An IP address is a unique numerical identifier assigned to a device on a network so that it can send and receive data. There are two versions in use, IPv4 and IPv6. IPv4 is the older and still more common format, written as four numbers like 192.168.1.1, while IPv6 is the newer version with a much larger address space, written as a longer string like 2001:0db8:85a3:0000:0000:8a2e:0370:7334. For most of the Professional Cloud Database Engineer material, and for most everyday work in a Virtual Private Cloud, the relevant format is IPv4. Inside a VPC, the addresses that matter are private IP addresses, and understanding how they are organized is what lets you reason about where a database instance sits on the network and which resources can reach it.
Private IP addresses are ranges reserved for use within private networks, such as a home network, an office network, or a VPC. They are not routable on the public internet on their own. The VPC and its subnets are what establish these private addresses and allow resources inside the network to communicate with each other. A useful way to picture the boundary is the simplest setup: there is the public internet, and a router connected to it that has its own public IP address, and behind that router the local devices each carry a private IP address. Traffic from the outside world reaches the router and is then routed to the private addresses behind it, and traffic from those devices goes back out the same way. The private addresses handle communication inside the network, and the public address is the point of contact with everything outside it.
This separation is the reason a database can live entirely on private addressing. When a Cloud SQL instance or another managed database is configured for private IP, it is assigned an address from a range inside the VPC, and only resources that share that network path can connect to it directly. There is no public address exposed for that connection. The exam expects you to be comfortable with the idea that internal communication runs over these private ranges, so the addressing scheme of the VPC is what defines the reachable surface for a database.
A small set of IPv4 ranges is reserved specifically for private networks, and you will see them constantly when setting up VPCs and subnets. There are three to know.
The 10.0.0.0/8 range is the largest, offering over 16 million addresses. It is often used in large private networks and corporate environments where a very high number of devices or resources needs to be accommodated. The 172.16.0.0/12 range is the middle option, providing roughly one million addresses, which fits medium sized private networks of the kind found in small to medium enterprises. The 192.168.0.0/16 range is the most familiar to many people because it is common in home networks and small office routers. It offers a more modest pool of about 65,000 addresses, which is usually enough for those smaller environments.
For the Professional Cloud Database Engineer exam, the practical takeaway is matching the size of the range to the scale of what it has to hold. A range with room for millions of addresses suits a large environment, while a smaller range is appropriate for a more contained one. When you allocate a subnet for database resources, the range has to be large enough for the addresses those resources will need, both now and as the deployment grows.
CIDR notation is the concise way these ranges are written, and it appears everywhere in VPC and subnet configuration. The format is an IP address followed by a slash and a number, written as X.X.X.X/Y. The part before the slash is the starting IP address of the network range. The number after the slash is the prefix length, which tells you how many bits are used for the network portion of the address. That same prefix length also determines how many addresses the range can hold.
The calculation is straightforward. Take the number after the slash, subtract it from 32 because an IPv4 address has 32 bits, and raise 2 to the power of the result. That gives the total number of possible addresses in the range. For example, with 192.168.0.0/12, subtracting 12 from 32 leaves 20, and 2 to the power of 20 is 1,048,576, so that range can hold a little over a million addresses.
The relationship runs in the direction that often trips people up. A smaller number after the slash means a larger range, because fewer bits are spent on the network portion and more are left for hosts. A larger number after the slash means a smaller range. Being able to do this conversion quickly is what lets you read a subnet definition and know whether it has enough room, or whether two ranges might overlap, both of which come up when you are placing database resources inside a network.
Our Professional Cloud Database Engineer course covers VPC IP addressing alongside subnets and private connectivity for managed databases, with practice questions that drill these distinctions.
