Fundamentals 4 min read

The 127.0.0.0/8 Loopback Range: More Than Just localhost

Most engineers know 127.0.0.1 as localhost. But the entire 127.0.0.0/8 range — 16 million addresses — is reserved for loopback. Here's what that means and when the other addresses matter.

loopback 127.0.0.1 localhost networking rfc5735

Ask any developer what 127.0.0.1 is and they will say "localhost." Ask them about the 127.0.0.0/8 range and many will be surprised — the entire /8 (16,777,216 addresses) is reserved for loopback, not just 127.0.0.1. RFC 5735 designates 127.0.0.0/8 as the loopback block, and packets sent to any address in this range are handled by the host's loopback interface, never hitting the network wire.

What Loopback Does

When your application connects to 127.0.0.1, the packet never leaves the host. The operating system intercepts it at the network stack level and loops it back to a listening socket on the same machine. This makes loopback the tool of choice for inter-process communication, local service testing, and connection verification without network exposure.

Why the Entire /8?

RFC 990 reserved the Class A block 127.0.0.0/8 for loopback in 1984, when address space seemed abundant. The entire block was set aside to guarantee that no two hosts would ever have an ambiguous loopback address. In practice, only 127.0.0.1 is used in virtually all circumstances — the other 16 million addresses are allocated but unused.

When Other Loopback Addresses Matter

There are a few scenarios where addresses other than 127.0.0.1 are deliberately used:

  • Multiple virtual hosts: web servers can listen on 127.0.0.2, 127.0.0.3, etc. to differentiate between applications on the same machine without using real IP addresses or port numbers.
  • DNS blocking: some DNS-based blocklists return 127.0.0.2 or 0.0.0.0 for blocked domains rather than 127.0.0.1, to avoid accidentally triggering a real service listening on localhost.
  • Testing: test suites sometimes bind services to different loopback addresses to simulate multiple hosts without networking overhead.

Loopback vs Link-Local

Loopback addresses (127.0.0.0/8) and link-local addresses (169.254.0.0/16) are both non-routable, but they serve different purposes. Loopback is for host-to-self communication; link-local is for communication within a single network segment when no routing is configured. A device with a link-local address can talk to other link-local devices on the same segment; a loopback address can only talk to itself. See our loopback and link-local guide for the full comparison.

Practical Note

Firewall rules should always block inbound traffic from 127.0.0.0/8 on external interfaces. A spoofed source address of 127.0.0.1 on an external packet is definitively malicious — traffic from the loopback range can only legitimately originate from the local machine itself.