SafekipediaPrivate network
Adapted from Wikipedia · Discoverer experience
A private network is a computer network that uses special kinds of addresses called private IP addresses. These addresses are used for connecting devices together in places like homes, offices, and big companies. They help people share information and devices, like printers, without needing a unique address from the whole Internet for each one.
Most Internet providers give each home just one public address, but many homes have many devices such as computers and smartphones. To solve this, a special device called a network address translator helps share that one address among many devices. Private networks are also used in companies to keep their information safe, often using tools like a proxy to control who can go online and what they can do.
Anyone can use private addresses without asking permission, and they were created partly to save public addresses, which were running out. Because these addresses can't be used on the public Internet, they help keep networks safer by making it harder for people outside to connect to devices inside.
Private IPv4 addresses
The Internet Engineering Task Force (IETF) directed the Internet Assigned Numbers Authority (IANA) to reserve specific groups of IPv4 addresses just for private networks. These special addresses are used for connecting computers together in homes, offices, and businesses.
Often, these address ranges are split into smaller pieces called subnets to better organize the network.
| RFC 1918 name | IP address range | Number of addresses | Largest CIDR block (subnet mask) | Host ID size | Mask bits | Classful description |
|---|---|---|---|---|---|---|
| 24-bit block | 10.0.0.0 – 10.255.255.255 | 16777216 | 10.0.0.0/8 (255.0.0.0) | 24 bits | 8 bits | single class A network |
| 20-bit block | 172.16.0.0 – 172.31.255.255 | 1048576 | 172.16.0.0/12 (255.240.0.0) | 20 bits | 12 bits | 16 contiguous class B networks |
| 16-bit block | 192.168.0.0 – 192.168.255.255 | 65536 | 192.168.0.0/16 (255.255.0.0) | 16 bits | 16 bits | 256 contiguous class C networks |
Dedicated space for carrier-grade NAT deployment
Main article: IPv4 shared address space
In April 2012, a special group of internet addresses called 100.64.0.0/10 was set aside for use in certain types of internet connections managed by big companies. These addresses are only for use by internet providers and should not be used by regular home or office networks. The block was made large enough to give unique addresses to all the devices used by a single internet provider in a big city like Tokyo.
| IP address range | Number of addresses | Largest CIDR block (subnet mask) | Host ID size | Mask bits |
|---|---|---|---|---|
| 100.64.0.0 – 100.127.255.255 | 4194304 | 100.64.0.0/10 (255.192.0.0) | 22 bits | 10 bits |
Private IPv6 addresses
Main article: Unique local address
In the next version of the Internet Protocol, called IPv6, special groups of addresses are set aside for private networks. These addresses help connect local networks without interfering with each other. One group of addresses, called unique local addresses, includes a random number to make sure networks don’t mix up their signals when connected.
The most common group of these addresses starts with fd00::/8 and allows users to create many smaller network sections as needed. Earlier, another group of addresses was suggested, but it was stopped because it had problems.
| RFC 4193 Block | Prefix/L | Global ID (random) | Subnet ID | Number of addresses in subnet |
|---|---|---|---|---|
| 48 bits | 16 bits | 64 bits | ||
| fd00::/8 | fd | xx:xxxx:xxxx | yyyy | 18446744073709551616 |
| Prefix/L | Global ID (random) | Subnet ID | Interface ID | Address | Subnet |
|---|---|---|---|---|---|
| fd | xx:xxxx:xxxx | yyyy | zzzz:zzzz:zzzz:zzzz | fdxx:xxxx:xxxx:yyyy:zzzz:zzzz:zzzz:zzzz | fdxx:xxxx:xxxx:yyyy::/64 |
| fd | 12:3456:789a | 0001 | 0000:0000:0000:0001 | fd12:3456:789a:1::1 | fd12:3456:789a:1::/64 |
Link-local addresses
Main article: Link-local address
Link-local addresses are a special kind of private network address. They only work within a small area, like all the computers connected to one switch or one wireless network. Computers on the other side of a network router cannot see these addresses.
In older technology called IPv4, addresses from 169.254.0.0/16 can be used when a network doesn’t have a special setup. In newer technology called IPv6, addresses from fe80::/10 are always used for this purpose. There is also a special address called the loopback interface that only works on one computer. In IPv4 this is 127.0.0.0/8 and in IPv6 it is ::1.
Misrouting
Sometimes, data from private networks can accidentally end up on the Internet. This happens because these networks don't always set up their address systems correctly, leading to extra traffic going to the Internet's main address servers. The AS112 project helps by providing special servers that tell the network these addresses don't exist, stopping the extra traffic.
Most company routers are set up to block this wrong traffic from entering, whether it happens by mistake or on purpose. Sometimes, Internet service providers also block this traffic from their customers, which helps keep the Internet running smoothly.
Merging private networks
When private IPv4 networks use the same address ranges, it can cause problems when combining them, as some addresses might be used by more than one device. This means the networks need to be reorganized, which can take time, or a special device called a network address translator may be needed to help the networks work together.
IPv6 solves this problem by providing unique local addresses, which give each organization a very large space of addresses to use. This makes it almost impossible for two different networks to accidentally use the same addresses when they are connected, so merging them is much easier.
RFC documents
- RFC – Address Allocation for Private Internets
- RFC – Observations on the use of Components of the Class A Address Space within the Internet
- RFC – The Internet Number Registry System
- RFC – IPv4 Address Behaviour Today
- RFC – IP Network Address Translator (NAT) Terminology and Considerations
- RFC – Traditional IP Network Address Translator (Traditional NAT)
- RFC – Special-Use IPv4 Addresses (superseded)
- RFC – Deprecating Site Local Addresses
- RFC – Dynamic Configuration of IPv4 Link-Local Addresses
- RFC – Unique Local IPv6 Unicast Addresses
- RFC – Special-Use IPv4 Addresses (superseded)
- RFC – Reserved IPv4 Prefix for Shared Address Space
- RFC – Special-Purpose IP Address Registries
Related articles
This article is a child-friendly adaptation of the Wikipedia article on Private network, available under CC BY-SA 4.0.