Donate
Donate
BETA
7 min readJanuary 17, 2026

CGNAT IP Address Range (100.64.0.0/10) + How to Check Yours

CGNAT (Carrier-Grade NAT) uses a special IPv4 range to let many customers share a smaller pool of public IPs. The CGNAT IP address range (often called the CGNAT IP range or CGNAT address space) is 100.64.0.0/10 (100.64.0.0 - 100.127.255.255).

What is the CGNAT IP address range?

The CGNAT range is defined in RFC 6598 and sits between private addresses and public internet space. It is not the same as RFC1918 private ranges (10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16). Instead, it is a dedicated "shared space" for ISPs to perform NAT at scale.

CGNAT address space (100.64.0.0/10)

The CGNAT address space spans 100.64.0.0 through 100.127.255.255. If your router WAN IP falls in this range, your connection is almost certainly behind CGNAT.

Why ISPs use CGNAT

  • IPv4 addresses are limited and expensive
  • CGNAT lets an ISP share one public IP across many customers
  • It reduces costs while keeping legacy IPv4 services working

How CGNAT works (two layers of NAT)

With CGNAT, there are usually two NAT layers: your home router performs NAT for your devices, and the ISP performs NAT again before traffic reaches the public internet. That means your router's WAN IP is not public, and inbound connections cannot reach you directly.

Simple diagram (CGNAT flow)

Device (192.168.1.10)
   -> NAT (home router)
Router WAN: 100.64.12.34
   -> NAT (ISP CGNAT)
Public IP: 203.0.113.55
   -> Internet

Real-world examples

  • Example 1: Router WAN IP = 100.73.5.22, public IP shown by websites = 84.54.12.9. This strongly indicates CGNAT.
  • Example 2: Router WAN IP = 192.168.100.2(double NAT with another router), public IP matches ISP modem. This isnot CGNAT, it's local double NAT.
  • Example 3: Router WAN IP = 10.15.2.8, public IP differs. This could be CGNAT, but the WAN IP is a private range (RFC1918) - some ISPs use private ranges for CGNAT too.

Quick checklist: are you behind CGNAT?

  • Your router WAN IP is inside 100.64.0.0/10
  • Your public IP (what websites see) is different from the router WAN IP
  • Port forwarding does not work even with correct settings

How to tell if you are behind CGNAT

If your router's "WAN/Internet IP" is in 100.64.0.0/10, you are almost certainly behind CGNAT. Your devices still use private IPs internally, but your router itself is also behind another layer of NAT at the ISP.

You can compare your router WAN IP with the public IP shown by our IP Address Lookup. If they differ and your router WAN IP is in 100.64.0.0/10, CGNAT is the likely cause.

Related terms: CGNAT, ASN, and NAT.

Common problems with CGNAT

  • Port forwarding often does not work
  • Self-hosted servers and game hosting can be blocked
  • Some services detect shared IPs as higher risk
  • IP reputation can be affected by other users

Does CGNAT affect geolocation or abuse reports?

It can. A shared public IP means multiple customers appear as the same address. Abuse, rate-limits, or geolocation decisions can be influenced by other users behind the same CGNAT gateway.

What can you do if you need a public IP?

  • Ask your ISP for a static public IPv4 (often paid)
  • Ask for a dynamic public IPv4 (sometimes available on request)
  • Use IPv6 if your ISP supports it
  • Use a VPN with port forwarding if allowed

FAQ

Is CGNAT the same as private IP ranges?

No. CGNAT uses the special shared space 100.64.0.0/10. Private IP ranges are RFC1918 (10.x, 172.16-31.x, 192.168.x).

Can I host a game server behind CGNAT?

Usually not without a workaround. You may need a public IP, IPv6, or a VPN that supports port forwarding.

Does CGNAT slow my internet?

Not necessarily. It mainly affects inbound connections and sometimes reputation/abuse systems, not raw speed.

IPv6 and CGNAT

CGNAT only exists because IPv4 addresses are scarce. If your ISP offers IPv6, you may get a globally routable address without NAT, which makes hosting and inbound access easier (with proper firewall rules).

CGNAT vs private IP ranges

CGNAT is different from private ranges. Private IPs live inside your home or office network. CGNAT is the ISP's shared space between your router and the public internet. Learn more in Reserved IP Address Blocks.

Conclusion

The CGNAT range (100.64.0.0/10) is normal for many ISPs today. It helps keep IPv4 running, but it can limit inbound connections and port forwarding. If you need a true public IP, talk to your ISP or use IPv6/VPN options that fit your setup.

Next: read ASN in networking explained or review reserved IP address blocks.

Keep exploring

Reverse DNS (PTR) LookupIP & DNS Glossary
PreviousReserved IP Address Blocks ExplainedNextWhat is a Proxy Server?

Related reading

Reserved IP Address Blocks Explained8 min read - January 9, 2026What is a DNSBL?6 min read - January 9, 2026What is Tor?6 min read - January 9, 2026Are Free Proxies Safe?6 min read - January 9, 2026What is a Proxy Server?7 min read - January 9, 2026Improve Your Privacy by Reducing Google Tracking9 min read - January 9, 2026