Private IP Ranges: 10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16
Complete guide to RFC 1918 private IP ranges: 10.0.0.0/8, 172.16.0.0/12, and 192.168.0.0/16. Learn which range to use and when for internal networks.
10.0.0.0/8IPv4Detailed Explanation
RFC 1918 Private IP Ranges
RFC 1918 defines three IPv4 address blocks reserved for private (non-routable) use. These addresses are used inside organizations and are never routed on the public internet. Routers automatically drop packets with RFC 1918 source or destination addresses at network boundaries.
The Three Private Ranges
| Range | CIDR | Mask | Total Addresses |
|---|---|---|---|
| 10.0.0.0/8 | 10.0.0.0/8 | 255.0.0.0 | 16,777,216 |
| 172.16.0.0/12 | 172.16.0.0/12 | 255.240.0.0 | 1,048,576 |
| 192.168.0.0/16 | 192.168.0.0/16 | 255.255.0.0 | 65,536 |
10.0.0.0/8 — The Largest Block
The 10.0.0.0/8 range provides over 16 million addresses (10.0.0.0 to 10.255.255.255). It is the preferred choice for large enterprises and cloud providers. AWS, Azure, and GCP all commonly use this range for VPC configurations. Organizations subdivide it hierarchically — for example, 10.[region].[site].[host].
172.16.0.0/12 — The Mid-Sized Block
The 172.16.0.0/12 range spans 172.16.0.0 to 172.31.255.255 (note: /12, not /16). It provides over 1 million addresses across 16 contiguous /16 blocks. Docker uses 172.17.0.0/16 by default, and Kubernetes clusters often allocate pod networking from this range. It is popular for VPN networks to avoid conflicts with common 192.168.x.x home networks.
192.168.0.0/16 — The Home Network Block
The 192.168.0.0/16 range (192.168.0.0 to 192.168.255.255) is the most recognized private range. Nearly every home router defaults to a 192.168.x.x/24 subnet. With only 65,536 addresses, it is too small for large enterprises but perfect for homes and small offices.
Which Range Should You Use?
- Home/small office: 192.168.0.0/16 (typically a single /24)
- Medium organizations: 172.16.0.0/12 for over a million addresses
- Large enterprises and cloud: 10.0.0.0/8 for maximum address space
NAT and Private Addresses
NAT (Network Address Translation) allows devices with private addresses to access the public internet. The router translates private source IPs to its public IP for outbound traffic and reverses the translation for responses.
Avoiding Conflicts
When merging networks or establishing VPN connections, overlapping private ranges cause routing failures. Plan your addressing scheme carefully and avoid common defaults like 192.168.1.0/24 or 10.0.0.0/24.
Use Case
A company chooses 10.0.0.0/8 for its data centers and 172.16.0.0/12 for its container platforms, avoiding 192.168.x.x to prevent VPN conflicts with employees' home networks.
Try It — Subnet Calculator
Related Topics
/8 Subnet (255.0.0.0)
10.0.0.0/8 · IPv4
/16 Subnet (255.255.0.0)
172.16.0.0/16 · IPv4
NAT and Subnets: How Network Address Translation Works
192.168.0.0/16 · Concept
AWS VPC CIDR Blocks: Choosing the Right Subnet Size
10.0.0.0/16 · Cloud
Docker Networking: Default CIDR Blocks and Configuration
172.17.0.0/16 · Cloud
CIDR Notation Explained: How IP Addressing Works
10.0.0.0/16 · Concept