- NTIA & Fed Activity
- Root Servers
- - .us
- - -.kids.us
- - .gov
- - .edu
- - .mil
- - .xxx
- IP Numbers
- - IPv6
- AntiCybersquatter Consumer Protection Act
- Gripe Sites
- Truth in Domain Names
- IP Numbers
- IANA and the Regional Internet Registries
- Intersection of IP Numbers and Telephone Numbers
- Trap and Trace; Pen Register
- IP Numbers as Personal Identifiers
- IP Numbers as Property
- Network Neutrality, Privacy, and Telecom Service
- VoIP, Access to Numbering Resource, Number Portability, and Interconnection
- IP Numbers as Property
- IP Numbers as personal identifiers
IP Number Under the current Internet Protocol system, each machine connected to an Internet Protocol ("IP") network is addressed using a 32 bit number, the IP address. these addresses are usually written in "dotted quad" notation, as a series of four 8 bit numbers, written in decimal and separated by periods. for example, an IP address might appear as 126.96.36.199. Many machines have more than one IP address. For example, a machine hosting multiple websites often has an IP address for each website it hosts. Other times, a pool of IP addresses is shared between a number of machines e.g. on a dynamic IP dialup connection such as the Prodigy Internet Service, a subscriber's machine will be allocated a different IP address each time the subscriber connects. -- British Telecom v. Prodigy, OO Civ 9451, Memorandum and Order Granting Summary Judgment (SDNY August 22, 2002) (citations omitted).
Johnson v. Microsoft Corp. U.S. District Court for the Western District of Washington 2009 ("An IP address is a four-part number that enables e-mails, pictures, and other data to be transmitted via the Internet to a particular computer. United States v. Heckenkamp, 482 F.3d 1142, 1144 n.1 (9th Cir. 2007). When a person uses a computer to accesses the Internet, the computer is assigned an IP address by the user’s Internet service provider. United States v. Steiger, 318 F.3d 1039, 1042 (11th Cir. 2003).")
Derived From: GAO, Internet Protocol version 6, Federal Agencies Need to Plan for Transition and Manage Security Risks (May 2005)The two basic functions of IP include (1) addressing and (2) fragmentation of data, so that information can move across networks. An IP address consists of a fixed sequence of numbers. IPv4 uses a 32-bit address format, which provides approximately 4.3 billion unique IP addresses. Figure 1 provides a conceptual illustration of an IPv4 address.
By providing a numerical description of the location of networked computers, addresses distinguish one computer from another on the Internet. In some ways, an IP address is like a physical street address. For example, in the physical world, if a letter is going to be sent from one location to another, the contents of the letter must be placed in an envelope that contains addresses for the sender and receiver. Similarly, if data is going to be transmitted across the Internet from a source to a destination, IP addresses must be placed in an IP header. Figure 2 provides a simplified illustration of this concept. In addition to containing the addresses of sender and receiver, the header also contains a series of fields that provide information about what is being transmitted.
IP addresses are allocated in different size blocks, each containing different numbers of addresses. To give an idea, below are several examples of block allocations. See the RIPE information for an excellent detailed chart of block sizes.
Prefix IP Addresses Subnet Mask Class Allocations has been replaced by CIDR /8 16 M 255.0.0.0 Class A - allocated to RIRs /16 64 K 255.255.0.0 Class B /18 16 K 255.255.192.0 /19 8 K 255.255.224.0 /24 256 255.255.255.0 Class C /29 8 255.255.255.248
Understanding IP Addresses and CIDR Charts, RIPE.IANA IPv4 Address Space Registry, IANA
Routing and CIDR
Derived From: Characteristics and Competitiveness of the Internet Backbone Market , GAO-02-16 p.34 (Oct. 2001).
Devices known as "routers" send data packets from one network to another by examining the destination IP address of each packet. In its memory, the router contains a "routing table" which contains information specifying all of the IP addresses of other networks. The router compares a packet's destination IP address with the information contained in the routing table to determine the network to which the packet should be sent. In order to ensure that packets from one network can reach any other network, the router must include an entry for each possible network. As more and more network addresses come into use, there is concern about the growth in the number of routing tables entries.
