Millions of Internet Addresses Are Lying Idle

An anonymous reader writes "The most comprehensive scan of the entire internet for several decades shows that millions of allocated addresses simply aren't being used. Professor John Heidemann from the University of Southern California (USC) used ICMP and TCP to scan the internet. Even though the last IPv4 addresses will be handed out in a couple of years, his survey reveals that many of the addresses allocated to big companies and institutions are lying idle. Heidemann says: 'People are very concerned that the IPv4 address space is very close to being exhausted. Our data suggests that maybe there are better things we should be doing in managing the IPv4 address space.' So, is it time to reclaim those unused addresses before the IPv6 crunch?"

screw ipv4

[k3v0 (592611)]

lets just switch to IPv6, it's more functional and future proof

Re:screw ipv4

[by Anonymous Coward]

Hello. I am Hunvi Maguay, premier of Swaziland. If you have an unused IP address we will buy it from you for $6,000,000 right now. In order for us to send you the money, please send us your bank account number along with proof of identity. Your Social Security number would be good. Please tell us your mother's maiden name too. Hurry, our offer will not last long.

Re:screw ipv4

[fm6 (162816)]

The good grammar tells you he's a fake, but what kind? Obviously, a fake scam artist. In other words, a fake fake.

But if he's not a real fake, what is he really? The only possibility that makes sense is that he really is the premier of Swaziland. I suggest you send him the information he requested. Or better yet, send it to me, and I'll handle the transaction for you.

Simpler Politics

[Midnight Thunder (17205)]

lets just switch to IPv6, it's more functional and future proof

Yup and it is probably much simpler. Trying to reclaim addresses involves political issues, finding out who to talk to, bureaucracy and some technical issues. Switching to IPv6 is about technical stuff and just getting going. You are going to have to switch to IPv6 at some point, so why spend energy twice?

Re:screw ipv4

[Anpheus (908711)]

Future proof? Everyone says IPv6 is future proof. No one will ever need more than 2^64 addresses.

That's ridiculous. If we have the addresses, we'll find some way to use them. Instead, it should be IPvX. We should have an extensible standard that the IANA or -someone- can flip a switch on and the routers will add another 8 bits to the address automatically. Need more IPs? Done, 256 times more. This scales well, means we'd never have to go through this again and in thirty years no one will be mocking our generation for this silly attitude of "2^X IPs is enough for the whole world."

Re:screw ipv4

[TheRaven64 (641858)]

Do you have any idea how big a number 2^64 is? There are currently just under 2^33 people in the world. This means that 2^64 is almost enough for every person to have as many IP addresses as there are currently people. It is enough for 2^35 IPs per square kilometre of the Earth - including the sea - or, to put it another way, enough for every 0.29cm^2 of the Earth's surface to have a unique IP. It is enough not just for every computer you own to have an IP address, but for every item of clothing, every item of furniture, and every object in your fridge to have a unique, public, IP, and still have a lot left over. IPv6 will last until nanotech becomes widespread and you want to have networks of nanoscopic devices online - and possibly even then since it would make sense to treat personal area networks as a single public device.

Re:screw ipv4

[BitZtream (692029)]

You're missing the fact that an IPv6 /64 is what a home user gets, not the total address space. The IPv6 address space is 128 bits, meaning you get 2^64 blocks of 2^64 addresses.

Meaning every square millimeter of the earths surface can be assigned approximately 667 quadrillion unique addresses. With your math, I personally can assign every 0.29cm^2 of the Earth an address out of my block alone.
Please see:
http://en.linuxreviews.org/Why_you_want_IPv6 [linuxreviews.org]

Re:screw ipv4

[Synn (6288)]

Nobody has configured for IPv6 because there's been no forced set date to switch over so everyone is still just using IPv4 which is working just fine.

But when the date comes it'll be a long weekend for a lot of admins, but I'm guessing the switch will happen just fine.

Re:screw ipv4

[vux984 (928602)]

Nobody has configured for IPv6 because there's been no forced set date to switch over so everyone is still just using IPv4 which is working just fine.

Sure my PCs can all switch without too much trouble; just configuration issues.

Will an xbox, xbox360, PS3, Wii, PSP or DS do ipv6? Will my ipod touch? What about my cell phone? Does my dlink nat/router do it? What about my dlink voip box? My network printer? My cable/adsl modem?

Seriously.

