Federal Internet Law & Policy
An Educational Project

IP Numbers

Dont be a FOOL; The Law is Not DIY

Internet Addresses
- History
- NTIA & Fed Activity
- Root Servers
- ccTLDs
- - .us
- -
- gTLDs
- - .gov
- - .edu
- - .mil
- - .xxx
- IP Numbers
- - IPv6
- NATs
- Ports
- Security
- Trademark
- AntiCybersquatter Consumer Protection Act
- Gripe Sites
- Truth in Domain Names
Telephone Addresses

IP Numbers

IP Number Under the current Internet Protocol system, each machine connected to an Internet Protocol ("IP") network is addressed using a 32 bit number, the IP address.  these addresses are usually written in "dotted quad" notation, as a series of four 8 bit numbers, written in decimal and separated by periods.  for example, an IP address might appear as  Many machines have more than one IP address.  For example, a machine hosting multiple websites often has an IP address for each website it hosts.  Other times, a pool of IP addresses is shared between a number of machines e.g. on a dynamic IP dialup connection such as the Prodigy Internet Service, a subscriber's machine will be allocated a different IP address each time the subscriber connects.   -- British Telecom v. Prodigy, OO Civ 9451, Memorandum and Order Granting Summary Judgment (SDNY August 22, 2002) (citations omitted).

Johnson v. Microsoft Corp. U.S. District Court for the Western District of Washington 2009 ("An IP address is a four-part number that enables e-mails, pictures, and other data to be transmitted via the Internet to a particular computer. United States v. Heckenkamp, 482 F.3d 1142, 1144 n.1 (9th Cir. 2007). When a person uses a computer to accesses the Internet, the computer is assigned an IP address by the user’s Internet service provider. United States v. Steiger, 318 F.3d 1039, 1042 (11th Cir. 2003).")

Derived From: GAO, Internet Protocol version 6, Federal Agencies Need to Plan for Transition and Manage Security Risks (May 2005)

The two basic functions of IP include (1) addressing and (2) fragmentation of data, so that information can move across networks. An IP address consists of a fixed sequence of numbers. IPv4 uses a 32-bit address format, which provides approximately 4.3 billion unique IP addresses. Figure 1 provides a conceptual illustration of an IPv4 address.

By providing a numerical description of the location of networked computers, addresses distinguish one computer from another on the Internet. In some ways, an IP address is like a physical street address. For example, in the physical world, if a letter is going to be sent from one location to another, the contents of the letter must be placed in an envelope that contains addresses for the sender and receiver. Similarly, if data is going to be transmitted across the Internet from a source to a destination, IP addresses must be placed in an IP header. Figure 2 provides a simplified illustration of this concept. In addition to containing the addresses of sender and receiver, the header also contains a series of fields that provide information about what is being transmitted.

IP addresses are allocated in different size blocks, each containing different numbers of addresses. To give an idea, below are several examples of block allocations. See the RIPE information for an excellent detailed chart of block sizes.

IP Addresses
Subnet Mask
Class Allocations has been replaced by CIDR
/8 16 M Class A - allocated to RIRs
/16 64 K Class B
/18 16 K  
/19 8 K  
/24 256 Class C
/29 8  

Understanding IP Addresses and CIDR Charts, RIPE.IANA IPv4 Address Space Registry, IANA

Routing and CIDR

Derived From: Characteristics and Competitiveness of the Internet Backbone Market , GAO-02-16 p.34 (Oct. 2001).

Devices known as "routers" send data packets from one network to another by examining the destination IP address of each packet. In its memory, the router contains a "routing table" which contains information specifying all of the IP addresses of other networks. The router compares a packet's destination IP address with the information contained in the routing table to determine the network to which the packet should be sent. In order to ensure that packets from one network can reach any other network, the router must include an entry for each possible network. As more and more network addresses come into use, there is concern about the growth in the number of routing tables entries.

