How to check for a valid public IP address?
Consider a list of IP addresses as provided by the X-Forwarded-For HTTP header:
10.0.0.142 , 192.168.0.10 , 212.43.234.12 , 54.23.66.43
I would like to know which is the first publicly-accessible address in that list. I can look over them easily enough, but how can I tell which are publicly-accessible? It seems to me (my untrained eye) that
10.0.0.142is a workstation,192.168.0.10is an internal proxy, and212.43.234.12is a publicly-accessible address being forwarded through the proxy at54.23.66.43. Is there any way to calculate this in code?My first intuition is that addresses that start with
10.or192.are not publicly accessible, but http://simplesniff.com reveals my home IP address to be192.117.111.61. Is there a formula for determining which addresses are public and which are reserved private? Note that even trying to ping the server in question might not help as some servers won't respond to ping, and also there might be an address on my local network which also matched the internal address.@MikePennington first hand experience of this too, except they were using APNIC numbers. Could also cause an issue when an internal machine (especially those that find the destination to be in their subnet) tries to access one of the public servers...
@MikePennington - for a private network using puplic IPv4 addresses that are actually in use outside of the private network (ie: the internet), how would someone inside the private network reach a public site with an IP address in that same range? Wouldn't that request be routed to some computer (even perhaps their own computer) within the private network?
Blindly trusting x-forwarded-for is a *bad* idea. It's trivial for any abuser to set a fake x-forwarded-for header claiming any address they want.
RFC 1918 defines private IP address ranges. Have a look here.
From that document:
Private Address Space
The Internet Assigned Numbers Authority (IANA) has reserved the following three blocks of the IP address space for private internets:
10.0.0.0 - 10.255.255.255 (10/8 prefix)
172.16.0.0 - 172.31.255.255 (172.16/12 prefix)
192.168.0.0 - 192.168.255.255 (192.168/16 prefix)
Thank you. I find it interesting that `127.0.0.0/16` (and maybe more) are not on that list.
localhost is defined in http://tools.ietf.org/html/rfc6761
@dotancohen: The loopback block is a /8, not a /16 and is not on that list because it's not private address space.
@Blrfl: Thank you, I wasn't sure how wide the loopback block is. I'm actually not looking to identify private addresses but rather non-public addresses (a subset of which is private). Other than the RFC 1918 / 6890 addresses and the 127.0.0.0/8 space, are there other obviously non-public addresses that one might come across?
https://en.wikipedia.org/wiki/Private_network#Private_use_of_other_reserved_addresses 240.0.0.0 - 254.255.255.254 (240.0.0.0/4 and 255.0.0.0/8)
License under CC-BY-SA with attribution
Content dated before 7/24/2021 11:53 AM
Mike Pennington 8 years ago
I would also point out that even *if* you find an address is routable, some companies abuse public address space internally. I have first-hand knowledge of a very large and well-known corporate name that is inexplicably using AFRINIC and AT&T IPv4 space on their internal corporate network instead of RFC1918 space... they proxy all HTTP traffic... and the X-Forwarded-For header from their corporate network will show public space they do not actually own.