I can't abandon v4 at home (Wii doesn't do ipv6 afaik, nor does my router). Nor can I do it at work... the LaserJet 4050s don't do it unless I upgrade the jetdirect module (which is stupid expensive). I also doubt my cell phone supports ipv6. My parent's have a Wii and a usb-print server that don't d ipv6. My brother in-law has a PS3 and a Wii that doesn't appear to support ipv6. My parents in-law have an xbox and a wifi router that doesn't do ipv6... my cousin has a DS... she's stuck on WEP because it doesn't do WPA... I highly doubt its going to do ipv6.

Re:screw ipv4

[hedwards (940851)]

What you'd do is upgrade the router. That's it.

Basically new routers would do a 1:1 version of NAT going from IPV6 externally to IPV4 internally. You'd likely still be using the set aside non-connected blocks without problems. As things evolve you'd probably be able to do IPV6 easily internally and ditch that as the network devices support it.

The difficulty of upgrading to IPV6 has never been on that end it's the other infrastructure and the ISP services which were where the actual work, challenge and money were located.

I'm sure that there are other ways of doing it, but that's really the simplest and it allows people to transition on the less important end as they care to or not. It wouldn't make a difference for anybody else.

Re:screw ipv4

[BitterOak (537666)]

If the router is handling the conversion and talking ipv4 internally, why would the devices need to support ipv6 again?

Ok, so let's say you have your router converting packets from IPv6 and IPv4, and translating your internal IPv4 addresses to external IPv6 addresses. Now, let's say you're sitting at your IPv4 computer connected to this magic router. You launch Firefox and type type the Slashdot URL. (More likely, you'd have it bookmarked.) So, what does your computer do? It sends a DNS request to get Slashdot's IP address. Now, in an IPv6 world, this IP address would have 128 bits instead of 32. How is your IPv4 operating system going to make sense of this?

So you might suggest a fancier router that is DNS aware, and translates those addresses back and forth, effectively acting as a DNS proxy. But there is a problem. How do you translate all IPv6 addresses to IPv4 addresses? Considering that the address space for IPv6 has 4 times as many bits, I don't see how this is even possible: you can't assign a unique 32 bit number to each 128 bit number.

So the problem is much more complicated than it first appears.

Re:screw ipv4

[BitZtream (692029)]

Its already well defined, there is no need for anyone to 'agree' on it, it was agreed on years ago.

You are confusing NAT and PAT. I seriously doubt you use NAT anywhere. You are likely refering to PAT, NAT just translates addresses from one to another, a one to one mapping, one address external is used by one address internal. What you are used to using is PAT, with is Port and Address translation, which allows for one external address and many internal addresses.

NATing between IPv6 and IPv4 is well defined and not difficult to do, there are already plenty of cheapy boxes for home use that do it. Hell mine will even setup an IPv6 Tunnel to someplace like he.net.

PAT on the other hand is something no one cares about because the ridiculous amount of IPv6 addresses means we can just give EVERYONE a /64 and they can use REAL NAT rather than PAT to get the job done.

Finally, part of the IPv6 protocol requires support for making IPv4 address space available over IPv6. Practically any router on the planet which supports both IPv4 and IPv6 will have the support to deal with both and bridge between them.

So your statement is incorrect in that NAT is supported by pretty much every router that supports IPv6, what you are thinking of is not NAT, its PAT which no one in the IPv6 world cares about since its an old hack that doesn't need to exist in the new world of IPv6. Because of that, no routers are going to bother supporting it.

For reference, since the defacto standard at the moment appears to be giving individual users a /64 block, From: http://en.linuxreviews.org/Why_you_want_IPv6 [linuxreviews.org]

Number of IP Addresses in a IPv6 /64 prefix, the typical space a home user gets: 18,446,744,073,709,551,616

IPv6 gives citizens the opportunity to become real Internet participants. IPv4 makes citizens into passive consumers who are only able to connect to compartmentalized networks run by companies or governments. This is why the establishment does not want IPv6.

There is a total of 2^128, or 340,282,366,920,938,463,463,374,607,431,768,211,456 unique IPv6 adresses. That's roughly 667 quadrillion addresses per square millimeter of the Earth's surface!

Basically, we can not possibly exhaust this address space on the planet earth, there simply isn't enough matter on the planet to do so, and adding the matter required to do so would result in a gravitaional singularity forming as the matter collapsed onto itself. So ... there is no actual NEED to do it with IPv6.

If you wanted to pick something to worry about, it would probably be the lack of stateful firewalling in those home/cheapie routers which the NATs of today effectively provide a outbound only initiation of connections, with IPv6 and the fact that cheapie routers aren't firewalling by default, we'll end up with a lot more machines fully exposed to the Internet by default.

