Http traffic using 127.0.0.1 or LAN IPv4 IP

Question

Having two services exposed on the same machine, do my connections go to the router and back to my machine if I'm using my internal LAN IPv4 address?

If yes, Is it possible to prevent this by using 127.0.0.1?

Services are ALWAYS on the same machine and IPv4 address does not change in time. Services are exposed on a UNIX or windows machine without knowledge

Answer 1

No, the connections do not go to the router and back.

If the IP address of your machine is 10.1.2.3, and you are opening a connection to 10.1.2.3 from that machine the connection is handled internally and never leaves your machine.

Esa Jokinen is correct, that the loopback interface is meant exactly for this purpose, and not using it has some implications (mostly regarding security), but for practical purposes it does not make any difference if you use 10.1.2.3 or 127.0.0.1.

It's good practice to limit your service to the loopback device if you don't need your service to be accessible from other hosts.

Answer 2

Yes, it is. This feature called local loopback is specially intented for the purpose you describe: it enables the applications on the same machine to communicate with each other.

Not only the 127.0.0.1 but all addresses within 127.0.0.0/8 are Special-Purpose IP Addresses reserved for local loopback. This is currently specified in RFC 8190, 2.2.2, but it dates back to at least RFC 1122, 3.2.1.3 from October 1989:

(g) { 127, <any> }

Internal host loopback address. Addresses of this form MUST NOT appear outside a host.

The local loopback is typically implemented as a virtual network interface on the networking software of your operating system (e.g. lo, lo0 on UNIX or Loopback Pseudo-Interface 1 on Windows); therefore, it doesn't even pass the packets to any network interface controller on the machine.

For completeness, there's also:

• Local loopback for IPv6: ::1/128 (RFC 6890, 2.2.3; RFC 4291, 2.5.3).

  The unicast address 0:0:0:0:0:0:0:1 is called the loopback address.

It may be used by a node to send an IPv6 packet to itself. It must not be assigned to any physical interface.

• Unix sockets works similarly, but entirely within the kernel, using e.g. the filesystem as their namespace: two processes can communicate by opening the same socket ("file").

  The AF_UNIX (also known as AF_LOCAL) socket family is used to

communicate between processes on the same machine efficiently. Traditionally, UNIX domain sockets can be either unnamed, or bound to a filesystem pathname (marked as being of type socket). Linux also supports an abstract namespace which is independent of the filesystem.

• What's the difference between Unix socket and TCP/IP socket? is good reading.
• Using Unix sockets is technically possible but rare with HTTP.