Private vs Public IP Addresses
The RFC 1918 private ranges, why they exist, and how NAT lets your whole office share a single public IP.
Two Worlds of IP Addresses
Every networked device has an IP address, but not all IP addresses are equal. There are two fundamental types:
- Public IP addresses — routable on the global internet. Packets destined for a public IP can reach your device from anywhere in the world.
- Private IP addresses — used inside local networks only. Internet routers will not forward packets to these addresses.
Understanding which type of address you are dealing with is the first step in designing or troubleshooting any network.
The Private Ranges (RFC 1918)
Three blocks of IPv4 address space are permanently reserved for private use by RFC 1918. Any organisation can use them internally — no registration required, no ISP involvement.
| Name | Range | CIDR | Addresses |
|---|---|---|---|
| Class A | 10.0.0.0 – 10.255.255.255 | /8 | 16.7 million |
| Class B | 172.16.0.0 – 172.31.255.255 | /12 | 1.05 million |
| Class C | 192.168.0.0 – 192.168.255.255 | /16 | 65,536 |
Most small businesses use 192.168.x.x or 10.x.x.x. The 192.168.1.0/24 you see on home routers is just one /24 slice of the larger Class C
private space — there are 256 /24 subnets available within that range alone.
10.0.0.0/8. It gives you room to assign a unique /24 to every
floor, building, or site without overlapping. 192.168.x.x is fine for a single
small office but runs out of room quickly when you start adding VLANs.Why Private Addresses Exist
IPv4 only has about 4.3 billion addresses — not enough for every device on the planet. Private ranges let many organisations reuse the same address space internally without conflict, so only the router at the network edge needs a public IP.
This was a critical design decision in the 1990s that allowed the internet to scale far beyond what the original architects imagined. Without it, IPv4 would have been exhausted long before it actually was.
How NAT Works
When a device on your private network (e.g. 192.168.1.50) wants to reach a
website, it cannot use its private IP directly — the internet has no route back to it. Instead,
your router performs Network Address Translation (NAT):
- The packet leaves
192.168.1.50destined for93.184.216.34(example.com). - The router replaces the source IP with its own public IP (e.g.
203.0.113.10) and records the translation. - The web server sees the request coming from
203.0.113.10and replies to it. - The router receives the reply, reverses the translation, and delivers it to
192.168.1.50.
This is how your entire office shares one public IP address. The NAT table in your router keeps track of thousands of simultaneous connections — one for each open TCP session across all devices.
Other Special Ranges Worth Knowing
| Range | Purpose |
|---|---|
127.0.0.0/8 | Loopback — always refers to the local device. 127.0.0.1 is "this machine". |
169.254.0.0/16 | Link-local (APIPA) — self-assigned when no DHCP server responds. Usually indicates a misconfiguration. |
100.64.0.0/10 | Carrier-grade NAT (CGNAT) — used by ISPs and by Tailscale for its overlay network. |
0.0.0.0/0 | The default route — represents every IP address; used in routing tables as the catch-all. |
When to Use Which
Use private addresses for everything inside your network: servers, workstations, printers, access points, switches, and IoT devices.
You need public addresses when a resource must be reachable directly from the internet — a web server, a mail server, or a VPN endpoint that external clients connect to. Your ISP assigns these, and you typically get one or a small block with your internet connection.
If you are managing a small business network day-to-day, you will almost exclusively work with private addresses and only interact with public IPs at the firewall or edge router — usually just to set up port forwarding or inbound rules.
Track every address in your space
getIPAM lets you organise private ranges into address spaces and subnets, and allocate individual IPs to devices — all in one place.
Start free