Historically, IP addresses were organized into three commonly used classes-Classes A, B, and C. For Class A, there are 126 possible network addresses, each with nearly 17 million hosts. Slightly more than 16,000 networks may have a Class B address, each with over 65,000 hosts. Finally, there can be approximately 2 million networks with a Class C address, each with a maximum of 254 host addresses. As the Internet grew, engineers quickly identified the problems associated with exhaustion of class B addresses and the increasing number of Class C address entries in routing tables and developed a solution known as Classless Inter-Domain Routing (CIDR). CIDR treats multiple contiguous Class C addresses as a single block that requires only one entry in a routing table. This method of IP address allocation was adopted for technical efficiency reasons-the number of IP addresses that must be maintained in each router for traffic routing purposes is substantially reduced. However, this method of IP address allocation presents unique problems for smaller ISPs and other entities. If an entity seeking IP addresses cannot utilize a large block of address issued by ARIN, the entity must obtain their addresses from among the allocations made by ARIN to their Internet backbone provider. ISPs and end users with whom we spoke expressed concern about method of IP address allocation.
[Karrenberg, Development of RIRs] In order to accommodate more address blocks, this was replaced by classless Inter-Domain Routing in 1993.
The fields in the header are important to the protocol’s second main function: fragmentation of data. IP fragments information by breaking it into manageable parts. Each part has its own header that contains the sender’s address, destination address, and other information that guides it through the Internet to its intended destination. When the various packets arrive at the final destination, they are put back together into their original form.
IANA and the Regional Internet Registries
A defining characteristic of being on a network is utilization of the network’s address space. On the public telephone network, the address space is telephone numbers set by the North American Numbering Plan. On the Internet, the address space is Internet Protocol Numbers set by IANA. [See Leonard Kleinrock, et. al., Realizing the Information Future: The Internet and Beyond, National Research Council 75 (1994) (comparing addressing on the PSTN and the Internet, stating "The current address spaces of the Internet and the telephone network are a low-level framework suited for naming network and telephone locations and delivering data and voice.")] [See also Will the Real Internet Please Stand Up (concluding that a network is defined by its address space)]
IP numbers are assigned to each Internet host (i.e., computer, device).
The full set of IP addresses is managed by the Internet Assigned Number Authority (IANA) under the authority of ICANN. Within the full set of IP addresses are three types of addresses
- Addresses allocated to the Regional Internet Registries
- Addresses allocated by IANA (the Central Internet Registry) before the RIRs to the Legacy Address space holders
- Addresses reserved, not available (experimental, local identification, loopback, private, multicast)
See NRO Statistics for the Internet Number Resource Report, detailing how much of the address space has been allocated to whom.
Regional Internet Registries (RIRs):
IANA allocates large blocks of numbers to the Regional Internet Registries, who then allocate or assign the blocks to downstream networks.
- American Registry of Internet Numbers (ARIN),
- Asia Pacific Network Information Center (APNic),
- Réseaux IP Européens Network Coordination Centre, (RIPE NCC)
- Latin American and Caribbean IP address Regional Registry (Lacnic), and
[ARIN Guide] [The RIRs collectively come together as the Number Resource Organization Letter from NRO to ICANN March 23, 2009 confirming NRO's commitment (recognizing) to ICANN; Letter from ICANN to NRO April 17 2009 confirming ICANN's commitment (recognizing) the RIRs] IPv4 addresses are generally allocated by IANA in really large blocks. See IANA IPv4 Address Space Registry providing a table of /8s allocations.
ICANN works with the RIRs through the Address Supporting Organization
The RIRs then delegate large blocks of numbers to (1) large networks such as Internet backbones, universities, or large corporate networks or to (2) National or Local Internet Registries (NIR or LIR). Smaller networks or end users get IP numbers from their upstream network providers.
Records of these allocations and assignments (from IANA to RIRs; from RIRs to ISPs; from ISPs to customers) are maintained by the RIRs (See WHOIS and SWIP). According to ARIN, for allocations to ISPs which are reassigned to customers, "Each IPv4 assignment containing a /29 or more addresses shall be registered in the WHOIS directory via SWIP or a distributed service which meets the standards set forth in section 3.2. Reassignment registrations shall include each client's organizational information, except where specifically exempted by this policy."
- Information should be provided within seven days of assignment. [ARIN Number Resource Policy Manual 188.8.131.52.1]
- ARIN uses this information to make future assignment decisions
- "If the organization does not supply the information, ARIN may withhold future allocations, and in extreme cases, existing allocations may be affected."
