LiveChat 
Support 
Private IP Address Ranges Explained: RFC 1918, IP Classes, and How NAT Works
When you check your laptop’s IP address at home and see something like `192.168.1.42`, you are looking at a private IP address — a number drawn from a small set of blocks reserved specifically for internal, local networks. These addresses are not routable on the public internet. They exist so that the device behind your router can talk to your printer, your phone, and your gateway without consuming one of the world’s scarce public addresses.
This guide explains exactly what private IP address ranges are, lists the three blocks defined by RFC 1918, walks through the older class of IP address range system (A through E, including the Class D and Class E ranges), and shows how Network Address Translation (NAT) stitches private and public addressing together. By the end you will understand why your phone, laptop, and smart TV can all share a single public IP — and why that quiet trick kept IPv4 alive for two extra decades.
Key Takeaways
• Private IP address ranges are three reserved IPv4 blocks — 10.0.0.0/8, 172.16.0.0/12, and 192.168.0.0/16 (RFC 1918) — usable on any internal network and never routed on the public internet.
• Public vs private IP: public addresses are globally unique and internet-routable; private addresses are reusable and local. NAT translates between them.
• The older classful system split IPv4 into classes A-E by leading bits; private ranges were originally carved from Class A, B, and C space.
• Class D (224.0.0.0-239.255.255.255) is reserved for multicast and Class E (240.0.0.0+) for experimental use — neither is assigned to ordinary hosts.
• CIDR replaced rigid classes in 1993, letting networks be sized by prefix length instead of fixed class boundaries.
What are private IP address ranges?
A private IP address range is a block of IPv4 addresses that the Internet Assigned Numbers Authority (IANA) has reserved for use inside private networks. Any organization, household, or data center can use these addresses freely, without registration, because routers on the public internet are configured to drop traffic to and from them. That single rule — *not routable on the public internet* — is what makes the same address safe to reuse across millions of independent networks at once.
The ranges are defined in RFC 1918, “Address Allocation for Private Internets,” published in 1996. There are exactly three blocks, and together they cover everything from a two-device home network to a global enterprise with hundreds of thousands of hosts.
The three RFC 1918 private ranges
| Range | CIDR | Approx. addresses | Typical use |
|---|---|---|---|
| 10.0.0.0 – 10.255.255.255 | 10.0.0.0/8 | ~16.7 million | Large enterprises, cloud VPCs, data center fabrics |
| 172.16.0.0 – 172.31.255.255 | 172.16.0.0/12 | ~1 million | Mid-size networks, container/Docker default bridges |
| 192.168.0.0 – 192.168.255.255 | 192.168.0.0/16 | ~65,500 | Home and small-office routers, SOHO equipment |
A few precision points worth internalizing:
- The 10.0.0.0/8 block is a single full Class A network — the largest private space available, which is why cloud providers and big enterprises favor it.
- The 172.16.0.0/12 block spans `172.16.x.x` through `172.31.x.x` — a common point of confusion, since `172.15.x.x` and `172.32.x.x` are *public* addresses. Only the 16 second-octet values from 16 to 31 are private.
- The 192.168.0.0/16 block is what almost every consumer router ships with, typically handing out addresses on `192.168.0.0/24` or `192.168.1.0/24`.
Because these blocks are reserved, you can deploy `192.168.1.10` on your home network and a colleague across the world can deploy the exact same address on theirs. Neither network sees the other, and neither needs permission to use it.
Public vs private IP: why do both exist?
The split between public vs private IP addressing comes down to two competing needs: global reachability and address conservation.
A public IP address is globally unique. Exactly one device (or NAT gateway) on the entire internet holds a given public address at a time, and packets carrying that address as a destination can be routed to it from anywhere. Public addresses are a finite, allocated resource — IANA hands blocks to regional registries, which assign them to ISPs and hosting providers.
A private IP address is locally unique only. It is meaningful inside its own network and meaningless outside it. Because of that, the same private address can exist on an unlimited number of separate networks simultaneously.
Both exist because IPv4 only has about 4.3 billion total addresses — far fewer than the number of connected devices on Earth. If every phone, laptop, thermostat, and light bulb needed its own public address, we would have exhausted the supply long ago. Instead, internal devices use private addresses, and a single public address (or a small pool) represents the whole network to the outside world. The bridge between these two worlds is NAT.
