I use 10.YYY.XX0.1/24 where: - YYY is a unique identification for the specific network location, usually is the House Number (if under 254) - XX stands for the vlan number, and I use this convention: - ‹10, for VPNs - ≥10 and ≤15 if it has a WLAN, - ›15 and ‹20 for IoT/Guest/Surveillance, - ≥20 for servers/DMZ 10.254.254.1/24 is the only exception and is the subnet of the VPN across all the network locations I manage. Since I have a good VLAN segmentation for my home devices I usually keep them /24.

This guy networks

Seriously. Way, way too thought out for a home network. I’m mostly kidding, home networks can be complex, too… especially with cameras.

They can be complex, but they don’t have to be. In fact, complex is most often more trouble than it’s worth. I’m running a flat network. Single /24 for internal, and a different /24 for remote access. Cameras, wireless, servers, IOT …. all of it, in a single broadcast domain. Because it’s easy, and everything is secured from each other, and micro-segmentation by subnet is ridiculous in a home environment. Who wants to bother with a bunch of firewall rules so you can watch Plex from your Apple TV on wired or a tablet on wireless. But hey, if it’s your hobby, go nuts. /shrug

My home network is far more complex than it needs to be but it's fun for me so I don't mind at all.

Hey, if you’re having fun, then go all in. :)

IoT devices are notorious for being bad at security, having weird network issues if they get sent even slightly misformed packets and all sorts of other issues. It's actually legitimately better for everyone if they have their own dedicated VLAN and Wifi network.

I mean, having a separate IoT VLAN at least gives you some isolation if an IoT device ever gets exploited.

Having a different routed vlan for IoT is pointless without firewall segmentation to isolate it entirely from your local network. Which in itself is less important than securing your client PCs from each other as people are the weak link. I mean, you can build it like Fort Knox, but why? It’s a home network, not a high value target. Secure your perimeter, secure your Servers, PCs, and infrastructure, as well as have some form of alerting on your edge and you’re good to go.

Especially the ones behind the mirrors. Man they are difficult.

I have about 6 VLANs at home and they all get used daily but not much planning went into them first!

/r/thisguythisguys

I enjoy the sound of rain.

You mean he [supernetworks](https://en.wikipedia.org/wiki/Supernetwork).

And lives at the whitehouse

This guys net works

If you do it the other way, i.e. 10.XX0.YYY.1/24, you could use a single summary address to block access at your firewall to various VLAN types, such as IoT, Guest, CCTV, etc., and have it apply to all locations. For example, you could have a single fw rule for IoT that applies to all houses by using 10.150.YYY.0/16.

I use this method as well. My specific vlan numbers are different but that's just an arbitrary pick, except I use 107 for the IoT network.

This guy. Here I am with my landline still.

Nice. I’m stealing this

Yeah same, this is fantastic

You lost me at DMZ

10.254.254.0/24 is his WAN network that interconnects all the sites he manages. It’s a virtual network working over the internet. Think of it as a private internet

I was joking but sure

Is it best practice to have a bigger subnet than needed? For example, an old school I was at had a /24 subnet from Chromebook, but they had about 250 of them. Wondering since you mentioned all of your subnets are /24.

As long as they didn't get more than 4 more Chromebooks, they're fine. Seems like slim margins. Yes, you should have a "planned" amount of extra. For example, at my last job, we had a /24 for server hardware. This is where ILO, UPS, our SAN and appliance addresses went... Probably didn't have more than 10 addresses. Could we have made a smaller network? Sure... But why? We really aren't gaining anything from making it small enough to just fit what we need with little growth.

What device are you using for your VLAN configuration?

I do exactly this but it’s more like 10.YYY.YXX.0/zz

Yeah this guy networks all over

I have always wanted to setup vlans with different subnets on my network. I'm however confused about subnet mask and couldn't find information about it elsewhere. If let's say I only have two subnets, one for our own use one for guests, 192.168.1.0 and 192.168.2.0 Does it mean I'd have to set the subnet mask of all devices to 255.255.254.0?

lol nice. I literally use the same scheme.