- "For organizations that have residential subscribers and assign address space to their access infrastructure to which their customers connect rather than to individual subscribers, IPv4 assignment information regarding each market area holding an address block should be submitted to ARIN using one of the methods listed above, with the network name used to identify each market area." [ARIN Number Resource Policy Manual 184.108.40.206.3]
- "NRPM 220.127.116.11.3.2 allows organizations to privatize reassignment information for downstream end-user customers that are individuals, not organizations, and receive service at a place of residence for personal use only." [Reporting Reassignment to ARIN, ARIN]
- ARIN conducts an annual WHOIS POC verification. [ARIN Number Resource Policy Manual 3.6]
[Reporting Reassignment to ARIN, ARIN]
- IANA allocates large blocks of numbers to ARIN
- ARIN allocates a smaller but still large block of numbers to Beta Backbone
- Beta Backbone allocates a block of numbers to ACME ISP
- ACME ISP assigns an IP number to Joe's router at his home
A packet of data going through the Internet is addressed with the IP number of its destination. The routers through which the packet is transmitted look only at the address (have no regard for the content of the packet) and routes the packet using routing tables determining the best available route. To be visible, a device must be associated with an address; if a device is not associated with an address, it cannot be reached and is not “on network.”
Now consider that although devices on network are reachable using IP numbers, those numbers are largely known only to the network. Humans are all but unaware of IP numbers. Instead, recognizing years ago that the IP numbers are difficult for the humans to remember, the domain name system (DNS) was developed. A domain name is an alias for an IP number, that is both easier to remember and also can be reassigned from one IP number (one computer at one host) to another IP number (another computer at another host) without any interruption of service.
The IPv4 address space is exhausted; IPv6 has been developed to expand the address space and is being deployed.
Legacy Addresses: There were address blocks allocated prior to the current RIR system. These are known as the Legacy Blocks and generally are administered by ARIN, however, the block assignments may not be under ARIN's current contracts and agreements. [ARIN Legacy] Problems with the Legacy Address space include inefficient use of the address resource, abandonment and hijacking, invalid WHOIS records, and ambiguity as to property rights (addresses allocated or assigned by the RIRs include a contractual agreement that the recipient retains no property rights in the addresses).
There is also a "Private IP Address Space" which is not publicly announced and which is not routable.
Public IP Address Space: This term is not formally defined (that I know of). It is the address space that is not the reserved private IP address space (in other words, defined as what it is not). Public IP addresses are routable on the Internet. Unlike private addresses, public addresses are globally unique. [Microsoft Public and Private Addresses]
Private IP Address Space: An allocation of IP addresses intended to be utilized on a private network for internal routing and not to be announced or routed to the public Internet. Since the address block is not announced and routed, it can be re-used over and over inside networks without creating an addressing conflict (something like PBX in the telephony world). Public IP addresses are translated into private addresses with Network Address Translation (NAT Boxes).
- IETF RFC 1918, Address Allocation for Private Internets (February 1996) ("This document describes address allocation for private internets. The allocation permits full network layer connectivity among all hosts inside an enterprise as well as among all public hosts of different enterprises.");
- IETF RFC 4193, Unique Local IPv6 Unicast Addresses (October 2005) ("This document defines an IPv6 unicast address format that is globally unique and is intended for local communications, usually inside of a site. These addresses are not expected to be routable on the global Internet.")
There are also reserved special use blocks held by IANA that are not allocated.
Allocation Justifications and Transfers
Derived From: Potential Impacts on Communications from IPv4 Exhaustion & IPv6 Transition Robert Cannon, OSP, December 2010 Paper: Word | Acrobat |
IP address blocks have historically been allocated based on need. 1 The costs involved in receiving an allocation are nominal and are not generally a factor in considering whether to apply for an allocation. 2 The principle requirement has been the ability to demonstrate need for the IP addresses, pursuant to community developed RIR address policy. If an address block was not needed, it would (in theory) be returned; it could not be traded.
