. For a full walkthrough of locating it, see our guide on how to find your public IP address.

Binary Format

Binary is the native IP address format as far as your computer is concerned. Every IP address is fundamentally a 32-bit binary number, and dotted-decimal is just a convenience layer on top. To convert an octet to binary, use the subtraction method with the eight place values from 128 down to 1.

Binary is the native IP address format as far as your computer is concerned. Every IP address is fundamentally a 32-bit binary number. The dotted-decimal notation is just a convenience layer on top of it.

To convert an IP address to binary, you convert each octet independently using positional values. Each bit position in an octet has a fixed value:

The technique is simple. Start with the leftmost place value (128). If the octet value is at least 128, write a 1 and subtract 128 from your remaining value. If not, write a 0. Move to the next place value (64) and repeat until you have filled all 8 bits.

Octet 1: 192
  192 ≥ 128? Yes → 1, remainder = 64
   64 ≥  64? Yes → 1, remainder = 0
    0 ≥  32? No  → 0
    0 ≥  16? No  → 0
    0 ≥   8? No  → 0
    0 ≥   4? No  → 0
    0 ≥   2? No  → 0
    0 ≥   1? No  → 0
  Result: 11000000

Octet 2: 168
  168 ≥ 128? Yes → 1, remainder = 40
   40 ≥  64? No  → 0
   40 ≥  32? Yes → 1, remainder = 8
    8 ≥  16? No  → 0
    8 ≥   8? Yes → 1, remainder = 0
    0 ≥   4? No  → 0
    0 ≥   2? No  → 0
    0 ≥   1? No  → 0
  Result: 10101000

Octet 3: 1
  Result: 00000001

Octet 4: 1
  Result: 00000001

Full IP address in binary:
11000000.10101000.00000001.00000001

Why Binary Matters for Subnetting

The real reason every networking student needs to understand IP binary is subnetting. Your computer must determine whether a destination IP is on the local network or needs routing. To decide, it performs a bitwise AND operation between the IP address and the subnet mask.

IP Address:    11000000.10101000.00000001.00000001  (192.168.1.1)
Subnet Mask:   11111111.11111111.11111111.00000000  (255.255.255.0)
               ─────────────────────────────────────
AND Result:    11000000.10101000.00000001.00000000  (192.168.1.0)

The result is the network address. Any device that produces
the same network address after the AND operation is on the
same local subnet.

This is entirely a binary operation. You cannot do it in decimal without first converting. That is why understanding IP to binary conversion is not optional. It is the foundation of every subnetting calculation. Our subnet calculator automates this. Knowing the mechanics yourself is what separates someone who configures networks from someone who actually understands them.

Hexadecimal Format

Hexadecimal (base-16) is a compact way to represent binary data. Each hex digit represents 4 bits, so each 8-bit octet becomes 2 hex digits. This makes hex a natural middle ground, shorter than binary and closer to the bit patterns than decimal. You see it in packet captures, IPv6, and MAC addresses.

Hexadecimal (base-16) provides a compact way to represent binary data. Each hex digit represents exactly 4 bits, which means each 8-bit octet can be written as exactly 2 hex digits. This makes the hexadecimal IP address format a natural middle ground. Shorter than binary, closer to the actual bit patterns than decimal.

The hex digits run 0 through F. The letters map as A=10, B=11, C=12, D=13, E=14, and F=15.

Converting Decimal to Hex

To convert an octet to hex, divide by 16. The quotient is the first hex digit. The remainder is the second.

Octet 1: 192 ÷ 16 = 12 remainder 0  → C0
Octet 2: 168 ÷ 16 = 10 remainder 8  → A8
Octet 3:   1 ÷ 16 =  0 remainder 1  → 01
Octet 4:   1 ÷ 16 =  0 remainder 1  → 01

Hexadecimal IP address: C0.A8.01.01
With 0x prefix:         0xC0A80101

The 0x prefix is a convention from programming languages like C and Python that signals “this number is in hexadecimal.” You will see both dotted hex (C0.A8.01.01) and flat prefix notation (0xC0A80101), depending on context.