Historically, IP addresses were organized into three commonly used classes-Classes A, B, and C. For Class A, there are 126 possible network addresses, each with nearly 17 million hosts. Slightly more than 16,000 networks may have a Class B address, each with over 65,000 hosts. Finally, there can be approximately 2 million networks with a Class C address, each with a maximum of 254 host addresses. As the Internet grew, engineers quickly identified the problems associated with exhaustion of class B addresses and the increasing number of Class C address entries in routing tables and developed a solution known as Classless Inter-Domain Routing (CIDR). CIDR treats multiple contiguous Class C addresses as a single block that requires only one entry in a routing table. This method of IP address allocation was adopted for technical efficiency reasons-the number of IP addresses that must be maintained in each router for traffic routing purposes is substantially reduced. However, this method of IP address allocation presents unique problems for smaller ISPs and other entities. If an entity seeking IP addresses cannot utilize a large block of address issued by ARIN, the entity must obtain their addresses from among the allocations made by ARIN to their Internet backbone provider. ISPs and end users with whom we spoke expressed concern about method of IP address allocation.

[Karrenberg, Development of RIRs] In order to accommodate more address blocks, this was replaced by classless Inter-Domain Routing in 1993.

The fields in the header are important to the protocol’s second main function: fragmentation of data. IP fragments information by breaking it into manageable parts. Each part has its own header that contains the sender’s address, destination address, and other information that guides it through the Internet to its intended destination. When the various packets arrive at the final destination, they are put back together into their original form.

IANA and the Regional Internet Registries

A defining characteristic of being on a network is utilization of the network’s address space. On the public telephone network, the address space is telephone numbers set by the North American Numbering Plan. On the Internet, the address space is Internet Protocol Numbers set by IANA. [See Leonard Kleinrock, et. al., Realizing the Information Future: The Internet and Beyond, National Research Council 75 (1994) (comparing addressing on the PSTN and the Internet, stating "The current address spaces of the Internet and the telephone network are a low-level framework suited for naming network and telephone locations and delivering data and voice.")] [See also Will the Real Internet Please Stand Up (concluding that a network is defined by its address space)]

IP numbers are assigned to each Internet host (i.e., computer, device).

The full set of IP addresses is managed by the Internet Assigned Number Authority (IANA) under the authority of ICANN. Within the full set of IP addresses are three types of addresses

See NRO Statistics for the Internet Number Resource Report, detailing how much of the address space has been allocated to whom.

Allocation: The allocation of a block of IP addresses that may then be reallocated or assigned.

Assign: The assignment of a block of IP addresses to an end user that will not be reallocated or reassigned.

Regional Internet Registries (RIRs):

IANA allocates large blocks of numbers to the Regional Internet Registries, who then allocate or assign the blocks to downstream networks.

[ARIN Guide] [The RIRs collectively come together as the Number Resource Organization Letter from NRO to ICANN March 23, 2009 confirming NRO's commitment (recognizing) to ICANNPDF; Letter from ICANN to NRO April 17 2009 confirming ICANN's commitment (recognizing) the RIRsPDF] IPv4 addresses are generally allocated by IANA in really large blocks. See IANA IPv4 Address Space Registry providing a table of /8s allocations.

ICANN works with the RIRs through the Address Supporting Organization

The RIRs then delegate large blocks of numbers to (1) large networks such as Internet backbones, universities, or large corporate networks or to (2) National or Local Internet Registries (NIR or LIR). Smaller networks or end users get IP numbers from their upstream network providers.

Records of these allocations and assignments (from IANA to RIRs; from RIRs to ISPs; from ISPs to customers) are maintained by the RIRs (See WHOIS and SWIP). According to ARIN, for allocations to ISPs which are reassigned to customers, "Each IPv4 assignment containing a /29 or more addresses shall be registered in the WHOIS directory via SWIP or a distributed service which meets the standards set forth in section 3.2. Reassignment registrations shall include each client's organizational information, except where specifically exempted by this policy."

[Reporting Reassignment to ARIN, ARIN]


A packet of data going through the Internet is addressed with the IP number of its destination. The routers through which the packet is transmitted look only at the address (have no regard for the content of the packet) and routes the packet using routing tables determining the best available route. To be visible, a device must be associated with an address; if a device is not associated with an address, it cannot be reached and is not “on network.”

