Reserved ranges for private IP addresses

Important:

To view all the content available to you here, use the green Log in button at the top of this page to log into the Knowledge Base.

Internet Assigned Numbers Authority (IANA) has reserved certain IP addresses as private addresses for use with internal websites or intranets. These are also referred to as RFC 1918 addresses. These addresses are not routable on the public internet, but are meant for devices that reside behind a router or other Network Address Translation (NAT) device or proxy server. Private IP addresses are used either to hide systems from the public internet or to provide an additional range of addresses to organizations that do not have sufficient public IP addresses to distribute on their network. Organizations can use these numbers to assign internal IP addresses without having to worry about an IP address conflict or having to obtain a new block of IP addresses.

If you connect to the internet as a home user with a residential router, you will typically benefit from this arrangement. Although you may be paying for only one IP address through your internet service provider (ISP), you can have unlimited devices connected to the internet. Using a private IP address will make your computer invisible to certain types of network attacks; however, you will not be able to easily establish your computer as a server.

At Indiana University, private IP addresses are used for several purposes:

  • For users who have not registered their computers with the DHCP service, the network assigns internal addresses so they have enough connectivity to reach the DHCP registration web page.
  • For computers that do not need internet connectivity, such as printers, print servers, and local file servers, private addresses allow them to communicate with computers on the IU campus network or remote computers connected to VPN, but not be vulnerable to attacks from the internet.
  • For servers such as backup or database servers that need to communicate only with locally connected servers, usually in the same rack, which then communicate with the outside world, private addresses allow server-to-server communication over a dedicated, private network. These private networks are not accessible even to other computers on the IU network. This kind of network is sometimes referred to as a back-net because it is used for communication between front-end and back-end servers.

It is very important that private addresses used within an organization do not conflict with each other. Since back-nets are available only to the locally connected servers, not to any other computers on campus, the private IP addresses used for two different back-nets can be the same, but they cannot conflict with other private IP addresses on campus.

This is document aijr in the Knowledge Base.
Last modified on 2022-02-24 12:56:45.