Where Hex Shows Up

• Packet captures. Tools like Wireshark display raw packet data in hexadecimal. If you are analyzing network traffic, you are reading hex.
• IPv6 addresses. The entire IPv6 address format is hexadecimal (for example, 2001:0db8:85a3::8a2e:0370:7334). Understanding hex in IPv4 gives you a head start. Our IPv4 vs. IPv6 comparison covers the differences between both protocols.
• MAC addresses. Written in hex (for example, 00:1A:2B:3C:4D:5E). If you work with both MAC and IP data, hex is a common language.
• Low-level programming. Embedded systems, firmware, and network stack code frequently represent IP addresses in hexadecimal format.

Mixed IPv4-IPv6 Notation Adds Its Own Ambiguity

Hex matters more every year because of the IPv6 transition. IPv6 can embed an IPv4 address inside it. The result is an IPv4-mapped IPv6 address like ::ffff:127.0.0.1.

That single value mixes hex (the ffff prefix) with dotted-decimal (the 127.0.0.1 tail). It points right back at the local machine. This mixed format is convenient, but it has tripped up validators. A 2024 SSRF bug (CVE-2024-29415) bypassed a Node.js filter using exactly this ::ffff:127.0.0.1 form.

The lesson carries forward from the security section below. Any address format that can be written more than one way is a place a naive parser can be fooled.

Integer (32-bit) Format

Every IPv4 address can be expressed as a single unsigned 32-bit integer. This format treats the entire 32-bit binary number as one value instead of four octets. The formula multiplies each octet by a power of 256. Databases use integer storage for space efficiency and fast range queries.

Every IPv4 address can be expressed as a single unsigned 32-bit integer. This integer format treats the entire 32-bit binary number as one value, instead of splitting it into four octets.

The formula is:

Integer = (Octet1 × 2^24) + (Octet2 × 2^16) + (Octet3 × 2^8) + Octet4

Which equals:
Integer = (Octet1 × 16,777,216) + (Octet2 × 65,536) + (Octet3 × 256) + Octet4

192 × 16,777,216 = 3,221,225,472
168 ×     65,536 =    11,010,048
  1 ×        256 =           256
  1 ×          1 =             1
                    ─────────────
Total:              3,232,235,777

So 192.168.1.1 = 3232235777 as a 32-bit integer.

Why Store IPs as Integers?

Databases and software often store IP addresses in integer format for two practical reasons:

• Storage efficiency. A 32-bit integer takes exactly 4 bytes. Storing the dotted-decimal string "192.168.1.1" takes 11 to 15 bytes depending on the address. When you have millions of log entries, that difference adds up.
• Range queries. Finding all IPs between 192.168.1.0 and 192.168.1.255 is a simple integer comparison (WHERE ip_int BETWEEN 3232235776 AND 3232236031). With string-based storage, you need complex parsing or padding to get accurate results.

To convert an integer back to dotted-decimal, you reverse the process: divide repeatedly by 256 and take the remainders.

3232235777 ÷ 256 = 12625921 remainder 1   → Octet 4 = 1
  12625921 ÷ 256 =    49319 remainder 1   → Octet 3 = 1
     49319 ÷ 256 =      192 remainder 168 → Octet 2 = 168
                                                Octet 1 = 192

Result: 192.168.1.1  (reading octets 1 through 4)

IP Address Classes

In the early internet, IPv4 addresses were divided into five classes based on the leading bits of the first octet. This classful system determined how many bits belonged to the network portion versus the host portion. CIDR replaced it in 1993, but the class designations still appear on certification exams and as everyday shorthand.

In the early internet, IPv4 addresses were divided into five classes. The leading bits of the first octet set the class. This system, called classful networking, set how many bits belonged to the network portion versus the host portion.

Classful networking was replaced by CIDR (Classless Inter-Domain Routing) in 1993 because the fixed class sizes were wildly inefficient. A company needing 300 addresses would get an entire Class B with 65,534 host slots. That wasted tens of thousands of addresses. CIDR allows subnet masks of any length, so you can allocate exactly what you need. Our subnetting guide walks through CIDR notation step by step. Our CIDR to IP Range tool expands any block into its address range.

