About

Generating random IP addresses is a routine requirement in network testing, firewall rule validation, database seeding, and security research. A poorly randomized dataset introduces bias: clustering around specific subnets, accidental collisions with reserved ranges like 10.0.0.0/8 or 192.168.0.0/16, or generating link-local addresses that break routing simulations. This tool uses crypto.getRandomValues for uniform distribution across the full 2³² IPv4 space or 2¹²⁸ IPv6 space, with optional filtering by address class (A through E) and automatic exclusion of private, loopback, and reserved blocks per RFC 5735 and RFC 6890.

Note: generated addresses are statistically random but not guaranteed globally routable. If you need addresses that resolve to real hosts, this tool is not appropriate. For load-testing or log fabrication, batch sizes up to 10,000 are supported with Set-based deduplication. CIDR prefix lengths are optionally appended for subnet simulation. IPv6 output supports both full and compressed (RFC 5952) notation.

Formulas

An IPv4 address is a 32-bit unsigned integer rendered as 4 dot-separated octets. Each octet O_i is drawn uniformly from [0, 255]:

IPv4 = O₁ ⋅ 2²⁴ + O₂ ⋅ 2¹⁶ + O₃ ⋅ 2⁸ + O₄

where O_i ∈ {0, 1, …, 255} and class constraints restrict O₁: Class A ∈ [1, 126], Class B ∈ [128, 191], Class C ∈ [192, 223], Class D ∈ [224, 239], Class E ∈ [240, 255].

An IPv6 address is a 128-bit value rendered as 8 colon-separated 16-bit hextets:

IPv6 = 7∑i=0 H_i ⋅ 2^16⋅(7−i)

where each hextet H_i ∈ [0, 65535]. The total address space is 2¹²⁸ ≈ 3.4 × 10³⁸. CIDR notation appends /n where n is the prefix length in bits. The number of host addresses in a subnet is 2^{(total bits − n)}.

Reference Data

Range / Block	CIDR	Type	First Octet	RFC	Routable
0.0.0.0 - 0.255.255.255	0.0.0.0/8	"This" Network	0	RFC 1122	No
10.0.0.0 - 10.255.255.255	10.0.0.0/8	Private (Class A)	10	RFC 1918	No
100.64.0.0 - 100.127.255.255	100.64.0.0/10	Shared / CGN	100	RFC 6598	No
127.0.0.0 - 127.255.255.255	127.0.0.0/8	Loopback	127	RFC 1122	No
169.254.0.0 - 169.254.255.255	169.254.0.0/16	Link-Local	169	RFC 3927	No
172.16.0.0 - 172.31.255.255	172.16.0.0/12	Private (Class B)	172	RFC 1918	No
192.0.0.0 - 192.0.0.255	192.0.0.0/24	IETF Protocol	192	RFC 6890	No
192.0.2.0 - 192.0.2.255	192.0.2.0/24	Documentation (TEST-NET-1)	192	RFC 5737	No
192.168.0.0 - 192.168.255.255	192.168.0.0/16	Private (Class C)	192	RFC 1918	No
198.18.0.0 - 198.19.255.255	198.18.0.0/15	Benchmarking	198	RFC 2544	No
198.51.100.0 - 198.51.100.255	198.51.100.0/24	Documentation (TEST-NET-2)	198	RFC 5737	No
203.0.113.0 - 203.0.113.255	203.0.113.0/24	Documentation (TEST-NET-3)	203	RFC 5737	No
224.0.0.0 - 239.255.255.255	224.0.0.0/4	Multicast (Class D)	224 - 239	RFC 5771	No
240.0.0.0 - 255.255.255.254	240.0.0.0/4	Reserved (Class E)	240 - 255	RFC 1112	No
255.255.255.255	255.255.255.255/32	Broadcast	255	RFC 919	No
::1/128	::1/128	IPv6 Loopback	-	RFC 4291	No
fc00::/7	fc00::/7	IPv6 Unique Local	-	RFC 4193	No
fe80::/10	fe80::/10	IPv6 Link-Local	-	RFC 4291	No
ff00::/8	ff00::/8	IPv6 Multicast	-	RFC 4291	No
::ffff:0:0/96	::ffff:0:0/96	IPv4-Mapped IPv6	-	RFC 4291	No

Frequently Asked Questions

Math.random uses a PRNG (pseudo-random number generator) seeded from a low-entropy source. Its output is predictable and exhibits statistical bias in large batches. crypto.getRandomValues draws from the OS entropy pool (e.g., /dev/urandom), providing uniform distribution across the full octet range [0, 255]. For security testing and load simulation, this eliminates clustering artifacts that could skew results.

The routable IPv4 space contains roughly 3.7 billion addresses. At 10,000 samples, the birthday-problem collision probability is approximately 1.35 × 10⁻⁵ (about 1 in 74,000 batches). The generator uses a Set for deduplication: if a collision occurs, it re-draws until the requested count is met. You will always receive exactly the number of unique addresses requested.

The filter excludes all blocks defined in RFC 6890 (Special-Purpose Address Registry): 0.0.0.0/8, 10.0.0.0/8, 100.64.0.0/10, 127.0.0.0/8, 169.254.0.0/16, 172.16.0.0/12, 192.0.0.0/24, 192.0.2.0/24, 192.168.0.0/16, 198.18.0.0/15, 198.51.100.0/24, 203.0.113.0/24, 224.0.0.0/4, 240.0.0.0/4, and 255.255.255.255/32. For IPv6, it excludes ::1/128, fc00::/7, fe80::/10, ff00::/8, and ::ffff:0:0/96. This covers all currently defined reserved blocks.

Per RFC 5952, the tool finds the longest consecutive run of all-zero hextets and replaces it with "::". If multiple runs of equal length exist, the leftmost is compressed. Leading zeros within each hextet are also stripped (e.g., 0042 becomes 42). A single zero group is not compressed - "::" is only used for runs of 2 or more consecutive zero groups.

Generating random IPs is legal. Scanning or probing IP addresses you do not own or have written authorization to test is illegal in most jurisdictions under computer fraud statutes (CFAA in the US, Computer Misuse Act in the UK). This tool is intended for dataset seeding, firewall rule testing on your own infrastructure, log simulation, and educational purposes. Never scan addresses without explicit permission.

For IPv4, valid CIDR prefix lengths are /0 through /32. A /32 denotes a single host. A /0 matches all addresses. For IPv6, valid prefixes are /0 through /128. Common allocations are /48 (site), /64 (subnet), and /128 (host). The tool clamps input to these ranges and defaults to a random value within a practical range (/8 - /30 for IPv4, /16 - /120 for IPv6) when set to "Random".