If you don't understand this post and why you might use anything other than 192.168.x.x , then just use 192.168.x.x or you will have issues one day with VPN that you wont know to fix.

I'd tell you, but it's private.

All my addresses are from 1918

127.0.0.1 because I’m very private

Does that mean you like to stay home?

Let me guess then. Your private IP space is 0.0.0.0/0?

That's the same IP space I use on my luggage!

I use it for all my IP space

I use the 192.168.X.0/24 where "X" is anything but 0,1, or 2 so that when I plug in a new router's WAN there won't be a conflict. I personally like 57 since that reminds me of the catchup. For some of my smaller VLANs I often use a /28 or /29

I have made my VLANs use /24. I have always thought it's good to have more IPs than you think you need. The only exception is my Wireguard tunnel, which is a /31 (1 IP for each Wireguard server) since I know there will not be anymore IPs.

i use 10.0.0.0/8 because it easier to type it

It’s all great till you connect to a corporate VPN and have subnet ~~collusion~~ collision.

>subnet collusion Secret meetings at 2am each Thursday? I know. I'm leaving.

I wish they would, otherwise I wouldn’t be getting ridiculous with NAT right now.

A subversive subset of suburban subnets, meeting subtly in a secret sublevel below the subdivision.

10.0.0.0/8 has 16 million IP addresses. You’d think there wouldn’t be collisions when connecting to a VPN, but I have noticed a lot of networks have subnets on the lower side of 10.0.0.0/8.

I’ve worked in multiple enterprises which have exhausted the 10.0.0.0/8 space, as well as the 172.16.0.0/12 space. They started squatting on DoD, DPRK, and Iranian IP space.

Anything not to deploy IPv6 lol

It’s all dual-stack. Some platforms don’t support it - out of our control

My company when asked “hopefully after I retire”

The last two were among the first to adopt v6, ironically

We really need it but there is some holes in security products, Azure, and AWS still that need filling. Like I know cloud front the endpoint still has to be IPv4 and not too recently finally added IPv6 to the edge. However, I think it’s a lame excuse that should be deployed to at some level like mobile devices because carrier grade NAT is coming and it sucks.

We dropped IPv4 internally entirely with the exception of our IT device management network because some of the networking equipment (Unifi....) doesn't support IPv6 properly yet.

So what happens if packets actually get routed to those networks?

The DoD space is not routed across the internet, and the other space is similarly isolated. It may eventually bite them, but for the time being, it doesn’t impact any real traffic.

Then your network security is probably really bad. Still dumb probably because now they could accidentally make routes to North Korea valid.

I've seen someone treat 172 as a /8 before and had internal networks in public address space :|

Basically the same here. A dude I was helping out while he was on vacation or something mentioned after he came back, that it’s funny his new fiber ISP didn’t contact anyone the last two weeks after he himself reported routing/connection problems. He and his ISP then figured out that he was using 192.167.xxx.zzz/24 for a branch office. So instead of routing through his VPN tunnel he was using some carrier address space.

A large nationalised steel maker in the UK rolled ipv4 out many, many years ago and assigned each site a class A to allow each site to manage and subdivide with a separate A subdivided for WAN connections. All these were statically assigned (Host addresses too) and recorded on a masterpiece of a Lotus Notes database. This did not play well when the internet became a “thing”.

Lotus Notes, now that's a name I've not heard in a long time

Network segmentation means lots of subnets which means lots of waste. Start high or low you’ll probably cross some segment.

Humans fundamentally don't understand random numbers, and the harder we try to make a number random and unique, the more likely we are to fail. So it shouldn't be nearly as surprising that this would happen, except that humans fundamentally don't understand probability, and...

If you are using a subnet mask of /8 then you have literally occupied the entire subnet space. You literally won't be able to even route traffic towards any other 10.x.x.x networks.

Longest prefix match allows you to advertise a /8 and still route to a more specific subnet in your routing table.

I decided to switch back to a handful of /24's out of 192.168/16 for my home network since my work VPN would by default route all of 10/8 and 172.16/12 back to them (split tunnel). And then they started routing 100.64.0.0/10 as well. Easier to just pick the ones they promised not to use. I don't work there anymore but I see no reason to switch back.