Despite being technically obsolete, IP address classes still matter. Certification exams test them, private address ranges are defined by class, and networking professionals reference classes as shorthand every day.

How Class Math Connects to IPv4 Scarcity

The waste built into classful allocation is exactly why we ran out of addresses. There are only about 4.3 billion IPv4 values total. The global free pool was effectively exhausted in 2011, when IANA handed its last blocks to the regional registries.

The pressure has not eased since. As of early 2026, roughly 3.687 billion IPv4 addresses sit allocated across the five registries. Only small reserved pools remain. New addresses now move mainly through a paid transfer market rather than fresh allocation.

This scarcity is what pushes carriers toward private addressing and shared-address workarounds, covered in the next section. It is also the long-running case for IPv6.

Private Address Ranges

RFC 1918 reserved specific blocks within Classes A, B, and C for private (non-routable) use. These are the addresses used on internal networks behind routers and firewalls:

Have you ever connected to home Wi-Fi and seen an IP starting with 192.168? That is a Class C private address. Enterprise networks tend to use the 10.x.x.x range because it offers far more addresses for large-scale internal use. For more on how private and public addresses interact, see our guide on public vs. private IP addresses.

Special and Reserved Addresses

Not every IP address value is available for regular use. Several blocks are reserved for specific functions defined by various RFCs. Loopback, broadcast, the unspecified address, APIPA link-local, multicast, the CGNAT shared range, and documentation blocks all have dedicated purposes. Knowing these is essential for troubleshooting and certification exams.

Not every IP address format value is available for regular use. Several blocks are reserved for specific functions defined by various RFCs. Knowing these is essential for troubleshooting and certification exams alike.

Understanding these reserved addresses prevents common mistakes. For example, if a server is configured to listen on 0.0.0.0, that does not mean it has no IP. It means it is listening on all available interfaces. And if a user reports their IP is 169.254.x.x, you know immediately that DHCP is the problem. Not DNS or routing. You can verify addresses quickly with a reverse DNS lookup to see if they resolve to anything meaningful.

The CGNAT range deserves special note in 2026. Mobile carriers like AT&T, T-Mobile, and Vodafone place thousands of subscribers behind a shared pool of public IPv4 addresses. Many are now moving to IPv6-only cores with 464XLAT translation underneath. Is your home server unreachable despite correct port forwarding? Check your router’s WAN side. A 100.64.x.x address there points straight at CGNAT as the cause.

Converting Between Formats

Converting between IP formats follows predictable rules in each direction. Decimal to binary uses the subtraction method. Binary to decimal adds place values. Decimal to hex divides by 16. Decimal to integer multiplies each octet by a power of 256. The example below uses 10.0.75.200 throughout.

Here is a quick-reference walkthrough for converting the IP address format in each direction. We will use 10.0.75.200 as our example throughout.

Decimal to Binary

For each octet, use the subtraction method with place values 128, 64, 32, 16, 8, 4, 2, 1:

10  = 0 + 0 + 0 + 0 + 8 + 0 + 2 + 0  = 00001010
0   = 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0  = 00000000
75  = 0 + 64 + 0 + 0 + 8 + 0 + 2 + 1 = 01001011
200 = 128 + 64 + 0 + 0 + 8 + 0 + 0 + 0 = 11001000

Binary: 00001010.00000000.01001011.11001000

Binary to Decimal

For each 8-bit group, add up the place values where the bit is 1:

00001010 = 8 + 2                   = 10
00000000 = 0                       = 0
01001011 = 64 + 8 + 2 + 1         = 75
11001000 = 128 + 64 + 8           = 200

Decimal: 10.0.75.200

Decimal to Hexadecimal

Divide each octet by 16. The quotient is the first hex digit, the remainder is the second:

10  ÷ 16 = 0 remainder 10  → 0A
0   ÷ 16 = 0 remainder 0   → 00
75  ÷ 16 = 4 remainder 11  → 4B
200 ÷ 16 = 12 remainder 8  → C8

Hex: 0A.00.4B.C8  (or 0x0A004BC8)

Decimal to Integer

10  × 16,777,216 =   167,772,160
0   ×     65,536 =             0
75  ×        256 =        19,200
200 ×          1 =           200
                    ─────────────
Total:              167,791,560

So 10.0.75.200 = 167791560 as a 32-bit integer.

