February 2024 IPv4 Auction Sales Report
Prices for most blocks have stabilized. There is some indication that this is a good time to buy /16 and larger blocks.
Prices for most blocks have stabilized. There is some indication that this is a good time to buy /16 and larger blocks.
by IPv4.Global Staff
There are twice as many people on our planet as IPv4 addresses. Plus, each person with internet access is almost certain to use multiple IPv4 addresses. For instance, an address for a home connection, one for an office connection, and one for a mobile data service. Generally, for devices to connect they must do so using unique addresses. While the same address can be used privately at the same time on different networks, connecting such devices to one another doesn’t work.
The expansion in the base number of global internet users and in the number of internet devices that interconnect means many more IP addresses are needed than there are IPv4 addresses. The newer protocol, IPv6, was developed to respond to this problem.
IPv6 is the long-term answer to the scarcity of IPv4 addresses. Adoption has been gradual, and Google measures that almost half of connected devices in 2024 use it. Without an urgent and compelling reason to use IPv6, IT departments and device makers tend to keep IPv4 addresses in use. And so, in demand. Markets offer network expansion without the adoption of IPv6 by way of IPv4 transfer marketplaces.
Computing was expensive and IPv4 addresses were free in the early days of the internet. So many networks got more addresses than they needed. Many of these organizations still have large blocks of unused IPv4 addresses. The Regional Internet Registries (RIRs) have policies enabling the transfer of addresses from those with more than they need to those who need more.
The excess inventory can be redistributed through the market. Companies with a need can buy addresses. All the RIRs (with the exception of AFRINIC) have inter-RIR transfer policies. APNIC and the RIPE NCC have especially flexible policies to support inter-region transfers. Note, however, that all four prohibit transfers to AFRINIC because that RIR does not reciprocate by permitting transfers out of the region.
Data is sent across the internet to IP addresses. If two organizations try to use the same IP addresses, they will each lose some traffic and get a lot of traffic they don’t want. This would be both a security and operations problem.
The RIRs were established to register which organization uses each block of addresses. Their focus used to be on distributing new addresses. But they now focus on data accuracy and managing transfers between organizations.
The RIPE NCC is the RIR serving Europe, the Middle East, and parts of Central Asia. Its full name is Réseaux IP Européens Network Coordination Centre.
APNIC is the RIR serving the Asia-Pacific and its full name is Asia-Pacific Network Coordination Centre.
ARIN is the RIR serving Canada, the United States, and many Caribbean and North Atlantic islands.
LACNIC is the RIR serving Latin American and the Caribbean and its full name is Latin American and Caribbean Internet Addresses Registry.
Map showing the five RIRs’ service regions, published under a CC-BY-A license by the Number Resource Organization
All the RIRs implement policies developed by their communities. Everyone is free to participate in their communities and influence policy decisions. It is the RIR communities that have chosen to develop policies enabling address transfers. The differences between the policies reflect the different needs in each region.
A transfer changes the registered holder of the addresses. Transfers are generally permanent. Only the RIPE NCC supports temporary transfers in 2024. A permanent transfer is very similar to a sale while a temporary transfer is like a lease. Transfers change who has the right to manage the registration data for a block of addresses in an RIR’s database.
Important security services, like RPKI, build on the IP address registry data.
So, how exactly do transfer policies work in their respective regions?
Who | Neither sources nor recipients need to be members but should still have a non-LIR account with RIPE. Non-members must have an agreement with a sponsoring member. |
Requirements | The RIPE NCC conducts due diligence checks. It reviews the transfer agreement before evaluating the needs basis of the request. |
Size | /24 (256 addresses) is the minimum size for transfers. |
Legacy IPv4 | Legacy (Historical) IPv4 addresses can be transferred and may retain their legacy status. |
Fees | RIPE NCC does not charge a transfer fee but there must not be outstanding balances on the membership account. |
Permanence | RIPE policy allows both permanent and temporary transfers. |
Restrictions | Recipients of a transfer must hold the addresses for two years before transferring them away. |
M&A | Transfer restrictions do not apply to transfers arising from corporate mergers or acquisitions. |
Incoming | The source RIR must have a compatible policy. |
Outgoing | The receiving RIR must have a compatible policy. |
Who | Recipients need to sign a service agreement with ARIN. ARIN will sign an NDA with you before you submit any confidential information to it. |
Requirements | ARIN conducts due diligence checks. It reviews the transfer agreement before evaluating the needs basis of the request. |
Size | /24 (256 addresses) is the minimum size for transfers. |
Legacy IPv4 | Legacy (Historical) IPv4 addresses can be transferred but lose their legacy status. |
Fees | ARIN charges a $500 transfer fee for the seller. The buyer must also pay a tiered fee starting at $187.50. |
Permanence | ARIN only supports permanent transfers. |
Restrictions | Organizations that are the source of a transfer may not request addresses for three years. |
M&A | Transfer restrictions do not apply to transfers arising from corporate mergers or acquisitions. |
Incoming | The source RIR must have a compatible policy. |
Outgoing | The receiving RIR must have a compatible policy. |
Who | Recipients in the LACNIC service region must be a LACNIC member. They can join a National Internet Registry if their country is served by one. (If they are members of an NIR, they don’t need to join LAC NIC.) |
Requirements | The recipient of the transfer must get pre-approval from LACNIC . The pre-approval expires after 24 months. |
Size | /24 (256 addresses) is the minimum size for transfers. |
Legacy IPv4 | Legacy (Historical) IPv4 addresses can be transferred. |
Fees | LACNIC charges US$1,000 for transfers smaller than a /19 (8,192 IPv4 addresses). They require a downpayment of UD$200. They charge $1,500 for transfers of /19 and larger. |
Permanence | LACNIC policy does not support temporary transfers. |
Restrictions | Addresses allocated by LACNIC or obtained through transfer must be held for three years before being transferred. |
M&A | Transfer restrictions do not apply to transfers arising from corporate mergers or acquisitions. |
Incoming | The source RIR must have a compatible policy. |
Outgoing | The receiving RIR must have a compatible policy. |
Who | Recipients in the APNIC service region must become an APNIC member. They can join a National Internet Registry if their country is served by one. (If they members of an NIR, they don’t need to register with APNIC.) These are registries providing service in local languages. |
Requirements | The recipient of the transfer must get pre-approval from APNIC. The pre-approval expires after 24 months. |
Size | /24 (256 addresses) is the minimum size for transfers. |
Legacy IPv4 | Legacy (Historical) IPv4 addresses can be transferred. |
Fees | APNIC charges the recipient 20% of the membership fee attributable to the addresses being transferred. |
Permanence | APNIC policy does not support temporary transfers. A proposal to allow them is being discussed. |
Restrictions | Allocations from 103.0.0.0/8 must be held for five years before being transferred. There is no hold period for transfers from other blocks. |
M&A | Transfer restrictions do not apply to transfers arising from corporate mergers or acquisitions. |
Incoming | The source RIR must have a compatible policy. |
Outgoing | The receiving RIR must have a compatible policy. |
IPv4.Global has created a Fee Calculator to make the ins and outs of determining fees easier.
For complete descriptions of fee schedules, click the appropriate link below.
All four RIRs implement similar policies. Each wants to ensure IP addresses are being used efficiently instead of lying unused. They have an incentive to be a good partner to both sources and recipients of transfers.
All require the recipient’s needs to be assessed before approving the transfer. This, and hold periods, are intended to reduce stockpiling.
The needs assessment is simple. But all the RIRs will look closely at documents provided as a part of their due diligence process. They will examine the chain of custody if a block of addresses has been transferred between companies in mergers or acquisitions. They will also look closely at the documents identifying the people signing agreements.
When an organization finds it has an excess of IPv4 addresses they can easily turn their surplus into income. Multiple transactions over time is not a problem as the administrative overhead for inter-RIR transfers is relatively low.
Both sellers and buyers have a larger market when they consider inter-RIR transfers.
Organizations with a growing subscriber base, or need for servers, want to control the addresses used for their services. Buying from other regions gives everyone more choice.
February 22, 2024
APNIC 57 (APRICOT 2024) is being held in Bangkok, Thailand, this year from February 21st to March 1st. This year there are four new policy proposals up for community discussion.
prop-154 (Resizing of IPv4 assignment for the IXPs) – Current policy allows new IXPs to receive /23 (IPv4) and /48 (IPv6) max. Usually APNIC assigns one /24, but after analyzing PeeringDB, they found that new IXPs are underutilizing and large IXPs cannot grow due to lack of IPv4 resources. The objective of this proposal is to change the standard size of IPv4 assignments for IXPs from /23 to /26, but if an IXP were to return the space they were initially assigned, they would be able to receive a replacement of up to a /22. It proposed that new IXPs will get /26 IPv4 assignment by default. Larger allocations (ranging up to /25 or /23) can be requested depending on the number of peers on the IXP fabric. Established IXPs also have the option to request larger allocations or establish new Points of Presence (POPs). Resources allocated must be exclusively utilized for IXP peering and are prohibited from being transferred. IXPs can decide on the global routability of the delegation. This policy proposal suggests that APNIC set aside a reservation of up to /20 for IXPs.
There is a diversity of opinions on the proposal, with some supporting it for its potential to facilitate IXP expansion, and others opposing it because they think once all IPv4 resources are allocated, IXPs can move to IPv6 entirely. Some also oppose this proposal because they don’t think the expansion of IXPs depends on the allocation size, but on market dynamic (factors such as availability of ISPs, CDNs, and Telcos), so they argue that reducing the default size of IP assignments can in fact hinder operations, not the other way around.
prop-156 (Assignment of Temporary IP Resources) – Currently APNIC doesn’t have a policy that allows temporary IP resource assignments, except for experimental space in Section 5.7 of APNIC-127. Entities that need resources for temporary events must use existing delegations under different policies, which doesn’t align with the original justification. The proposal recommends setting aside a /21 IPv4 prefix from the non-103/8 pool, along with a /29 IPv6 prefix and 8 Autonomous System Numbers. Long Term assignment is not practical, so these resources will be designated for delegation to events like conferences and other situations where APNIC deems it appropriate. The proposal suggests reserving 1x /21 from non-103/8 pool, 1x /29 for IPv6, and 8x ASNs. The assignment period allowed is 6 months.
Overall, the sentiments of the community seem to lean toward supporting the proposal, with a recognition of the potential benefits for non-profit events and acknowledgment of some concerns such as: considering for commercial events that are not non-profit, and searching for alternatives that provide similar services. The community members commented on alternatives such as CGNAT and IPv6, but the author justified the proposal by pointing out the constraints of current policies, highlighting the importance of using resources for events without profit intentions, and acknowledging the difficulties that may arise with alternative solutions such as CGNAT.
prop-157 (Temporary IPv4 Transfers) – The objective of this proposal is to modify the existing temporary transfer system (already accepted by the community), to function for leasing in the APNIC region. This approach ensures policy compliance, security, and controlled return of addresses when the leasing period concludes. This will help cater smaller entities with modest investments before they leap into the goal of IPv6 deployment. The policy proposes that APNIC maintain a public record of all transfers of number resources (Ipv4, Ipv6, ASNs), including market transfers, M&A, and legacy transfers. For temporary IPv4 transfers, the log will include the initial and final dates. If transfer period is extended, the log must be updated (requires 30 days’ notice). Once temporary transfer period ends, APNIC will restore the original registration information in the Whois Database. Conditions for permanent and temporary IPv4 transfers: Smallest and largest transferrable IPv4 size is /24 and /22, respectively, per recipient. The address must be either assigned or allocated to current APNIC account holder. Recipient must also be compliant with current APNIC policies, such as providing plan for resource utilization within 24 months. Existing resource holder must show past usage data, evidence of compliance, and a plan that align with the initial expected transfer period. Failure to comply with the supplementary conditions will result in immediate revocation of the resources; the conditions include network abuse, the necessity of an ASN, operation IPv4, accurate IRR and geolocation updates, and adherence to MANRS best practice. If passed, the EC can establish specific rates for these transfers and extensions.
There were mixed opinions on this proposal as well; while most want to support the idea of temporary transfers, before accepting this proposal, they would like to refine the proposal by addressing issues such as the proposal’s impact on current policies, applicable transfer fees, addition a minimum transfer period instead of unlimited extension, and the cost that will accrue with the need for tracking the temporary transfer separately.
prop-158 (IPv6 auto-allocation for each IPv4 request) – Most new members seeking IPv4 don’t request IPv6 even though they are eligible and there is no additional cost. IPv4 allocation rates are higher than IPv6; the author believe that this might slow the deployment of IPv6. The objective of this proposal is to automatically allocate IPv6 addresses to each IPv4 address requests to speed up IPv6 adoption and deployment. If passed, this policy will be added to Section “6.1. Minimum and maximum IPv4 delegation” of the APNIC Policy document. For all initial IPv4 requests, IPv6 will be automatically delegated; they should be put into deployment within two years for the delegation date. For any future IPv4 requests, requestors should be able to demonstrate the deployment status of the automatically delegated IPv6 space. This proposal also covers a range of perspectives; the community touches upon technical and legal topics.
The community discussion mostly revolves around NIRs’ role; some argue that NIRs should not have their own set of policies while others argue otherwise so long as they don’t have conflict with the RIR’s policies. They also discussed the need for clarity in the proposal, and the need to clarify the appropriate IPv6 size for various allocations. Although some members agree to the idea of automatic IPv6 allocation, participants bring up issues and requested clarification on some proposal solution before they can come to a consensus. The community discussed the administrative burden and risks that comes with automatic allocation of IPv6 addresses. They also debated about whether the proposal is relevant to speed up IPv6 adoption and they are skeptical that entities would adopt IPv6 even if the IPv6 delegation was enforced upon them.
Prices remained very consistent from December to January, suggesting that the market has found a new equilibrium. There is still a lot of variation—similar blocks may trade for very different prices—but the average has held steady.
2023 was a very satisfying year for IPv4.Global: we assisted clients in the largest number of transfers ever in a single year. We sold millions of addresses, generating over $262 million in revenue for clients and creating liquidity from otherwise dormant assets. Every sector of the world economy worked with us, both for-profit and not-for-profit organizations.
Our marketplace platform continued to evolve, we were recognized as leaders by a number of international organizations, added some great people to our team, and travelled to over 30 events in 12 different countries.
Throughout 2023 the prices of large blocks (/16 and larger) remained stable. At the same time, all block sizes smaller than /16s fell steadily during the year. It appears that this divergence paused toward the end of 2023. Volume, as in many years past, held at levels of approximately 40 million addresses, worldwide.
During 2022 and 2023 the per-IP prices of various IPv4 block sizes have steadily diverged, with the difference between small to mid-size blocks and larger ones becoming very significant. At the end of 2023, the per-block price of large blocks hovered at $52 per IP address and smaller blocks changed hands at +/- $36.
Many alert buyers and sellers of IPv4 addresses bookmark our Prior Sales page to monitor changes regularly and in real time.
For more information on 2023 pricing developments and predictions for 2024, see IPv4 Price Trends and Expectations.
The Launch of ReView
This year, in collaboration with 6Connect, we launched ReView: the free, first-of-its-kind digital IP address audit and renumbering tool. ReView won immediate and wide-spread acceptance as a robust solution to the challenge of performing a detailed inventory of the IP addresses on a network. For those who haven’t already investigated this terrific application, learn about it and download the tool free. Discover ReView here.
$1 Billion in Sales
In August of this year IPv4.Global reached $1 billion in all-time IPv4 address sales. We have transferred over 60 million addresses worldwide in over 3,500 transfers. We have matched 800 sellers to over 2,000 buyers. In 2023 alone, our transactions valued over $200 million.
ARIN Qualified Facilitator
IPv4.Global was one of the first companies to achieve Qualified Facilitator Status with ARIN – the American Registry for Internet Numbers. The recently launched Qualified Facilitator Program was developed so buyers and sellers of IPv4 addresses can easily and confidently identify the expert brokers qualified to help them navigate the complex IPv4 address transfer process.
RIPE Database Certified
In 2023 three members of our team, Theresa Oo, Akeyla Wallace, and Ceasar Sitt, earned their RIPE Database Associate badges! With this certification, they have proven their knowledge in utilizing the RIPE database to find and interpret data, update information, register assignments, and more. With this qualification, our team is able to better assist our clients wishing to transfer space within the RIPE region.
This year we rolled out a variety of new features on our platform to enhance the customer experience. These features include:
BUNDLES Buyers now have the option to bundle together multiple blocks as long as they are from the same seller, making transfers quicker and cheaper. This feature enables a user to search for additional listings by Seller.
NOTIFY ME Looking for a certain block size or price but can’t find what you’re looking for? You can now set a notification on the platform to send you an email when one becomes available.
SELLER PRICE ADJUSTMENT Sellers now have direct control over the pricing of their blocks. In the past, in order to alter a listing’s price, our clients had to email us to request this change. Today, Sellers can make these changes themselves. Of course, we are always available to help in any way required.
ATTACH DOCUMENTS TO LISTINGS Some sellers require additional documentation for the sale of their blocks. By notifying our team ahead of sale, we add the required documents to the listing, shortening the time required for any necessary communication.
Two International Stevie® Awards
IPv4.Global won a Silver Stevie® in the Company of the Year category and a Bronze Stevie® for Fastest Growing Company in the 20th Annual International Business Awards®. The International Business Awards are the world’s premier business awards program. All individuals and organizations worldwide – public and private, for-profit and non-profit, large and small – are eligible to submit nominations. The 2023 IBAs received entries from organizations in 61 nations and territories.
Winning a Globee® Award
We were pleased to be awarded a Silver Globee for Fastest Growing Company of the Year at the prestigious 13th Annual 2023 Globee® Business Awards. This prestigious program recognizes and honors organizations and individuals from around the globe who have demonstrated exceptional achievements in the world of business. With its inclusive nature, the Globee® Awards welcomed participation from companies and organizations worldwide, offering a unique opportunity to showcase accomplishments on a global scale.
During 2024 we expect to see a reduction in the difference between large-block prices and all others. This disparity will be closed either by falling large-block prices, rising small and mid-size prices, or a combination of both. The per-IP price of a /16 is currently 50% higher than the per-IP price of /17s and /18s. While large networks place an understandably greater value on larger block, this disparity is greater than seems reasonable to us. However, seller expectations may be slow to change. During the past two years supply appears to have expanded, probably in response to higher prices. These new sellers may insist on their anticipated returns, buoying prices.
We are also expecting to see an increase in demand, especially for small blocks, because of AWS’ announcement that it will begin charging $40+ per year for every IPv4 address allocated to clients. As a result, we expect businesses to buy addresses on the market and bring them to the cloud.
To learn more about our expectations for the market this upcoming year, click here.
2023 was a terrific year at IPv4.Global. We assisted in more trades, involving a greater number of addresses than in any year before. Plus, we generated more revenue for clients than at any time in the past. Our team grew, adding significant talent to our staff and we expect that growth to continue, too. We look forward to a great year ahead.
IPv4 addresses in all block sizes traded in tight ranges at the end of the year. While not indicated on the average price chart shown here, 2023 ended with significant increases in volume of addresses traded in all block sizes. A marked increase in the sales volume of medium sized blocks (/19 – /17) occurred.
by Leo Bicknell
Many higher education institutions received their IPv4 address space when the available space seemed nearly infinite. Today that IPv4 space can be worth a substantial amount of money. IPv4.Global has experience developing Financial Strategies for Universities with Surplus IPv4 Addresses. University CTOs and administrators are often surprised to learn How Education Institution Sell Unused IPv4 Addresses for Millions.
Read on to learn some of the history, and the process to unlock this hidden value.
From 1983 until approximately 1993 the IPv4 space was allocated in classes. There were effectively three sizes of address space, small (Class C or /24; 256 addresses), medium (Class B or /16; 65,536 addresses) and large (Class A or /8; 16,777,216 addresses). Most higher education institutions were clearly larger than the small size, so they were allocated a Class B.
Eventually CIDR addressing was put in place to delay the predicted runout of IPv4 space and to allocate more appropriately sized blocks. This technology also allowed institutions to use their allocations more frugally than before. Adding NAT technologies could allow the university to only need a very small amount of IP address space, perhaps a /22 (1,024 addresses).
The process to unlock the value in an institution’s IPv4 space will be unique to each situation. IPv4.Global can tailor its approach to each institution to specifically meet their needs. There are some common elements seen with all institutions.
Most importantly, these steps need to happen without disrupting the educational mission of the institution. IPv4.Global has the experience necessary to guide this process so that students, faculty, staff, and administrators see no interruption in their service.
To access the usage and value of IPv4 assets a proper inventory is required. Some institutions have detailed records, often in the form of IPAM (IP Address Management) systems like Solarwinds, Infoblox or BlueCat. Some institutions have incomplete historical records and may not have a usable inventory. Even with detailed records it can be prudent to verify that the deployed network matches the documentation.
IPv4.Global’s ReView tool uses network scanning techniques to discover all the address space in use in the organization. This can serve as an audit of the existing IPAM data or provide brand new insight for institutions that have lost historical records.
In addition to inventorying the IPv4 address space, it is also important to inventory the network equipment. Existing equipment may be reconfigured for NAT or IPv6, and it is important to ensure the hardware and software are capable of their tasks.
The ReView tool is a local tool that runs on your network, no information is sent to the Cloud or IPv4.Global. Best of all, this resource is free (registration required)!
Most institutions will have to do some amount of renumbering to maximize the value. Typically this involves determining if a particular use needs a public or a private IP address, and then consolidating network addresses for things that do need public IP addresses. An action plan can be created to efficiently complete the engineering and deployments necessary.
While many institutions’ existing staff can implement the action plan there should be a review if that is the best use of their time. IPv4.Global can provide consulting services for part or all the work allowing the existing staff to keep other initiatives on track.
An important, often overlooked step in the preparation is to check the reputation of the IPv4 address space and clean up any entries on Reputation Block Lists (RBLs). This step is particularly crucial if the IPv4 space has been used for student access. Buyers of IP address space will check if the space is listed on blocklists, reducing their bids if the space needs to be cleaned up. IPv4.GLOBAL can provide a report from major RBLs for an institution’s addresses, and supporting clean up negative information.
The deployment of IPv6 might also be a key element to freeing up IPv4 address space. IPv6 is operational across the Internet today. An institution with a mature IPv6 deployment may be able to move internal services to IPv6, knowing that all users are on IPv6 capable networks. If an institution has not fully deployed IPv6 part of the action plan can be completing the deployment.
A typical action plan would have the following steps:
What is an IPv4 Broker and Why Are They important? A broker acts as the essential lubricant for the frictional market, greatly streamlining the previously-cumbersome process of pairing buyers and sellers together. There is no requirement to use a broker but navigating the process without one can be daunting and error prone. Brokers can serve to protect your interests, including getting top dollar for the address space.
A top broker will provide reliable and transparent information and services. Ideally, they’ll be able to facilitate transactions of various IPv4 block sizes, ranging from smaller online transactions to much larger private transactions.
IPv4.Global is an experience broker that knows what The Best IPv4 Brokers should do for their clients. Knowledgeable in IPv4 Address Prices & Pricing to balance getting top dollar with selling in a reasonable timeframe. IPv4.Global also offers a multi-tiered platform in addition to private brokerage services.
The Transfer Process
IP address space is managed by five regional RIRs (Regional Internet Registries). While ARIN (American Registry for Internet Numbers) is the most well known in North America, when IP space is transferred it may involve one of the other RIRs depending on the location of the buyer and seller. Each RIR has its own rules for how these transfers must be processed.
IPv4.Global is an ARIN Qualified Facilitator, a trusted intermediary for this process. During the process IPv4.Global will assist in verifying the Chain of Title of the IP space. This critical work provides assurance that the transfer will meet all the rules and requirements of the RIRs and be processed quickly for both buyer and seller.
IPv4.Global has already helped multiple higher education institutions complete this process. Lewis & Clark College identified the address space, took steps to monetize its inventory of IPv4, including moving multiple services behind a NAT, and eventually was able to sell some of their IPv4 space via IPv4.Global’s IP Marketplace.
IPv.4 Global also helped Hartwick College with a similar process. In this case IPv4.Global was able to provide a tailored financial package to help the college renumber and realize the benefits of their holdings.
It appears midsize and small block price declines are slowing and may have leveled off. No /16s were traded on our platform in November. As a result, /16 prices are represented here as unchanged.
by Leo Vegoda
There were about 2,000 IPv4 transfers in the European region in 2022. But since inter-region transfers became possible, companies in the region have transferred 756 blocks originating in other regions. And they have transferred 350 blocks out to companies in other regions. Inter-region transfers aren’t the majority of the market but they are a significant part of it.
That’s because of the distribution of IPv4 address space. ARIN, the registry for North America, manages about 100 /8s of IPv4 space. The registries for the Asia Pacific and Europe manage 53 and 50 respectively. Nine more /8s are managed by the registries for Africa and Latin America.
Anyone buying or selling IPv4 address space has a bigger market when they consider an inter-region transfer. It has been exercised enough that there are strong processes in place. An inter-region transfer is very similar to an intra-region transfer.
Some people might hesitate to involve a second registry in their transfer transaction. But with years of experience, these processes are now mature and efficient.
There are five Regional Internet Registries (RIRs). They manage, distribute, and register IPv4 and IPv6 addresses and Autonomous System Numbers in their regions. Each region is roughly continental.
The IP addresses you use are registered in an RIR database. A transfer happens when the registration is updated to reflect a new owner for the block – or when the block moves from one RIR’s database to another. So the RIR must manage the transfer process.
Their policies are decided by their communities. Anyone with an interest can participate in RIR policy development, which happens on email discussion lists and at public meetings. The five policies are broadly similar with regional variations.
Fig 1: The geographic boundaries of the five RIRs
RIR | Full name, geographic scope, and membership size |
AFRINIC | The African Network Coordination Centre was established in 2005, is based in Mauritius and serves Africa. It has over 2,000 members. |
APNIC | The Asia-Pacific Network Coordination Centre was established in 1993, is based in Australia and serves the Asia Pacific. It has almost 24,000 members. |
ARIN | The American Registry for Internet Numbers was established in 1997, is based in the USA and serves the United States, Canada, many Caribbean and North Atlantic islands. It has over 17,000 members and over 15,000 organizations that got addresses before ARIN was formed. |
LACNIC | The Latin American and Caribbean Internet Addresses Registry was established in 2002, is based in Uruguay and serves Latin America and the Caribbean. It has over 12,000 members. |
RIPE NCC | Réseaux IP Européens Network Coordination Centre was established in 1992, is based in the Netherlands and serves Europe, the Middle East and parts of Central Asia. It has over 23,000 members. |
The RIRs are all operationally and financially independent. But they cooperate on shared activities that serve their common stakeholders through the Number Resource Organization.
It was established in 2003 and its mission is to contribute to an open, stable and secure Internet, through:
Inter-RIR transfers are an example of this. Its engineering teams have coordinated to ensure that a registration is removed from one database when it is added to another. This is vital to avoid confusion over which organization is responsible for an address block. This is often referred to as “uniqueness.”
All five RIRs give the accuracy of registration data a top priority. In the 1990s and early 2000s they focused on ensuring that organizations did not get more space than they could justify under the policies. Now that their IPv4 pools are empty they make sure they have accurate information for the organizations behind the addresses in their registries.
The RIRs’ Know Your Customer checks protect everyone. The RIRs won’t let a transfer go ahead unless they can tie the addresses to the organization selling them.
In contrast, industry blogs often report court cases about domain names that might have been stolen being sold in that secondary market.
Inter-RIR transfer policies were developed about 10 years ago. The policies and the processes to implement them have been refined since then.
APNIC, ARIN, and the RIPE NCC all have mature inter-RIR transfer processes and they are reciprocal. This means that the recipient of the transferred addresses must demonstrate that they need them. The criteria for the need are the same as if it were an allocation from the RIR.
One example of the maturity of these processes is that live, routed addresses can be transferred without an interruption to service. APNIC staff reported this in the informal RPKI Discord community in September 2023. This means that behind the scenes things, like IRR and RPKI entries must be coordinated.
AFRINIC’s board has not yet adopted a policy for inter-RIR transfers. A new board will be appointed early in 2024 and approving an inter-RIR transfer process is likely to be one of the first policy items on their agenda.
LACNIC implemented a policy allowing inter-RIR transfers in July 2020 but not many had been completed by mid-2023. LACNIC was the source of 20 transfers and the recipient of 28.
Transactions involving LACNIC typically take several months and require a wet ink signature. This means moving a paper document around the world. It can take several days or weeks to get responses for LACNIC transfer tickets. This longer process often drives a lower price for IP address transactions involving LACNIC.
While the policies and supporting processes vary between the RIRs, they are reciprocal. This means the main differences buyers and sellers will experience are the forms they complete.
The origin RIR will make sure the organization transferring the addresses away has that right. When the RIR allocated those addresses itself this is easy. When the addresses were allocated by someone else – another RIR or a pre-RIR registry – they will check the chain of custody. In some cases this is simple. For instance, educational institutions are less likely to be involved in mergers and acquisitions. But commercial organizations often are.
The RIR will check that the block of addresses being transferred is properly controlled by the organization selling them. Sometimes this involves checking company registry information and looking at other sources.
The RIRs want to avoid transferring resources when there is any dispute as to their status.
The recipient of the transfer will be subject to a “needs based assessment” by the receiving RIR as that is where the addresses will then be registered. This assessment will check that the buyer intends to use the addresses on an operational network.
It will also check that the network makes efficient use of the addresses. This means using at least 25 percent straight away and half within a year. This means checking an addressing plan. IPv4.Global has experts who can advise on how to design and document an addressing plan.
Each RIR manages its own fee schedule. Some have specific transfer related fees. APNIC and ARIN require their fees to be paid in advance. LACNIC’s fees can be paid in installments.
RIR | Fees and payment requirements |
APNIC | 20% of the Annual Fee applicable to resources being transferred. It must be paid by the buyer for incoming transfers and seller for outgoing transfers. APNIC’s fees are denominated in AUD. |
ARIN | The seller pays ARIN $500 and the buyer pays a fee based on the size of the address block. |
LACNIC | There is a $200 filing fee for the request. If the request is approved there is an additional $1,000 fee for blocks of up to 8,192 addresses (a /19), and $1,500 for anything larger. |
RIPE NCC | There are no transfer fees but the seller must have paid its membership fee. |
The RIRs want IPv4 addresses to be used on networks. They don’t want them to become an investment vehicle.
RIR | Limitations |
APNIC | Allocations from 103.0.0.0/8 must be held for five years before being transferred. There is no hold period for transfers from other blocks. |
ARIN | ARIN requires addresses to be held for five years after being issued from the waitlist, or 12 months for other space. The hold does not apply to addresses acquired through mergers and acquisitions. |
LACNIC | Transferred addresses must be held for a year before being transferred again |
RIPE NCC | IPv4 addresses must be held for two years before being transferred, including addresses acquired through M&A. The hold does not apply for legacy addresses if treated as a legacy update. |
You can buy or sell IPv4 addresses in the larger inter-RIR transfer market in just five steps. Of course, you might have particular needs. We can help you with them and provide help beyond these five process steps.
Inter-RIR transfers offer a larger market for buyers and sellers. As a Qualified Facilitator, IPv4.Global can smooth your journey through the process. We have brokered over $1 billion of sales and can help buyers and sellers complete their transaction.
Call us on +1-212-610-5601 or write to info@ipv4.global. We can help you achieve your business objectives.
by Leo Vegoda
Mark Zuckerberg changed Facebook’s motto to “move fast with stable infrastructure” in 2014. He told Business Insider that they’d continue to move forward “even if we move a little bit slower.” Considering how and where to move is a part of maturing.
IP address registries have matured. Once they were central to rapid innovation; now they are foundational network infrastructure. Their tools have become better and more reliable because users test them every day. The RIRs improve the tools when users get stuck and ask questions.
Tool development is often rapid but governance moves slowly. Governance is tested less often. APNIC’s Executive Council (EC) meets just four or five times a year. APNIC members elect new EC members for two-year terms each year. That slow pace is reflected in the number of changes to its by-laws since 1998: two.
Why does this matter? How could an unstable APNIC impact network operators and ordinary internet users?
One way to answer this question is to look at comparisons. IP addresses are a bit like land. So, APNIC is a bit like a land registry. Landowners could lose title to their land if a land registry is poorly run. All the services that rely on land registry data would become less reliable.
Governments spend money so everyone has internet access because it’s so important. And as more business relies on the internet, its security becomes more important. APNIC and the other RIRs issue digital certificates linking IP addresses to owners. Many networks now use them to increase the integrity of the paths data takes across the internet. The integrity of these RPKI certificates is more important each day.
Revoking an RPKI certificate – or even sustained interruptions to service – would be bad for the network operators. It would also impact the users who rely on the services those networks support. Flight plans and taxes are essential functions that are now filed on the internet.
APNIC isn’t handing out much IPv4 space now. The little they issue comes from space they reclaim. All five Regional Internet Registries (RIRs) see a trickle of space coming back to them when organizations close. The precise amount varies but it hovers around 100,000 IPv4 addresses per year. That’s a bit more than a /16, often known as a Class B.[1]
IPv4 addresses are worth at least $35 each and AWS’s new pricing prices their use at $47 each per year. At those prices, APNIC’s trickle of space is worth millions, and there’s a little more of it each year.
The stability of the RIRs depends on company law, organizational by-laws, and implementation.
APNIC adopted a code of conduct for EC candidates in December 2022. Clause 8d forbids using whois or lists “for electioneering or spam (for example, by using whois data to send unsolicited emails).” Nonetheless, there were reports of candidates spamming voters in the 2023 election campaign. Others worried that four of the candidates came from just one organization.
APNIC warned members about the unsolicited calls impersonating it. Its warning explained that it “will never call Members to discuss EC election candidates.” It ended up hiring a law firm – Maddocks – to oversee the election code of conduct.
None of the four linked candidates was elected but the experience scared some members. Australian computer scientist, Karl Kloppenborg, proposed a set of governance reforms. He reasoned that they were so important that it was important to engage the APNIC members based outside the region who tend not to vote.
Karl Kloppenborg’s proposals focused on ensuring diversity, reducing the risk of candidates having a significant conflict of interest, and formally defining who is accountable for ensuring a free and fair election.
APNIC’s members urged the EC to act on them. It did. Their governance review took his proposals and turned them into by-laws changes. Members voted on them at APNIC 56 in Tokyo – and online.
A quarter of APNIC’s 9,700 members voted. They overwhelmingly supported the five changes. In the future:
25 years ago, when APNIC’s membership was much smaller, the first four would have been easy. Candidates’ employers tended to be smaller. APNIC was a less attractive prize.
But the industry is bigger now. Consolidation means that some companies are huge global corporations. And APNIC as both an internet “land registry” and a key component in internet security is increasingly attractive to a wide group of people whose interests aren’t aligned with the needs of most members.
These by-law changes were well designed and should help protect APNIC’s integrity for years to come.
by Lee Howard & Peter Tobey
Predicting rational behavior on the part of market participants invites two problems into the resulting projections. First, people almost always include some element of irrational thinking in their decisions. Second, no predictor can know every variable – even only the rational ones – or weight those they know with perfect accuracy.
So, good predictions are good guesses made by experienced market observers. At IPv4.GLOBAL we consider ourselves unusually well exposed to the marketplace and so, well-informed about its works. These are our guesses about the future.
During the past twelve months, supply of IPv4 addresses has outpaced demand. The IPv4.GLOBAL marketplace – the largest and so most-representative in the world – now lists over 200 blocks for sale where in the recent past this number was 50 offerings. Some of this supply may be the result of several connected influences.
During the past three years IPv4 prices have, overall, risen. These higher prices enticed reluctant sellers into the market, especially as economic stress following the pandemic moved organizations to monetize available assets. At the same time, network operators, aware of the increased value of IPv4 inventory, have focused on efficiency. More efficient networks lead to more unused inventory that is available for sale and reduces the demand for additional address space.
We do not anticipate any change in either of these two factors.
Beginning in early 2022, IPv4 address prices have inverted: large blocks are selling for more than smaller ones. Since then, they have also diverged, with the difference between small to mid-size blocks and larger ones becoming very significant. The per-block price of large blocks currently hovers at $52 per IP address and smaller blocks change hands at +/- $36.
While some premium for large blocks is reasonable in light of their relative scarcity, the difference in price between small and large blocks appears to be larger than could be expected. The significance – some say irrationality – of the spread shown above is unlikely to persist.
The above illustrates an associated-but-different phenomena: Prices have not simply diverged, separating large block prices from all others, they’ve scattered. Until mid-2021 all IP addresses traded in a fairly narrow price range. There was some significant difference between large blocks and all others (large blocks commanding lower prices per IP address). But the per address price difference among all address block sizes was small and individual blocks within any given class traded very consistently.
The 2021 and thereafter scattering of prices for smaller blocks has continued. That is, the variability of pricing even among recent transfers of the same block size can be quite different. Today, we regularly see small-block transactions varying from $30 to $40 per IP address in the same week.
We expect to see the broad price difference between large blocks and all others reduced in the next twelve months as prices converge. This disparity will be closed either by falling large-block prices, rising small and mid-size prices, or a combination of both. It should be noted that recently, small and mid-size block prices appear to have stabilized, perhaps in anticipation of a recovery.
Put differently, the per-IP price of a /16 is currently 50% higher than the per-IP price of a /17. While there is an understandably greater value to the larger block to sizable networks, this disparity is greater than we expect will be the case in the long run.
Resisting any fall in the price of large blocks, seller expectations may prove sticky. During the past two years supply appears to have expanded, probably in response to higher prices. It is difficult to predict how those expectations will slow or otherwise resist the changes outlined above.
Finally, it remains likely that the variety of prices currently traded for small and mid-size blocks will persist. The result is likely to be a consolidated but still broad band of per IP prices going forward.
AWS has announced they will begin charging for every IPv4 address an account is allocated or using on the platform, starting February 1, 2024. That’s a change from the current scheme, which only charges for addresses a customer reserves, but aren’t using, or if the account reassigns the same address over a hundred times a month. We expect Alibaba, Cloudflare, Google, and Oracle to have similar policies or plans.
With AWS’s price over $40 per address per year, we expect businesses to buy addresses on the market and bring them to the cloud. This will noticeably increase demand, especially among small blocks. That increase will contribute to the continuing stabilization of these blocks’ prices and/or their increase.
In sum, we expect prices to – overall – remain stable but the disparity in pricing among different block sizes to be reduced. Price increases may occur, overall, but we expect them to be small and result in broadly converging prices across all block sizes.
November 27, 2023
On September 4, 2023, Jeroen Lauwers of A2B Internet, and Tore Anderson of Redpill Linpro submitted the policy proposal “Add AGGREGATED-BY-LIR status for IPv4 PA assignments” to the RIPE community. This proposal seeks to standardize the application of the RIPE policy across all internet resources, regardless of status and decrease the workload for LIRs when registering their IPv4 resource assignments.
RIPE policy currently dictates that an LIR needs to register each IPv4 assignment on an individual basis, with exception to addresses that are “used solely for the connection of an End User to a service provider (e.g. point-to-point links)”. These assignments are then shown as part of the service provider’s infrastructure. This exception is sometimes applied to addresses that are not only used to establish a connection between an End User and their service provider, to avoid registering many small assignments. Thus, if an LIR is completely compliant with the RIPE policy, the amount of labor needed to maintain their organization’s account is high.
The proposal will add a status for IPv4 address space called “AGGREGATED-BY-LIR” which will allow LIRs to create one INETNUM object to represent multiple IPv4 assignments that have the same contact information and purpose. Thus, LIR compliance with RIPE policy will increase as other uses for IPv4 assignments are covered by the new status. The IPv4 policy for “AGGREGATED-BY-LIR” would mimic the IPv6 policy for the status of the same name. However, the policy will not require the use of the “assignment-size” attribute as it is mainly used to calculate an LIR’s HD-ratio (which is not currently utilized for IPv4 address space).
The discussion phase for this proposal lasted from September 4, 2023, to October 3, 2023, during which concerns were raised and community support was found. One concern was that the requirement for the “assignment-size” attribute is not included which leaves the assignment boundary between end-users to be unpublicized. Therefore, if someone is receiving spam from a specific IP address, they are not able to block the whole assignment the IP comes from, and not the other parts of the aggregation assigned to other users. Another concern is that the End-Users of these assignments will be anonymous as the contact information for each aggregation will be the LIR’s. These concerns have raised questions around the importance of this information to the RIPE community and the operation of the RIPE database as the provision of this information seems to already be lacking. Despite these concerns, most of the community seem to support this proposal.
RIPE determined that these concerns did not require a new discussion phase, and a proposal document was drafted on October 3, 2023. RIPE is now on to the review phase as of October 27, 2023.
This proposal will be discussed at the RIPE 87 conference in Rome, Italy on November 29, 2023. A Live Stream is available; to join the conversation online, free registration is available. Other topics to be discussed include the purpose of IPv4 assignment registration, the future of IPv6 policy, and updates from RIPE registration services, RIPE policy, and NRO NC / ICANN ASO AC.
November 26, 2023
You can now bring your own ASN to AWS’s Virtual Private Cloud (VPC). They already let customers bring their own IP addresses. Customers must already have IP addresses configured to use the service.
This new feature gives AWS VPC customers full control of the Internet Number Resources they use. Customers or partners won’t have to change allow lists when you move services in or out of AWS.
This new feature is available everywhere apart from China.
by Leo Vegoda
Every device connecting to the internet must have a numerical address. That address is part of a block of addresses used by a network. The smallest block that can be used on the internet is 256 IPv4 addresses.
Rules for numbering (addressing) devices are called the Internet Protocol (IP). These rules define the format of an address so data can travel from network to network and arrive at the intended destination. Nearly all internet-connected devices each have a unique IP address.
Internet Protocol version Four (IPv4) was the first version of the Internet Protocol put into production. Almost all the IPv4 addresses have already been allocated. It is still the most popular version of the Internet Protocol. IPv6 is newer but less than half of all internet traffic uses it.
Each continent has a registry that lists who is using IPv4 and IPv6 addresses. This helps to ensure that one IP address isn’t duplicated anywhere. It also helps network operators coordinate with each other when there is a technical problem.
