As we run out of IPv4 address space, is it time to create an exchange for trading unused address blocks? Ars contributors Iljitsch van Beijnum and Timothy Lee tackle the issue. In this article, Tim explains why this is the way to go. You can read Iljitsch's take here.
Officially, the world ran out of IPv4 addresses earlier this year, when a final batch of addresses was divided among the five Regional Internet Registries. The authorities hope that declaring the IPv4 cupboards bare will push expanding networks into making the leap to IPv6, which has a 128-bit address space that's unlikely to ever be exhausted.
But the IPv6 transition is happening slowly, and expanding networks need more IPv4 addresses now. This need is especially acute in Asia, where rapidly growing economies and huge populations have created demand for tens of millions of new addresses each year.
Fortunately, the exhaustion of IPv4 addresses is greatly exaggerated. There are still a lot of unused and underused IP addresses in the hands of various private organizations. All that is needed is an incentive for them to part with their unused addresses voluntarily. In other words, what's needed is a market in IP addresses.
Three sizes fit all
In the early days of the Internet, blocks of IP addresses were available in only three sizes. There were "class A" blocks containing 16 million IP addresses, "class B" blocks containing 65 thousand addresses, and "class C" blocks containing 256 addresses. That meant an organization that needed 400 IP addresses often got tens of thousands of free IP addresses it didn't need.
And some organizations got even more. Ford, Merck, Xerox, Halliburton, and nearly a dozen other companies not primarily in the networking business were each given a Class A block of 16 million addresses. MIT also got a Class A block, and the UK government got two of them. The US government claimed about a dozen Class A blocks, giving it control of nearly 200 million addresses—more IP addresses than all of Latin America has today.
As people realized that the supply of addresses wouldn't last forever, a switch was made to a "classless" system that could allocate address blocks in any size that was a power of two. Under the new scheme, an organization needing 400 addresses would get a block of 512 addresses rather than 65 thousand.
But the Internet Assigned Numbers Authority, the organization that oversees the allocation of IP addresses, hasn't tried to reclaim the large blocks that were granted in the Internet's early years. Indeed, it's not clear it has the authority to do so. So Xerox, Ford, and MIT still have millions of addresses they almost certainly don't need.
IPs for sale
Obviously, Ford is unlikely to relinquish its IP addresses out of the goodness of its heart. Even if the company were confident that it would never need them and couldn't sell them, the renumbering process would be a headache. For example, the company would need to audit all of its firewalls to check for hard-coded addresses. But Ford probably would be willing to renumber its network and relinquish its unused addresses for the right price.
The obvious solution is for networks that need more IP addresses to buy them from organizations that have more than they need. Indeed, this process has already started. Earlier this year, Microsoft paid $7.5 million for two-thirds of a million IP addresses that were previously held by a bankrupt Nortel, suggesting that the going rate for an IP address is around $10.
A market in IP addresses will significantly extend the useful life of the IPv4 address space. Rising prices encourage firms to economize, and this principle applies to IP addresses as much as to any other scarce resource. So far, firms have been using IP addresses wastefully because they've been able to get new ones for free. Now that's no longer true, and firms will have to think harder about whether they're using their supply of IP addresses efficiently.
So what's the problem? The American Registry for Internet Numbers, the non-profit organization that has traditionally handed out IP addresses to North American ISPs, has resisted the emergence of a market for IP addresses—at least one it doesn't control. The organization insists that IP addresses are not property and that address blocks can only be transferred with its approval. ARIN's policy is to only approve transfers to organizations that ARIN believes "need" the IP addresses. ARIN president John Curran tells Ars that ARIN's policies were "developed by the Internet community."
The Nortel sale nominally occurred under the auspices of ARIN, but as Milton Mueller points out, ARIN seems to have signed on at the last minute as a face-saving measure. The parties to the transaction don't appear to have undergone the vetting process required by ARIN's specified transfer policy, and there's no evidence that ARIN conducted an assessment of whether Microsoft "needed" the addresses.
