Your phone has two IP addresses: a private one on your home Wi-Fi (probably 192.168.something), and a public one the internet sees. Both are real, both belong to your phone, and your router quietly translates between them every time you load a page.
The split, in one sentence
Private IPs are reserved ranges that work only inside a local network; public IPs are globally routable on the internet. NAT (Network Address Translation) is the trick that lets a whole houseful of private-IP devices share one public IP at the front door.
The three private ranges (RFC 1918)
- 10.0.0.0/8 — 16,777,216 addresses. Common in enterprises, AWS VPCs, larger home setups.
- 172.16.0.0/12 — 1,048,576 addresses. Less common at home; popular in Docker default networks.
- 192.168.0.0/16 — 65,536 addresses. The default for almost every consumer router.
192.168.1.xand192.168.0.xare the most common subranges.
How NAT translates
Your phone (private 192.168.1.42) opens a connection to a website. The packet leaves your phone with source 192.168.1.42; your router rewrites the source to its public IP before sending it out. When the response comes back to the public IP, the router remembers which device started the conversation and forwards the response to the right private address. That whole dance is NAT.
What does the rest of the internet see when you connect? One click reveals it.
CGNAT — when even your “public” IP is shared
Some ISPs give you an address in 100.64.0.0/10 (RFC 6598, Carrier-Grade NAT). Your router thinks it has a public IP, but it’s really sitting behind another layer of the ISP’s NAT. Multiple customers share one true public address. Symptom: you can’t port-forward to host a server from home — the ISP’s NAT drops inbound traffic.
The takeaway
When a website asks for “your IP,” it means the public one. When you configure a printer or NAS, you almost always want the private one. The two are not interchangeable, and confusing them is the source of about half of all home-network headaches.