A local address is an address that’s in the same network that you are.
A foreign address is an address that’s not in the same network that you are.
A public address is an address that can be used on the public Internet, as opposed to only within an internal network, which is called a private address.
Okay, so let’s start with that last one: What is a private address? Well, RFC-1918 defines 3 network ranges that cannot be used on the public Internet. These are:
- 10.*.*.(aka 10.0.0.0/8)
- 172.16–31.*.(aka 172.16.0.0/12)
- 192.168.*.(aka 192.168.0.0/16)
(where means any legitimate IP address number, between 0 and 255)
These join several other sets of address spaces that cannot be used over the public Internet, but those are for different reasons. (eg. testing, multicast, research, etc.) This means that you will never see these addresses out on the public Internet, but it is very common to see them in use in private networks. You’re probably using one right now. I am. (Right now, my laptop’s IP address is 192.168.9.46. And even if I were a total paranoid about people knowing my IP address, this wouldn’t matter because they could never reach it unless they were on my wifi network.)
So, now we know what a private address is. Well, a public address is a legitimate address that’s not private or otherwise excluded. So, for example, one of Quora’s public addresses is 22.214.171.124. That’s legitimate because it’s a valid address that’s not in any of the excluded ranges.
Okay, so now let’s move back to private addresses, primarily because it’ll be easier for me to explain it this way. So I’m sitting here on my laptop, with my aforementioned private address. And I want to reach my network printer. Now let’s say that my printer was at 192.168.9.122. How would my computer know how to reach it? Well it does it by looking at my address, and the network mask, which is 255.255.255.0. Without getting into the binary of it, which might be a bit confusing (“bit” – see what I did there?) (Oh, and if you do want an explanation of the binary, just ask.), this mask tells the computer that any address that begins with 192.168.9. is on the same network as I am. In other words, it’s local to me. And since it’s local, my computer can reach it directly, just by sending packets to it. It starts by doing an ARP (Address Resolution Protocol) request, to get the printer’s MAC (Media Access Control) address, which is really the same as its Ethernet address. And then it sends the data to that address. Bam! We’ve got a connection, and I can print!
But… well… I lied. My printer isn’t actually at 192.168.9.122. It’s at 192.168.27.122. So does that mean that I can’t print from my laptop? No. But it does mean that it’s not on my local network. Again, as determined by the network mask. And since it’s not on my local network, my computer can’t send packets directly to it. It has to go through a router.
Now my router has interfaces on both networks. A router’s job is to connect different networks. Depending on the configuration, I could set a specific route so that my computer knows that, in order to reach network X, it has to send its data to router Y. Or I could just use my default router, which is just another way of saying, “If you don’t know where else to send it, send it there.” In this case, I’m going to send it to the default router, which is at 192.168.9.1. So my packet goes to the router, which looks in its own routing table and has several options. If there’s a direct connection to the 27.0 network, it will send it directly to the network interface that’s on that network. If it’s not, and it has a routing table that tells it the address of the next router, it’ll send it there. Otherwise, it’ll send it to its default route. But since, in this case, it’s also connected to the 27.0 network, it’s just going to send it there. And then, bam! It also makes the connection, and I can print. But you see, since that network is not local, it’s “foreign”.