IPv4 conservation has dampened the pace of IPv4 exhaustion. In the early days of the Internet when the US dominated Internet use, some US firms received large IPv4 block allocations; some of these entities have returned unused IPv4 address resources to Internet number registries. 3 While these conservation efforts have helped, they have merely delayed IPv4 exhaustion without solving the long-term problem. 4
One proposal has been to allow transfers and trade of IP blocks (instead of returning unused resources to the RIRs). 5 This could create an incentive for holders of underutilized IP address blocks to sell them to parties that would put them to more productive use. 6 Transferring IPv4 number allocations would enable new entrants to acquire assignments of IP number resources that are not subordinate to a legacy stakeholder. 7 It would also take pressure off during the transition period, permitting networks to continue to expand, and allowing those engaged in the transition additional time to resolve any transition issues encountered. 8 Two RIRs have policies that permit transfers of IP address block assignments under certain conditions. 9
The addresses transferred are just numbers. For them to be valuable, they must be routable. The routability of the numbers could be unstable if an RIR does not authenticate the transfer, if conflicting claims to the numbers arise, or if there is any other corruption in the integrity of a unique number assignment to network. 10
Unauthorized transfers could create an issue of the RIR not having a direct relationship with, and knowledge of, the transferee, and thus be unable to maintain accurate address assignment records along with associated contact information. 11
There is concern that the scarcity of IPv4 numbers will result in IPv4 number hijacking where addresses are utilized by someone other than the assignee of record. 12
Hijacking IP addresses for purposes of spam may be a violation of federal law. According to 18 USC 1037(a)(5): " Whoever, in or affecting interstate or foreign commerce, knowingly-... (5) falsely represents oneself to be the registrant or the legitimate successor in interest to the registrant of 5 or more Internet Protocol addresses, and intentionally initiates the transmission of multiple commercial electronic mail messages from such addresses, .... or conspires to do so, shall be punished as provided in subsection (b)." See Can Spam Act.
Ray Plzak, IP Address Hijacking: An ARIN Perspective (Nov. 2003) (PDF)
The resulting lack of accurate address information also has significant implications for law enforcement and global anti-cybercrime efforts.
Finally, there is also concern about the impact of address transfers on the routing table and fragmentation.
1 Geoff Huston, IPv4 Address Report.
2See ARIN Number Resource Policy Manual, Sec. 4.2 Allocation to ISPs (Jan. 13, 2010).
3 Lljitsch van Beinjnum, Everything You Need to Know About IPv6, Ars Technica (Mar. 7, 2007) ("For instance, IBM, Xerox, HP, DEC, Apple and MIT all received "class A" address blocks of nearly 17 million addresses. (So HP, which acquired DEC, has more than 33 million addresses.)"); Geoff Huston, IPv4 Address Report ("Unneeded addresses are to be passed back to the registry. "); Recovering IPv4 Address Space, ICANN Blog (Feb. 6, 2008) ("With help from the Regional Internet Registries, three /8s were returned in 2007 and last month we recovered one more.")
4 Lljitsch van Beinjnum, Everything You Need to Know About IPv6, Ars Technica (Mar. 7, 2007) (such efforts only buys us a few more years).
5See Milton Mueller, Scarcity in IPv4 Addresses: IPv4 Address Transfer Markets and the Regional Internet Address Registries, IGP (July 20, 2008); OECD Study: Economic considerations in the management of IPv4 and in the deployment of IPv6, p. 26 (May 2008); Huston, G., IPv4 address transfers, proposed to APNIC on 26 July 2007 ; Titley, N. and van Mook, R., Enabling methods for reallocation of IPv4 resources, (Oct. 23, 2007); Dan Campbell, Comments on an IP Address Trading Market , CIRCLEID (Feb. 15, 2008).
6See Next Generation Internet: IPv4 Address Exhaustion, Mitigation Strategies and Implications for the US, IEEE-USA White Paper, p. 11 (2009); Communication From the Commission to the European Parliament, the Council, the European Economic and Social Committee and the Committee of the Regions, Advancing the Internet: Action Plan for the Deployment of Internet Protocol version 6 (IPv6) in Europe, p. 4 (May 27, 2008). See RIPE NCC IPv4 Address Allocation and Assignment Policies for the RIPE NCC Service Region, Sec. 5.5 Feb. 2010.
7 OECD Study: Economic considerations in the management of IPv4 and in the deployment of IPv6, p. 27 (May 2008).
8 Milton Mueller, Scarcity in IPv4 Addresses: IPv4 Address Transfer Markets and the Regional Internet Address Registries, IGP p. 17 (July 20, 2008) ( " The transition could turn out to be more complicated, costly and difficult than anticipated, and we don't know how long it will last. If we try to use an address shortage to force ISPs into making the transition before they are ready, we could develop damaging gaps in connectivity due to shortages of address resources and compatibility problems. " ).
9See ARIN Number Resource Policy Manual, Sec. 4.2.3 Reassigning Address Space to Customers (Sept. 2010); IPv4 Address Allocation and Assignment Policies for RIPE NCC Service Region, Sec. 5.5 Transfers of Allocations (Oct. 2010).
10See OECD Study: Economic considerations in the management of IPv4 and in the deployment of IPv6, p. 27 (May 2008); Ray Plzak, IP Address Hijacking: An ARIN Perspective (Nov. 2003) (PDF).