Now consider that although devices on network are reachable using IP numbers, those numbers are largely known only to the network. Humans are all but unaware of IP numbers. Instead, recognizing years ago that the IP numbers are difficult for the humans to remember, the domain name system (DNS) was developed. A domain name is an alias for an IP number, that is both easier to remember and also can be reassigned from one IP number (one computer at one host) to another IP number (another computer at another host) without any interruption of service.

The IPv4 address space is exhausted; IPv6 has been developed to expand the address space and is being deployed.

Legacy Addresses: There were address blocks allocated prior to the current RIR system. These are known as the Legacy Blocks and generally are administered by ARIN, however, the block assignments may not be under ARIN's current contracts and agreements. [ARIN Legacy] Problems with the Legacy Address space include inefficient use of the address resource, abandonment and hijacking, invalid WHOIS records, and ambiguity as to property rights (addresses allocated or assigned by the RIRs include a contractual agreement that the recipient retains no property rights in the addresses).

There is also a "Private IP Address Space" which is not publicly announced and which is not routable.

Public IP Address Space: This term is not formally defined (that I know of). It is the address space that is not the reserved private IP address space (in other words, defined as what it is not). Public IP addresses are routable on the Internet. Unlike private addresses, public addresses are globally unique. [Microsoft Public and Private Addresses]

Private IP Address Space: An allocation of IP addresses intended to be utilized on a private network for internal routing and not to be announced or routed to the public Internet. Since the address block is not announced and routed, it can be re-used over and over inside networks without creating an addressing conflict (something like PBX in the telephony world). Public IP addresses are translated into private addresses with Network Address Translation (NAT Boxes).

  • IETF RFC 1918, Address Allocation for Private Internets (February 1996) ("This document describes address allocation for private internets. The allocation permits full network layer connectivity among all hosts inside an enterprise as well as among all public hosts of different enterprises.");
  • IETF RFC 4193, Unique Local IPv6 Unicast Addresses (October 2005) ("This document defines an IPv6 unicast address format that is globally unique and is intended for local communications, usually inside of a site. These addresses are not expected to be routable on the global Internet.")

There are also reserved special use blocks held by IANA that are not allocated.

Allocation Justifications and Transfers

Derived From: Potential Impacts on Communications from IPv4 Exhaustion & IPv6 Transition Robert Cannon, OSP, December 2010 Paper: Word | Acrobat |

IP address blocks have historically been allocated based on need. 1 The costs involved in receiving an allocation are nominal and are not generally a factor in considering whether to apply for an allocation. 2 The principle requirement has been the ability to demonstrate need for the IP addresses, pursuant to community developed RIR address policy. If an address block was not needed, it would (in theory) be returned; it could not be traded.

IPv4 conservation has dampened the pace of IPv4 exhaustion. In the early days of the Internet when the US dominated Internet use, some US firms received large IPv4 block allocations; some of these entities have returned unused IPv4 address resources to Internet number registries. 3 While these conservation efforts have helped, they have merely delayed IPv4 exhaustion without solving the long-term problem. 4

One proposal has been to allow transfers and trade of IP blocks (instead of returning unused resources to the RIRs). 5 This could create an incentive for holders of underutilized IP address blocks to sell them to parties that would put them to more productive use. 6 Transferring IPv4 number allocations would enable new entrants to acquire assignments of IP number resources that are not subordinate to a legacy stakeholder. 7 It would also take pressure off during the transition period, permitting networks to continue to expand, and allowing those engaged in the transition additional time to resolve any transition issues encountered. 8 Two RIRs have policies that permit transfers of IP address block assignments under certain conditions. 9

The addresses transferred are just numbers. For them to be valuable, they must be routable. The routability of the numbers could be unstable if an RIR does not authenticate the transfer, if conflicting claims to the numbers arise, or if there is any other corruption in the integrity of a unique number assignment to network. 10

Unauthorized transfers could create an issue of the RIR not having a direct relationship with, and knowledge of, the transferee, and thus be unable to maintain accurate address assignment records along with associated contact information. 11

There is concern that the scarcity of IPv4 numbers will result in IPv4 number hijacking where addresses are utilized by someone other than the assignee of record. 12

Hijacking IP addresses for purposes of spam may be a violation of federal law. According to 18 USC 1037(a)(5): " Whoever, in or affecting interstate or foreign commerce, knowingly-... (5) falsely represents oneself to be the registrant or the legitimate successor in interest to the registrant of 5 or more Internet Protocol addresses, and intentionally initiates the transmission of multiple commercial electronic mail messages from such addresses, .... or conspires to do so, shall be punished as provided in subsection (b)." See Can Spam Act.

