As has been noted again in recent days, some ISPs, vendors and end users have been using previously unallocated IPv4 blocks to address their own networks and devices. When these address blocks become officially allocated or assigned, the prior use can lead to routing problems both for the new holder of the addresses and the person who used them without authorization. This is an unfortunate problem that we have been trying to raise awareness of over the last few years.
In September 2007 I wrote an article about the issue for Cisco’s IP Journal. Over the next few months we conducted some preliminary research into the extent of this usage and presented the preliminary findings at a few network operator meetings.
Once we had a workable method for researching the problem we commissioned Duane Wessels to do a thorough analysis using the DITL data collected by DNS OARC. His research was then presented at the Brooklyn DNS OARC meeting in mid 2008. Obviously, we also shared this research with you on this blog.
At the start of this year, APNIC received 1.0.0.0/8, a block which many network operators have improperly been using for years. Often this use predates the creation of ICANN and is very entrenched. Rather than rushing this address space into use, APNIC staff has been working with other RIRs and network operators to look at the scale of traffic sent to various parts of this /8 and where else it is used on the Internet.
People who have numbered networks using this address block and others that are yet to be allocated will find that they experience connectivity problems and hard to resolve helpdesk calls as a result of this use. Similar problems occur for the legitimate users of the address space. This is the whole point of a single, authoritative allocation registry for IP addresses and other unique identifiers. When resources are simply taken, not assigned, uniqueness is challenged and any protocol that relies on uniqueness can fail.
Of course, the story doesn’t end there. These problems just make it even more clear why it is important for us all to provide services and connect to them over IPv6. IPv6 is so big that there is no justification for using address space that has not been allocated or that has been allocated to someone else. And if you want unique, private addresses then they are available too.
{ 1 trackback }
{ 6 comments }
tesco life insurance 03.24.10 at 6:31 am
ICANN should simply scan and register all the users of those duplicate address and than contact and ask those who do not hold right ownership of address to relinquish it.
Leo Vegoda 03.24.10 at 6:43 am
@tesco When an address range has been used by someone despite not being assigned to them there are no registration data to use to contact the user. The IETF is working on technologies to allow people to validate that a network operator is authorized to use a particular address block on the Internet. However, the majority of usage in these unallocated blocks is on private networks or private internets. That’s a different issue as the addresses are not announced to the Internet but can still cause networking problems.
There isn’t a single, simple solution to this issue.
Daniel Karrenberg 03.25.10 at 10:06 pm
RFC1918 was published 15 years ago. Since then everyone has been on
notice that using non-RFC1918 address space for private purposes is
grossly negligent. Operators who do that cannot expect accomodation by
the rest of the Internet. What this blog describes is nothing new. It
happens all the time when previously unallocated public addresses are
allocated and start to be used. Operators who use public space for
private purposes have to accomodate all the time and they usually do;
some even wait until paying customers start to complain about the
brokenness. Nothing new under the sun. Note again that competent
operators never have this problem to start with.
Operators have been on notice about IPv4 address space run-out for more
than a decade now, incresingly so over the last few years. My father’s
cleaning lady asked me about it the other week! So nothing new and no
reason to panic.
About what to do: IPv6. Those who are not ready will be at a disadvantage
if they want to grow. Those who think that they should invest in having
users share IPv4 addresses will pay the price. Those who invest in a
long-term soloution will have a better product to offer in the long run.
The rest ist friction.
Again: All this is nothing new and every competent ISP has been aware
of it for at least a decade and of course if they are competent they have
a plan.
Daniel
Jim Fleming 03.26.10 at 3:32 am
“RFC1918 was published 15 years ago.”
1. RFCs have no authority with respect to UNIX which pre-dates your reference by decades.
2. It will be interesting to sort out everyone’s fabricated “authority”
and their Multi-Level-Marketing MLM Pyramid schemes.
3. It will also be interesting to study the “Eco-System” and people’s
boundless ability to rewrite history for their pleasure and profit.
Tim Ruiz 03.29.10 at 10:23 am
Leo,
Isn’t IPv6 even more vunerable to this type of abuse (especially when done with full knowledge and intent)? The IPv6 space is so big that such abuse could go undetected for a long period of time, couldn’t it?
It seems that mechanisms to detect/prevent such abuse are even more urgent with wide spread use of IPv6 on the horizon. And with those in place, IPv6 may present opportunities to help resolve other abusive activities.
Tim
Leo Vegoda 03.29.10 at 10:40 am
While IPv6 is much larger it is also much better organized, which means that unexpected Internet route announcements are relatively easily noticed and should not pass the route filters most network operators implement. Of course, the problem was not that the address space was hijacked for use on the Internet but was taken for use on private networks and services. When those networks and services leak traffic or connect to another network that connects to the Internet people experience problems. While IPv6 cannot stop people from taking a random block of space and using it in a private context there is a very large block set aside for private assignments and this reduces the incentive. This block of space both has the property of having statistically unique assignments and plenty of them. The plentiful supply of unique address space for Internet and private use removes most of the incentive to ‘just take a block of unallocated space and cross your fingers’.
Comments on this entry are closed.