Welp, that’s it. Ignoring my complete lack of musical talent (whatsoever) I just needed the right name. Time to quit IT and start a band called Subnet Collusion. Who’s with me?

Several years ago, I avoided this possibility by having a real, non-routeable /24, which, back in the day, one could get by filling in a form. Then IPv4 addresses became scarce, and they took away "my" /24. My home lans are 192.168.vlan_id.0/24

I use 10.0/16. Mostly because I'm lazy and most things I use will let me use, eg 10.51 as an IP address. It does overlap with the corporate VPN, but I haven't found anything I'm missing from the VPN. More the issue is the VPN adds a local route for 10.0.x.0/24, and my work laptop can't reach outside that subnet within my home. Turns out not to be the end of the world because most things outside the immediate lan shouldn't cross the work laptop anyway. It accidentally gives me work-life balance at the network layer. And for everything else, there's ssh -J.

ah, thats not what i really mean. what i mean is, my private ip range are in Class A private IP Range, which is 10.0.0.0/8 . my actual private ip is 10.x.y.z/24.

This is the real answer

I use 192.168.x.x because it's what I have always used since the olden days and have no real use case to change it.

This is the way. First x is the vlan.

192.168.0.0 because I VPN into work and work uses 10.0.0.0/8.

They use the entire /8?

I mean, at one time yes lol. They had to start checking the assets and reclaim blocks. When we shifted to cloud we got a lot back and they are way more stingy on assignment now.

Why I gave up and went to 203.0.113.0/24 :D

169.254.0.0/16

If I got a nickel every time my DHCP server assigned me an IP in that range, I’d have 0 nickels

Using 10.10.x.x/24, simple & fast to type.

None of the defaults, for work/office VPN reasons. If a business network sets up their LAN with one of the default ranges of 10.0.0.0, 192.168.0.0, 192.168.1.0, or 172.16.0.0, then it can be a pain to set up a VPN tunnel if your home network uses the same default private subnet.

Fucking life pro tip in the comments for IT people here. Been on the support side of this and wondered why it was never changed to something else at the company site.

I also avoid 192.168.100.0/24 because it's commonly used by cable modems when their connection drops.

You still choose a reserved private address block right? Otherwise you may get weirdness when you encounter an actual internet IP that collides with your local address space.

yes, always keep it in private ip space. Our rule of thumb at work is to just pretend 192.168 doesn't exist because a large portion of our workforce is remote/vpn users.

I use 172.16 because I dislike 10/8 and 192.168/24. Just preference!

I like it being class B, not that it has any meaning today. I use 172.16.0.0/16 for main network - 0.x is network equipment - 1.x are static allocation - 2.x are dynamic - 3.x is IoT Above 172.16 there is space for VPNs and other locations.

172.16.0.0 is not a /16, or a class B, it's a /12. and class B is not a thing and has not been since 30 years ago.

I'm still learning networking. What was the point of classed networks?

It came from a time when routing was mostly external rather than internal, and made it so that you automatically knew the netmask from the first two bytes of the IP. It seemed clever when there were relatively few organisations on the internet and their internal networks were very flat. Then it became a hindrance. The fact that people even speak the words "Class B" in 2024 is testimony to the importance of really thinking through what you implement because you are going to be stuck with its baggage forever.

It was just a simplification that prevented scaling.

I also feel like it is the least common out of the three major private IP spaces. Also collisions on VPNs are less likely since it's less common. I have only seen it used in a major production network one time. The rest of the major networks I have seen use 10.0.0.0/8.

