Internet Performance Delivered right to your inbox

For Sale: Clean, Lightly Used IP Address?

An open market for buying and selling IPv4 Addresses is coming. Soon.
As I wrote previously, IANA is running out of unallocated IPv4 addresses. Estimates vary, but by 2010 (or 2012 at the latest) the world will be out of unallocated IPv4 addresses.

Sometimes it is hard for the general public to understand what this might mean. Essentially, after 2010 or so, if you want to start a new company and get connected to the Internet or just are growing and have more devices that need to have IP addresses, things won’t be the same as they are now. Right now what happens is that you go to ARIN, if you’re in North America and document your need for IP addresses, you pay a modest administrative fee, and then they allocate them to you. If you grow and you need more, you document how you’ve used up the ones that you have, and they give you more of them.

All of this assumes that you want your own IP addresses that are not tied to any particular provider (this is an important point that we’ll get back to). But even if you get your IP addresses from some provider, they have to get them from somewhere. If you want to be reachable from the Internet, you need an IP address—an IPv4 IP address in particular. And very shortly those are going to get much harder to get.

So let’s talk about what happens after the IPv4 addresses are all “used up.”

Once you can no longer just go get “new, never before used” IP addresses, you will have just a few options

  1. Stop growing (but growing is what keeps us alive)
  2. Assign private IP addresses(RFC1918) and use lots of NAT. This works reasonably well for consumer access systems, but terribly for hosting and most business uses and violates the end-to-end principle.
  3. Use IPv6 (but it’s not very useful if you actually wanted to be on the Internet rather than some other network). This is roughly equivalent to using lots of NAT.
  4. Buy a company that has IP addresses (huge transactional cost for marginal value)
  5. Buy IP addresses on the black market

Of those options #5 looks like the best/cheapest/most effective for many uses. Private addresses, option #2, are completely reasonable for lots of uses. But it does not provide addresses that are directly reachable from the Internet. It’s nice to think about #3, using IPv6. One day, perhaps, there will be scalable ways to get to the Internet from IPv6-addressed computers and there will be a tiny bit of actual content on the IPv6 Internet to get to natively. But until then, most people will want to put their eggs in the actual Internet basket. Of the remaining options, #1 is a non-starter for businesses and #4 is expensive and complicated. So then most people will want to buy some lightly used IPv4 addresses—the kind that an elderly woman only used for checking email once a week on Sundays.

The three major downsides of buying IP addresses are:

  1. Buying address blocks is a violation of the terms of service of every Regional Internet Registry (RIR) at the moment
  2. It is difficult to determine whether the person offering an address block has a right to sell it
  3. It is extremely difficult to determine just what condition the address block is in.

So RIPE and ARIN are trying to fix #1 above. They are trying to approve policies that will allow a sensible market for IPv4 address trading that is still subject to some oversight from the existing IP address management infrastructure that we have. In essence, they’re trying to stay relevant once they’ve given out everything valuable they have to give out.

But #2 and #3 are more interesting. These are essentially “title search” and “home inspection,” to use the analogy to the house-purchasing process. When someone buys the right to use some IP addresses, they will want to know the ownership and use history of those addresses. In particular, they will want to know who has “owned” (been allocated) the IP address, to whom else it has been sub-allocated (customers who may have used it), and what they have been using it for.

The reason for this is simple: if an address block has been used by disreputable parties for disreputable purposes, it will find itself in blacklists around the Internet. People like Spamhaus may have the addresses listed on one of their known spamming lists, or worse yet, on the DROP—Don’t Route or Peer list. There may be other, less obvious, ways to indicate that an address block has been used for nefarious purposes. These include looking at the origination and transit history for the prefix to see if it has routinely been located in known bad “neighborhoods” on the Internet. In any of these cases, the addresses are dramatically less valuable than a fresh prefix would be.

The RIRs can provide some basic titling information for IP address allocations but they are not really set up to provide more information about who, historically, has routed a particular prefix and what they have done with it. Without a service like this, it’s hard to see how a transparent and fair market for IPv4 addresses will develop. Everyone offering an address block will be like a used car salesguy, trying to hide the Katrina mud under the carpets of a poorly-refurbished junker.

And there’s an important distinction that was alluded to previously: There is a huge difference between an IP address that can only be used with a single provider and one that is owned by the end-user and can be announced as a globally routable and portable prefix. Control (almost “ownership”) of the prefix conveys huge advantages to the end user—these are advantages in price-negotiation with providers, control, administrative overhead (not having to ever re-number), etc. These prefixes are clearly going to be valuable in any market for IP addresses, because they have real-world value to end-users. Once they can no longer be obtained from the RIRs, companies will be willing to buy them wherever they can.

It will be extremely interesting to see how this market develops and how the associated information services (“title search” and “prefix inspection”) develop. My colleague Jim Cowie has developed some very interesting (and in-house, for the moment) data products to look at the historical behavior of prefixes and the implication of that behavior for future use. It will be interesting to see if those data products turn out to be useful in this, or related, applications.

Share Now

Whois: Dyn Guest Blogs

Oracle Dyn is a pioneer in managed DNS and a leader in cloud-based infrastructure that connects users with digital content and experiences across a global internet.

To current Dyn Customers and visitors considering our Dynamic DNS product: Oracle acquired Dyn and its subsidiaries in November 2016. After June 29th, 2020, visitors to will be redirected here where you can still access your current Dyn service and purchase or start a trial of Dynamic DNS. Support for your service will continue to be available at its current site here. Sincerely, Oracle Dyn