TLDR
For the foreseeable future, you can likely use 127.0.0.0/8
freely (or at least 127.0.0.0/16
).
Introducing 127.0.0.0/8
, the Loopback Range
If you have ever done web development or otherwise set up a local server, you have most likely used the IP address 127.0.0.1
to communicate with a local server. Often, localhost
is even internally translated to that address. But what if you want to run another server on the same computer? Easy, make the first one use, say, port 8080
and the second one, port 8181
!
Something more difficult now: say you can convince1 your browser that your local service is serving a valid HTTPS connection only if you use port number 443
. How can you run many of those services? In turns out in IPv4, you have many such local addresses: 127.0.0.1
, 127.0.0.2
, 127.0.0.3
, 127.0.0.4
… So you just need to spawn the various servers on the same 443
port number with different addresses and packets will go straight to your localhost.
But how many such addresses do we have? According to RFC990 from 1986:
The “class A network” translate to a /8
in CIDR notation, so that’s all addresses between 127.0.0.0
and 127.255.255.255
. A quite sizeable 2²⁴ or 16,777,216 addresses2!
Note the wording of the RFC: IPs are not “owned”, there are just “allocated”. For addresses routable on the wider Internet, it’s usually done by Regional Internet Registeries. And allocations could change, as we will see at the end of this article.
Other Use Cases
What can you do with so many IPs? A couple of things.
Multiple Servers on the Same Port Number
As we have seen earlier with the port number 443
example, the 127.0.0.0/8
range is handy to run multiple local services on the same port. Thus, it’s not surprising to see systemd-resolved
– a local DNS resolver that needs to listen on port 53
– use a couple addresses from that range. The man page reads:
In this case, systemd-resolved
has to bind on the default port, because one of the main ways (on Unix-like systems) that DNS resolution is configured is through the file /etc/resolv.conf
. This file does not widely support setting a port number, forcing the configured server to be reachable on the default port. Thanks to the use of a loopback addresse though, systemd-resolved
can become the default resolver just by adding this line to resolv.conf
:
nameserver 127.0.0.53
Naming Things
On Unix-like systems, the /etc/hosts
file associates IP addresses with names, like so:
127.0.0.1 localhost
::1 localhost
That’s how localhost
is associated with 127.0.0.1
(and IPv6 ::1
).
You can edit this file and add useful aliases to other IPs (not necessarily in the local range by the way). Then, you just bind your multiple services to their default ports and access to them by name. No more complicated ports to remember! This benefit comes as a byproduct of using default ports but with different IPs for different services.
For instance, you could name one of the aforementioned systemd-resolved
IPs by adding this line to /etc/hosts
:
127.0.0.1 localhost
::1 localhost
127.0.0.53 sd
And then query it like so:
dig @sd s.cj.rs
instead of
dig @127.0.0.53 s.cj.rs
if you did not have the setting.
I’m using this trick to make the Syncthing web interface accessible on a memorable port on an address with a memorable name in my web browser.
Future of 127.0.0.0/8
Even if the ability to give various services different IPs is handy, 16 milion addresses is huge. Given how IPv4 is sometimes called “internet real-estate”, there have been discussions to drastically limit the size of this loopback range, and use some of it as “normal” IPs. For instance, this IETF draft proposes to cut the loopback range to 127.0.0.0/16
(so only addresses between 127.0.0.0
and 127.0.255.255
) and make the rest (addresses between 127.1.0.0
and 127.255.255.255
) routable on the public internet. The 65536 addresses in 127.0.0.0/16
should to be enough for almost everyone on a local machine and nearly 16 million IPs could be used as a fresh supply of IPv4 addresses3.
And IPv6?
Even though IPv6 has a huge namespace, your IPv6 loopback only has one address ::1
. And that’s quite a shame because, as we have just seen, multiple loopback addresses are quite handy.
Admittedly, some addresses like
127.0.0.0
or127.255.255.255
are reserved, but there is still plenty of space. ↩︎Whether more useable IPv4 addresses is a good thing is debated. It might divert efforts from the IPv6 transition and even with a few millions more IPv4 addresses, these are still scarce. ↩︎
Liked this post? Subscribe:
Discussions
This blog does not host comments, but you can reply via email or participate in one of the discussions below: