• Main Menu
  • 127.0.0.1 – What Are its Uses and Why is it Important?


    127.0.0.1 is the loopback Internet protocol (IP) address also referred to as the “localhost.” The address is used to establish an IP connection to the same machine or computer being used by the end-user. The same convention is defined for computer’s that support IPv6 addressing using the connotation of ::1. Establishing a connection using the address 127.0.0.1 is the most common practice; however, using any IP address in the range of 127.*.*.* will function in the same or similar manner. The loopback construct gives a computer or device capable of networking the capability to validate or establish the IP stack on the machine.

    How Does the Internet Protocol Work?

    The Internet Protocol (IP) is a set of rules that ensure there is a standardized method to address and communicate between computers and other network devices. Besides governing the method of addressing, the IP protocol also standardizes the manner or method that data packets are sent to, delivered, and where applicable acknowledged across the Internet and local networks. Internet Protocol version 4 (or IPv4) is the fourth revision of the protocol and is There's no place like 127.0.0.1the most widely deployed throughout the world. IETF RFC 791, which was finalized in September of 1981, is the current definition of the protocol. IPv4 is slowly being replaced by IPv6, but it’s adoption is still in infancy. IPv4 is considered to be a connectionless protocol designed to be used on Ethernet-based networks. The protocol does not guarantee delivery, data integrity, or proper data sequencing; instead, relying on the Transmission Control Protocol (TCP) to handle these concerns.

    How Does 127.0.0.1 Work?

    Establishing a network connection to the 127.0.0.1 loopback address is accomplished in the same manner as establishing one with any remote computer or device on the network. The primary difference is that the connection avoids using the local network interface hardware. System administrators and application developers commonly use 127.0.0.1 to test applications. When establishing an IPv4 connection with 127.0.0.1 will normally be assigned subnet mask 255.0.0.1. If any public switch, router, or gateway receives a packet addressed to the loopback IP address, it is required to drop the packet without logging the information. As a result, if a data packet is delivered outside of the localhost, by design it will not accidently arrive at a computer which will try to answer it. This aspect of the loopback helps ensure network security is maintained, since most computers will answer packets addressed to their respective loopback address which may also unexpectedly activate other services on a machine by responding to a stray data packet.

    What is the Domain Name System?

    Human beings are not able to easily remember IP addresses or number well. Plain language web addresses; however, are much easier to use, but require a method to resolve to the actual address of the remote computer or server. As a result, the Domain Name System (DNS), was developed to help direct local and Internet traffic to the appropriate destination by performing real-time look-ups of Internet address with other DNS servers located on the Internet. Before a local computer will send a DNS request to the DNS server for the local network; however, it will perform a check of the locally stored Hosts file first to save time and network resources. The hosts file contains pairings of IP addresses along with one or more host names and is updated frequently based on predefined conditions on the local computer. Before the invention of DNS, there was a single Hosts file that was shared across the network. This was found to not pass the test of scalability; however, when multiple networks started to get connected together which resulted in the development of the DNS system in use today.

    How is 127.0.0.1 Used in the Hosts File?

    Whenever a computer user tries to access a website or remote computer by name, the computer checks the locally stored Hosts file for domain name resolution before sending a request to the Domain Name Server (DNS). The 127.0.0.1 IP address is commonly found in the Hosts file on computers assigned to the plain English address, “localhost.” It is also used by computer malware to assign legitimate websites to the localhost to prevent the end-user from seeking legitimate computer security assistance with malware infection. This type of change has most commonly been associated with many of the computer scareware packages that have been deployed across the Internet through maliciously infected websites, Trojan horse viruses, and infected email attachments. Some computer administrators, and interested students, can modify the hosts file to prevent access to undesirable websites; however, is not the preferred method as the end-user (or administrator) now becomes responsible for removing the entry when required. Examples of host file entries:

    127.0.0.1 localhost

    127.0.0.1 www.SiteYouWantToRouteToLocalHost.com

    127.0.0.1 SiteYouWantToRouteToLocalHost.com

    What is a Special Use IP Address?

    A special use IP address is one that has been assigned by the Internet Assigned Numbers Authority (IANA) and is reserved for a specific reason or purpose. The IANA’s authority to delineate these addresses comes from the IETF to make assignments in support of the Internet Standards Process. The IANA defines special use IP addresses for IPv4 in RFC 3330: Special-Use IPv4 Addresses and for IPV6 in RFC 3513: Internet Protocol Version 6 (IPv6) . RFC 3330 was the first specification to collect the various one-off definitions for special use IP addresses such as 127.0.0.1 that had been defined over the years in a central location. Based on these lessons learned, all of the special user IPv6 addresses were included in RFC 3513 from the beginning. The IANA does state in RFC 3330 that the Internet does not protect against the abuse of special IP addresses such as 127.0.0.1. The organization also goes on to recommend that if all data packets from a reserved address are assumed to have originated from the same computer’s subnet that all border routers should filter reserved packets that do not originate from the same device since there have been instances of attacks mounted based on the use of one or more of these special addresses.

    Special IP Address Summary Table

    Address Block             Present Use                      

    0.0.0.0/8             “This” Network

    10.0.0.0/8            Private-Use Networks

    14.0.0.0/8            Public-Data Networks

    24.0.0.0/8            Cable Television Networks

    39.0.0.0/8            Reserved, subject to allocation

    127.0.0.0/8          Loopback

    128.0.0.0/16        Reserved, subject to allocation

    169.254.0.0/16    Link Local

    172.16.0.0/12      Private-Use Networks

    191.255.0.0/16    Reserved, subject to allocation

    192.0.0.0/24        Reserved but subject to allocation

    192.0.2.0/24        Test-Net

    192.88.99.0/24    6to4 Relay Anycast

    192.168.0.0/16    Private-Use Networks

    198.18.0.0/15        Network Interconnect Device Benchmark Testing

    223.255.255.0/24     Reserved, subject to allocation

    224.0.0.0/4          Multicast, commonly used in multiplayer simulations and gaming and for video distribution.

    240.0.0.0/4          Reserved for Future Use

    What Are the Common Uses for 127.0.0.1?

    A common technique to verify that a computer’s networking equipment, operating system, and TCP/IP implementation are working correctly is to send a ping request to 127.0.0.1. Based on the results of the test, administrators or computer users can troubleshoot network connectivity issues. Application developers also make use of the loopback address to test basic network functionality when developing a program or application component prior to going “live” on a network or the Internet with testing or deployment.

    Some of the “lighter” uses of the loopback address are to trick computer security or computer science students into attempting to crack, probe, or test network speed by using the 127.0.0.1 address. There are also a number of variations on the “World’s Worst Hacker” found across the Internet. In these stories (which at least a few are likely based on true stories), fellow hackers urge “newbies” or a “less-than-knowledgeable” hacker to infect, hack, or conduct a DOS or DDOS attack against the 127.0.0.1 address.  In the more humorous stories, the hacker succeeds in infecting or deleting information from his or her own computer to the amusement of those watching.

    Where is 127.0.0.1 Defined?

    RFC 1700, published by the Internet Engineering Task Force (IETF) was the first document to reserve the 127.0.0.0/8 address block for loopback purposes. IETF document, RFC 3330, then further described the usage of the IPv4 address block 127.0.0.0/8 for loopback purposes. These definitions were later updated exclusively through the IANA and continue to be excluded for assignment by Regional Internet Registries or the IANA.

    What is IPv6?

    As the number of people and devices that use the Internet has grown, the demand for addresses has continued to grow exponentially. Internet Protocol Version 6, IPv6, is the next generation protocol that is designed to ultimately replace IPv4 and is slowly being adopted in education and research circles. The Internet Engineering Task Force (IETF) developed IPv6 to accommodate the increasing number of devices and users accessing the Internet and to help address some of the fundamental security shortcomings in the IPv4 implementation. IPv6 accommodates a greater number of addresses by using bigger numbers to create IP addresses. Under the IPv4 addressing convention, an address is 32 bits in length that allows for approximately 4.3 billion unique addresses. IPv6; however, uses a 128 bit address that permits up to 340 trillion, trillion IP addresses.

    What Are the Advantages of IPv6?

    Besides the significant increase in total numbers of IP addresses, IPv6 also offers networking advantages over IPv4. The new protocol allows devices to detect and use services of IPv6 enabled networks without requiring action by the end-user. It also significantly reduces the need for Network Address Translation (NAT) which is used on IPv4 to allow a number of clients to share a single IP address. A number of research projects based on the underlying IPv6 technology are underway as part of the Internet 2 project led by a non-profit U.S. networking consortium comprised of education communities, industry, and government. With more than 280 members, the Internet 2 Network currently connects more than 60,000 institutions and provides a next-generation optical network that can meet high-performance demand requirements for research and education.

    What is the Equivalent of 127.0.0.1 in IPv6?

    ::1 or in longhand, 0:0:0:0:0:0:0:1 is the loopback address in the IPv6 protocol. The loopback address in IPv6 performs a similar function as in IPv4 by allowing a node to send a data packet to itself. It cannot be assigned to any physical interface on the computer and is considered to have a “link-local” scope. The ::1 address is not allowed to be used as a source address in IPv6 packets that are sent outside of a single node. If they are, an IPv6 router is not allowed to forward the data packet. If a packet with this address is received on an interface, it must also be dropped. The loopback, “unspecified addresses,” and the IPv6 addresses that have embedded IPv4 addresses are assigned out of the 0000 0000 binary prefix space.

    Steps to Ping 127.0.0.1

    Although pinging the loopback address or 127.0.0.1 can be accomplished using the DOS command prompt or terminal on a MAC OS X computer, it is also built in to many of the network administrator tools available on the market.

    Step 1 – Log-in to your computer using an account with administrator permissions.

    Step 2 – Open the “DOS” prompt by selecting the “Start” button and typing “CMD” into the search text field. In Mac OS X, select the “Finder” located in the computer’s “Dock” and click on the “Utilities” menu option. Then, double click the “Network Utility” application icon.

    Step 3 – In Windows, enter “ping 127.0.0.1” at the DOS command prompt followed by pressing the “Enter” key. On a Mac, select the “Ping” menu tab and enter “127.0.0.1” in the field provided. Then press the “Ping” menu button.

    Step 4 – View the results displayed on the screen. The data displayed will include the number of data packets sent, received, lost, and the approximate round trip time of the data transmission. Results on a Windows computer will look similar to:

    Pinging 127.0.0.1 with 32 bytes of data:

    Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

    Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

    Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

    Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

    Ping statistics for 127.0.0.1:

    Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),

    Approximate round trip times in milli-seconds:

    Minimum = 0ms, Maximum = 0ms, Average = 0ms

    Got Something To Say:

    Your email address will not be published. Required fields are marked *

    31 comments
    1. Ankit Jain

      19 September, 2018 at 6:17 am

      good info on the loopback ip address.

      Reply
    2. Fullmoon Mint

      27 October, 2016 at 9:52 pm

      I’ve tried this method with Deviantart. I’ve done this in the 127.0.0.1 method and 0.0.0.0 the site will block certain pages. Like if I put a username in the search bar it won’t load that page, but the main site is still accessible. Anyone know how to get this issue fixed? I’ve also blocked facebook with this method too, but DA just refuses to block.

      Reply
    3. lorna

      11 June, 2015 at 4:55 pm

      I found this myself 127.0.0.1 11507, then emailed my boyfriend to ask what it was he was doing on my computer. Since including this ip address in the email I sent, i can no longer send emails. WHATS GOING ON. i am not a computer person, how do i fix this

      Reply
    4. MHS

      31 May, 2015 at 10:28 pm

      Why the ipv4 loopback address has a complete
      block for loopback addresses. Plzzz answer guys…

      Reply
    5. shade

      8 April, 2015 at 8:35 pm

      found this in my cookies 127.0.0.1/ now why would i be sending myself a cookie to track myself?

      Reply
      • Foxxe Wilder

        8 January, 2017 at 2:47 am

        Well if you gave yourself a cookie, eat it, at least you know where it’s been! 🙂

        Reply
    6. TimeTraveller

      24 November, 2014 at 3:58 am

      This was well written and informative. Even as a technical person that knew most of this stuff, there was still some new information in there for me. Great article.

      Reply
    7. WillSpencer

      3 October, 2013 at 4:40 am

      Can you post a screenshot?

      Reply
    8. Asad

      31 July, 2012 at 10:20 am

      really informative i blocked some websites on my pc by using local host trick.Thanks for sharing such informative article

      Reply
    9. Eduardo

      24 May, 2012 at 4:36 pm

      Nice post.

      Do you know if a request from the server to the same server using their asigned IP (10.213.100.x) uses the network? or make a loopback like 217.0.0.1?

      Thanks.

      Reply
    10. pravi

      25 January, 2012 at 4:49 am

      it’s realy good!!!!!!!!!!!!

      Reply
    11. spuds

      15 January, 2012 at 4:17 pm

      this is cool

      Reply
    12. ed wiles

      22 November, 2011 at 8:21 pm

      Lately, when I try to log onto my internet service to go to my home page at att:yahoo news, it fails to come up.  Instead, a page appears with the my att and yahoo browser but a block comes up saying “internet explorer cannot display the webpage”.  My internet connection icon shows the dsl internet is connected but I can not browse, get my may or go to any site. 
      Was on the phone with ATT technicians for over 2 hours and could not get it fixed.  They ran me through everything, including setting up a new dsl connection.  The dsl modem works fine also.
      Can you venture a guess?

      Reply
    13. Gaptek

      13 August, 2011 at 12:17 pm

      i confused,,,

      this is standard ?

      so default my gadget always use althoug i ‘m not configure ?

      Reply
    14. BrieFrie

      20 June, 2011 at 2:11 am

      No Bob! Don’t do it!

      Reply
      • Bob Abbott

        20 June, 2011 at 5:24 pm

        Thanks!  After reading a little on this URL I sense that this is a scam used to gather information or hack into my computer. 

        I actually received this same emil again this morning.  I wish I could determine where it is coming from.

        Reply
        • Bert

          15 June, 2016 at 6:37 pm

          Hopefully not 127.0.0.1 🙂

          Reply
    15. Mike

      21 April, 2011 at 8:00 am

      127.0.0.1 had BLA trojan established on one of my ports so I quickly disconnected the connection…does this mean I have a Virus?? or someone put a backdoor in my PC? plzz help

      Reply
      • memenode

        22 April, 2011 at 3:18 am

        According to Symantec it’s a backdoor, but since it’s apparently known an antivirus program should be able to deal with it.

        Reply
      • damon

        9 November, 2011 at 10:09 pm

        Basically trojanv is a way of getting into the comp and getting a way to change the password.

        Reply
    16. brenda

      25 March, 2011 at 10:59 pm

      I constantly receive email from “UPS” concerning a package that can’t be delivered and is encouraging me to click on a link for instructions. The email is a scam, I understand, but an IP trace shows it’s destination to be Birmingham, UK and the origination is a local host 127.0.0.1. If that’s the local host, is it coming from my puter?
       
      In general terms, what is “local host”?

      Reply
      • memenode

        28 March, 2011 at 4:37 pm

        Scammers can spoof an email address and put anything there including the local IP address. If you didn’t send it to yourself and your computer didn’t develop a will of its own and a desire to mess around with you then it’s impossible that it came from your computer. Someone just faked it.

        A local host or “localhost” just means “this computer”, and refers to the computer you’re using right now.

        Reply
    17. pcs

      14 January, 2011 at 4:15 pm

      Reply to the following comment:


      When I use the installed version of AOL, everytime I click on a web-link a blank window appears that never loads.
      And the IP address being used is 127.0.0.1

      Immediately discontinue using AOL.

      Reply
    18. Fred Woolman

      2 January, 2011 at 5:23 pm

      When I use the installed version of AOL, everytime I click on a web-link a blank window appears that never loads.
      And the IP address being used is 127.0.0.1

      This is very frustrating beacause I cannot use any links from the desktop version of AOL. The web version works fine.

      How do I get links to work from the desk top AOL? !!

      Thanks,

      FW

      Reply
    19. Jacke9779

      24 December, 2010 at 9:03 am

      Thanks very much!

      Reply
      • Zahabkhan

        15 February, 2019 at 10:49 am

        Yes

        Reply
    Network Layer
    180 queries in 0.607 seconds.