What is an RFC1918 address?
RFC1918 is an Internet Engineering Task Force (IETF) standard that allows enterprise organizations to assign IP addresses to internal hosts. These IP addresses compose the majority private networks, which are networks not available, or reachable, from the Internet.
The reason these hosts are not reachable from the Internet is due to a fundamental requirement: each host must possess a unique IP address. RFC1918 removes this requirement. Common RFC 1918 addresses, like 192.168.1.1, are available in multiple networks without causing any disruption. The key requirement is that they stay within the boundaries of a network.
To isolate RFC1918 address from the Internet, network administrators configure their border routers to discard IP packets with private addresses. As a result, IP packets carrying private addresses can only flow within internal, or private, networks. This aspect contributes to network security by creating a clear distinction between internal and external networks. Devices with private addresses are not directly reachable from the Internet, which adds a layer of isolation and protection against certain types of cyber threats.
RFC1918 Motivations
The Internet Engineering Task Force (IETF) drafted RHC1918 when it became clear that the IPv4 address space, consisting of 4,294,967,296 unique addresses, was not sufficient to address every single computer in the world. By that time, in 1996, the Internet was rapidly growing beyond initial expectations. Soon, no IPv4 addresses would be available to use, limiting the Internet’s growth.
RFC1918 was the solution to the IPv4 exhaustion issue that was quickly unfolding. Private addresses enabled private organizations to use these addresses internally. Organizations can use private addresses without asking permission to the Internet Assigned Numbers Authority (IANA), which governs the IP addresses assignment.
The only drawback of this standard is that computers configured with private addresses cannot establish direct connections with Internet hosts. This standard divided hosts between public and private ones.
RFC1918 Subnets
The RFC1918 address space includes the following networks:
- 10.0.0.0 – 10.255.255.255 (10/8 prefix)
- 172.16.0.0 – 172.31.255.255 (172.16/12 prefix)
- 192.168.0.0 – 192.168.255.255 (192.168/16 prefix)
Large organizations with thousands of hosts typically use the ten-dot network (10/8) due to its capacity. The 172 and 192 subnets are more common within smaller organizations or home networks. If you are reading this article from home, most probably, your laptop obtained via DHCP a 192.168. address.
NAT, Network Address Translation
Network Address Translation (NAT) is a technology that makes RFC1918 a feasible solution to the IPv4 address exhaustion problem. NAT enables an internal host to communicate with an Internet server. A NAT device, generally a network router or a firewall, sits between the Internet and a private network. The Internet interface is configured with a public IP address while the private interface is connected to the internal network and configured with an RFC1918 address.
When the NAT device receives a packet from an internal host, it rewrites the packet using its own public IP address as source before sending it to the Internet. This process is also called “masquerading” because it seems as if the conversation was (falsely) originated by the NAT device itself. By allowing many devices to share a small set of public IP addresses, the implementation of RFC1918 and NAT alleviated the pressure on the dwindling pool of globally unique IPv4 addresses. Some applications and protocols might require adjustments to function properly in environments with RFC1918 addresses and NAT. This is particularly relevant when dealing with real-time communication, peer-to-peer connections, and certain gaming applications.
Beyond Private Addresses: IPv6
IPv6 is the new addressing scheme that provides 3.4×1038 unique addresses. Many networks are now assigning IPv6 addresses to their hosts in parallel with IPv4, a configuration that is often referred to as dual stack. Adoption of IPv6 is slowly moving forward, so it’s safe to expect that RFC1918 addresses are here to stay for quite some time.
Do you need to monitor the performance of internal or external networks? NetBeez provides real-time visibility into remote worker network issues, including performance monitoring across WAN and VPN connections, and quality assessment of ISP and Wi-Fi connectivity. Check out NetBeez, start your trial or request a demo.
