📘 CCNA 200-301 v1.1
1.7 Describe Private IPv4 Addressing
1. What is a Private IPv4 Address?
A private IPv4 address is an IP address that is used inside private networks (like an organization’s internal LAN) and is not routable on the public Internet.
- These addresses are meant for internal communication only.
- They are used within companies, schools, or home networks to allow devices to communicate locally.
- When devices with private IPs need to communicate on the Internet, they must go through a NAT (Network Address Translation) device (usually a router or firewall).
2. Why Do We Use Private IP Addresses?
There are two main reasons:
- Conservation of public IPv4 addresses:
- IPv4 has only about 4.3 billion unique addresses, and they are almost all used.
- To save public addresses, many networks use private IPs internally and share one (or a few) public IPs through NAT.
- Security and isolation:
- Private IPs cannot be accessed directly from the Internet, so internal devices are hidden from outside attackers.
- This provides an extra security layer.
3. Who Defined Private IP Ranges?
Private IP ranges were defined in RFC 1918 (Request for Comments 1918), which specifies three IP ranges for private use.
These ranges are reserved by the Internet Assigned Numbers Authority (IANA) and will never be used on the Internet.
4. The Three Private IPv4 Address Ranges
| Class | Private IPv4 Range | Default Subnet Mask | Number of Addresses | Typical Use Case |
|---|---|---|---|---|
| Class A | 10.0.0.0 – 10.255.255.255 | 255.0.0.0 (/8) | ~16 million | Large organizations, data centers |
| Class B | 172.16.0.0 – 172.31.255.255 | 255.240.0.0 (/12) | ~1 million | Medium-size networks |
| Class C | 192.168.0.0 – 192.168.255.255 | 255.255.0.0 (/16) | ~65,000 | Small networks, home networks |
Let’s look at them in detail:
a. Class A Private Range: 10.0.0.0 – 10.255.255.255
- The entire 10.x.x.x network is private.
- It provides a very large number of IP addresses (over 16 million).
- Often used in large enterprises or service provider networks.
- Example:
- 10.1.1.1 could be assigned to a router in a data center.
- 10.10.10.10 could be assigned to a server.
b. Class B Private Range: 172.16.0.0 – 172.31.255.255
- Notice this is only part of the 172.x.x.x range (not all of it).
- It covers 16 Class B networks (from 172.16 to 172.31).
- Used by medium-sized organizations.
- Example:
- 172.20.10.5 for a router’s LAN interface.
- 172.16.5.10 for a department’s switch management IP.
c. Class C Private Range: 192.168.0.0 – 192.168.255.255
- This range is commonly used in small networks.
- Each network (e.g., 192.168.1.0/24) provides 254 usable IPs.
- Example:
- 192.168.1.1 might be the default gateway (router).
- 192.168.1.10 might be a user’s computer.
5. What Happens If Private IPs Are Used on the Internet?
- Private IP addresses must not appear on the public Internet.
- Internet routers are configured to drop packets with source or destination addresses from private ranges.
- If a private IP address accidentally leaks to the Internet, it will not be delivered.
6. How Do Devices with Private IPs Access the Internet?
They use Network Address Translation (NAT) — a process done by a router or firewall.
- NAT translates the private IP address (like 192.168.1.10) to a public IP address before sending data to the Internet.
- When the response comes back, NAT translates it back to the original private IP.
Example in IT terms:
- A workstation in an office has 192.168.1.25.
- When it accesses a website, the router translates that to the company’s public IP (like 203.0.113.10).
- The website only sees 203.0.113.10 — not 192.168.1.25.
7. Comparison Between Private and Public IP Addresses
| Feature | Private IP Address | Public IP Address |
|---|---|---|
| Defined in RFC | RFC 1918 | Assigned by IANA or ISP |
| Routable on Internet | No | Yes |
| Used for internal communication | Yes | No |
| Requires NAT for Internet access | Yes | No |
| Cost | Free | Usually paid (from ISP) |
| Visibility | Hidden from Internet | Visible on Internet |
8. Misconceptions to Avoid (Important for CCNA Exam)
- Not all 172.x.x.x addresses are private — only 172.16.0.0 to 172.31.255.255.
- Private IPs cannot directly connect to Internet — they must use NAT.
- Public IPs are globally unique — no two devices on the Internet can share the same public IP.
- Private IPs can repeat across networks — for example, two companies can both use 192.168.1.0/24 internally without conflict, as long as their networks are not directly connected.
9. How to Identify a Private IP Address (Exam Tip)
When you see an IPv4 address, check if it falls in one of these ranges:
| Range | Private? |
|---|---|
| 10.0.0.0 – 10.255.255.255 | ✅ Yes |
| 172.16.0.0 – 172.31.255.255 | ✅ Yes |
| 192.168.0.0 – 192.168.255.255 | ✅ Yes |
| Anything else (except special-use addresses) | ❌ No (Public) |
Example questions you might see:
- Q: Is 172.15.10.10 a private IP?
A: No, because it is outside 172.16.0.0–172.31.255.255. - Q: Is 192.168.100.5 private?
A: Yes. - Q: Is 8.8.8.8 private?
A: No, it’s a public Google DNS address.
10. Summary
| Concept | Description |
|---|---|
| Private IPs | Used inside local networks, not routable on Internet |
| Defined by | RFC 1918 |
| Three Ranges | 10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16 |
| Purpose | Save public IPs, provide local communication, increase security |
| Internet Access | Through NAT |
| Used by | LANs, enterprise networks, cloud internal subnets, virtualization networks |
11. Real IT Environment Usage Example (No Non-IT Examples)
- In a corporate LAN, all PCs might have 192.168.10.x addresses.
- The core switch uses 192.168.10.1.
- The router connects the LAN to the Internet using NAT.
- Servers might use 10.x.x.x for backend communication inside the data center.
- The router/firewall has a public IP to communicate outside the organization.
This is how private IPv4 addressing is practically used in real IT setups.
✅ Key Takeaway for CCNA Exam:
Know the three private ranges, RFC 1918, and the purpose of NAT for Internet access.
Understand how to identify if an IP is private or public and what that means for routing.