These Regional Internet Registries (RIRs) perform a similar function to a land registry. They make sure that the registrant is a real person or organization. They make sure they have contact details for the registrant. They have rules, developed by the public, detailing who is eligible to get how many addresses.
Since the RIRs have given out all of the IPv4 addressses, the only practical source of IPv4 addresses is other networks. Motivating someone with a network to renumber and given up an asset requires compensating them, so RIR policy allows for organizations to transfer their addresses in part or in whole to another organization.
In the early days of the internet computing was expensive and addresses were free. IPv4 addresses were allocated in three block sizes: large, medium, and small (Class A, B, and C) to make things easier for the slow and expensive computers of the time.
But computing is now much cheaper. As the RIRs saw that they would run out, new technology was developed to allow sizes in between large, medium, and small. This meant the RIRs could give out only as many addresses as were immediately needed. This increase in efficiency delayed the IPv4 runout for many years. What’s more, an organization that had a medium size block might be able to sell half of it. One network can use multiple blocks of different size if they are needed.
Some RIRs have policies to help new market entrants get some IPv4 addresses from a small, reserved pool. Most of this pool comes from addresses returned when organizations go out of business. RIRs typically see about 100,000 IPv4 addresses come back each year – but it varies.
Getting IPv4 addresses directly from an RIRs’ is less costly than buying them on a marketplace but this comes at the cost of a long wait. To get a small number of addresses direct from an RIR, you’ll wait at least two years after joining the ARIN or RIPE NCC waitlists!
IPv4.Global reviews the organizations we do business with. We make sure the seller has the addresses and the buyer is real. We look at the individuals representing those organizations to make sure they are actually employed there. RIRs also review this information as a part of their due diligence checks. The RIPE NCC documents what they check. The other RIRs check these things, too, each with slight nuances.
IPv4.GLOBAL protects both buyers and sellers with an escrow service. It also offers a third-party alternative through its partner escrow.com. IPv4.GLOBAL has negotiated a 20 percent discount on the escrow.com fees for our clients.
With IPv4.GLOBAL, you can pay on a card for transactions up to $30,000. In 2023, that’s enough to buy up to a /22 (1,024 addresses). Learn more about IPv4 block sizes and CIDR.
AFRINIC does not support inter-region transfers yet. AFRINIC policy does allow transfers within the region but there have not been many. AFRINIC policy requires organizations to return addresses that are not being used, and so transfers are uncommon.
ARIN has an efficient transfer process. Transfer tickets typically take less than a week. Some have completed in a single business day. Providing all organizational background documents speeds up the ARIN process. Our transfer experts can advise you on the documents you’ll need.
APNIC has an efficient transfer process. Clients in Europe and the Americas should be aware that APNIC’s business day ends before theirs starts. So inter-RIR transfers involving APNIC take a couple of extra days. APNIC’s responses typically come the day after a message from Europe or the Americas.
The RIPE NCC has an efficient transfer process. Transactions typically take just a couple of days. We can guide you through their process.
LACNIC’s process is still developing. Transactions typically take several months. Transactions require wet ink signatures from all parties. This means moving a paper document around the world. Response times on tickets are often several days or weeks. This longer process often drives a lower price for IP address transactions involving LACNIC.
The RIRs want IP addresses to be used for internet connections. To reduce speculation by investors who won’t actually use the addresses, some of them require organizations to hold the addresses for a period before transferring them again.
Some organizations got IP addresses before the RIRs existed. Those IPv4 addresses have a special legacy status. One advantage of the legacy status is lower fees or no fees. But it comes at the cost of access to fewer services. For instance, organizations using legacy IP addresses can’t get RPKI certificates for them from ARIN without signing an agreement.
When legacy addresses are transferred within ARIN, APNIC, or LACNIC they lose their legacy status. But when they are transferred within the RIPE region they can retain their legacy status. This also applies to legacy transfers from APNIC to RIPE. This is advantageous for some organizations, like treaty organizations or government bodies who cannot become a member of another organization. It also means that the hold timer does not apply, and the buyer can immediately transfer their address space.
Some organizations value legacy status and will pay a premium for legacy addresses. Many others don’t care.
Many companies rely on knowing where an IP address is to provide a service. Some video streaming is only available to specific regions. Some banks see hacking attempts from other countries and block addresses listed there. Some web sites simply use the best known location of the IP address to decide what language to show.
Information about the geographic location of a device based on IP address (GeoIP) comes from several sources, and is sometimes unreliable. Network operators can publish information giving information about GeoIP in an appropriate level of detail to help their users and these other services. IPv4.GLOBAL can help in publishing this information.
Anyone can run an internet network. When a new network comes online, they “announce” their IP addresses to their neighboring network(s). To protect against mistakes bringing a network offline or addresses being announced by the wrong network, many network operators register their internet connections in Internet Routing Registry (IRR) databases. Networks build filters that limit the scope of misconfigurations. It’s important to register a policy and IPv4.GLOBAL can show you how.
Misconfigurations can cause outages. RPKI was developed to provide a more secure version of the IRR databases. It uses digital certificates to reduce “fat finger incidents” or intentional hijacking. It’s a way to link IP addresses with the number identifying the network announcing them. That number is an Autonomous System Number (ASN). The RIRs are making it easier to create and renew your RPKI records. IPv4.GLOBAL can help get it set up.
Some people send spam and attack networks. Several databases have been established to collect and report information on the reputation of the IP addresses where this happens. Organizations use them when deciding whether to accept mail, or even let their users load certain web pages.
IPv4.GLOBAL can help assess the reputation of IPv4 addresses, and can help clean up that reputation when the bad actors have been removed and vulnerabilities have been blocked.
/16 average prices have held very steady, varying by pennies each month. Prices for small and medium blocks are falling slower than they had been, and appear to be finding a bottom.
October 31, 2023
At ARIN 52 in San Diego, all policy proposals were discussed with no conclusions. Since these proposals were all “Draft Policies,” under ARIN’s Policy Development Process, they are too new to get a sense for whether the community supports them.
Before we jump into the policies, we wanted to provide some insight on the ARIN waitlist at this time. It was addressed at the meeting that as of this past October there are 705 ARIN members on the waitlist and the wait time is expected to surpass 3 years. Currently ARIN receives around 150 requests quarterly and of those they only fill 30-50. Some potential improvements discussed were lowering the maximum allocation from a /22 and lower holdings down from /20.
Draft Policy ARIN-2023-2: /26 initial IPv4 allocation for IXPs
It was addressed that this was based off an APNIC proposal that couldn’t meet a consensus and operators “won’t waste time with /26 exchange”. The author of this proposal brought up a few edits not part of the draft, one of which was that the data used came from Peering DB which is not an accurate representation of IXP Peers, according to members in the community. A concern raised was whether this would affect previously acquired /24 blocks, to which it was clarified that this would only apply to new ones, filtering out existing. Several people who chose to participate opposed, even with edits, because they don’t want to hurt small startup IXPs. The majority of those who provided feedback were against this policy proposal. One person did suggest that with development dollars going into new internet builds, there may be many more IXPs coming online in coming years.
Draft Policy ARIN-2023-4: Modernization of Registration Requirements
Changing “reallocations” to “reassignments” was thought to collide with a previous proposal to delete assignment as reassignments still exist. In ARINs NRPM reallocations are defined as IP addresses sub-delegated to an organization by an upstream provider for the purpose of subsequent distribution by the recipient organization to other parties while reassignments are defined as IP addresses sub-delegated to an organization by an upstream provider for the exclusive use of the recipient organization. One member responded saying that reassignments would still be in policy and was unrelated to this change. Another topic addressed in this section was the need for further clarification on the new time frame of 14 days, no real reasoning behind the change, just provide more time.
Draft Policy ARIN-2023-3: Amendment of the waitlist agreement to include a restriction on leasing
Majority who participated did not support this proposal. The general feedback was there needed to be a formal and agreed upon definition of “leasing” made available somewhere. While those who did support felt this was not worth pursuing or the time involved in doing so would not be well spent. APNIC’s inability to come up with a consensus on their version of this policy was referenced as well.
Draft Policy ARIN-2022-12: Direct Assignment Language Update
Many felt this proposal to update the language surrounding the fee structure needed additional editing in order to be considered further, while others felt it was not needed to begin with, as they consider it to be adding to the problem instead of its proposed purpose of solving problems.
Draft Policy ARIN-2023-1: Retire 4.2.1.4 Slow Start
This draft policy proposal discussed removing 4.2.1.4, Slow Start and was generally supported by the community because it hasn’t been used in recent years and likely won’t be of use in the future. Additionally, the concern of it affecting operations was addressed, with the response it shouldn’t have any impact.
Draft Policy ARIN-2023-5: Clean-up of NRPM Sections 4.3.4, 4.4, 4.10 and 6.10.1
It was stated there would be no change in allocation process just a clarification of the text as the proposals goal is to clean-up complex language. This proposal was supported as drafted by many who decided to participate in the open forum. Some brought up the concern of what an “editorial” change should be defined as. An “Editorial Update” is defined in the PDP as “a non-substantive change to the NRPM” (Number Resource Policy Manual, that is, ARIN’s policies), but guidelines on “substantive” may be needed.
Draft Policy ARIN-2023-6: ARIN Waitlist Qualification
There was not much discussion on this proposal during the open forum, which addressed the requirements needed to receive space off the waitlist, neither for nor against. A suggestion brought up was to put these requirements in the waitlist section and get rid of this section entirely as it’s seen as no longer relevant.
Draft Policy ARIN-2023-7: Clarification of NRPM Sections 4.5 and 6.11 Multiple Discrete Networks and the addition of new section 2.18 Organizational Identifier (ORG ID)
The proposed changes were mostly supported by those in attendance. One concern that was brought up was that the definition of “org-id” needed to be expanded on. However, it was stated there is no org-id definition in RSA, if one was created it may create a conflict. The proposed benefit to provide clarity was seen as unnecessary to some. Org-id in NRPM under section 4.5 was said to be clear to some who participated in the discussion so many felt it didn’t need to change or be added to. Overall, the importance of proper punctuation was stressed, many agreed the cleanup would help if done appropriately.
October 31, 2023
Almost 1,400 people participated in LACNIC 40, which took place in Fortaleza, at the start of October. The LACNIC community discussed four policies: two focused on obtaining addresses, one focused on cleaning up records from addresses returned to LACNIC, and one focused on the Policy Development Process.
RIPE allows leasing, as does ARIN, although not as justification to obtain more address space.A similar proposal was rejected at APNIC 56.
LAC-2022-2 v3: Clarification: The lease of resources is not allowed under the policies in force.
LACNIC no longer has any IPv4 addresses left for allocation. Some organizations would like to buy addresses but LACNIC’s transfer market is tiny. Organizations without the capital to buy addresses sometimes need to lease them. This proposal would only allow addresses leases that come with internet connectivity. This wording is used because “lease” also describes the temporary assignment of IP addresses on a local network using protocols like DHCP.
LAC-2023-6 v1: Special exception for global critical infrastructure providers
The networks that serve the DNS root are an example of global critical infrastructure. Everyone benefits from them, wherever their organizational home is. This proposal would let LACNIC make assignments to global critical infrastructure providers. The goal of the proposal is to diversify the source of addresses rather than fill an unmet need. This kind of diversity is more important because RPKI is becoming more important in network operations. Each RIR is the apex of a hierarchy of RPKI digital certificates. Having some of the addresses issued by LACNIC and using its RPKI service spreads the risk across the whole system.
The author has clarified that the policy goal is to let root DNS service operators switch to LACNIC issued addresses despite not being legally established in the region.
LAC-2023-5 v1: Elimination of ROA in case of recovered resources
Organizations document how they use addresses in the Internet Routing Registry (IRR). They are also documenting how they use addresses with digital RPKI certificates called ROAs. This proposal will require LACNIC to remove stale records from the LACNIC IRR and delete ROAs from its RPKI repository when IP addresses are returned.
This proposal has been modified as of September 18th and received some comments in the September mailing list. Overall, there is a general consensus that the ROA removal should be explicitly stated in the policy manual though there is a question about the practical application of regulating the IRR database.
LAC-2023-3 v1: Considerations for Declaring a Proposal Abandoned
LACNIC’s policy development process does not have a mechanism for clearing out proposals that hang around with a status of “Did not reach consensus.” This proposal will empower the chairs to clear these proposals from the system when their authors are not responsive.
The LACNIC community’s feedback on the mailing list has been supportive with one caveat. They want the period extended from 10 months to a year, so that there would be two public forums within that time.
LAC-2020-6: Miscellaneous Modifications to the PDP
LACNIC will implement this policy proposal, which was ratified in August. This proposal modified the policy development process by:
The implementation will require minor software changes to LACNIC’s software.
.
October 30, 2023
A company joining ARIN’s IPv4 Waitlist today should expect to wait at least three years, John Sweeting, ARIN’s Chief Customer Officer reported this at ARIN 52 last week.
There are about 150 requests each quarter. But ARIN can only fulfill 30-50 requests. There are more than 700 companies on the list today.
ARIN asked the community to consider reducing the maximum allocation and maybe simplifying the policy. That could let more organizations get some IPv4 space and reduce waiting times. ARIN projects that reducing the maximum allocation from a /22 (1,024 addresses) to a /24 (256 IPv4 addresses) could reduce wait times by almost two-thirds.
In a separate discussion, Aaron Wendel, the Executive Director of the Kansas City Internet eXchange, noted a problem. He said that the BEAD program money is making peering a new buzzword. He described a proposal for 140 new Internet Exchange Points (IXP) in the US alone. This would create additional demand for addresses from ARIN’s address pool reserved for critical infrastructure.
Sweeting had previously confirmed that reserved pool replenishment takes precedence over the IPv4 Waitlist. This means the rapid creation of a hundred or more new IXPs could extend wait times for addresses through the IPv4 Waitlist.
by Leo Vegoda
IP addresses identify the network interfaces connected to a network. But which network?
In the beginning, all data networks were local, so all network addresses were local. Before Vint Cerf led DARPA’s Internetting Project, a globe spanning network of data networks was impossible.
For a network to be global, the devices on it each needed a unique address (or identifier) so that data could flow to and from one device and one device only. After some false starts, Internet Protocol version 4 (IPv4) was created. Then, a system of global registries were developed to keep track of each IP address. This system provides the following:
The early internet was small. Most of the users were its builders, or worked alongside them. It was also culturally cohesive. Security was less important than developing the technology.
That changed in 1989. The US National Science Foundation allowed commercial traffic on its internet backbone. This signaled a change in the nature of the internet. It was no longer small and the diversity of its users was growing fast. So fast that engineers started to worry the IPv4 address space (about 4 billion addresses) was not going to be adequate.
They began developing strategies for IPv4 exhaustion in March, 1992. They discussed the possibility of some addresses only being unique within a local (closed) network. This meant the same address could be used in multiple local networks. By 1994, three blocks of addresses had been reserved for use on private networks. They provide just over 17 million IPv4 addresses: enough for all but the largest of networks.
But internet engineers did not standardize the technology for connecting private networks and the internet. Many considered the concept heretical. They wanted “every system to be globally accessible” and knew this required “a globally unique addressing system.” Clearly, the ideal of universal access and re-use of IP addresses locally was in conflict.
Before the protocol for the use of private IPs, the impact of this conflict was quite simple: network operators might, from time to time, use an IP address that had not been allocated to them when creating a private network. If and when this network connected to the internet, multiple users of the same IP address conflicted. Data would then flow in irregular, unreliable ways to both locations using that IP address.
John Mayes, a consulting engineer, worked with networks for clients. Often, the networks he was involved with had used unallocated IP addresses for a private network. When they were then connected to the internet they experienced address clashes.
In 1995 he and Brantley Coile developed the first commercial Network Address Translator (NAT). It solved their clients’ technical problems. A NAT is an intermediary between the local, private network and the internet. It provides a layer where private identifiers are replaced with temporary, public ones. This process replaces the private IP address with the NAT’s own public and unique address on outgoing packets. It rewrites the local, private destination address on incoming packets and forwards them to your local, “private” device. The NAT maps the internal address to an external address for the duration of a session, which could be under a second and could last for days.
But the number of sessions is limited by the NAT’s hardware capacity and the size of the pool of unique addresses it has available. Networks that generate many simultaneous flows, or many long lived flows, will need a bigger pool of unique addresses.
A NAT provides an internet access gateway for the otherwise local devices that need it. As a result, some private IP addresses are completely isolated and others (those associated with a NAT) are protected against data conflicts.
Importantly, a NAT has a default deny rule for incoming traffic that’s not part of a session established by a device on the inside network. This very basic level of protection was missing from many networks at the time and was their first stepping stone towards a proper firewall. This was the PIX, or Private Internet Exchange, named to riff on PBX running telephone networks inside a business.
We now have two types of unique (public) addresses and two types of non-unique (private) addresses. To recap: there is no technical difference between private and shared addresses. The distinction is down to the intended use case. Private addresses are intended for use on end-user networks. That means anything from a domestic WiFi connection to a large bank’s internal server infrastructure.
Public addresses are those that devices use to connect directly to the internet.
Public IPv4 addresses are published in their appropriate registry and are unique on the internet. They identify one device only. There are somewhat more than 4 billion of them.
Public IPv6 addresses are like IPv4 in regard to their unique status on the network. There are 340 trillion trillion trillion IPv6 addresses.
As noted here, there are about 17 million IPv4 addresses set aside for repeat (private, non-unique) use. That is, they can be deployed on private networks and may or may not communicate with the internet via a NAT
Two /8s were set aside for private use in IPv6 but only one is designated as being “active”. Private addresses are assigned in /48 blocks. Each /48 has 16 bits of space for LANs, meaning 65,536 /64 networks because all IPv6 LANs are /64. This means there are 1,099,511,627,776 /48s in the /8 used for private addresses, which is just over a trillion. They key concepts to communicate here are:
Everyone uses unique addresses for private networks in IPv6
As long as everyone uses a suitable prefix generator, there is almost no chance of an address clash
The risk of an address clash between any two networks using this private IPv6 space is about one in a trillion even if the private network is given internet acess. That chance increases with the number of networks. The risk of a clash between any thousand networks is about one in 40 billion. Popular services, including Apple’s consumer products and Google’s cloud services automatically generate random prefixes, reducing the chance of error.
Unlock Value and Manage Risk
In 2022 and the first half of 2023, buyers paid between $40 and $60 per IPv4 address. This means that even a block of 256 addresses – the smallest that can be transferred – brought in over $11,000. Larger blocks are even more valuable per IP address. (We publish the pricing of IPv4 address blocks from our marketplace monthly. In fact, IPv4.Global runs the largest and most transparent IPv4 marketplace in the world. For more historical data, see Reports.)
Many people know that they can sell spare addresses but not everyone knows that unused IPv4 addresses can be a risk. The most benign risk is having an unused asset doing nothing. But actively managing IPv4 inventories controls two other, more serious risks.
Unmanaged networks bring unmanaged risk – and cost – with them.
The most important risks relate to security. The devices on unmanaged networks might be running unlicensed or unpatched software. In the worst case scenario, an unmanaged network with insecure devices can act as a bridge to the rest of your network.
Newspapers are full of stories about poorly configured networks leading to data loss and fines.
Most people would think that not using something is a good way to keep it safe. That’s not the case for IPv4 addresses. They are a risk because bad actors build up a picture of which addresses are allocated, which are used, and which are not.
They target the addresses that are not used because they won’t be monitored. That means they have more time to misuse the hijacked addresses. They leave a reputational mess behind them.
Controlling the risks associated with IP address management also delivers opportunities.
Sometimes organizations discover that unmanaged networks are there to perform unmanaged processes. Because they aren’t managed, they are often inefficient. Solving the IP address management problem opens a door to business optimization opportunities.
IPv4 addresses were once free and plentiful. People used them without worrying about cost or efficiency. They would generally record the use in an IP address tracking spreadsheet, or better a true IP Address Management (IPAM) system, so colleagues did not use the same address.
This is an asset allocation problem. When unique public IPv4 addresses are used for devices that should not receive inbound connections, they could be replaced with private IPv4 addresses or IPv6 addresses.
Private IPv4 addresses are free to use, although there are only about 18 million of them. There is a nearly limitless supply of unique private IPv6 addresses. And uniquely registered IPv6 addresses are available for relatively low registration fees.
Releasing IPv4 addresses to the market turns a sleeping asset into cash.
Managing IP addresses is managing risk. It is also a lens you can use to identify business processes that need improvement, or sleeping assets that can be converted into cash.
IPv4.Global’s ReView tool, developed in collaboration with 6connect, will help you audit and then manage your IP address space. The tool runs on Windows, Apple, or Linux. Go here to request a free download today.
If you have any questions, contact us at info@ipv4.global or call +1-212-610-5601.
September 15, 2023
IP addresses are identifiers. Devices use IP addresses to communicate with other devices. At first, each address was unique but clever engineers have added nuance. The internet is a network of networks. Often, the address announced to the internet hides a wealth of private addresses behind it. Those private addresses are only locally unique while the address that hides them is globally unique. In other words, many millions of networks can use the same private addresses. Specifically and only with one device. On a network like the internet, the address of a device is announced to the entire system so that anyone, anywhere can find and communicate with that location. Which means that an IP address used on the internet must be unique and known worldwide.
On a smaller network, the IP must be unique on the network in question. And therein lies the rub. There are multiple networks in the world and not all of them are directly connected.
The most widely understood network address is the “public” IP address. In this address, the unique identifier can be reached from anywhere on the internet because it has been published and is unique on the system.
A private IPv4 address is structurally identical to a unique, public address. But there are differences: it is unpublished in RIRs (the address books of the internet) and it is not unique to a single device. A private IP is often duplicated many times, used on many closed networks of various sizes. So, a single private IP likely exists in many millions of homes, cafes, and hotel lobbies around the world. For instance, your phone might have the IP 192.168.0.73. But there will be millions of other devices using the same address, simultaneously.
The advantage of a privately-used IP is that the same one can be deployed many times. It’s cheaper. It is unique only within the confines of its “private” network. Within that walled garden it identifies only one device. But to communicate more widely some intermediary is needed.
When a private IP address must communicate with the outside world via the internet (that is beyond a private, closed network) it does so using a Network Address Translator (NAT). This replaces the private IP address with its own public and unique address on outgoing packets. It rewrites the destination address on incoming packets to the private IP when it forwards them to your local, “private” device.
When the world had a limited number of internet-connected devices and a (seemingly) unlimited number of IPv4 addresses, public, unique addresses were used on just about everything connected to the network. This included:
The internet was still small, so there was no shortage of IPv4 addresses. If you already had a large block of them, you’d use them for anything that would communicate with something on a network.
When the looming shortage of addresses became clear, some more efficient use of the limited supply was needed. John Mayes and Brantley Coile developed a commercial Network Address Translator in 1995. This allowed multiple-use private IP addresses in wide network use. It had another advantage: when dumb devices are on the internet they can behave stupidly. So to speak.
As the internet boomed at the turn of the century, the risks associated with “internal” devices with full internet access became much greater. Even a relatively dumb device, like a camera, could give a miscreant access to your network. This increased the risk of data exfiltration, criminal spamming from your infrastructure, and simple malicious damage.
Using private IP addresses behind a NAT provides enough network security for many types of user. Organizations with more complex needs will need a more robust security approach. The IPAM (IP Address Management) system manages which addresses are used on a network and the NAT (Network Address Translator) provides an internet access gateway for the devices that need it. As a result, some private IP addresses are completely isolated and others are protected through the intermediary of the NAT.
In 2023 IPv4 addresses are at a premium. An old Class B address block (65,536 addresses) is worth as much as $3 million. So, replacing valuable unique addresses with something less costly will pay for itself and leave a lot left over.
To use IP addresses most efficiently, consider the following:
by Leo Vegoda
There are two basic kinds of businesses that use IP addresses and domain names. One kind provides the content of the internet, hosting and delivering it – normally in the form of a website. The other sort of internet business serves the eyeballs that consume that content. That is, it provides users with access – usually an ISP (internet service provider).
The send-and-receive relationship surrounding websites is different from that of email. In the case of email, users generate content for one another and rely on email services to transmit that content. But in both cases of data being sent and received, some point of entry into the internet is required for the dispatch of good content and bad.
In response to an increasing number of bad actors on the internet stage quite early in its development, various proposals were offered in the 1990s to curb or eliminate the delivery of that content. The primary target of this effort was email, especially spam or other objectionable material. The best ideas proposed sought to identify senders and disseminate information about them that might block their distribution capabilities.
Computer scientist Paul Vixie created MAPS, the first real-time blocklist, in 1997. Its goal was to identify the IP addresses that send bad material. And, it let those who provide access to users block those who send it by blocking those sending IP addresses. The core idea was to publish the IP addresses of bad actors in the form of lists so they could be blocked from successfully delivering their content.
Today, reputation lists evaluate domain names as well as IP addresses. Their goal is to give engineering teams information to help them decide whether to accept a message, or other data traffic. They are important at helping companies filter out security threats, like phishing and botnets as well as mundane spam.
Mail and other messaging services are mostly operated by a few centralized service providers. But even marketing messages are uniquely tailored to each recipient in many outreach efforts. So, while content-based filters can be useful, knowing whether a sender generally sends messages that people want to read is very useful.
Some reputation list managers, like Spamhaus, are nonprofit. Others are commercial businesses. The key similarities are that they provide datasets of IP addresses and their characteristics. Users can send dynamic queries to the list or arrange for a regularly updated local copy.
The factors to check for when evaluating lists include:
The right blocklist providers will depend on your business needs. These are worth evaluating.
Barracuda Reputation Block List
These blocklists are often used alongside allow lists. The allow lists ensure that temporary problems don’t result in problems sending and receiving legitimate mail.
DNS blocklists run spam traps and honeypots – addresses used to detect spam – and list the servers sending mail. But they don’t have just one list. Typically, they will have several including:
If your IP address is listed, then fixing the problem should result in an automatic delisting. If it does not, the blocklist owner should provide an explanation of why an address was listed. They should also provide a way to request removal from the list.
Charging fees to list subscribers is considered fine. This is “the definition of a commercial DNSBL.” But charging to achieve or expedite removal from a list steers perilously close to notions of extortion, blackmail, or a ‘protection racket’. Internet engineers recommend that lists imposing these fees should not be used.
Reputation is about more than just spam and malware. Banks, retailers, and content networks use GeoIP location data when evaluating how they’ll serve their customers. Banks and retailers use GeoIP location data as a part of their risk management. Content networks use it to comply with contractual responsibilities.
Banking websites know where you normally do business from. If you change location they can use that as input to their overall risk management. The greater the change the greater the risk. A bank might decide not to limit payment orders made from a higher risk location. Similarly, retailers use GeoIP data in their automatic fraud risk evaluation for sales. They don’t want to deliver goods or services bought with a stolen card.
Content networks can be a bit more relaxed. They obviously want to localize user interface and advertising based on location. United States based account holders will see French user interfaces in France, along with local advertising.
But content is often licensed per territory, so streamers need to use GeoIP to limit access from outside permitted territories. Research into content unblocking VPNs has demonstrated that this is a highly dynamic set of services. Evolution in action. The rights for sports content sell for the highest rates, so sports content enforcement is stronger.
DNS blocklists, like Spamhaus, only list your IP addresses if they see spam from them and you don’t resolve the issue.
If you are new to managing network abuse issues, take the RIPE NCC’s free webinar.
We have found a floor for IPv4 prices on small blocks. Most medium blocks were consistent with recent trends, but a few outliers show a dip in the chart. Large blocks (/16 and larger) continue holding their value, with significant premiums for larger aggregates.
by IPv4.Global Staff
Any university looking to tackle strategic initiatives faces a key hurdle—sustainable funding. Whether it’s increased operational costs to maintain building facilities, declining student enrollment, or decreased government funding, higher education institutions nationwide grapple with various financial challenges.
An often-overlooked opportunity for university funding is the surplus of unused IPv4 addresses many of these institutions hold. These IP addresses are valuable and can provide the financing needed to fund strategic higher education initiatives.
Below, we’ll dive into the finance strategies institutions can leverage to monetize excess, unused IPv4 address blocks.
Today, IPv4 addresses are valuable due to circumstances tracing back to the ‘90s. At that time, the internet was primarily a tool used by educational institutions to conduct research.
These institutions received large allocations of IPv4 addresses. For instance, it was common for some universities to receive 65,000 addresses. However, many universities that received these large blocks of IPv4 addresses currently only use a small portion of their addresses to manage their internet traffic. These unused addresses, valued anywhere from $10 a piece in 2015 to $55 a piece in 2022, present significant untapped value.
For this reason, it’s crucial for any institution with stockpiles of IPv4 addresses to conduct a thorough assessment of its IP address inventory to identify surplus address blocks that may be unused—and currently overlooked or forgotten.
It all starts with implementing effective IP address management across the organization, evaluating all networks to ensure every inventoried, accounted-for IPv4 address is active or is part of the institution’s network expansion plans.
Tools exist for such an evaluation. A free one is available for download here.
So, what happens if an institution realizes it’s sitting on surplus IPv4 address blocks?
The best option is to sell these valuable addresses on the IPv4 market through the use of an IPv4 broker. An IPv4 broker can provide expert knowledge and guidance to help institutions navigate the fast-evolving IP address market.
A brokered sale of unused IPv4 assets can help a university gain significant value from selling these address blocks in a competitive market. And partnering with a trusted IPv4 broker can ensure that universities with large inventories of unused IPv4 blocks realize their monetary value.
Let’s consider the case of Hartwick College, a private liberal arts college in Oneonta, New York, which received large blocks of IPv4 addresses in the internet’s early days.
In partnership with IPv4.Global’s research team, Hartwick College discovered it had significant numbers of unused IPv4 addresses. The university supplied users with IP addresses via a local internet service provider and didn’t need the large blocks of IPv4 addresses in its inventory.
Here’s how Hartwick monetized its surplus IPv4 address blocks:
As an alternative to selling surplus IPv4 addresses, a university can lease them for recurring income. IP address leasing is a suitable option if an institution is uncertain about expanding its network in the near or long term.
Ultimately though, selling—rather than leasing—IPv4 addresses may be ideal if an organization has a vast inventory of these addresses that it doesn’t anticipate using anytime soon.
Thinking strategically, a university with surplus IPv4 addresses can monetize these to generate income to finance other critical projects.
If a university only requires a handful of IP addresses to meet its network connectivity needs, earning revenue from a one-time sale can help fund university initiatives such as:
Any university with a surplus of IPv4 addresses can monetize them to fund various initiatives. With the help of an IPv4 broker like IPv4.Global, institutions can sell these addresses competitively while avoiding the hassles of completing the sale and transfer themselves.
Whether an organization chooses to sell surplus IPv4 address blocks on IPv4.Global’s online marketplace or opt for our private brokered solutions, we streamline every sale to ensure a successful transfer of each address sold.
Contact us today to learn more about monetizing IPv4 addresses.
September 22, 2023
APNIC 56 took place over two weeks at the start of September in Kyoto, Japan. Five proposals were scheduled for the meeting.
prop-148 Leasing of Resources is not Acceptable – Did not reach consensus, abandoned.
This proposed that leasing IPv4 addresses is not acceptable without defining the term, “leasing.” It would then have required APNIC to take action against anyone leasing their addresses. They would either have to reclaim the space or force the recipient to rejustify it. Commenters were concerned about the cost of implementation. The chairs told the proposers to abandon the proposal, instead of coming up with a sixth version, as there was not enough support.
prop-152 Reduce the IPv4 delegation from /23 to /24 – Did not reach consensus
This proposal sought to make some IPv4 space available at low cost for more new entrants to the market. One speaker worried that by reducing the allocation size APNIC would limit their members. In contrast, another stated that it would help new businesses start and grow. The market could provide any additional space they need. There was a lack of support, so the proposal was abandoned.
prop-153 Proposed changes to PDP – Did not reach consensus
This proposal came from the chair and was intended to avoid problems with proposals getting agenda time when they arrive after the deadline. Time-zone issues, exacerbated by misunderstanding the language of the policy process, have caused problems in the past. This proposal set the deadline as five weeks before the meeting, with proposals that miss the deadline not getting agenda time. These proposals would be dropped and have to be resubmitted. Some argued that five weeks was too long. Proposals are translated and discussed in local communities before APNIC meetings. But speakers from Japan indicated that three weeks would be enough time. There was a lack of support so the proposal was abandoned.
prop-154 Resizing of IPv4 assignment for the IXPs – Did not reach consensus –
This proposal is similar to RIPE’s 2023-01. The idea was to make space available for more Internet Exchange Points (IXPs) – the interconnection facilities where networks meet and exchange traffic with each other. It would do this by assigning smaller networks. Most IXPs use less than half of the space assigned to them, so this seemed like a good way of making space available for more IXPs. But APNIC staff noted that they do not maintain a separate reserved pool of IPv4 space for IXPs. IXPs’ assignments come from the same pool as everyone else. There was a lack of support so the proposal was abandoned.
prop-155 IPv6 PI assignment for associate members – Reached consensus
This proposal would made it easier for APNIC associate members to get their own block of IPv6 addresses. As long as the member plans to use the addresses within a year, they would qualify for a block even if they had no IPv4 address space. Speakers discussed whether the addresses could be transferred. The proposers clarified that the addresses could not be transferred apart from through a Merger and Acquisition process. The proposal was supported and achieved consensus. APNIC’s implementation is dependent on the APNIC EC changing the Tiers and Voting Rights for APNIC Members.
There were also resolutions to the APNIC By-laws that were to be voted on in a special members’ meeting. A quarter of APNIC’s 9,700 members voted. They overwhelmingly supported the following five changes. In the future:
September 15, 2023
An IPv4 address identifies your connection to the online world. IP addresses make it possible to host websites, manage secure communication, and engage in countless other essential, internet-related activities.
Typically, when migrating to a new cloud provider, a business has only one path: lease the provider’s IP addresses.
But what if a business already has a block of IP addresses?
That’s where BYOIP (Bring Your Own IP) comes into play as a compelling second option. Today, many leading cloud providers have implemented BYOIP policies that allow previous owners or lessors to pair their legacy IP addresses with the new cloud resources.
But what does that entail? What are the benefits of a BYOIP approach?
Here’s what businesses need to consider before they begin the migration process.
As the name implies, BYOIP is a set of policies that grants an organization the rights to use its own existing IP addresses within the cloud provider’s infrastructure.
Put simply, if a business already owns and uses a block of IP addresses on its legacy system or server, it can then retain all or part of those publicly routable addresses when they migrate or integrate with the new cloud provider.
For instance, if a business sought to migrate to a major provider like Amazon Web Services (AWS) or Google Cloud, either provider allows clients to provision their own public IPv4 addresses. Then, after those IP addresses were imported, the cloud provider would manage them in the same manner as a Google or Amazon-provided address. As Google notes, the only exceptions are:
Generally speaking, when the time comes to perform the transfer process involved with migration, an organization must:
That said, the exact onboarding process for how to migrate existing IPv4 addresses to a new cloud provider will depend on the provider. Each one has its own infrastructure and requirements that might lead to variations in the procedure. For example, AWS has a two-phase, three-step process:
Some of the tangible benefits of BYOIP include:
Implementing BYOIP—although beneficial—carries its own set of unique challenges and limitations that organizations must carefully weigh before committing to this policy. Common issues include:
Onboarding process – The actual process of bringing your own IP address into a cloud provider like AWS EC2 is not complex and can be accomplished by an experienced network engineer in less than a full day. The process includes:
Provider limitations – Not all cloud providers support BYOIP.
AWS is permitting BYOIP on its platform. For information on how to take advantage of this opportunity, see our AWS-BYOIP blog.
For any cloud migration, businesses may opt to BYOIP rather than buying or leasing their IP addresses from the cloud provider. This policy allows for increased flexibility, control, and efficiency in managing IP assets. By leveraging existing IP addresses, organizations can preserve their established reputation, ensure seamless compatibility with applications, and meet regional-specific regulatory requirements.
But what if a business has legacy IP addresses it wants to transfer, but lacks the expertise to perform the migration?
IPv4.Global can assist. As the world’s leading IPv4 broker, we can help you appraise, sell, lease, or even transfer your IP addresses to a new server. To learn more about the migration process, contact us today.
by Leo Vegoda
Innovators and early adopters had telephones in the late 19th century but it took a century for everyone to have access. The internet’s rollout has been faster. But even in California, eight percent of households do not have access or a device to use it. That grows to 19 percent in Mississippi and New Mexico.
Households without reliable internet access are cut off from commerce, education, government services, and healthcare. Communities without good internet experience all this and lose people to better connected places. It’s a downward spiral.
That’s why the US government has allocated $42 billion to grow high-speed internet access across the country. Its Broadband Equity Access and Deployment (BEAD) program is open to every state and six territories.
The states and the territories will be making grants from their allocated funds. The states can make initial proposals for how to spend the money until the end of 2023.
BEAD is designed to deliver high-speed internet access to areas without service. Grants can be awarded for upgrades to existing networks and new builds. In some cases, electrical coops will use their existing network to deliver internet access.
Grants are on offer to fill the gaps the market has missed. Because they are grants and not loans, the providers should be able to provide much more affordable service. The initiative comes with subsidies for low-income households to ensure this.
When everyone has internet devices and access they can become digitally literate. BEAD emphasizes the importance of projects to expand learning and development approaches that meet the needs of the targeted communities. This is important because BEAD grants are intended to bring people together and reinvigorate communities.
The US government hopes BEAD will be transformational. Giving communities reliable, high-speed internet does more than increase their access, it makes the communities themselves more accessible to the world at large. It will give businesses and schools new opportunities. It will also improve healthcare in places where it can take professional hours or days to reach patients.
Decentralized government means that processes will differ. But the BEAD program provides a guiding framework so, many states will have a similar approach. It’s worth examining California’s plans for spending the money.
California’s Public Utilities Commission is running its implementation. Their application process will start next year. The application window could open early in 2024 with the first fifth of grants being awarded from June.
California’s BEAD Program implementation timeline, with grantmaking starting in mid-2024.
Look at the table below to find out how much money your state or territory has been allocated. Then look for the answers to these three questions:
We run the world’s most trusted IPv4 marketplace, so we have unique experience from all sorts of networks. We help you get the IPv4 addresses you’ll need for your project and we can connect you with engineering talent you need. We’ll get you started on your journey to a grant award.
Call us on (212) 610 5601 or write to us at info@ipv4.global.
State | Amount Allocated |
Alabama | $1.4 billion |
Alaska | $1 billion |
Arizona | $1 billion |
Arkansas | $1 billion |
California | $1.8 billion |
Colorado | $826 million |
Connecticut | $144 million |
Delaware | $107 million |
District of Columbia | $101 million |
Florida | $1.2 billion |
Georgia | $1.3 billion |
Hawaii | $149 million |
Idaho | $583 million |
Illinois | $1 billion |
Indiana | $868 million |
Iowa | $415 million |
Kansas | $452 million |
Kentucky | $1 billion |
Louisiana | $1.3 billion |
Maine | $272 million |
Maryland | $268 million |
Massachusetts | $147 million |
Michigan | $1.5 billion |
Minnesota | $652 million |
Mississippi | $1.2 billion |
Missouri | $1.7 billion |
Montana | $629 million |
Nebraska | $405 million |
Nevada | $417 million |
New Hampshire | $197 million |
New Jersey | $264 illion |
New Mexico | $675 million |
New York | $665 million |
North Carolina | $1.5 billion |
North Dakota | $130 million |
Ohio | $794 million |
Oklahoma | $797 million |
Oregon | $689 million |
Pennsylvania | $1.2 billion |
Rhode Island | $109 million |
South Carolina | $552 million |
South Dakota | $207 million |
Tennessee | $813 million |
Texas | $3.3 billion |
Utah | $317 million |
Vermont | $229 million |
Virginia | $1.4 billion |
Washington | $1.2 billion |
West Virginia | $1.2 billion |
Wisconsin | $1 billion |
Wyoming | $347 million |
American Samoa | $38 million |
Guam | $157 million |
Northern Mariana Islands | $81 million |
Puerto Rico | $335 million |
U.S. Virgin Islands | $27 million |
When the time comes to sell, buy, or lease an IPv4 address, multiple factors will come into play. The reputation of an IPv4 address block is a factor that is poorly understood and often ignored. Neglecting this factor can result in a block of addresses that have a limited usefulness and requiring significant additional effort to be usable.
An IP address’ reputation can significantly impact its utility and worth in the digital marketplace. A tarnished reputation can hinder email deliverability and even prevent businesses from operating online.
IP address reputation is a measure of the trustworthiness of an IP address based on the past behavior originating from that address. In some reputational systems the behavior of neighboring addresses will also affect the reputation.
Address reputation scoring is a measurement of the address’s historical behavior and associated activities. It functions similarly to a credit score in two significant ways. Like credit scores, there are multiple entities that assess the reputation and they do not always agree. The reputation is also generally reduced to a simple numerical metric to aid in decision making.
While this reputation might be invisible to the casual user it is an integral part of the defensive protections in many service providers. Networked systems import reputation lists and use them in combination with the operator’s policy to decide how to treat communication from IP addresses. While the most popular use of reputation is to evaluate if e-mail is spam, it can be used for other purposes including blocking all traffic completely.
IBM uses several classifications for types of behavior that will lead to a negative reputation:
Much like a bouncer at a bar checking IDs at the entrance, IP address reputation is used to decide whether to accept email or let consumers buy products. Access is denied when an address is on an RBL (Realtime Block List). But addresses with a clean reputation are welcome. Many organizations configure the IP addresses of their business partners and other important networks to an allowlist to avoid service interruptions.
When it comes to IP reputation management, three primary factors are impacted by address reputation:
Organizations use IP address reputation in combination with their own policy when deciding whether to accept or reject mail and other data traffic.
Several elements are factored into the reputation equation, including:
Similar to credit reporting companies tracking financial history, RBLs track the digital history of an address. These databases maintain an active list of addresses that have been associated with unscrupulous behavior. If an address is granted this ignominious honor, it signals to all other sites and bots that the address may not be a trustworthy source. Most RBLs will automatically remove IP addresses shortly after they stop acting maliciously. All reputable RBLs provide a way to request a manual review and will not charge a fee for doing so.
Prominent RBL providers, such as Spamhaus, SpamCop, and SURBL, use different methodologies to evaluate IP address reputation. Some focus on the volume of spam, others on the nature of the spam, and yet others might look at additional factors such as user reports.
