What's the difference between IP address 0.0.0.0 and 127.0.0.1?
I know that 127.0.0.1 ~ 127.255.255.254 are the loopback IP addresses for most modern operating systems, and these IP addresses can be used to refer to our own computer.
But what's 0.0.0.0? It seems it also refers to the local computer, so what's the difference?
And, could you explain the following IP connections for me:
The only thing is that you're not saying "all addresses should have access" -- that's done in your firewall(s) and/or the server software and/or other security layers like tcpwrappers.
0.0.0.0, in this context, means "all IP addresses on the local machine" (in fact probably, "all IPv4 addresses on the local machine"). So, if your webserver machine has two IP addresses, 192.168.1.1 and 10.1.2.1, and you allow a webserver daemon like apache to listen on 0.0.0.0, it will be reachable at both of those IP addresses. But only to what can contact those IP addresses and the web port(s).
Note that, in a different context (routing) 0.0.0.0 usually means the default route (the route to "the rest of" the internet, aside from routes in your local network etc.).
When a service is listening on 0.0.0.0 this means the service is listening on all the configured network interfaces, when listening on 127.0.0.1 the service is only bound to the loopback interface (only available on the local machine)
The IP address 0.0.0.0
can have very different meanings, depending on where it's used.
- It's not a valid address to be given to an actual network interface, along with any other address in the 0.0.0.0/8 subnet (i.e. any address starting with
0.
). - It can't be used as the source address on any IP packet, unless this happens when a computer still doesn't know its own IP address and it's trying to acquire one (classic example: DHCP).
- If used in a routing table, it identifies the default gateway; a route to 0.0.0.0 is the default one, i.e. the one used when there is not any more specific route available to a destination address.
- Lastly, when seen in the output of the
netstat
command (which is what you asked for), it means that a given socket is listening on all the available IP addresses the computer has; when a computer has more than one IP address, a socket can be bound only to a specific address and port pair, or to a port and all addresses; if you see an IP address there, it means that socket is listening only on that port and that specific address; if you see0.0.0.0
, it means it's listening on that port on all addresses of the machine, including the loopback one (127.0.0.1
).