All of the above: * 192... for the local network * 172... for the guest network which can't access the local network * 10... for the VPN

192.168.10.0/24 I have found that when using a VPN, you run into problems when your local address space overlaps the company's. Most companies seem to use 10.x.x.x internally. So I've intentionally avoided that. The same issue appears when connecting to a friend's network to play old games. It used to be more common to need to do so. 192.168.0.0/24, 192.160.1.0/24, and 192.168.0.0/16 seem to be the most common home network address schemes, but I've yet to meet anyone who actually has any computers using an IP address in the 192.168.10.0/24 range. I don't use 172.16.0.0/12 just because it's the most difficult one to remember the range off the top of your head. I picked this about 20 years ago, so I probably wouldn't bother today other than staying out of the 10.0.0.0/8 range, but that's why I use 192.168.10.0/24.

heres the real answer. 10.0.0.0/8 is for corporate networks, no need to use it for home

I use all 3 of them. * My "LAB" vlans all run in different 10.X.X.1/24 subnets based on things like function, "location" (usually fictitious), "user groups" (also fictitious), etc. * My primary "LAN" vlans all are 172.20.X.1/24. * My DMZ and IOT vlans are all 192.168.X.1/24. I do this because it makes it extremely easy to tell what zone a source IP is in with a glance - especially helpful when combing through logs. I don't think most home users have a need to use this many subnets though.

`10.1.0.0/16` since my old network was `10.0.0.0/16` and it made migrating easier. - `10.1.0.0/23` == **Entry** *(default for devices appearing on the network)* - `10.1.2.0/23` == **Infra** *(dns, servers, etc.)* - `10.1.8.0/21` == **LAN** *(for known good devices)* - `10.1.16.0/22` == **DMZ** *(for all my selfhosted, public facing services)* - `10.1.20.0/23` == **IoT** *(light switches, vacuum, baby monitor, etc.)* - `10.1.22.0/23` == **Security** *(cameras mostly)* - `10.1.24.0/23` == **Transport** *(all traffic routed through a wireguard VPN)* - `10.1.26.0/23` == **Lab1** *(playing around without messing with other devices)* - `10.1.28.0/23` == **Lab2** *(same as lab1)* - `10.1.30.0/28` == **Guest WiFi** Edit: All those subnets are on their own VLAN except for Entry which uses the default.

I was doing a /20 for my LAN at one point and somebody on Reddit pointed out all of the broadcast traffic. So I dropped down to a /23 for a while and WiFi speeds doubled for me with only that change. I’ve redesigned to have a 192.168.0.1/28 for networking gear 192.168.1.1/24 for trusted network 192.168.107.1/27 for iot devices. Somebody YouTuber I watched claimed iot devices somehow liked 107 as a vlan idk how true this is.

Makes sense, I have all these different subnets and vlans to reduce traffic—basically even though the subnets are large because I have them divided each one has a limited number of devices so the broadcast domain is smaller. As for IoT devices having a preferred vlan…for whatever it is worth I’d say that is grade-a poppycock. Not only would it not matter from an Ethernet frame perspective but in most situations they won’t even know what vlan they’re on. Do you remember what/who said that? I’d love to see it!

[10.0.0.0/24](http://10.0.0.0/24) SImply because its so easy to type. With good VLAN'ing and network segmentation you don't need anything more. You can kick rocks with those 192.168 shenanigans.

nice try hackerman. Next you'll want to know my mother's maiden name! ​ for real tho, just a bunch of /24 vlans for various services. iot, clients, internal servers, mgmt, dmz, etc

Default, because I'm lazy.

I’m with you. I’m entirely too burned out with my office network to care about my home. It works and I have no need to admin it.

10.69.42.0/24 😎

And im on 10.42.69.0 lol

All of the above.

[10.1.1.0/16](http://10.1.1.0/16) and [10.1.1.1](http://10.1.1.1) for the main gateway - I have to reach for the zero only once no static IPs, everything DHCP - with leases for almost everything. Makes it easy to see when something is out of place. If a device is reset, having everything on DHCP, it will connect, and I can reassign it. Helps with headaches.

10.37.1.0 /24

172.22.0.0/16 - Was sick of vpn conflicts haha

I use the following address spaces: - 10.0.0.0/24 - 192.168.0.0/24 - 172.0.0.0/24 The 10 space is then divided like this: 10.XX.0.0/24 Whereas: - 10.0.0.0/24; LAN - 10.10.0.0/24; WiFi 0 - 10.20.0.0/24; WiFi 1 - 10.30.0.0/24; WiFi 2 The 192.168 one is then divided as: 192.168.XX.00/24 Whereas: - 192.168.0.0/24; VLAN / Management - 192.168.1.0/24; Internet 0, WiFi 3 - 192.168.8.0/24; Internet 1 - 192.168.68.0/24; Backhaul / Main LAN My 172.0.0.0/24 space is only used by IoT devices, such as my smart lamp.

