For the foreseeable future, you can likely use
127.0.0.0/8 freely (or at least
127.0.0.0/8, the Loopback Range
If you have ever done web development or otherwise set up a local server, you have most likely used the IP address
127.0.0.1 to communicate with a local server. Often,
localhost is even internally translated to that address. But what if you want to run another server on the same computer? Easy, make the first one use, say, port
8080 and the second one, port
Something more difficult now: say you can convince1 your browser that your local service is serving a valid HTTPS connection only if you use port number
443. How can you run many of those services? In turns out in IPv4, you have many such local addresses:
127.0.0.4… So you just need to spawn the various servers on the same
443 port number with different addresses and packets will go straight to your localhost.
But how many such addresses do we have? According to RFC990 from 1986:
The class A network number 127 is assigned the "loopback" function, that is, a datagram sent by a higher level protocol to a network 127 address should loop back inside the host. No datagram "sent" to a network 127 address should ever appear on any network anywhere.
Note the wording of the RFC: IPs are not “owned”, there are just “allocated”. For addresses routable on the wider Internet, it’s usually done by Regional Internet Registeries. And allocations could change, as we will see at the end of this article.
Other Use Cases
What can you do with so many IPs? A couple of things.
Multiple Servers on the Same Port Number
As we have seen earlier with the port number
443 example, the
127.0.0.0/8 range is handy to run multiple local services on the same port. Thus, it’s not surprising to see
systemd-resolved – a local DNS resolver that needs to listen on port
53 – use a couple addresses from that range. The man page reads:
Additionally, systemd-resolved provides a local DNS stub listener on the IP addresses 127.0.0.53 and 127.0.0.54 on the local loopback interface.
In this case,
systemd-resolved has to bind on the default port, because one of the main ways (on Unix-like systems) that DNS resolution is configured is through the file
/etc/resolv.conf. This file does not widely support setting a port number, forcing the configured server to be reachable on the default port. Thanks to the use of a loopback addresse though,
systemd-resolved can become the default resolver just by adding this line to
On Unix-like systems, the
/etc/hosts file associates IP addresses with names, like so:
127.0.0.1 localhost ::1 localhost
localhost is associated with
127.0.0.1 (and IPv6
You can edit this file and add useful aliases to other IPs (not necessarily in the local range by the way). Then, you just bind your multiple services to their default ports and access to them by name. No more complicated ports to remember! This benefit comes as a byproduct of using default ports but with different IPs for different services.
For instance, you could name one of the aforementioned
systemd-resolved IPs by adding this line to
127.0.0.1 localhost ::1 localhost 127.0.0.53 sd
And then query it like so:
dig @sd s.cj.rs
dig @127.0.0.53 s.cj.rs
if you did not have the setting.
I’m using this trick to make the Syncthing web interface accessible on a memorable port on an address with a memorable name in my web browser.
Even if the ability to give various services different IPs is handy, 16 milion addresses is huge. Given how IPv4 is sometimes called “internet real-estate”, there have been discussions to drastically limit the size of this loopback range, and use some of it as “normal” IPs. For instance, this IETF draft proposes to cut the loopback range to
127.0.0.0/16 (so only addresses between
127.0.255.255) and make the rest (addresses between
127.255.255.255) routable on the public internet. The 65536 addresses in
127.0.0.0/16 should to be enough for almost everyone on a local machine and nearly 16 million IPs could be used as a fresh supply of IPv4 addresses3.
Even though IPv6 has a huge namespace, your IPv6 loopback only has one address
::1. And that’s quite a shame because, as we have just seen, multiple loopback addresses are quite handy.
Admittedly, some addresses like
127.255.255.255are reserved, but there is still plenty of space. ↩︎
Whether more useable IPv4 addresses is a good thing is debated. It might divert efforts from the IPv6 transition and even with a few millions more IPv4 addresses, these are still scarce. ↩︎