Millions of Internet Addresses Are Lying Idle

An anonymous reader writes "The most comprehensive scan of the entire internet for several decades shows that millions of allocated addresses simply aren't being used. Professor John Heidemann from the University of Southern California (USC) used ICMP and TCP to scan the internet. Even though the last IPv4 addresses will be handed out in a couple of years, his survey reveals that many of the addresses allocated to big companies and institutions are lying idle. Heidemann says: 'People are very concerned that the IPv4 address space is very close to being exhausted. Our data suggests that maybe there are better things we should be doing in managing the IPv4 address space.' So, is it time to reclaim those unused addresses before the IPv6 crunch?"

screw ipv4

lets just switch to IPv6, it's more functional and future proof

Re:screw ipv4

Hello. I am Hunvi Maguay, premier of Swaziland. If you have an unused IP address we will buy it from you for $6,000,000 right now. In order for us to send you the money, please send us your bank account number along with proof of identity. Your Social Security number would be good. Please tell us your mother's maiden name too. Hurry, our offer will not last long.

Simpler Politics

lets just switch to IPv6, it's more functional and future proof

Yup and it is probably much simpler. Trying to reclaim addresses involves political issues, finding out who to talk to, bureaucracy and some technical issues. Switching to IPv6 is about technical stuff and just getting going. You are going to have to switch to IPv6 at some point, so why spend energy twice?

Re:screw ipv4

Nobody has configured for IPv6 because there's been no forced set date to switch over so everyone is still just using IPv4 which is working just fine.

But when the date comes it'll be a long weekend for a lot of admins, but I'm guessing the switch will happen just fine.

Re:screw ipv4

Nobody has configured for IPv6 because there's been no forced set date to switch over so everyone is still just using IPv4 which is working just fine.

Sure my PCs can all switch without too much trouble; just configuration issues.

Will an xbox, xbox360, PS3, Wii, PSP or DS do ipv6? Will my ipod touch? What about my cell phone? Does my dlink nat/router do it? What about my dlink voip box? My network printer? My cable/adsl modem?

Seriously.

I can't abandon v4 at home (Wii doesn't do ipv6 afaik, nor does my router). Nor can I do it at work... the LaserJet 4050s don't do it unless I upgrade the jetdirect module (which is stupid expensive). I also doubt my cell phone supports ipv6. My parent's have a Wii and a usb-print server that don't d ipv6. My brother in-law has a PS3 and a Wii that doesn't appear to support ipv6. My parents in-law have an xbox and a wifi router that doesn't do ipv6... my cousin has a DS... she's stuck on WEP because it doesn't do WPA... I highly doubt its going to do ipv6.

Re:screw ipv4

Internally yes. Externally no. However my point was; everyone who stands up and says "Screw IPv4 let's move to IPv6" should be sat in front of a border router & told to get on with it.

Everyone can eat salami, precious few can make it.

Re:screw ipv4

Not everyone can eat salami.

• people who observe moral prohibitions on eating salami
• the dead
• people born without faces
• people who can't afford to eat salami
• people with irrational fear of sausages

You really ought to do more research before making such wild claims.

Credit crunch

This is curiously similar to the current credit crunch. When a fix is not guaranteed to happen soon, people start hoarding.

Re:Credit crunch

I was going to use the oil analogy. It's going to run out eventually, so why not switch to something better now before we run out?

Re:Credit crunch

That's a little silly. These allocations were made in the 70s and 80s, before the Internet really existed outside of the US. At the time, the recipients of the addresses were those who were most likely to use them. No hoarding is going on.

Re:Credit crunch

That is hoarding.

No, that's life outside a police state.

Give back class As

Perhaps some of the institutions that still have class A networks reserved from the old days, with no reasonable need for them, should give them back.

Re:Give back class As

Yup, I work for one of them, GE - the entire "3.x" class-A network, 16million addresses - most of our internal network is those 3.x addresses, behind firewalls so basically useless - and even better, I pinged a few external GE sites I know of, and none of them even use 3.x addresses!!

maybe 500K employee's & contractors, even add 500K more for servers and unallocated IP's in the ranges, that's still 15*million* unused. Besides which, we could easily run on 10.x internal networking and NAT/Proxy to outside.

Don't be in a hurry to get them back though... its not a priority! (haha)

And for just 10 dollars a month...

you can give one of these poor unwanted IP's a home.

Why bother?

Would giving them back do anything other than encourage network providers to procrastinate on IPv6 for another couple years?

Why is anyone surprised?

People setting up networks aren't trying to use every single address in their space.

It's far easier to use an entire a.b.c.* as a logical sub-domain than fiddling with netmasks and all that stuff so that a.b.c.1 and a.b.c.200 are on different subnets.

The amount of work people would need to invest to use every single IP address with no holes would be cumbersome. (I'm not saying you can't do it, it's just tedious.) And, you never know when you're going to need to allocate more machines -- I remember getting blocks of IP addresses for static machines in case I needed another machine in the future.

Now, why most people aren't using 10.*.*.* as their internal stuff I'll never know. Since the overwhelming majority of machines on the internet aren't (and shouldn't) be directly routable, it's an awful waste to not have organizations behind NAT-ed firewalls and not drawing from the common pool of route-able IP addresses.

Cheers

Re:Why is anyone surprised?

Quite right, there's no reason whatsoever why 98% of users shouldn't be behind NAT gateways. I've seen stupid situations where bloody printers are assigned a public IP - so people can print to them over the internet - Whaaat??? Furthermore pretty much all VPN client software (excluding Microsoft shite, of course) is NAT-T aware.

One other point, not related to the above, TFA states they are using icmp to determine if a host is alive. Really? What is the margin for error here? Pretty much every device I configure with a public IP & connected to the net, will not respond to icmp (except from designated hosts/host blocks) Guess we can take their figures with a pinch of salt then.

Many addr's may be behind firewalls...

We get this all the time from our ISP's. "Our scans reveal that you're not using much of the space we've allocated to you." In reality, those IP's are behind firewalls that only permit certain customers to reach them. Otherwise they don't respond - even to pings. The IP's appear dead to everyone except authorized users, and our ISP's aren't authorized.

TCP and ICMP

I drop ICMP entirely, and besides our website and mailservers, we don't have any standard tcp ports open on any of our other external IPs. I really can't imagine it's that much different for other medium and large businesses; am I to believe they nmapped the entire Internet? (It's clear FTA that they did not) To me, these findings are not that surprising in the security-oriented world we live in today.

Re:TCP and ICMP

I drop ICMP entirely

Then you're an idiot [freelabs.com] who has no business managing a firewall.

Millions more have been hijacked

In addition to all those lying idle because of excessive address space allocation, there are huge swaths of space which have been hijacked. Recent discussion on the NANOG list has highlighted some of these; the Spamhaus DROP list features others. And other researchers have found still more that are obviously no longer under the control of their putative owners, and are being use for spam, spyware, phishing, and worse. Attempts to get network operators, registrars, ICANN, ARIN, and others to effectively disable these resources -- and eventually to reclaim them -- have been largely unsuccessful. Yes, in some isolated cases, limited action eventualy takes place, but it's far too little far too late to be considered anything close to "effective". We need a concerted, worldwide effort to not only reclaim this space, but to blacklist for life those found currently possessing that -- because (as we've seen repeatedly) they won't be deterred by anything else.

They used ping!

From the article:

The USC research group used the most innocuous type of network packet to probe the farthest reaches of the Internet. Known as the Internet Control Message Protocol, or ICMP, this packet is typically used to send error messages between servers and other network hardware.

My home network is in complete stealth mode, and to them that's another "idle IP" address.

I also love how they arrived to their conclusion:

the team probed a million random Internet addresses using both ICMP and TCP, finding a total of 54,297 active hosts ...
In total, the researchers estimate that there are 112 million responsive addresses ...
but the overall conclusion--that the Internet has room to grow--is spot on

How did this ghetto-science experiment end up on Slashdot again?

IPv4 addresses running out:

the IT hysteria of the early century. just as juicy a media hit as the Y2K panic and fear from last century, but not as much consulting opportunities

personally i'm waiting for 2012, when the elder gods of the mayan calendar awaken and in their rage at not being greeted by chocolate, peppers, and virgins, they reroute all null pointers in all code to the apocalypse. plenty of IT hysteria, plenty of consulting opportunities

Decades?

The most comprehensive scan of the entire internet for several decades

As opposed to the great Internet scans of the 30s?

Wrong! Lying is the correct form.

http://www.grammarmudge.cityslide.com/articles/article/992333/8992.htm [cityslide.com]

http://www.askoxford.com/betterwriting/classicerrors/grammartips/lyingandlaying [askoxford.com]

If you are in the process of putting something down, you are laying it down, but that object once it is there, it is lying. The verb lay has a direct object that the action is performed on. He is laying the book credenza. She is laying her purse on the counter. Once it has been laid, it is now lying. The book is lying on the credenza. The purse is lying on the counter. IP addresses are lying unused.

http://en.wikipedia.org/wiki/Laying [wikipedia.org]