How NAT connects the two
Network Address Translation rewrites the source address of outbound packets. When your laptop at `192.168.1.42` requests a web page, your router replaces that private source address with its own public address before forwarding the packet to the internet. When the reply comes back, the router consults a translation table, restores the original private address, and delivers the packet to your laptop. The remote server never sees — and never needs to see — your private address.
The common variant on home and office gateways is PAT (Port Address Translation, sometimes called NAT overload), which multiplexes many internal devices onto one public IP by tracking distinct port numbers. This is the mechanism that lets dozens of devices share a single public address.
What are IP address classes and ranges?
Before CIDR, IPv4 used a classful addressing system that divided the entire address space into five fixed classes — A through E — based on the leading bits of the address. Understanding IP address classes and ranges still matters because the terminology survives in documentation, exam material, and the way private ranges were originally chosen.
The class determined where the network portion of the address ended and the host portion began. Class A used the first octet for the network; Class B used the first two; Class C used the first three. Classes D and E were special-purpose and never used for ordinary host addressing.
IP address classes A through E
| Class | Range (first octet) | Leading bits | Default mask | Purpose |
|---|---|---|---|---|
| A | 0.0.0.0 – 127.255.255.255 | 0 | /8 | Very large networks (16M+ hosts each) |
| B | 128.0.0.0 – 191.255.255.255 | 10 | /16 | Medium networks (~65K hosts each) |
| C | 192.0.0.0 – 223.255.255.255 | 110 | /24 | Small networks (254 hosts each) |
| D | 224.0.0.0 – 239.255.255.255 | 1110 | n/a | Multicast group addressing |
| E | 240.0.0.0 – 255.255.255.255 | 1111 | n/a | Experimental / reserved |
The class D IP address range (224.0.0.0 – 239.255.255.255) is set aside entirely for multicast — one-to-many delivery, used by routing protocols (OSPF uses 224.0.0.5/6), streaming, and service discovery. You will never assign a Class D address to a host’s network interface as its primary address.
The Class E range (240.0.0.0 and above) was reserved for experimental and future use. Most of it has never been put into general production, though there are periodic proposals to reclaim it given IPv4 scarcity.
How classes relate to the private ranges
The three RFC 1918 private blocks map neatly onto the old classful boundaries:
- 10.0.0.0/8 is a single Class A network.
- 172.16.0.0/12 sits within the Class B range (it spans 16 contiguous Class B networks).
- 192.168.0.0/16 sits within the Class C range (256 contiguous Class C networks).
For this reason you will still hear engineers casually refer to “a Class A private network” or “Class C addressing” at home — shorthand that is technically imprecise under CIDR but historically rooted.
Here is the part that rarely gets stated plainly: private IP address ranges are the quiet workaround that kept IPv4 alive long past its address exhaustion. Because billions of devices sit behind NAT reusing the *same* private ranges — every home network’s `192.168.x.x` is independent of and invisible to every other — the world needs vastly fewer scarce public IPs than it has devices. Your phone, laptop, and smart TV can all share one public IP because private ranges plus NAT let an unlimited number of internal networks reuse identical addresses without conflict. It is address recycling at planetary scale. The classful designers in the early 1980s never planned for this; RFC 1918 and NAT were retrofits that turned a hard ceiling of 4.3 billion addresses into something the modern internet could live with for decades.
Why did we move from classes to CIDR?
The classful system was wasteful. An organization that needed 2,000 addresses was too big for a Class C (254 hosts) but, if given a Class B, wasted over 63,000 addresses. There was no middle ground. As the internet grew through the late 1980s, this rigidity burned through the address space and bloated routing tables.
CIDR — Classless Inter-Domain Routing — replaced fixed classes in 1993 (RFC 1519). Instead of three preset network sizes, CIDR lets you specify the network boundary anywhere using a prefix length: `/8`, `/19`, `/27`, and so on. The notation `192.168.1.0/24` means “the first 24 bits are network, the remaining 8 are host.” This flexibility allowed addresses to be allocated in right-sized blocks and let routers aggregate many networks into a single route advertisement, slowing routing-table growth dramatically.
