Bogon IP Checker

Instantly determine whether an IPv4 address is a bogon — a private, reserved, loopback, multicast, or otherwise non-routable address that should never appear on the public internet. All checks run locally in your browser against the complete list of IANA-reserved ranges.

Enter IPv4 Address

What Is a Bogon IP Address?

A bogon (short for "bogus") is any IP address that falls within a range reserved by IANA for special purposes and should never appear as a source address in packets traversing the public internet. These include private addresses defined in RFC 1918, loopback ranges, link-local addresses, multicast blocks, and documentation prefixes. If your firewall or router encounters inbound traffic from a bogon source, it almost certainly indicates spoofing, misconfiguration, or a routing leak.

Network administrators use bogon filtering as a first line of defense. By dropping traffic from these ranges at the edge, you reduce your attack surface significantly. Our checker validates an address against every IANA-reserved IPv4 range and tells you exactly which RFC applies, so you can configure your subnet rules and ACLs with confidence.

Complete Bogon IPv4 Ranges

The following table lists every IPv4 prefix that is considered a bogon. These ranges are allocated by IANA for special use and must not be routed on the public internet. If you need to check whether two addresses share the same subnet, try our Same Subnet Checker.

CIDR Block	Address Range	Classification	RFC
0.0.0.0/8	0.0.0.0 – 0.255.255.255	"This" Network	RFC 1122
10.0.0.0/8	10.0.0.0 – 10.255.255.255	Private-Use (Class A)	RFC 1918
100.64.0.0/10	100.64.0.0 – 100.127.255.255	CGNAT Shared Space	RFC 6598
127.0.0.0/8	127.0.0.0 – 127.255.255.255	Loopback	RFC 1122
169.254.0.0/16	169.254.0.0 – 169.254.255.255	Link-Local (APIPA)	RFC 3927
172.16.0.0/12	172.16.0.0 – 172.31.255.255	Private-Use (Class B)	RFC 1918
192.0.0.0/24	192.0.0.0 – 192.0.0.255	IETF Protocol Assignments	RFC 6890
192.0.2.0/24	192.0.2.0 – 192.0.2.255	Documentation (TEST-NET-1)	RFC 5737
192.168.0.0/16	192.168.0.0 – 192.168.255.255	Private-Use (Class C)	RFC 1918
198.18.0.0/15	198.18.0.0 – 198.19.255.255	Benchmarking	RFC 2544
198.51.100.0/24	198.51.100.0 – 198.51.100.255	Documentation (TEST-NET-2)	RFC 5737
203.0.113.0/24	203.0.113.0 – 203.0.113.255	Documentation (TEST-NET-3)	RFC 5737
224.0.0.0/4	224.0.0.0 – 239.255.255.255	Multicast	RFC 5771
240.0.0.0/4	240.0.0.0 – 255.255.255.254	Reserved for Future Use	RFC 1112
255.255.255.255/32	255.255.255.255	Limited Broadcast	RFC 919

Pro Tip: The most commonly encountered bogons in home networking are the RFC 1918 private ranges — 10.0.0.0/8, 172.16.0.0/12, and 192.168.0.0/16. If you access your router at 192.168.1.1 or 10.0.0.1, you're already using bogon addresses internally. That's perfectly normal — they only become a problem when they leak onto the public internet.

How Bogon Filtering Works

Bogon filtering is typically implemented at the network edge — on border routers, firewalls, and upstream provider equipment. The process involves creating access control lists (ACLs) that drop any packet with a source or destination address falling within a bogon range. Here is an example Cisco IOS ACL that blocks inbound bogons:

ip access-list extended BOGON-FILTER
 deny   ip 0.0.0.0 0.255.255.255 any
 deny   ip 10.0.0.0 0.255.255.255 any
 deny   ip 100.64.0.0 0.63.255.255 any
 deny   ip 127.0.0.0 0.255.255.255 any
 deny   ip 169.254.0.0 0.0.255.255 any
 deny   ip 172.16.0.0 0.15.255.255 any
 deny   ip 192.0.0.0 0.0.0.255 any
 deny   ip 192.0.2.0 0.0.0.255 any
 deny   ip 192.168.0.0 0.0.255.255 any
 deny   ip 198.18.0.0 0.1.255.255 any
 deny   ip 198.51.100.0 0.0.0.255 any
 deny   ip 203.0.113.0 0.0.0.255 any
 deny   ip 224.0.0.0 15.255.255.255 any
 deny   ip 240.0.0.0 15.255.255.255 any
 permit ip any any

Notice the ACL uses wildcard masks instead of subnet masks. If you need to convert between the two formats, use our Wildcard Mask Calculator. For a deeper understanding of CIDR notation used in these rules, see the CIDR Converter.

Why Bogon Traffic Is Dangerous

Packets originating from bogon addresses on the public internet are almost always malicious or the result of serious misconfiguration. Understanding the threat categories helps you prioritize filtering:

Threat	Description	Bogon Ranges Typically Used
IP Spoofing	Attacker forges source addresses to hide identity or reflect attacks	Any reserved range
DDoS Amplification	Spoofed sources trigger reply floods to the victim	10.0.0.0/8, 172.16.0.0/12
Routing Leaks	Misconfigured BGP announces private prefixes to peers	RFC 1918 ranges
Reconnaissance	Scanners use non-routable sources to avoid traceability	Documentation nets, CGNAT
Malware C2	Command-and-control using internal ranges to evade IDS	100.64.0.0/10, link-local

Your gateway and firewall should drop all inbound packets from these ranges. For home users, most consumer routers handle this automatically, but it's worth verifying through your router's admin panel. See our guide on port forwarding for related firewall configuration tips.