If an IP address block lands on an RBL, that status isn’t permanent. Addresses may cycle from malicious to benign and back several times over.
As WebRoot notes: “When looking at the top 50k IP addresses that recurred on our “malicious” list in 2020, 97.3% were caught displaying at least four distinct risk factors, such as spam sources. Almost half (45%) of the top 50K recurred during at least 2 different months, while 25.8% were seen doing something malicious every single month.”
It’s worth noting that IP address reputation isn’t a perfect system. It’s not infallible and can be prone to false positives and false negatives. Innocent IPs may be flagged as malicious, whereas bad spammers go undetected.
When purchasing an IPv4 address, itsreputation should be a guiding touchpoint rather than a final judgment on its trustworthiness.
Additionally, IP reputation isn’t static. It can be improved over time.
There are actionable steps an IP address owner can take to improve its reputation, including:
Whether you’re looking to buy an IPv4 address block with an assuredly clean reputation or looking to repair a block’s reputation before or after a sale, IPv4.Gobal is the trusted market leader. Our experts will guide you through the transfer process, which is a foundational step in improving a negative IP address reputation. We can also connect you with specialists who can help you contact blocklist operators if you need extra help.
Remember, an IP address’s reputation isn’t set in stone. If an IP address has a less-than-savory reputation—just as with a credit score—it can be gradually improved with time.
To discover more, reach out to our team today.
by Leo Vegoda
“They always say time changes things, but you actually have to change them yourself,” according to Andy Warhol.
Manual tracking of IP address allocations has a long history. Many organizations used a spreadsheet to manage IP addresses. Having already paid for office productivity software why not use it as much as possible?
Gone are the days where IP address tracking was as simple as making sure sysadmins were told unique addresses. IP address allocations are used to configure DNS, DHCP servers, geolocation information and more. Automation is essential for networks of any size. The world is changing to require more data, which makes automated data maintenance more compelling.
The world today is completely different. As interdependencies grow and data quality needs increase automation is required. Automation not only reduces workload but enforces consistency as the data is consumed.
IP Address Management, or IPAM, is the name given to tools that manage IP address allocations and interlinked information like DNS, DHCP scopes, and geolocation information.
IP Address Management (IPAM) automation tools all provide three core functions that are useful for all networks:
A recent addition is the need to manage geolocation data. In the 1990s all users could access services anywhere on the internet. Today some services are only available in particular areas. One example is live streams of sports events which are often licensed for specific territories. IPv4.Global has written about this before and also described a free public tool for checking published geolocation information. The bottom line is that changes in the way GeoIP service providers get information will mean IPAM tools needing to support these capabilities. You can find a list of providers and their automation status here.
Today networks need both IPv4 and IPv6 addresses. And most networks have more than one block of each. ARIN’s statistics show that most networks have 2.5 blocks, while the RIPE NCC’s show that organizations in Europe have more than 3.
Many organizations deploy hosts with both IPv4 and IPv6 addresses. That often results in duplicating all the data entries. IPAM software can allocate IPv6 addresses to existing IPv4 hosts automatically and will ensure that IPv4 and IPv6 addresses for a host are updated at the same time when changes are made.
RIRs use two words to describe IP address registrations. An allocation is a block of addresses assigned to a particular company. As the company divides that block into specific uses they call it an assignment. Assignments might go to different internal teams, or different customers.
Some network operators encourage each other to register assignments. They use this information to inform automated policy implementation, like working out if they can provide a service. RIRs also require assignment information when processing additional requests for space including IPv4 transfer requests.
Figure 1 shows how allocations, assignments, and the actual uses of IP addresses fit together.
Even small networks are likely to need four or five assignments for each allocation. It is not uncommon for an organization to update dozens of assignments and separate geofeed files on a regular basis. The answer is not to follow Andy Warhol’s advice and “change them yourself.”
Weather you’re building a brand new network and need addresses or simply want advice on IPAMs, contact us. We run the most transparent and trusted address brokerage. And we can connect you with engineers who can help you select the right tools for your organization – including IPAM tools that provide automatically generated GeoIP feeds as part of your provisioning process!
by Leo Vegoda
IPv4.GLOBAL’s marketplace and auction platform filters scores of open auctions in several ways. One is by block size where the smallest block is a /24 (256 IPv4 addresses). But why /24?
IPv4.Global Auction Platform showing the block-size filter
One answer is that this is the smallest block that some RIRs will transfer. But that doesn’t completely explain the rationale or history for why this is true. Underlying the transfer rules is the fact that it is very difficult to use anything smaller than a /24 on the internet. But why?
On January 1, 1983, the ARPANET switched from the Network Control Protocol (NCP) to TCP/IP, a date known as “flag day”. To understand the mindset of the engineers at this time it is important to remember that the network had on the order of 100 nodes. The concept of a LAN was brand new, with Ethernet becoming commercially available in 1980. It’s likely no one could even imagine the Internet of today.
RFC 791 is the initial addressing specification. Internet engineers cut the IPv4 space into three sizes of network.
IP addresses were distributed to networks in these three sizes only. The notion of these three address sizes was designed into additional protocols. The Exterior Gateway Protocol (EGP) was used at the time for global routing, and it only new how to deal with networks of these three sizes.
Over time the network started to grow. The next inflection point was the creation of the NSFNET in 1986 to create a general-purpose research network. A trend emerged, the research institutions were too large for a Class C, they all received Class B addresses. There started to be concern over the exhaustion of the Class B address space.
In parallel, the Border Gateway Protocol (BGP) was developed to replace EGP. Eventually BGP version 4 became the BGP we know today, able to route networks of any size. There was no longer a class dependency in the routing protocol.
Things rapidly changed in the early 1990s. Commercial use of the Internet began with many of these new commercial entities receiving Class C address blocks. These commercial entities often came back for more address space, as a Class C was small, and the Internet was starting to grow exponentially. This created a new concern, the size of the routing table.
A proposal for a new approach came in 1993.
The new approach, known as Classless Inter-Domain Routing (aka CIDR) and offers more granularity. Engineers recognized that many different sizes of address block were needed, and that the old boundaries were arbitrary. With the new thinking, the boundary between “network” and “host” address could be placed at any bit in the 32 bit space:
This delivered three advantages.
The early Internet was a series of cooperating research intuitions. There was a collegial collective effort to make the network functional. The connection of commercial entities to the network began to change that dynamic in multiple ways. Commercial networks were driven by making money and keeping their customers happy. Newly minted “network engineers” focused on growth rather than cooperation, and on managing their very expensive bandwidth.
Traffic engineering began to result in large blocks being announced as /24s. Traffic for an organization’s addresses might not be spread evenly. One /24 could get a disproportionately heavy load. The network’s operator might want that heavy load to use one path and the rest of the traffic to use another. Although the organization had received a single large block via a CIDR allocation they were once again taking up many slots in the global table by routing it as individual /24 networks. This is called deaggregation. Keeping all addresses in a single announcement is called aggregation.
The example network ensures that most traffic for 10.31.8.0/24 comes from Upstream 2 telling it about the more specific – smaller – /24. The whole /19 network is announced to both upstreams.
The internet engineers who developed the CIDR strategy in 1993 described two benefits. One was that “more-appropriately sized blocks” could stave off depletion. The other was “an immediate decrease in the number [of] routing table entries”. The networks carrying traffic for those downstream networks need to have what internet engineers call the full ‘default free’ routing table. With the table size growing rapidly, as well as traffic increasing exponentially the equipment of the day was strained.
Network operators always encouraged each other to minimize the number of routes they advertise. This is because the cost of routes is paid for in router upgrades. Since the mid-1990s, engineers have been sharing a weekly CIDR Report. It showcases the networks that could reduce the size of the routing table by aggregating better.
AS7007 famously caused a major internet outage in 1997 when it leaked, or unintentionally deaggregated, 72,000 routes. Outages like this are a result of sudden, unplanned growth in routes exceeding the capabilities of deployed hardware. In some cases the network could not automatically recover, engineers would have to manually reset the routers to recover from these events.
Network operators also began to filter routing advertisements motivated both by limiting the growth of the table to extend the life of equipment, but also protecting themselves from these route leaking events. There were a wide range of approaches early on, but gradually some standard practices emerged. One practice was “nothing smaller than a /24”. That was the smallest unit allocated by RIRs at the time, and the feeling was no one needed to deaggregate intentionally or accidentally smaller than that size.
The early IPv4 distribution policies noted that conservation and routability are often “conflicting goals.” Traffic engineering could be added to that.
A full history of the Regional Internet Registries (aka RIRs) would be much longer than the history of the /24. It is important to understand that each of the RIRs developed some form of a “community consensus” approach to managing the address space. They each have a policy process guiding how IP address space is distributed and transferred.
Their history is intertwined with the technical history, and as a result the /24 boundary feature prominently in many RIR policies. The specific answer as to why an RIR does not allow smaller than a /24 to be transferred is that such a restriction is codified in their policies. Those policies in turn are a direct result of the path taken by the technical evolution of the Internet.
The /24 boundary comes not from any one decision, but a confluence of different decisions over time. The original choice of a Class C network at a /24 boundary was clearly an influence. The need to limit the size of the global table resulted in a /24 being seen as a reasonable cut off point. The need to protect the global routing system led to widespread deployments of filters at the /24 boundary.
Each Internet network is independent. There is no rule saying a network can’t advertise or accept longer prefixes. Today, Geoff Huston’s BGP Routing Table Analysis Report shows about 3,000 routes for blocks smaller than a /24. These tend to be short lived route leaks. At 0.3% of the whole routing table, these are not a problem. Most ISPs will filter these announcements and never see them. However, if two networks want to exchange more specific routing information they can, and sometimes do!
Large-block prices have remained steady-to-slowly-rising. Medium and small-block prices appear to have stabilized and may be rising, too.
September 6, 2023
APNIC56 is in Kyoto, Japan September 7 – 14. This year there are four new policies being proposed and an edit to a policy previously discussed several times.
prop-148 revolves around leasing and whether the RIRs, specifically APNIC, should put anti-leasing terms into effect. This Prop has had four previous versions. Not all criticisms of prior versions have been addressed in this version. The author states that the other RIRs do not allow leasing as justification for space. This position effectively disallows IPv4 leasing in general. Further, the author poses that if a member, who validly justified space in the past, is no longer using the delegation for the justified purpose (i.e. leasing) this violates policy and the address space should be revoked and returned to the RIR. Discussion on this proposal varied from minor support to opposition. Most of those in support nevertheless believe there needs to be further clarification on leasing in general. Distinctions are made between leasing broadly and those with “legitimate” business cases (for example, businesses may also lease subnets smaller than a /24 to customers who may have a business internet service).
prop-152 speaks about reducing the minimum delegation from /23 to /24. More precisely, the author would like to make this change once the current pool of 2,792,192 (the final 0.3% of the 103/8 pool) of IPv4 addresses is depleted. An interesting note within the discussion of this proposal is APNIC’s recent reclamation of 700,000 addresses. APNIC has gone through their entire database and reached out to all IPv4 owners in order to clean up and reclaim any unused IPv4 addresses to be later delegated to those on the waitlist. This policy proposes that any new space be delegated to only new account holders, including NIR Members.
prop-153 is a proposal where the author is looking to clarify and improve on the proposal process. Specifically, changes to Step 1 of the Policy Development Process (PDP) where the deadline for proposal submissions is not clear.
prop-154 discusses decreasing IXP’s delegation size from /22 to /26. The main reason: it is unlikely an IXP will need to use the full 512 addresses and by reducing the allocation amount there is more available for those in need. If an IXP needs further space down the line they will be eligible for a /22, provided they return the original delegation. The discussion board for this policy was filled with many differing views on whether IXPs are generally under-utilizing the space or will need more to grow into.
prop-155 seems to be universally supported by those that commented on the discussion board. The proposal points out that it is made more difficult by APNIC policy to receive an IPv6 PI assignment if a member has no other address space. If they already have IPv4 they require little to no justification to receive IPv6.
Regarding APNIC Executive Council, there will be a special meeting of APNIC members on September 14 2023 at 14:30 (UTC+9). During this time, APNIC will be conducting its ordinary business meeting regarding budgets and reports. At this time, they will also be open to questions and feedback on the APNIC EC and Secretariat. The five Resolutions being proposed are all regarding the running for, and regulation of, the Executive Council (“EC”). A quick summary of the resolutions is listed below.
All to be voted on by members in attendance of the meeting.
by HiveDigital
Chief financial officers (CFOs) and their corporate finance teams are constantly on the hunt for innovative strategies to better manage cash flow, plan for growth, mitigate risk, and ultimately, drive ROI. As experts in financial planning, analysis, and reporting, finance teams are expected to be adept at navigating the mercurial financial landscape. Yet, achieving peak financial performance requires that they have a comprehensive accounting of all assets within the organization, including those beyond the traditional financial sphere.
CFOs often leverage the expertise and insights of other key members within an organization, such as the chief information officer (CIO) and the IT department, to identify novel opportunities.
For instance, the rise of the digital era has ushered in an entirely new asset class—intangible tech assets. From cloud storage rights to software licenses and IPv4 addresses, these assets have the potential to become invaluable revenue sources capable of funding project budgets, offsetting overhead expenses, or powering company growth.
Yet, the true potential of such assets often goes unnoticed and untapped.
In a world increasingly influenced by digital innovation, traditional asset classes have expanded to incorporate intangible tech assets. As the name suggests, these are non-physical, digital assets that can provide the company with value of some sort. According to common accounting standards, to be eligible to be recognized as an intangible asset, they must be:
Typically, these intangible assets are either developed internally, purchased by the business outright, or acquired as a part of a larger M&A deal. Common examples include:
Let’s focus on one of the more commonly overlooked intangible assets: IPv4 addresses. These represent the bedrock of connectivity in the digital ecosystem, with every device on a network requiring one to function online.
Couple a nearly exhausted supply of IPv4 addresses with historic consumer demand and it’s no wonder why prices have surged fivefold in less than a decade.
Many companies are currently sitting on a large inventory of IPv4 addresses—potentially worth hundreds of thousands of dollars—and many don’t know they own these assets, let alone understand their market value. Balance sheets tend to exclude any mention of IPv4 address blocks, or they are looped into some “miscellaneous” category along with other intangibles.
However, with the right knowledge and a strategic approach, these IPv4 addresses can be leveraged to drive ROI. Selling them outright, leasing them for a steady revenue stream, or using them as collateral for business expansion are all viable ways to tap into their potential value.
Because a CFO may not always have real-time visibility of every asset under their purview, they often outsource this task, relying on other trusted leaders and specialists within the organization to help them spotlight opportunities.
One such crucial ally is the CIO—the organization’s digital pathfinder. With their tech expertise and ideal vantage over the company’s technological landscape, including its intangible tech assets, CIOs can play an instrumental role in providing support to the CFO. In that capacity, their role extends beyond simply maintaining the existing tech infrastructure; rather, it involves actively pinpointing underutilized resources as well as potential opportunities for strategic tech investments.
By conducting comprehensive audits and assessments, they can flag potential goldmines for the CFO and suggest potential avenues to maximize the value of these often-overlooked assets, such as IPv4 address monetization strategies.
Once a tech asset has been successfully identified, the baton passes to the CFO and their finance team whose task it is to understand, assess, and evaluate the new-found resources. Harnessing their vast financial acumen, the CFO can then decipher the potential value and implications these assets may have on the organization’s bottom line.
A CFO’s expertise—grounded in financial planning and risk management—allows them to extract and translate these technological assessments into strategic financial insights. Moreover, having a complete, accurate, and up-to-date snapshot of the company’s total asset portfolio, including intangible tech assets, enables the CFO to make the most informed and beneficial decisions for the organization.
In today’s business environment where technology drives value and competitive advantage, the CFO and CIO relationship becomes paramount. Effective collaboration between these roles can lead to better alignment of IT investment with strategic growth plans and improved business performance. However, as Deloitte notes, fostering such a relationship is often challenged by differences in communication styles and perspectives. To that end, here are some strategies they suggest to strengthen this essential partnership:
Navigating the complex world of IPv4 addresses on your own can be daunting. Whether you aim to invest in IPv4 addresses or maximize the value of addresses your business already owns, partnering with a reliable and seasoned IPv4 address broker alleviates all major concerns. Common benefits include:
Effective collaboration between finance and IT teams can help unlock the untapped potential of intangible tech assets, especially IPv4 addresses. By working together and aligning their strategic goals, CFOs, CIOs, and their respective departments can identify, evaluate, and monetize these assets to boost the business’ bottom line.
For reliable brokerage services and support, contact us today.
by HiveDigital
Normally, a business generates, acquires, and manages various assets—including both the tangible (physical) and intangible (non-physical). While the innate value of tangible assets like cash or property is easy to see and understand, the same can’t always be said for intangible assets.
Take IPv4 address blocks for example. This intangible asset class may be worth a great deal, especially given recent market demand. However, many corporate finance teams are entirely unaware of the potential goldmine that may exist in their IT department. Certainly, they will know little about how to extract its full value. Balance sheets commonly miss any specific mention of IPv4 addresses, whether they are forgotten outright or sorted into a vague category that is easily overlooked when it comes to a merger, acquisition, or divestiture.
IPv4 addresses are the building blocks of connectivity within the digital landscape. Every device on a network—be it a smartphone, a server, or a router—requires an IPv4 address to access and be reached on the internet.
As such, IPv4 blocks have long been considered a prized asset for any business aiming to expand its network. But the price of these internet addresses has skyrocketed in recent years due to their utility and scarcity, especially as major companies like scramble to acquire millions of them.
In 2015, the average price of an address ranged between $7.50–$10. Now, less than a decade later, they range between $40–$60.
But what factors impact pricing?
Another factor in IPv4 valuation and management is the block size.
In the past two years, the larger the block of adddresses, the more each IP address included in it was worth. However, i n recent years, there have been fluctuations in the value of different-sized IPv4 blocks.
For example, in 2020, a significant price gap emerged between larger and smaller blocks. According to a report by IPv4.GLOBAL: “From June 2020 through August 2021, the price gap between large and small blocks ranged from 2.4% to 17.5%. This dynamic led to sellers breaking up /16 blocks to be sold in multiple transactions of smaller blocks since this netted more per address for the seller.”
Since late 2021 a curious price inversion has occurred in IPv4 markets. The long-term trend that discounted large blocks has reversed. Blocks of 65,000 addresses and more now trade for 20-35% more than small blocks.
If a business is currently sitting on a large inventory of IPv4 addresses, it is in good company. Many business owners are surprised when they uncover a vast surplus of unused IPv4 addresses—more than they could ever hope to utilize to their fullest extent.
Rather than simply letting those intangible assets lie dormant, many companies opt to monetize their address stockpile to fund both immediate and big-picture endeavors.
Typically, most businesses will select one of two monetization pathways:
Which option is best for a business?
Sell Addresses | Lease Addresses | |
Revenue Stream | One-time | Ongoing |
Risk Level | Low | Medium |
Control Over IPv4 Addresses | Transfer ownership | Retain ownership |
Time Commitment | Low (once sold) | High (continuous) |
Flexibility | Low | High |
Time Commitment | Low (once sold, management ends) | High (continuous management of lease agreements) |
Market Dependency | High (dependent on current market rates for sale) | Medium (depends on ongoing demand for |
IPv4 addresses can be thought of as a piece of art or memorabilia that’s been sitting in the attic, gathering dust for years. Overlooked and forgotten, they remain buried in the company’s ledger, lumped in with the “miscellaneous” section of the company’s intangible assets. That is, until an asset audit—usually during the lead-up or aftermath of an M&A deal—brings them to light.
Suddenly, that “piece of junk” is actually worth a fortune. In some cases, IPv4 address blocks are passed on and rolled over from multiple merger and acquisition deals, having been looped in as miscellaneous assets over and over again. As previously mentioned, many balance sheets exclude any specific mention of these IPv4 addresses prior to a sale, so it is crucial to take inventory and potentially uncover these surplus IPv4 blocks that can be liquidated for significant financial gain.
Corporations that own IPv4 address blocks can utilize them to drive business expansion. Benefits of these intangible assets include:
In the modern financial landscape, IPv4 addresses represent valuable intangible assets that can help drive business growth and financial stability. Yet, harnessing their full potential requires strategic insights and expert management.
As an ARIN-qualified facilitator, IPv4.Global can help your business navigate the complex marketplace while maximizing the ROI of its intangible assets. With more than 60+ million addresses brokered, we’re the world’s leading broker for appraising, selling, or leasing IPv4 blocks.
For transparent, experienced, and reliable brokerage services, contact us today.
August 17, 2023
From 2014 until 2019, it was very easy to get multiple blocks of 1,024 IPv4 addresses – a /22 – from the RIPE NCC. Each member could have multiple accounts, called LIRs, and get a /22 for each one.
This policy was intended to minimize the barrier to entry for new organizations. They could build a small network with some IPv4 addresses. While new entrants had some protection, the market price for IPv4 addresses more than doubled. It was about $10/address in 2014 but over $20/address in 2019.
The impact was substantial. RIPE NCC LIR numbers more than doubled from 10,000 members to 25,000. About 20,000 /22s were distributed. And from 2013 the RIPE NCC had a low, flat fee per LIR. While the precise numbers vary each year, there has been a sign-up fee and the annual flat fee has been about €1,500-1,750.
This means that LIRs were paying about $7/address, which they could sell on the market for a considerable mark-up after holding for just two years.
The last /22 was distributed in November 2019.
Some believe that the RIPE NCC’s supply-side management impacted market pricing. Two years after the last /22 was allocated the price peaked at over $60/address. The RIPE NCC’s membership rolls are reducing, too. Membership numbers have dropped by about 2,000 members in the last two years.
New members still pay about the same amount but they get less for their money. They can be added to the IPv4 Waiting List to get 256 IPv4 addresses – a /24. There are over 1,000 LIRs in the queue and the first one on the list has been waiting for over 400 days.
This is a concern for the RIPE NCC’s Executive Board. In their consultation on the 2024 charging scheme they stated that “we expect many members with multiple LIR accounts who received resources in 2021 to merge these accounts in the coming year.” While they proposed a tiered model with fees ranging from €650 to €10,000 based on the resources under management, that is not what the members voted for.
In 2024, RIPE NCC members will pay €1,550 per LIR. New members will also pay the €1,000 sign-up fee.
We expect large numbers of /22s to come to market in the coming months.
by Leo Vegoda
Jewelers are eager to buy up old jewelry and recycle the metals and gems into something new. Gold and silver are too precious to send to landfill. APNIC is doing something similar with IPv4 addresses.
But while some organizations will get low cost IPv4 addresses, everyone benefits from better quality data about who has IP addresses and how to contact them.
In February 2021, APNIC’s board resolved that anyone whose APNIC-registered IPv4 addresses pre-date APNIC would need to become a member. They gave this small group until the start of 2023 to sign-up. Those who didn’t could lose their addresses.
APNIC contacted the registrants and users of the addresses, explaining the situation.
There wasn’t much pre-APNIC address space in this situation: about 4,000 blocks. Almost 80% were /24s (256 addresses) but there were 85 /16s, previously known as Class Bs (65,536 addresses). It added up to just over 7 million addresses.
APNIC’s work achieved two goals.
Registrants updated their organizational details and contact information for addresses they use. Networks use this contact data when they need to debug and resolve connectivity problems. APNIC reclaimed and will reallocate some addresses that aren’t needed, or that were allocated to organizations that don’t exist now.
So far, the process has delivered on both fronts. Over 400 organizations, with 2 million addresses, updated their records. APNIC also removed 1,009 registrations: almost 750,000 addresses.
The project is not over. APNIC is still working on the status of over 2 million addresses that aren’t routed and more than 1.5 million that are.
Some of those addresses could come back to APNIC while others will stay with their current users. Any addresses that stay with their current users will have had their registrations checked. The contact information published in APNIC’s whois database will be more reliable than at the start of the process.
The five RIRs registered transfers of about 90 million IPv4 addresses in 2022. That is more than five of the top-level /8 blocks. While 3.5 million more addresses could come back to APNIC for reallocation, that’s a tiny fraction of demand.
The demand comes from two places.
The RIR communities developed policies to ensure that they can provide small blocks of IPv4 space to new market entrants. That’s why they make very small allocations and run waiting lists.
APNIC will allocate new members up to a /23 (512 addresses). The APNIC community is discussing a proposal to halve this and will decide at APNIC 56, in September 2023.
But new entrants are a small part of the market. The market is the other part of the policy formula.
As long as some networks need IPv4 space, the largest networks will need it. And because they will need it they will need a lot. These organizations work with sellers and often support them with renumbering and associated work.
The five RIRs worked with ICANN on an Identifier Technical Health Indicators (ITHI) project. The project focused on measuring the quality of a wide range of services. The RIR registries were a part of this, alongside the way the domain name system works.
The RIRs developed a set of three metrics and set a target of 100% for each:
Perfection is a tough target. And it’s not possible in a world where things change. But activities like APNIC’s review of historical resources help sustain a high level of data quality.
Another APNIC process serving this purpose is the six-monthly check of abuse contacts. APNIC tests that the contact is accurate and contactable. Members have a very generous 15 days to respond. Most experts expect abuse reports to be acted on within minutes or hours: not weeks.
RIRs can only allocate small blocks of IPv4 addresses and the waiting time is often over a year.
The only predictable way to get IPv4 space is in the market. The market relies on high quality registry data about the organizations with IP addresses. Work like APNIC’s review of historical resources helps push towards the 100% targets defined in the RIRs’ ITHI metrics.
IPv4.Global’s platform offers the most transparent pricing. We can help at every stage, so contact us for help with your addressing needs.
by Lee Howard
On Friday, July 28, 2023, AWS announced they would begin charging for every IPv4 address an account is allocated or using on the platform, starting February 1, 2024. That’s a change from the current scheme, which only charges you for addresses you reserve, but aren’t using, or if you reassign the same address over a hundred times a month.
The rate is $0.005 per hour per IP. Assuming 30 ½ days per month, the cost of a single IP is $3.66 per month. If you only have one address, that’s a minor increase to your monthly AWS bill. However, some enterprises and universities have moved hundreds of systems to the cloud. With current IPv4 prices for small blocks in the low $30s per address, buying a /24 (256 addresses) pays for itself in less than a year.
AWS also encouraged users to consider, “accelerating your adoption of IPv6.”
To see how many IPv4 addresses you’re using on AWS, log into the console, under your name on the top right choose Billing > Cost & usage reports > Create Report, enter a Report name, check Include resource IDs, Next. Choose an S3 bucket or create a new one. You may have to wait up to 24 hours to see your report under “Cost and Usage Reports.”
Warning: scary technical content follows!
After you buy your /24, here’s how you get started using it. AWS has a free way to Bring Your Own IP (BYOIP):
$ openssl genpkey -aes256 -algorithm RSA -pkeyopt rsa_keygen_bits:2048 -out private-key.pem
$ openssl rsa -in private-key.pem -pubout > public-key.pem
$ openssl req -new -x509 -key private-key.pem -days 365 | tr -d "n" > certificate.pem,/code>
-----BEGIN CERTIFICATE-----
and -----END CERTIFICATE-----
text_message="1|aws|123456789012|192.0.2.0/24|20241201|SHA256|RSAPSS"
signed_message=$( echo -n $text_message | openssl dgst -sha256 -sigopt rsa_padding_mode:pss -sigopt rsa_pss_saltlen:-1 -sign private-key.pem -keyform PEM | openssl base64 | tr -- '+=/' '-_~' | tr -d "n")
aws ec2 provision-byoip-cidr --cidr 192.0.2.0/24 --cidr-authorization-context Message="$text_message",Signature="$signed_message" --region us-east-1
aws ec2 describe-byoip-cidrs --max-results 5 --region us-east-1
to look for the block.aws ec2 advertise-byoip-cidr --cidr 192.0.2.0/24 --region us-east-1
The whole process, except waiting for AWS to provision, should take less than 20 minutes. Text in consolas font
above should be pasted exactly, after replacing text in red with your specific values.
To download a Word file of the above, click here.
Demand for /16s has kept prices even, perhaps marginally higher. Demand for /20 – /17 blocks is up slightly, enough to find a price equilibrium. The volume of small blocks available is high and prices have continued to slip.
Considering long term trends, prices increased at a very steady rate 2014-2018, before flattening in 2019-2020 then spiking in 2021. At this point, prices of small blocks have returned to the level they would achieved had the original (2015-2018) steady rate of increase simply continued.
by IPv4 Staff
Companies sell (or transfer) assets in many different ways, not always in the normal course of business. Sometimes distress causes bankruptcy or liquidation. Other circumstances for asset transfers occur during mergers, acquisitions and various forms of reorganization. It is often the case that multiple classes of assets are transferred in a “bundle” including a number of valuable things, of differing varieties. An entire portfolio of assets can change ownership in a single documented sentence.
Because the variety of assets bought and sold can be considerable, many types move without anyone being fully aware of them. During mergers, language in purchase agreements may include, “and all other assets” to cover anything being transferred that is not explicitly included in an inventory of things bought and sold. Which means, “everything else not listed here” is being sold by one entity to the acquiring entity.
Intangible assets, like patents or copyrights, are transferred in such exchanges more or less invisibly. IP address blocks are similar but not the same. They are frequently unused, under-used, or overlooked. So, they move from one company to another without much notice, invisible to all the participants.
IP address transfers present their own official requirements. These “challenges” aren’t busy paperwork. ARIN (and the other RIRs) are deeply concerned with illicit use of IP addresses. To stop such use they are sensitive to and watch for the illegitimate transfer of addresses. So, RIRs require different kinds of proof of ownership when approving an official transfer.
When multiple, undocumented, out-of-sight sales or mergers of companies have happened, this can be a problem. Put simply, for transfers to be recognized by ARIN, ownership, documented in a title transfer, must be established. This is a baseline requirement in order for ARIN to recognize the transfer.
A “chain of title” is the record of ownership, documenting the sequence of transfers of ownership of any property. It is an historical timeline that documents – ideally without gaps – who the owners of something have been and who they are now. Of course, many kinds of things can be assets and so, therefore, can be owned. Obvious examples include real estate or automobiles. But intangibles such as copyrights or patents can also be owned and so frequently include a proof of ownership: a title. Even “rights” are traded. The right to farm a piece of land one doesn’t own might be an asset that is owned by a person or entity.
A ”registration” is not a “title.” That is, registering a vehicle with a state department of transportation almost always requires a proof of ownership: the title to the car. But the reverse is not true: one can sell an automobile, transferring the title without informing the state in which it is registered. If the title to the thing was transferred correctly, proper notary and signatures in place, title has changed but the registration hasn’t. The registering agency is in the dark.
In a further anonymizing of asset ownership, possession and use can become vague or even invisible. The 1937 Cord your grandfather won in a poker game and stored in his barn but has never driven or registered is a pretty invisible asset. Especially if, getting older, he forgets it’s behind the third stall on the left. If grandpa’s land (and the barn and the car) passes to his children, probate will likely see to it that the title to the real estate is transferred to a new owner. But the car – though probably now the legal property of his estate – will have no formal transfer of title. And no valid registration. Any attempt to register it will likely fail.
The ARIN community has developed policies to govern IP address transfers. Most are rigoroius but largely routine. However, complexity can arise in two broad categories: transfers arising from mergers & acquisitions, and reorganizations. ARIN’s role in either case is to confirm that there is a chain of title from the original registrant to the new registrant.
ARIN performs this task using only supplied paperwork. The purpose here is to discover and reject illegitimate claims to title and/or attempts to use another, legitimate owner’s addresses.
To validate ownership, ARIN accepts authenticated copies of documents describing the transfer of assets, such as:
In the case of name changes, ARIN accepts documents such as amended articles of incorporation, or a government verification of the change.
ARIN’s CEO, John Curran, has publicly explained that they look for consistency and coherency in validating documentation.
This sounds simple enough but can become quite complex when multiple mergers, liquidations or other corporate transactions happen. Simple matters such as typographical errors, missing or non-existent documentation can frustrate the process. Nevertheless, the scope the internet and networks generally, plus the occasionally nefarious behavior of some players in this field makes caution necessary.
It wasn’t always this way. The internet’s early registration practices were less formal. Everyone knew everyone and so more casual naming was used. For instance, an early IANA registration illustrates the early off-handedness that has been rinsed from the process. The registration for 12.0.0.0/8 lists “AT&T Bell Laboratories.” But ARIN’s registration was updated last year and shows “AT&T Services, Inc.” along with current contact information. Informal registration records from the past don’t prohibit IP addresses from being transferred. But thorough reviews of the the chain of title take time. Where the chain of title is murky or entirely undocumented, the process gets progressively more complex.
by Lee Howard & Peter Tobey
Previously, we’ve described the inversion of large block and small block address pricing. By the end of 2022, the divergence had been going on for 18 months and increased until there was a 20% premium on /16s and larger.
In the first six months of 2023, that trend has continued, with larger block prices hovering between $50-55 per address and smaller blocks continuing to fall in price. The difference in recent months has grown to 30-35%, with some small blocks dramatically less expensive than they have been since early 2021.
However, the very tight trading range for IP addresses in general that existed from early 2016 – when IPv4.Global’s auction site began publishing trade data – until mid-2021, has disappeared. Large blocks trade in a tight range. Smaller blocks have traded in a wider range of prices. Small block prices moved in a haphazard – if downward – fashion from mid-2021 through Q1, 2023.
Demand for /16s has kept prices even, perhaps marginally higher. Demand for /20 – /17 blocks is up slightly, enough to find a price equilibrium. The volume of small blocks available is high and prices have continued to slip.
Large blocks (/16 and larger) have remained costly. Smaller blocks have fallen in price but seem to be consolidating around more narrow bands.
Speculating on broad marketplace causes and effects is best introduced with caveats galore. Too often, correlation is mistaken for cause in any financial analysis.
The following are influences we see as likely impacting the market. To what extent each does so, we are uncertain.
Many shrewd observers of the IPv4 market will opine that demand for this crucial element of network expansion varies independently of price for the addresses. That is: folks who need addresses buy them. The overall need for addresses is immediate and outweighs variation in price. Relatively small price variations don’t dampen need in this theoretical scenario.
Of course, this does not always prevail. Those with multi-year expansions often have fixed maximums on their spending plans and will often bargain shop.
However, supply may very well influence pricing. And pricing impacts supply. It is simply true that the increase in IPv4 prices that followed rising demand in late 2020 and early 2021 encouraged the expansion of market supply. Rising prices surely prompted some additional sales. But that price increase was followed by falling demand during most of 2022. (Higher prices often dampen demand, even when the commodity is essential.) Unquestionably, that reduced demand has resulted in falling prices.
This chart shows lower volume (in blue) through 2022, perhaps resulting in falling prices. Note the earlly 2023 increase in volume and prices.
During much of 2022 (and most dramatically during mid-year) blocks smaller than /16s experienced a decline in demand – and a natural trough in transfers resulted. As demand softened, prices at first stabilized and then declined. This end to rising prices and the long, slow trend of falling values began in October 2021 and has continued until today.
It is important to note that prices continued to rise for a time (Q4 2021) even as demand softened. Such lags in supply/demand relationships are not unusual. It is possible that future demand increases will be followed by price increases only after some similar delay in market reaction. Reporting is also a factor: Price changes are a leading indicator. Note that the price date is the date a sale is agreed upon and the volume date is the date the transfer is complete, which is often weeks or even months later.
Beginning in March, 2023 activity in these smaller block sizes increased. This trend is too recent and short-lived to draw sound conclusions from it. However, in connection with some possible stabilizing of small-block prices, one might speculate that rising small block demand, and therefore the prices of them, may continue.
From 2014 until 2019, it was very easy to get multiple blocks of 1,024 IPv4 addresses – a /22 –free from RIPE NCC. Each member could have multiple accounts, called LIRs (Local Internet Registry), and get a /22 for each one. This policy was intended to make sure new networks were still able to get some IPv4 addresses, even as the RIPE NCC was running out. It was about $10/address in 2014 but over $20/address in 2019.
The impact was substantial. RIPE NCC LIR numbers more than doubled from 10,000 members to 25,000. About 20,000 /22s were distributed.
From https://www.ripe.net/analyse/statistics/number-of-lirs
To make this even more attractive, from 2013 the RIPE NCC had a low, flat fee per LIR. While the precise numbers vary each year, the sign-up fee and annual flat fee has been about €1,500-1,750. This means that LIRs were paying about $7/address, which they could sell on the market for a considerable mark-up after holding them for just two years.
RIPE NCC distributed its last /22 in November 2019.
Some believe that the RIPE NCC’s supply-side management impacted market pricing. Two years after the last /22 was allocated the price peaked at over $60/address. The RIPE NCC’s membership rolls are declining, too. Membership numbers have dropped by about 2,000 members in the last two years.
It is possible that the large numbers of /22s that became available for resale around and after 2020 and 2021 has contributed to the steady decline in prices since. The leveling of prices in 2021 may well have spurred sales of these blocks, increasing supply and lowering prices.
Beginning in March, 2022, the Federal Reserve began raising the federal funds rate, causing all other interest rates in the U.S. – and worldwide – to rise. At the same time the Fed forecast more rate increases and has fulfilled that promise by raising rates from 0.25% to the current 5.5%.
In anticipation of these rate increases most financial prognosticators (from bankers to media) anticipated much higher borrowing costs and, most likely, a recession varying from mild to not-so-mild. Without question, recession fears impacted long-term investment planning in some areas of the economy. It is reasonable to assume that network expansion plans, especially those not deemed essential or pressing, were delayed. Such a delay would reduce the demand for IPv4 addresses and therefore impact the marketplace cost of them.
The variables impacting prices are complex. Predicting future prices nearly impossible. The observations here suggest that small and medium-size block prices are stabilizing. If that were true it is anyone’s guess where they will venture going forward. So, the best course is to monitor sales and pricing going forward and be alert to opportunities. Under no circumstances would we predict that prices will remain the same as they are today.
by IPv4 Staff
The American Registry for Internet Numbers (ARIN) is one of the five major regional RIRs responsible for managing the distribution of IP addresses. This includes IPv4, IPv6 and AS numbers. As the name implies, ARIN covers the North American region, including the US, Canada, and many Caribbean and North Atlantic islands.
In response to today’s active market in IPv4 addresses, and the many and diverse buyers and sellers for these assets, ARIN has fielded many inquiries about the often-complex transfer process. In addition, it is among their core functions to assure legitimate, efficient transfers of IP addresses. So, in response to that need, the status of Qualified Facilitator was created.
As John Sweeting, Chief Customer Officer at ARIN, explains, “Buyers and sellers will be able to access our list of qualified facilitators, which should improve the overall customer experience and address concerns raised by community members about transfer support, as well as streamline the transfer process with ARIN Registration Services.”
ARIN created the Qualified Facilitator Program (QFP) to be “a resource for the community to assist in identifying Qualified Facilitators engaged in brokering the transfer of IPv4 or Autonomous System Number (ASN) resources in accordance with ARIN’s Number Resource Policy.”
Under the QFP program, a Qualified Facilitator (QF) is recognized by ARIN as a uniquely trustworthy intermediary capable of assisting in and facilitating the smooth transfer of IPv4 addresses between entities—whether that means buying orsellingddresses. A Qualified Facilitator can provide services like:
In short, the ARIN QF status signals an organization’s competence, trustworthiness, and adherence to best practices and ethical standards in the management of IPv4 resources. In the first month the QFP was available, only four organizations have received this accreditation, which only serves to underscore the rigorous requirements and high standards imposed by ARIN.
An ARIN Qualified Facilitator can play an essential role in ensuring the stability and integrity of the IPv4 marketplace. They can help foster an environment of trust and transparency, making it easier and safer for organizations to navigate the often-complex process of IPv4 address transfers.
Using a Qualified Facilitator may be a good option for:
When you work with a Qualified Facilitator, you can operate confidently knowing that you have a trustworthy and experienced IPv4 brokers in your corner.
Advantages of partnering with a QF include:
Historically, the IPv4 address transfer process could be a lengthy and complicated affair, especially if it was brokered by an underqualified facilitator.
From start to end, a QF like IPv4.Global can ensure that the entire transfer process is conducted with maximum efficiency. We have the expertise to handle the myriad technical complexities, providing clients with peace of mind and extra time to focus on their core business operations.
By entrusting IPv4 address transfers to a Qualified Facilitator, clients can benefit from a smooth, efficient, and compliant process bespoke to their unique needs and requirements.
Additionally, it’s important to note that ARIN has stringent transfer requirements. Compliance with these rules is essential for ensuring a smooth and legally-binding transfer of IPv4 resources.
As a requirement of the status, a Qualified Facilitator must be familiar with ARIN’s rules and regulations. They must have completed the ARIN qualification process. (Note that awarding the qualification is based on an interview and review by General Counsewl and ARIN’s Chief Customer Officer.) A QF’s dedicated team ensures that all transfer procedures adhere to these regulations, and that all contractual obligations are met and transfer fees are paid, thereby minimizing the risk of legal or regulatory noncompliance, potential penalties, or delays in the transfer process.
A Qualified Facilitator can also pull back the curtain to provide total visibility over the entire transaction process. This includes:
ARIN is in regular contact with Qualified Facilitators—whether it’s sharing the newest updates or best practices, their mission is to ensure that QFs adhere to the most stringent and up-to-date standards.
This continued support and collaboration ensures that customers receive the assistance and guidance they require to confidently navigate the intricacies of IPv4 transfers while proactively addressing any concerns that might crop up.
Put simply, this dual support ensures that clients experience a streamlined transfer process with enhanced support at each step of the journey.
IPv4 became an ARIN Qualified Facilitator in June 2023. As a QF, IPv4.Global provides clients with a reliable and transparent transfer experience.
With more than 60+ million addresses transferred, IPv4.Global already was the world’s most trusted broker for appraising, selling, or leasing IPv4 blocks. And now that we’ve been named as a Qualified Facilitator, there can be no doubt about our commitment to excellence.
by Leo Vegoda
In the beginning, all data networks were local, so all network addresses were local. Before Vint Cerf led DARPA’s Internetting Project, a globe spanning network of data networks was impossible.
The early internet was small. Most of the users were its builders, or worked alongside them. It was also culturally cohesive. Security was less important than developing the technology.