CIDR is also why the private ranges are written as `/8`, `/12`, and `/16` today rather than “one Class A and a slice of Class B.” The class names persist as vocabulary, but the underlying allocation is entirely classless. If you are designing internal networks, you size subnets with CIDR math, not class defaults.
What other special IP ranges should you know?
Beyond the three private ranges and the five classes, two reserved ranges show up constantly in real networks:
- Loopback — 127.0.0.0/8. Any address in this block (most commonly `127.0.0.1`, known as *localhost*) refers to the local machine itself. Traffic sent to a loopback address never leaves the host. This is technically carved from the old Class A space, which is why Class A “ends” at 127 in the table above — 127 is special-cased.
- Link-local — 169.254.0.0/16. When a device is configured for DHCP but cannot reach a DHCP server, it self-assigns an address from this range (a process called APIPA on Windows). If you have ever seen a `169.254.x.x` address, it usually means your device failed to get a lease — a useful diagnostic signal.
Neither loopback nor link-local addresses are routed across networks. They join the private ranges as addresses you will encounter daily but never see on the public internet.
How does this work at home or in the office?
Walk through a typical home setup and every concept above falls into place.
- Your ISP assigns one public IP to your router’s external (WAN) interface. This is the address the rest of the internet sees.
- Your router’s internal (LAN) interface uses a private address — usually `192.168.1.1` — and runs a DHCP server.
- When your laptop, phone, and TV connect, the router’s DHCP server leases each one a private IP from `192.168.1.0/24` (for example `192.168.1.20`, `.21`, `.22`).
- Those devices talk to each other directly over the LAN using private addresses.
- When any of them reaches out to the internet, the router applies NAT/PAT, swapping the private source for the single public WAN address and tracking the session by port.
The result: an entire household of devices shares one public IP. An office works identically, just at larger scale — often on `10.0.0.0/8` to accommodate thousands of hosts, with subnetting carving the space into departments, VLANs, and sites.
Hosting with DarazHost: addressing flexibility for real infrastructure. DarazHost VPS and dedicated servers come with public IPs — including dedicated-IP options — for your live, internet-facing services, so your sites and applications are reachable with stable, globally routable addresses. Where supported, you also get the networking control to set up private/internal networking between your servers, keeping database, cache, and backend traffic on private ranges away from the public internet. That is the addressing flexibility real infrastructure needs: public reachability where it counts, private isolation where it matters, backed by 24/7 support.
This addressing model — private ranges for internal traffic, public IPs for the services your visitors actually reach — is one layer of how networking and DNS deliver people to your server. For the complete picture, see our pillar guide: Networking and DNS for Hosting: The Complete Guide to How Visitors Reach Your Server.
Frequently asked questions
What are the three private IP address ranges? The three RFC 1918 private ranges are 10.0.0.0/8 (10.0.0.0–10.255.255.255), 172.16.0.0/12 (172.16.0.0–172.31.255.255), and 192.168.0.0/16 (192.168.0.0–192.168.255.255). All three are reserved for internal networks and are never routed on the public internet.
Is 192.168.1.1 a public or private IP? It is a private IP. `192.168.1.1` falls inside the 192.168.0.0/16 private block and is the default gateway address on many home and small-office routers. It is reachable only inside your local network, not from the internet.
What is the Class D IP address range used for? The Class D range is 224.0.0.0 to 239.255.255.255, reserved entirely for multicast — efficient one-to-many delivery used by routing protocols, streaming, and service discovery. Class D addresses are never assigned to a host as its own interface address.
What is the difference between public and private IP addresses? A public IP is globally unique and routable across the internet; only one device worldwide holds it at a time. A private IP is unique only within its local network and can be reused on millions of separate networks. NAT translates private addresses to a public one so internal devices can reach the internet.
Why did the internet move from IP classes to CIDR? The classful system offered only three fixed network sizes (A, B, C), which wasted huge amounts of address space and bloated routing tables. CIDR, introduced in 1993, lets networks be sized precisely with prefix lengths (like /19 or /27) and lets routers aggregate routes, conserving the limited IPv4 supply.
