Feeds

Virtual Africa is the logical target for IP address colonists

The last great global IPv4 stash is up held by the region that might need them the most

Beginner's guide to SSL certificates

Regrettable incidents like Microsoft's address reassignment are a reminder that IPv4 address exhaustion is becoming so acute it's impacting real operations.

In Microsoft's case, as El Reg reported last week, Redmond occasionally cashes in the jar full of unloved IP addresses it brought back from abroad to find some it can use for virtual machines running on Azure.

Some of the addresses pressed into service appear to have been issued by the Latin American and Caribbean Internet Addresses Registry (LACNIC), which last week admitted it has run out of new IPv4 addresses to assign.

Microsoft's behaviour and LACNIC's plight moved one reader to email us and suggest Redmond may have been in breach of LACNIC's policies, citing this (PDF) document as backing for his argument.

The reader is right in spirit, because the document offers these guidelines for the use of IP addresses handed out by LACNIC:

The numbering resources under the stewardship of LACNIC must be distributed among organizations legally constituted within its service region and mainly serving networks and services operating in this region. External clients connected directly to main infrastructure located in the region are allowed.

Microsoft and others who would use IP addresses handed out by one region in another have plenty of leeway under that policy, and under others. Prominent Australian Internet scientist Geoff Huston told El Reg that while there have been efforts to create a “geographical NIC policy”, “I am unaware that any formal policy of geographic limitation of the use of addresses was ever passed.”

Geography is more a convenience, Huston said, so that people would be “able to obtain addresses in a registry … close to your own timezone and speaking your language.”

In his own zone of expertise, APNIC, Huston says “routing policies are up to ISPs”. APNIC's policies relate “to the process of address allocation, not to the way in which addresses are announced and routed on the Internet”.

Although most NICs have policies that try to restrict an explicit trade in IPv4 addresses, such a trade exists – and this raises an interesting possibility in Vulture South's mind.

Huston's site, Potaroo.net, maintains a long-standing set of tools tracking the state of IPv4, and here we find that there is just one spot where addresses remain in their millions: Africa.

Africa has, in fact, the only NIC with more than one /8 left – it has more than three. That puts its reserve above 50 million addresses.

The chief reason for this is the relatively low development of fixed Internet infrastructure in the continent. In many countries, mobile access is far more common – and Vulture South suspects that mobile 'net users sit behind carrier-grade NAT, because that's (relatively) easy to deploy as part of the gateway between mobile users and the fixed Internet.

Whatever the reason, it would be no surprise if Africa were already being seen as a resource to be mined – not for ore or petroleum, but for IP addresses.

With no specific enforcement of geographical routing announcement, and relatively weak enforcement of no-sell policies everywhere, the Microsoft Azure incident will probably have netblock owners in Africa wondering if they could fund their IPv6 upgrade plans by letting some addresses fly off into the cloud. ®

Security for virtualized datacentres

More from The Register

next story
You! AT&T! The only thing 'unlimited' about you is your CHEEK, growl feds
Man, we did everything but knock on their doors - carrier
The DRUGSTORES DON'T WORK, CVS makes IT WORSE ... for Apple Pay
Goog Wallet apparently also spurned in NFC lockdown
Watch out, Samsung and Apple: Xiaomi's No 3 in smartphones now
From obscurity to selling 19 million mobes a quarter
Brazil greenlights $200m internet cable to Europe in bid to outfox NSA
Only one problem: it won't make the slightest difference. And they know it
Wanna hop carriers with your iPad's Apple SIM? AVOID AT&T
Unless you want your network-swapping tech disabled for good, that is
Knocking Knox: Samsung DENIES vuln claims, says mysterious blogger is a JOKER
But YES, system does store encryption key on the device
prev story

Whitepapers

Why and how to choose the right cloud vendor
The benefits of cloud-based storage in your processes. Eliminate onsite, disk-based backup and archiving in favor of cloud-based data protection.
A strategic approach to identity relationship management
ForgeRock commissioned Forrester to evaluate companies’ IAM practices and requirements when it comes to customer-facing scenarios versus employee-facing ones.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
New hybrid storage solutions
Tackling data challenges through emerging hybrid storage solutions that enable optimum database performance whilst managing costs and increasingly large data stores.
The Heartbleed Bug: how to protect your business with Symantec
What happens when the next Heartbleed (or worse) comes along, and what can you do to weather another chapter in an all-too-familiar string of debilitating attacks?