Public vs. Private IP Addresses

IPv4 provides 4.3 billion addresses. Earth has 8 billion people, most with multiple devices. The math doesn't work—yet your home has a dozen connected devices, your neighbor has a dozen, and every office and coffee shop runs thousands more. If every device needed a globally unique address, the Internet would have collapsed before smartphones existed.

It didn't. We pulled off one of networking's most practical tricks.

The Street Address vs. the Apartment Number

A public IP address works like your building's street address. There's only one 123 Main Street in your city. Anyone in the world can use it to find you. When you connect to the Internet, your ISP assigns you one of these globally unique addresses. Every website you visit sees this address and uses it to send data back.

A private IP address works like an apartment number. Apartment 5 exists in thousands of buildings. The number only means something inside a specific building. Your laptop might be 192.168.1.10 on your home network. Your coworker's laptop might be 192.168.1.10 on their network. Same address, different networks. It works because private addresses never leave their network—they're not allowed on the public Internet.

The Reserved Ranges

In 1996, RFC 1918 carved out three blocks of addresses that would never be routed on the public Internet:

• 10.0.0.0 to 10.255.255.255 — 16 million addresses for large organizations
• 172.16.0.0 to 172.31.255.255 — 1 million addresses, favored by cloud providers
• 192.168.0.0 to 192.168.255.255 — 65,536 addresses, the default for home routers

These addresses are invisible to the global Internet by design. Engineers built walls into the addressing system itself. If you've ever seen 192.168.1.5 in your network settings, you're looking at an address that exists only inside your network.

The Translation Layer

If private addresses can't reach the Internet, how is your phone loading websites?

Your router performs Network Address Translation (NAT). When your laptop (192.168.1.10) requests a webpage, the router intercepts the packet, replaces your private address with its public address, adds a unique port number to track this request, and sends it out. When the response arrives, the router looks up that port number, finds your private address in its translation table, and delivers the packet to your laptop.

This happens thousands of times per second. Every device in your home shares one public address. The router keeps track of which responses go where—like a receptionist who receives mail addressed to the building and knows which apartment it belongs to.

Why This Works So Well

NAT and private addressing didn't solve the address shortage—they changed what "having an address" means. Instead of every device needing a globally unique address, entire households share one public address while using private addresses internally. A family might have twenty connected devices sharing a single public IP.

This bought us time. It also bought us security.

Because private addresses aren't routable on the public Internet, external attackers can't directly reach devices on your network. Your router acts as a natural firewall, only forwarding traffic for connections that originated from inside. An attacker might know your public address, but they can't see or access 192.168.1.10—that address doesn't exist outside your walls.

The Trade-Off

NAT breaks the Internet's original design, where every device had a unique, globally reachable address. Peer-to-peer connections become harder. Hosting servers from home requires special configuration. Video calls, gaming, and file sharing all work around NAT's limitations.

But the alternative was running out of addresses entirely. NAT was the practical choice, and it worked well enough that IPv4 remains dominant today.

The Long Game

IPv6 solves this properly. It provides enough addresses that every grain of sand on Earth could have billions of unique addresses. No more NAT. No more private ranges. Every device gets a globally unique address.

The transition is happening. As of 2025, global IPv6 adoption has reached roughly 45%, with some countries like France and Germany exceeding 75%¹. But IPv4 with NAT still carries more than half the Internet's traffic. The last Regional Internet Registry exhausted its IPv4 pool in 2019². New IPv4 addresses now come from transfers and recycling, trading at $35-50 per address.

A temporary fix from 1996, still holding the Internet together.

What You Should Remember

• Public addresses are globally unique and routable—your ISP assigns you one
• Private addresses are reusable within networks, defined by RFC 1918 (10.x.x.x, 172.16-31.x.x, 192.168.x.x)
• NAT translates between private and public addresses, letting many devices share one public IP
• Home routers typically use 192.168.x.x addresses internally
• NAT provides incidental security by hiding internal devices from external access
• IPv6 is the permanent solution, but IPv4 with NAT remains the current reality

Sources