IPv4 Reserved Addresses: Complete Guide
Not all IPv4 addresses are available for general use. Certain address ranges are reserved for special purposes, private networks, documentation, testing, and future use. Understanding reserved addresses is essential for network design, troubleshooting, and avoiding configuration errors. This comprehensive guide explains all IPv4 reserved address ranges and their purposes.
What Are Reserved Addresses?
Reserved IP addresses are ranges set aside by IANA (Internet Assigned Numbers Authority) for specific purposes. These addresses cannot be used for regular internet routing or may have special meanings in network protocols.
Categories of Reserved Addresses
Private addresses: For use in private networks (RFC 1918) Special-use addresses: Specific protocol purposes Documentation addresses: Safe for examples Loopback addresses: Local testing Link-local addresses: Automatic configuration Multicast addresses: Group communication Reserved for future use: Not currently allocated
Private Address Ranges (RFC 1918)
Class A Private Range
Range: 10.0.0.0 - 10.255.255.255
CIDR: 10.0.0.0/8
Subnet mask: 255.0.0.0
Total addresses: 16,777,216
Purpose: Large private networks
Common uses: - Enterprise networks - Large organizations - VPN networks - Cloud private networks
Example configuration:
Corporate HQ: 10.0.0.0/16
Branch Office 1: 10.1.0.0/16
Branch Office 2: 10.2.0.0/16
VPN Users: 10.100.0.0/16
Characteristics: - Most flexible range - Plenty of address space - Easy subnetting - Industry standard for large networks
Class B Private Range
Range: 172.16.0.0 - 172.31.255.255
CIDR: 172.16.0.0/12
Subnet mask: 255.240.0.0
Total addresses: 1,048,576 (16 Class B networks)
Purpose: Medium-sized private networks
Common uses: - Medium enterprises - Campus networks - Data centers - Docker default network
Example configuration:
Main Network: 172.16.0.0/16
DMZ: 172.17.0.0/16
Guest Network: 172.18.0.0/16
Management: 172.19.0.0/16
Note: Only 172.16.0.0 through 172.31.255.255 are private - 172.15.x.x is public - 172.32.x.x is public
Class C Private Range
Range: 192.168.0.0 - 192.168.255.255
CIDR: 192.168.0.0/16
Subnet mask: 255.255.0.0
Total addresses: 65,536 (256 Class C networks)
Purpose: Small private networks
Common uses: - Home networks - Small offices - SOHO (Small Office/Home Office) - Default router configurations
Example configuration:
Home Network: 192.168.1.0/24
Guest WiFi: 192.168.2.0/24
IoT Devices: 192.168.3.0/24
Characteristics: - Most common for home use - Easy to remember - Default for many routers - 192.168.1.1 typical gateway
Loopback Addresses (RFC 1122)
Range: 127.0.0.0 - 127.255.255.255
CIDR: 127.0.0.0/8
Most common: 127.0.0.1
Purpose: Local loopback testing
Characteristics: - Traffic never leaves device - Always available - No network card needed - Used for localhost
Uses:
Testing: ping 127.0.0.1
Web development: http://localhost:8080
Database: mysql://127.0.0.1:3306
Services: 127.0.0.1:80
Special addresses:
127.0.0.1 - Standard loopback
127.0.0.2 - Also valid loopback
127.x.x.x - All valid loopback
127.255.255.255 - Broadcast loopback
Link-Local Addresses (RFC 3927)
Range: 169.254.0.0 - 169.254.255.255
CIDR: 169.254.0.0/16
Subnet mask: 255.255.0.0
Purpose: Automatic Private IP Addressing (APIPA)
When used:
DHCP server unavailable
No static IP configured
Automatic fallback
Zero-configuration networking
How it works:
1. Device requests DHCP
2. No DHCP response
3. Device auto-assigns 169.254.x.x
4. Can communicate with other link-local devices
5. No internet access
Troubleshooting:
If you see 169.254.x.x:
- DHCP server is down
- Network cable unplugged
- DHCP exhausted
- Configuration error
Example:
Windows: ipconfig
Autoconfiguration IPv4 Address: 169.254.123.45
Subnet Mask: 255.255.0.0
Default Gateway: (none)
Documentation Addresses (RFC 5737)
Purpose: Safe to use in documentation and examples
Ranges:
TEST-NET-1:
Range: 192.0.2.0 - 192.0.2.255
CIDR: 192.0.2.0/24
TEST-NET-2:
Range: 198.51.100.0 - 198.51.100.255
CIDR: 198.51.100.0/24
TEST-NET-3:
Range: 203.0.113.0 - 203.0.113.255
CIDR: 203.0.113.0/24
Why use these? - Won't conflict with real addresses - Safe for documentation - Won't accidentally route - Industry standard
Example usage:
In documentation:
"Configure your server at 192.0.2.10"
