42

We all know what 127.0.0.1 is used for (loopback).

What are uses cases for the rest of the reserved 127.0.0.0/8 loopback space?

mit
  • 1,844
  • 6
  • 29
  • 42
Tom Marthenal
  • 2,106
  • 7
  • 25
  • 37

4 Answers4

52

It's also reserved for loopback, so no, it's not widely used for anything.

In practice, 127.0.0.1 is usually used as "the" loopback address, but the rest of the block should loopback as well, meaning it's just generally not used for anything. (Though, for example, larger Cisco switches will use 127.0.0.xx IPs to listen for attached cards and modules, so at least some of other addresses are in use.)

From RFC3330: Special-Use IPv4 addresses

127.0.0.0/8 - This block is assigned for use as the Internet host loopback address. A datagram sent by a higher level protocol to an address anywhere within this block should loop back inside the host. This is ordinarily implemented using only 127.0.0.1/32 for loopback, but no addresses within this block should ever appear on any network anywhere [RFC1700, page 5].

HopelessN00b
  • 53,385
  • 32
  • 133
  • 208
12

In practice, I have seen other 127.0.0.0/8 addresses used in two places:

  1. As responses to DNSRBL lookups. Different responses can encode the reason the IP address (or domain) was listed. Wikipedia has some details, as does RFC5782. SORBS list their return codes. Project Honeypot encode data in the three available octets.
  2. In the Ubuntu /etc/hosts file. I don't remember the details but there was a conflict so they added another localhost-something entry with a different IP address in the 127.0.0.0/8 range. It's 127.0.1.1 and it's a bug workaround.
Community
  • 1
Ladadadada
  • 25,847
  • 7
  • 57
  • 90
  • As for #1, that is probably related to the fact that DNS RBLs have to list *something* at each name in use (otherwise it doesn't exist), and `A` records are fairly small. There's nothing magical about using 127/8 for such purposes, it's just guaranteed to not be used for anything real of significance that cannot easily be detected immediately. – user Jun 28 '12 at 09:04
  • The 127.0.0.0/8 range is used in DNSBLs specifically so that it doesn't cause inadvertent and unwanted network traffic in the case that the returned IP address is actually used. – Ladadadada Jun 28 '12 at 09:28
  • Which could also be achieved by using, for example, `0.0.0.0`. The downside of that is that you wouldn't be able to differentiate results based on resolved-to IP address, but for that I'm not sure what is the egg and what's the omelette. – user Jun 28 '12 at 09:30
  • `127.0.1.1` is not a _bug_ workaround, it's a workaround for inability to specify DNS port in `resolv.conf`, so dnsmasq uses some unusual loopback IP address to avoid conflicts with other DNS servers taking 127.0.0.1:53 socket. – darkk Aug 14 '17 at 10:33
2

As already stated whole block is used as loopback so i'm only adding one example for regular desktop use.

Loopback other than 127.0.0.1 is required if you want to secure RDP, or some other restricted connection, with local proxy. For example, using RDP through SSH tunnel requires that you setup local side for port forwarder to listen on 127.0.1.2. This is because RDP client that comes with Windows refuses to connect to localhost or 127.0.0.1.

That's right, normally you would not connect RDP client to same computer that you are using (and not allowed to do so even if wanted to see nice mirror effects :).

Sampo Sarrala - codidact.org
  • 121
  • 4
  • You gave me an idea, but it didn't work. I tried to connect to myself using `127.0.1.0`, but it gives the same access denied error as if I used `127.0.0.1`. – Steven Lu Feb 22 '15 at 15:21
  • @StevenLu With ip addresses that ends in zero like 127.0.1.0 you could always expect more or less strange problems. Maybe try 127.0.1.1? It could be that modern windows systems will recognize that you are logging in from same machine but it still should try to connect you first. – Sampo Sarrala - codidact.org Feb 22 '15 at 17:19
0

Adding to to the other answers:

There are use cases, for example in development and testing. Instead of creating dedicated networks or interfaces sometimes it can be simpler just to use some unused addresses in the 127.0.0.0/8 range.

You could spin up a development "server" listening on 127.11.11.11:1234 and develop a client that connects to 127.11.11.11:1234. This works out of the box and all these are separate addresses, so there could be another server process listening on 127.11.11.12:1234 and they would not interfere.

This works on linux, I am not sure about other operating systems.

As an example create a "server" process:

sudo mknod -m 777 fifo1 p
cat fifo1 | netcat -l -k 127.11.11.11 1234 > fifo1

In another terminal on the same host:

$ netstat -tulpn|grep 1234 # check that server is listening:

tcp        0      0 127.11.11.11:1234       0.0.0.0:*               LISTEN      28043/netcat        

$ echo abc | netcat 127.11.11.12 1234 # wrong ip, no result


$ echo abc | netcat 127.11.11.11 1234 # matching ip, receives echo:
abc

For completeness, you could remove fifo1 after stopping the server from the first terminal, using the rm command.

mit
  • 1,844
  • 6
  • 29
  • 42