Feeds

Virtual Africa is the logical target for IP address colonists

The last great global IPv4 stash is up held by the region that might need them the most

Security and trust: The backbone of doing business over the internet

Regrettable incidents like Microsoft's address reassignment are a reminder that IPv4 address exhaustion is becoming so acute it's impacting real operations.

In Microsoft's case, as El Reg reported last week, Redmond occasionally cashes in the jar full of unloved IP addresses it brought back from abroad to find some it can use for virtual machines running on Azure.

Some of the addresses pressed into service appear to have been issued by the Latin American and Caribbean Internet Addresses Registry (LACNIC), which last week admitted it has run out of new IPv4 addresses to assign.

Microsoft's behaviour and LACNIC's plight moved one reader to email us and suggest Redmond may have been in breach of LACNIC's policies, citing this (PDF) document as backing for his argument.

The reader is right in spirit, because the document offers these guidelines for the use of IP addresses handed out by LACNIC:

The numbering resources under the stewardship of LACNIC must be distributed among organizations legally constituted within its service region and mainly serving networks and services operating in this region. External clients connected directly to main infrastructure located in the region are allowed.

Microsoft and others who would use IP addresses handed out by one region in another have plenty of leeway under that policy, and under others. Prominent Australian Internet scientist Geoff Huston told El Reg that while there have been efforts to create a “geographical NIC policy”, “I am unaware that any formal policy of geographic limitation of the use of addresses was ever passed.”

Geography is more a convenience, Huston said, so that people would be “able to obtain addresses in a registry … close to your own timezone and speaking your language.”

In his own zone of expertise, APNIC, Huston says “routing policies are up to ISPs”. APNIC's policies relate “to the process of address allocation, not to the way in which addresses are announced and routed on the Internet”.

Although most NICs have policies that try to restrict an explicit trade in IPv4 addresses, such a trade exists – and this raises an interesting possibility in Vulture South's mind.

Huston's site, Potaroo.net, maintains a long-standing set of tools tracking the state of IPv4, and here we find that there is just one spot where addresses remain in their millions: Africa.

Africa has, in fact, the only NIC with more than one /8 left – it has more than three. That puts its reserve above 50 million addresses.

The chief reason for this is the relatively low development of fixed Internet infrastructure in the continent. In many countries, mobile access is far more common – and Vulture South suspects that mobile 'net users sit behind carrier-grade NAT, because that's (relatively) easy to deploy as part of the gateway between mobile users and the fixed Internet.

Whatever the reason, it would be no surprise if Africa were already being seen as a resource to be mined – not for ore or petroleum, but for IP addresses.

With no specific enforcement of geographical routing announcement, and relatively weak enforcement of no-sell policies everywhere, the Microsoft Azure incident will probably have netblock owners in Africa wondering if they could fund their IPv6 upgrade plans by letting some addresses fly off into the cloud. ®

Beginner's guide to SSL certificates

More from The Register

next story
Brit telcos warn Scots that voting Yes could lead to HEFTY bills
BT and Co: Independence vote likely to mean 'increased costs'
Phones 4u slips into administration after EE cuts ties with Brit mobe retailer
More than 5,500 jobs could be axed if rescue mission fails
New 'Cosmos' browser surfs the net by TXT alone
No data plan? No WiFi? No worries ... except sluggish download speed
Radio hams can encrypt, in emergencies, says Ofcom
Consultation promises new spectrum and hints at relaxed licence conditions
Blockbuster book lays out the first 20 years of the Smartphone Wars
Symbian's David Wood bares all. Not for the faint hearted
Bonking with Apple has POUNDED mobe operators' wallets
... into submission. Weve squeals, ditches payment plans
This flashlight app requires: Your contacts list, identity, access to your camera...
Who us, dodgy? Vast majority of mobile apps fail privacy test
prev story

Whitepapers

Providing a secure and efficient Helpdesk
A single remote control platform for user support is be key to providing an efficient helpdesk. Retain full control over the way in which screen and keystroke data is transmitted.
WIN a very cool portable ZX Spectrum
Win a one-off portable Spectrum built by legendary hardware hacker Ben Heck
Saudi Petroleum chooses Tegile storage solution
A storage solution that addresses company growth and performance for business-critical applications of caseware archive and search along with other key operational systems.
Protecting users from Firesheep and other Sidejacking attacks with SSL
Discussing the vulnerabilities inherent in Wi-Fi networks, and how using TLS/SSL for your entire site will assure security.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.