"Connect to 198.51.100.50"
"Route traffic to 203.0.113.1"
Multicast Addresses (RFC 5771)
Range: 224.0.0.0 - 239.255.255.255
CIDR: 224.0.0.0/4
Purpose: One-to-many communication
Subdivisions:
Local Network Control (224.0.0.0/24):
224.0.0.1 - All hosts on subnet
224.0.0.2 - All routers on subnet
224.0.0.5 - OSPF routers
224.0.0.6 - OSPF designated routers
224.0.0.9 - RIPv2 routers
224.0.0.13 - PIM routers
224.0.0.22 - IGMPv3
Internetwork Control (224.0.1.0/24):
224.0.1.1 - NTP (Network Time Protocol)
224.0.1.2 - SGI Dogfight
224.0.1.39 - Cisco Auto-RP
224.0.1.40 - Cisco RP-Announce
Source-Specific Multicast (232.0.0.0/8):
232.0.0.0 - 232.255.255.255
For SSM applications
GLOP Addressing (233.0.0.0/8):
233.0.0.0 - 233.255.255.255
Statically assigned
Based on AS numbers
Administratively Scoped (239.0.0.0/8):
239.0.0.0 - 239.255.255.255
Private multicast
Organization-local
Uses: - IPTV streaming - Stock market data - Video conferencing - Routing protocols - Service discovery
Broadcast Addresses
Limited Broadcast:
Address: 255.255.255.255
Scope: Local network only
Never routed
All devices on segment receive
Directed Broadcast:
Format: Network address with all host bits set to 1
Example: 192.168.1.255 (for 192.168.1.0/24)
Usually blocked by routers
Security risk (DDoS amplification)
Special-Purpose Addresses
This Network (RFC 1122)
Range: 0.0.0.0 - 0.255.255.255
CIDR: 0.0.0.0/8
Purpose: "This network"
Uses:
0.0.0.0 - Default route
0.0.0.0/0 - All addresses (routing)
Source address when no IP assigned
DHCP discovery source
Example:
Routing table:
0.0.0.0/0 via 192.168.1.1 (default gateway)
Shared Address Space (RFC 6598)
Range: 100.64.0.0 - 100.127.255.255
CIDR: 100.64.0.0/10
Purpose: Carrier-Grade NAT (CGNAT)
Uses: - ISP internal addressing - CGNAT implementations - Shared between customers - Not routed on internet
Example:
ISP assigns: 100.64.25.100
Your router WAN IP: 100.64.25.100
Public IP (shared): 203.0.113.45
IETF Protocol Assignments (RFC 6890)
Range: 192.0.0.0 - 192.0.0.255
CIDR: 192.0.0.0/24
Purpose: IETF protocol assignments
Special addresses:
192.0.0.0/29 - DS-Lite
192.0.0.8/32 - IPv4 dummy address
192.0.0.9/32 - Port Control Protocol
192.0.0.10/32 - Traversal Using Relays around NAT
IPv4 Service Continuity (RFC 7335)
Range: 192.0.0.0/29
Purpose: IPv6 transition mechanisms
Benchmarking (RFC 2544)
Range: 198.18.0.0 - 198.19.255.255
CIDR: 198.18.0.0/15
Purpose: Network benchmarking
Uses: - Performance testing - Network device testing - Benchmark traffic generation - Not routed publicly
Reserved for Future Use (RFC 1112)
Range: 240.0.0.0 - 255.255.255.254
CIDR: 240.0.0.0/4
Purpose: Reserved for future use
Status: - Class E addresses - Never allocated - Some proposals to reclaim - Compatibility issues prevent use
Exception:
255.255.255.255 - Limited broadcast
(Part of this range but has specific use)
Summary Table
| Range | CIDR | Purpose | Routable |
|---|---|---|---|
| 0.0.0.0/8 | 0.0.0.0 - 0.255.255.255 | This network | No |
| 10.0.0.0/8 | 10.0.0.0 - 10.255.255.255 | Private (Class A) | No |
| 100.64.0.0/10 | 100.64.0.0 - 100.127.255.255 | CGNAT | No |
| 127.0.0.0/8 | 127.0.0.0 - 127.255.255.255 | Loopback | No |
| 169.254.0.0/16 | 169.254.0.0 - 169.254.255.255 | Link-local | No |
| 172.16.0.0/12 | 172.16.0.0 - 172.31.255.255 | Private (Class B) | No |
| 192.0.0.0/24 | 192.0.0.0 - 192.0.0.255 | IETF Protocol | No |
| 192.0.2.0/24 | 192.0.2.0 - 192.0.2.255 | Documentation | No |
| 192.168.0.0/16 | 192.168.0.0 - 192.168.255.255 | Private (Class C) | No |
| 198.18.0.0/15 | 198.18.0.0 - 198.19.255.255 | Benchmarking | No |
| 198.51.100.0/24 | 198.51.100.0 - 198.51.100.255 | Documentation | No |
| 203.0.113.0/24 | 203.0.113.0 - 203.0.113.255 | Documentation | No |
| 224.0.0.0/4 | 224.0.0.0 - 239.255.255.255 | Multicast | Special |
| 240.0.0.0/4 | 240.0.0.0 - 255.255.255.254 | Reserved | No |
| 255.255.255.255/32 | 255.255.255.255 | Broadcast | No |
Common Mistakes
Mistake 1: Using Reserved Addresses
Wrong:
Assigning 127.0.0.5 to a server
Using 169.254.x.x for static IPs
Routing 192.0.2.x on production
Correct:
Use appropriate private ranges
Use public IPs for internet-facing
Use documentation IPs only in docs
Mistake 2: Confusing Private Ranges
Wrong:
172.15.0.0 is private (it's not!)
