What are the three private IP address ranges?

The three private IPv4 ranges defined by RFC 1918 are: 10.0.0.0/8 (Class A, ~16.7 million addresses), 172.16.0.0/12 (Class B, ~1 million addresses, spanning 172.16.x.x through 172.31.x.x), and 192.168.0.0/16 (Class C, 65,536 addresses).

Why are private IP addresses not routable on the internet?

ISPs and internet routers are configured to drop traffic destined for private IP ranges (RFC 1918 addresses). These addresses are reserved for private use and are expected to be behind NAT. If a private IP packet somehow reaches a public router, it is discarded.

What is NAT and why is it needed for private IPs?

NAT (Network Address Translation) allows many private IP addresses to share one public IP address. A router with NAT rewrites the source IP of outbound packets from the private address to the public IP, and keeps a table to route responses back correctly. This is how billions of devices with private IPs can access the internet.

RFC 1918 Fundamentals

Private IP Ranges Explained (RFC 1918)

The three private IPv4 address ranges — 10/8, 172.16/12, and 192.168/16 — explained: why they exist, how NAT enables them, and when to use each.

The three RFC 1918 private ranges

RFC 1918 (published 1996) defines exactly three private IPv4 address blocks:

Range	Class	Subnet Mask	Total IPs	Typical Use
10.0.0.0/8	A	255.0.0.0	16,777,216	Enterprise, cloud VPCs, data centres
172.16.0.0/12	B	255.240.0.0	1,048,576	Mid-size enterprise, AWS default VPC
192.168.0.0/16	C	255.255.0.0	65,536	Home and SOHO networks

Why private IP ranges exist

IPv4 has only about 4.3 billion addresses — far fewer than the number of internet-connected devices in the world. Private address ranges were introduced to solve this shortage by allowing the same addresses to be reused in thousands of different private networks.

Your home router has one public IP address (assigned by your ISP) and uses a private range (typically 192.168.0.0/24 or 192.168.1.0/24) for your local devices. NAT (Network Address Translation) allows all those private devices to share the single public IP.

Which range should you use?

10.0.0.0/8 Best for enterprise/cloud

The largest private block with 16+ million addresses. Use this for large enterprise networks, cloud VPCs (allocate a /16 per VPC from within the /8), and Kubernetes clusters. The convention of using 10.x.y.z makes it easy to identify private traffic.

172.16.0.0/12 AWS default VPC

Mid-size range covering 172.16.x.x through 172.31.x.x. AWS uses 172.31.0.0/16 as the default VPC CIDR. Docker's default bridge network uses 172.17.0.0/16. Good for mid-size networks, but avoid if you use Docker on the same network (conflicts possible).

192.168.0.0/16 Home/SOHO

The universal home network range. Almost all consumer routers default to either 192.168.0.x or 192.168.1.x. Avoid for cloud or enterprise work — it conflicts with users' home networks when they connect via VPN.

Frequently Asked Questions

Can two private networks use the same IP range?

Yes — private IP addresses are not globally unique. Thousands of home networks all use 192.168.1.0/24. This only causes problems when networks are connected (e.g. via VPN) and the same addresses exist on both sides, causing routing conflicts.

Why does 192.168.0.0/16 conflict with VPNs?

Most home routers use 192.168.x.x. When an employee connects to a corporate VPN from home, if the corporate network also uses 192.168.x.x, the client's computer can't distinguish between the home network and the corporate one — breaking VPN routing. Enterprise VPNs should use 10.x.x.x to avoid this.

Are private IPs safe from the internet?

Private IPs are not directly reachable from the internet — public routers drop RFC 1918 traffic. However, this is not a security boundary on its own. Devices with private IPs can still be reached from the internet if the router has NAT port forwarding rules, or if the device is in a cloud VPC with misconfigured security groups.

10.0.0.0/8

Calculate & explore

172.16.0.0/12

Calculate & explore

192.168.0.0/16

Calculate & explore