Public versus Private#
The Internet's IPv4 address space is split up into multiple "spaces." We're concerned with two of them: private and public. These are called IP address spaces.
A private address space cannot be routed over the public Internet. That means no system, anywhere in the world, can use a private address space IP address, such as 192.168.88.10, to advertise a system on the public Internet. If you ran a web server on such a system, with such an IP address, someone else could not access it over the public Internet without further work being done. That's because private address spaces are used for internal communications only, such as all the systems inside of your corporate or home networks.
Note
You can configure your networking hardware to forward connections from a public IP to an internal, private IP, making it possible to host systems internally. That's actually the only way you can really do it, and we'll see this when we get into the AWS section.
A public address space is the opposite: it can be routable over the Internet but cannot be used for internal or private use cases (technically, it can be but let's keep this simple.) When you want a system to be available on the public Internet, you use the public address space.
What constitutes a private IP and what constitutes a public IP is well established theory. Let's look at that list of private IP address spaces.
These are the official private IP address space ranges:
| CIDR Block | Addresses | IP Range |
|---|---|---|
127.0.0.0/8 | 16,777,216 | 127.0.0.0–127.255.255.255 |
10.0.0.0/8 | 16,777,216 | 10.0.0.0 – 10.255.255.255 |
172.16.0.0/12 | 1,048,576 | 172.16.0.0 – 172.31.255.255 |
192.168.0.0/16 | 65,536 | 192.168.0.0 – 192.168.255.255 |
You'll see the 10.0.0.0/8 address space a lot in AWS environments. The 192.168.0.0/16 address range is extremely common in private homes. Your own private IP at home is likely in the latter range. There are other private networks too, but these are the ones that you'll be concerned with the most. Everything else will likely be a public, Internet routable address.
With 127.0.0.0/8, you're going to see 127.0.0.1 a lot, which is your local system, and localhost is the hostname that references 127.0.0.1.
If we look at 10.0.0.0/8, we get a total of 16,777,216 IP address, but what does that mean, exactly? How do we get those addresses? Without going into the (complex) math involved, what we're essentially saying is: 10.0.0.0/8 gives us a massive list of sixteen million IP addresses between 10.0.0.1 and 10.255.255.254. As a list, this would be huge, but here are the first five addresses, and the last five addresses:
| Address |
|---|
10.0.0.1 |
10.0.0.2 |
10.0.0.3 |
10.0.0.4 |
10.0.0.5 |
... |
10.255.255.251 |
10.255.255.252 |
10.255.255.253 |
10.255.255.254 |
10.255.255.255 |
These are valid private IPs we can use in our network.