All Formats at a Glance

To verify your work or convert a batch of addresses, use our IP address converter. It checks results in all formats at once.

When IP Format Ambiguity Becomes a Security Risk

The same address can be written several valid ways, and parsers do not always agree on what they mean. A leading zero signals octal, so 0177.0.0.1 can equal 127.0.0.1. Inconsistent parsing has caused real vulnerabilities catalogued under CWE-1389. The defensive lesson is to normalize every address before validating it.

Format flexibility is convenient, but it has a dark side. The same IP address can be written several different ways, and not every program parses them the same way. This inconsistency has caused real security vulnerabilities.

The root cause is how leading characters signal a number’s base (radix):

• A leading zero often marks an octet as octal (base-8). So 0177 is interpreted as octal, which equals 127 in decimal.
• A leading 0x marks a value as hexadecimal. So 0x7f equals 127.
• An address can use fewer than four parts. The final number absorbs the remaining octets, so 127.1 resolves to 127.0.0.1.

Because of this, many tools accept 0177.0.0.1, 0x7f.0.0.1, and the single integer 2130706433 as equivalent to 127.0.0.1. Utilities like ping and curl happily connect to all of them.

This Is Not a 2021 Problem — It Is Ongoing

It would be comforting to treat the 2021 CVE cluster as history. It is not. The same root cause keeps producing new bugs because incomplete fixes leave gaps.

• CVE-2024-29415 hit the Node.js ip package in 2024. Its isPublic() check failed to canonicalize addresses first. Octal forms like 012.1.2.3 and the IPv4-mapped IPv6 form ::ffff:127.0.0.1 both slipped past it. It was a repeat of an earlier incomplete fix, CVE-2023-42282.
• CVE-2025-57814 surfaced in late 2025 in request-filtering-agent. An HTTPS request to 127.0.0.1 bypassed a filter that only blocked the HTTP version. The format was not even exotic here. The bypass came from inconsistent handling across protocols.
• FortiProxy and FortiOS (CVE-2024-26015) carried a CWE-1389 flaw in their IP blocklist validation. A crafted request could bypass the blocklist outright.

Security researchers still report these tricks in live bug bounty findings. Octal notation, hex encoding, dotless addresses, and IPv6-mapped forms all show up in modern SSRF write-ups. The format knowledge in this guide is exactly what lets a tester or defender spot the gap.

The defensive takeaway is not to memorize every exotic format. It is to normalize before you validate. Parse any incoming address into a single canonical 32-bit value first, then run your security checks against that normalized form. Never compare raw user-supplied strings against an allowlist. If you maintain validation code, test it against octal, hex, dotless, and IPv6-mapped inputs. Confirm it rejects or correctly normalizes every one.

Related Tools & Resources

NetworkCheckr offers complementary tools for working with IP address formats. The IP to Binary Converter handles all four formats at once. The Subnet Calculator applies the binary math behind subnetting. Companion guides cover IPv4 vs IPv6, subnetting, and public vs private addressing.

• IP to Binary Converter — convert any IPv4 address between decimal, binary, hex, and integer instantly.
• Subnet Calculator — apply the bitwise AND math behind subnetting.
• CIDR to IP Range — expand a CIDR block into its first and last address.
• My IP Address — see your current public IP in dotted-decimal form.
• How to Find Your Public IP Address — five methods plus CGNAT detection.
• IPv4 vs IPv6 — the protocol comparison and 2026 adoption stats.
• Public vs Private IP Addresses — how the RFC 1918 ranges fit in.
• Subnetting Beginner’s Guide — CIDR notation and subnet math step by step.
• All NetworkCheckr Tools — the full set of free networking utilities.

Frequently Asked Questions

These questions cover the practical edge cases. They explain why dotted-decimal exists, hand conversion to binary, hex uses, and integer storage. Plus IP classes, the loopback address, the 0177.0.0.1 trick, and whether format parsing bugs still matter in 2026.