Ray Plzak, IP Address Hijacking: An ARIN Perspective (Nov. 2003) (PDF)

The resulting lack of accurate address information also has significant implications for law enforcement and global anti-cybercrime efforts.

Finally, there is also concern about the impact of address transfers on the routing table and fragmentation.

1 Geoff Huston, IPv4 Address Report.

2See ARIN Number Resource Policy Manual, Sec. 4.2 Allocation to ISPs (Jan. 13, 2010).

3 Lljitsch van Beinjnum, Everything You Need to Know About IPv6, Ars Technica (Mar. 7, 2007) ("For instance, IBM, Xerox, HP, DEC, Apple and MIT all received "class A" address blocks of nearly 17 million addresses. (So HP, which acquired DEC, has more than 33 million addresses.)"); Geoff Huston, IPv4 Address Report ("Unneeded addresses are to be passed back to the registry. "); Recovering IPv4 Address Space, ICANN Blog (Feb. 6, 2008) ("With help from the Regional Internet Registries, three /8s were returned in 2007 and last month we recovered one more.")

4 Lljitsch van Beinjnum, Everything You Need to Know About IPv6, Ars Technica (Mar. 7, 2007) (such efforts only buys us a few more years).

5See Milton Mueller, Scarcity in IPv4 Addresses: IPv4 Address Transfer Markets and the Regional Internet Address Registries, IGP (July 20, 2008); OECD Study: Economic considerations in the management of IPv4 and in the deployment of IPv6, p. 26 (May 2008); Huston, G., IPv4 address transfers, proposed to APNIC on 26 July 2007 ; Titley, N. and van Mook, R., Enabling methods for reallocation of IPv4 resources, (Oct. 23, 2007); Dan Campbell, Comments on an IP Address Trading Market , CIRCLEID (Feb. 15, 2008).

6See Next Generation Internet: IPv4 Address Exhaustion, Mitigation Strategies and Implications for the US, IEEE-USA White Paper, p. 11 (2009); Communication From the Commission to the European Parliament, the Council, the European Economic and Social Committee and the Committee of the Regions, Advancing the Internet: Action Plan for the Deployment of Internet Protocol version 6 (IPv6) in Europe, p. 4 (May 27, 2008). See RIPE NCC IPv4 Address Allocation and Assignment Policies for the RIPE NCC Service Region, Sec. 5.5 Feb. 2010.

7 OECD Study: Economic considerations in the management of IPv4 and in the deployment of IPv6, p. 27 (May 2008).

8 Milton Mueller, Scarcity in IPv4 Addresses: IPv4 Address Transfer Markets and the Regional Internet Address Registries, IGP p. 17 (July 20, 2008) ( " The transition could turn out to be more complicated, costly and difficult than anticipated, and we don't know how long it will last. If we try to use an address shortage to force ISPs into making the transition before they are ready, we could develop damaging gaps in connectivity due to shortages of address resources and compatibility problems. " ).

9See ARIN Number Resource Policy Manual, Sec. 4.2.3 Reassigning Address Space to Customers (Sept. 2010); IPv4 Address Allocation and Assignment Policies for RIPE NCC Service Region, Sec. 5.5 Transfers of Allocations (Oct. 2010).

10See OECD Study: Economic considerations in the management of IPv4 and in the deployment of IPv6, p. 27 (May 2008); Ray Plzak, IP Address Hijacking: An ARIN Perspective (Nov. 2003) (PDF).

11 See Dan Campbell, Comments on an IP Address Trading Market, CIRCLEID (Feb. 15, 2008); IPv6 in Canada: Final Report and Recommendations of the ISACC IPv6 Task Group (IITG), IITG Final Report to ISACC, ISACC-10-42200, p. 16 (Mar. 16, 2010) (" Unclear ownership of some IPv4 addresses plus a lack of tools to block wrong addresses could lead to instability of the routing system ") .

