Private Address Ranges

RFC 1918 private IP ranges, reserved addresses, and special-use addresses.

The Two Internets: Public Spaces and Private Homes

To understand why certain IP addresses are "private" or "reserved," we must first grasp a fundamental concept: not all IP addresses are created equal. The internet functions like a massive global city with a public road and mail system, but it also contains countless private properties like homes, office buildings, and corporate campuses.

Public IP Addresses are like the unique street addresses of buildings in the city. They must be globally unique and are registered so that the global postal service (the internet's routers) knows how to deliver mail (data packets) to them from anywhere in the world. These addresses are essential for any publicly accessible service, like a website or a public email server. They are a scarce, managed resource.

Private IP Addresses are like the internal room numbers or apartment numbers within one of those private buildings. The address "Apartment 5B" is only meaningful inside 123 Main Street. It can be reused in the building across the street at 456 Oak Avenue, which can also have an "Apartment 5B". There is no conflict because the public postal service never sees these internal numbers; its job ends at the building's main entrance.

This separation was a brilliant solution to the problem of IPv4 address exhaustion. By designating certain ranges of IP addresses as "private-use only," network engineers created a system where any organization or household in the world could freely use these addresses for their internal networks without needing to request unique public IPs for every single device. This was formalized in a document known as .

The RFC 1918 Private Address Ranges

RFC 1918 set aside three specific blocks of addresses for private use. Routers on the public internet are universally configured to not forward packets that have a source or destination address within these ranges. This effectively isolates private networks from the global internet, with a router acting as the gateway.

1. The Class A Private Block: 10.0.0.0/8

Address Range: 10.0.0.0 to 10.255.255.255
CIDR Notation: 10.0.0.0/8
Mask: 255.0.0.0
Total Addresses: $2^{24}$ , or 16,777,216 addresses.

This is a single, enormous block of addresses, equivalent to one full Class A network. It is typically used by very large corporations and enterprises that require a massive internal address space to accommodate thousands of subnets and hundreds of thousands of devices across multiple locations worldwide.

2. The Class B Private Block: 172.16.0.0/12

Address Range: 172.16.0.0 to 172.31.255.255
CIDR Notation: 172.16.0.0/12
Mask: 255.240.0.0
Total Addresses: This block contains 16 contiguous Class B networks, totaling $16 \times 65,536 = 1,048,576$ addresses.

This range is commonly used by medium-to-large organizations, university campuses, and hospitals. It offers significant flexibility for creating numerous subnets without being as vast as the 10.0.0.0/8 block.

3. The Class C Private Block: 192.168.0.0/16

Address Range: 192.168.0.0 to 192.168.255.255
CIDR Notation: 192.168.0.0/16
Mask: 255.255.0.0
Total Addresses: This block contains 256 contiguous Class C networks, totaling $256 \times 256 = 65,536$ addresses.

This is by far the most widely recognized and used private address range. It is the default range used by the vast majority of consumer-grade home routers and small business equipment. When you see an IP address like `192.168.1.x`, you are looking at a device on a private network using this block.

Special Use and Reserved Addresses

Beyond the globally routable public addresses and the RFC 1918 private ranges, the IPv4 address space contains several other special blocks reserved for specific functions. It's crucial not to confuse these with the private ranges, as they serve very different purposes.

The Loopback Range: 127.0.0.0/8

Analogy: Think of this as the address you use when you talk to yourself.

The entire `127.0.0.0/8` block is reserved for loopback purposes. While the whole block is reserved, the only address you will almost ever see is 127.0.0.1, which is commonly referred to as `localhost`. A packet sent to `127.0.0.1` never leaves the host machine. Instead, it is "looped back" internally within the operating system's networking stack. This is a vital mechanism for testing network applications and services on a local machine without needing a physical network connection. It allows a developer to run both a client and a server on the same computer to test their communication.

Link-Local Addresses (APIPA): 169.254.0.0/16

Analogy: Imagine two people who don't know each other get stranded on a deserted island. To communicate, they might invent a simple, shared "language" that only they understand. This language is useless anywhere else in the world, but it works perfectly for local communication between them.

This is the purpose of Link-Local addresses. When a device (like your computer) is configured to obtain an IP address automatically via , but it cannot find a DHCP server on the network, it doesn't just give up. Instead, it self-assigns an IP address from the `169.254.0.0/16` range. This process is called Automatic Private IP Addressing (APIPA).

This allows devices on the same physical link (e.g., connected to the same small switch or directly with an Ethernet cable) to communicate with each other without any manual configuration or a central server. You can't reach the internet with an APIPA address, but you can, for example, share files directly between two laptops.

The "This Network" Address: 0.0.0.0

The address `0.0.0.0` is a special case with several meanings. Most commonly, it's used as a source address by a host when it is first starting up and sending a DHCP request to obtain an IP address. It essentially means, "I don't have an address yet." In the context of routing tables, a route to `0.0.0.0/0` represents the default route, the path that is used for any destination that doesn't have a more specific match in the table.