Indeed, the sale makes clear that, despite ARIN's protests to the contrary, IP address assignments are de facto property rights. ARIN's website states that ARIN "will not reclaim unutilized address space from legacy holders who sign this RSA, nor will ARIN attempt to take away legacy resources from organizations who choose not to sign it." In other words, legacy address holders (e.g. those who got IP address assignments under the pre-ICANN system) are entitled to keep their IP addresses for as long as they want. And the Nortel transaction suggests they're free to transfer them to whomever they choose, regardless of a needs assessment by ARIN. That sounds a lot like property rights.
In July, ARIN board member Paul Vixie penned an op-ed for ACM complaining about companies seeking to create private alternatives to ARIN's official whois database. The piece seems to have been a thinly veiled attack on the company that brokered the Nortel/Microsoft deal. Vixie is right that it would be bad to have multiple whois databases with conflicting information in them. But the solution isn't to give ARIN the power to block transactions it doesn't approve of. It's for ARIN to take on the more limited role of faithfully recording transactions that take place, regardless of who brokers them. In other words, ARIN should support a open market in IP addresses rather than trying to maintain control over the allocation of IP addresses.
The threat of fragmentation
Critics of IP address markets raise three major objections. First, they worry that IP address trading will lead to a fragmentation of the IP address space, cluttering up routing tables. If organizations can easily sell off unused IP addresses, they might be tempted to break up a single large address block into several smaller blocks and sell off the pieces they don't need. If that happened too often, it would strain the capacity of routers in the Internet's core.
This is a legitimate worry, and registries can play a valuable role in combatting this kind of unnecessary fragmentation of the address space. But if the problem is the fragmentation of the address space, then registries should focus on that problem. In particular, they should automatically approve any transfer of an intact IP block from one party to another, without inquiring about whether the recipient "needs" the addresses.
More to the point, if a liquid market for IP blocks existed, it would become much easier to match organizations to IP address blocks that met their needs. A growing organization should trade in its existing small block for a larger one rather than trying to hold several non-contiguous blocks. And an organization looking to downsize should trade in its large block for smaller ones rather than breaking up their existing blocks into smaller pieces. Bureaucratic restrictions on transferring IP address blocks make it harder to perform these kinds of mutually beneficial transactions.
Opponents also worry that the emergence of a market for IPv4 addresses would reduce the urgency of the IPv6 transition. That's probably true, but it's not a reason to oppose it. If people can get more mileage out of the existing IPv4 address space, registrars shouldn't stand in their way. People are still free to switch to IPv6 at any time.
Are IP address markets unfair?
Critics of selling IP addresses on the open market worry about the egalitarian implications of asking relatively poor countries like India to pay millions of dollars to rich countries like the United States for additional IP addresses. But this objection gets the issue precisely backwards. Obviously, it would be nice if Indian ISPs could take a time machine back to 1993 and ask Jon Postel to reserve a larger share of the millions of IP addresses he was doling out back then. But that ship has sailed. Nothing the IANA does now is going to get Indian ISPs millions of new IP addresses for free.
So the alternative to Indian ISPs paying Westerners for IP addresses isn't that they get them for free. It's that they don't get them at all. No one is arguing that Indian ISPs should be forced to buy IPv4 addresses. If they can go straight to IPv6, more power to them. But it would be paternalistic to try to block Indians from buying IPv4 addresses if they think that's in their interest.
A market for IPv4 addresses is coming with or without the assistance of the official registries. The economic forces are too strong to resist. If the registries embrace the trend now, they can build the infrastructure needed for an orderly transition to a market-based regime. On the other hand, if they fight the trend, it will simply push the transactions underground, rendering the official whois database useless. In the long run, it may also render the registries themselves irrelevant, as their functions are taken over by private firms that are willing to merely record transfers rather than trying to control them.
Listing image by Photo illustration by Aurich Lawson
reader comments
100