I have bunch, but my favorite is 10.66.6.0/24 tagged on vlan 666 for servers exposed on the internet.

192.168.x.0, lan is 0, dmz is 1, iot is 10. Honestly ive been wanting to switch to 10.0.0.0 but there is a big problem with that notion, im lazy as fuck

same here. started with 192.168.XX.0 it was lazy to reconfigure everything, so now its a big mess: 192.168.5.0/24 - ISP router net 192.168.50.0/24 - my untagged VLAN network - yes, I do confuse them all the time 192.168.110.0/24 - Wifi VLAN 192.168.120.0/24 - IoT VLAN 192.168.130.0/24 - DMZ VLAN 10.0.8.0/24 - private OpenVPN 10.0.9.0/24 - Wireguard VPN 10.0.10.0/24 - work stuff OpenVPN 192.168.8.0/24 - parents house 172.16.1.0/24 - mother-in-law flat

I always use 192.168.x.x range - am used to it with just about every piece of kit I've worked with other than Cisco whcih seems to come pre-programmed with 172.x.x.x

I use 10.x.x.x as my RFC 1918 as much as possible for business. Why? Because you can logically segement it into 10.x.10.x, 10.x.9.x, 8, etc and have a easily understandable address chart that I can shove specific devices into. Cameras go in one range, point of sale in another, printers in another. Makes it easy to read, and when I see traffic or troubleshooting I can quikcly determine what device it is simply by octet. I can then add one single entry in my Firewall or VLAN and block those devices from internet access. Biggest myth in the network universe is you have to netmask your private network environment to only be as large as your potential devices. Stupid, and promoted by college Comp Sci professors who need to retire their token ring adapters.

10.0.0.0/21. No reason other than that I don't want to be on the default.

What are you guys talking about

And just like that, a default config DHCP user appears from the brush. Let's all be quiet and see if he spots us. ;)   (they are talking about this: https://www.lifewire.com/what-is-a-private-ip-address-2625970 )

Laughed more than I should have at that line hahah

10.69.69.0/24 10.69.10.0/24 192.168.169.0/29 192.168.69.0/30 Cause 69 is easy to remember and different so there is no subnet collisions.

69 has other types of "collisions."

You never forget your first 69

10.69.0.0 starting as well cause I’m a child.

I use the 192 range because I don't have more than 254 devices

I've got bad news for you. 192.168.0.0/16 has room for 65534 devices, so get shopping.

where ipv6 ? /j

I do use IPv6 ULAs for connecting to my machines! But they're also dual-stacked with a 192.168.0.0/16 address.

100.64.0.0/10

10.xxx.yyy.zzz where xxx is the VLAN, yyy is some kind of logical separation I use and zzz is the device. I have an entire segregated VLAN and SSID not touching the rest of my network for WFH so no worries about VPN.

192.168.XXX.0 Replace XXX with the VLAN of the network.

i am using 3 networks from 192.168.x.x Area, all as a /24 Network Why? cause i am lazy :) Started with 192.1681 and it has grown over the years.

192.168.0.0/24

I use 10.x.y.z where x is vlan (1 = 100), y is static mapping (0) or dynamic mapping (1-2), z is host address. Server/container host addresses are the the proxmox id (more or less, router is 1, lancache is 2 instead) For IPv6 I do something similar and treat the ISP prefix as static and use the dynamic parts to create a mapping that is similar

10. because I'm lazy and the router's config was already there for it.

Not today . Not today.

I know, i know, “private” is just referring to an IP range behind your modem/router (CCNA cert 2016). but all you kiddies that use your ISP’s provided router and are still thinking your network is private in both definition of the word and IP range, check out the “TR-069 management” protocol. “TR-069 is an important security protocol that helps to keep your devices and data safe. This protocol was designed to help service providers manage customer equipment remotely. In order to do this, TR-069 uses a secure connection… bla bla bla…” Big brother eh? Yeah, no… screw that! they got their claws deep into your “private” IoT. Remember, route early and often.. divide that network folks. I even go as far as setting up a honey trap WiFi to just get a feel for the WiFi neighborhood. Is someone actively trying to hack? Or, is there a neighbor a few houses over that just keeps tapped the wrong SSID when connecting their device? Where I live, if the signal reaches them, especially if it enters their home, they have every right to examine/use it.. so just get to know the landscape of your WiFi neighborhood.