11 See Dan Campbell, Comments on an IP Address Trading Market, CIRCLEID (Feb. 15, 2008); IPv6 in Canada: Final Report and Recommendations of the ISACC IPv6 Task Group (IITG), IITG Final Report to ISACC, ISACC-10-42200, p. 16 (Mar. 16, 2010) (" Unclear ownership of some IPv4 addresses plus a lack of tools to block wrong addresses could lead to instability of the routing system ") .
12 Ray Plzak, IP Address Hijacking: An ARIN Perspective (Nov. 2003).
"Stanford University , which was originally allocated nearly 17 million IP addresses , restructured its network in 2000 and gave back a Class A address block equal to approximately 16 million IP addresses. See Carolyn Marsan, “Stanford Move Rekindles ‘Net Address Debate,’” NWFusion (Jan. 24, 2000), NTIA Report: Technical and Economic Assessment of IPv6, p. 12 n 47 July 2004
IP Number Assignments
Internet access service providers assign, out of their pool of addresses, an IP number to an end user.
Generally, ISPs have more end users than IP addresses. ISPs employ several strategies for assigning the smaller set of IP addresses to the larger set of of end user devices.
- Fix (static) assignments: Some end users may received fix assignments of IP addresses that do not change. This permits end-to-end connectivity. This is typical of higher-end end-users such as enterprises or campuses. This may be a premium service.
- Dynamic Host Control Protocol: DHCP "is a client/server protocol that automatically provides an Internet Protocol (IP) host with its IP address and other related configuration information such as the subnet mask and default gateway." [Microsoft] [IETF RFC 2131: DHCP ("DHCP is based on the Bootstrap Protocol (BOOTP), adding the capability of automatic allocation of reusable network addresses and additional configuration options")] [IETF RFC 2132: DHCP Options]. An IP address in a network's pool of addresses is assigned to an end user dynamically as the end user connects to the network; these IP addresses expire and can be reassigned to different end users. Thus the same IP address may be reused and assigned to multiple end users over time; a specific end user may have different IP addresses over time. [EFF IP Address Paper 6 ("In short, unlike street addresses, IP addresses are not static")] [Alma Whitten, “Are IP Addresses Personal?” Google Public Policy Blog, 22 February 2008 ("For instance, your Internet service provider (ISP) may have a block of 20,000 IP addresses and 40,000 customers.")]
- See also reallocation of IP Address Blocks
- Network Address Translation: A public IP address is assigned to a NAT box which translates it into a block of private IP addresses. For instance, an ISP assigns one IP address to an end user's home; but each device in the home needs an address in order to communicate. The one IP address is assigned to a NAT Box within the home, typically a WiFi access point, which then assigns a private IP address to each device in the home seeking to connect to the Internet. Networks are employing carrier-grade NAT in order to conserve their numbering resource. There can be NAT boxes inside of NAT boxes. [Hogg]
An end user's IP address assignment changes depending on what network the end-user connects to. End users may receive their IP number assignment from their own residential Internet access account, from an open access point such as a coffee house, or from their place of employment or campus. Two neighbors can receive IP addresses from different IP address blocks, because they receive service from different Internet access service providers. An access point can be open and provide Internet access and an IP address to anyone requesting access, or it can be secured, providing access and an IP address only to those were the network password. See WiFi Security.
IP addresses are assigned to devices (not individuals or locations). For a residential BIAS account, the IP address may be assigned to the residential network interface device (the device may be a router and NAT, which then assigns private addresses to each device in the house attempting to connect to the Internet). For mobile phone service, the IP address may be assigned to the mobile phone. [Hogg] For an enterprise, the IP address may be assigned to the enterprise network gateway. One IP address may be associated with a single end user, a household of end users, an enterprise, a campus, or constantly changing set of end users such as at a coffee house. [Breaking Glass] An end-user (or network) that is multi-homed by have multiple different IP addresses assigned to it simultaneously.
