How can every single device on a network have a different public IP?

They own an IP range, and are using the range to directly connect to WAN (Internet) instead of hiding behind NAT (Network Address Translation). Basically, NAT was made for environments lacking enough Public IP addresses for all the machines in the network, so all of them can hide behind a pool of (one or more) Public IP address(es). If you got at least one Public IP address per machine, then using NAT is a matter of choice.


Back in the old days (before the Public Internet came into being in 1991), technologies like NAT were not common, and most operators did not use RFC1918 addresses. They didn't divide the Internet into public and private spaces as they commonly do today.

In the early days, companies grabbed huge blocks of public IPs by reserving entire /8 networks, consisting of 16,777,216 discrete addresses each. The US Dept of Defense owns 13 such blocks. See here for well-known owners of /8 blocks: https://en.wikipedia.org/wiki/List_of_assigned_/8_IPv4_address_blocks#List_of_assigned_.2F8_blocks

Its been many years since blocks of that size have been available to new registrants, due to IPv4 address-space depletion, so technologies like NAT and RFC1918 networks were required to limit the number of public IPs necessary for network access. Large organizations however still hold their blocks, so they are free to use them themselves, or rent them out to others.


This is how the internet is supposed to work.

People started using private address ranges and NAT because the number of spare IP addresses started to get used up. And then people found that using NAT was easier than using a proper firewall despite it not really being for that.

If you can get the IP addresses and configure a proper firewall as required then this is a perfectly good way to work. With IPv6 it will hopefully become more common