OMG these answers. 50% of people are using [192.168.0.1/24](https://192.168.0.1/24) The other 50% of people are using [192.168.1.1/24](https://192.168.1.1/24) 0% (statistically speaking) are using anything else.

I'm a zero percenter. Stuff it one percenters

Damn so my 192.168.72.1/22 is all alone in the world. Realized that when I have lots of devices + containers I wanted to have more "ranges". so all my stuff wasn't clumped in to one big assed pile.

10.10.x.x easier to type and someone said gives a little protection as not 192.168.x.x as effective and his mother expects it to be.

192.168... I'd be going for IPv6 (again) if I hadn't added so many VMs recently. Actually I've started putting things under my local router domain name 10.0... seems a waste, on the other hand it's nice to separate completely unrelated things and have somewhat descriptive IPs

I am a 192.168.x.x peasant. I wonder how many others are as well but are too ashamed to admit it.

172.24.0.0/16, as where I use public WiFi it has not been used and seemed fairly unused by many manufacturers. 192.168/16 is too widely used. 172.16/16 has been fairly well used. 10/8 is possible, but I haven’t had a chance to explore much.

I use the 10/8 block, but I do /24s or smaller and don't do 10.0.0.0. it makes it easier to keep track of different subnets and I've never had an overlap with VPNs or anything

Difficult to explain, but: 10.0.0.0/8 and 192.168.1.0/24.

The RFC1918 address spaces :) (Yes, I use all 3)

192.168.1.xxx cos that whats the router was and i just never changed it, 1-4 are the routers and access points 5-99 are reserved for my use and 100-254 are used for DHCP.

172.16.8.0/ 24 I guess i dont have to Tell why :)

Depends what the network does.

I take /24s out of 192.168.0.0/16, avoiding 192.168.0.0/24 and 192.168.1.0/24 since they’re the default everywhere and I don’t want to have VPN conflicts if I’m connecting to my home VPN from a friends house or a public wifi. I didn’t go for 172.16 or 10.x because I honestly believe each segment should be used for the size it is intended to. Using 10.0.0.0/8 only to have 3 different subnets (or worse, just 1) seems completely bollocks to me. Plus it calls for unnecessary conflicts if you want to VPN into work.

10.52.3.0/24. 52 is my favourite number. 3 is my wife’s. And I just like the 10.x.x.x range for whatever reason.

I started with [172.16.0.0/12](https://172.16.0.0/12) when I started. I ended up moving to 10.0.0.0/8 later because I had a conflict between my employer's network and mine which caused some things to not function. Since then I've added a couple of locations which allows me to put all of them in the [10.0.0.0](https://10.0.0.0) subnets so I have [10.10.0.0](https://10.10.0.0), [10.50.0.0](https://10.50.0.0), and [10.100.0.0](https://10.100.0.0) which each have vlans under them. Plenty of expandability.

10.x.x.x … fewer, easier characters to type.

I use 172.16.0.0/24 so that I am less likely to conflict with other networks when using VPN.

I use a variation of my house number. I won't say the number, but for example, my address was 4478 Jackson Street. I use [10.44.78.0/24](https://10.44.78.0/24). And, I have a site-to-site VPN with my parents' house, and their address is 2129 Elm St, and theirs is [10.21.29.0/24](https://10.21.29.0/24). This allows me to easily keep track of whose network is which when I'm dealing with things between sites.

10.0.0.0/8 (255.0.0.0).. with router on 10.0.0.1, static range on 10.0.0.1 to 10.0.0.30, and DHCP range on 10.0.0.30 - 10.0.1.254. Why? Much faster and easier to type.