That changed in 1989. The US National Science Foundation allowed commercial traffic on its internet backbone. This signaled a change in the nature of the internet. It was no longer small and the diversity of its users was growing fast. So fast that engineers started to worry the IPv4 address space was too small.
They began developing strategies for IPv4 runout in March 1992. They discussed the possibility of some addresses only being unique within a local network. By 1994, three blocks of addresses had been reserved for use on private networks. They deliver just over 17 million IPv4 addresses: enough for all but the largest of networks.
But internet engineers did not standardize the technology for connecting private networks and the internet. Many considered the concept heretical. They wanted “every system to be globally accessible” and knew this required “a globally unique addressing system.”
John Mayes, a consulting engineer, regularly renumbered networks for clients. Often, they had used unallocated IP addresses for a private network. When they connected to the internet they experienced address clashes. Data didn’t flow reliably.
In 1995 he and Brantley Coile developed the first commercial Network Address Translator (NAT). It solved their clients’ technical problems. It also provided a stateful firewall, which many networks of the time were missing. This was the PIX, or Private Internet Exchange, named to riff on PBX running telephone networks inside a business.
We now have two types of unique addresses and two types of non-unique addresses.
When you get your IPv4 or IPv6 addresses from a registry, you are paying for three things:
This means you can publish GeoIP information about your network and share the names used on your network. Reverse DNS is helpful for network troubleshooting and testing.
There is no technical difference between private and shared addresses. The distinction is down to the intended use case. Private addresses are intended for use on end user networks. That means anything from a domestic WiFi connection to a large bank’s internal server infrastructure.
Internal network communication can use the private addresses. Communication from the internal network to the internet must be supported by a NAT. The NAT maps the internal address to an external address for the duration of a session, which could be under a second and could last for days.
But the number of sessions is limited by the NAT’s hardware capacity and the size of the pool of unique addresses it has available. Networks that generate many simultaneous flows, or many long lived flows, will need a bigger pool of unique addresses.
Shared addresses are intended for use on service provider networks. Engineers agreed to reserve an extra 4 million IPv4 addresses for shared use because many service provider networks had already used all the private addresses.
IPv6 is so big that its private addresses can be unique. Internet engineers have reserved a /8, which is 0.4% of the IPv6 address space. That doesn’t sound very much but provides over a trillion blocks and they could be used if that was necessary. This is because they are used one-by-one and not organized as hierarchies.
The risk of an address clash between any two networks is about one in a trillion. It increases with the number of networks. The risk of a clash between any thousand networks is about one in 40 billion.
But avoiding address clashes depends on users generating a properly random prefix. There are online tools and freely available code to help anyone manually generating a prefix. But popular services, including Apple’s consumer products and Google’s cloud services automatically generate random prefixes, reducing the chance for human error.
A second /8 was also reserved but should not be used now. It was originally intended as a place where people could register a prefix for a small one-time payment. This approach was abandoned because of the huge challenge of ensuring an organization running the service could survive for at least a century.
July 10, 2023
Every US state will get at least $107 million to deliver high-speed broadband access to everyone by 2030. Bigger states will get more. California gets $1.9 billion and Texas will $3.1 billion.
This spending comes from the American Rescue Plan and the Bipartisan Infrastructure Law.
President Biden says that 35,000 projects have been funded or already started. Hundreds of them are in rural and Tribal communities.
He described it as “the biggest investment in high-speed Internet ever.” He then noted that “Internet access is just as important as electricity was or water or other basic services […] it’s become an absolute necessity.”
The White House wants internet access for 8.5 million locations in under-served and rural communities. It says that 24 million Americans do not have high-speed internet access. Millions more only have slow or unreliable access.
Prices continued the trends seen through 2023, with /16 pricing holding steady and smaller space easing.
by IPv4 Staff
In recent years, the IPv4 address market has witnessed a surge in demand and value, with IPv4 address prices reaching historic highs. As the market inched ever closer to supply exhaustion, prices rose from an average of $10 in 2015 to an astounding $55 in 2022.
Even before the surge, IPv4 addresses were widely recognized as valuable intangible assets. However, with the average value now having increased fivefold in less than a decade, their significance and worth have reached entirely new heights in the modern digital landscape.
But here’s the thing. Because IPv4 addresses are intangible assets, many major institutions may inadvertently and unknowingly sit on a veritable treasure trove of unused IPv4 address blocks. Educational institutions in particular may find themselves in a prime position as potential sellers in the current market.
The question then arises: How have educational institutions come to possess vast reserves of untapped IPv4 addresses, potentially worth hundreds of thousands, if not millions of dollars?
In the Internet’s earliest days, the world wide web was not in the public eye. For the first decade or so, it was predominantly used as a research and educational tool.
As early adopters and pioneers of this technology, universities and research institutions were among the first to be assigned IPv4 addresses. Allocations of addresses were quite generous, with some institutions assigned class A address blocks with more than 16,000,000 IPv4 addresses each.
But why were they given so many addresses?
There were a few reasons for this:
Today, a great deal of IP address space remains dormant simply because too many addresses were distributed to some networks. Even major universities with significant network traffic and devices can’t hope to fully utilize every address in their stockpile.
Knowing that, instead of letting these address surpluses simply collect digital dust, many educational institutions have taken purposeful strides towards monetizing these intangible assets in order to finance both immediate needs as well as long-term projects.
Typically, most universities will have one of three available pathways:
But how do they decide on what’s the best option?
Here’s how these paths stack up:
Selling Unused IPv4 Addresses | Leasing IPv4 Addresses | Using IPv4 Addresses as Collateral | |
Financial Gain | One-time lump sum payment | Recurring income | Access to funds for loans/investments |
Control Over IPv4 Addresses | Transfer ownership | Retain ownership | Retain ownership (risk of loss in case of default) |
Flexibility | Limited (once sold, no longer owned) | High (can lease to different businesses) | Moderate (contingent on loan/investment terms) |
Risk Level | Low (once sold, no further obligations) | Moderate (ongoing management and potential disputes) | Moderate to High (contingent on loan/investment terms) |
Selling Unused IPv4 Addresses | One-time lump sum payment |
Leasing IPv4 Addresses | Recurring income |
Using IPv4 Addresses as Collateral | Access to funds for loans/investments |
Selling Unused IPv4 Addresses | Transfer ownership |
Leasing IPv4 Addresses | Retain ownership |
Using IPv4 Addresses as Collateral | Retain ownership (risk of loss in case of default) |
Selling Unused IPv4 Addresses | Limited (once sold, no longer owned) |
Leasing IPv4 Addresses | High (can lease to different businesses) |
Using IPv4 Addresses as Collateral | Moderate (contingent on loan/investment terms) |
Selling Unused IPv4 Addresses | Low (once sold, no further obligations) |
Leasing IPv4 Addresses | Moderate (ongoing management and potential disputes) |
Using IPv4 Addresses as Collateral | Moderate to High (contingent on loan/investment terms) |
While myriad factors impact IPv4 pricing, ultimately, IPv4 addresses are subject to the most basic of macroeconomic principles—the price movement falls in line with supply and demand. Supply has steadily approached exhaustion while demand has increased exponentially.
The reason for the supply crunch is glaring. In the early 2010s, the Internet Assigned Numbers Authority (IANA) depleted its pool of available IPv4 addresses that could be assigned to RIRs. Soon after, the other five Regional Internet Registries (RIRs) also depleted most of their entire stock.
Put simply, the supply is capped, with no new IPv4 addresses being created. In response, existing owners are less willing to part with these increasingly valuable commodities.
On the other side of the price equation is demand—it’s shot up. And, there are several factors that contributed to this precipitous rise:
July 6, 2023
ARIN issued about 45,000 addresses to 63 organizations on 5 July 2023. 617 organizations remain on the list, waiting for addresses. This is an increase of 56 since April 2023.
ARIN reports that almost 700,000 addresses have been transferred between ARIN region organizations so far this year. Just over 1 million addresses have been transferred in and out of the region in the same period.
The organization that has been waiting the longest, joined the queue in June 2022. They will have to wait at least until the next distribution in October 2023.
On average, they want 669 addresses but would accept 648. This is almost the same as last quarter. It means their average need is a /23 and a /24. This is because IPv4 addresses are issued in CIDR blocks. The smallest block size available is a /24, which is 256 addresses.
June 14, 2023
ARIN warned that the wait time for IPv4 space from its Waitlist is years, not months, at NANOG 88 in Seattle.
There were 632 requests on the list at the end of May 2023 and it grew by 429 requests in the last year.
The long wait comes despite ARIN fulfilling 136 requests in Q1 2023. This compares with 151 in the previous three quarters. John Sweeting, ARIN’s Chief Customer Officer explained that this is the result of an influx of reclaimed IPv4 space that is unlikely to be repeated.
ARIN completed 373 transfers by the end of May 2023. This is about 75 per month, while 2022 saw about 80 per month.
ARIN introduced a Qualified Facilitators program at the start of June. Its goal is to “get a transfer completed” so this number could grow by the end of the year.
July 5, 2023
ARIN is consulting with its community on integrating fees for ASNs into its regular fee structure.
The proposal would cost an extra $100 a year for 6,800 organizations whose only resource from ARIN is one ASN. These organizations would move to the lowest 3x-Small fee tier.
This fee tier allows up to three ASNs as well as IPv4 and IPv6 addresses. Organizations with more than 256 ASNs would be categorized as Medium and pay $4,000.
ARIN expects about 15 multi-resource customers to end up paying more and over 300 to pay less. They would save between $50 and $1,750.
This consultation closes on 30 July.
July 5, 2023
Organizations with legacy IPv4 addresses but no ARIN contract will need to pay more to access some ARIN services after December 31, 2023.
Organizations with legacy IP address space must sign a contract with ARIN, called an LRSA, to access services like RPKI. ARIN caps fee rises for organizations with legacy IP address space when they sign an LRSA. Fees, now $175 a year, will rise by no more than $25 each year.
ARIN has not yet announced the fees for LRSAs signed next year.
by Leo Vegoda
RIRs have always supported IP address transfers arising from corporate mergers and acquisitions. The affected networks focused on two things: removing duplication of core services, like DNS, mail and storage, and aligning security policies.
The market adds the opportunity to realize the asset value of unused and poorly used IPv4 addresses. What are the key steps to take when integrating networks?
You can’t control resources you do not know about. Turning hidden assets into a windfall is nice but a complete view of your network is essential to identify precisely its configuration, utilization and general health. If you can’t control resources through allocation and configuration, you can’t implement your network security policy and manage required improvements.
A good IP Address Manager (IPAM) will not just act as a database for recording where addresses are supposed to be used. It will scan your network for actual use and help you plan for future use. Combining a real time view of your internal network with logging and business planning will reduce the risk of undocumented devices causing problems.
If you’d like to scan your IP inventory using a free tool designed for viewing but not maintaining a network’s IP use, try ReView. It doesn’t perform many of the functions of a robust IPAM but will offer an excellent overview of your network’s utilization.
Many IPAMs integrate with DHCP and DNS. This means your devices get registered, get an IP address, and a name. Automating these administrative tasks lowers operational costs. IPAM and DNS integration is particularly useful when deploying IPv6 as IPv6 addresses are long and client devices frequently change addresses.
Consolidating IPv4 addresses into one contiguous block both simplifies security policies and makes it easier to transfer (sell) the remainder through the market.
Your organization’s public services, like web and mail, still need IPv4 for the foreseeable future. It often makes sense to host these externally with specialist providers.
Client devices also need some IPv4 addresses for internet connectivity. But the devices themselves don’t need unique addresses – they can share pools. There are multiple technologies and tools available to translate between IPv4 and IPv6, including NAT64 and 464XLAT.
Fig 1: Deploying IPv6 opens a gateway to the future and makes valuable IPv4 addresses available for sale.
IPv4 is valuable because it is scarce. There is no IPv6 scarcity, and perimeter security translates between IPv4 and IPv6 just like it translates between RFC 1918 and unique IPv4 addresses.
Keeping separate blocks for providing services, for addressing gateways, and for internal infrastructure is useful. External hosted services will often rely on data or decisions hosted on your network. These limited access services might need unique IPv4 addresses when the external provider does not support IPv6.
There are just over 17 million private IPv4 addresses. Many large organizations have used them all and also squat on large allocations that are not announced on the internet. It is always likely that private IPv4 addresses will clash with those in use by partners, vendors, or a future buyer. So, it’s best to design networks so that renumbering can be automated. That requires an IPAM for managing addressing and a configuration management system to ensure that infrastructure, like DNS, uses the new addresses and clients know them.
There is no shortage of IPv6 address space. The /48 prefix most enterprises will get by default contains 65,635 subnets. And plenty more is available. Less than one percent of the total IPv6 space has been allocated so far.
Private IPv6 addresses, called Unique Local Addresses (ULAs), are available for free. The key difference is that they are unique. When the process for selecting a prefix is followed properly, the likelihood of a clash with another network is about one in a trillion. There are online tools that will implement the prefix generation process suggested in RFC 4193 for you. Using that or a similarly random process is essential for minimizing the risk of a future clash.
Organizations that prefer to buy certainty can get globally unique IPv6 addresses from a Regional Internet Registry. This will generally incur a small annual fee, like the $250 per year charged by ARIN.
One key advantage of getting IPv6 addresses from an RIR over a ULA is the reverse DNS domain can be delegated to your organization. If you use a ULA and want to use reverse DNS internally, your local resolvers will have to be configured to answer those queries.
Not all buyers are the same. Some buyers will actively support sellers through consolidating and transferring addresses. This can include renumbering to a new, smaller block. Of course, the responsibility for identifying and remedying reputation issues and consolidating subnets is ultimately with the seller. However, qualified brokers can help with both issues.
When freeing up a large amount of IPv4 space, speak with brokers and ask how they can help your organization both realize the value of a hidden asset and mature technical operations. Using IPv4 wisely in this way can help you save money in the longer term through improving security and deploying IPv6, which will be staying for decades to come.
Running a university isn’t easy on the pocketbook. Between salaries, services purchased, benefits, depreciation, supplies and equipment, and real estate, total annual operating costs for a major university can run into the hundreds of millions of dollars.
So, it’s no surprise that many colleges struggle to find sustainable funding sources necessary to keep their doors open and maintain quality education. Traditional methods such as tuition fees, government grants, and private donations may not always be sufficient to cover their financing needs.
Enter the world of IPv4 address blocks—a hidden treasure trove that many universities don’t realize they possess. This intangible asset could be the key to unlocking much-needed funds for dream programs and state-of-the-art campus facilities.
Higher education institutions are no strangers to financial hurdles. Even before the pandemic shook up the college landscape, many universities were already close to running over a fiscal cliff. But COVID accelerated the issue, according to CNBC:
“In a survey conducted by the Association of American Colleges and Universities, 74% of respondents said the most significant challenge facing their school is financial constraints. Smaller schools were more likely to report these concerns. A significant 79% of schools with fewer than 5,000 students said financial constraints are a significant challenge, compared to 52% of those from schools with more than 30,000 students.”
In the aftermath, colleges and universities are dealing with rising costs due to inflation, supply chain constraints, rising interest rates, and increasingly complicated compliance burdens. And these external pressures only compounded the existing financial challenges faced by universities, such as:
IPv4 addresses are a unique string of 32-bit numerical values that identify devices on a network that uses the Internet Protocol version 4 (IPv4) communication protocol, known more colloquially as the internet. These addresses enable devices to communicate with one another over the internet or a local area network (LAN).
When the internet was first created, it was largely designed for research and education. And its earliest adopters were often universities.
Consequently, a significant number of these institutions were granted extensive allocations of IPv4 addresses, known as address blocks. These allocations often comprised tens and even hundreds of thousands of unique addresses, far exceeding the needs of the universities, then and now. And so, millions of IPv4 addresses were left to sit and gather digital dust—unused and, over time, forgotten.
For many universities, this oversight has turned into good fortune.
In the early internet, the concept of IPv4 address exhaustion was unimaginable. 4.3 billion unique addresses seemed to be a more than adequate supply.
As we know now, that’s certainly not the case. The internet grew over the decades and more and more devices began to connect to it—as such, the supply of available IPv4 addresses started to dwindle.
Today, IPv4 addresses are a scarce and valuable resource. In recent years, prices have increased by nearly 20% annually, rising from $10 in 2015 all the way to $60 at their peak in 2021.
While prices have dropped from the historic heights of 2021, they still hover around the $40 to $55 dollar range. With a block of 65,536 unused addresses—often found in higher education institutions—there are millions of dollars worth of potential funding opportunities for universities and their big-picture goals.
Even at a large institution, chances are, you won’t ever fully utilize all of the addresses that were originally allotted. Instead of letting them go to waste, several forward-thinking universities have taken actions to monetize these assets, thus allowing them to finance their campus projects.
If you think you’d like to join the ranks of those cashing in some of their IP assets, consider the following. In most cases, you’ll have one of three available pathways to IPv4 monetization:
Sell the unused IPv4 addresses outright – Some universities opt to sell IPv4 blocks. In exchange for a one-time lump sum payment, they then irrevocably transfer ownership to the new buyer.
Lease the IPv4 address – Other universities prefer to lease out their unused IPv4 blocks, rather than selling them.
Use IPv4 addresses as collateral for loans or investments – Want to secure a loan for a major project? You could also use your IPv4 addresses as a form of collateral to back the loan or investment. Of course, this carries a measure of risk—if you default on the loan, the addresses could then be seized. Also, were the assets to decline in value the lender might require additional collateral.
When it comes to selling or leasing your intangible assets, the most critical decision is who you’ll trust to broker the deal. The IPv4 market is frictional. Brokers make it less so by bringing buyers and sellers together.
A high-quality broker can provide reliable and transparent information and services. They can act as a trusted partner, helping you:
Faced with mounting operational and funding hurdles, universities must get creative when it comes to securing funding. Monetizing IPv4 addresses is one such solution that is often overlooked but could be the optimal funding mechanism.
As the world’s leading broker of IPv4 addresses and more than 55+ million addresses moved, the IPv4Global team can work with you to create a brokered solution that secures funding when you need it.
To learn more, contact our team today.
The History of Internet Administration
by Leo Vegoda
The internet grew slowly, at first. The original four ARPANET nodes were connected in 1969. Computer networking grew through the 1970s and there was demand for commercial connections by 1988. The Washington Post reported that there were 500,000 internet users that year[PT1]. Users who enjoyed access while at university or work, wanted to retain access for the social connection it provided.
Although registry data was collected as early as 1971, the first recorded use of the term Internet Assigned Numbers Authority (IANA) was also in 1988.
While the name IANA references numbers, it manages three sets of data (and their [PT2] functions) for the internet. These are:
But any reasonably complex system requires management. Organizations also need rules by which to operate consistently and efficiently. Which is to say, the administration of the internet needed a kind of civil service. The internet’s civil service had been established in one man: Jon Postel. But because the internet was so small, he both set and administered policy.
History suggests that a system involving large numbers of people ought to separate the policy making for that community and the administration of those policies. Doing so avoids conflicts of interest and worse. So the growing internet needed separate policy making. Quite naturally, the pressure for resource management policies grew with the reach of the internet.
The increasing globalization of the internet led to guidelines for new registries outside the US. RIPE NCC, serving an area centered on Europe, was established in 1992 and APNIC, serving the Asia Pacific, followed a few months later. InterNIC managed both domain name and IP address registration in North America from 1993 until 1998, when ARIN was the third Regional Internet Registry (RIR) to be established.
LACNIC, serving Latin America and parts of the Caribbean, was established in 1999 and recognized by ICANN in 2002. Three years later, AFRINIC was recognized and became the fifth RIR, serving Africa and the Indian Ocean.
Fig 1: By 2005 there was a professional and impartial RIR serving each continent
ICANN, the Internet Corporation for Internet Names and Numbers, was established in 1998. It was created to reduce the US government’s direct responsibility for the internet. ICANN took on the IANA functions and created a policy for recognizing new RIRs.
By way of broad description, ICANN offers the following overview and graphic element on the internet:
“The Internet itself is a globally distributed computer network comprised of many voluntarily interconnected autonomous networks. Similarly, its governance is conducted by a decentralized and international multistakeholder network of interconnected autonomous groups drawing from civil society, the private sector, governments, the academic and research communities, and national and international organizations. They work cooperatively from their respective roles to create shared policies and standards that maintain the Internet’s global interoperability for the public good.”
Fig 2: Registries are run by formal organizations but standards and policy development is
ICANN, IANA, InterNIC, and the RIRs all maintained public registries identifying which organizations used internet resources. They also provided standardized, non-discriminatory, processes for requesting new resources and updating registration information.
The regionalization of registration provided several benefits. Firstly, international bandwidth was still expensive, so distributing the service lowered costs. Having a registry in roughly the same time zone as users allowed for telephone conversations. And each registry created a regional forum for the exchange of expertise and development of policy.
ARIN’s policies for North America could reflect its specific needs.
The RIRs all provide the same core services.
Some of the RIRs also provide technical training and forums to discuss internet management issues, like IPv6 adoption.
When John Postel was the IANA he used his good sense when allocating blocks of IP addresses. Policy development had to be formalized as the internet grew in importance and administration was distributed around the world.
Fig 3: Jon Postel – Photo by Irene Fertik, USC News Service. © 1994, USC.
These policies had to be anchored in the capabilities of the networking technology. At first, this meant distributing addresses in three block sizes because that is what the routing protocol demanded. We’ve written more about the development of routing technology here.
CIDR, which allowed more granularity, was introduced in 1993 as the RIRs were being formed. The RIRs soon created policies that reflected the adoption of CIDR. (Read more about CIDR in the blogs CIDR in Networking and Making CIDR.)
In 1996, RFC 2050 documented the four goals that have guided policy ever since:
ARIN now supplements these with two goals. One addition is stewardship. This is to ensure that addresses go to those who will use them. The other is reserved pool replenishment. This is to ensure that addresses can be allocated when returned to ARIN.
The policy details varied between the RIRs but the direction of travel was to make the policy less generous as IPv4 became more scarce.
IPv4 exhaustion was first predicted at the San Diego Internet Engineering Task Force meeting in 1992. Improved technology and policy have continued to push the date further into the future.
IANA allocated 19 /8 blocks – each about 16 million addresses – in 2010: about 8 percent of the available total. There are about 8 billion people in the world and only 3.7 billion IPv4 addresses available for use.
The internet’s ability to deliver valuable personalized communications, information, and entertainment at low cost was unprecedented. It was a huge market success. The size of the IPv4 space was seen as very generous when IPv4 was developed. Most network protocols of the time allowed for 256 or 65,000 connections. The inventors could not have anticipated that everyone in the world would want to connect.
IANA allocated its last five /8s blocks in 2011.
IANA started allocating the RIRs smaller blocks in 2014. Each RIR got just 256 addresses in [1] [2] 2019 – the last crumbs.
ARIN and the other RIRs implemented waiting lists, so that new organizations could get some IPv4 addresses for the cost of a membership.
The waiting list is currently long but serves a purpose. Sometimes an organization closes without transferring its addresses away. ARIN reclaims those addresses and can then allocate them to a new organization through the waiting list.
They also manage transfer processes. One recognizes transfers that result from corporate mergers and acquisitions. The other lets organizations transfer addresses to a specified recipient.
ARIN vets and approves Qualified Facilitators. These are organizations that help organizations that need addresses from the market. Facilitators must now pass a certification program. The goal is to ensure that facilitators can get a transfer completed. ARIN wants them to provide robust assistance to organizations transferring space away or in[3] [4] [5] .
The key requirements are:
The journey from 1969 to 2023 connected more than half the world’s people. We still need to connect the other half. Multiple agencies and businesses are also developing plans for permanent, automated and humanly-occupied bases on the moon, which is close enough for real time communication. IPv4 has been spread very thin but is unlikely to stretch far enough to connect everyone and everything that people want from the future internet.
IPv6 is the more spacious solution to IP addressing.
ARIN began allocating IPv6 addresses in 1999. It was a global bootstrap process to learn from the first 100 allocations. This experience could be used to develop the policy needed by organizations deploying IPv6 in their networks.
ARIN’s community joined the APNIC and RIPE communities to use that experience to develop a coordinated policy. It was ready in 2002. The key differences from IPv4 policy are the overwhelming importance of the aggregation goal and a new goal: minimizing overhead.
The core of IPv6 policy developed in 2002 has worked well. Google reports that almost half of its traffic now comes over IPv6. Despite this, barely 0.5% has been allocated for use because there is so much IPv6 address space.
Each new ARIN member’s default allocation is enough to serve at least 6 million residential subscriber customers. And they can get more if they need them.
The major challenge of internet use worldwide isn’t the availability of address space. It’s making sure that the low density and island nation communities have good internet service.
The internet’s civil service has proved itself a reliable steward of the internet’s number resources over the last 35 years.
ARIN and the other RIRs have reliable processes for requesting and managing both IPv4 and IPv6 addresses. They support community-led policy development while ensuring their people do not advocate for policy outcomes.
They operate reliable infrastructure. The public has access to registry data and members can manage that data through web portals and APIs.
ARIN and the other RIRs are consistently improving their support for RPKI, the digital certificate technology used to improve the security of internet routing.
When Jon Postel proposed recording “Sockets in use” in 1971, this kind of registry function was innovative for computer networking. ICANN, IANA, ARIN and the other RIRs have made the management of internet number resources a mundane piece of infrastructure. Their services are highly reliable and are used by most consumer and business internet services.
They have smoothly managed the transition from a free pool of IPv4 addresses to a market based transfer system. IPv4 addresses remain available to organizations that need them.
If your organization falls into this category, IPv4 Global is a trusted partner you can rely on. We’re a fast and transparent broker of IPv4 addresses.
Contact us today to learn more.
June 21, 2023
ARIN’s Advisory Council has started a discussion on a policy proposal to disallow the leasing of space obtained from its waitlist.
Organizations getting space from the waitlist cannot transfer it for five years. The only exception is for corporate mergers or acquisitions. This proposal would expand that restriction. Those organizations would not be able to lease it, either.
The community is discussing the proposal on ARIN’s PPML. It will also discuss the proposal at ARIN 52 in October 2023.
The proposal can only advance to the next stage if there is community support. ARIN will publish a staff and legal review on the proposal ahead of ARIN 52.
A Terrific IPAM Auditing Tool
IP address management (IPAM) is a crucial investment for organizations with growing network ecosystems. An expanding network likely means network managers are routinely keeping track of anywhere from hundreds to many thousands of IP addresses and the devices connected to these addresses.
If poorly managed, a busy IP address infrastructure can result in network chaos and deepen network inefficiencies. With the right IPAM tools, any organization can successfully improve network visibility, save IP address space, and implement stricter privacy and security control over network traffic.
ReView, a recently released IPv4.Global product, stands out in the IPAM space for its robust IP address visibility. ReView simplifies the assignment and allocation of IP addresses, streamlining network management for operators and administrators. Unlike most cloud-based IPAM tools, ReView is a local application, meaning users have more control over data sharing and privacy.
This brings us to the question: just how does ReView streamline IP address management and enhance your IPAM tools?
To understand the importance of efficient IP address management, imagine tracking all the IP addresses assigned to devices on a network daily. That’s all the workstations, laptops, mobile devices, IoT devices, and web servers connected to the networks in a company’s infrastructure. In any enterprise setting, this process is too cumbersome to remain effective in the long term. Before IPAM tools, network managers were tasked with organizing and tracking all of this using spreadsheets and text files, which was an overwhelmingly cumbersome and inefficient process that could become so deeply established as a management routine it was nearly-impossible to pull away from.
Enter IPAM systems, which automate this process by integrating with the Dynamic Host Configuration Protocol (DHCP) to assign devices static or dynamic IP addresses, tracking each of these assignments to minimize network chaos.
As each device connects to a network, the DHCP provides a static or dynamic IP address, enabling network administrators or operators to track devices until they disconnect from a network. Using IPAM to map an entire, up-to-date network infrastructure is helpful if an enterprise’s network is rapidly growing, with users routinely accessing the internet via their networks.
Even with a growing number of IPAM tools on the market today, network inefficiency related to IP address management remains a concern. Many organizations still track IP addresses manually, creating a high potential for service interruption, security risks, and time-consuming network updates.
ReView was developed in partnership with 6connect to resolve these concerns. It provides users with audit-based visibility of their IP address holdings, revealing inefficiencies such as unused IPv4 address blocks that can be monetized for additional revenue. Beyond improving network visibility, ReView enables faster IP address block segmentation and streamlines network expansion.
Broadly speaking, ReView does what one would expect an IP address audit tool to do: identify inefficiencies in IP address management and offer potential solutions. Looking at the bigger picture, ReView optimizes network management strategy and provides long-term cost savings through sheer transparency. There is no other tool that exists which can audit and provide a completely accurate inventory of IP address blocks to the extent ReView can.
Let’s dive into how ReView empowers IPAM:
For a network administrator, it’s crucial to understand how their organization assigns or allocates IP addresses, especially as it pertains to security and operational efficiency. ReView’s address visibility and management features simplify IP address recordkeeping, helping network admins to visualize network dynamics—especially as they evolve.
Whereas a 10-person startup can operate effectively with a single network admin keeping track of IP addresses, chances are this person will be overwhelmed when the organization grows to 100 people. Even with a dedicated team of network operators manually managing IP addresses, this 100-person company might encounter challenges when:
A tool like ReView can address these IPAM challenges head-on, minimizing time, operational, transparency, and financial constraints.
When conducted routinely, an audit of an IP address management infrastructure will spotlight inefficiencies and unused or underused IP address blocks that could save money or provide revenue from these hidden, dormant assets.
In many cases, hidden IP address blocks can be uncovered in this way and sold for significant returns in today’s competitive market. Likewise, if an organization is aware of, and doesn’t anticipate using, its unused IPv4 addresses, it can sell or lease them to minimize any additional operational costs it currently incurs.
Whether it’s a growing organization looking for new IP addresses or a company interested in unique IP addresses compatible with older devices, chances are there is a ready buyer or renter. In 2022, single IP addresses could be sold at $50+ each—a dramatic increase from $20 in 2019.
Ultimately, well-organized IP blocks will save time and money in the short and long term. That said, it is challenging to achieve maximal network efficiency without the help of an IPAM audit tool like ReView.
Here, companies can realize cost savings when consolidating IP addresses. For instance, a growing company looking to purchase new IP addresses in order to meet the demands of its next expansion phase might actually discover there’s sufficient network space post-IPAM audit—saving on potentially significant capital expenditure.
IP address consolidation is also more efficient with ReView’s network visibility features. Network admins and operators can extensively review their current IP address allocations and determine the feasibility of purchasing new space or divesting unneeded blocks.
As the internet grows, speed matters. Whether it’s faster networks or security scans, automation makes a difference when optimizing IPAM operational efficiency.
Unlike manual IPAM processes for discovering networks, automated IPAM tools are efficient and provide real-time information about IP address block usage. Conveniently, one can import configuration details into ReView to ensure they meet network discovery needs.
On top of being a fast, automated network scanner, ReView takes IP address management to the next level by improving IP address visibility across enterprise networks, increasing network efficiency, and identifying cost savings opportunities. It’s also a local app, meaning there’s no need to worry about cloud security risks or the privacy intrusions that come with data sharing.
Download ReView (free) and discover the scope of its auditing abilities.
Prices for /16 blocks are holding steady. Demand for medium sized blocks (/20 – /17) is lower than larger and smaller blocks, so just a few transactions can change reporting. Broader trends continue, with smaller block trending toward a slightly lower price than larger blocks.
May 30, 2023
The RIPE NCC’s members did not approve new charges for transfers or ASNs at its May 2023 General Meeting.
The RIPE NCC had proposed a €500 charge for each transfer and a €50 charge for each ASN.
The members adopted the lowest cost membership option: a flat fee of €1,550 for the member’s own address space. There is an extra €50 charge for each PI assignment managed by the member.
The alternative options included two higher fixed fees. The RIPE NCC’s preferred option was a tiered system with charges ranging from €400 to €10,000.
May 30, 2023
The RIPE NCC expects to make about 300 /24 allocations in the next six months. About 1,000 members are waiting for allocations and the member at the top of the queue has been waiting over a year.
When the waiting list opens again, they expect a two year wait.
This is because most waiting list allocations come from de-registrations. These are decreasing. They mainly come from member and end user verification work. They have verified almost all registrations. When that work is complete the stream of addresses coming back to the waiting list is likely to dry to a trickle.
The RIPE NCC closed its waiting list to new entries in April, ahead of the vote on a new charging scheme at RIPE 86, in May 2023. Its board worried that the tiered model might create a rush to submit new applications.
The board expects to open the waiting list again, after the vote.
by Leo Vegoda
Above: Francis Greenway on the front of Australia’s $10 banknote, circulated from 1966 to 1994
Issuers have given important documents, like paper money, more security measures over time. There’s a constant battle against forgers like Francis Greenway. Issuers face the risk that people will reject legitimate documents when they cannot distinguish them from fakes. Users face the risk that they accept a forgery or reject a real document, losing value in both situations.
Banknotes are a mechanism for communicating value between participants in a transaction. They are one set of identifiers used in the baking system. Traders might decide to reject customers who regularly supply fake banknotes.
That said, recent research notes that “people accept banknotes […] without consciously verifying authenticity.” Checking the validity of each dollar bill given in change might not be necessary. But as Suzanne Massie explained to Ronald Reagan, we can, “trust but verify.”
That’s why cashiers will sometimes run a banknote under a UV light or mark it with a special pen. Modern banknotes have a variety of security features that allow users to check that they are real.
But it’s not practical to check every banknote in a fast-paced retail environment. Low denomination banknotes arriving in the morning are likely to go out as change that same day. The cost of verifying each note manually means that retailers often have policies to only check banknotes above a certain value.
For many years it was standard practice to require a Letter of Authorization when announcing IP address space for someone else. For instance, researchers measured the unauthorized use of unallocated IPv4 addresses in the runup to the last IANA allocations. They asked for Letters of Authorization (LOA) to use the addresses they would use for the research.
The researchers, the RIRs, and the networks announcing the addresses knew each other. But networks don’t always know their customers. They have to trust the paperwork.
The paperwork for a LOA is much easier to forge than a banknote. No-one expects security features like a hologram. In 2016, APNIC’s Chief Scientist, Geoff Huston described the process as, “a matter of ASCII artwork.” He went on to say that it is, “no surprise that this practice is being abused by address hijackers.”
Verifying legitimate control of IP addresses was hard to do. But the impact of not verifying is significant.
People notice both hijackings and ‘fat fingers’ events – i.e. errors. Most of the time, the authorized user of the resources notices: they get less traffic. But the rest of the internet notices, too. These events get written up by non-profits and multiple commercial services.
The routing protocols we rely on today were developed in a much friendlier environment. NSFNET, which grew into the internet, allowed commercial traffic in 1991. This is the same year the initial BGP protocol description stated that “Security issues are not discussed in this memo.” BGP is the routing protocol that ties the internet together.
Its protocol developers probably did not anticipate that their designs would still be in use more than 30 years later. But they did anticipate that networks would want some level of control. In an accompanying document they noted that political, security, or economic considerations might influence interconnection policy. And that “policies are provided to BGP in the form of configuration information.”
We now have 18 routing registries where organizations can publish their policies in a standard format. This proliferation creates a complex environment. People ask for advice on discussion forums when they get confused. When they get things wrong, they can end up disappearing from the internet or attracting traffic they don’t want.
Some of this can be fixed by automating verification.
We’ve talked about the slow deployment of the Resource Public Key Infrastructure (RPKI) before. This is the technology that allows network operators to sign digital certificates that communicate very simple policy statements about IP addresses. At the moment, these have three elements:
Each of the RIRs has a portal for managing certificates and the objects they sign, along with places to publish them.
Because RPKI uses cryptographic certificates, organizations now have a much better tool than old fashioned LOAs. No amount of ASCII artwork can trick software into validating a bogus certificate. And because RPKI uses standard cryptography, validation can be automated.
If LOAs are the equivalent of paper banknotes, RPKI is like Chip-and-PIN card payments.
We call the object that connects a block of IP addresses with a network’s Autonomous System Number (ASN) a ROA. That is a Route Origin Authorization. It also allows the network to communicate if it will announce a smaller part of the address block, known as a more specific route.
An ROA certifies the link between IP addresses and the network that can use them.
Address holders can create ROAs authorizing their transit provider to announce their address space. They can also create a ROA for a big block of addresses while allowing announcements of smaller parts of the address block – the more specific route.
Other network operators can automatically validate these certificates and the objects they sign. They can use the results of the automatic validation when implementing policy in their router configuration. This automated validation limits the risk posed by both address hijackers and fat fingers incidents.
RPKI can be a part of increasing trust on the internet because it enables automation and is chained back to the IP address registries.
One element is implementing what we already have: ROAs. These let you validate that the network announcing addresses is authorized to do so. Another part of it is updating the routing protocol itself. BGPSec is an extension to BGP that validates the whole path a packet takes.
Implementing BGPSec will take years because it requires routers to get new cryptographic certificates. Large networks have thousands of routers and that’s a lot to manage.
It will also require significant development by the RIRs as most organizations rely on their hosted RPKI services.
In the meantime, the RIRs are planning to implement RSC. This is a technology that will let you sign any file with your RPKI digital certificate. It will make it easier for partners, suppliers, and customers to validate that the organization controlling the IP addresses is also the organization buying transit, connecting to an IXP, or agreeing to peer with you.
As we move away from trusting beautifully designed pieces of paper and towards cryptography, we also need to put more trust in the organizations that issue the new digital certificates. Their management of the trust anchors must be verified. That’s why the RIRs are investing in audits.
This is the manual element our automated trust architecture is chained back to.
You can watch the RIPE NCC’s free webinar on BGP and RPKI. This will introduce you to the technology.
You can also look at implementing tools to reject BGP announcements that don’t match up with RPKI certificates. APNIC has published a guide to doing this. And the shared RPKI documentation site lists relying party software tools and when they were last updated, so you know the tool you choose is being maintained.
May 22, 2023
RIPE 86 – ROTTERDAM, The Netherlands, 22 May 2023 – IPv4.Global, the largest, most trusted and transparent IPv4 marketplace in the world, today announced the release of ReView, a new, first-of-its-kind digital IP address audit tool at RIPE 86. ReView was developed in collaboration with 6connect, the authors of revolutionary provisioning and IP address management software.
Many organizations have disorganized IP address holdings and are deterred from performing a detailed inventory by the potential time and expense. ReView, a new, free audit tool from IPv4.Global, allows network operators and administrators to quickly and easily gain visibility of their IP address allocations, and more effectively manage their records. ReView allows users to easily understand how their IP addresses are allocated and assigned.
While many companies have turned to IP address management (IPAM) software to help them manage IP address allocations in increasingly dynamic networks, a significant proportion still attempt to track their IP addresses manually. Ineffective manual management of IP addresses results in increased risk of service interruptions, creates potential security risks, and makes updates to the network more time consuming. IPv4.Global’s ReView delivers the information needed to optimize network efficiency and unlock cost savings.
With ReView, organizations can quickly gain a clear picture of their entire address holdings. In addition, a thorough address audit delivers additional financial benefits as address consolidation avoids unnecessary purchases of new addresses and often reveals hidden, unused IPv4 address blocks which can be monetized.
“Efficiently utilizing IP address space streamlines operations and reduces costs, sometimes even generating revenue,” said Lee Howard, Senior Vice President, IPv4.Global. “Our new audit tool – a first-of-its-kind – lets network managers review how their address blocks are used, allowing them to renumber if necessary, so they can more efficiently plan to acquire new space or divest unneeded blocks more effectively.”
With well-organized IP blocks, network administrators can easily group devices with the same rules and permissions into consecutive addresses or blocks, ensuring faster network updates and reducing the likelihood of accidentally creating security risks by omitting devices from updates. Additionally, network expansion is more efficient as new addresses can be rolled out quickly and optimally.
Aaron Hughes, CEO at 6connect added: “Our focus is on solving today’s network management challenges by helping automate manual processes. This latest digital tool, developed in collaboration with IPv4.Global is another dynamic platform that simplifies the process of IP address discovery, eliminating the laborious process of checking each connected device in turn.”
To perform an IP address audit using ReView, users need to sign up for a free account, download and run the app from Windows, Apple, or Linux. They then choose their preferred network discovery approach – which is performed either via a fully automatic network scan, or by importing configuration details directly to their local ReView app. The app then lists the IP blocks that are in use, allowing users to see how efficiently their IP address blocks are being consumed.
IPv4.Global, a division of Hilco Streambank, is the most trusted IPv4 marketplace in the world. We operate the only transparent, public marketplace to ensure our buyers and sellers get the most value for their transactions. Our multi-tiered platform, backed by the most experienced team of transfer analysts, facilitates transactions of varying IPv4 block sizes, ranging from small public to large private transactions. IPv4.Global provides credible, transparent services to our buyers and sellers, making it the most trusted marketplace worldwide. For more information, please visit https://ipv4.global/
6connect’s SaaS solutions provision, manage and discover IPv6 and IPv4 addresses, DNS/DNSSEC zones, DHCP pools, and networked or virtual assets for service providers and enterprises. Our policy-based, one-click provisioning, discovery and asset management software unifies and automates critical network and virtual asset workflows that underpin cloud infrastructure stability. The 6connect platform is available as a highly scalable cloud or on-premise solution, saves significant amounts of the time normally spent on these tasks, and provides significant operational savings over legacy appliance providers of DDI, IPAM, and cloud infrastructure hardware. https://www.6connect.com/
For Additional Information:
John Walker
404.626.0051
by Leo Vegoda
John Locke’s labor theory of property states that we create property by mixing our labor with something natural. He uses the example of a person owning an apple after they have picked it from an unowned tree. Which makes perfect intuitive sense for everything that can be considered “substantial” in the sense that it is made of a material substance.
But there is an entire class of intangible things. These aren’t exactly natural, in Locke’s sense, but are nevertheless real. Many can be classified as intangible assets, with a further subset of those known as intellectual property. This is a sizable universe of stuff: copyrighted art, music and writing, patents, trademarks and brands, etc. But in spite of being the products of human effort – insubstantial – these forms of intellectual property are commonly owned by someone or some entity.
IPv4 addresses are what the World Intellectual Property Organization calls “creations of the human mind.”
But unlike artistic creations, or patents, IP addresses aren’t subject to invention. IPv4 addresses are just numbers, starting at zero and ending at 4,294,967,295. They are the range of numbers specified in the protocol developed by Vint Cerf and Bob Kahn. There are a very large, if finite number of them. In the case of IPv6 addresses, there are a practically unlimited number of them, and they are all free. But each IPv4 and IPv6 IP address is unique and therein lies its value. Because they are unique, IP addresses are used to deliver packets of data to specific locations. Very specific locations, the one designated by the sole controller of its use.
Does this specific use make IP addresses “property?” If a “property right is the exclusive authority to determine how a resource is used” then IP addresses probably don’t fit.
IP addresses are identifiers in a communications system. Because it’s a system, multiple organizations must use the identifiers. The sender, intermediate networks and the receiver.
In order for IP addresses to universally function as extremely targeted destinations two things must be true about them. First, each must be identified in a generally-available list of destinations and, second, only one user may use it. An IP address (number) is the internet’s version of a GPS coordinate. It is based on a generally accepted convention and marks only one spot on the globe.
Early in the life of the internet there was some confused use of identifiers used by pre-Internet Protocol networks. Rules about who was using which were unclear. This, inevitably, led to confused message delivery. RFC 417 from 1972 is five lines long. But those lines explain the value of a registry. TENEX systems were using “link numbers outside the allowed range” – identifiers not assigned to them. Jon Postel, as the IANA, published the RFC – by postal mail – to get the problem fixed.
Nearly 30 years later, an internet service provider (ISP) contacted the internet registry RIPE NCC when its IPv4 address range was announced (used) by another ISP. The RIPE NCC learned that the offending network had used all of its allocated IPv4 address space and just kept going into new territory. They started using addresses from the next block of addresses because they didn’t know that they couldn’t.
After a conversation with the registry, they stopped announcing the other ISP’s addresses. They requested more addresses and the problem was solved.
These two short tales illustrate why sole use of unique numbers is critical to the network. To insure that exclusive use, something has to keep track of the users and their numbers. So, having a trusted authority who keeps records of who has what IP address space is vital. That’s why we have registries for physical property like land and aircraft, and registries and patent offices for intellectual property. Registries are an essential component of a rules-based order. They assign control (and sometimes ownership) to the intangible.
In 2011, Microsoft obtained a large block of IPv4 addresses through the Nortel bankruptcy. The agreement involved defined the seller’s rights as: “Seller’s exclusive right to use the Legacy Numbers Blocks, Seller’s exclusive right to transfer the Legacy Number Blocks, and any other legal and equitable rights that Seller may have in and to, the Legacy Number Blocks.”
Milton Mueller, an economist specializing in the internet, who runs the Internet Governance Project, reported on the Microsoft/Nortel agreement. Mueller that the language used in it established the transfer as involving asset control that was the same as in real property rights.
Not everyone immediately agreed. For many, the extent of the rights in an IP address described as the same as property rights were questioned. The exclusivity of use was assumed. But the absolute ownership of the address was at issue. Clarification by way of judicial decision was required.
The registries, network operators, and the judicial system have gained experience since the Microsoft/Nortel agreement. Nine years later in 2020, in a different case, a Dutch court recognized an order from a German court and bailiffs served it on the RIPE NCC. In effect, a court determined that the rights to an IP address registered to one entity could be litigated as property and transferred by court order. In the ruling the court distinguished between ownership of the number and control of its registered use. Importantly, it found that “the resources were not owned by the member and that it was the right to the registration which could be seized.” The RIPE NCC complied.
The result is that the registration an IP address is unique, worldwide. Registration maintains uniqueness in the sense that it makes clear who is the authorized controller of an IP address’. Registration includes the ability to transfer IP address use to someone else, subject to the policy of the registries, in return for payment. Thus, “ownership” is of the registration, not the address itself.
by Leo Vegoda
“It is not necessary to change. Survival is not mandatory.” – W. Edwards Deming
Deming’s joke hides a tough truth. We have to adapt because the world around us is always changing. That is the situation the internet’s architects found themselves in at the start of the 1990s.
The ARPANET had become the NSFNET when it moved from Defense Department oversight to the National Science Foundation. It became the internet in 1991 when the US government allowed anyone to connect. As soon as business could connect, rapid growth became inevitable. That growth threatened the architects’ initial addressing plan.
The threat was the result of the distribution system in place for doling out “blocks” of addresses. The system in place at the time subdivided all the available IP addresses into three flavors. Those flavors included 16,777,216 (Class A), 65,536 (Class B) and 256 (Class C) addresses. These very different sized packages of addresses left the distributors of them few choices, Any organization with modest-but-not-small address needs could receive multiple Class C blocks (256 addresses each) or one Class B (65,536). Since dealing with multiple small blocks presented its own challenges (and IP addresses were abundant and free) many were simply given Class B allocations. Far more than they needed.
When businesses became involved, demand soared. Soon, there were not enough mid-sized address blocks to support the rate of growth of the internet. In fact, when the Internet Engineering Task Force (IETF) met in San Diego in June 1992 they projected that there were “less than 2 years” of these address blocks left.
They also noted that the routing system was creaking at the seams. Older routing protocols, like EGP and RIP, “were designed for a much smaller number of networks” and the routers deployed at the time were reaching their memory limits.
The story of the design considerations that lead to this situation is an interesting one.
When the Internet Protocol was introduced, it was part of an experiment in computer networking. Computers were slow and expensive. So, the architects divided up the address space into three main areas, called classes. Each class had a limited number of possible networks in it and those networks were all the same size.
This meant the routers would know which network any address belonged to based on the first eight bits of a Class A network, the first 16 bits of a Class B network, and the first 24 bits of a Class C network.
Fig 1. Addresses in a Class C network are identified by the first 24 bits
A router, the specialized computing device that directs traffic across networks, would know that all addresses starting with 192 have 24 bits of network address. This leaves eight bits for host addressing, meaning 256 addresses.
Fig 2. The Class B space was the best for most organization but just 25% of the total space[1]
Class D was reserved for a special technology called multicast: a way to send a packet once and have it go to multiple destinations. It was widely used in video delivery and financial services.
Class E was reserved for future use and has never been officially allocated.
This architecture had two key benefits. Routers could make decisions more quickly. It also made deciding how much address space an organization needed simpler. In most cases, the answer would be obvious.
The downside was that the Class B space was the best available fit for most organizations connecting to the internet. That said, most organizations did not make efficient use of their Class Bs because it was frequently larger than their needs. Plus, as there were just over 16,000 Class Bs, there was a very real limit to future growth unless the architecture was changed.
By 1993 the IETF had a new addressing architecture. Among the needs it addressed was the ability to assign more accurately appropriate-sized blocks of addresses to networks needing them. They called the new architecture Classless Inter-Domain Routing, or CIDR (pronounced cider).
It was based on aligning addressing – the numbers used by network interfaces – with topology. This meant that IPv4 addresses would be assigned hierarchically, based on the shape of the network. In other words, this is the origin of the IPv4 addressing policy concept of aggregation.
This architecture made some assumptions. While these assumptions were made before relatively cheap computing or international connectivity, they broadly still hold true today.
These included:
The new architecture got rid of the fixed class boundaries. A really big network could have just seven bits of network prefix – the equivalent of two Class A networks. Similarly, a very small network could use just two addresses – 31 bits of network.
This led to better fitting address allocations to networks. In 1996, the newly formed Regional Internet Registries allocated networks with a 19 bit prefix by default. This was the equivalent of allocating 32 Class Cs and a total of 8,192 IPv4 addresses.
Over time this minimum allocation continued to shrink.
There is an inevitable tension between making more efficient use of the limited IPv4 space and routing.
In December 1992 there were 8,561 routes advertised. This was almost 50 times the number reported about four years earlier, in July 1988. By 2014 this had reached about half a million. In March 2023 we are approaching a million IPv4 routes.
This is a consequence of the business impact of the greater precision available with CIDR. It doesn’t just allow more networks to connect to the internet. Networks can also use the same technology to influence how traffic gets to them.
Border Gateway Protocol, the routing protocol that glues the internet together, tries to find the shortest path to a destination. But it will always prefer the most specific route to an address. If there are two paths to the same address but one advertises just 256 addresses while the other advertises 8,192 addresses, the path to the block of 256 addresses will win. This is called deaggregation.
Deaggregating enables traffic engineering. Networks can break up their addresses and have traffic for different groups of addresses take different inward routes. They do this to have traffic come in over cheaper transit providers or to improve the experience of specific customers.
But the same feature of BGP can cause problems. For instance, in 2008 Pakistan Telecom announced some of YouTube’s IPv4 addresses. Their more specific announcement caused a temporary service outage.
Some networks use the service impact of this kind of incident as a justification for announcing multiple routes to small blocks of addresses instead of just one to the whole address block. The advantages accrue to the address holder but the costs are borne by all other networks.
APNIC publishes a regular report detailing how networks deaggregate their address space. In March 2023, one network was announcing almost 9,500 more routes than needed for the addresses they use. This is more than the total number of routes reported on the internet in December 1992.
In March 2023 there are about 75,000 internet networks that manage their own routing. About 52,000 advertise a more specific prefix. The average number of addresses advertised is just over 3,000 addresses.
In the early 1990s the internet transitioned to a decentralized management structure and new architecture in a couple of years.
Change is harder in the 2020s. There are many more participants and most of them aren’t involved in the technology of the internet itself.
One technology might limit the need for deaggregation: RPKI. Its Route Origin Authorization object can tell other networks how specific routing announcements will be. But RPKI is a way to digitally sign assertions not to force compliance. Networks don’t have to use RPKI and NIST shows that about 60% don’t.
One program that might help is the Internet Society’s MANRS. It defines four sets of actions designed to improve the security and resilience of the Internet’s global routing system. By working with network operators, IXPs, CDN and cloud providers, and equipment vendors they drive improvement through some of the most important organizations on the internet.
The warning from 1993 was to “consider the memory requirements [from more routing] information.” The day where some networks see more than a million routes is fast approaching. Some networks will choose to buy bigger, better routers. Others will need to apply filters, much like we saw in 2014 when we crossed the half a million routes boundary.
“Survival is not mandatory.”
By IPv4 Staff
May 11, 2023
Many universities have large pools of unused or under-utilized IPv4 address space. How much is it worth? Why do many universities have unused address space? How can they free it up?
IPv4 addresses ranged in value between $40 and $60 in 2022. A university that transfers about 65,000 IPv4 addresses (a common /16 block of addresses) can raise $3.5 million from a dormant asset.
The internet is an experiment that escaped the lab.
Early support for large-scale networking by the US government focused on Open Systems Interconnect (OSI), which was being developed by telecommunications companies. This system was complex and expensive. Standards were slow to develop even though there was a need for a workable system, especially among the academic and research communities.
In response, academia created the Internet Protocol to serve a simple but pressing need: identifying devices on a network and exchanging data among them accurately. The earliest device-identification and location system dates from 1973, with the creation the very first versions of addressing identifiers. However, it wasn’t until the development of IPv4 by ARPA in 1981 that a system (protocol) gained widespread use. Although it is called IPv4 it is actually the first “Internet Protocol” version assigned. Versions 0 and 1 are reserved and versions 2 and 3 were never assigned. This system – in use worldwide today – identified devices on the new network. IPv4 offers approximately 4.3 billion possible unique identifying number configurations, which was considered more than sufficient at the time.
In the early use of IPv4 – and so the distribution of addresses – was limited because use was among a relatively small group of researchers and academics. These users relied on a single record-keeper, Jon Postel, to keep track of who had which addresses. (He kept a notebook.) Organizations needed to be insiders to connect to the early networks, ARPANET and then NSFNET, so there was no reason to deny requests for addresses. There were, after all, billions. Far more than it was imagined might ever be needed. In 1991, the US government removed restrictions on who could connect to the early internet. Even then, there was no strong demand for IP addresses.
At that time, computing was expensive and slow. One consequence of this was a need to simplify routing protocols. Protocol developers did this by having just three sizes of network, which they called classes.
When organizations needed multiple Class C networks, they would get a Class B, even if they’d only use a small portion of it. An organization that needed just 2,000 IPv4 addresses would have needed eight Class C networks.
Many universities found themselves in this position. They needed a few thousand IPv4 addresses and so ended up with a Class B: about 65,000 addresses.
Because they did not need all those addresses, they could afford to put administrative convenience ahead of conservation. In some cases, this resulted in lots of unused or underused addresses in a patchwork of internal assignments.
Example of a Class B network with large amounts of free space distributed across it.
Due to the early purpose of the Internet, research institutions were given large numbers of addresses. Which meant colleges and universities were distributed overly-large classes of addresses. Many have them today, under-utilized and very valuable.
A more finely sub-divided system of address “blocks” was needed. The system that was created to respond to this problem, CIDR (Classless Inter-Domain Routing), is a routing system in which network engineers can distribute IP addresses based on the size of their specific network.
CIDR (pronounced ‘cider’) was introduced in the early 1990s and is a classless domain routing system. This new system empowers organizations to only get the amount of IP addresses they need in their networks, without wasting unused space. This is more efficient than the previous system because it doesn’t distribute excess addresses.
CIDR blocks permit owners of IPv4 addresses to subdivide and transfer (sell) there excess holdings if they possess a large “class.” The trick is that the numbered addresses one intends to sell must be consecutive. Transferred blocks have to have sequential integrity to have practical value.
For more information about CIDR, see the following:
When looking to access the value in unused IPv4 address space it is worth looking at the alternatives to. They are:
It is possible to transfer blocks as small as 256 addresses. Universities could decide to leave things as they are and just transfer unused space. This could look attractive but it comes with costs. It requires more transfer transactions and adjusting routing and security policies. This means it could have higher risks and costs.
Another approach is to place everything that needs IPv4 addresses in one part of the existing address block. This leaves a large and contiguous range of addresses available for transfer.
IPv4.Global can connect sellers with skilled consulting engineers who can help them renumber their network. The university would then have all its infrastructure in a single, continuous block and a large contiguous block available for transfer.
Larger blocks are attractive and likely to attract a premium, making the renumbering doubly valuable.
For more information on renumbering, see Renumbering IP Addresses.
The previous two options don’t change how much IPv4 address space the university uses. But it is now possible to reduce IPv4 address requirements. Integrating address sharing technologies – generally called NAT – with IPv6 can dramatically reduce the need for IPv4 addresses.
Client devices, like laptops or phones, have all been IPv6 ready for over a decade. Most client devices don’t need a permanent unique address. And security policies often don’t allow client devices to have a unique address, anyway.
Introducing address saving technologies alongside renumbering can more than pay for itself. Client LANs are generally far easier to renumber than routing and server infrastructure, so this can be a quick win.
by Logan Maurer & Akshat Biyani
The term Intellectual property (IP) is used to describe intangible assets that can be legally owned, protected, and monetized. Typical intellectual property assets include trademarks, brands, patents, copyrights, domain names, and internet protocol addresses. IP assets of every kind are a valuable currency in today’s innovation-driven world. They can prove especially important during mergers and acquisitions (M&A) when transacting parties sign off on a change of IP ownership as a part of the deal. That’s because intellectual property adds to a company’s asset portfolio, increasing its value proposition for the acquiring company.
However, it would be wrong to assume that IP rights are automatically transferred during an M&A process. A famous case in point is the 1998 acquisition of Rolls Royce by the German automaker Volkswagen. It was only later that Volkswagen realized it had purchased Rolls Royce without the right to use its trademark, which had been sold earlier to rival carmaker BMW.
The reverse is even more likely: that ownership of intangible assets changes hands without the acquiring company being aware of the transfer. Purchase agreements typically include language referring to the sale of “all other assets” of the target firm. This catch-all includes assets unknowingly owned and so unknowingly sold. So, one may buy an asset and be unaware they have done so. Plus, if unused, and either cost-free or inexpensive to maintain, the asset may go unnoticed for many, many years.
Managing IP assets during an M&A process is, therefore, crucial.
Any large business entity is likely to hold a complex IP portfolio with multiple owners, licenses, and agreements. The transfer of these assets during an M&A deal involves a host of legal, financial, and practical challenges.
Here are some of the most common IP-related challenges your business could face during M&A transactions.
An accurate estimation of a business’s IP portfolio and the risks of infringement with it warrant concrete documentation. That could be related to:
The absence of critical IP data can hinder an acquirer’s due diligence process during an M&A transaction. Developing and maintaining such rigorous documentation is a complex and time-consuming process that businesses may not want to undertake unless expressly advised. Failure to do so can adversely impact the transparency of IP ownership and potential infringement risks during an M&A deal.
Unlike tangible assets, IP portfolios often have a volatile monetary value. Evaluating that value accurately depends on:
There is no standard method for estimating either one of these values. The absence of a closely comparable IP in the open market can make it difficult to estimate an IP asset’s current market value. On the other hand, the value of its future benefits and drawbacks depends on unpredictable factors such as market trends and consumer behavior.
A number of consultancies specialize in the valuation of IP assets. Typically, this valuation process is performed for the benefit of a lender or borrower where the assets will be collateral against a loan. However, valuation services may be in order to benefit the either party in a merger or acquisition deal. Knowing the worth of such assets, both in liquidation and in fair market value, can be critical information for both parties in M&A.
Many IP assets within a company’s portfolio might be licensed rather than owned outright. That binds the owner of such assets to the terms and conditions listed in the licensing agreements. These terms govern the use and transfer of the IP and are likely to affect the acquiring business’s ability to monetize them. In some cases, the acquirer may need to renegotiate the terms with the licensor to ensure the validity of the transfer.
A related issue is the transfer of ownership of jointly owned IPs. When multiple parties share the ownership of an IP asset, a transfer of ownership requires the consent of all owners and may involve negotiating a buyout of their ownership interests.
Incomplete knowledge of licensing and ownership agreements and regulatory compliance measures related to an IP transfer can expose the acquirer to severe legal and regulatory risks.
These include:
Internet Protocol Version 4 (IPv4) addresses are highly valuable. At the same time, they may warrant special attention during a transfer of intellectual property portfolios. Here are a few things acquirers should consider when assuming ownership of IPv4 addresses during an M&A transaction.
IP portfolios can make up for a significant part of the value generated by an M&A transaction. This is especially true for technology-dependent businesses that could derive most of their value through intangible IP assets such as IPv4 addresses. Such deals require proactive management of IP transfer processes.
Here are a few effective solutions that can help with this:
Due diligence is crucial to protecting an acquirer against litigation and regulatory risks during the transfer of IP assets. An effective IP due diligence process would involve the following steps:
Once every IP asset has been duly identified and assessed, the acquirer should develop integration plans and strategies to manage their acquisition. These plans include:
Next, the acquiring company must obtain clear titles to the IP assets acquired, including associated patents, trademarks, copyrights, trade secrets, and domain names. Licensing agreements should also be carefully reviewed during this stage to ensure the viable transfer and enforcement of all ownership terms and conditions. This helps the acquiring company evaluate whether to continue, modify, or terminate existing licensing agreements.
IPv4 addresses are valuable resources that can generate significant value during an M&A deal. Further, the ownership of these addresses can be critical to the acquiring company’s business operations. Acquiring full ownership of all IPv4 assets is crucial in case the acquirer wishes to continue or merge these operations.
The American Registry For Internet Numbers (ARIN) prescribes several regulatory measures that both parties must follow while transferring ownership of IPv4 addresses. Additionally, a thorough valuation must be conducted to estimate the monetary and operational value of these Internet Protocol addresses. This will help the acquirer determine how many of the acquired addresses would add value to the acquisition over the long term. Surplus addresses can be readily sold on marketplaces worldwide.
A majority of the assets owned by businesses today are intellectual property-related. So much so that IP assets can be considered a key driver of the modern economy. Evaluating a target company’s IP assets is crucial to generating positive value during any M&A transaction. That is because IP assets can produce substantial revenue and operational benefits for the acquirer.
At Hilco Streambank, we help clients identify, preserve, and extract value from intellectual property with industry-leading experience, diligence, and creativity. We offer monetization and valuation services that help both parties in an M&A deal conduct successful and economically viable negotiations. Our service catalog includes:
Visit us to learn how we leverage our extensive buyer network and years of experience to negotiate M&A deals.
Prices for /16 and up have been holding steady, with larger blocks fetching premium prices. The pullback on smaller blocks continues, with some sellers setting aggressive prices. It would be logical for prices to remain stratified, as they are currently, where a smaller block is always cheaper than a larger block. Otherwise, higher prices would encourage sellers to split their blocks.
Medium-sized blocks took an unexpected downturn, which may or may not be the onset of a continuing trend lower for small and medium-sized blocks.
April 27, 2023
The RIPE NCC will ask its members to choose a new charging model in late May 2023. This selected model will be used for 2024.
They will specifically ask about introducing a fee for transfers. If approved, it would be paid by members when they submit a transfer request. It would be non-refundable, in addition to the annual membership fee, and set at €500 in 2024.
Work on transfers would only begin after payment is received. They project that transfer fees could bring in €1.2 million.
Members will also be asked to vote on a new charge of €50 per ASN. They project that ASN fees could bring in €1.8 million.
The options for the vote are the outcome of a consultation that started in March 2023.
The four charging models members will choose between are a tiered charging model and three different versions of the current model. Members currently pay a fixed fee for each account, called an LIR.
The three fixed fee options are to:
The RIPE NCC’s board would like members to choose the tiered charging model.
April 27, 2023
The RIPE NCC has closed its IPv4 Waitlist to new applications. Existing applications are not affected by this change.
The RIPE NCC’s board made this change because members will choose a new charging model in late May 2023. They worry that if members choose a tiered charging model there could be a rush of new applications.
They intend to open the IPv4 Waitlist to new applications after the vote. They will discuss an analysis of the options with the community.
1,107 LIRs are on the IPv4 Waitlist. This is 100 more than in October 2022. The LIR at the front of the queue has been waiting for 372 days. The RIPE NCC has previously reported that it expects waiting times to reach two years, soon.
April 11, 2023
ARIN issued addresses to 136 organizations on 4 April 2023. 561 organizations remain on the list, waiting for addresses. The organization that has been waiting the longest, joined the queue in April 2022. They will have to wait at least until the next distribution in July 2023.
On average, they want 690 addresses but would accept 670. That means their average need is a /23 and a /24. This is because IPv4 addresses are issued in CIDR blocks. The smallest block size available is a /24, which is 256 addresses.
ARIN reported over 1,100 transfers within the ARIN region in 2022. They also reported 338 inter-region transfers.
April 10, 2023
RIPE 86 is approaching. It’s happening in Rotterdam between 22 and 26 May. You can influence the consensus on the policy discussions whether you attend or not.
There are three active policy proposals. There are also active discussions that could lead to policy proposals. One is about representing country information in the database. The other is about improving IPv6 policy.
Policy Process
RIPE’s policy development process uses the same definition of consensus as the IETF. Consensus is viewed as a path rather than a destination. It’s a discovery process. But while all issues in a discussion must be addressed, it’s possible that some cannot be accommodated.
You don’t have to pay to attend the meeting over the internet. But you also don’t need to attend the meeting to discuss policy.
Most RIPE policy discussions happen on email lists. Everyone is welcome to join and take part. But meetings are a good way of increasing understanding. They can be vital in developing a consensus.
Proposals & Policies
The Global NOG Alliance manages an interactive web page showing the last decade of RIR policy development. You can use it to search for active proposals that are relevant to you in any region. You can also use it to find the origin of current policies that affect you. It’s a good place to start if you want a policy change.
This proposal would reduce the default size of an assignment to an Internet Exchange Point. New IXPs currently get 256 addresses. This proposal would reduce the default to 64 – but with the option to get a larger assignment.
An Internet Exchange Point is a network for exchanging traffic between more than three networks. Because the networks meet at a common location they can reduce cost and latency. Some IXPs connect over 1,000 networks while others connect just three or four.
The proposal came about after the RIPE NCC reported on the rate at which the reserved pool for IXPs was being used. One way to stretch it further is to drop the minimum size of the assignments. One of the key issues brought up in the discussion so far is the complexity of getting lots of networks to renumber if a new, bigger block of addresses is needed.
This proposal aims to help internet researchers get a routable temporary assignment. An experiment often needs just a handful of IPv4 addresses.
This is a problem when the smallest block of addresses that can reliably be used on the open internet is a /24 (256 addresses). The current policy requires a requester to show a need for 128 addresses if they want 256. This is because CIDR blocks double in size, so if under half of the addresses are used, a smaller block would be more efficient.
This proposal balances the public benefit of academic research against the principle of efficient address assignments.
A small group reported on some areas for improvement in IPv6 policy at RIPE 84, in May 2022. They focused on problems to be fixed. The working group is now discussing the policy outcomes needed and their relative priorities.
Some of the issues are focused on making it easier for access providers to get the addresses they need to serve their subscribers. But provider independent address space is also an issue. Tobias Fiebig recently shared his story of trying to get some IP address space for a measurement network.
This proposal would let address holders stop addresses from being transferred for a predefined period. The RIPE NCC’s board already approved the service on a temporary basis. If approved, this proposal would give community support to the service.
This proposal has been strongly supported by Ukraine’s government. But its proposers hope it will help people in several territories in the RIPE region. They report that some people have been forced to approve IP address transfers at gunpoint.
The ongoing discussion on country codes in the RIPE Database is likely to continue in Rotterdam. The RIPE NCC now uses the country code for the legal address of the organization using address space in the “org:” object. But this can be a different country from where the addresses are used. And many networks are international.
While technology can provide tools to help, the lack of business requirements or defined meaning is a problem that needs to be resolved.
by David Surrusco
The demand for IPv4 addresses (addresses that allow devices to communicate on the internet) has reached an all-time high. Universities across the country including Penn State, MIT and Harvard and many others are selling large blocks of IPv4 addresses that they do not need (ie. are not using) for millions of dollars.
Yet, most institutions are not yet aware of the amount of unused IPv4 they have, and how much capital they could gain to help support growth initiatives. This article will break down how schools and universities can start selling IPv4 addresses that they aren’t using in a way that maximizes value and eliminates roadblocks in the complex trading process.
The scarcity of IPv4 addresses is driving up their value as demand continues to rise. The Internet Assigned Numbers Authority (IANA) has run out of new IPv4 addresses to allocate, making it more difficult for organizations to obtain new IPv4s for their devices. This has resulted in a high demand for the limited supply these addresses, driving up their value in the marketplace.
Recent data collected by IPv4.Global shows:
With the increased demand for IPv4 addresses, schools and universities sitting on unused IPv4 have a valuable opportunity to generate funds for their campuses. Selling IPv4 can seem daunting, but it doesn’t have to be. Here’s a step-by-step guide for how to sell unused IPv4:
When it comes to selling IP, it’s always in an institution’s best interest to work with a trusted IPv4 broker like IPv4.Global. IPv4.Global is currently helping schools and universities across the country by guiding them through the process in a way that helps them identify the value of unused IPv4 addresses they’re sitting on and using their expertise to get them the best possible prices.
To find out more about how to sell your unused IPv4 addresses, contact IPv4.Global today.
The internet’s device-identification and location system dates from 1973, with the creation of the first version. However, it wasn’t until the development of Internet Protocol version Four (IPv4) by ARPA in 1981 that the system gained widespread use. IPv4 offers approximately 4.3 billion possible unique identifying number configurations, which was considered more than sufficient at the time.
But as the number of connected devices and services has grown exponentially, the system has faced exhaustion. To manage the numbering convention, the Internet Assigned Numbers Authority (IANA) became the central authority, coordinating IP addressing and domain name management. In 2011, IANA distributed its last IPv4 addresses to the five Regional Internet Registries (RIRs).
IPv4 exhaustion refers to the moment when the Internet Assigned Numbers Authority (IANA) ran out of available IPv4 addresses, which could be assigned to Regional Internet Registries (RIRs) and then to connected devices worldwide. This depletion inevitably filtered down to the regional distributors of addresses, the RIRs mentioned above. They are:
All four ran out of their respective supplies of available IP addresses in subsequent years.
As a result, the low supply of IPv4 addresses has driven up prices to unprecedented levels. This scarcity has become one of the most significant factors impacting global connectivity, leading to waiting lists and extended wait times for IP address allocation.
IPv4.Global offers exclusive benefits for members of E&I Cooperative Services: a non-profit member-owned purchasing cooperative that serves nearly 6,000 colleges, universities, K-12 schools, and research institutions across the United States.
E&I provides these institutions with a wide range of cost-saving solutions and services, including contract negotiation, procurement, and supply chain management. They also provide members with:
For information about the E&I Hilco Streambank contract, click here.
by Leo Vegoda
“I’m not lost for I know where I am. But however, where I am may be lost.” – Winnie the Pooh
Many organizations have this problem when they get new IP addresses. They know where their network is. They put the right information in the relevant databases. But key services, like governments, retailers, and video streamers block those addresses because they think they are located outside of their service region.
Read on to learn how to share this information automatically when it changes. And how to contact real people when automation isn’t enough.
Sometimes IP addresses associated with a particular place are denied service. In other cases, providers only deliver services to IP addresses associated with one specific place. The issue revolves around GeoIP filtering.
Organizations implement these filters for different reasons. In some cases, they must comply with regulations. In others there are geographic licensing agreements. And sometimes it’s just down to managing the risk of fraud.
Whatever the reason, filtering based on apparent location can be a challenge when starting to use IP addresses that were previously used elsewhere.
We have written about this before and explained some of the ways to fix the problem. One of these remedies is a relatively new standard (RFC 9092) for sharing location information in structured data.
In March 2023 there were almost one million IPv4 address blocks routed on the internet. (The precise number depends on which part of the internet you look from.) If most or all these networks used the new protocol for finding and using geofeed data, the problem would be close to being solved. Sadly, that’s not the case. But the power of measurement and transparency has been deployed.
Three engineers, Massimo Candela, Emanuele Candela, and Lorenzo Ariemma are reporting on takeup. Their tool, called geolocatemuch.com, lets you test your own geofeed when you are getting it ready. It will check that it is discoverable and properly formatted. If it is, it will report back what it sees to you.
They currently report that more than 63,000 IP address blocks have geofeeds. That’s just over five percent of the total, when IPv6 address blocks are included. This number might seem low. But it’s worth noting that nine of the 11 services they track have adopted the file format. Seven of them will automatically discover the files. Some discover changes every day. Others take up to seven days.
There is a good chance that market pressure will force adoption by the rest.
Of course, this only solves half of the problem. The commercial GeoIP services compete on the quality of the data they provide their users. One way to drive adoption is to implement this protocol and let the GeoIP service providers know on social media. There is a link for this next to each provider’s listing.
This protocol and this tool help solve half of the problem: getting the right information to the organizations that collate the data. The other half of the problem is updating service configurations based on it.
Each data user has their own schedule and priorities. They might update every day but they might only update each month.
This is a problem that can’t be solved with technology because it’s about organizational priorities. Some organizations want to completely automate while others only want to make updates on scheduled dates after they have been signed off by a change advisory board.
This is why The Brothers WISP provides a page listing contact information for the major GeoIP services and some of the most important content and gaming users.
There are four things you can do to reduce the pain of GeoIP filters.
A spate of sales in the medium to large range suggests prices may return to trading in a tighter band.
For years, prices rose at a steady rate. If that trend had continued at a linear rate, (if we smooth out the 2019 price slump and 2021 price spike), prices would be around $35/address. Prices were never quite linear: a best fit curve would put prices around $50-$55/address now. So the spread of prices reflects the fact that some buyers are more price sensitive than others.
By Peter W Tobey
March 7, 2023
Internet Protocol (IP) is a set of rules for addressing and routing data so it can travel through networks and arrive at its intended destination. Internet-connected devices each have a unique IP address.
In the early development of the internet there appeared to be a virtually unlimited number of IP addresses. The design of the version used in the 1990s – the version still most widely used today – included 4.3 billion addresses. Since the internet was thought to be a research and educational tool, colleges and universities were allocated very large numbers of addresses—free of charge.
Many institutions today have 65,000 or more IPv4 addresses and use a small fraction of them. The surplus is currently valued at approximately $50 each on open markets. So, the holders of these addresses are selling the rights to them in order to finance current needs and long-term projects.
Individual IP addresses are unique identifiers most often, but not always, associated with a specific device. Though used one at a time, they are transferred in “blocks” that may include many IP addresses. Possession of a block includes unique registrations of addresses in registries worldwide. These registries maintain uniqueness in the sense that they make sure it’s clear who is the authorized user of a block of IP addresses. Registration includes the ability to transfer IP address use to someone else, subject to the policy of the registries, in return for payment.
Data traveling on the internet is divided into pieces, called packets. IP information is attached to each packet so that each can arrive in the right place. Almost every location (a device or domain) that connects to the internet is assigned an IP address.
Data packets travel from one machine to another, directed by routers. These read the IP information in each packet and interpret it to send that packet one step closer to its destination. The system relies on each router, including a table of information that correctly determines the next closer route to a packet’s destination.
The first major version of IP, Internet Protocol Version 4 (IPv4), is the dominant protocol of the internet. A key benefit of IPv4 is its ease of deployment and widespread use, but a drawback is the limited number of addresses it can define.
Due to the growth of the internet, there aren’t enough IPv4 addresses available for all the devices on the system. Its successor, one that defines more address space, is Internet Protocol Version 6 (IPv6), which was introduced in 2006.
Due to its design, IPv4 allows for a maximum of 4,294,967,296 unique addresses. At the time of the protocol’s creation, this appeared to be enough for the indefinite future. It was in this spirit that the early internet was modestly managed. Organizations with networks were required to apply for IP addresses, but they were free and readily available. In fact, in the 1980s, a business would simply ask Jon Postel for the addresses it needed. He assigned them and made a note of the assignment in his spiral notebook. In the 1990s and 2000s, a business could get addresses from Regional Internet Registries, which had community-developed policies that defined the requirements for getting a block of the ever-shrinking pool of available addresses.
By 2010 the internet was exploding with new “smart” devices—iPhones, watches, TVs, and even refrigerators with internet capabilities. All of these devices required unique IP addresses. As a result, the supply of IPv4 addresses has become insufficient to describe the location of all the machines on it. IPv6 was created to deal with this problem. The two protocols aren’t perfectly compatible, however, so those with established IPv4 networks have sought additional addresses.
This has created marketplaces where those with a surplus of addresses “sell” or lease them to others. Some growing organizations need more addresses and new organizations may prefer them. Organizations with a surplus can sell or rent any IPv4 addresses they no longer need.
The demand for IPv4 addresses has increased dramatically since 2020. Single addresses that exchanged hands for $18 in 2019 were available for as much as $60 in 2022.
Millions of IPv4 addresses are exchanged every year. In 2022, a total of 51,000,000 were traded (not including merger and aquistion transfers). They are bought and sold in lots ranging in size from 256 to 4,194,304 addresses. The exchange involves a number of steps to maintain their singularity of ownership and use. What’s more, markets have been developed for the private and public sale and lease of these assets.
IPv4.Global is the leading online auction site and exchange service for IPv4 addresses worldwide. We consult with and assist buyers and sellers who wish to maintain some privacy in the process.
We also team with E&I to offer participating members help and discounts. For more information, please submit this form and your E&I Member Representative will be in touch with you shortly.
by IPv4.Global Staff
If IPv4 addresses were postal mail, an autonomous system number (ASN) would be the postal code for the area it lives in.
An ASN is a unique identifier that’s assigned to “a group of one or more IP prefixes run by one or more network operators that maintain a single, clearly-defined routing policy[1] .” Each group is known as an autonomous system. ASNs help these autonomous systems exchange routing systems with one another as well as Internet Service Providers (ISPs). Simply put, an ASN can be thought of as a “unit of routing policy in the modern world of exterior routing,” according to RFC 1930 Section 3.
Routing Policy
The set of rules a network administrator implements. Those rules control the paths data takes when it exits to other networks. It can influence but not control the paths incoming data takes.
ASNs come in two formats:
But why do ASNs matter, and when does an organization need one?
Network operators decide which networks they will connect to. This means that decision-making is decentralized. When networks connect to each other, they identify themselves with their ASN and they communicate which IP networks they can reach and the routes they would use to get to distant networks.
Autonomous Systems
Defined by numbers instead of names to avoid two key problems. Names cannot be guaranteed to be unique and they change. Changing the identifier for a routing policy involves cost and risk. Using numbers means networks don’t need to change their routing policy when a company rebrands.
Routers are the specialized devices that forward data packets through networks. They communicate with other routers using routing protocols that automate the process of finding the best route for reaching IP addresses.
Border Gateway Protocol (BGP) is the protocol used to communicate how to get from one part of the internet to another. It uses ASNs to identify each independent network.
You will need an ASN if your organization wants to manage how it connects to other networks. Examples include:
You can register an ASN with your Regional Internet Registry (RIR). You must meet the policy requirements. One RIR serves each region
APNIC and LACNIC both have National Internet Registries (NIRs). They implement the same policies as the RIR but provide a more local service.
ARIN draws its definition from RFC 1930, Section 3 (https://www.rfc-editor.org/rfc/rfc1930). It’s fine to use the ARIN citation as readers don’t need to be aware of the backstory but it’s good to know that ARIN is using the definition found in the IETF’s guidance on assigning ASNs.
RFC 1930 also uses the phrase “unit of routing policy in the modern world of exterior routing” which is a succinct explanation of the ASN’s purpose.
Fig 1: The 5 RIR service regions.
The core policy requirement is that you must have credible plans to connect to two or more networks. This means you have a unique routing policy. This phrase sounds daunting but it does not mean your network cannot connect to the same internet providers used by other organizations. As long as you have your own address space your policy will be unique.
Fig 2: Organizations using the same internet providers have unique routing policies
IPv4 Global is the world’s leading broker in IPv4 addresses, and provides a reliable and transparent exchange platform buyers and sellers can use to buy ASNs or monitor their sales.
Whether a company wants a private brokered solution or access to an online auction marketplace, contact our team of IPv4 brokers today.
Here are a few observations on the state of the IPv4 marketplace during 2022. All the statistics here exclude transfers of IPv4 addresses involved in mergers and acquisitions.
An in-depth discussion of price trends, including causes and effects, is in the blog Prices & Pricing.
From 2021 to 2022, the total number of IP addresses transferred increased 35%.
In 2022 the number of IP transfers (block transactions) declined 28%.
Last year the average number of IPs transferred per transfer increased 89% to over 10K IPs/transfer.
During the past five calendar years prices have risen 300%.
During the past two years the relative price of small and large blocks has inverted.
Worldwide, new entries in routing tables for both IPv4 and IPv6 versions declined in 2022.
Recipient RIRs for 2022 transfers (transactions). Note that the average size of RIPE transfers was considerably smaller than those in ARIN.
In 2022, 92% of transfers worldwide were intra-RIR transfers.
Recent history suggests that the near-term price of IPv4 addresses is unpredictable. The influences on pricing in the IPv4 market are at cross-currents with one another. The marketplace, as a whole, is clearly strong and vibrant. But war, supply chain issues, rising interest rates, inflation and recession fears have combined to slow infrastructure expansion, if only temporarily. (For more on this subject, Prices & Pricing,)
While IPv4.Global provides more complete and transparent data than any other market resource, even seasoned experts are wary of guessing at future prices. Generally, we advise that, when you’re ready to buy or sell, we’ll provide you with information and options so you can make the smartest deal vailable.
To download a copy of this overview, click here.
by IPv4.Global Staff
In a typical merger and acquisition event, once a buyer and seller have expressed mutual interest in the exchange, financial information is shared and assessed to find value for both parties. The ultimate goal for the seller in any M&A deal is to maximize the company’s pre-sale value, so understanding the worth of all the assets in the transaction is important. The same is true for buyers, but secondary assets sometimes are overlooked or ignored by them as well. As a result, the primary goal of the acquisition may not include all the value inherent in the business.
In the past, it was easier to gauge a potential M&A’s worth because the business valuation mix was more heavily weighted towards tangible assets and goodwill. But in recent times, all that has changed and intangible assets—non-financial assets that lack physical substance—comprise a much larger share of the M&A pie.
These assets are easily overlooked and frequently excluded in a given company’s financial inventories. While some assets, such as brands or patents, are often included on balance sheets, others may be unaccounted for. Plus, even though they are valuable and capable of identification, there’s often no paper trail (either quantitative or qualitative) to demonstrate the assets’ true value. As a result, a seller could be sitting on an intangible asset goldmine and not even realize it. What’s more, a buyer may acquire value without any explicit knowledge or understanding of the transfer.
Businesses may have millions of dollars of valuable intangible assets hidden in plain sight, and here’s what they need to know before any M&A deal occurs.
Dozens of intangible assets may not be included in the company’s balance sheet, but still play an essential role in the company’s success, worth, and reputation. These assets can be worth lots of money; however, a business must first identify them before they can begin to quantify their value.
Some of the more valuable intangible assets include intellectual property and other intanglbles such as:
As mentioned, intangible assets are often not included on a company’s balance sheet. To make matters even more complicated, such assets can be either acquired unknowingly via purchases or exchanges or they may gain significant value over time and without being recognized as more valuable.
It’s within the acquisition process that incredibly valuable assets can frequently go unnoticed.
For instance, decades-old mergers between businesses may have resulted in the transfer of intangible assets, like large blocks of IPv4 addresses, that all relevant parties then forgot with time and disuse. This is especially true of IP addresses since their original costs were often at or near zero, and the fairly recent increase in their worth isn’t something CFOs tend to monitor.
There is also a potential snowball effect from multiple mergers and acquisitions to consider, which may muddy the intangible asset valuation waters even further.
In such cases, an IPv4 address block may have changed hands several times. But, because they aren’t included in the original inventories or balance sheets (rather looped in as some sort of “miscellaneous” item), they could remain completely overlooked and undervalued throughout several M&A deals. This means additional IPv4 blocks can be added from any one of these deals, that are then passed on in the next.
When the Internet was first established, its creators specified a system of approximately 4.3 billion unique, 32-bit IPv4 addresses that devices would then be assigned and are still used to connect to the internet. They thought this would be an adequate number of addresses, but the popularity and ubiquity of the Internet surpassed their wildest expectations.
With the rise of digitalism, the world is facing an IPv4 address crunch. According to Asia Pacific Network Information Centre (APNIC), the market has been rapidly exhausted over the past decade:
“All of the Regional Internet Registries (RIRs) have either limited supplies or have run out of available IPv4 addresses. ARIN and the RIPE NCC ran out of their available supply in 2015 and 2019 respectively, with APNIC, LACNIC, and AFRINIC rationing supplies according to their community policies.”
Today, 99.6% of IPv4 addresses have been delegated.
But business demand hasn’t dwindled—companies often still prefer IPv4 addresses as they seek to expand their already-established IPv4 infrastructure. And so, in light of rising demand with limited supply, the market valuation for IPv4 address blocks has skyrocketed. In just the past three years alone, the average value of an IPv4 address has increased by 300%, going from less than $20 a sale in 2019 to nearly $60 per sale in 2022.
As a result of all this, a business could potentially own a block of tens of thousands of IPv4 addresses worth several million dollars.
When companies know where to go mining for valuable intangible assets, what happens if they strike gold?
This is what the IPv4 address market is for. Today, there are IPv4 marketplaces and brokers—such as IPv4 Global—that can bring buyers and sellers together.
In the marketplace, a business can track IPv4 prices, receive an appraisal for their IPv4 blocks, offload or sell IPv4 addresses, and more. By performing this due diligence, businesses can ensure that they receive fair value for their valuable intangible assets—whether companies include them as a piece in the M&A deal or simply sell them outright.
In either case, IPv4 address blocks are an incredibly valuable asset to any business, but only if they know that they’re sitting on them in the first place.
For any M&A sale, the sell-side company has a duty to derive as much fair market value from the deal as possible. To do that, they must account for all of their assets, especially the intangible ones.
So, before sellers initiate a sale, they should first check to see whether or not they’re sitting on an IPv4 gold mine. Experts in intangible valuation, like Hilco Streambank, may be able to help evaluate holdings of all kinds of assets. IPv4.Global specializes in IP address valuations and transfers.
February 15, 2023
Network operators have consistently asked ARIN to improve its legal agreements for RPKI. RPKI is a way to associate a digital certificate with a block of IP addresses. It is increasingly important for reputation services and internet routing.
The most recent improvement came this month. It came the day before Christopher Yoo, a legal scholar from the University of Pennsylvania, spoke at NANOG 87.
He noted that ARIN has now resolved the legal issues he identified. ARIN is working with the other RIRs to standardize operational practices and APIs. This will help multinational networks.
Key improvements include:
by IPv4.Global Staff
In June of 2022, President Biden signed the American Rescue Plan.
Carved out in that bill is $25 billion in funding meant to expand access to affordable, high-speed internet. This funding was in addition to the $65 billion previously allocated to close the digital divide in the Bipartisan Infrastructure Law, with various other provisions, grants, loans, and incentive programs designed to reduce project costs and risks.
America’s electric cooperatives (co-ops)—whose original mission was to provide electricity to remote locales and have since expanded to providing high-speed internet—welcomed this news. Bills such as these would afford them the tools required to make the dream of high-speed, fiber-optic internet a reality for tens of millions of Americans.
Naturally, this massive broadband expansion will have downstream effects on the IPv4 market, particularly in terms of supply, demand, and pricing. But before delving into that topic, it is important to understand the role co-ops will play in the nationwide push for broadband expansion first.
Electric co-ops are a type of utility company owned and controlled by the people they serve.
These non-profits were formed for the express purpose of providing electricity (and now high-speed broadband internet) to rural or underserved areas, where it may not have otherwise been financially advantageous for a traditional investor-owned utility company to operate.
As a part of their charter, a co-op is required to fulfill the following requirements:
According to the National Rural Electric Cooperative Association (NRECA), electric co-ops:
Today, co-ops are uniquely positioned to serve the very communities these bills were created to address, which is why a significant portion of the funding will go to them.
But what specifically makes them the ideal candidates for spearheading the push for broadband expansion? Why are they the ones entrusted with billions of dollars in federal funding?
There are several reasons for making them the de facto leaders of this admirable cause, including:
So, what will they use these funds for?
As previously mentioned, the goal of this capital is to provide reliable, affordable, high-speed internet access to all Americans. But what this may look like will depend on the specific community and project.
For example, on May 13 Arkansas co-ops united to form the Diamond State Networks, which pledged to combine the fiber-optic networks of its members to increase bandwidth and save costs. This coop partnership is made up of 13 Arkansas electrical cooperatives, including OzarksGo, Clay County Connect, Farmers Electric Cooperative Corporation, Enlightened, etc[1] . The Diamond State Networks announced that it sought to invest more than $1.6bn in broadband communication infrastructure, exclusively in fiber-optic networks for more than 600,000 potential customer locations.
We can make another list here of all 13 if desired, but I figured listing some names and linking to the page of members that makes up Diamond State Networks would suffice
For regional co-ops, there are significant price and demand change implications on the horizon.
Even before the federal push for broadband expansion, IPv4 exhaustion was already a pressing concern. But now, more than 53% of regional ISPs expect to run out of IPv4 addresses needed to meet anticipated growth within the next three years.
Because of increasing demand and looming supply concerns, IPv4 prices have skyrocketed over the last decade.
IPv4 address price history from IPv4.Global
This trend in rising prices is unlikely to reverse in the near future. Now that electric co-ops will be sitting on billions of federal dollars, IPv4 price inflation is a strong likelihood.
Going forward, co-ops will need to carefully monitor the availability and prices of smaller IPv4 blocks. Seeing as they’re smaller companies, co-ops typically prefer to buy these smaller, cheaper blocks. But, with a likely increase in demand for smaller block sizes, it’s reasonable to assume that their prices may experience a concurrent rise.
For millions of underserved Americans, the expansion of broadband via electrical co-ops is an exciting prospect.
While we can speculate, the exact impacts such efforts will have on the IPv4 market remain shrouded in uncertainty. In the future, interested parties will need to keep a close eye on IPv4 prices and activities, as well as news related to broadband expansion efforts.
IPv4.Global is one of the best and most trusted sources for up-to-date industry news, online auctions, and private brokered solutions.
For more information on IPv4 auctions or news on IPv4 broadband expansion, visit https://ipv4.global/ to get connected.
by Leo Vegoda
There are two sorts of information to inform buying decisions when choosing groceries. Consumers can compare prices per unit and nutritional information on a standardized label. This is helpful because supermarkets offer a range of brands for shoppers to choose from. There’s often a market leader, a store brand, and a local or imported brand.
The Federal Communications Commission (FCC) is now heading down this path. New “Broadband Facts” labels will start appearing at the point of sale beginning in mid-2023. This is when larger providers have to share this information. Smaller providers have until the start of 2024 to prepare their labels.
The FCC-formatted label.
Clear, standardized information on prices, speeds, and data allowances will help families choose a service based on price. But it’s only useful when there is a meaningful choice. And consumers need to understand how broadband providers differ as well as their price.
The new labels are a good first step.
In large parts of the US there is limited competition between broadband providers. Cable companies hold regional monopolies. Phone companies’ DSL services have struggled to keep up with the speeds provided by cable. Satellite services have historically been slow, expensive, and with high latency. This last is particularly important.
Latency is the time it takes for data to travel between the sender and the receiver. Latency depends on the path taken by the data. The speed of light in fiber optic cables is about a third of the speed of light in a vacuum. But the distance between a geostationary satellite and the Earth is about 22,000 miles. Anything sent through a satellite travels an extra 44,000 miles (up and back) and this adds about a quarter of a second. Data traveling through fiber from New York to San Francisco travels about three times faster than through a geostationary satellite.
Latency is not a problem when streaming music or video but it makes conversations and gaming harder.
But consumers, especially in rural areas, are starting to get more choice. Rural electricity co-ops are eligible for grants to fund broadband services. And new Low Earth Orbit satellite services, from companies like Starlink, can provide lower latency. This is because they are much closer to Earth, reducing the distance the data needs to travel.
Focusing on pricing is important because US broadband prices are relatively high. The International Telecom Union’s (ITU) regularly compares broadband prices across the world. Its 2021 analysis shows that US consumers pay more than those in Europe. They found fixed line broadband services had an average US price of $54.42. It was just $36.05 in Italy, also a highly industrialized economy.
More competitive markets have lower prices. Ukraine has over 800 ISPs and the average price there was just $5.44.
Price is not the only important factor in making decisions. Consumers care about technical support, the online services they can use, and whether they can opt-in to child friendly filters.
The new “Broadband Facts” label has a lot of important information. But it won’t help consumers choose based on how they want to use the service.
Patrik Fältström is Technical Director and Head of Security at Netnod, a Swedish provider of critical internet infrastructure. In 2007 he presented a Swedish proposal for “color coding” internet services.
Its goal was to simplify making informed choices, so consumers can buy the service for their intended use. For instance, if they want to do video conferencing then they need low latency. But consumers shouldn’t have to understand the technology. The providers should label their services with codes that show what they are good for.
This is like the Health Star Rating System food labels used on the front of packets in Australia and New Zealand.
An example of a health star rating placed on packaged foods under an Australian Government initiative.
These labels tell consumers whether a product is high or low in each of five metrics. This puts real power into consumers’ hands. They don’t need to know how much sugar is a lot of sugar. They can rely on simple labels to help them select the products they want.
The full set of metrics is also available on the side or back of the pack. But the consumer can filter based on the front of pack labels. They don’t have to compare between as many products.
Making pricing clearer to consumers is important. We can expect the FCC’s new labels to help lower the cost of broadband services. When that is achieved, the next step will be to help consumers choose the kind of service that’s right for them.
Families who need streaming services and web-filters for children could select between providers offering those options. While someone with a home office might need to upload large amounts of data and need a different set of options from their provider. Knowing what kind of service you’re getting is important before signing the contract.
The FCC has taken an important step towards empowering consumers. There’s more that can be done when this first step has improved the market,
by IPv4.Global Staff
Electric cooperatives are a unique type of utility company that are owned and controlled by the members they serve. Their interests perfectly align with their customers’. Which means, providing robust, reliable broadband service along with supplying power has become central to co-ops’ mission.
Now, through hard work, ingenuity and the help from government, many electrical cooperatives also supply internet and broadband services to areas with limited access. This has benefited co-ops and the communities they serve. However, the process of starting and growing broadband networks can be difficult without some guidance. This blog will cover:
There are several benefits for electric cooperatives to provide internet and broadband services to their communities.
Providing broadband service requires a diverse range of expertise among electrical co-op staff. Some of the key areas of expertise that may be needed include:
It is not necessary for the co-op staff to have all these skills, but it is important to have a team with a good mix of expertise and experience. Additionally, the co-op may need to hire additional staff or contract with outside experts to provide the necessary expertise.
Electrical cooperatives can apply for government funding to supply broadband to rural communities through various federal programs:
It’s important to note that these are some of the main programs to fund broadband expansion and there might be more programs that are specific to a state or region. It’s also worth noting that these programs are subject to change over time and new programs may be added.
Once you have your internet service plan in place, it’s important for electrical cooperatives to keep growing their broadband network in order to serve more communities, and maximize revenue. Follow these tips to get started:
Electrical cooperatives have a growing demand for IPv4 addresses in order to provide internet service to their customers. IPv4 addresses are necessary for connecting devices to the internet and as more devices are connected, the demand for IPv4 addresses has grown.
This has led to a shortage of available addresses, making it more difficult for organizations like electrical cooperatives to acquire the addresses they need to provide internet for their customers. This article will cover the best way that electrical cooperatives can obtain IPv4 addresses in order to deliver internet services to the communities they supply.
There are several benefits for electrical cooperatives when trading addresses through IPv4 brokers:
IPv4.global is one of the most well known IPv4 brokers in the marketplace, and helps some of the world’s most successful businesses and electrical co-ops find the addresses they need, with prices and plans that match their goals. They offer a wide range of services including buying and selling IPv4 addresses, IPv4 leasing and IPv4 consultations.
by IPv4.Global Staff
Selecting an IPv4 marketplace is a challenge, whether it’s an online store, auction site, private service, or some combination of them. Most buyers and sellers understand their general goals in these transactions but are often unsure about how to accomplish those ends. Even in a seemingly straightforward commodities market like IPv4 addresses, there are lots of variables.
On the broadest, least-discriminating level, brokers can be found under the listings of some Regional Internet Registries (RIRs). Broadly speaking, RIRs do not recommend or otherwise endorse any particular broker and are often ready to note that one is not necessary to complete a transfer. That said, brokers are listed on the RIR websites listed below and their comments have been summarized as well:
“The registered IPv4 brokers are listed on this page as having signed an agreement with APNIC to act in the manner described in the Guildlines for IPv4 brokers. They are not APNIC’s agents. APNIC does not sponsor, endorse or approve the services provided by any broker.”
The ARIN list includes all of the facilitators who have registered as part of ARIN’s Specified Transfer Listing Service, and who offer support to companies seeking to perform a specified transfer. Facilitators will help accomplish a specified transfer per ARIN policy.
RIPE notes that is members’ responsibility to find and organise a transfer of IPv4 address space. They note that, “some members may decide to use a broker to find an organisation offering or seeking address space and to help facilitate the process by advising on the procedures and policies that need to be followed.”
The essential formats of IPv4 transfer marketplaces include auctions, storefronts or “buy now” sorts of markets, and private brokerages. A very few of these may extend financial assistance to sellers or buyers under certain circumstances. In addition, some services provide leasing options (for both lessees and lessors) and lease-to-purchase opportunities.
Different broker services have varying advantages. Each format is different in execution and offers differing benefits. However, size matters. Larger markets advantage buyers by offering a greater number of sellers from which to choose, sometimes keeping prices from swinging wildly or escalating because small markets sometimes suffer shortages. Large marketplaces attract many and varied buyers and so – potentially at least – produce bidding competition that can aid sellers. Whether it’s price, available selection or other factors, a market or service of any kind that is substantial offers benefits to both sides of a buy-sell transaction.
Brokers may solicit requests for specific blocks and thereafter make an effort to source those blocks. This arrangement offers a number of advantages. First, the process can be managed up to the point of actual transfer anonymously. Either a buyer or seller (or both) can inform the broker of their wishes in confidence and the transaction can be arranged, and price negotiated, without the marketplace in general or even the other party being aware of the identity of the buyer or seller.
Some marketplaces operate very much like dynamic catalogs. Which is to say, they inventory a certain number and variety of IPv4 blocks and offer them for sale in a dynamic, “live” environment. Blocks move into and out of the store more or less frequently. And some of these brokers raise and lower the price of blocks – even blocks previously or currently for sale – depending on the demand for them. More often, the sellers of blocks set pricing and term expectations for their offerings and the storefront simply makes those available.
Sites of this kind (generally) offer prices that persist over time. Which means approvals for expenditure by finance departments can be processed given a known selling price. In large organizations especially this stable pricing environment can be important in securing approvals to purchase.
IPv4 auctions operate similarly to any live, online bidding site. Blocks are offered for sale, sometimes with a minimum acceptable price, and information about the specific block may or may not be posted. Buyers, normally qualified by the auction site, then bid on those offerings of interest to them.
Significant variables in the auction process often include the public information about the offered blocks. Some sites provide good information about blocks for sale to any browser. More in-depth information – often very specific data – is available to registered users only, if at all. The relative openness and detail of the information buyers can view prior to purchases is a significant distinguishing factor in the process.
The information available to both buyers and sellers varies by brokerage. IPv4.Global makes ongoing auction prices visible plus posts anonymous recent data regarding purchase price and blocks sold on a regular basis. Plus, the site includes historical data on recent months – current month – and prior months by price and block range and historically. This market transparency can be critical to those new to the market and in need of background on block size pricing and trends.
You are not required to use a broker. If the buyer and seller know each other they can directly agree to transact. Of course, they’ll also need to work with the RIR on its processes. If the transfer moves space between regions, they’ll need to work with both RIRs.
The best IPv4 brokers will be thoroughly familiar with the process and its legalities. They can save both the buyer and seller valuable time. They can also do background checks, perform ongoing administration, manage escrow transfers of funds and other added-value services.
by Lee Howard & Peter Tobey
IPv4 address pricing has followed varied paths during the past few years. On a long-term, macro level, prices have risen dramatically. On closer examination, recent trends, including relative pricing and variations in block-size costs, tell a different, less predictable story.
Transfers are public knowledge, published regularly by the systems’ governing bodies, the Regional Internet Registries (RIRs). However, the prices at which transfers are completed are not. So, information about IPv4 address pricing can be substantial but is nevertheless somewhat anecdotal. In 2014 IPv4.Global began publishing information about the online platform’s experience – including prices at which transfers occur on its marketplace. This transparency remains unique and – along with public sources of transfer information – allows some significant and useful analysis.
At the time of the internet’s early development, a device-identification and location system was instituted. The first version was created in 1973. But the first widely-used version of it, Internet Protocol version Four (IPv4), was designed by ARPA in 1981 and includes about 4.3 billion total possible unique identifying number configurations. This quantity of identifiers was deemed more than adequate. At the time of its development, the idea of many billions of internet devices in use today seemed unlikely. Of course, now there are tens of billions of connected devices and services.
As the system grew, the central authority on the numbering convention became the Internet Assigned Numbers Authority (IANA). It coordinates many of the core functions of the internet, including IP addressing, domain name management at a base level and IP resources. IANA distributed its last IPv4 addresses to the five Regional Internet Registries (RIRs) in 2011.
The phrase “IPv4 exhaustion” refers to the moment when the Internet Assigned Numbers Authority (IANA) depleted its pool of available IPv4 addresses that could be assigned to RIRs and so thereafter to connected devices globally. Of course, the exhaustion of supply at the regional distributors (the RIRs) inevitably followed.
Not long thereafter APNIC (the Asia-Pacific registry) exhausted all its available IP addresses. RIPE (Europe) ran out in 2012, LACNIC in 2014 and ARIN in 2015. AFRINIC, the African registry, has nearly depleted its supply. It now offers blocks of addresses ranging from /24 (256 addresses) to /22 (1,024 addresses) only to those requesting them. Other RIRs have established waiting lists with varied wait times. Because of this, we can clearly identify one of the most obvious factors that contributes to currently high IPv4 prices: they are in unprecedented low supply.
As mentioned, IP addresses allow communication among connected devices. Everything connected to and using the internet must have an IP connection. This includes computers, phones, servers, plus – recently – televisions and refrigerators. To distribute these identifiers, the five regional authorities (RIRs) each distribute IP addresses to IPS (lnternet Service Providers) who act as local registries. They allocate to clients.
As the number of devices has grown, and the supply via the original distribution channels evaporated, other markets arose. Holders of sometimes large quantities of addresses found themselves with unused IPs. Some estimates set the total number of unused IPs at nearly one billion. At the same time, new organizations, and those that are growing, need additional resources. The “cloud” services, large retail users and other national and international providers have created significant world-wide demand for these resources.
It should also be noted that IPv4 is a well-tested, thoroughly mastered protocol that is relatively straightforward and so easy to implement and maintain. The broadly-available skill sets needed to install and manage IPv4 addresses and the general familiarity with them has contributed to the continued use of IPv4.
In response to the pending exhaustion of IPv4 addresses, a task force (The Internet Engineering Task Force – IETF) was formed to respond. In 1995 the IETF delivered IPv6 (Internet Protocol version Six). Its configuration is vastly more expansive than IPv4 as it is built on a 128-bit address layout that permits trillions of trillions of unique addresses. However, while it was created to replace IPv4, adoption of it has been slower than anticipated. Among the challenges to IPv6 adoption is significant conversion costs, conversion and management skill levels and hardware considerations.
Some older devices simply will not operate using IPv6. Plus, the two protocols are unable to communicate with one another without an intermediary. There are solutions to this problem. But among the impacts of operating the protocols in tandem is that doing so has effectively extended the life of IPv4. So, the two are functioning today across many networks.
The above describes a technology environment that lives in the midst of huge information and business developments. Demand for connectivity in general, with easy, cheap and compatible connections among devices that can be deployed quickly, has grown steadily. So, the challenges of IPv6 have buoyed demand for available IPv4 addresses. Along with demand, and faced with limited supply, prices have risen.
IPv4.Global pricing data.
The graph shown above illustrates IPv4.Global’s online marketplace pricing experience. Information published by the site – and so made publicly available – undoubtedly contributed to the narrow band of variation between high and low costs that developed beginning in early 2016. Market information is always an influencer of pricing. The market’s clear understanding of prices for blocks of all sizes seems to have helped maintain a consistent range of unit prices for the assets. What’s more, prices rose steadily, if relatively slowly, during the following five years.
It should be noted that inflation in the US was generally low during the period 2015-20. And while, in retrospect, prices of IPv4 addresses rose gradually (in comparison to later increases) the rate of growth was nearly 20% per year. Per IP prices rose from about $10 to $25 during the period.
IPv4 prices paused their gradual rise in 2019, with various block sizes trading at a slightly wider range of prices. Then, the first half of 2020 saw many existing networks stopping their growth as the pandemic swept the world. New networks and network expansion slowed or stopped entirely and along with it much of the demand for IPv4 addresses.
In early 2021 much of the vaccinated world restarted. New network builds happened and expansions resumed. This clearly produced an increase in demand for IPv4 addresses as their convenience – relative to IPv6 – prevailed.
At the same time, much of the potential supply remained on the sidelines. Renumbering projects didn’t resume quickly so supply was constrained. Many under-used blocks had been deployed using interspersed allocations of addresses, with wide and unwieldly gaps between them. Renumbering to consolidate use and so make contiguous addresses available for sale did not restart quickly. This was, in part, the case because the process can require six months. Plus, networks deploying addresses inefficiently continue to function perfectly well. So, the urgency to renumber them is not great. With demand high and supply constrained, prices rose. Very rapidly. During 2021, IPv4 prices more than doubled.
Another curious change occurred in 2021. Though pricing remained within a tight band through the first half of the year, at about $40 per address the spread widened. With very short supply, some buyers’ urgency prevailed, and prices rose even faster. Peak pricing reached $60 within months. However, given the high cost of the assets, liquidation urgency also increased: holders wanted to monetize quickly. Some of these sellers demanded maximum prices while, apparently, some were willing to sell below market to careful shoppers.
As is evident in the price graph shown, the second half of 2021 produced wildly varied prices for most block sizes. One market essentially became several of them, with buyers’ various needs and different block sizes producing significant price differentials. The many causes of these changes remain uncertain, even though market watchers can identify sources of pricing influence, certainty as to causes can’t be known. The market is too dynamic and too large to permit that conclusive analysis.
A curious price inversion has occurred in IPv4 markets. The long-term trend that discounted large blocks has reversed.
The graph below identifies /15 and /16 (large) block pricing throughout the period in the form of dark spots. It is evident that, for most of the timeframe here (2014 to the first half of 2021), large blocks sold at a significant discount.
IPv4.Global pricing data.
One might guess that the administrative chores related to large-network needs were most efficiently and cheaply satisfied with these blocks. This would, of course, increase their value. But, perhaps, this influence on pricing was overcome by the relatively high absolute cost of a large block and/or the scarcity of buyers for them. What’s more, simple price-sensitivity may have been more acute for larger purchases. Causation is tricky, here.
It is also possible that the demand for small blocks exceeded their supply, driving prices up. At least relative to the supply-demand relationship of larger blocks. Regardless of the various influences on large block prices, they remained relatively low (cheaper) throughout this period.
However, the discount for these large blocks created an unusual opportunity in a commodities market like IPv4. A large bundle of addresses was cheaper per IP address than the same block, subdivided. During 2020-2021 larger sellers and savvy traders in these assets began to break them up and sell the addresses in smaller, more costly-per-IP batches. This tactic increased the value of a large block when sub-divided.
The lower per IP price of large-block IPv4 addresses ended during 2021 as IPv4 prices began to trade in wider ranges. As that happened, the relationship between large and small block prices changed in many ways. Large blocks became (relatively) more costly than smaller ones but continue to trade in a relatively tight range. Smaller blocks began to be traded in a wider – and generally lower – range.
Today, sellers can expect a higher price-per-address for larger blocks. As noted, the cause of this inversion from recent history can’t be fully known. But it makes sense in terms of scarcity: we know there are more /18s than /16s. Prosperous, aggressive operations in online retail, communications and cloud-based services are growing rapidly and profitably. As a result, the urgency to accumulate IP addresses is acute and their value to operations very high.
Inversion pricing data from IPv4.Global.
Theoretically, a buyer could piece together smaller blocks and resell them as a newly-formed bigger blocks (/16 or more) for a bit of profit. However, locating and combining consecutive small blocks is very difficult. Non-contiguous, cobbled-together bundles of blocks are less desirable to bigger companies since the IP addresses that compose them are not digitally sequential and so present numbering issues.
It’s impossible to know if this inversion will continue, flatten or reverse. What’s more, the relative impacts of a slowing world economy and recession concerns have surely influenced near-term network development. The relative impact the economy and economic expectations may be having on the relative pricing of small, medium and large buyers remains unclear. As a result, the market situation is a curious one – and certainly unpredictable.
As noted above, one thing is undeniable: 2022 was a year of some trepidation on the part of businesses as inflation concerns raised interest rates and recession became a worry. The anticipated slowing of the economy – and especially that of the technology sector in general – caused many companies to reduce their investments.
This is the case because any networking infrastructure investment is likely to be a long-term one. Since the build-out of these investments is often extended, the benefit is delayed. All of which means the expense is current and the improved efficiency or opportunity is deferred. So, the sagging economy in connection with rising energy costs, a war and the global pandemic surely dampened investment in all infrastructure. Not surprisingly, network growth plans have (and continue to) take a hit as a result. The relative effect of this pull-back can’t be measured and its duration is unknowable.
In a nearly-pure commodities market like that for IPv4 one might expect demand to play a very significant role. However, the global economy notwithstanding, transfer volumes at both RIPE and ARIN (Europe and North America) increased significantly 2022 over 2021. Transfer records show that, worldwide, non-merger & acquisition transfers increased approximately 35% one year over the next.
New entries to IPv4 and IPv6 routing tables indicate the overall growth of those networks worldwide. In both cases, growth slowed in 2022 significantly and at about the same rate. This slowing, considering the expanded transfer rates worldwide, is surprising. Plus, the similarity of the rate of change in the two routing tables suggests that some factor is at work other than IPv4 market decline. Put simply, IPv6 deployment rate slowing can’t be due to over-deployed networks and so shrinking markets. IPv6 is far from a saturated market and so other influences must be in effect. Because IPv4 mirrors the slowing of IPv6, one is inclined to believe they are being influenced by similar factors.
Any summaries here are necessarily inconclusive. The influences on pricing in the IPv4 market are clearly at cross-currents with one another. Marketplaces are strong and infrastructure expansion has undoubtedly slowed, if only temporarily. How deep an economic decline may occur and how long it may last remains unknown. How and if that macro-economic impact will impact IPv4 markets is also anyone’s guess.
by IPv4.GLOBAL Staff
When the Internet was originally designed, its creators didn’t imagine how wildly popular it would become. As such, they allotted 4.3 billion unique, 32-bit IPv4 addresses—a figure they assumed would be more than adequate to accommodate all potential users.
They were incorrect. And now, in the wake of IPv4 exhaustion, demand continues to greatly outpace supply.
This scarcity created a budding yet frictional IPv4 market. While there were certainly interested buyers or sellers, there existed a lack of transparency regarding market participants, transfer protocols and legal issues. This made it difficult for the two parties to identify one another and then complete a transaction.
Thus, IPv4 brokers emerged. These knowledgeable intermediaries acted as the digital middleman, connecting buyers with sellers and facilitating the legal transfer of the address.
But what do these brokers do? And why would a company enlist their services?
A company may seek to acquire an IPv4 address block to obtain new internet connectivity, expand internet capacity, create a bigger network, replace exhausted addresses, or obtain a specific block of addresses for enhanced security.
Internet Protocol (IP) addresses are unique numerical identifiers assigned to every device connected to a computer network that uses the Internet Protocol for communication. Other network devices use the IP address to identify, locate, and communicate with that machine.
There are currently two versions of IP addresses in general use: IPv4 and IPv6.
But with so many more available IPv6 addresses, why would a business opt for purchasing an IPv4 address instead of the newer protocol?
Three reasons, in particular, stand out:
Today, universities are one of the largest sellers of IPv4 addresses.
At the outset, the Internet was thought to primarily be a research and educational tool, so colleges and universities were allotted tens of thousands of IP addresses, despite only needing and using a small fraction of these.
But these weren’t the only entities that acquired large pools of IPv4 addresses.
For instance, early adopters were able to acquire large pools of addresses at a time when they were both free and easy to obtain. Alternately, some companies have acquired large numbers of IPv4 addresses as part of mergers or acquisitions.
Whatever the reason, situations such as these created an imbalance in IPv4 distribution, which made these IPv4 addresses more valuable to the owners. Now, a company may find itself with extra blocks and looking to sell for one of several reasons:
Companies can review the price fluctuations of IPv4 addresses to confirm whether now is a good time to buy or sell. November 2022 data, for example, showed that prices since 2019 are still up substantially.
A broker acts as the essential lubricant for the frictional market, greatly streamlining the previously-cumbersome process of pairing buyers and sellers together.
A top broker will provide reliable and transparent information and services, partnering with a business to buy and sell IPv4 blocks. Ideally, they’ll be able to facilitate transactions of various IPv4 block sizes, ranging from smaller online transactions to much larger private transactions.
For instance, at IPv4.Global, we offer a multi-tiered platform in addition to private brokerage services:
At the online marketplace, participants can buy, sell, or lease IPv4 addresses. The address blocks are auctioned off to the highest bidder or made available for a fixed “buy now” purchase price.
How does the sale take place? IPv4.Global provides a fast, easy, and secure five-step process:
Private sales will go unlisted on the online market. IPv4.Global can provide privately negotiated transaction services via phone for an anonymous buyer, which includes:
Whether a business is looking to buy, sell, or lease a series of IPv4 addresses, IPv4.Global can broker to make that happen, acting as matchmakers, market analyzers, contract negotiators, transfer assistants, and legal guides.
With more than 55+ million addresses brokered, and $800 million generated for our clients since 2014, we have completed more IPv4 sales than any intermediary in the world.
Whether a client wishes to utilize our online IPv4 auction marketplace or take advantage of our private brokered solutions, we are the destination for IPv4 sales.
Contact us today if you’re in the market to buy, sell, or lease IP addresses.
by IPv4.Global Staff
The US Federal and state governments are starting programs to distribute $65 billion for rural broadband services. NRECA has encouraged activities like utility pole audits to get ready. But deploying internet services requires an intangible resource, too: IPv4 addresses.
Every internet connected network needs a pool of IPv4 addresses to assign to technical infrastructure and assign to customers.
Co-ops will need to obtain IPv4 addresses, get them ready for use, and decide how they want to manage their internet connectivity.
ARIN is the internet registry that serves North America. It still assigns small blocks of IPv4 addresses to organizations on a waiting list. But the wait is growing. ARIN reported in October 2022 that the list is growing by about 120 a quarter. Over 1,000 organizations were expected to be on the list by the end of 2023. Just 69 waitlist requests were fulfilled in Q3 of 2022.
Co-ops who want to deploy broadband services to customers in 2023 will need to go to the market for addresses. In the 1990s many organizations got large pools of IPv4 addresses. Many never need all they were allocated. In other cases, technical improvements since then mean they can run their networks with fewer addresses. So they can sell the rest to other organizations.
IPv4.Global can help co-ops get up and running by brokering a sale or a lease. Our auction platform provides transparent pricing and our experts can walk you through the transfer process.
Once you have your IPv4 address you need to get them ready for deployment. This means making sure they have a neutral or good reputation and are known to be in use in the geographical area you serve.
Unfortunately, malicious actors send spam and distribute malware. The IPv4 addresses they use gain a poor reputation in databases used by many respectable organizations. They use these databases to decide whether to accept connections from users of those IPv4 addresses.
Content networks, retailers, and banks also want to know where the users of an IPv4 address are located. This helps them ensure they provide content in the right language and informs anti-fraud algorithms.
Updating geolocation information and following self-service removal processes for reputation lists is an important first step in getting IPv4 address space ready for use.
It’s not enough to have a good clean block of IPv4 addresses. It’s important to manage how it is deployed across your network. This is done with modern IP Address Management (IPAM) tools. Whether you choose a free or paid IPAM service, they offer four key benefits:
Connecting a broadband network to the internet can be done by directly connecting to an upstream provider. They will ensure your users can connect to services across the internet. But connecting to multiple upstreams can provide resilience and help with cost management. If you want to do this you’ll need to get an Autonomous System Number (ASN) from ARIN.
When you have an ASN you can take more control of your network’s connections with other networks. PeeringDB is the go-to location for interconnection data. It lists 160 Internet Exchange Points (IXPs) in the United States. These are physical infrastructures allowing many networks to exchange Internet traffic, lowering costs and reducing latency.
Euro-IX, the European trade association for IXPs, has a learning portal to help new networks learn how to get the best from IXPs.
This report only describes our online marketplace sales. The flat-lined large block report is the result of such transfers being conducted privately toward the end of the year and were therefore not included in this graph. Privately sold /16s transferred at around $52.50 in December. Smaller block sizes – as noted – changed very little in price.
by IPv4.GLOBAL Staff
Hilco Streambank’s IPv4.GLOBAL has sourced IP blocks on behalf of buyers for many years. Our staff assists in locating resources that satisfy specific needs in terms of RIR, price, transfer schedule, and – of course – price. Requests vary.
Requests are made in all shapes and sizes. Often, we source a single block. We also search for multiple blocks – both large and small – available either immediately or over an extended acquisition schedule. These searches are efficient, often timely means of targeting a need and fulfilling it.
As most regular observers of the IPv4 market understand, 2022 has seen significant price volatility. So, both buyers and sellers have sometimes been subject to unwanted swings in pricing, only to see those swings reversed days or weeks later. Having us source space for you in a programmatic way will help you manage these swings effectively.
In an effort to add valuable features to our sourcing services, we’ve instituted a program of sourcing IP addresses that offers buyers even greater flexibility and certainty. Plus, the opportunity to save along the way.
Our baseline buyer agreement specifies a block size (or sizes) needed and a maximum acceptable price for the assets. Based on the size and term of the engagement, we set a flat dollar-per-IP fee. So, a request might be, “An ARIN /20 at $48 per address or less with a fee to IPv4.GLOBAL of an additional $1.50 per address.” The term on such agreements is open to discussion and acceptance of a block, once located, is subject to the buyer’s approval at the time it becomes available. Put simply, this is a detailed request without an obligation to buy.
When sourcing IP resources we sometimes encounter sellers whose circumstances result in a discounted asking price. Since we are sourcing on the buyer’s behalf, we can extend a lower-than-requested price to that buyer. We can build in an incentive fee for a percentage of the savings over your baseline price. We are rewarded for our successful search and the buyer gains significant additional savings.
This program offers buyers the world’s largest marketplace and our private brokerage as a resource for their specific needs. It establishes a maximum price and acceptable delivery schedule and is subject to the buyer’s acceptance at every step of the way. Plus, there is the very real opportunity to discover savings by acquiring discounted resources as a result of our expertise and focused search.
So, we offer:
For more information, email RKassin@hilcoglobal.com or complete the contact form to the left.
December 13, 2022
APNIC has announced fee increases for 2023. The fee charged per address will go up but the base fees for members and non-members will not change. APNIC charges 20% of the annual fee for transfers. Its annual fees, which have increased slightly this year, have many tiers and it has a fee calculator on its website. There are also discounts for organizations based in some economies. APNIC gives three examples of fees for transfers:
There is no change to the fees for those with the smallest allocations – 256 IPv4 addresses. They will remain at AUD 1,180 in 2023.
Organizations with 8,192 IPv4 addresses will have to pay an extra AUD 171. The new fee will be AUD 4,552. Bigger networks will pay more. An organization with 65,536 IPv4 addresses will pay an extra AUD 609. The new price will be AUD 10,234.
The percentage increase varies depending on the total amount of address space you hold. APNIC provides fee calculators for both members and non-members in addition to the table in its blog post.
Buyers of /16 and larger blocks have gone on vacation (or bought smaller space), which might presage softening /16 prices. Larger blocks still see higher prices, as shown in the chart. Last year, prices were at their peak at the end of the year and began falling in the first quarter, but past performance is no guarantee of future returns.
ARIN has introduced a new sliding scale for transfer fees, starting in January 2023. ARIN will bill these fees. IPv4.Global will follow ARIN policy in this matter going forward and both buyers and sellers will be responsible for their appropriate RIR fees.
ARIN will charge $500 to the source of a transfer. They will also charge recipients on a sliding scale, based on the size of the transferred block.
Recipients of the smallest blocks, 256 addresses, must pay $187.50. This grows to $750 for 1,024 addresses and $6,000 for blocks larger than 65,536 addresses. The theoretical top fee is $192,000 for recipients of blocks of more than 67 million addresses.
APNIC charges 20% of the annual fee for transfers. Its annual fees have many tiers and it has a fee calculator on its website. There are also discounts for organizations based in some economies. APNIC gives three examples of fees for transfers:
LACNIC charges sellers US$ 1,000 for transfers of between 256 addresses and 8,192 addresses. Transfers of more addresses cost US$ 1,500. Sellers must pay a $200 deposit at the start of the process.
The RIPE NCC does not levy a special transfer fee. It requires members to pay the full annual service fee for all their LIRs (accounts) before the transfer.
by IPv4.GLOBAL Staff
Ever since IPv4 exhaustion, these addresses have become a much-sought-after commodity. As a result, the price to acquire additional addresses has risen dramatically. To cut down on the cash flow impact of expanding IPv4 holdings, especially if IPv4 addresses aren’t required for an extended period of time or future needs are uncertain, other options are attractive.
IPv4 leasing is an option that might fit the bill. Depending on one’s needs, it may be a cheaper option while still fulfilling the same requirements as buying a block of IPv4 addresses. The benefits of a leasing option are significant and so warrant a close look.
A company with IPv4 holdings can choose to lease its IPv4 address blocks instead of selling the ownership rights to them. Essentially, this means they can “rent” them out over a set period of time rather than passing them along to a new owner indefinitely.
The leasing decision is not unlike deciding whether to buy or rent a house. One can pay a large, one-time lump sum to own a house (or incur significant debt to do so) or pay a lower rate month-by-month to rent it. For shorter term living, or if long-term needs are uncertain, a rental option may save the most money in the long run and will preserve cash in the near term. Both considerations are important if future needs are uncertain or if cash (or affordable credit) is in short supply.
Either option may be beneficial if it aligns with a company’s needs. Depending on the nature of a company’s requirements, upcoming device rotations, and amount of capital available, one may be better than the other. Businesses should look to lease IPv4 addresses if:
On the other hand, businesses should consider purchasing IPv4 addresses if:
There are other factors that may play a role in the decision to lease or purchase IPv4 addresses. But overall, the preferences between the two options are governed by whether or not an organization has long-term certainty and the available funds for a purchase.
Much like buying or selling IPv4 addresses, these assets can also be leased through an IPv4 broker.
After IPv4 exhaustion, it became clear that IPv4 addresses were becoming a valuable resource since demand for them was high and rising despite their supply having run out. However, it was difficult for sellers to find buyers and vice versa, in addition to the hassle of drawing up their own contracts, completing transfers, moving funds and addressing other legal concerns.
This is why IPv4 brokers formed. They help companies who are interested in trading their IPv4 addresses find each other quickly and efficiently while taking care of the legal and regulatory sides of things, cutting down the time spent during the process. They quickly became a reliable way to buy and sell IPv4 addresses. If looking to buy, sell, or lease IPv4 addresses, finding a trusted IPv4 broker is the best way to go about it.
As far as leasing vs. purchasing IPv4 addresses, first gauge the scope and timelines associated with IP address needs. There are benefits for both options, in the form of saving money in the short term with leasing or saving in the long term by outright purchasing IPv4 addresses. Drawbacks in the form of money lost usually come from a mismatch of a company’s goals and choosing the less efficient option, e.g. purchasing IPv4 addresses when they’re only needed in the short-term.
To learn more about leasing vs. buying IPv4 addresses or getting started with either, visit IPv4.Global for more information.
Prices seem to have stabilized, with a premium for /16 and larger blocks. Will they remain stable, or will there be an end-of-year frenzy?
October 28, 2022
ARIN 50 kicked off with a report on the slowing pace of allocations through the IPv4 Waitlist.
ARIN reported that it only fulfilled 69 Waitlist requests in Q3 of 2022. On average, organizations got just 850 addresses. The total allocated space was less than 60,000 addresses.
ARIN reported that the Waitlist is increasing by about 120 requests a quarter, with just 60 allocations. It projects that over 1,000 organizations will be on the Waitlist by the end of 2023. It cannot project beyond the end of 2023 because it bases projections on revoked space. ARIN does not know how much space will be revoked in the future.
Participants discussed two proposals to simplify transfers.
2020-6 should help organizations downsize to a smaller block. The freed up space can then be transferred to other organizations. 2022-3 should lower the administrative burden in processing a transfer. It removes the need for an officer of the company to sign an attestation on the documentation provided to ARIN. ARIN is confident that removing this requirement will not impact its ability to pursue cases of fraud.
Both proposals were well supported and are likely to be adopted.
by IPv4.GLOBAL Staff
During mergers or the acquisition of another organization, digital assets play an ever-expanding role. There is a greater variety of these assets to be considered and they play a more important role in business than at any time in the past. Technology develops at an exponential rate, creating new types of digital assets all the time, further complicating intangible asset valuation. Of course, their valuation, impacting a purchase or merger, has become more crucial, too.
Many digital assets have a clear developmental history and current role in their organizations making it clear what makes them valuable. However, there may be some “hidden” assets that require a bit more due diligence to evaluate their worth. In some cases, companies may not conduct this research and could be sitting on a veritable gold mine of digital assets, either as seller or potential buyer, they are not aware of. One asset in particular has seen a relatively recent – seemingly quiet – surge in value.
In short, anything that is stored digitally can be considered a “digital asset,” such as audio files, spreadsheets, slide shows, etc. Obviously, many of these do not hold significant monetary value, but are considered digital assets nonetheless. Here are some examples of more common digital assets of value:
There are plenty of other examples of digital assets with variable value, but there’s a particularly valuable one that is oftentimes “hidden” to companies as they’ve either been overlooked or are sitting around unused: IPv4 addresses.
