'Borrowing' IPv4 netblocks to get around address space exhaustion

May 12, 2010

I recently read a news story speculating that a black market in IPv4 address space would develop as the IPv4 address space became exhausted (which is allegedly happening fairly rapidly). In reading the story, it struck me that we could see an even more interesting and evil trick used by sufficiently desperate and underhanded organizations: just borrowing unrouted netblocks.

The trick goes like this. First, find a suitably sized netblock that is allocated but appears unrouted; then, find yourself a compliant ISP and get them to 'accidentally' announce and route the netblock for you. Who is really going to notice? And if they do, your ISP can always claim that it was an accident, since people screw up routing announcements all the time anyways. You'll have to get a new netblock (or a new ISP or both), but this is better than not being on the Internet at all.

(See, for example, the Renesys blog, which has covered various hair-raising accidents. Sadly, this sort of netblock hijacking is already routine technology; the trick is used by spammers to completely hide their tracks.)

Whether this is a viable trick depends on how much allocated but unused network space there is. My impression is that there is a fair amount of network space that various organizations got back in the early and mid 1990s (when the rules were much easier) that are not actually in use on the public Internet, either because the organization is now defunct or because people are sitting on the allocated address space in case they need it later.

(After all, IPv4 address space is getting scarcer and scarcer; if you were smart enough to get a /24 for yourself back in 1990, would you let it go? My understanding is that ARIN has no way to claw back such old legacy allocations, although I may be wrong by now.)

Would this ever get done for real? I honestly don't know. I'd like to think that it wouldn't, but at the same time if the IPv4 address space does get exhausted, there are going to be some desperate people. Sooner or later there will be startups and small companies that care less about doing it right than doing it at all.

Comments on this page:

From at 2010-05-13 09:10:20:

So how much do you think the defunct Nortel's 47.* address space is worth? Is it up for auction like the last few parts of Nortel?

By cks at 2010-05-13 11:46:56:

As I understand it, ARIN's official view is that its IP address space allocations cannot be bought, sold, or traded; the only way to acquire one with money is to buy a company outright. So at least in theory, Nortel's 47.* address is probably not up for auction.

(In practice, I expect that it totally is through some clever dodge that ARIN will allow.)

I can see why ARIN and the regional IP address space registrars have this policy. I don't know whether or not it's a good one overall; I'm sure that there's been lots of things written on both sides of the debate.

Written on 12 May 2010.
« Retrospectives are uncommon
Python exceptions for C programmers »

Page tools: View Source, View Normal, Add Comment.
Login: Password:
Atom Syndication: Recent Comments.

Last modified: Wed May 12 02:29:09 2010
This dinky wiki is brought to you by the Insane Hackers Guild, Python sub-branch.