Re:screw ipv4

[Cajal (154122)]

I'm not confusing NAT and PAT. There was a nice writeup at ars technica recently about the IETF's efforts to define a v6/v4 NAT - http://arstechnica.com/news.ars/post/20081006-ietf-working-on-making-ipv6-and-ipv4-talk-to-each-other.html [arstechnica.com]

Re:screw ipv4

[Chris Pimlott (16212)]

If you're like most of us, all your devices at home are living behind NAT. There's no reason they can't keep living in an ipv4 private network behind an ipv6 router.

Re:screw ipv4

[gnick (1211984)]

The FCC should just mandate a switch to IPv6, if the US leads, the rest of the world tends to follow.

Exactly.

Listen up world! We've decided that you all should be using miles, feet, inches, Fahrenheit, and gallons. Please upgrade your silly metric system.

Re:screw ipv4

[NatasRevol (731260)]

You forgot the real reason.

IPv6 numbers are damn hard to remember.

Seriously, what's easier?

192.168.0.1 or
2001:0db8:85a3:0000:0000:8a2e:0370:7334

Re:screw ipv4

[Bishop Rook (1281208)]

Or 2001:0db8:85a3::8a2e:0370:7334? You can shorthand out those all-0 octets.

Re:screw ipv4

[Finallyjoined!!! (1158431)]

Internally yes. Externally no. However my point was; everyone who stands up and says "Screw IPv4 let's move to IPv6" should be sat in front of a border router & told to get on with it.

Everyone can eat salami, precious few can make it.

Re:screw ipv4

[cream wobbly (1102689)]

Not everyone can eat salami.

• people who observe moral prohibitions on eating salami
• the dead
• people born without faces
• people who can't afford to eat salami
• people with irrational fear of sausages

You really ought to do more research before making such wild claims.

Re:screw ipv4

[goofyspouse (817551)]

Get it on with a border router? That is wrong on so many levels.

Re:screw ipv4

[Sechr Nibw (1278786)]

Only if you stick it in the Outgoing jack.

Re:screw ipv4

[berwiki (989827)]

I love all meat references.

Screw the car-analogy people. Explain how this situation affects me in terms of meats!

Re:screw ipv4

[catxk (1086945)]

Everyone who says we still need IPv4 and should focus on reusing the millions of idle addresses, should be sat in front of the internets and told to get on with it. I for one wouldn't have a clue.

Credit crunch

[Harmonious Botch (921977)]

This is curiously similar to the current credit crunch. When a fix is not guaranteed to happen soon, people start hoarding.

Re:Credit crunch

[toleraen (831634)]

I was going to use the oil analogy. It's going to run out eventually, so why not switch to something better now before we run out?

Re:Credit crunch

[Samantha Wright (1324923)]

That's a little silly. These allocations were made in the 70s and 80s, before the Internet really existed outside of the US. At the time, the recipients of the addresses were those who were most likely to use them. No hoarding is going on.

Re:Credit crunch

[Chaos Incarnate (772793)]

That is hoarding.

No, that's life outside a police state.

Give back class As

[Neil Watson (60859)]

Perhaps some of the institutions that still have class A networks reserved from the old days, with no reasonable need for them, should give them back.

Re:Give back class As

[by Anonymous Coward]

Yup, I work for one of them, GE - the entire "3.x" class-A network, 16million addresses - most of our internal network is those 3.x addresses, behind firewalls so basically useless - and even better, I pinged a few external GE sites I know of, and none of them even use 3.x addresses!!

maybe 500K employee's & contractors, even add 500K more for servers and unallocated IP's in the ranges, that's still 15*million* unused. Besides which, we could easily run on 10.x internal networking and NAT/Proxy to outside.

Don't be in a hurry to get them back though... its not a priority! (haha)

Re:Give back class As

[t0rkm3 (666910)]

As a network security guy in a company with 9 Class B's that are used within the company. (1 is Internet facing) The internal usage of public IP address space is justified by one thing, acquisitions. Every time a company is bought up by our company we have to integrate them into our network. We are already using some RFC1918 space at stub networks(plants/refineries) and for VoIP applications. However, the challenge of integrating 25,000 new IP devices with a conflicting address scope per merger is painful and wasteful.

Re:Give back class As

[Sique (173459)]

NAT is a hassle, when it comes to more complex protocols than simple TCP. I've worked at a customer site which had a slightly... lets put it like this... unorthodox allocation of internal IP addresses. They just gave every site a 10.X.0.0/16, and then they had more than 256 sites (it's a large retailer, that's why). So they started expanding (yes I know, shame on them) into the 9.0.0.0/8 and 8.0.0.0/8 space.