The IPv4 format was the structure of the first IP addresses that were publicly used when the Internet was created in the early 1980s. However, the popularity of the Internet was underestimated, and the 32-bit structure of the IPv4 format did not allow for enough unique IP addresses for all of the devices that would eventually seek to connect. This led to IPv4 exhaustion, i.e. there were few if any IP address blocks available for distribution by the organizations managing the system.
Thankfully, the IPv6 format was created before the world hit IPv4 exhaustion, with a 128-bit structure that allows for such a large number of IP addresses that we won’t likely hit an exhaustion again. However, since so many connected devices and websites are built on the IPv4 infrastructure, there are compatibility issues and conversion costs to abandoning or integrating IPv4 with IPv6. So, there is a widespread reluctance for businesses to adapt the IPv6 format.
If companies want to expand their connected devices network without integrating with IPv6 or converting their entire network’s infrastructure to the IPv6 format, they must find more IPv4 addresses. These have become a scarce resource. It is this very demand that has driven the value of IPv4 addresses to unprecedented heights.
Currently, IPv4 addresses are worth as much as $58 per address. When looked at individually this may seem to be a small amount, but IP addresses are usually acquired in blocks, denoted by symbols such as /24 or /16. The larger the number after a “/,” the smaller the block, and the smallest blocks tend to be valued in the tens of thousands of dollars while the largest blocks can be valued in the tens of millions.
This means that, in the event of a company acquisition or merger, if an unused block of IPv4 addresses is acquired, chances are high that it holds significant value.
Finding buyers for IPv4 addresses can be difficult, as it takes time to find an interested party that is qualified, draw up legal contracts, negotiate terms, etc. To avoid these headaches (and potential pitfalls), the most common way businesses trade IPv4 addresses is through a broker. IPv4 brokers pair sellers with buyers, or vice versa, and allow listings of all sizes on their platforms while taking care of most legalities and regulations. Escrow services are used to manage payments between parties. Registered IPv4 brokers are trustworthy facilitators to transfer IPv4 address blocks between two interested parties.
For more information on IPv4 address value, or to buy or sell IPv4 addresses, visit https://ipv4.global/.
October 28, 2022
Over 1,000 organizations are each waiting more than 300 days to get a block of just 256 IPv4 addresses – a /24 – in the RIPE region. The RIPE NCC warned that the wait time will soon reach 24 months despite allocating 900 /24s in the last year.
In December 2021, 330 member organizations were waiting for a /24. But half of those members had multiple accounts. More than half of waiting members now have just one account.
Each request from a member with multiple accounts delays what the RIPE NCC described as “real newcomers” by 1 to 2 days. They asked whether the community wants to change the policy.
The Database Working Group discussed adding geolocation as a purpose in the RIPE Database Terms and Conditions. Another suggestion was to place geolocation in a separate, independent, database. Users rely on the “operational purposes” term now but this is hard to interpret. The Database Working Group co-chairs will now decide how to manage this discussion.
Ukraine’s government requested help from the RIPE NCC earlier in October 2022. The RIPE NCC described several ways it could protect members in distressed areas from forced transfers. They asked the RIPE community to develop a policy for this issue. But the community pushed back and asked the RIPE NCC and asked the RIPE NCC board to take action.
The subject has generated a wave of discussion on the RIPE NCC Services Working Group list.
by IPv4 Staff
There is a general consensus IPv4 exhaustion occurred sometime in 2010. This varied by region, of course. RIPE announced that all IPv4 addresses had been allocated in 2019. This was anticipated and there was already a new format in place in preparation for this moment: IPv6. However, most companies still rely on the IPv4 format since it has been in existence for far longer than IPv6, and is, essentially, the foundational format for the vast majority of connected devices.
This led to a widespread reluctance to switch to the IPv6 format, as a majority of networks relies on the IPv4 infrastructure already in place. IPv6 conversion requires a lot of time, retraining, capital, etc. that many companies are unwilling to accommodate. This led to a rise in IPv4 demand, and thus the rise in its financial value.
Depending on a company’s IPv4 assets, they could be sitting on a valuable asset and lucrative opportunity. Whether there are unused IPv4 addresses from a company merger or an educational institution sitting on freely distributed assets that are now unused, it is important to understand the IPv4 inventory in any organization.
Other than the financial impact to be made from the sale or lease of available IPv4 address blocks in an IPv4 inventory, there are many reasons why having a thorough understanding of a company’s IPv4 addresses is important, especially as it pertains to IP address management. These include:
The saying “knowledge is power” rings true for why one should aim to have an all-encompassing IPv4 inventory for their institution. It will help bolster security and save precious time when seeking to expand a network with more connected devices. Conducting a thorough IPv4 inventory may also uncover hidden, unused IPv4 address blocks, which can then be used to fulfill any number of purposes, including their sale.
Depending on a company’s needs, one thing they could do is save them for later use. It helps business owners and employees rest easier knowing these IPv4 addresses are now accounted for and their network enjoys some bolstered security, along with all sorts of benefits like those mentioned above. On the other hand, they could sell them for a potentially large profit.
Companies don’t actually sell IPv4 addresses themselves. Rather, they sell the rights to their exclusive use. Regardless, there are many companies trying to buy IPv4 addresses at their substantially increased current price, e.g. tech giants like Amazon which has been buying large numbers of IPv4 addresses.
Image by IPv4GLOBAL
Looking at the above price chart, the leap in financial value IPv4 prices have experienced is all too obvious. Recently, the price hovers around the $50 mark per address, depending on the size of the IPv4 address block an entity is considering buying or selling. In many cases, this price level values holdings in the hundreds of thousands, millions and even tens of millions of dollars.
Selling the rights to IPv4 addresses is something that has been going on for quite some time. The advent of IPv4 exhaustion gave rise to the IPv4 marketplace and the idea of trading IP address ownership, and to facilitate this process IPv4 brokers were created.
Registered IPv4 brokers are trustworthy entities that act as a mediator between buyers and sellers of IPv4 addresses. They can save a lot of time and legal headache through playing this role, since companies had to find each other through more cumbersome processes and draw up their own contracts before IP address brokers came into existence.
To learn about IPv4 address inventory, or about buying, selling, and leasing IPv4 address blocks, visit IPv4GLOBAL for more information.
A slight bounce on small and medium blocks may mean we’ve hit the pricing floor. Large blocks might seem to have pulled back slightly, but that may simply be reflecting the mix of individual /16s compared to larger blocks, which fetch premium pricing.
by IPv4.GLOBAL Staff
As the scarcity of IPv4 addresses – combined with demand for them – continues to drive up their value, IPv4 buyers have expanded the scope of their searches for these assets. Similarly, sellers have broadened their willingness to consider a wider geographic range of transfers. This has led many buyers to search outside their Regional Internet Registries (RIR) for transfers that satisfy their needs.
So, to the question, “Can I transfer IPv4 addresses between RIRs,” the short answer is yes. Trading and transferring IPv4 addresses between RIRs, often called inter-RIR transfers, is completely legal and has been going on for some time. Based on the RIR, there are different policies, fees, required information, and processing times that IPv4 buyers and sellers will have to account for when transferring IPv4 blocks between different RIRs.
The Registries that permit inter-RIR transfers are ARIN, LACNIC, RIPE and APNIC. The fifth RIR, AFRINIC, doesn’t have a policy allowing inter-RIR transfers.
The approval process for an inter-RIR transfer will vary depending on the RIRs IPv4 addresses are being transferred between, but the broader strokes will be the same. Step-by-step, the approval process looks something like this:
There may be some differences depending on the RIR, but these are the essential steps to any inter-RIR IPv4 transfer. These transfers vary in the time they take, but the process at ARIN, RIPE and APNIC can require up to a month or perhaps a little longer to conclude. LACNIC transfers require at least two month and may require up to ten months.
Other than justification from the buyer and transfer confirmations in an inter-RIR IPv4 trade, RIRs will request various documents to confirm the validity of the transfer and the legitimacy of the parties involved with the trade. Depending on the RIR, they can request membership documents, proof of registration, information of the buyer or seller’s organization, company director or equivalent role when necessary, etc.
Additionally, RIPE offers an inter-RIR transfer template which will need to be filled out by the seller. Others may require submission through their portals.
As expected, the amount in membership, transfer and processing fees organizations will be asked to pay varies depending on their respective RIRs transfer policies. The size of the IPv4 block in question can also have an effect on the amount charged.
For information on specific RIR transfer fees, see below:
In addition to the typical intra-RIR restrictions, there are additional factors that may lead to the disqualification of an IPv4 transfer or a breach of contract. This may be obvious, but if transfer fees aren’t paid in full by both parties the inter-RIR trade cannot proceed and could potentially be called off altogether. Additionally, both parties must be sure to update the relevant databases to reflect the new allocation of IPv4 addresses when the transfer is complete for public record, as this can also be considered a disqualification if ignored.
If you want to learn more about inter-RIR transfers or are looking for an IPv4 broker to assist you with one, visit https://ipv4.global/.
The IP transfer process can be daunting if one is not familiar with the information required by each RIR. A number of reasons drive the detailed requirements for a transfer, including privacy, security and transparency. All reasonable goals, certainly. But in order to satisfy these requests, fairly precise steps must be taken to transfer an IP block between user entities.
Our team has experience in the process. We have successfully completed thousands of transfers and assist buyers on a daily basis. We provide a streamlined transfer process without sacrificing clear communication and procedural accuracy. Not surprisingly, to ensure a fast transfer, client cooperation is key. In order to make transfers more understandable, and therefore comfortable, the following describes the transfer process for IPv4 buyers in an RIPE-to-RIPE transfer.
1-3 days
Create an RIPE account
Register your RIPE account: Prior to purchasing IPv4 for your organization, you should make sure to have a registered account in your local regional internet registry (RIR).
To discover if you have a registered account, please go to the RIPE Database, and type you company name.
To register an account, visit my.ripe.net to get started.
Create an Org-ID: This is the identifier unique to your organization.
Visit Creating Organization Objects on RIPE’s website for information on how to create and manage Org IDs.
You will be asked to enter a contact such as Admin, Tech, or Abuse contact for your organization.
You will also be asked to provide a signed Registration Service Agreement by an authorized person at your organization.
Note: Please make sure the Org. Name registered on this account matches that of the legal name on your Company Registration Paperwork with your local Chamber of Commerce. Changing organization names or getting a new Org-ID after the purchase of the block will drastically delay the transfer process.
1 day
Register Account on IPv4.Global
Register Account: Register with us at IPV4.Global . During this step, one of our analysts will review your registration. If all checks out, our analyst will reach out for Buyer in-take.
When registering your account, it is best to provide the following information to gain approval:
1-3 days
Set Up Vendor Purchase Order between your organization and IPV4.Global
Set up Vendor Account: During this step, we provide your accounts payable team with any information/documentation they may need to set up payment to us.
To get started, please reach out to one of our Transfer Analysts or contact us through our Contact Us forms.
As agents, we hold the funds in our Escrow until the addresses are completely transferred to our recipient ensuring the security and reliability of our transfers.
Once the block is successfully transferred to the recipient’s RIPE account, we will release the funds to the seller.
Note: It is extremely important that this step is done before the purchase of the block on our site, as late payment could severely impact the transfer process leading to delays or cancellations.
~ 1-3 weeks
Purchasing IPv4
(1 – 5 days) Remit payment. Standard methods include wiring into Escrow or using Escrow.com.
Once purchased, our analysts will serve as liaison between you and the seller and provide guidance through the entire transfer process until completion.
(1-7 days) Gather all the required information and documents for the seller:
Buyer Information
Business Registration Papers
Please note that if your company is registered outside of RIPE, the business registration papers must be less than three months old.
(1-3 days) A RIPE Transfer Agreement will be sent out to both parties to review and sign.
(1 day) The seller will go onto their LIR account on the RIPE NCC portal and request a transfer. The seller will submit the information and documents gathered earlier in their transfer request.
Please note that if you are If you are not an LIR, you will need your sponsoring LIR to submit the document on your behalf.
(1 – 7 days) RIPE will review the seller’s request
During this time, RIPE will contact you to confirm that you want the space transferred to your organization’s account and ask for any additional information they may need.
(1 day) Once the due diligence process is completed, RIPE will transfer the block and update the database.
Note: Payment deadline is 5 days after block’s sale ended.
1 day
Transfer Completion
Completion Notice: Our Analyst will notify you that the transfer is complete and announce the release of funds to the seller.
To help ensure you have all the documents you will need ready before your IP purchase, download our Buyers’ Checklist by clicking here.
The IP transfer process can be daunting if one is not familiar with the information required by each RIR. A number of reasons drive the detailed requirements for a transfer, including privacy, security and transparency. All reasonable goals, certainly. But in order to satisfy these requests, fairly precise steps must be taken to transfer an IP block between user entities.
Our team has experience in the process. We have successfully completed thousands of transfers and assist buyers on a daily basis. We provide a streamlined transfer process without sacrificing clear communication and procedural accuracy. Not surprisingly, to ensure a fast transfer, client cooperation is key. In order to make transfers more understandable, and therefore comfortable, the following describes the transfer process for IPv4 seller in a RIPE-to-RIPE transfer.
1 day
Ensure RIPE account details
RIPE account: Make sure you have access to your RIPE account.
Merger & Acquisition: Check to see if your company has undergone M & A.
Block Listing: Check for announcement, spam, and block listing. Read more on block listing here.
1 day
Register Account on IPv4.Global
Register Account: Register with us at IPV4.Global. During this step, one of our analysts will review your registration. You may list your block for pre-sale review at the same time.
When registering your account, it is best to provide the following information to gain approval:
1-3 days
Submit Block for Review
Block Review: Once your blocks are submitted, they will be reviewed by an analyst.
If the block is transferable, you will receive an Engagement Agreement (EA) from us for you to review.
The EA includes our terms, commission, and other legal details.
Onboarding: After signing this agreement, you will go through our onboarding process.
During this step, we will see if your block has gone through M&A, discuss pricing strategies, etc.,
Note: Blocks in RIPE are transferable only after they are held for two years after registration
~ 1-3 weeks
Transferring IPv4
(1 – 5 days) Await buyer’s payment: Once payment is received, our experienced analysts will serve as liaison between you and the buyer and provide guidance for the entire transfer process until completion.
(1 – 7 days) Buyer’s information and registration papers are gathered for the transfer request.
(1 – 3 days) A RIPE Transfer Agreement will be sent out to both parties to review and sign.
(1 day) You will go onto your organization’s LIR account on the RIPE NCC portal and request a transfer. Submit both parties’ information, registration papers, and the signed transfer agreement with the transfer request.
(1 – 7 days) RIPE will review the seller’s request
During this time, RIPE will contact the buyer to confirm that they wish to receive the space and ask for any additional information they may need.
(1 day) Once the due diligence process is completed, RIPE will transfer the block and update the database.
1 day
Transfer Completion
Completion Notice: Our Analyst will notify you that the transfer is complete and announce the release of funds to your account.
To help ensure you have all the documents you will need ready before your IP sale, download our Sellers Checklist by clicking here.
The IP transfer process can be daunting if one is not familiar with the information required by each RIR. A number of reasons drive the detailed requirements for a transfer, including privacy, security and transparency. All reasonable goals, certainly. But in order to satisfy these requests, fairly precise steps must be taken to transfer an IP block between user entities.
Our team has experience in the process. We have successfully completed thousands of transfers and assist buyers on a daily basis. We provide a streamlined transfer process without sacrificing clear communication and procedural accuracy. Not surprisingly, to ensure a fast transfer, client cooperation is key. In order to make transfers more understandable, and therefore comfortable, the following describes the transfer process for IPv4 buyers in an ARIN-to-ARIN transfer.
1-3 days
Create an ARIN account
Register your ARIN account: Prior to purchasing IPv4 for your organization, you should make sure to have a registered account in your local regional internet registry (RIR).
To discover if you have a registered account, please go to whois.arin.net, and type you company name with asterisks side by side.
For example, if your company name is ‘Example’, please type *Example*
Create an Org-ID: This is the identifier unique to your organization.
Visit Creating an Org-ID on ARIN’s website for information on how to create and manage Org IDs.
You will be asked to enter a Point of Contact (POCs) such as Admin or Tech for your organization.
You will also be asked to provide a signed Registration Service Agreement by an authorized person at your organization.
Note: Please make sure the Org. Name registered on this account matches that of the legal name on your Company Registration Paperwork with your local Chamber of Commerce. Changing organization names or getting a new Org-ID after the purchase of the block will drastically delay the transfer process.
1-2 weeks
ARIN Pre-Approval
Submit Pre-Approval Request:
If this is your first-time purchasing addresses, ARIN will request justification information for your 24-month IP addressing needs.
See instructions on how to submit the Pre-Approval Request here.
We advise that you review ARIN’s Quick Guide to Requesting Resources before filling out the justification form.
Click here to see Example Justification Form.
(Pre-Approval Validity: 2 years)
Note: Once the two years are up, you will need to file for justification once more to maintain pre-approved status.
1 day
Register Account on IPv4.Global
Register Account: Register with us at IPV4.Global. During this step, one of our analysts will review your registration. If all checks out, our analyst will reach out for Buyer in-take.
When registering your account, it is best to provide the following information to gain approval:
1-3 days
Set Up Vendor Purchase Order between your organization and IPV4.Global
Set up Vendor Account: During this step, we provide your accounts payable team with any information/documentation they may need to set up payment to us.
To get started, please reach out to one of our Transfer Analysts or contact us through our Contact Us forms.
As agents, we hold the funds in our Escrow until the addresses are completely transferred to our recipient ensuring the security and reliability of our transfers.
Once the block is successfully transferred to the recipient’s ARIN account, we will release the funds to the seller.
Note: It is extremely important that this step is done before the purchase of the block on our site, as late payment could severely impact the transfer process leading to delays or cancellations.
~ 1-3 weeks
Purchasing IPv4
(1 – 5 days) Remit payment. Standard methods include wiring into Escrow or using Escrow.com.
Once purchased, our analysts will serve as liaison between you and the seller and provide guidance through the entire transfer process until completion.
Submit 8.3 Transfer Request to ARIN. A ticket number will be generated from this submission.
If you have Pre-Approval:
(1 day) Provide the Hilco your Pre-Approval Ticket Number.
Add Seller’s ticket number to your ticket once received.
(1 day) ARIN will notify you of transfer approval once they approve the ticket on the seller’s side and perform their due diligence.
(1 day) After ARIN performs one final review, they will notify you of the completion of transfer.
If you do not have Pre-Approval:
(1- 2 days) Review: ARIN will review your request.
(1 week) Justification: You will need to provide a reason for the need of this block. Please see Step 2 for details.
(1 – 3 days) Officer Attestation: After reviewing the block and documentation, ARIN will ask an authorized person from your organization to review, sign and notarize the Officer Attestation form.
(1 day) After ARIN performs one final review, they will notify you of the completion of transfer.
Note: Payment deadline is 5 days after block’s sale ended.
1 day
Transfer Completion
Completion Notice: Our Analyst will notify you that the transfer is complete and announce the release of funds to your account.
To help ensure you have all the documents you will need ready before your IP purchase, download our Buyers’ Checklist by clicking here.
The IP transfer process can be daunting if one is not familiar with the information required by each RIR. A number of reasons drive the detailed requirements for a transfer, including privacy, security and transparency. All reasonable goals, certainly. But in order to satisfy these requests, fairly precise steps must be taken to transfer an IP block between user entities.
Our team has experience in the process. We have successfully completed thousands of transfers and assist buyers on a daily basis. We provide a streamlined transfer process without sacrificing clear communication and procedural accuracy. Not surprisingly, to ensure a fast transfer, client cooperation is key. In order to make transfers more understandable, and therefore comfortable, the following describes the transfer process for IPv4 seller in an ARIN-to-ARIN transfer.
1 day
Ensure ARIN account details
ARIN account: Make sure you have access to your ARIN account.
Merger & Acquisition: Check to see if your company has undergone M & A.
Block Listing: Check for announcement, spam, and block listing. Read more on block listing here.
1-2 weeks
ARIN Pre-Approval
Submit Pre-Approval Request:
As a source there is no pre-approval transfer. You can submit an 8.3 (or 8.4) transfer without designating a recipient. ARIN will review this as though it were a real transfer.
In this step, you should submit Transfer Fee and Officer Attestation in advance. Download the Officer Attestation Template here.
Note: If you submitted an 8.3 Transfer Request, this block can only be transferred within the ARIN region. Thus, if your block was bought by an RIR other than ARIN, you will have to create an 8.4 Transfer Request later. ARIN will allow the transfer fee to be applied to this new ticket)
1 day
Register Account on IPv4.Global
Register Account: Register with us at IPV4.Global. During this step, one of our analysts will review your registration. You may list your block for pre-sale review at the same time.
When registering your account, it is best to provide the following information to gain approval:
1-3 days
Submit Block for Review
Block Review: Once your blocks are submitted, they will be reviewed by an analyst.
If the block is transferable, you will receive an Engagement Agreement (EA) from us for you to review.
The EA includes our terms, commission, and other legal details.
Onboarding: After signing this agreement, you will go through our onboarding process.
During this step, we will see if your block has gone through M&A, discuss pricing strategies, etc.,
Note: Blocks in ARIN are transferable only after they are held for a year after registration
~ 1-3 weeks
Transferring IPv4
(1 – 5 days) Await buyer’s payment: Once payment is received, our experienced analysts will serve as liaison between you and the buyer and provide guidance for the entire transfer process until completion.
Submit 8.3 Transfer Request to ARIN: A ticket number will be generated from this submission.
If You Have Pre-Approval:
(1 day) Provide the Hilco your Pre-Approval Ticket Number. Add Buyer’s ticket number to your ticket once received.
(1 day) ARIN will notify you of transfer approval once they approve the ticket on the seller’s side and perform their due diligence.
(1 day) After ARIN performs one final review, they will notify you of the completion of transfer.
If You Do Not Have Pre-Approval:
(1 – 2 days) ARIN will review your request.
(1 – 2 days) ARIN will send you a Transfer Fee Invoice. You will forward this Invoice to our analyst who will pay the transfer fee invoice on behalf of the buyer
(1 – 3 days) Officer Attestation: After reviewing the block and documentation, ARIN will ask an authorized person from your organization to review, sign and notarize the Officer Attestation form.
(1 – 3 days) After ARIN reviews the OA, they will approve the transfer.
(1 day) After ARIN performs one final review, they will notify you of the completion of transfer.
1 day
Transfer Completion
Completion Notice: Our Analyst will notify you that the transfer is complete and announce the release of funds to your account.
To help ensure you have all the documents you will need ready before your IP sale, download our Sellers Checklist by clicking here.
Trends in 2022 have continued, with prices for /16 and larger blocks edging slightly higher, while smaller block prices have continued downward. Prices continue to reflect changes in supply and demand, and predicting whether the trends continue is risky.
In recent months, we’ve been working on a number of transfers in and out of the LACNIC region. Because transactions in the region take so long, buyers are less eager to buy, so LACNIC region sellers have to lower their prices below sellers in ARIN, RIPE, and APNIC regions. Those lower prices don’t necessarily reflect market dynamics in other regions, so we have removed LACNIC transactions from this month’s report.
A steady supply of small-to-medium space has resulted in slightly fading prices, while large buyers are bidding competitively over the limited supply of /16 and larger blocks.
October 1, 2022
Hilco Streambank’s IPv4.GLOBAL, the world’s most experienced internet protocol address broker, today announced a program dedicated to helping educational institutions fund their future projects. The program focuses on valuing and monetizing IPv4 addresses. It provides real time information on the value of these assets. Colleges and universities around the U.S. currently have many thousands, often tens of thousands of these assets worth millions of dollars, often barely used.
The program is being launched at EDUCAUSE, a showcase event for U.S. education attended by thousands of technology professionals. The event is being held in Denver, CO October 25-28. Information about each university’s IPv4 holdings and their value is available now to all potential attendees of the conference.
In person inquiries can be made at IPv4.GLOBAL’s EDUCAUSE booth # 1353. Inquiries can be addressed directly to EducationSales@hilcoglobal.com.
“We have been working all year towards this launch and this event,” said Lee Howard, Senior Vice President of Hilco Streambank’s IPv4.Global. “Providing funds to schools to support IT infrastructure projects or other capital expenditures is the kind of work we love to do.”
by IPv4.GLOBAL Staff
When most people think of their IP address, they think of themselves as the owners since they have a device associated with a unique IP address from which they send and receive information. However, this is not the case, as IP addresses are not actually owned by any individual, but rather they are assigned by much larger entities.
It is also worth noting that the ISPs, hardware manufacturers, network operators, etc. who use thousands and sometimes millions of IP addresses don’t own them either. IP addresses can be considered an asset but not one that is strictly “owned.”
Individual IP addresses are unique identifiers. While used one at a time, they are transferred in “blocks” of sometimes many IP addresses. Possession of a block includes unique registrations of addresses in registries, worldwide. These registries maintain uniqueness in the sense that they make sure it’s clear who is the authorized user of a block of IP addresses. Registration includes the ability to transfer IP address use to someone else, subject to the policy of the registries, in return for payment.
An IP address is generally formatted in two ways: those known as IPv4 and those called IPv6. IPv4 (formally Internet Protocol version Four) is the traditional format made up of 4 groups of 8 binary digits, or “32 bits” in total length. The much more robust IPv6 format is 8 groups of 16 bits, or 128 bits in total length. IPv6 came about to deal with the shortage of IPv4 addresses.
The Internet Corporation for Assigned Names and Numbers, or ICANN is ther entity that creates and distributes all IP addresses of all formats and can be considered the actual owner of them.
ICANN coordinates the maintenance and procedures of databases. They also ensure the network continues to stay stable and perform secure operations. It distributes through the following networks:
Below is an image that displays just how the various RIRs are split up across the globe:
Image by IPv4GLOBAL
Image by RIPE
Note, when we refer to these organizations assigning IP addresses, we’re talking about IP address blocks, i.e. bundles of sometimes tens of thousands of individual IP addresses. However, blocks of IPv4 addresses have recently become limited in supply and have experienced a leap in value as an intangible commodity. Why is that?
As previously mentioned, the IPv4 address format was made up of 32 bits, which allowed for a total combination of 4,294,967,296 unique IP addresses. In the early 1980s, the popularity of the Internet was severely underestimated, and it was widely thought that this total amount of allowable IP addresses would be enough.
However, as more connected devices were created and more addresses were assigned to them with the passage of time, it became clear that this number was far too low of a limit. In short, the growth of the internet, early distribution patterns, coupled with the limitation in possible combinations of binary digits in the IPv4 format led to its exhaustion. There simply was not enough supply to go around, and we’ve reached the point where they’ve all been assigned. This is what we refer to as IPv4 exhaustion.
Image by ARIN
IPv6 came about in the early 1990s in response to predicted IPv4 exhaustion. The IPv6 format’s 128 bit structure allows for a new maximum number of addresses that is far beyond what was possible with IPv4,. Though it is still a finite amount of addresses, the number is so great that the problem is effectively solved.
Long story short, there are compatibility issues with IPv6. Namely, that devices using IPv4 addresses cannot communicate with devices that are IPv6 assigned unless a translator is involved. Businesses and organizations with large established infrastructures built around the legacy format, and with enough IPv4 addresses to absorb any growth, may be reluctant to deploy IPv6. The business case for IPv6 may not overcome the amount of time and costs required to deploy for format.
So, rather than a nation-wide migration to embrace IPv6, we have instead seen many institutions, including the world’s biggest companies, acquiring very large numbers of IPv4 addresses. The resulting demand is huge, and has led to a leap in IPv4 address value and price. Individual IPv4 addresses were transferred for ~$10 on average in 2014 but have rocketed to ~$55 each in recent times.
Tech giants and other powerful institutions have been buying them for various reasons, whether it’s because they plan to expand and want to maintain IPv4 compatibility, or otherwise. But again: technically none of these companies are the actual owners of these IP addresses. Instead, they are paying for the rights to their assignments to devices and the listing of the identifying address in worldwide directories. Because of the many nuances to the transactional aspect of IP address transfers, buyers and sellers usually find it beneficial to make use of experienced IP address brokers, like IPv4Global. Brokers facilitate these deals, sourcing buyers and sellers and coordinating the technical, contractual and financial elements of a transfer.
Eventually, the most widely-used format for IP addresses will be IPv6 as more and more companies and devices are forced to adapt to the new structure to accommodate more devices. However, with IPv4 being bought and sold so regularly and their currently high value, it’s likely to be long time before IPv4 is considered obsolete.
Want to know more about IPv4 address ownership? Looking for an IPv4 broker to buy or sell IPv4 address blocks? Visit our online IPv4 marketplace for more information.
By Leo Vegoda
September 26, 2022
Some descriptions cool the enthusiasm of any potential buyer. For instance, “as is” or “unrestored” generally raise red flags. “Fixer upper” is less than neutral, signaling the need for repair. In that sense, address blocks can be like houses: the need for immediate repair can lower their value, and along with it the price of the asset. IP address “reputation” is a key characteristic in this regard. Buyers consider the time and money required to update an address block’s reputation when bidding to buy it.
The IP addresses we use for ordinary internet services look like they are interchangeable. But they often are not. Many internet users give each IP address a reputation based on different characteristics, including the history of the IP address’ use. Changing reputations – especially repairing them – can take time and effort. Address conditions or histories that impact value include the following considerations:
Each kind of organization cares about one or more different characteristics of an address. The characteristics they care about – qualities they approve or disapprove – impact whether they’ll accept mail from or serve content to a specific address. And the history of an IP address’ use can greatly influence the utility of its sending and receiving content.
One example of reputation damage is the use of an IP address to send spam or some other form of malicious email. Often, this email is sent using IP addresses properly registered to someone else. Spammers use purloined IPs for as long as they can and move on to newly-stolen IP addresses when the first one is effectively blocked. Other IP hijackers send server malware that infects computers to cause all sorts of damage and/or extort hard cash. Eventually, they stop and leave the legitimate user of the IP addresses with a damaged asset: the IP address.
Many organizations track the behavior of each IP address connecting to their network. They use this information to decide whether they want to accept mail or web traffic from those IP addresses again. Other organizations rely on blocklists compiled by monitors of this bad behavior. It can be time consuming to be removed from one of these blocklists.
The process of email delivery is always changing. Responsible companies work to make sure that they only send email that people want to read.
Their processes change as the nature of the email ecosystem adapts. ISP Feedback Loops played an important role for years. These are a way for mailbox hosts to let senders know when readers report they don’t want a message. These loops balanced the blocklist signals used by email reputation organizations.
The Email Sender & Provider Coalition curates a selection of resources to advise industry participants.
https://www.espcoalition.org/legal-industry-member-resources/industry-resources
It is important to know how much effort it can take to update the reputation for a block of addresses. Some blocklists expire entries if they have not seen any abuse for a while. But where a current blocklist includes an address, the new owner of it or its seller must contact the operators of the lists in question. A third kind of blocking list doesn’t publish a list and an owner will only find out about the negative listing status when reports from customers appear.
One sign of possible abuse is an address block – or parts of it – being routed from multiple networks. This is especially likely if the unusual routing happened for a short time. Pakistan Telecom’s hijacking of YouTube in 2008 is a classic example of this.
IP owners can see this kind of behavior when looking at the routing history in RIPEstat. This is the RIPE NCC’s “one-stop shop” for internet-related information. RIPEstat also gives you information about the location of addresses. But while it is one source of data there are many. The ones that matter will depend on what the intended use of the addresses in question is.
For instance, an access provider will want to make sure the geolocation data is accurate so users can shop and stream as they’d expect. In contrast, a mail services provider would not want their addresses on lists used to record sources of spam, phishing and other mail abuse.
The organizations that maintain reputation lists do so to serve their customers’ needs. Those needs vary and so do the processes they use to update their lists.
The first step in any IP remediation is to make sure the information published in the Regional Internet Registry’s (RIR’s) or National Internet Registry’s (NIR’s) database is correct. Next, signing resources with RPKI will make it harder for other networks to use your addresses.
The RIRs and NIRs want owners to keep their records accurate so they make it easy to update them. Anyone can write or speak to them for help.
There are two main approaches to removal from blocklists: time-based and self-service removal.
The key to both is that any abuse that was detected has stopped. As transferred addresses will be deployed on new infrastructure, this should not be an issue.
Updating geolocation data is often the most time-consuming process. Automated approaches to sharing this data are available but Each network will make a decision based on what is most important to them. Some networks consider the time it takes to get data to your network as most important. Other networks need to consider if their content is licensed for the users of your network. This is because different services have different needs. For example, a VoIP provider cares about latency while a streaming provider might care about distribution rights. One might be happy and legally able to provide cross border services while the other might not.
Many geolocation data providers treat their evaluations as proprietary and do not publish them. But there are publicly available services. These give an indication of at least the country where the addresses are thought to be.
by IPv4 Staff
Businesses often buy IPv4 addresses to expand their connected-devices network, but don’t know how to get started. One of the best and easiest ways to find IPv4 address blocks for purchase is through various brokers. The best of them has online marketplaces and/or auctions. Some will also manage a transaction based on a buyer’s or seller’s custom terms or when privacy is required. One should conduct some research on the broker of interest to ensure the provider is a registered, and therefore trusted, entity (e.g. IPv4.global).
Different purchase options exist, such as public auctions, private sales, “buy now,” and leasing. Private sales usually involve negotiating with and buying a block of IPv4 addresses directly from a particular entity. Experienced brokers will find buyers, source supply and facilitate transfers. “Buy Now” options can be found for nearly any block size on some IPv4 marketplaces (again, e.g. IPv4.global). This feature saves the time and trouble of auction bidding. It also provides a fixed price that can be approved prior to the purchase. Leasing involves “renting” IPv4 addresses, which is usually the best fit for those with uncertain long-term needs and/or cash flow pressures. Sometimes buyers do so as an interim solution to growth needs while converting to IPv6.
But how do I buy IPv4 addresses in public auctions? What does it mean to own an IPv4 address after purchasing? How long does it take before ownership is transferred? Are there any other concerns? Let’s take a closer look at some of the answers to these questions.
As we mentioned in the previous section, the best way to find legitimate IPv4 address marketplace or auction is through an IPv4 address broker registered with the American Registry for Internet Numbers (ARIN) or equivalent entity (RIR) based on region. Companies may also have to register themselves as buyers with whichever broker they choose.
From there, one can browse the listings and different options the broker offers. Some marketplace and auction platforms conduct simultaneous auctions and sales. That is, one can “buy now” and avoid engaging with the auction or bid in an effort to win the addresses. Online markets of this kind often present their inventory of offerings this way:
Image from IPv4.Global
This may look different depending on the broker, but functionality will likely be similar. Often, once a user has registered with a broker, access to detailed information on individual blocks becomes available. This information is often screened from public view.
A reputable broker will vet buyers and sellers prior to admitting them to their online marketplace. This assures everyone of legitimate offers to buy and available inventory being sold. What’s more, confirmation of other business factors may be part of the registration process. In some cases, brokers will individually manage a transfer and facilitate communication between buyer and seller to make sure everyone is on the same page before a deal is finalized. Online, prices are generally shown to all registered users and one is free to browse for the best fit.
Strictly speaking, after someone purchases an IPv4 address block, they are not the direct owner of this asset. Organizations like the Internet Assigned Numbers Authority (IANA) and the Internet Corporation for Assigned Names and Numbers (ICANN) can be thought of as the owners of all IP addresses, as they are the entities that create and distribute them to various regions of the world. So, what does this mean when someone wins an IPv4 address auction or buys an IPv4 address block from another company?
Essentially, the buyer is purchasing the registration rights of the IPv4 address block, i.e. their unique assignment to connected devices, which will be transferred to the buyer from the seller after the deal is given the ok by the appropriate Regional Internet Registry (RIR).
Which is to say, individual IP addresses aren’t actually “owned.” Instead, possession includes the right to a unique registration of each address in directories of addresses, worldwide. It’s those directories that control data routing. “Ownership” amounts to the right to use that unique address and to receive data addressed to it.
All transfers of ownership must be approved by the RIR and they will allocate them accordingly after a sale has been confirmed. Basically, after a deal is concluded between a seller and a buyer, it’s up to the RIR to re-assign these addresses in their systems so they acknowledge that the buying party and its devices are now using (or are entitled to use) the IPv4 addresses purchased. This process takes some time, and buyers will have to provide information to the RIR that involves transparency with how they will use the acquired IPv4 addresses alongside their current IP address assignments.
The amount of time the transfer process takes varies depending on the situation. Buyers may take some steps for pre-approval, which will save them time during the transfer, but as a rule of thumb they can take anywhere between a few weeks to a few months, sometimes longer.
To learn more about the process of transfers, in RIPE and ARIN, consider these blogs:
Some brokers serve their clients by providing Transfer Analysts to smooth the transfer of IPv4 blocks to their new owners. Their expertise can assist in simplifying the closing process at ARIN, RIPE, APNIC and LACNIC.
By Peter Tobey & Leo Vegoda
August 11, 2022
From time to time a party can get out of control. Raucous celebration can become careless, even destructive. Combine a critical number of young people, a certain amount of beer and lots of music and damage often happens. Partygoers leave a mess behind them.
The same thing happens to some IP addresses. Malicious actors use IP addresses properly registered to someone else. They send spam using the purloined IP for as long as they can and move on to newly-stolen IP addresses when the first one is effectively blocked. Other IP hijackers send server malware that infects computers to cause all sorts of damage and/or extort hard cash. Eventually, they stop and leave the legitimate user of the IP addresses with a mess on their hands.
People rob banks because there’s money in them. Hijacked IP addresses are tools used in malicious, often illegal and sometimes very profitable businesses. Senders of content infected with malware or those involved in stealing others Internet users’ identities. Some spam just preys on the gullible. To reduce the amount of emailed spam, system administrators maintain a database of addresses reported to be sending unsolicited bulk email, phishing, or engaged in other malicious activities. The senders of such email are blocked from doing so via publicly available “reputation” data that allows the system to block the IP address of known bad senders of email. (See IP Address Reputation for more information.)
Hijackers use several methods to take control of addresses
They look for addresses that are not used on the internet. This is often the case when organizations use IPv4 addresses for private networks, such as a factory network controlling manufacturing robots. Private networks are not directly connected to the internet. Hijackers can use the addresses on the internet without disrupting the private network. Sometimes addresses are not routed because the registrant is no longer in business.
Universities were among the earliest recipients of IP address space. Often, they would get many more IP addresses than they could ever use. This is because the technology available at the time only allowed three sizes of network: small (256 addresses), large (65,000 addresses), and massive (16 million addresses). So many universities have large amounts of unused address space. As an unused resource it is both an asset and a liability – as it is easier to hijack.
Hijackers look carefully at the details in the public information available in regional registries. Many older registrations were made in a more relaxed era. If the registration has not been updated for many years, there could be data missing that allows another kind of attack.
For instance, if an IP address was registered using a shortened form of an organization’s name there is an opening for an attack.
The attacker could try and forge a Letter of Authority, which would be used to convince a transit network to route the network on behalf of the hijacker. These are simply letters that give a named organization or individual authority to do something. They are often used when ordering cross connects in data centers – but also when making routing announcements.
Forged paperwork can be used to get operators to accept a routing announcement from a malicious operator. More seriously, forged paperwork has been used to try and get registries to give control of a registration to a hijacker.
ARIN and the RIPE NCC started talking to network operators about the problem almost 20 years ago. They asked network operators to make sure that they reviewed and updated their registrations. Putting useful contact information in the public registry doesn’t just help the registries. Other network operators rely on that information – particularly the contact information – when they perform due diligence checks.
The RIRs and the broader network operations community have also encouraged the use of Internet Routing Registries. Network operators use these IRRs to share key information. The most important information is which network should be announcing a block of IP addresses. They can also use IRRs to share detailed routing policy, like connections between networks.
The improvements in due diligence checks have been helpful. A lot of hijacks didn’t happen because of them. That pushed some bad actors to try other approaches. But even more sophisticated attacks were detected and prosecuted with the help of law enforcement.
The fundamentals have not changed. But the community has added new approaches and refinements over time. These help protect against some but not all types of hijacking events. The three top priorities are:
Make sure the registry always has accurate contact information for your organization. They should be able to contact you about requests to make changes. The postal address should be able to receive postal mail.
Email should go to role accounts or ticketing systems rather than someone’s personal inbox. Individuals take time off (or change jobs) and are more likely to miss important messages from a registry.
Publishing your network’s routing policy in an IRR helps other networks filter out malicious use of your addresses. The community maintains open source tools to help network operators use the IRR. There is also a low-traffic email discussion forum where people can ask questions.
A friendly website for exploring what’s in the IRR, complements these command line tools.
The Resource Public Key Infrastructure uses digital certificates to publish which networks can announce a block of IP addresses. RPKI tooling is now quite mature. The US government’s RPKI dashboard shows that almost 40% of the IPv4 space is both RPKI signed and that the routing behavior matches the certificate.
Many organizations track the behavior of each IP address connecting to their network. They use this information to decide whether they want to accept mail or web traffic from those IP addresses again. Other organizations rely on blocklists compiled by monitors of this bad behavior. It can be time consuming to get off one of these blocklists.
During that time, you or your customers might be unable to send email. Your users might have reduced access to banking services and online commerce. Plus, if you wish to transfer a block of addresses with reputation issues you may find buyers unhappy with your wares.
There are two stages to cleaning up a problem to make addresses as attractive as possible to potential buyers.
Firstly, regain control of your address space and correct the registration problems. This means:
Working with the registry to update historic business information can take some time. Registries work hard to make sure that your request to update the company name is not an attempt to steal addresses.
Secondly, use a tool like MX Toolbox to see which blocklists have an entry for your address space. Some blocklists automatically remove entries when abuse stops. For those that don’t, follow the process on their website to have your IP removed from their list.
Some blocklists charge a delisting fee, also known as a ransom fee. Most network operators consider delisting fees to be unacceptable.
If you get stuck and need help, engage with the Mailop community.
By Leo Vegoda
July 27, 2022
Electricity was the 20th century’s essential utility. It remains essential, of course, and electricity’s growing role in everything from heating to transportation means providers, including electrical co-ops, are at the center of the era’s growth. In parallel is the newest must-have “utility” – Internet access. It is the 21st century’s new essential and is growing alongside electricity’s role. Electrical co-ops can provide both to everyone’s benefit.
