Some IPv4 /8s have been used to number IP networks in an unofficial and improper way. That is, they have been used without being properly allocated and registered in a public Whois database. In most cases these networks are mostly private, used internally in their organization, and so the addresses are not seen in the Internet’s routing system. The organizations using these addresses have relied on the overall availability of IPv4 addresses so that there was no pressing need to allocate all of the /8s that IANA manages. With the decreasing IANA free pool of unallocated IPv4 addresses, it is now clear that every last one of them will ultimately be allocated to the RIRs.
The networks using these officially unallocated addresses are intended to be private, not visible to the global Internet. Nonetheless, their use can be detected when the private parts of networks connect to their public Internet facing connections, such as the connections to their service providers. The addresses leak in e-mail message headers, DNS queries and other random traffic. In some cases, this unofficial use can cause operational problems.
IANA staff has tried to research which /8s are being used in this way. In 2008 we sponsored research by Duane Wessels into which /8s see the most use. He reported on his research at OARC’s DNS Ops meeting and I wrote about it on this blog. Based on this work, we think the /8s with the most unofficial use are:
1, 2, 5, 14, 23, 39, 42, 100, 101, 107, 175 and 176
Duane Wessels’ research was part of a number of presentations that were part of an awareness campaign we worked on. This included talks at network operator groups and articles in industry journals and in some cases discussions with the users of the unallocated space where we could identify them. While we have discussed the issue with some of these network operators, we haven’t been able to speak directly to everyone making unofficial use of this address space because they tend to do so in private networks.
We know that newly allocated IPv4 /8s can be difficult for assigned users to use at first because old filters which block unallocated addresses are slow to be updated with new allocation information. There might be some extra operational difficulties with these particular /8s if unofficial users of the addresses try to communicate with the newly assigned official users of the same addresses.
The longer-term solution to this problem is for network operators to switch to IPv6 and to stop using the unallocated blocks entirely.
Over the next two years we will continue to allocate from these /8s when making allocations to the RIRs. The RIRs use about one /8 per month and so over the next couple of years we know that all of these /8s will be allocated.