IPv4 bogon address ranges
The reserved, private, and special-use IPv4 ranges that should never appear as a source address on the public internet.
| IP range | CIDR | Description |
|---|---|---|
| 0.0.0.0 – 0.255.255.255 | 0.0.0.0/8 | Current network (RFC 1122) |
| 10.0.0.0 – 10.255.255.255 | 10.0.0.0/8 | Private network (RFC 1918) |
| 100.64.0.0 – 100.127.255.255 | 100.64.0.0/10 | Shared address space / CGNAT (RFC 6598) |
| 127.0.0.0 – 127.255.255.255 | 127.0.0.0/8 | Loopback (RFC 1122) |
| 169.254.0.0 – 169.254.255.255 | 169.254.0.0/16 | Link-local / APIPA (RFC 3927) |
| 172.16.0.0 – 172.31.255.255 | 172.16.0.0/12 | Private network (RFC 1918) |
| 192.0.0.0 – 192.0.0.255 | 192.0.0.0/24 | IETF Protocol Assignments |
| 192.0.2.0 – 192.0.2.255 | 192.0.2.0/24 | TEST-NET-1 (RFC 5737) |
| 192.168.0.0 – 192.168.255.255 | 192.168.0.0/16 | Private network (RFC 1918) |
| 198.18.0.0 – 198.19.255.255 | 198.18.0.0/15 | Network benchmark testing (RFC 2544) |
| 198.51.100.0 – 198.51.100.255 | 198.51.100.0/24 | TEST-NET-2 (RFC 5737) |
| 203.0.113.0 – 203.0.113.255 | 203.0.113.0/24 | TEST-NET-3 (RFC 5737) |
| 224.0.0.0 – 239.255.255.255 | 224.0.0.0/4 | Multicast (RFC 3171) |
| 240.0.0.0 – 255.255.255.254 | 240.0.0.0/4 | Reserved for future use (RFC 1112) |
| 255.255.255.255 | 255.255.255.255/32 | Limited broadcast |
Why filter bogons?
Legitimate routed traffic on the public internet never uses these ranges. A packet arriving at your edge with a bogon source address is either spoofed, misconfigured, or leaking from someone's private network. Network operators drop them at ingress and egress to reduce spoofed-source DDoS traffic, reconnaissance, and outbound leaks of internal addresses.
Works on all devices. Blocks ads and trackers. Replaces your default resolver.
The link above may be affiliate link — we may earn a small commission at no extra cost to you. See our disclosure policy.