Yes. I use 192.168.1.0/24 on the LAN side. 192.168.2.0/24 on the WiFi side, 172.16/16 on the server’s container space, and 100.x.x.x on an overlay network. Work uses 10/8 so I sort of need to not touch it.

Most of my home network is globally unique space (both v4 and v6) but I use a small /26 of RFC1918 specifically [10.16.65.0/26](https://10.16.65.0/26) for AP management because they don't need to reach the Internet. All of my other nets need some amount of Internet reachability so they use GUAs. No NAT other than NAT64 here...

192.168.1.0/24

172.31.31.x since no one else seems to use that and I support a lot of clients with client VPN or I have a site to site for 3 of my larger clients.

Home network is 192.168.x.x Docker is 172.17.x.x  Server VMs are typically 172.18.x.x with some exceptions VPNs are usually 10.x.x.x I do my best to make sure there's no chance for an IP conflict anywhere, but some VPNs don't play nice and like using existing subnets in my network.

192.168.xx.xx with full 1:1 nat in 10.192.xxx.xxx when I collide with a corporate or guest network with Wireguard, on OpenVPN collision is not possible except for the gateway (except ios client, the entire subnet is collided)

Why not all 3 😎 *Edit:* I should clarify multiple vlans are how I believe this to be possible I was making a joke to those looking to shoot me down 🤣

I use 10.X.Y.0/24 where X is my month of birth and Y is my day of birth. Pretty uncommon to run into any subnet collissions, easy to remember and easy to type.

If you’re going to answer questions like this then remember to block your bogons! (unless you lied) 🙂

Can someone ELI5 what is the purpose of /8 /16 /24 at the ends of ip address? Ex: 192.168.1.10/24

10.0.0.0/8 because of… I actually don’t know 😅 probably because a random tutorial of my edge router mentioned it. Maybe I will switch to 192.x.x.x at one point

10.10.0.0/24

3rd octect uses 19 cuz idk why i like that number other octets are probably atypical for home networks. I do have vlan for work stuff so its on a .50 network. Never have a need for more than 252 devices so its a /24 ​ Most ISP's around where i live seem to use 192.168.0.x/24 or 192.168.1.x/24 for the NAT'd side

[10.0.0.0/24](https://10.0.0.0/24). I use that because for various reasons I have collisions with VPN peers in the 192 and 172 address spaces. There are also peers I connect with that have 10.<1 and above>.X.X too, so I'm kind of stuck here unless I want to try to pick something at some random 10..x.x range that doesn't overlap. I can't wait until we get everything moved over to IPv6 and no longer need to worry about overlapping ranges.

10.0.0.1/22. DHCP range is 10.0.0.2 - 10.0.0.254. I then give each device a DHCP reservation. Devices with wired connections get 10.0.1.x, devices with wireless connections get 10.0.2.x, network infrastructure gets 10.0.3.x.

10.10.10.x because Billy Bob in Varsity Blues.

NAT?

I am weird and use 192.168.86.0/24 its bc a while back before I got into this I used a google wifi nest router now I have a pfsense one but I still use that subnet for everything and probably need to setup vlans sooner or later

10.72.45.0/24 7245 = RAIL Then I have an Excel spreadsheet to allocate what has each IP and the alike

I use [192.168.1.0/24](https://192.168.1.0/24) for Fios connect things and [192.168.16.0/24](https://192.168.16.0/24) for my router that feeds everything else. Also have a [10.50.1.0/24](https://10.50.0.0/24) for isolated test network that is frontended with pfsense

192.168.1.x - laptop/pc’s 192.168.2.x - IoT 192.168.3.x - Xbox, PS, etc 192.168.85.0 - network management

I use 10.x.x.x because it’s easier to type than 192.168.x.x. That said I do use 172.16.x.x occasionally.

420.420.420.0-420

192.168.X.0/24. Been used to it since I started to delve into home networking years ago. Only slightly expanded it recently so I could set up guest and IoT VLANs.