IP Addresses are not assigned to an Individual (IP Address as PII) IP addresses are not unique identifiers. An IP address can be assigned to a NAT box and used by multiple end users; can be dynamically assigned to multiple users over time, or it can be re-allocated to a different network. [EFF IP Address Paper 7]
The Device an IP Address is Assigned to May Be Shared: If an IP address is assigned to a NAT box, that IP address is shared with every device and end user behind the NAT box. If an IP address is assigned to a proxy, that IP address is shared by everyone using that proxy. If an IP address is assigned to a single device, that device (like a personal computer or a tablet) may be shared among multiple individuals. [Alma Whitten, “Are IP Addresses Personal?” Google Public Policy Blog, 22 February 2008]
An IP Assignment Does Not Itself Identify an Individual's Name, Location or Other Information: Additional information may be associated with an IP address, which may be obtained through network tools such as WHOIS or legal process such as subpoenas. See IP Address as PII. See also Johnson v. Microsoft Corp. U.S. District Court for the Western District of Washington 2009 ("An IP address does not identify a user’s name or mailing address. In re Charter Commc’ns, 393 F.3d 771, 774 (8th Cir. 2005). "); Klimas v. Comcast Cable Comm’cns, Inc., 465 F.3d 271, 276 n.2 (6th Cir. 2006) (“We further note that IP addresses do not in and of themselves reveal ‘a subscriber’s name, address, [or] social security number.’ That information can only be gleaned if a list of subscribers is matched up with a list of their individual IP addresses.”)
IP addresses are not physical addresses, like street addresses. They do not denote a location. They are logical network addresses that can move to a different location or be reassigned to a different device. [EFF IP Address Paper 7 ("Police using this metaphor give a court the false impression that IP addresses are unique to exact places in the physical world, and that there is a permanence connecting the IP address to that location.")]
IP Address Masking: The IP address may also be assigned to a NAT box, permitting interaction with an Internet end on a private IP address at a different location. IP addresses can also be used with proxies or virtual private networks, both of which can make the end user's traffic appear as if it is originating from one IP address when it is in fact originating from another. [EFF IP Address Paper 7]
- Onion Routing. Bounces traffic through three different nodes of TOR before ultimate destination.
- Uses proxies so that man-in-the-middle cannot intercept communications and see destination of communications.
- Useful for dissidents in authoritarian regimes
- Should be used with HTTPS
- Problem: Slow and limited capacity.
- See Prof. Doug Sickers work on TOR limitations
- [EFF IP Address Paper11 ("when police learn of a crime connected to an IP address from a Tor exit relay, there is little chance that the criminal is actually associated with that IP address. Police have failed to recognize this reality in multiple cases in which they have searched the homes of Tor exit relay hosts and seized their devices.")]
- Marcia Hoffman, Why IP Addresses Alone Donít Identify Criminals, Electronic Frontier Foundation (Aug. 24, 2011) ("This spring, agents from Immigration and Customs Enforcement (ICE) executed a search warrant at the home of Nolan King and seized six computer hard drives in connection with a criminal investigation. The warrant was issued on the basis of an Internet Protocol (IP) address that traced back to an account connected to Mr. King's home, where he was operating a Tor exit relay. ")
- Ansel Herz, Police Go on Fishing Expedition, Search the Home of Seattle Privacy Activists Who Maintain Tor Network, The Stranger (March 30, 2016)
- Because I ran Tor, the police took all my computers, Todd's notes (Nov. 11, 2009) ("The search warrant contained as evidence of probable cause one hour-long IRC chat session (showing origination from my IP address) with an undercover NY state trooper and a perp who claimed to have a boy kidnapped and locked up, along with pictures and videos.")
- Freegate by Dynamic Internet Technology Inc. (funded by VOA)
- Hotspot Shield
- Choosing the VPN Thatís Right for You, Surveillance Self-Defense Ė Electronic Frontier Foundation,
ITAA: Ecommerce Taxation and the Limitations of Geolocation Tools p. 7 ("The process for IP address reassignments is rather cumbersome under IPv4 due to the need to reconfigure routers and servers, and therefore they do not happen with anywhere near the frequency that is expected under IPv6, which will make the reassignment of IP address far easier to accomplish. With no actual geographic constraint, under IPv6 these IP address blocks could be reassigned to a new area at any time that demand shifts. As the Internet continues to expand and the need for renumbering grows, blocks of IP addresses will be shifted geographically with increasing regularity. Keeping track of all the growing number of reassignments of IP addresses may overwhelm geolocation software’s capabilities. Moreover, during the multi-year global transition to Ipv6, dual sets of router table data will have to be maintained for both Ipv4 and Ipv6 IP addresses. The need to translate and correlate between tables may also introduce latency that negatively impacts the ability to conduct real time analysis.")
IPv4 Address Conservation
Networks seek to conserve IPv4 Addresses through the following techniques:
- The use of Network Address Translation devices (NATs) which allow whole networks to be placed behind single IP addresses
- Classless Interdomain Routing; CIDR
- Reclaiming unused IPv4 address space
See IPv6 Number Migration. Recovering IPv4 Address Space , ICANN Blog (Feb. 6, 2008) ("With help from the Regional Internet Registries, three /8s were returned in 2007 and last month we recovered one more.")
