2.7. Private IPv4 Addressing

💡 First Principle: Private addresses exist because IPv4 doesn't have enough addresses for every device on Earth. Think of it like apartment numbers—hundreds of apartments share one building address. Organizations use private addresses internally and share a small number of public addresses (via NAT) for internet access. This extends IPv4's life and adds security—devices with private addresses can't be directly reached from the internet.

Consider this cost scenario: Your company has 500 employees, each with a laptop, phone, and tablet—1,500 devices. Without private addressing, you'd need 1,500 public IPv4 addresses, costing thousands per year. With private addressing, you use 10.0.0.0/16 internally and share one or two public addresses through NAT. The savings are enormous, and that's why every organization uses RFC 1918 addresses internally.

What happens when private addresses leak to the internet: Imagine you accidentally advertise 10.0.0.0/8 to your ISP. Traffic destined for those addresses goes to your router instead of the actual destination. ISPs filter RFC 1918 addresses specifically to prevent this chaos. Understanding that private addresses cannot exist on the public internet is fundamental.

RFC 1918 Private Address Ranges:

Characteristics:

• Not routable on the public internet
• Can be used by any organization internally
• Must use NAT to communicate with the internet
• Different organizations can use the same private ranges

Other Special Addresses:

⚠️ Exam Trap: 169.254.x.x addresses (APIPA) indicate a DHCP failure. If you see this on a client, troubleshoot DHCP connectivity.