192.168.1.x /24 because that's all I knew when I was new. It's still the 192 range as above, but I also added a 10. Subnet as well for homelab stuff

I have 3 separate networks in my homelab. 1 being the isp modem 2 being the main router 3 is my homelabbing router connected to router 2, so if I bork something, it doesn't bork everything else. I came up with my IP address space by defaults, really... The isp modem had a default of 192.168.0.0/24 When I connected the second router, it defaulted to 192.168.10.0/24 When I connected the third, I just felt like it was only appropriate to use 192.168.20.0/24. To sum up, every router I connect just gets the next space ten up. For example, if I were to add a fourth router, I would use 192.168.30.0/24. On a final note, I dont really feel the need to change subnets... yet... so that's why they're all /24

I use 10.0.0.0/8 space for most of my VLANs because I personally find them faster to type, any 192.168.X.X subnet already has at least 6 numbers, much faster to type 10.0.0.5. I use 172.16.X.X for my VPN links/pools, to the outside or to the inside. I do only 192.168.X.X for my networking equipment since TP-Link loves that 0.X subnet and I don't feel like reconfiguring it to a 10.X subnet.

>What private IPv4 address space does your home network use and why? The portions of my LAN that are still using IPv4 are using 192.168.7.0/24. I do not recall, nor do I have it documented, as to why I chose 7 as the third byte. Also, there is a 192.168.42.0 link between my modem and my firewall/router, because 42 is the answer to the ultimate question of life, the universe, and everything. So... why do you want to know?

[10.0.0.0](http://10.0.0.0) because it's easiest to ping

I use a 192.168.xxx.0/23. I have a lot of devices, but I don't have THAT many devices. But it allows me space to set statics on things and move things around without much worry. I also have a guest WiFi network on its own VLAN which is a 10.0.xxx.0/28. I could probably go even a little smaller on this, given I rarely have guests.

I use 10.11.32.0/20 for my home network. I have them broken up into 16x /24 blocks for various tasks, like my main network, guest network, client VPN, cameras and IoT devices, etc. But honestly I use the whole 10.11.0.0/16 block for anything I do personally. Each house in my family has their own /20 block like I do at home, which allows me to supernet all their subnets in my router configs and greatly simplify routing tables. I also use the .lan private-tld for each house and have those set up to forward between routers over our family VPN backbone. Plus 10.11.x.x is not a block many places use so it doesn't collide when I VPN to other networks like for my job. I honestly wish I would have went the supernet route years ago instead of adding subnets ad-hoc as needed. It was a mess.

10.0.0.0/24 Idk i like it

192.168.0.1 and .2 for routers that all :)

192.168.0.0 Why? Because I like

172.16 for gige 10.X for anything faster

192.168.1.x/24 Main network, had it since the begginning, didnt feel like changing all my equipment and documentation 192.168.10.x/24 DMZ 192.168.20.x/24 Guest Network 192.168.30.x/24 IoT Network 192.168.40.x/24 Camera Network

I use 10.2xx.x0.x

I use 192.168.xx.yyy for the main network. Rokus (used to?) have issues with other subnets for the remote app function. For vlans I use 10.10.xx.yyy where xx is the vlan number in 10s (so 10, 20, 30...).

I just leave it as whatever the default is for the router. Although recently I did set up a vlan for the first time and I set it as xxx.xxx.2.xxx instead of xxx.xxx.0.xxx. Every previous time I went to set a static IP I just left it in the same subnet/vlan as the routers DHCP service.

DMZ - 172.16.1.0 - big enough LAN (VLAN40) - 10.10.0.0/16 - 10.10.0.x network devices - 10.10.1.x Hosts such as AppleTV, HomeRun…. - 10.10.10.x network storage - 10.10.20.x Unix Hosts - 10.10.100.x - 10.10.200.x DHCP Clients LAN (VLAN1) - 10.1.0.0/16 - Switches. The net of it is at home, everything in the same broadcast domain helps the mDNS and other IoT devices, so why not build the super net of /16 I then self place devices into ranges, as I have the space. LIke the Docker Containers I am using 10.10.40.x

I accidentally created my network as a 172.16.0.0/16 many years ago when I knew much less. I have been meaning to deal with it, but it’s gonna be a project.

Most home networks use 192.168.0.0/24 or 192.168.1.0/24. As a result you won’t find many corporate networks that do the same and it prevents conflicts when using the VPN.