When they bought a company in another country, the sysadmins there absolutely refused to route those nets into the VPN (right they were). So now the customer starts heavily to NAT, so the new company never sees any internal 9.0.0.0/8 and 8.0.0.0/8 addresses.

And now lots of things break. Videoconferencing and VoIP are among the worst offenders, but some complex logistics software they use is playing silly buggers too. And with more than 256 sites it's just not feasible to start readdressing all the IPs. They just don't have the people to do it, and they don't have the time to do it (it has to happen all at once, otherwise just more applications break during the transition period), and they don't have the money to hire enough external people to do it.

It's a lesson why violating RFC1918 never was a good idea, but it is also a lesson that NAT gets you only so far.

And for just 10 dollars a month...

[lobiusmoop (305328)]

you can give one of these poor unwanted IP's a home.

Re:And for just 10 dollars a month...

[NeverVotedBush (1041088)]

Do I get a picture of it and a thank-you letter?

Why bother?

[Timothy Brownawell (627747)]

Would giving them back do anything other than encourage network providers to procrastinate on IPv6 for another couple years?

IBM, Ford, Microsoft, etc.

[Spazztastic (814296)]

If the big fortune 100 companies would dump their IP blocks that they don't use more then 10% of the whole sensationalist scare of "OH MY GOD WE'RE RUNNING OUT OF ADDRESSES" wouldn't even be relevant.

Also, to quote someone from the last three articles related to IPv4 running out, it seems like one of these articles shows up on the main page at least once per month and nothing has changed.

I don't see why any company, even in the expandable future, would use every address in a /8 subnet... unless they have everything open to the internet, which is moronic.

Why is anyone surprised?

[gstoddart (321705)]

People setting up networks aren't trying to use every single address in their space.

It's far easier to use an entire a.b.c.* as a logical sub-domain than fiddling with netmasks and all that stuff so that a.b.c.1 and a.b.c.200 are on different subnets.

The amount of work people would need to invest to use every single IP address with no holes would be cumbersome. (I'm not saying you can't do it, it's just tedious.) And, you never know when you're going to need to allocate more machines -- I remember getting blocks of IP addresses for static machines in case I needed another machine in the future.

Now, why most people aren't using 10.*.*.* as their internal stuff I'll never know. Since the overwhelming majority of machines on the internet aren't (and shouldn't) be directly routable, it's an awful waste to not have organizations behind NAT-ed firewalls and not drawing from the common pool of route-able IP addresses.

Cheers

Re:Why is anyone surprised?

[Finallyjoined!!! (1158431)]

Quite right, there's no reason whatsoever why 98% of users shouldn't be behind NAT gateways. I've seen stupid situations where bloody printers are assigned a public IP - so people can print to them over the internet - Whaaat??? Furthermore pretty much all VPN client software (excluding Microsoft shite, of course) is NAT-T aware.

One other point, not related to the above, TFA states they are using icmp to determine if a host is alive. Really? What is the margin for error here? Pretty much every device I configure with a public IP & connected to the net, will not respond to icmp (except from designated hosts/host blocks) Guess we can take their figures with a pinch of salt then.

Re:Why is anyone surprised?

[bendodge (998616)]

NAT is a hack, not a firewall.

Many addr's may be behind firewalls...

[by Anonymous Coward]

We get this all the time from our ISP's. "Our scans reveal that you're not using much of the space we've allocated to you." In reality, those IP's are behind firewalls that only permit certain customers to reach them. Otherwise they don't respond - even to pings. The IP's appear dead to everyone except authorized users, and our ISP's aren't authorized.

Re:Many addr's may be behind firewalls...

[Timothy Brownawell (627747)]

I wonder what the opposite strategy would do... have the firewall intercept pings, but instead of just dropping them, pretend to be the target and answer them itself.

Fallow-Field Legislation

[VE3OGG (1034632)]

In the oil-business (and in many other fixed-resource industries, more then likely) there is a particular kind of legislation that would likely work very well in such a situation. It is known as 'fallow field legislation'.

It works like this:

If a company finds (or buys) rights to an oil field, they are given five years to start producing from it. If they do not, cannot, or are otherwise unwilling after those 5 years, the rights are revoked and the government (or governing body) will find someone who will and can.

Fast forward to IPv4 -- any address that isn't being used (and by used I mean that there is no web presence, to use of e-mail, etc.) after a certain time period (perhaps 1-2 year(s)) then the address is revoked and put back into the public pool.

