RFC 1918 - Address Allocation for Private Internets

Private IP address ranges for internal networks

RFC 1918 February 1996 Best Current Practice

What are Private Networks?

RFC 1918 defines IP address ranges that are reserved for private networks and are not routed on the public internet. These addresses allow organizations to create internal networks without consuming public IP address space.

Private Address Ranges

Class A Private Range

Range: 10.0.0.0 - 10.255.255.255

CIDR: 10.0.0.0/8

Addresses: 16,777,216

Use Case: Large enterprise networks

Class B Private Range

Range: 172.16.0.0 - 172.31.255.255

CIDR: 172.16.0.0/12

Addresses: 1,048,576

Use Case: Medium-sized networks

Class C Private Range

Range: 192.168.0.0 - 192.168.255.255

CIDR: 192.168.0.0/16

Addresses: 65,536

Use Case: Small networks, home/office

Key Principles

  • Non-Routable: Private addresses are not routed on the public internet
  • Reusable: Multiple organizations can use the same private ranges
  • NAT Required: Network Address Translation needed for internet access
  • Internal Only: Only valid within the private network boundary

Network Address Translation (NAT)

Since private addresses cannot be routed on the internet, NAT is required:

  • Outbound Translation: Private IPs translated to public IPs for internet access
  • Inbound Translation: Public IPs translated back to private IPs for responses
  • Port Mapping: Multiple private devices can share a single public IP
  • Security Benefit: Internal network structure hidden from external networks

Private Networks in AWS

AWS extensively uses RFC 1918 private addressing:

VPC CIDR Blocks

  • 10.0.0.0/16 - Common for large VPCs
  • 172.31.0.0/16 - Default VPC range
  • 192.168.0.0/24 - Small development VPCs

Subnet Design

  • Public subnets: 10.0.1.0/24, 10.0.2.0/24
  • Private subnets: 10.0.10.0/24, 10.0.20.0/24
  • Database subnets: 10.0.100.0/24, 10.0.200.0/24

AWS Services Using Private Addressing

  • EC2 Instances: Assigned private IPs from subnet ranges
  • RDS Databases: Use private IPs for secure database access
  • Lambda Functions: Can be placed in private subnets
  • ELB Load Balancers: Internal load balancers use private IPs
  • NAT Gateways: Enable private subnet internet access

Best Practices

Network Segmentation

Use different private ranges for different environments (dev, staging, prod)

Avoid Conflicts

Plan address ranges to prevent conflicts with VPN or partner networks

Subnet Planning

Leave room for growth when designing subnet boundaries

Documentation

Maintain clear documentation of IP address assignments

Common Use Cases

  • Corporate Networks: Internal employee workstations and servers
  • Data Centers: Server-to-server communication
  • Cloud Infrastructure: Virtual machines and containers
  • Home Networks: Personal devices and IoT equipment
  • Development Environments: Test and staging systems

Additional Resources

📄 Official RFC 1918

Read the complete specification from IETF

☁️ AWS VPC Subnets

Learn about private addressing in AWS

🌐 IANA Special Use Registry

Official registry of special-use IPv4 addresses