Sign in Subscribe
By PJ Pérez in Networking

Map the Loopback, Rule the Box

Map the Loopback, Rule the Box

Most developers know 127.0.0.1 as the loopback address. It’s the default for localhost and is hardwired into everything from testing frameworks to networking stacks. But what’s less known—and rarely used—is that the entire 127.0.0.0/8 range is reserved for loopback. That’s 16 million addresses, all guaranteed to route back to your local machine.

And yes, you can use them.

Why this matters

Networking isolation and service testing often rely on local IPs. Docker, Kubernetes, VMs, local proxies—anything that involves multiple simulated interfaces—can benefit from additional loopback addresses. Instead of inventing fake IPs or repurposing local LAN ranges like 192.168.x.x, just reach deeper into 127/8. It’s there for you.

This isn’t a new trick. The relevant IANA assignment dates back to 1989:

127.0.0.0/8 is reserved for loopback. A datagram sent by a higher-level protocol to an address anywhere within this block should loop back inside the host.

That means 127.1.2.3, 127.255.255.254, or 127.66.66.66—they all behave like 127.0.0.1. They don’t hit the NIC. They don’t touch the wire. They stay inside your machine.

Try it

Here’s a quick demo.

First, bind a simple HTTP server to an alternate loopback address:

python3 -m http.server --bind 127.66.66.66 8080

Then in another terminal:

curl http://127.66.66.66:8080

It works exactly like 127.0.0.1. No DNS needed. No extra interfaces.

You can even bind multiple services to different addresses:

python3 -m http.server --bind 127.10.0.1 8001 &
python3 -m http.server --bind 127.20.0.1 8002 &

And curl them independently:

curl http://127.10.0.1:8001
curl http://127.20.0.1:8002

Each address is loopback-scoped. No conflicts. No surprises.

What to watch for

Some software hardcodes 127.0.0.1 or assumes that’s the only valid loopback address. You might run into that. Also, be careful with firewalls—most Linux iptables rules only match 127.0.0.1, not the whole range.

To fix that, widen your loopback match:

iptables -A INPUT -i lo -j ACCEPT

or if you're using nftables:

nft add rule inet filter input iif lo accept

This ensures all 127/8 traffic is accepted on the loopback interface.

Uses in the real world

You can simulate multi-node environments locally. For example, bind one service to 127.1.1.1, another to 127.2.2.2, and make them talk to each other. Great for development setups that mirror distributed systems without touching Docker or VMs.

Want to test a DNS server? Run it on 127.53.53.53 and point your resolv.conf there.

Need to run hundreds of services in parallel for fuzzing or benchmarking? Allocate one IP per service in 127/8. No collisions. No routing drama.

It’s all yours

The 127/8 block isn’t some obscure corner of the spec. It’s reserved explicitly for your machine. You’re free to use all of it—millions of local IPs, zero routing involved.

Use them.

Subscribe to Cloud Networking Pro

Don’t miss out on the latest issues. Sign up now to get access to the library of members-only issues.
jamie@example.com
Subscribe