Internet Control Message Protocol: runs on top of IP. in parallel with TCP and UDP. Triggered when packets encounters errors, such as time exceeded or destination unreachable. ICMP packet sent to source IP address with error message information.
Intersection of IP Numbers and Telephone Numbers
Both IP numbers and telephone numbers are used as addresses by end users to set up and engage in communications over networks. Both are unique addressing resources controlled by a central governing authority. Public Telephone Numbers are administered by the North American Numbering Council as the North American Numbering Plan, in cooperation with the FCC and other North America communications authorities. IP numbers are administered by the IANA function as a part of ICANN; North American IP numbers are administered by the American Registry of Internet Numbers (ARIN). The most determinative characteristic of what network an end user is communicating on is what addressing scheme is being employed. See Robert Cannon, Will the Real Internet Please Stand Up.
Law and policy that touches on network addresses has seen an intersection of IP numbers and telephone numbers in the following areas:
- ECPA: Trap and Trace, and Pen Registers. United States v. Forrester, 512 F.3d 500, 510 (9th Cir. 2008) ("First, e-mail and Internet users, like the telephone users in Smith, rely on third-party equipment in order to engage in communication. Smith based its holding that telephone users have no expectation of privacy in the numbers they dial on the users' imputed knowledge that their calls are completed through telephone company switching equipment. 442 U.S. at 742, 99 S.Ct. 2577. Analogously, e-mail and Internet users have no expectation of privacy in the to/from addresses of their messages or the IP addresses of the websites they visit because they should know that this information is provided to and used by Internet service providers for the specific purpose of directing the routing of information. Like telephone numbers, which provide instructions to the "switching equipment that processed those numbers," e-mail to/from addresses and IP addresses are not merely passively conveyed through third party equipment, but rather are voluntarily turned over in order to direct the third party's servers. Id. at 744, 99 S.Ct. 2577.")
- Network Neutrality (2015): Definition of "Telecommunications Service" was revised to include networks that utilize either the North American Numbering Plan or the ICANN IP numbering resource, thereby establishing that Internet access providers are "telecommunications services" (the only way, pursuant to the appeals court, that the FCC could apply non-discrimination obligations on Internet service providers).
- This then led to the FCC's privacy regulations, with which ISOC strenuously disagreed. [Mark Buell, IP Addresses are not Telephone Numbers: The Fundamental Flaw with the FCC's Proposed Privacy Rules, ISOC May 26, 2016] [See also Sally Shipman Wentworth, Thoughts on Today's FCC Net Neutrality Ruling, ISOC Feb. 26, 2015 ("we are concerned with the FCC’s decision to base new rules for the modern Internet on decades-old telephone regulations designed for a very different technological era.")] However, notice that ISOC is objecting to the application of telephone era regulations to the Internet more than they are objecting to the networking address analogy between IP numbers and telephone numbers.
- RIR IP Number Assignment and Whether IP Numbers are Property. If network addresses are the property of the subscriber, the network address can become encumbered in property disputes including bankruptcies, trademark disputes, and merger and acquisitions. The FCC has concluded that telephone numbers are the property of the telephone resource, and not the subscriber, allowing for the efficient operation of the network. RIRs have followed this precedent, adding contractual clauses to allocations and assignments that states that IP numbers are not property.
- Interconnected VoIP (iVoIP) providers by definition make use of the North American Numbering Plan and interconnect with other Public Telephone Networks. Therefore iVoIP providers need access to the NANP numbering resource, are required to provide number portability, and must have interconnection rights with other networks.
- IP Numbers as PII: Much of the discussion of whether an IP number can legitimately be considered PII and used to authenticate or identify an individual starts with an analogy to telephone numbers.
Examples of Network Addresses
- Telephone numbers on the public telephone network
- IP address, email address, domain name on the Internet
- MAC address on an Ethernet network
- Mail addresses on US Postal Service and other mail services
Examples where a network is defined by its address space (the question "am I on this network" can be answered (partly) by what address space the end user is using)
- Internet (See Federal Networking Council's definition, defining Internet by what would become the ICANN / IANA address space)
- Public Switched Network (telephone network)
Examples of point to point networks where the end user originator provides the address for the end user terminator of the communication:
- 3COM: Understanding IP Addressing: Everything You Ever Wanted to Know PDF
- IPv4 WHOIS Map, CAIDA 10/10/2007
- Kim Davies, An Introduction to IANA, September 28, 2008
- Development of the RIRs, IP Journal (Dec. 2001)
- B. Carpenter, IAB, F. Baker, IETF, M. Roberts, ICANN, RFC #2860, Memorandum of Understanding Concerning the Technical Work of the Internet Assigned Number Authority (June 2000)
- IETF RFC 2050: Goals and Guidelines of RIRs
- J Reynolds, J Postel, IETF RFC 1700, Assigned Numbers (Oct 1994) ("The Internet Assigned Numbers Authority (IANA) is the central coordinator for the assignment of unique parameter values for Internet protocols. The IANA is chartered by the Internet Society (ISOC) and the Federal Network Council (FNC) to act as the clearinghouse to assign and coordinate the use of numerous Internet protocol parameters.")
