Private LAN IP addresses

From Noah.org
Revision as of 09:47, 25 September 2013 by Root (Talk | contribs)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search


These IP addresses are reserved for private networks (sometimes called localnet). These are routable only in a LAN; WAN gateways will not route the following IP addresses. The 192.168.0.0/16 range is the most familiar. Often forgotten is the 172.16.0.0/12 range.

IANA Reserved Private Network Ranges Start of range End of range Total addresses
24-bit Block (/8, 1 x A) 10.0.0.0 10.255.255.255 16777216
20-bit Block (/12, 16 x B) 172.16.0.0 172.31.255.255 1048576
16-bit Block (/16, 256 x C) 192.168.0.0 192.168.255.255 65536
Link-local Zeroconf (/16 minus the first and last /24 ranges) 169.254.1.0 169.254.254.255 65026

regex

A regex to match an arbitrary IPv4 address can be quite tricky. The following get close for testing against private IP addresses.

# localhost
allow ^127\.0\.0\.1$
# localnets
# 192.168.0.0/16
allow ^192\.168\.\d+\.\d+$
# 172.16.0.0/12
allow ^172\.(1[6-9]|2[0-9]|3[01])\.\d+\.\d+$
# 10.0.0.0/8
allow ^10\.\d+\.\d+\.\d+$
# Link-local Zeroconf (/16 minus the first and last /24 ranges)
# WARNING: this should exclude the first and last /24 ranges, but it does not.
# This shouldn't matter since the first and last /24 ranges are reserved.
allow ^169\.254\.\d+\.\d+$