172.32.0.0 is private (it's not!)
Only 172.16.0.0 - 172.31.255.255 is private
Correct:
Verify exact ranges
172.16.0.0/12 only
Check subnet calculator
Mistake 3: Blocking Necessary Multicast
Wrong:
Blocking all 224.x.x.x
Breaks routing protocols
Breaks service discovery
Correct:
Allow necessary multicast
224.0.0.0/24 for local protocols
Specific ranges for services
Best Practices
Network Design
1. Use appropriate private ranges
Large network: 10.0.0.0/8
Medium network: 172.16.0.0/12
Small network: 192.168.0.0/16
2. Don't mix ranges unnecessarily
Stick to one private range if possible
Easier management
Clearer design
3. Reserve space
Don't use all available addresses
Leave room for growth
Document allocations
Documentation
1. Use documentation ranges
Examples: 192.0.2.x
Tutorials: 198.51.100.x
Samples: 203.0.113.x
2. Never use real IPs in docs
Privacy concerns
Potential conflicts
Unprofessional
Troubleshooting
1. Check for reserved addresses
169.254.x.x → DHCP issue
127.x.x.x → Loopback (local only)
100.64.x.x → Behind CGNAT
2. Verify routing
Private IPs shouldn't route to internet
Check NAT configuration
Verify firewall rules
3. Monitor multicast
Ensure necessary multicast allowed
Check routing protocol operation
Verify service discovery
Security Considerations
Private Address Leakage
Problem:
Private IPs in public DNS
Private IPs in email headers
Private IPs in HTTP headers
Solution:
Scrub private IPs at edge
Use NAT properly
Configure proxies correctly
Spoofing Prevention
Ingress filtering:
Block private source IPs from internet
Block loopback from external
Block documentation ranges
RFC 2827 / BCP 38
Egress filtering:
Prevent private IPs leaving network
Block spoofed sources
Implement BCP 38
Conclusion
Understanding IPv4 reserved addresses is crucial for proper network design, configuration, and troubleshooting. These ranges serve specific purposes and must be used appropriately to avoid conflicts, routing issues, and security problems.
Related Articles
IPv4 Address Types
- IPv4 Private Ranges - RFC 1918 private addresses
- Loopback Address - 127.0.0.1 explained
- Broadcast Address - Network-wide communication
- Multicast Address - Group communication
IPv4 Fundamentals
- What is an IPv4 Address? - IPv4 basics
- IP Address Classes - Classful addressing
- IPv4 CIDR Notation - Modern addressing
- IPv4 Subnetting - Network division
Network Configuration
- Private vs Public IP - Address types
- NAT - Network Address Translation
- DHCP - Automatic IP assignment
- Routing - IP routing fundamentals
Explore More
- IPv4 Guide - Complete IPv4 resource hub
- Networking Basics - Essential concepts
Key takeaways: - Private ranges: 10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16 - Loopback: 127.0.0.0/8 (localhost) - Link-local: 169.254.0.0/16 (APIPA) - Documentation: 192.0.2.0/24, 198.51.100.0/24, 203.0.113.0/24 - Multicast: 224.0.0.0/4 - CGNAT: 100.64.0.0/10 - Reserved for future: 240.0.0.0/4 - Never route private addresses to internet - Use documentation ranges in examples - Understand special-purpose addresses
Proper use of reserved addresses ensures network functionality, prevents conflicts, and maintains internet routing integrity. Whether designing networks, writing documentation, or troubleshooting issues, knowledge of reserved address ranges is essential for network professionals.
