A range block is a block which includes multiple IPs within a single block.
Why use a range block?
Range blocks should be employed when a large amount of vandalism has been coming from a specific range of IP addresses, which usually signifies that a single vandal has access to multiple IPs, such as is the case with a college network, a dynamically addressed ISP, or an IPv6 network.
How do I issue a range block?
A step by step guide is below.
Why should I not issue a range block?
If you have any doubt about whether you are blocking the correct range, or whether a range block is needed, it is better to ask first and block later.
I need more help...this is complicated.
The MediaWiki page goes into more detail than this one, or phone a friend.
The Process
Step by step instructions on range blocking.
Establish the range.
The first step is to decide what range of IPs need to be blocked. This is done through a variety of methods, but the easiest one is to recognize that a persistent vandal always seems to be coming from IPs which are related, like 192.168.0.8 one day and 192.168.0.42 the next. If this is the case, a range block is probably in order. Do a WHOIS on the IP, and it will tell you the range.
Formulate the block.
Once the range has been determined, formulate the block based on the range. The chart at the bottom of this page may be of use in this. Two common ranges to block are /24 and /16, 192.168.0.* and 192.168.*.* respectively.
Block the range.
A range block uses the same mechanism as a normal block, only with a range parameter appended to it in the form /# where the number is the size of the network part of the range. 192.168.0.1/24 blocks 192.168.0.0 through 192.168.0.255, as an example.
Contact the ISP.
If an entire range of IPs require blocking, it is because one user, or a small group of users have been persistently disruptive, and it is in the interests of all Wikimedia projects to let the ISP know that one of their clients has been behaving inappropriately on Wiktionary. See Abuse reports for more information on this.
The Internet protocol is the set of rules that devices follow to communicate over the internet. Under these rules, every place on the internet has a unique address, seen by the hardware as a string of 1s and 0s, but referred to by humans as strings of numbers.
This internet protocol address is what is referred to here as an IP.
IPv4 and IPv6
Under version 4 (IPv4 for short) of the internet protocol, all IPs were 32 bits long, which allows for 232=4,294,967,296 possible addresses. This turned out to not be enough, so 128-bit addresses were added in version 6 (IPv6). Both IPv4 addresses and IPv6 address are currently in use.
IPv4 addresses are typically shown as 4 decimal numbers ranging from 0-255 (representing 8 bits each), separated by periods/full stops.
Example: 192.168.63.255.
IPv6 addresses are shown as 8 hexadecimal numbers ranging from 0-FFFF (4 digits representing 4 bits/0-16 each, for a total of 16 bits/0-65536), separated by colons. Leading zeros are usually omitted, with 0000 omitted entirely.
Example: 2600:1:235:67:89A:::CDEF
Hexadecimal Digits
Hexadecimal
0
1
2
3
Decimal
0
1
2
3
Binary
0 0 0 0
0 0 0 1
0 0 1 0
0 0 1 1
Hexadecimal
4
5
6
7
Decimal
4
5
6
7
Binary
0 1 0 0
0 1 0 1
0 1 1 0
0 1 1 1
Hexadecimal
8
9
A
B
Decimal
8
9
10
11
Binary
1 0 0 0
1 0 0 1
1 0 1 0
1 0 1 1
Hexadecimal
C
D
E
F
Decimal
12
13
14
15
Binary
1 1 0 0
1 1 0 1
1 1 1 0
1 1 1 1
What is an IP Range?
The internet uses Classless Inter-Domain Routing, which divides addresses into a fixed prefix on the left and a variable identifier on the right.
An IP range is the group of all IPs that share the same CIDR prefix.
CIDR ranges are generally shown as an IP within the range (in the usual format), followed by a slash and the width of the prefix in bits. Since a range includes all possible values of the identifier, that part of the IP is basically ignored (you often see it as zeros in logs).
Remember that the number after the slash is an exponent: -1 doubles the number of IPs covered, -2 quadruples, etc.
What is the significance of IP Ranges?
Most IPs are allocated to Internet Service Providers, which then assign them to individual devices when the devices use the ISP to connect to the internet, or to other organizations which serve a similar function for the devices on their own networks. These IPs are allocated in large blocks, which the ISPs/organizations typically assign in smaller blocks to different parts of their networks, or to larger customers who have networks of their own. These blocks of IPs are mostly organized numerically, so a given block will be all within a given CIDR range.
That means that IP editors are usually limited by their ISP to a relatively small CIDR range, and you can prevent them from editing by blocking just that range.
More detailed charts
Ranges, significant bits, and number of addresses blocked (IPv4).
Range
# of IPs
Significant bits
example addresses
/32
this blocks just one address, so leave off the /32 and block as normal.
/31
2
11000000.10101000.00000000.00000001
192.168.0.0 - 192.168.0.1
/30
4
11000000.10101000.00000000.00000001
192.168.0.0 - 192.168.0.3
/28
16
11000000.10101000.00000000.00000001
192.168.0.0 - 192.168.0.15
/26
64
11000000.10101000.00000000.00000001
192.168.0.0 - 192.168.0.63
/24
256
11000000.10101000.00000000.00000001
192.168.0.0 - 192.168.0.255
/22
1024
11000000.10101000.00000000.00000001
192.168.0.0 - 192.168.3.255
/20
4096
11000000.10101000.00000000.00000001
192.168.0.0 - 192.168.15.255
/18
16,384
11000000.10101000.00000000.00000001
192.168.0.0 - 192.168.63.255
/16
65,536
11000000.10101000.00000000.00000001
192.168.0.0 - 192.168.255.255
blocks of /15-/0 are not allowed on Wikimedia projects, for blocks this large multiple blocks must be used.
