Restricting your cookie based on IP address is a bad idea; for two reasons:
An IP address can potentially have a LOT of users behind it, through NAT and the likes. There’s even a few ISPs that I’ve known to do this.
And secondly, your site breaks horribly for users behind load balancing proxies (larger organisations, or even the tor anonymising proxy).