Bogon IP Checker — Private, Reserved & Public IP Ranges

The term bogon combines 'bogus' and IP — addresses that should be filtered at network edges. ISPs and enterprises implement bogon filtering to prevent spoofed packets and misconfigured routes from entering or leaving their networks.

If your firewall logs show bogon sources, someone may be spoofing addresses or a misconfigured device is leaking private space onto WAN links.

10.0.0.0/8, 172.16.0.0/12, and 192.168.0.0/16 are reserved for private networks. They are valid on LANs but must be translated (NAT) before reaching the internet. Packets with private sources should never cross ISP boundaries.

Home routers, office LANs, and Kubernetes pod networks use these ranges daily — they are bogons on the public internet but correct internally.

100.64.0.0/10 (RFC 6598) is shared space between ISPs and customers for carrier-grade NAT. Like private space, it is not globally routable. Inbound connections require provider cooperation.

127.0.0.0/8 is loopback — traffic to your own machine. 169.254.0.0/16 is link-local (APIPA) when DHCP fails. 224.0.0.0/4 is multicast. None belong on the public routed internet.

192.0.2.0/24, 198.51.100.0/24, and 203.0.113.0/24 are documentation blocks (RFC 5737). 198.18.0.0/15 is for benchmark testing. Using them in production DNS or live routes causes confusion.

Reputation, geolocation, and timezone tools assume public routable addresses. Checking 192.168.x.x returns meaningless geo data. Run the bogon checker first to confirm you are analyzing the right address class.

Network engineers validating ACLs and prefix lists use bogon reference tables to build drop rules — our highlighted match row speeds that workflow.

Classification happens in JavaScript on your device. The IP you type is not sent to our servers for this tool — ideal for auditing internal address plans without disclosure.

Enterprise edge routers typically drop inbound and outbound packets whose source or destination falls within bogon ranges. Cisco, Juniper, and Linux nftables examples are documented in ISP best-current-practice guides. Filtering both directions prevents your network from participating in amplification attacks using spoofed private sources.

Cloud VPCs should block egress to RFC 1918 destinations except through explicit peering. Kubernetes clusters accidentally routing pod traffic to 169.254.169.254 link-local metadata endpoints have caused credential leaks — bogon awareness helps auditors spot misconfigured CNI plugins.

The reference table on this page includes loopback, private, link-local, multicast, reserved, CGNAT, documentation, and benchmark ranges. IANA periodically reserves new blocks — our client-side list follows widely used ISP bogon filtering sets.

Network operators subscribe to automated bogon feed updates because stale filters miss newly reserved space. For one-off validation of a single address, our instant checker is sufficient; for production ACL generation, export the CIDR table and merge with your change-management process.

This page validates IPv4 only. IPv6 operators filter ::/128 (unspecified), ::1/128 (loopback), fc00::/7 (unique local), fe80::/10 (link-local), and various deprecated or documentation prefixes. Dual-stack networks need separate v4 and v6 filter policies.

If you enter an IPv6 address here, validation fails by design — use our IPv6 test tool for general connectivity checks, then consult your vendor's IPv6 bogon documentation for filtering rules.

Seeing 10.x.x.x or 192.168.x.x in WAN-side firewall logs usually indicates NAT misconfiguration, double NAT without proper translation, or a compromised device emitting spoofed packets. Run those addresses through this checker to confirm they are non-routable, then trace the layer-2 path.

Documentation ranges (192.0.2.0/24 and siblings) should never appear in live routing tables. If they do, someone pasted example configs into production — replace with real public space or private RFC 1918 blocks as appropriate.