When a packet reaches our network, the first thing we see is where the IP address packet originates from. And we make decisions based on that IP address.
In this post, I will explain what these decisions are and if they make sense. Can we actually use an IP address as a decision point or not?
The Internet as we know it started on 1 January 1983 when ARPANET changed from NCP to the TCP/IP protocol suite. It went through a rapid evolution during the 1980s: In 1985, with the creation of the supercomputer centres program, NSF created NSFNET, a network that connected five supercomputer centres and provided a network for research and education. Then, based on the ARPANET protocols, the NSFNET created a national backbone service.
In 1987, the first Internet Service Providers (ISPs) were created. At that point in time, you would send a mail to IANA, or more precisely to Jon Postel, and ask for a block of IP addresses for your network. Usually, Jon would assign as many addresses to you as you had asked for — or more likely a bit more, because the address architecture looked like this:
Figure 1 — Classful IP address architecture.
Addresses were assigned on 8-bit boundaries. So, we ended up with a few very large blocks (class A), some mid-sized blocks (class B) and many small blocks (class C).
In addition to that, there was a range of addresses (class E) that were pretty much unusable because it was reserved for research and development and many operators today filter packets sent from those addresses.
When I got on the Internet some years ago, we could easily say that an IP address is a host. In those days, every computer on the Internet had a public IP address and a local host address (127.0.0.1.). So, we could say that an:
IP address = identity
However, it didn’t equal the identity of a user, but the identity of a host on the network. In those days, computers were expensive and one host could have had many hundreds of users.
In the late 1980s, the Internet started to grow exponentially and around 1990, we realized the classful addressing architecture described above was wrong and wouldn’t scale. The assigned blocks were either too big or too small, which overall, resulted in very low utilization.
Figure 2 — A map of the IPv4 address space according to xkcd.
So a new technology was developed, called Classless Interdomain Routing (CIDR) that allowed routing announcements not only on 8-bit boundaries but on all bit boundaries from a /8 to a /24.
Over the years, all kinds of factors came into play that affected how we use and understand IP addresses — some made more sense than others (see Figure 3).
Figure 3 — Timeline of factors affecting IP addresses.
Where does this leave us?
Because of this rapid growth of the Internet, we have a diverse understanding of what an IP address is, which is largely based on your experience or even what you learned in school or university. For instance, Cloudflare operates an anycast-only network. That means all of our addresses are advertised in all of our locations. However, it turns out that a lot of people who are doing research in the field of network measurements do not take anycast into account, which basically means they do not understand how large parts of the Internet are operated today. This is scary.
So what do we actually want and need to know about IP addresses? The answer to that question very much depends on your perspective and viewpoint.
In essence, an IP address is just an identifier that helps the routing system to send packets around. But all kinds of other attributes can be attached to an IP address, including:
- The postal address of a registrant
- The location of a user
- Routing aspects: unicast vs anycast
- Services: email, DNS, HTTP, none
Let’s look at some of these attributes in more detail.
Location, location, location
Location is a big thing today and many service providers base decisions on the location of the user, or what they think the location of the user is. Sometimes that is a good thing, so you can reach the content you are looking for faster. But sometimes providers do the wrong thing and the user ends up with ‘craptimization’ instead of ‘optimization’.
In addition to those annoyances, there are also things like privacy rules, GDPR, and an economy’s sovereignty. Different economies apply different rules and regulations and content that is legal in some economies might be illegal in others.
In Cloudflare’s case, we are also trying to optimize traffic based on location and answer the following questions:
- At which Point of Presence (PoP) does the IP address land?
- Where will it move to if the preferred PoP is ‘down’?
- What if the top two/three/four are down?
- What if the ‘transit’ provider goes down? Where will the alternative one take the IP address to?
Some people have decided that some IP addresses are good, and others are bad. How they make those decisions very much depends on what they consider bad. For instance, if an address sends spam, it means it is bad for mail providers, but does that mean it is also bad for a DNS provider?
There are all kinds of lists showing the quality or reputation of an address. But how accurate and up-to-date are those lists? Maybe an address that has been bad yesterday is not bad today?
In addition to all that, there is a whole industry that is trying to figure out who the user is behind an IP address. But didn’t we say above that an address identifies a device? Is that still the case? We invented Network Address Translation (NAT) and carrier-grade NAT and mobility. Do you know how many IP addresses your smartphone had in the last couple of days? Probably more than you think.
So, how long does an IP address live on your device? Some users get a static address if they pay extra. Others get dynamic address assignments, for a number of hours or days. Some people share addresses, other addresses are used for roaming.
Who ‘owns’ IP addresses?
Some of you might think you own the IP addresses you got from your Regional Internet Registry or your ISP. But just like with domain names, you actually lease them.
However, since there is a shortage of IPv4 addresses, they have become valuable and a transfer market has developed that is very lucrative for some and that has led to some abuse.
Note, you should not lend addresses to others. First of all, you don’t actually own them. And secondly, you never know what others will use these addresses for. It is very hard to restore a good reputation.
Think about an IP address as a temporary identifier
Different types of services attach different values to an IP address. See Figure 4 for an overview of the types of values that can be attached to the same IP address, based on the service you’re providing.
Figure 4 — Types of values that can be attached to the same IP address.
Think about an IP address as a temporary identifier. Also, the value you attach to an address very much depends on the type of business you are in. If you are in the filtering business, think about an IP address as an identifier with temporary accuracy. It can change.
Let’s keep the Internet open and trustworthy!
This was presented at the RIPE 78 meeting in Reykjavik.
Adapted from original post which appeared first on RIPE Labs.
Ólafur Guðmundsson is an Engineering Director at Cloudflare and an active participant in the IETF.
The views expressed by the authors of this blog are their own and do not necessarily reflect the views of APNIC. Please note a Code of Conduct applies to this blog.