Create random IP values instantly in your browser and download the generated output as a RANDOMIP file.
203.0.113.42) or IPv6 (128-bit, hex like 2001:db8::a3f2). IPv4 covers the legacy address space; IPv6 is what you want when you need addresses that won't collide with anything real.192.0.2.0/24, 198.51.100.0/24, 203.0.113.0/24), an RFC 1918 private block (10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16), CGNAT shared space (100.64.0.0/10), loopback (127.0.0.0/8), link-local (169.254.0.0/16), or enter a custom CIDR (e.g. 198.18.0.0/15 for benchmarking). Leave unrestricted for the full address space.iptables, a CSV column, or a Faker seed.A "random" IP isn't just a number — it carries assumptions. A real-looking IPv4 like 52.34.18.91 may belong to an AWS EC2 instance you've never heard of, and accidentally hard-coding it into a load test or a unit fixture can send real packets to a real customer. The fix is to generate from the IANA-reserved blocks that are guaranteed never to route on the public internet. Use this tool when you need throwaway addresses for tests, mocks, diagrams, training, or filler in screenshots — without spoofing or accidentally targeting someone.
198.51.100.0/24 to populate a User-Agent log, or pull from 2001:db8::/32 to validate your IPv6 parsing without ever hitting a live host.1.2.3.4 placeholders with 192.0.2.7 and your reader's tcpdump won't light up.100.64.0.0/10) or RFC 1918 (10.0.0.0/8) addresses to drop into iptables, AWS Security Group rules, or an nginx geo block, then verify your policy matches the way you expect./24 to exercise hash-based load balancing, sticky-session logic, or rate-limit-per-IP rules.| CIDR Block | Name (IANA) | RFC | Globally Routable? | Use For |
|---|---|---|---|---|
10.0.0.0/8 |
Private-Use | RFC 1918 | No | Corporate LANs, mock internal services |
172.16.0.0/12 |
Private-Use | RFC 1918 | No | Docker default bridge networks, home labs |
192.168.0.0/16 |
Private-Use | RFC 1918 | No | Home routers, small-office LANs |
100.64.0.0/10 |
Shared Address Space (CGNAT) | RFC 6598 | No | ISP carrier-grade NAT — looks real, isn't yours |
127.0.0.0/8 |
Loopback | RFC 1122 | No | localhost — same machine only |
169.254.0.0/16 |
Link-Local | RFC 3927 | No | DHCP failure fallback, AWS metadata service |
192.0.2.0/24 |
TEST-NET-1 (Documentation) | RFC 5737 | No | Examples in docs, blog posts, training |
198.51.100.0/24 |
TEST-NET-2 (Documentation) | RFC 5737 | No | Second example block — pair with TEST-NET-1 |
203.0.113.0/24 |
TEST-NET-3 (Documentation) | RFC 5737 | No | Third example block — for three-host scenarios |
198.18.0.0/15 |
Benchmarking | RFC 2544 | No | Network device performance tests |
224.0.0.0/4 |
Multicast | RFC 5771 | No (special) | mDNS, IGMP, SSDP — not unicast |
240.0.0.0/4 |
Reserved (former Class E) | RFC 1112 | No | Reserved for future use |
| Property | IPv4 | IPv6 |
|---|---|---|
| Bit length | 32 bits | 128 bits |
| Total addresses | ~4.29 billion (2³²) | ~3.4 × 10³⁸ (2¹²⁸) |
| Notation | Dotted-decimal 192.0.2.1 |
Colon-hex 2001:db8::1 |
| Documentation prefix | 192.0.2.0/24, 198.51.100.0/24, 203.0.113.0/24 (RFC 5737) |
2001:db8::/32 (RFC 3849) |
| Private/local | RFC 1918 (10/8, 172.16/12, 192.168/16) | Unique Local fc00::/7 (RFC 4193); Link-Local fe80::/10 |
| Loopback | 127.0.0.0/8 (whole /8) |
::1/128 (one address) |
| Address exhaustion | IANA depleted Feb 2011 | Effectively unlimited |
| Common in test data | Dominant | Growing — exercise your dual-stack code with it |
It depends on which range you generate from. If you leave the range unrestricted, the output is a uniformly random IPv4 or IPv6 number — many of those numbers are assigned to real hosts, ISPs, or cloud providers right now. If you restrict to a documentation prefix (192.0.2.0/24, 198.51.100.0/24, 203.0.113.0/24, or 2001:db8::/32), an RFC 1918 private block, CGNAT, loopback, or link-local, the IANA registry marks the result as not globally reachable — packets sent there won't make it past the first cooperative router. For test data, mocks, and documentation, always pick a reserved range.
Use RFC 5737 for IPv4 and RFC 3849 for IPv6 — those blocks exist specifically for documentation. The three IPv4 TEST-NET blocks (192.0.2.0/24 for TEST-NET-1, 198.51.100.0/24 for TEST-NET-2, 203.0.113.0/24 for TEST-NET-3) give you 768 addresses total — enough for any blog post or API spec. For IPv6, draw from 2001:db8::/32, which contains 2⁹⁶ usable addresses. These ranges will never be assigned to a real host, so your reader can copy-paste your example without consequences.
No, and please don't try. The output is for test data, mocks, fixtures, and documentation — not for masking real traffic. Spoofing source IPs on the public internet generally fails (most ISPs implement BCP 38 ingress filtering), violates terms of service, and in many jurisdictions is illegal under computer-misuse statutes. If you need to test against a rate limiter, use synthetic addresses from a documentation or RFC 1918 prefix and run the test in a lab or staging environment you control.
The tool draws random bytes from the browser's crypto.getRandomValues() API and maps them into the address range you selected. That's the same CSPRNG used by Math.random's secure cousin, WebCrypto, and is suitable for non-cryptographic test-data generation. It's not appropriate for generating actual keys or tokens — for that, use a dedicated cryptographic library on the server, or our Password Generator for human-memorable secrets.
Within a /24, the all-zeros host (.0) and all-ones broadcast (.255) addresses are reserved per RFC 950 and not assignable to a host. For larger blocks, the network and broadcast addresses of each subnet are also unassignable. The generator returns uniformly random 32-bit values constrained to your chosen prefix, which means some output may land on these reserved offsets — fine for log fixtures, less fine if you're seeding a "list of valid hosts" table. Filter them out post-generation if needed, or restrict your CIDR to host-only ranges.
Yes — enter any CIDR like 10.42.0.0/16 or 2001:db8:1234::/48 and the output will fall inside that prefix. This is the easiest way to seed test data that mirrors your actual network topology without using your live addresses. Combine it with a quantity setting to populate a /24 for a hashring test, or generate one address from each of several disjoint prefixes to verify multi-region routing.
1.2.3.4?1.2.3.4 is a real, allocated address — APNIC assigned the entire 1.0.0.0/8 to APNIC LABS in 2010 and 1.1.1.1 famously belongs to Cloudflare's DNS resolver. When tutorials use 1.2.3.4 or 8.8.8.8 as placeholders, readers copying those into test configs can accidentally generate real traffic to real services. The TEST-NET blocks were standardized exactly to prevent this — they're guaranteed safe and recognizable as "this is an example, not a real address."
UUIDs (and ULIDs, KSUIDs, NanoIDs) are designed to be globally unique identifiers for rows, requests, or events — generate one per record and you'll never collide. IP addresses are structured network identifiers with semantics: a /24 is a routable subnet, the all-zeros address is the network, all-ones is broadcast. Use the UUID Generator when you need a primary key or correlation ID; use this tool when you need realistic-looking address data with the right structural properties for testing network code, firewall rules, or geolocation pipelines.