12 Ray Plzak, IP Address Hijacking: An ARIN Perspective (Nov. 2003).

"Stanford University , which was originally allocated nearly 17 million IP addresses , restructured its network in 2000 and gave back a Class A address block equal to approximately 16 million IP addresses. See Carolyn Marsan, “Stanford Move Rekindles ‘Net Address Debate,’” NWFusion (Jan. 24, 2000), NTIA Report: Technical and Economic Assessment of IPv6, p. 12 n 47 July 2004

IP Number Assignments

Internet access service providers assign, out of their pool of addresses, an IP number to an end user.

Generally, ISPs have more end users than IP addresses. ISPs employ several strategies for assigning the smaller set of IP addresses to the larger set of of end user devices.

An end user's IP address assignment changes depending on what network the end-user connects to. End users may receive their IP number assignment from their own residential Internet access account, from an open access point such as a coffee house, or from their place of employment or campus. Two neighbors can receive IP addresses from different IP address blocks, because they receive service from different Internet access service providers. An access point can be open and provide Internet access and an IP address to anyone requesting access, or it can be secured, providing access and an IP address only to those were the network password. See WiFi Security.

IP addresses are assigned to devices (not individuals or locations). For a residential BIAS account, the IP address may be assigned to the residential network interface device (the device may be a router and NAT, which then assigns private addresses to each device in the house attempting to connect to the Internet). For mobile phone service, the IP address may be assigned to the mobile phone. [Hogg] For an enterprise, the IP address may be assigned to the enterprise network gateway. One IP address may be associated with a single end user, a household of end users, an enterprise, a campus, or constantly changing set of end users such as at a coffee house. [Breaking Glass] An end-user (or network) that is multi-homed by have multiple different IP addresses assigned to it simultaneously.

IP Addresses are not assigned to an Individual (IP Address as PII) IP addresses are not unique identifiers. An IP address can be assigned to a NAT box and used by multiple end users; can be dynamically assigned to multiple users over time, or it can be re-allocated to a different network. [EFF IP Address Paper 7]

The Device an IP Address is Assigned to May Be Shared: If an IP address is assigned to a NAT box, that IP address is shared with every device and end user behind the NAT box. If an IP address is assigned to a proxy, that IP address is shared by everyone using that proxy. If an IP address is assigned to a single device, that device (like a personal computer or a tablet) may be shared among multiple individuals. [Alma Whitten, “Are IP Addresses Personal?” Google Public Policy Blog, 22 February 2008]

An IP Assignment Does Not Itself Identify an Individual's Name, Location or Other Information: Additional information may be associated with an IP address, which may be obtained through network tools such as WHOIS or legal process such as subpoenas. See IP Address as PII. See also Johnson v. Microsoft Corp. U.S. District Court for the Western District of Washington 2009 ("An IP address does not identify a user’s name or mailing address. In re Charter Commc’ns, 393 F.3d 771, 774 (8th Cir. 2005). "); Klimas v. Comcast Cable Comm’cns, Inc., 465 F.3d 271, 276 n.2 (6th Cir. 2006) (“We further note that IP addresses do not in and of themselves reveal ‘a subscriber’s name, address, [or] social security number.’ That information can only be gleaned if a list of subscribers is matched up with a list of their individual IP addresses.”)

IP addresses are not physical addresses, like street addresses. They do not denote a location. They are logical network addresses that can move to a different location or be reassigned to a different device. [EFF IP Address Paper 7 ("Police using this metaphor give a court the false impression that IP addresses are unique to exact places in the physical world, and that there is a permanence connecting the IP address to that location.")]