Obviously, the easiest way to get around this little regulation would be to put up a place holder page, or redirect it to the main site. This would be much trickier. Likewise, it would not stop the name squatters (and increasingly the registrars) from putting up those SPAM pages, but like I said, it would fix the problem of people just sitting on a resource without using it.

My $0.02

TCP and ICMP

[IceCreamGuy (904648)]

I drop ICMP entirely, and besides our website and mailservers, we don't have any standard tcp ports open on any of our other external IPs. I really can't imagine it's that much different for other medium and large businesses; am I to believe they nmapped the entire Internet? (It's clear FTA that they did not) To me, these findings are not that surprising in the security-oriented world we live in today.

Re:TCP and ICMP

[by Anonymous Coward]

I drop ICMP entirely

Then you're an idiot [freelabs.com] who has no business managing a firewall.

Millions more have been hijacked

[Arrogant-Bastard (141720)]

In addition to all those lying idle because of excessive address space allocation, there are huge swaths of space which have been hijacked. Recent discussion on the NANOG list has highlighted some of these; the Spamhaus DROP list features others. And other researchers have found still more that are obviously no longer under the control of their putative owners, and are being use for spam, spyware, phishing, and worse. Attempts to get network operators, registrars, ICANN, ARIN, and others to effectively disable these resources -- and eventually to reclaim them -- have been largely unsuccessful. Yes, in some isolated cases, limited action eventualy takes place, but it's far too little far too late to be considered anything close to "effective". We need a concerted, worldwide effort to not only reclaim this space, but to blacklist for life those found currently possessing that -- because (as we've seen repeatedly) they won't be deterred by anything else.

They used ping!

[eihab (823648)]

From the article:

The USC research group used the most innocuous type of network packet to probe the farthest reaches of the Internet. Known as the Internet Control Message Protocol, or ICMP, this packet is typically used to send error messages between servers and other network hardware.

My home network is in complete stealth mode, and to them that's another "idle IP" address.

I also love how they arrived to their conclusion:

the team probed a million random Internet addresses using both ICMP and TCP, finding a total of 54,297 active hosts ...
In total, the researchers estimate that there are 112 million responsive addresses ...
but the overall conclusion--that the Internet has room to grow--is spot on

How did this ghetto-science experiment end up on Slashdot again?

IPv4 addresses running out:

[circletimessquare (444983)]

the IT hysteria of the early century. just as juicy a media hit as the Y2K panic and fear from last century, but not as much consulting opportunities

personally i'm waiting for 2012, when the elder gods of the mayan calendar awaken and in their rage at not being greeted by chocolate, peppers, and virgins, they reroute all null pointers in all code to the apocalypse. plenty of IT hysteria, plenty of consulting opportunities

Decades?

[Hikaru79 (832891)]

The most comprehensive scan of the entire internet for several decades

As opposed to the great Internet scans of the 30s?

My experience with RIPE

[Richard W.M. Jones (591125)]

This story rings true. I worked for a company during the dot-com boom and just after which requested an allocation from RIPE [ripe.net] (the European equivalent of ARIN). I was the designated & trained "LIR" (I think that was the term?).

We received 8,192 IP addresses. We actually had them authorized to us in blocks of 256 addresses, and each time we needed another 256 we had to go back to RIPE and justify the expansion. However it is my understanding that the full 8,192 addresses were reserved for us.

We ended up using 3 x 256 addresses, but after a later downturn in the fortunes of the company, even many of those went unused.

I left the company many many years ago. However I notice the company that acquired it is still using those 3 x 256 addresses, and the original 8,192 are still reserved at RIPE. The IP addresses are even registered to the name of a director who was ousted when the company was taken over, at a street address that the company hasn't occupied for many years.

Rich.

Wrong! Lying is the correct form.

[DigitalReverend (901909)]

http://www.grammarmudge.cityslide.com/articles/article/992333/8992.htm [cityslide.com]

http://www.askoxford.com/betterwriting/classicerrors/grammartips/lyingandlaying [askoxford.com]

If you are in the process of putting something down, you are laying it down, but that object once it is there, it is lying. The verb lay has a direct object that the action is performed on. He is laying the book credenza. She is laying her purse on the counter. Once it has been laid, it is now lying. The book is lying on the credenza. The purse is lying on the counter. IP addresses are lying unused.

http://en.wikipedia.org/wiki/Laying [wikipedia.org]

Re:Pedantic Correction for the Headline

[NeverVotedBush (1041088)]

It's best, however, when you are laying someone else -- as in "I'm laying your girlfriend." "I got laid by your wife."