Why does IP regex need numeric range groups?

A simple \d{1,3} would match 999, which is not a valid octet. The range groups 25[0-5], 2[0-4]\d, and [01]?\d\d? together cover exactly 0–255.

How do I validate IPv6 addresses?

IPv6 has a more complex structure with optional abbreviations (::). For production use, consider a dedicated IP address validation library rather than regex.

Does this pattern match CIDR notation like 192.168.0.0/24?

No. To match CIDR notation, append an optional group like (\/([12]?\d|3[0-2]))? to the end of the IPv4 pattern.

Regex Pattern for IP Addresses

IP address validation looks deceptively simple until you try to write the regex. The naive approach of matching four groups of one to three digits separated by dots (\d{1,3}\.){3}\d{1,3} passes 999.999.999.999 as valid, which is obviously wrong. Each octet must be an integer in the range 0–255, and enforcing that numeric range in regex requires a careful pattern that handles three distinct sub-ranges. The pattern in this example works by matching three valid octet range alternatives: 25[0-5] matches 250–255, 2[0-4]\d matches 200–249, and [01]?\d\d? matches 0–199. These three alternatives together cover exactly the valid range 0–255 with no gaps or overlaps. The pattern anchors with ^ and $ to ensure the entire string is an IP address, not just containing one. Test cases in this example cover: a typical private network address (192.168.1.1), the all-zeros address used for "any interface" (0.0.0.0), the all-ones broadcast address (255.255.255.255), an invalid first octet of 256, a four-octet address with only three octets (missing the last segment), and obviously invalid strings. Leading zeros are an important edge case: some systems treat 010.0.0.1 as octal notation (interpreting 010 as 8 in decimal), while others treat it as 10.0.0.1. The pattern in this example accepts addresses with leading zeros, but you may want to explicitly reject them with [01]?[0-9]\d? instead if your system uses octal notation. IPv6 validation is significantly more complex because the address uses hexadecimal groups separated by colons, allows compressed :: notation for consecutive zero groups, and has several valid representations of the same address. For production IPv6 validation, a dedicated library is strongly recommended over a custom regex. Real-world scenarios: validating IP addresses in server configuration forms before saving to prevent misconfigured network rules; parsing server log files to extract unique visitor IPs for analytics; implementing an IP allow-list feature where users enter trusted IP addresses for two-factor authentication bypass. Tips: CIDR notation (192.168.0.0/24) is not matched by this pattern. To support it, add (\/([12]?\d|3[0-2]))? at the end of the IPv4 pattern for subnet masks from /0 to /32.

Example

/^((25[0-5]|2[0-4]d|[01]?dd?).){3}(25[0-5]|2[0-4]d|[01]?dd?)$/

# Test cases:
192.168.1.1
10.0.0.0
255.255.255.255
256.0.0.1
192.168.1
999.999.999.999
0.0.0.0

[ open in Regex Tester → ]

FAQ

Why does IP regex need numeric range groups?: A simple \d{1,3} would match 999, which is not a valid octet. The range groups 25[0-5], 2[0-4]\d, and [01]?\d\d? together cover exactly 0–255.
How do I validate IPv6 addresses?: IPv6 has a more complex structure with optional abbreviations (::). For production use, consider a dedicated IP address validation library rather than regex.
Does this pattern match CIDR notation like 192.168.0.0/24?: No. To match CIDR notation, append an optional group like (\/([12]?\d|3[0-2]))? to the end of the IPv4 pattern.

Related Examples

Regex Pattern for URL Matching

URL matching regex is needed in a surprising variety of situations: extracting l...

Regex Pattern for Hex Colors

Hex color codes are ubiquitous in web development — they appear in CSS styleshee...

Regex Pattern for Date Formats

Date format validation is a two-step problem that developers often try to solve ...