- J. Reynolds, J. Postel, RFC #1060, Assigned Numbers (Mar. 1990)
- Postel, J., "Assigned Numbers," RFC 790, September 1981
- RFC 791, Internet Protocol: DARPA Internet Program Protocol Specification , (Sept 1981) ("This document specifies the DoD Standard Internet Protocol. This document is based on six earlier editions of the ARPA Internet Protocol Specification, and the present text draws heavily from them.")
- RFC 760, DOD Standard: Internet Protocol (Jan. 1980) ("This document specifies the DoD Standard Internet Protocol.")
- V. Cerf, J. Postel, RFC #322, Well Known Socket Numbers (Mar. 26, 1972)
- Internet Society, A Fine Balance: Internet Number Resource Distribution and DeCentralisation [ISOC]
- Daniel Karrenberg, RIPE-NCC; Gerard Ross, APNIC; Paul Wilson, APNIC; Leslie Nobile, ARIN, Development of the Regional Internet Registry System (December 2001)
- Aaron Mackey, Seth Schoen, Cindy Cohn, Unreliable Informant: IP Addresses, Digital Tips, and Police Raids, EFF Sept 2016
- Milton Mueller and Brenden Kuerbis, Regional Address Registries, Governance and Internet Freedom (November 26, 2008). Internet Governance Project. Paper IGP08-005.
- S. Romano, M Stahl, RFC 1020, Internet Numbers (Nov. 1997) ("The responsibility for the assignment of IP numbers and ASNs has been assumed by Hostmaster at the DDN Network Information Center (NIC). The Hostmaster staff are indebted to Dr. Jon Postel and Ms. Joyce Reynolds of the Information Sciences Institute at the University of Southern California for their ongoing assistance.")
- Stephen M Ryan, Raymond A Ptzak, John Curran, Legal and Policy Aspects of Internet Number Resources, Santa Clara Computer & High Tech Journal Vol 24 Issue 2 Page 335
- IP Number Hijacking
- Ray Plzak, IP Address Hijacking: An ARIN Perspective (Nov. 2003) (PDF)
- How Prevalent is Prefix Hijacking on the Internet, NANOG Feb. 2006 (attributing significant number of misconfigs to fat-fingers).
- Regional Internet Registries Statistics and Activities, NANOG 3/26/2004
- American Registry of Internet Numbers (ARIN <www.arin.net>),
- Internet Moves Toward Privatization, NSF Press Release 97-046 (June 24, 1997)
- Asia Pacific Network Information Center (APNic <www.apnic.net>),
- RIPE Network Coordination Centre <www.ripe.net>,
- Latin American and Caribbean IP address Regional Registry (Lacnic <www.lacnic.net>), and
- AfriNIC <www.afrinic.net>.
- PanAfrica: Africa's Own Net Registry On Track, AllAfrica 6/1/200
- See ICANN and RIR Relationship Agreement 2002
- Number Resource Organization
- Geoff Huston :: IPv4 Report :: IPv6 Report ::
- USG :: NIST :: CSD :: IPSec Project
News & Blogs
- A Seismic Shift: IPv4 Numbers Becoming Transferable and Consequently Property, CircleID 2/3/2009
- ARIN Leadership Announced, ARIN 1/21/2009
- Bill Manning Resigns from ARIN Board of Trustees, ARIN 11/20/2008
- ARIN Monthly Statistics, ARIN 9/30/2008
- IPv4 Address Transfer Markets: The time has come, IGP 7/8/2008
- ARIN's Annual Report 2007 Now Available, ARIN 6/13/2008
- Confronting IPv4 Address Exhaustion, Potaroo 9/16/2008
- IP Address Allocation vs. Internet Production I: Understanding the Relationship, and the Differences, CircleID 4/29/2005
- The Geography of Internet Addressing, CircleID 4/27/2005