How to check for a valid public IP address?

  • Consider a list of IP addresses as provided by the X-Forwarded-For HTTP header:

    10.0.0.142 , 192.168.0.10 , 212.43.234.12 , 54.23.66.43

    I would like to know which is the first publicly-accessible address in that list. I can look over them easily enough, but how can I tell which are publicly-accessible? It seems to me (my untrained eye) that 10.0.0.142 is a workstation, 192.168.0.10 is an internal proxy, and 212.43.234.12 is a publicly-accessible address being forwarded through the proxy at 54.23.66.43. Is there any way to calculate this in code?

    My first intuition is that addresses that start with 10. or 192. are not publicly accessible, but http://simplesniff.com reveals my home IP address to be 192.117.111.61. Is there a formula for determining which addresses are public and which are reserved private? Note that even trying to ping the server in question might not help as some servers won't respond to ping, and also there might be an address on my local network which also matched the internal address.

    I would also point out that even *if* you find an address is routable, some companies abuse public address space internally. I have first-hand knowledge of a very large and well-known corporate name that is inexplicably using AFRINIC and AT&T IPv4 space on their internal corporate network instead of RFC1918 space... they proxy all HTTP traffic... and the X-Forwarded-For header from their corporate network will show public space they do not actually own.

    @MikePennington first hand experience of this too, except they were using APNIC numbers. Could also cause an issue when an internal machine (especially those that find the destination to be in their subnet) tries to access one of the public servers...

    @MikePennington - for a private network using puplic IPv4 addresses that are actually in use outside of the private network (ie: the internet), how would someone inside the private network reach a public site with an IP address in that same range? Wouldn't that request be routed to some computer (even perhaps their own computer) within the private network?

    Blindly trusting x-forwarded-for is a *bad* idea. It's trivial for any abuser to set a fake x-forwarded-for header claiming any address they want.

  • GerryEgan

    GerryEgan Correct answer

    8 years ago

    RFC 1918 defines private IP address ranges. Have a look here.

    From that document:

    1. Private Address Space

      The Internet Assigned Numbers Authority (IANA) has reserved the following three blocks of the IP address space for private internets:

      10.0.0.0 - 10.255.255.255 (10/8 prefix)

      172.16.0.0 - 172.31.255.255 (172.16/12 prefix)

      192.168.0.0 - 192.168.255.255 (192.168/16 prefix)

    Thank you. I find it interesting that `127.0.0.0/16` (and maybe more) are not on that list.

    @dotancohen: The loopback block is a /8, not a /16 and is not on that list because it's not private address space.

    @Blrfl: Thank you, I wasn't sure how wide the loopback block is. I'm actually not looking to identify private addresses but rather non-public addresses (a subset of which is private). Other than the RFC 1918 / 6890 addresses and the 127.0.0.0/8 space, are there other obviously non-public addresses that one might come across?

License under CC-BY-SA with attribution


Content dated before 7/24/2021 11:53 AM

Tags used