IP Address Masking: The IP address may also be assigned to a NAT box, permitting interaction with an Internet end on a private IP address at a different location. IP addresses can also be used with proxies or virtual private networks, both of which can make the end user's traffic appear as if it is originating from one IP address when it is in fact originating from another. [EFF IP Address Paper 7]

  • TOR
    • Onion Routing. Bounces traffic through three different nodes of TOR before ultimate destination.
    • Uses proxies so that man-in-the-middle cannot intercept communications and see destination of communications.
    • Useful for dissidents in authoritarian regimes
    • Should be used with HTTPS
    • Problem: Slow and limited capacity.
    • See Prof. Doug Sickers work on TOR limitations
    • [EFF IP Address Paper11 ("when police learn of a crime connected to an IP address from a Tor exit relay, there is little chance that the criminal is actually associated with that IP address. Police have failed to recognize this reality in multiple cases in which they have searched the homes of Tor exit relay hosts and seized their devices.")]
    • Marcia Hoffman, Why IP Addresses Alone Donít Identify Criminals, Electronic Frontier Foundation (Aug. 24, 2011) ("This spring, agents from Immigration and Customs Enforcement (ICE) executed a search warrant at the home of Nolan King and seized six computer hard drives in connection with a criminal investigation. The warrant was issued on the basis of an Internet Protocol (IP) address that traced back to an account connected to Mr. King's home, where he was operating a Tor exit relay. ")
    • Ansel Herz, Police Go on Fishing Expedition, Search the Home of Seattle Privacy Activists Who Maintain Tor Network, The Stranger (March 30, 2016)
    • Because I ran Tor, the police took all my computers, Todd's notes (Nov. 11, 2009) ("The search warrant contained as evidence of probable cause one hour-long IRC chat session (showing origination from my IP address) with an undercover NY state trooper and a perp who claimed to have a boy kidnapped and locked up, along with pictures and videos.")
  • Freegate by Dynamic Internet Technology Inc. (funded by VOA)
    • Feb. 2002 Started pilot project with USG [About DIT]
    • May 2002 Project extended one year [About DIT]
  • Ultrasurf
  • Hotspot Shield
  • Circumventor

ITAA: Ecommerce Taxation and the Limitations of Geolocation Tools p. 7 ("The process for IP address reassignments is rather cumbersome under IPv4 due to the need to reconfigure routers and servers, and therefore they do not happen with anywhere near the frequency that is expected under IPv6, which will make the reassignment of IP address far easier to accomplish. With no actual geographic constraint, under IPv6 these IP address blocks could be reassigned to a new area at any time that demand shifts. As the Internet continues to expand and the need for renumbering grows, blocks of IP addresses will be shifted geographically with increasing regularity. Keeping track of all the growing number of reassignments of IP addresses may overwhelm geolocation software’s capabilities. Moreover, during the multi-year global transition to Ipv6, dual sets of router table data will have to be maintained for both Ipv4 and Ipv6 IP addresses. The need to translate and correlate between tables may also introduce latency that negatively impacts the ability to conduct real time analysis.")


IPv4 Address Conservation

Networks seek to conserve IPv4 Addresses through the following techniques:

See IPv6 Number Migration. Recovering IPv4 Address Space , ICANN Blog (Feb. 6, 2008) ("With help from the Regional Internet Registries, three /8s were returned in 2007 and last month we recovered one more.")


Internet Control Message Protocol: runs on top of IP. in parallel with TCP and UDP. Triggered when packets encounters errors, such as time exceeded or destination unreachable. ICMP packet sent to source IP address with error message information.

Intersection of IP Numbers and Telephone Numbers

Both IP numbers and telephone numbers are used as addresses by end users to set up and engage in communications over networks. Both are unique addressing resources controlled by a central governing authority. Public Telephone Numbers are administered by the North American Numbering Council as the North American Numbering Plan, in cooperation with the FCC and other North America communications authorities. IP numbers are administered by the IANA function as a part of ICANN; North American IP numbers are administered by the American Registry of Internet Numbers (ARIN). The most determinative characteristic of what network an end user is communicating on is what addressing scheme is being employed. See Robert Cannon, Will the Real Internet Please Stand Up.

Law and policy that touches on network addresses has seen an intersection of IP numbers and telephone numbers in the following areas:

Examples of Network Addresses

Examples where a network is defined by its address space (the question "am I on this network" can be answered (partly) by what address space the end user is using)

Examples of point to point networks where the end user originator provides the address for the end user terminator of the communication:




News & Blogs