Just for a bit of subjective feedback, what private IP range do you use and why?

I was a sucker for 10.* a few years back but now I am using 192.168.* because I had some initial woes and never corrected that.

As far as I know, there is no real difference using any of the private network ranges.

(Those are, from Private network - Wikipedia :

  • –
  • –
  • – )

Why did you choose one above the other?

What is you Private IP range?
  • 10.*
  • 172.16.*
  • 192.168.*
0 voters

Yes, I know, you can use IPv6 as well, but I chose to omit that.

I use all three :smiley:
One for green
One for blue
and last for VPN…so I can’t vote


I know Unifi is setup as 192.168.1.* out of the gate.
And configuration is easier if that is your IP range.
Have no Unifi anymore.
Would like to flash to OpenWRT as AP.
I also have a combination.
And my Docker is default to 172.16..

1 Like

When I started playing with networks in the 1990’s (and the internet in ~1994) I started with 192.168.nnn.nnn and it just stuck. No other rhyme or reason.


I did actually setup the router for an Association locality on just to be a bit obscure. Did not really think it would help against anything, but still.


I tried to tick all 3 so my “vote” for 192 is false. This way my major sub-nets are instantly recognisable from the first number block, with the third block distinguishing wired from wifi. I have more than one router.


My mistake in building the poll. I tried changing it to allow for multiple options but it won’t take it, should have been done within 5 minutes of creating it.

I just assumed your main private network had one ip range, but as someone already posted, items like Docker creates their own little network and one might have more than one network for several reasons.

If I can, I tend to use 172.20-31.x.0/24 as subnet. Might never happen, however… change of subnet mask can be done expading to more than 300 devices. Wonderful for “public wifi” setups.

1 Like

I have not converted to IPFire yet, but I use and have OpenVPN adjacent to it on as I used to cover them with an extended ipsec tunnel routing Then I extended the subnet usage again to have OpenVPN fixed IP’s on so it has become a split mess. At some point I will bring OpenVPN dynamic IP’s to from

I chose initially as an easy one to remember but it is irrelevant, I would have remembered anything. IIRC there may also be a problem clashing with docker in the distro I was using.

1 Like

Reasons for different networks… some separate Wlan and LAN or what I do for example, Green is WLAN+LAN and a part of the address range in the DHCP, the part of the addresses which is outside the IP range of the dynamic DHCP, which is intended for the mobile devices, the static IPs are driven by immobile fixed devices and the blue WLAN network for a few loT devices which only have access to WAN.
So now DMZ was added, which I have set up with one network card and two VLANs on it, so a new network had to be created and the OpenVPN server also provides one net, which consists exactly of only one network address, because I convince myself that an attack has no possibility to get an IP because it is reserved :smiley:
To err is human

1 Like

never needed more than 192.168

Here is a list which networks in 192.168… which i would not used because they often used by common routers, android phones and co.



Does it really make any sense to avoid those… ?

I mean, sure, I chose as mentioned, but the “obfuscation” effect is not really “real”. Anyone wanting to check for private networks will scan all those ranges anyway… 192.168.. , 10...* , etc…

I think that it is more to prevent getting clashes in network subnets if you connect via vpn from a connection that is using the same subnet as you are on your IPFire server.


Ah, yeah, sorry did not think of that.

Still not made my first VPN yet… :crazy_face:

Please add 192.168.88.x (e.g. Mikrotik) to this list. :wink:


Agreed about VPNs. Keep clear of any common router subnets. I’d add 192.168.2.x which I once saw as a guest LAN or something like that on a VM router.

Personally I use 172.17.2.x as I’d thought it would be easy to remember but, in reality, I’d remember anything. I then used 172.17.3.x for OpenVPN so it made a /23 network (great for routing everything via IPsec). Then I got into a mess as I wanted to add a fixed subnet in OpenVPN ccd folder so that became 172.17.1.x which bracketed the LAN which is no longer extendible. If I did it again I’d do:
172.17.0.x - LAN
172.17.1.x - spare
172.17.2.x - OpenVPN
172.17.3.x - OpenVPN with CCD

Or I’d do the first two subnets with OpenVPN and the 2.x and 3.x for LAN.