Note: Bogon lists are not static. As IANA allocates previously unassigned blocks to Regional Internet Registries (RIRs), some address ranges move from bogon to legitimate. The ranges listed here are current as of 2025, but enterprise networks should subscribe to automated bogon feeds from sources like Team Cymru. Check your current public IP with our What Is My IP tool to confirm it is not a bogon.

RFC 1918 Private Ranges Explained

The three RFC 1918 ranges are the most widely used bogon addresses. Every home and corporate network uses them for internal DHCP assignment. Here is a breakdown of their sizes and typical usage:

Range	CIDR	Total Addresses	Typical Use
10.0.0.0 – 10.255.255.255	/8	16,777,216	Large enterprises, cloud VPCs, VPN tunnels
172.16.0.0 – 172.31.255.255	/12	1,048,576	Medium businesses, Docker default networks
192.168.0.0 – 192.168.255.255	/16	65,536	Home networks, small offices, consumer routers

When your router performs NAT (Network Address Translation), it maps these private addresses to your single public IP. You can calculate exact subnet boundaries for any of these ranges using our Subnet Calculator or determine the full IP range with the IP Range Calculator.

Bogon Detection in Practice

Beyond static ACLs, modern networks employ several techniques for bogon detection and mitigation:

Unicast Reverse Path Forwarding (uRPF) — The router checks whether a return route to the source address exists in its routing table. If not, the packet is dropped. This catches most spoofed bogon traffic automatically.
BGP Prefix Filtering — ISPs and transit providers use prefix lists to reject BGP route announcements for bogon prefixes. This prevents routing table pollution.
Automated Bogon Feeds — Services like Team Cymru provide regularly updated bogon prefix lists via BGP sessions, DNS queries, or HTTP downloads.
Flow Analysis — Network monitoring tools can flag traffic originating from unexpected source ranges.

For smaller networks, manually maintaining a bogon filter is sufficient. Convert each range to binary using our IP to Binary Converter to understand exactly which bits are being matched, or use the Hex IP Converter for hexadecimal analysis.

How to Test Your Bogon Filter

After configuring bogon filtering, verify it works correctly. Here are commands to test from a Linux host:

# Send a packet with a spoofed bogon source (requires root)
sudo hping3 -S -a 10.0.0.1 -p 80 your-public-ip

# Check your router's ACL hit counters
show access-lists BOGON-FILTER

# Verify with tcpdump on the WAN interface
sudo tcpdump -i eth0 'src net 10.0.0.0/8 or src net 172.16.0.0/12'

If you see hits on the deny rules, your filter is working. If spoofed packets pass through, review your ACL placement — filters must be applied on the inbound direction of the WAN-facing interface. For help finding your router's IP, use our Find Router IP Address guide or the Router IP Finder tool.

Key Takeaways

Bogon addresses include all IANA-reserved IPv4 ranges that must not appear on the public internet.
The 15 bogon prefixes cover private (RFC 1918), loopback, link-local, CGNAT, multicast, documentation, and reserved ranges.
Bogon filtering at the network edge blocks IP spoofing, DDoS amplification, and routing leaks.
RFC 1918 addresses (10.x, 172.16-31.x, 192.168.x) are the most common bogons — used by every home router.
Enterprise networks should use automated bogon feeds and uRPF for dynamic protection.
Always verify your filter by checking ACL counters and testing with spoofed packets on a controlled network.

Video: Bogon Filtering and Network Security

Related Tools and Guides

Frequently Asked Questions

What exactly is a bogon IP address?

A bogon is any IP address that belongs to an IANA-reserved range and should not appear in the global routing table. This includes RFC 1918 private addresses (10.x, 172.16-31.x, 192.168.x), loopback (127.x), link-local (169.254.x), multicast (224-239.x), documentation nets, and several other special-purpose blocks.

Is 192.168.1.1 a bogon address?

Yes. The entire 192.168.0.0/16 range is a bogon because it is reserved for private use by RFC 1918. Addresses like 192.168.1.1 are perfectly valid for internal networks but must never be routed on the public internet. Your router uses NAT to translate them to your public IP.

Why should I filter bogon addresses on my network?

Bogon filtering prevents IP spoofing attacks, DDoS amplification, and routing leaks. Packets arriving from the internet with bogon source addresses are always illegitimate — no valid traffic originates from these reserved ranges outside your own network.

What is the difference between a bogon and a Martian?

The terms are often used interchangeably. Strictly speaking, a "Martian" refers to any packet with a source address that is impossible according to the routing table (including bogons), while "bogon" specifically refers to addresses from unallocated or reserved space. In practice, both terms mean the same thing for filtering purposes.

Does CGNAT (100.64.0.0/10) count as a bogon?

Yes. The 100.64.0.0/10 range (RFC 6598) is reserved for Carrier-Grade NAT and is a bogon. It should not be routed on the public internet. ISPs use this range internally between their NAT devices and customer equipment, similar to how you use RFC 1918 space on your home DHCP network.

How often do bogon lists change?

The core reserved ranges (RFC 1918, loopback, multicast, etc.) are permanent and will not change. However, the list of unallocated address blocks shrinks as IANA assigns new space to Regional Internet Registries. Enterprise networks should subscribe to automated feeds from Team Cymru or similar services for up-to-date bogon lists.

Can bogon addresses be used for IPv6?

IPv6 has its own set of reserved ranges (fc00::/7 for unique local, fe80::/10 for link-local, ff00::/8 for multicast, and others). The IPv4 bogon ranges listed here apply only to IPv4. Use our IPv6 Converter to work with IPv6 addresses.

About Tommy N.

Tommy is the founder of RouterHax and a network engineer with 10+ years of experience in home and enterprise networking. He specializes in router configuration, WiFi optimization, and network security. When not writing guides, he's testing the latest mesh WiFi systems and helping readers troubleshoot their home networks.