The National Rural Electric Cooperative Association (NRECA) estimates that there are 6.3 million households in co-op service areas without broadband. Reliable internet access could give them an average of $2,000 in economic benefits each year. NRECA estimates that it’s worth $70 billion in economic value to the communities that co-ops serve when calculated over 20 years.
The means to add broadband to existing systems is readily available. Wires are already in place. In response to this opportunity, beginning in 1982, SkyWrap technology enabled electricity transmission networks to add fiber optic cables. This cable is helically wrapped onto existing overhead power lines. The small cable offers minimal load and low environmental impact. To provide the same access when the existing power lines are supported only by wood or concrete poles, the lighter AccessWrap technology now does the same thing. Electricity co-ops now have a low-cost way of bringing high-speed internet access to their existing customer base.
These technologies matter for a number of reasons. Primarily, though, building a network is expensive. So, when a network exists it’s important to get the most value from it for both the operator and customers. That’s particularly important for co-operatives because they are owned by their users.
Fortunately, last year’s bi-partisan infrastructure deal allocated $65 billion to deliver broadband to rural communities and low-income urban residents. $42.5 billion is reserved for a broadband grant program administered by the states.
The amount of data sent over Internet Protocol networks grows year over year. But there’s one resource that cannot grow: IP addresses. An IP address is a unique identifier for a device on a network, including the internet. IP stands for Internet Protocol which is a set of rules (a protocol), for addressing and routing data so it can travel through networks and arrive at its intended destination. Hence, “address.” Each Internet-connected device has a unique IP address.
The most widely deployed version of these addresses is IPv4 (Internet Protocol Version Four). Its designers gave it a maximum of about 4.3 billion addresses. We can only use about 3.8 billion of them for ordinary internet services. This presents a challenge because there are about eight billion people on earth and many of them use multiple devices. Demand for internet access is only growing but the pool of IPv4 addresses is fixed.
We can tackle the problem in two ways. The first is to make ever more careful use of the IPv4 address space. Network Address Translation (NAT) is one approach that allows users to share addresses. Many networks do this at considerable scale.
Another approach is to deploy IPv6. IPv6 is very similar to IPv4 but has far more addresses available to network operators. But IPv6 is not universally deployed. About half of Google’s US traffic comes over IPv6. But there are many developed European economies where 10% or less of Google’s traffic is IPv6.
Plus, access providers need to offer an IPv4 service because most of the top-ranking websites aren’t served over IPv6. At the start of July 2022, almost three-in-four of these top-ranking websites were only available over IPv4.
New networks need to deploy enough IPv4 addresses to deliver a reliable internet access service to all kinds of users. There are three considerations.
Large Scale NAT, also known as Carrier Grade NAT, may seem attractive to co-ops because it allows each unique address to service multiple subscribers. But sharing addresses between subscribers can be challenging for some services and can increase support costs.
SIDN, the Dutch ccTLD operator, reported Brazilian research into CGNATs in 2019. They found lots of different problems. Gamer forums in 2022 are full of questions about problems with CGNAT and the PlaysStation network. There are new vendor articles on fixing configurations being published, and David Anderson has described some of the architectural problems on APNIC’s blog.
Configurations in one network can impact another networks. Even unjustified decisions from major content networks can have an impact on a co-ops’s subscribers ability to use their internet access to login to their bank or watch a TV show. Blocked IP addresses and any number of other challenges can interrupt local service. So, having enough surplus address space to replace misclassified addresses is useful in keeping subscribers happy by providing uninterrupted service. Put simply, reputation problems become customer service problems and can also increase costs.
Deploying IPv6 alongside IPv4 takes some extra effort but it can be helpful. If your provider decides to have multiple subscribers share each IPv4 address, shifting some of the internet traffic to IPv6 can help improve the overall service quality. This is because more ports—equivalent to a radio frequency—are then available to each subscriber.
But this comes at the cost of some added complexity. There are two network protocols active. This means more configuration and more monitoring.
The organizations that manage the distribution of IP addresses, regional registries, are keenly aware there are not enough IPv4 addresses to go around. Plus, they are aware NAT and IPv6 solutions are not complete responses to the problem and will not – alone – avoid an addressing crisis. So, these governing bodies developed policies to enable transfers of addresses between organizations. Which means those with more IPv4 addresses than they need can transfer them (at a price) to those who need additional addresses.
In the early development of the internet there appeared to be virtually unlimited amounts of IP addresses. Many institutions today have 65,000 or more IPv4 addresses but only use a small fraction of them. So, the holders of these addresses are selling the rights to them.
IPv4.Global has an auction service that connects buyers and sellers of IPv4 addresses. We help organizations use IP addressing to achieve their business goals.
By Leo Vegoda
August 1, 2022
In four out of the five RIR regions, there is no more IPv4 space left in the free pool. You can only get IPv4 addresses from a waiting list or from the transfer market. For those in need of these addresses, the critical question is how practical and effective are these queues?
We recently reported that the RIPE NCC’s waiting list is now 18 months long. LACNIC estimates that the last requesting organization on its list will get addresses in 2027. If ARIN’s July 2022 allocation is a predictor of the future, it will take two years before the organizations on the list have some addresses.
Any organization that needs IPv4 address space in the near future must turn to the transfer market. The alternative is a long wait for very few addresses. The market can supply more IPv4 address space more quickly.
RIRs created waiting lists to provide a way to distribute IPv4 address space that is returned to them. The operating assumption in this creation was that networks with more addresses than was needed might return them to an RIR for reallocation. However, two factors greatly limited the pool of returned addresses. The first and most obvious was the steady increase in the open market value of these addresses. Those with IPv4 addresses are – understandably – reluctant to give away something of considerable value. In addition, those that are returned tend to be from organizations that stop operating altogether.
AFRINIC does not operate an IPv4 waiting list. Organizations can get between 256 to 1,024 addresses, depending on need.
New APNIC members – and only new members – can get up to 512 addresses. It closed the waiting list to existing members in 2019.
ARIN will not allocate space to organizations that already have 4,096 or more addresses. Organizations with less than this can get between 256 to 1,024 addresses, depending on need. If they are approved for 1,024 addresses, they can accept a smaller amount if a precise match is not available.
LACNIC members who already have IPv6 space can get on a waiting list for an initial IPv4 allocation. Organizations can get between 256 to 1,024 addresses, depending on need. If they are approved for 1,024 addresses, they can accept a smaller amount if a precise match is not available.
Organizations cannot transfer address space allocated through LACNIC’s waiting list. LACNIC manages it on a first come first served basis—they do not allow places to be traded.
The RIPE NCC operate a waiting list that serves new members only. They can each get exactly 256 addresses and no more.
The amount of address space flowing back to an RIR is not a constant. Demand for addresses via the waiting list can vary based on economic activity and even attempts to game the system.
The RIPE NCC predicts that organizations applying to its waiting list will need to wait 18 months to receive an allocation.
ARIN has not made a prediction, but it allocated space to 41 organizations in July 2022 and there are 343 organizations waiting. It would be another eight business quarters before they’ve cleared the current waiting list if they continue at the same rate.
LACNIC has over 800 requests in its queue. In July 2022 the oldest entry on its list was from December 2021. LACNIC estimates that the last request on its list will get some addresses in 2027.
RIRs only provide enough IPv4 address space to get an organization up and running. 256 addresses is enough for a small network with some core infrastructure, like a website and a mail server.
When more is available, it is not enough to provide access for a large number of servers or subscribers—even with Large Scale NAT.
One option is to focus on deploying IPv6. That is why LACNIC requires organizations to have IPv6 as a condition for entry to its waiting list. But IPv6 deployment varies around the world. Google gets more than 70% of its traffic over IPv6 in France but under 1% in most of Africa.
Fewer than half of the top 1,000 websites can be reached over IPv6. For a large subscriber network, managing traffic to those sites is likely to stress any kind of address sharing technology.
Getting some IPv4 addresses for a fixed term is one way to meet an immediate need. As an operational cost, the up-front pricing is generally lower. But there are no guarantees that the organization offering the addresses will renew the lease. And if they do, the pricing could change.
This is an approach that works well for projects that only need resources for a fixed term.
The best long-term option is to get IPv4 addresses from an organization with more than it needs. Four of the five RIRs have policies enabling market-based transfers of IPv4 addresses. The market rewards organizations with an excess when they transfer addresses to one who does not have enough.
IPv4.Global runs an online sales platform. You can buy address blocks at a fixed price or bid in an auction. If you need to buy large blocks of IPv4 address space, the firm offers privately negotiated purchases. IPv4.Global has assisted in over 3,000 transactions.
July 29, 2022
When Mike Sendall read Berner-Lee’s memo he noted on it, “Vague but exciting.” The memo was titled, “Information Management: A Proposal.” Sir Tim (as he would eventually be known) wrote the memo to propose a system that would help his co-workers at CERN (a nuclear physics lab) share information. He was 33.
Tim Berners-Lee described his idea as, “a large hypertext database with typed links.” He called the system “Mesh.” Following Sendall’s approval, he developed his initial flowchart into a working model. From that plan he wrote the first version of HTML. And the HTTP application. Plus, a browser and page editor. By 1991 the web was running on servers and in use at CERN.
The diagram from the first page of Tim Berners-Lee’s proposal for the World Wide Web in March, 1989.
Berner-Lee’s “web” wasn’t the internet. That had been around for over 30 years. What his creation added was HTML, the idea of URL addresses and the hypertext transfer protocol (HTTP). His design also made the whole thing decentralized, which may have been the key idea in the proliferation of the system.
As with most great developments in their early stages (the wheel, penicillin, and umbrellas for example), the web had some fun facts associated with it:
Lift a glass – perhaps a CIDR glass – to World Wide Web Day.
By Peter Tobey & Leo Vegoda
June 21, 2022
Anything we own or control can be considered property. Land and buildings are obvious examples of this. But intangible properties like brand names and logos have value and are considered property, too.
Some of the things we regularly refer to as property are slightly more complicated. Frequently property that is intangible has control or ownership subject to terms that differ from more “normal” assets. For instance, most internet names and numbers are provided on fixed or indefinite term contracts. The contract provides a right to an entry in a register. The register is an official record of the association between the registrant and the resource.
The root registry for internet resources is the Internet Assigned Numbers Authority, or IANA. It is the root for all registers for names, numbers, and internet protocols. For instance, web traffic uses a protocol called HTTP. The HTTP protocol uses ports – the internet equivalent of a radio frequency – that have to be registered so they are not used by other protocols. IANA maintains and publishes all those protocol registries.
Each register has a manager. And those managers need to cover their costs. We have to pay registration fees for Internet Number Resources, like IP addresses and AS Numbers.
There are now five regional registries for Internet Number Resources and they charge a range of different fees.
Early in tlhe development of the internet, DARPA (the original, organizing body) contracted with the University of Southern California’s Information Sciences Institute, to perform all IANA functions. They registered the identifying numbers used for all interfaces (locations) on the internet. We call these numbers IP addresses. But the growth of the internet called for change.
The internet was growing up. In 1992, the National Science Foundation allowed commercial traffic on the internet. This change in policy led in two directions. Firstly, more networks from across the world would connect to the internet. Secondly, the US government did not want to pay for centralized record keeping for the domain names and IP addresses. So, US government policy pushed for privatization of the internet’s administrative needs. In October 1992, RFC 1446 called for the “distribution of the registration function” to serve “a more diverse global population.”
Internet network operators worked together to regionalize the registry function for Internet Number Resources. European operators created the RIPE NCC in April 1992. Asia-Pacific network operators formed APNIC, which started operations in January 1993.
The US government announced the privatization of the numbers registry function, through the creation of the American Registry for Internet Numbers (ARIN), in 1997.
We now have five Regional Internet Registries (RIRs) running registries for IP addresses. In some regions we also have National Internet Registries (NIRs) supporting them. National Internet Registries operate under the umbrella of an RIR but serve a specific country. This allows network operators in that country to speak to someone in their preferred language. They can also contract under local law and pay for registration services in the local currency.
There are seven NIRs in the Asia Pacific region and two in Latin America.
Latin American and Caribbean network operators formed LACNIC in 2001. It gained formal recognition in 2022. The same process followed in Africa and AFRINIC gained recognition in 2004.
Each RIR or NIR has its own fee schedule. They charge three main fees:
Most organizations will only pay the annual membership or non-membership fees.
Membership comes with a right to manage the RIR by voting. Organizations that rely on the smooth running of RIRs take this responsibility seriously. But some organizations are not allowed to be members of other organizations. Others just don’t want to get involved in governance.
The members of each RIR elect a board. Each year, the board proposes or sets a fee schedule. In some regions the RIR has authority to set fees itself. In other regions, the board proposes a fee schedule to its members and they vote on it.
Some people would see setting fees for IP addresses as a boring activity. But the diverse global population foreseen in RFC 1446 exists. Changes in the size of fees and the ways they are charged can generate significant interest from the internet’s multi-stakeholder community.
This chart shows what each of the RIRs would charge in 2022 for 65,000 IPv4 addresses, often known as a Class B.
Both the composition of the fee schedules and the size of the fees differs dramatically between RIRs. The RIPE NCC has abandoned differentiated fees for one low fee paid by everyone. In contrast, APNIC has a base fee and applies additional fees and discounts based on how much address space an organization has and where they are located.
The RIRs review their fees each year. Fees are likely to go up in 2023.
AFRINIC has seven levels of membership fee and seven levels of fees for the Internet Number Resources it manages. These range from a combined USD3,150 to USD48,400.
Non-member organizations pay between USD200 and USD2,500 each year.
AFRINIC policy only allows for transfers resulting from mergers and acquisitions.
APNIC charges a base membership fee of AUD1,180. It then applies a formula that accounts for how much address space an organization holds. It halves this fee for organizations based in the Least Developed Countries.
The smallest annual fee is AUD1,180. A /16, also known as a Class B, would cost AUD9,626.
There is a AUD500 sign-up fee.
APNIC charges a fee for transfers. It charges 20% of the annual membership fee for a block of that size.
ARIN has capped its fees to holders of legacy resources to USD150 in 2022. It has stated that it will raise the cap by USD25 a year.
It has 11 fee levels for organizations that have signed its registration services plan. These range from USD250 to USD256,000.
ARIN charges USD500 for transfers.
LACNIC has 23 fee levels for member organizations with IPv4 resources. These range from USD600 to USD365,000. Non-members pay either USD2,500 or USD5,000 for the initial assignment, depending on the size. Then, they pay USD600 each year.
LACNIC offers a discount for paying fees within 30 days.
LACNIC does not charge a transfer fee.
The RIPE NCC has a one-size-fits-all style fee schedule. Holders of legacy resources pay the same as regular members. In 2022 the flat charge is €1,000 to sign up and €1,400 for the year.
The RIPE NCC does not charge a transfer fee.
The RIPE NCC redistributes money to its membership when it has a surplus.
By Leo Vegoda
June 14, 2022
The last few years have shown us how the internet shrinks distances between distributed teams, organizations and families. This poses a challenge for some organizations.
Many of the business relationships and contractual agreements involving the internet have geographical implications and restrictions. Many organizations need information about the physical location of an IP address that may be accessing content of one kind or another. This matters to anyone operating a network. It is most important for networks that get new address space. If your IP addresses are mapped to the wrong country or city for your users, it can be a painful experience for you and them. In other words, an IP must have accurate information about its location.
Recently, the Regional Internet Registries and National Internet Registries (the RIRs and NIRs, see here) have not been able to distribute more than a tiny number of fresh IPv4 addresses to network operators. They implemented these policies to give new market entrants enough IPv4 space for core infrastructure. So, organizations that need additional IPv4 for more than core infrastructure need to transfer addresses from other organizations that don’t have a need for their entire supply.
In the 1980s it was not possible to give networks the precise number of addresses they would need. Many organizations got much larger blocks than their actual requirements. The alternative to distributing too many was to provide too few. Since there was plenty of space available, surpluses were provided to nearly anyone in need. Today, many of these early internet adopters are transferring their excess IPv4 address space to expanding networks.
Lots of databases track every IPv4 address. They record its reputation and its location. And the location is very important if the source and destination of a transfer are distant from each other.
Locating addresses has been an issue for many organizations for years. Network operators want their users to have access to locally relevant services. They want them presented in the right language. And they want content served from nearby for lower latency and potentially lower transit costs. But, when an IP address transfer occurs, updating a database of the address’ locations manually is time consuming and error prone.
So, the IETF created a simple protocol. The file format is CSV – so you can manage data in any spreadsheet or manually. Networks can control the information they publish about their geographic locations. Service providers can regularly check for updates.
IP address owners control where they publish data about their addresses. They control the granularity of the data, too. For instance, one can list a country, a state, or just a city. If a user splits his or her addresses between multiple locations, they can publish different location data for each part of a network.
There are three steps to publishing geographic feed information.
If you want the organizations pulling this data to regularly refresh it, configure your web server to send an “Expires” header. That way, the user will know to check back to see if the data has changed. This is important if your network moves around the world or if you need to move addresses between sites regularly.
One could publish very specific data by including a postal (ZIP) code in the file. RFC 8805, the document that describes the format, strongly cautions against providing data that risks the privacy of individuals. City level data meets the needs of most internet users and service providers.
RFC 9092 describes how to link to a file from the RIR or NIR whois data. RIPE NCC and some other registries have a special “geofeed:” field for this. ARIN does not, so you can link it from a comments field.
Another option is to look at the older “geoloc:” attribute available in the RIPE database and other RPSL-based registries. It works by listing the latitude and longitude for your network in decimal coordinates.
It is very widely used. There were over 35,000 “geoloc:” entries in the RIPE Database in April 2022. But it’s more complex to manage because you need a separate database entry for each location. That could mean a lot of database updates to manage. This, along with the other improvements, is why RFC 8805’s protocol was developed.
Technology is changing to give network operators ways to communicate data in structured and automated ways. But automation is not always perfect. There remain important ways to locate IP data manually instead of using automated processes.
RFC 9092 is new. It was published in July 2021. Many of the shopping, streaming, and financial services sites used by consumers have adopted the new protocol. But not all have. The Brothers WISP is a great resource for consumer ISPs whose address space is rejected by local content distribution services, like video streaming or gaming platforms. They publish a regularly maintained list of databases that manage IP address to location mapping.
If that doesn’t work, asking on a NOG list can help. Other network operators who’ve solved similar problems will share their experience.
By Leo Vegoda
June 10, 2022
The connection between subscriber sites and the central office is the most expensive part of an access network. If you have an existing network and subscriber base, then you have an advantage. Deploying the physical cables is a significant part of that cost. But other elements include getting the right to do so, planning the deployment, and getting potential customers signed up.
Phone companies pioneered access in the early 1990s because the internet required telephones and modems. But technology has moved from a system based on calls to always-on access. Enter the power company.
Advanced metering is a new technology that goes beyond the original metering function of recording how much of a utility service, like electricity, is used. New systems record when the consumption happened. This empowers the subscriber to make better decisions about when to use devices. It also means the utility provider can introduce time-of-day charging and other innovative services.
Utility providers around the world are switching from mechanical to smart meters. These generally need an internet connection. Existing utilities have an advantage here as they already have cables going into the subscribers’ premises. They can provide both advanced metering and subscriber internet access.
IP addresses are the numerical identifiers for network interfaces that send and receive data. IP addressing is a key issue for utilities deploying integrated advanced metering and internet access. This is because there are now far more networked devices than IPv4 addresses.
The most widely deployed internet addressing protocol is IPv4. It has just 4.3 billion addresses, with only 3.8 billion of them available for use by ordinary internet devices. This means there are far more people than addresses. But most people use more than one device, each with an IP address.
In the late 1990s, when there were lots of unused IPv4 addresses, the minimum allocation to a network was over 8,000 addresses. Today, none of the Regional Internet Registries will allocate more than 1,000 addresses to each new member. Quite simply, the supply of newly-distributed IPs has been almost completely exhausted.
The free pool is effectively empty. The last big block of addresses left the central registry, known as IANA, in 2011. The Regional Internet Registries will allocate some small blocks to get new market entrants up and running. But these small blocks of addresses aren’t enough to run a full subscriber network. So, what are the cooperative’s options?
How can one get enough addresses to connect both the meters and the subscribers? If both the meter and subscriber’s router need an IP address the network would need at least two addresses for each premise.
One option is to hide many subscribers behind a single unique IPv4 address. This is similar to how many devices can share a single public IPv4 address to connect to an access provider. The method is called Network Address Translation, or NAT. Access providers can deploy NAT at scale, something known as Carrier Grade NAT, or CGNAT.
There are several alternative approaches available. Each has its own advantages and cost structure. The key factor that binds them all is that they only allow the subscriber to use IPv4.
Another approach is to use a combination of both IPv4 and IPv6. IPv6 is similar to IPv4. The most significant difference is that it has a much larger address, built around a 128-bit address space. It’s hard to understand such a large number. It is not limitless, but big enough to have huge amounts available for at least another century.
IPv6 presents both an advantage and a challenge. IPv6 is plentiful, so a network provider can get all the addresses they could reasonably need. This means an access provider can give all subscribers as much address space as even the largest users would need. And they can have a separately managed network for advanced metering.
The challenge is that a significant proportion of internet traffic still needs to use IPv4. This means the provider needs to manage both IPv4 and an IPv6 network. So, IPv4 access is required.
One approach to this is a technology called 464XLAT. It allows a network operator to connect subscribers using an IPv6-only network but give them access to IPv4-only services. This technology uses the customer premises equipment as a translator. Tailscale’s David Anderson has written an excellent four part blog series on NAT traversal technologies.
Even with a chosen technology and a core network, it’s likely that the address space available from the RIRs won’t be enough. We can help solve that problem. We connect buyers and sellers. We offer expert advice in pricing, the transfer process, and can provide help with renumbering and other engineering tasks.
By: Mina Karimi, Transfer Analyst – IPv4.Global
June 9, 2022
Pricing of IPv4 addresses over the last few months has taken an interesting turn. In recent years, the price per address for small blocks (/17 and smaller) has been greater than the price per address of large blocks (/16 and larger). June 2020 through August 2021, the price gap between large and small blocks ranged from 2.4% to 17.5%. This dynamic led to sellers breaking up /16 blocks to be sold in multiple transactions of smaller blocks since this netted more per address for the seller
Data from IPv4.GLOBAL. To see historical monthly snapshots like the above, go to https://live-ipv4n.pantheonsite.io/all-ipv4-pricing-data/.
2022 has seen the inverse of that, with larger blocks selling for a higher price per address. May 2022 has seen the continuation of this trend with an average price of $54.47 per IP address, up from April’s average of $54.25 per address (See the figure above). Conversely, while the price for large blocks has been experiencing an increase, small and medium sized blocks have been decreasing in price through 2022. This resulted in a widened gap in prices after December 2021 of 1.1% in January 2022 to 7.5% in April 2022.
Given this trend, buyers and sellers may want to adjust their buy/sell strategies and make appropriate adjustments. Current trends indicate that the price of large blocks will remain higher than small and mid-sized blocks in the short term as high demand for these large blocks encourages a higher price per address.
With the current pricing pattern, both buyers and sellers should reassess their strategy to better reflect their needs in the IPv4 market. For instance, buyers may ask themselves if it is a better strategy to purchase four /18s for a lower price or one /16 which may be more convenient, could be completed faster, and incur only one transfer fee. For a seller who owns a /16 and only uses a small portion of this space such as a /20, should they buy a /20 and sell the entire /16, or should they sell the unused portion of the /16 in smaller blocks?
The best strategy for a buyer or seller depends on their needs and the market. Since the market is fluid, with changes occurring regularly, it may be advisable for anyone considering the market to monitor it regularly. IPv4.GLOBAL’s online market and its full historical record of prices is available online.
The support team at IPv4.Global can help you with any marketplace questions and can help execute a strategy that best meets your needs. Contact us at (212) 610-5601 or support@ipv4.global.
Buyers of /20 to /17 blocks continue seeing bargains, while other sizes have held fairly steady with strong volume. Holders of /16 and larger are in the best market ever.
By Leo Vegoda
May 31, 2022
A network can fence its own IP addresses or block specific external ones from access. Administrators frequently block access to their own IP addresses to bar unwanted access to content. Individual IPs or blocks of IPs may also be blocked due to unwanted or malicious behavior.
IP address blocking prevents a specific IP address or group of IP addresses from connecting with a server, computer, or application. In general, IP addresses are blocked to prevent unwanted or harmful sites or servers from connecting with an organization’s network, or an individual’s computer.
Alternately, all external access may be blocked. An example is blocking anyone on the Internet trying to reach my accounting server.
IPs inside an organization’s system can also be blocked. For example, a hospital can block internal IPs to protect confidential data from network users who shouldn’t have access to that information.
An outbound block is sometimes required, too. For instance, an accounting server, infected with a bot, may be blocked from trying to reach a command server.
IP blocking becomes problematic when a person or company wants to block an address that’s part of a group. When you want to block a specific IP, the entire group of IPs it belongs to must also be blocked.
A good example is the country of Nigeria. Because so many Internet scams originate in Nigerian IP addresses, many – sometimes all – Nigerian IP addresses are blocked. And so, Nigeria’s legal businesses and Internet users have suffered as a result of mass IP blocking.
Scams are a common reason for IP address blocks but there are countless other reasons for blocking an IP address or group.
Software known as a firewall blocks access based on IP addresses. These applications examine source and destination IPs in every packet of data on a network and compare each to its list of blocked addresses. If the packet matches an IP on the list, it simply discards the packet.
For instance, if a lot of spam is received from a mail server at one address, it may get added to a list. Other lists might include IP addresses that allow any inbound communication (vulnerable to exploitation), or IP addresses that have been used for botnet attacks. These collections of identified bad sources are commonly referred to as Reputation Block Lists, or RBLs. Network or server administrators may decide to block any IP address on certain RBLs.
A similar issue arises with IP addresses that are vulnerable to hijacking as open relays or proxies. These, too, are often included on lists of IPs to be blocked.
Being listed on an RBL lowers the value of IPv4 addresses. While RBLs aren’t universally implemented, inclusion on one or more of them results in an IP being blocked for those who do deploy the RBL.
You’ll have to wait about 18 months to get IPv4 addresses from the RIPE NCC’s waiting list. This is the news from the RIPE NCC at RIPE 84. So, the open market is the only practical option for organizations who need IPv4 addresses they can use now.
The RIPE community created the waiting list to give new market entrants access to some IPv4 space. Unfortunately, some RIPE NCC members have multiple accounts and take multiple slots of the waiting list. Some members have 10 or more accounts. These members took more than half of waiting list slots at the end of 2021. They take just a quarter of them now, with over half going to members with just one account.
People at RIPE 84 discussed options to address this issue. They included running two queues. The first queue would be for members who have not got any IPv4 space before and the second would be for those who have.
Some people see approaches like this as attractive. But they would be complex to implement. We are unlikely to see changes to the waiting list.
If you need any amount of IPv4 address space, you can get it through the market. We run an auction platform with transparent pricing: find out more at www.ipv4.global/
Or call us on +1 212-610-5601 to discuss how we can help you.
The RIPE NCC reported problems when organizations buy IPv4 unofficially. In some cases, recipients contract for address space that was not allowed to be assigned to another organization. For instance, when the official registrant of the space no longer exists and the user is now in limbo.
The RIPE NCC does not make holders of Provider Independent address space contract directly with them. They can contract with a Local Internet registry, which could be a local ISP.
The RIPE NCC only found out about the improper sub-assignment of the address space when a customer of the Local Internet Registry went out of business. The RIPE community set a policy stopping the RIPE NCC from transferring the addresses to the actual user.
One option is for the user to join the RIPE NCC but this is often more expensive than the user planned.
IPv4.Global can help organizations get the IPv4 address space they need legitimately. It will be properly registered to them with the RIPE NCC.
Contact us for help in getting the IPv4 space you need: https://live-ipv4n.pantheonsite.io
Some organizations have 256 IPv6 addresses allocated to them. They then need to register the addresses they use in an assignment. This is a legacy from the early years of the internet when most organizations connected through ISPs and used the ISP’s IPv4 addresses.
The problem is that an assignment must be smaller than the allocation it comes from. This causes two problems. The registry doesn’t always hold good contact information for the addresses. That makes it harder to resolve technical problems.
It’s also a problem for organizations leasing blocks of 256 addresses. Registering two lots of addresses is confusing – and in some cases nothing is registered at all!
RIPE’s Database Task Force recommended a change. The Address Policy WG discussed at concept for policy proposal at RIPE 84. The proposal would relax the rule to register assignments for one’s own infrastructure.
There was some support but others felt the key problem was a technical limitation. They want that problem fixed.
At RIPE 84 we learned that about 2 million people have information about them registered in the RIPE database. This is a problem because these people can’t fix technical problems. Listing them makes it harder to find the people who can.
The RIPE database is for connecting teams who can resolve technical problems. They can use addresses like technical@example.com in their entries. They don’t need to list a person’s name or their email address.
A policy to address this problem will be drafted and presented to RIPE’s Database WG. But fixing it will need work from the ISPs that publish the data as well as the RIPE NCC.
By Leo Vegoda
All devices that connect to the internet need unique addresses. The number of IP addresses is limited, creating a demand for addresses worldwide, particularly from the cloud computing industry. This demand has raised the value of IPv4 to levels that the internet’s original developers didn’t predict, in part because the internet was considered an experiment at the time. Of course, use – and so demand – has exceeded anyone’s realistic expectations.
Growing demand for globally unique IPv4 addresses from infrastructure companies means their value has gone up. In 2011 the going rate was about $10 per address. The price is now over $50 per address.
The internet’s routing system now gives network operators much greater flexibility over what can be routed. This means that if an organization can free up some of its address space it has the option to profit.
We use devices to send data across the internet. They have numeric “To” and “From” addresses a bit like how envelopes have addresses on them. They are Internet Protocol, or IP, addresses. The most widely deployed version is IPv4. There are about 4.3 billion IPv4 addresses in total, but ordinary internet devices can only use about 3.8 billion of them.
When the internet was starting, its routing system had less flexibility. An organization that needed just 15,000 IPv4 addresses could not have got a block that closely matched its needs. At the time, there were three sizes of IPv4 address block available. Class C was the smallest with just 256 addresses. An organization that needed 15,000 addresses would have needed 64 of these, which would have been complicated to configure.
Class B gave an organization just over 65,000 addresses. This left lots of room for growth. But even after several decades, they would probably still have lots of unused IPv4 addresses.
Class A blocks contained about 16 million addresses. They were so large that very few were ever allocated.
Many organizations that got Class B address blocks back in the early days of the internet. The routing technology is now more flexible, allowing many different sizes of network to be routed. Unlike earlier routing technologies , with IPv4 we are not limited to the small, medium and large IP spaces of the early years. IPv4 addresses blocks accommodate to the exact amount a company means, which means less excess space, and less risk of needing more.
IPv4 addresses are mostly fungible, but not completely. An IP address block that has been used to send spam or serve malware has less value than a responsibly managed one. Buyers research the reputation of the blocks they are interested in. Blocks that have a negative reputation will probably need work to repair that reputation from the new user. So, a block with a good reputation is worth a premium.
Buyers will also consider whether addresses will be moving to a new geography. Many web services have a default language based on the IP address of the user. Many content services are only available to users in specific locations for licensing reasons. A block from the same country or state can be less work for the buyer.
The United Nation’s probabilistic population projections for 2020 were 8 billion people. Even if the population numbers are a bit lower, we have at least two people for each IPv4 address. Each computer, phone, and increasingly each car or television uses at least one IP address.
Most of those addresses can be “clients.” Clients, unlike devices, don’t need to have globally unique addresses. Instead, they can have what are known as private addresses, which are only unique on local networks. Those private addresses can share a single unique address.
There are registries that provide the same kind of service a land registry does for real property. The key difference is that what is sold is not a piece of property but a right to a registration The registries introduced transfer policies a few years ago. Network operators agreed on transfer policies because accurate registration data is important to operations.
IPv4.Global specializes in helping clients sell, lease and buy IPv4. We help make the process less complicated and time consuming by:
Contact us by calling (212) 610-5601 to speak with an expert for help turning your invisible asset into revenue.
IPv4.Global has an auction service that lets buyers and sellers find out the value of their hidden assets. The market for IPv4 addresses is booming, and buyers and sellers must consider multiple factors to successfully take advantage. How large is the address block? Does it appear on well-known block lists? Does it come from a different geographic region? Whatever your IPv4 trading needs, we can help.
By Leo Vegoda
May 10, 2022
CIDR (Classless Inter-Domain Routing) is a routing system in which network engineers can distribute IP addresses based on the size of their specific network. This is more efficient than the previous system, which assigned IP addresses depending on whether the size of a network fit into one of only three sizes: Class A, Class B, and Class C.
CIDR is a much more advanced system of IP routing that solves multiple issues caused by traditional “classful” routing, including wasting unused space and more secure networks. The Downsides of Classful Routing In 1981, the “Classful Routing” system only allowed for three network sizes:
When organizations needed multiple Class C networks, they would get a Class B, even if they’d only use a small portion of it. An organization that needed just 2,000 IPv4 addresses would have needed eight Class C networks. At the time, the technology required each of those networks to be treated as an independent network on the Internet. Having lots of unused space might seem like an advantage, but it also requires extra caution and monitoring to make sure it isn’t being used by other organizations. Such use can make it harder to send email or use services that are restricted to a particular geography. And sometimes, bad actors use someone else’s addresses for cyber attacks.
CIDR (pronounced ‘cider’) was introduced in the early 1990s as a classless domain routing system. This new system empowers organizations to only get the amount of IP addresses they need in their networks, without wasting unused space.
For instance, a network that would have needed eight Class Cs could have received a /20 (pronounced slash 20), which is just over 8,000 addresses. This would have given them all the addresses they needed and room to double in size. This leaves less space to monitor while still leaving plenty for growth. And, it would have left about 57,000 addresses for other organizations.
In CIDR, the size of the network is determined by its prefix length. IPv4 has 32 bits shared between identifying the network and the number of addresses in that network. The more bits taken by the prefix, the fewer addresses it contains. An old Class B network has 16 bits of prefix and 16 bits left for addresses. The 16 bits of prefix give it just over 65,000 addresses.
This block size is known as a /16 (pronounced slash 16) in CIDR. But cut it in two and you have two /17s, each with about 32,000 addresses. Here’s a table showing all the sizes of all the prefixes introduced between Class B and Class C by using CIDR.
Prefix Length | Address Count |
---|---|
/24 | 256 |
/23 | 512 |
/22 | 1,024 |
/21 | 2,048 |
/20 | 4,096 |
/19 | 8,192 |
/18 | 16,384 |
/17 | 32,768 |
/16 | 65,536 |
The Classful Routing system offered some variety in how big a network could be. It offered little flexibility in how those addresses could be routed on the internet. If you had a Class B you could only assign all your addresses to the networks you connected to. You couldn’t allocate half to one network and half to another.
CIDR, and an update to the BGP routing protocol, gave organizations the opportunity to cut up their address space. This lets them influence where traffic arrives. It can improve user experience and cost management.
For example, an organization was struggling to decide how to route the addresses they use. They had sites in two different cities, so they had a tough choice to make with Classful Routing. They could choose to interconnect the sites with a Class B, or they could announce the Class B from one site and have the other site as a dead end. They are forced to route lots of traffic between sites for both of these choices.
But if they cut the network prefix into smaller pieces, they can manage where traffic arrives. Each site can announce the exact prefix it uses. BGP chooses this most specific prefix and so sends traffic directly to the right site. If a site ever loses direct internet connectivity, it can retain internet access through the other site, because both sites also announce the encompassing prefix. BGP will fall back to the less efficient route if the best one fails.
You can optimize your routing and improve risk management if your organization has a Class B network and plenty of unused address space. Renumbering can pay for this.
Renumbering means either using IPv4 addresses from just one part of the Class B, or exchanging it for a smaller block. The current price of IPv4 addresses will generally cover the cost of extra help to do this work and still provide a surplus.
One Class B
In this example, based on the original organization of IP addresses, in a system with two sites, both are assigned to a Class B network, now known as a /16. Other internet networks can reach them through either site but don’t have enough information to choose an efficient route. Traffic for City A will arrive at City B, and vice versa. Losing the inter-site link hinders internet access for both sites, as traffic for both sites is directed to the other.
One City, one Inter-site Connection
Just one site has internet access in example B. Traffic is only directed in a one-way path, so the site in City B has no connection if the inter-site link fails.
CIDR Solution
Both cities connect directly to the internet. They are each assigned their own addresses, so other internet networks will send traffic directly to the right site. And because they both announce the whole /16, both sites have internet access through the other if one internet connection fails. BGP’s routing algorithm lets organizations use CIDR to manage their incoming traffic better. This can improve network performance without reducing resilience.
Peter Tobey & Leo Vegoda
May 4. 2022
The early stages of internet development operated in a culture of independence from outside influence. In fact, as though to commemorate the spirit of the times, in 1996 John Perry Barlow wrote “A Declaration of the Independence of Cyberspace.” In it, he told governments they, “have no sovereignty where we gather.” He went on to state, “Ours is a world that is both everywhere and nowhere, but it is not where bodies live.” Regulators and politicians seemed to agree, and outside control of the development and organization of the internet was managed with a very light touch throughout the 1990s.
Since then, internet regulation has become more thorough. It is definitely not “nowhere.” It is increasingly everywhere and definitely “somewhere” in the sense its bits and pieces live in the very real, very physical world, as do its users. Servers sit in data centers. Those data centers need staff, electricity, and lots of connectivity. Plus, the web has enabled all sorts of behavior, most of it good and useful, some not so much.
Governments have made laws that relate to the internet and to the people who use it. They have always regulated the communications infrastructure, especially international telecommunications systems. These days law makers increasingly regulate the content that is communicated on the internet. In addition, governments band together to establish international norms in the United Nations and other international organizations. These actions generally reach far beyond content moderation or control.
As part of the regulation process, the organizations running the address registries that enable communication on the system work within these laws. Which is to say, the regional internet registries (RIRs) are impacted by laws just like the rest of us.
When organizations agree to transfer addresses (whether within a region or between them), they are not transferring a physical object. Instead, they are transferring the rights for a registration in a database. It is this address data that informs the entire system as to the routing of information among machines on the internet. So, without accurate, up-to-date information, well-coordinated and synchronized across the system, information to or from a machine is stalled. It either fails to move at all or can’t get where it’s supposed to go.
The Regional Internet Registries and National Internet Registries manage those databases. This means that three organizations must agree to the transfer of use from one owner of an address to another owner. (More likely, the transfer of large blocks of addresses, but the principle is the same.)
All three entities must ensure that they can and want to do business with each other for a successful transfer to occur. There are several layers of quality control within the process. But organizations outside the transfer group enforce other controls that often supersede those of the IP registries and the needs – or wishes – of the parties to a transfer.
Those with IPv4 addresses transfer them to others in return for payment. The market for these intangible-but-significant assets has become very large. The recipient must pay the source of the transfer for the use of the addresses. In some cases, there are also fees paid to brokers, like IPv4.GLOBAL, for arranging and helping to complete the transfer.
All such transfers are subject to banking regulations and controls and limited by the cross-border systems available. Chief among those systems is the Society for Worldwide Interbank Financial Telecommunication (SWIFT) messaging protocol used in most international funds transfers. (There are others, including China’s CIPS but SWIFT is by far the most widely used.) If one of the banks is not able to use the SWIFT interbank transfer system, any transaction using it cannot proceed. The recipient of the transfer must also be able to send payment. Thus, blocking either party can stop a transfer of funds.
More broadly, the international banking system has rules that control illegal financial transactions. Transactions from sanctioned entities, and/or countries supporting illicit activities are selectively blocked from using the system. Under normal circumstances, ordinary crime is the main target. Numerous governments, financial institutions, and corporations impose controls to prevent money laundering and the illegal movement of funds. Banks enforce government mandates by conducting comprehensive due diligence on clients, analyzing financial transactions flowing through their operations, identifying suspicious transactions and reporting suspect transactions through SARs (Suspicious Activity Reports) to government regulators. Lastly, banks research trends and patterns in money laundering and terrorist financing activities to improve their transaction-monitoring systems. All this evolves with the changing tactics of target entities.
Difficulties arise when members of a region either run afoul of the regulations or because information about them is incomplete. In these cases, transferring parties can’t confirm an appropriate transfer of funds. This has been an issue for RIPE NCC. In November 2021 it had members who could not be invoiced because banks considered them “…high risk and would prefer not to receive any funds from them.” The RIPE NCC has said it will set up banking in Dubai, where banks are better able to evaluate risks in nearby countries, thereby allowing transfers.
The invasion of Ukraine has lead to efforts to isolate Russia from many of the world’s commercial channels. Among those efforts are financial restrictions across a number of banking networks and protocols. Of course, some commercial pathways remain open to Russian IP owners, while others are closed.
IP holders in Russia (and Ukraine) have been invoiced as normal by their RIR, the RIPE NCC. Their accounts won’t be closed if they cannot be paid in the normal timeframe. The registry in the region (RIPE NCC) states, “We continue to follow all our procedures in the same way as we did before the outbreak of war. We treat all members equally and the same requirements are made of all members in terms of due diligence checks. If we need to make any changes to our procedures, these will be clearly communicated to all members.”
However, other regulations apply. The Dutch Ministry of Foreign Affairs maintains that IP resources are economic resources and so are subject to EU sanctions. IP addresses registered to Russian organizations, then, are functioning but can’t be transferred, either sold or new ones purchased according to the registry in question, RIPE NCC.
It should be noted that Russia (and any other RIPE account) is allowed to pay in any non-crypto currency. The Euro is preferred but not required. This because the ruble remains a legal currency. However, far-reaching banking controls are now in place regarding Russia.
In addition to the above, Australian, EU, UK and US regulators have imposed financial sanctions on Russia. These sanctions freeze assets held abroad by Russia’s central bank and selected Russian commercial banks. Additionally, Russian banks are blocked from the SWIFT messaging system used to facilitate cross-border transactions among banks.
There is a wide range of other sanctions, including seizure of the foreign assets belonging to specific Russian oligarchs and political leaders. If sellers or buyers rely on sanctioned Russian banks to execute payments, their payments will be blocked. Funds at other banks will need to be employed. If this is not an option, the buyer/seller will be financially isolated and unable to pay for anything.
Finally, the world’s financial system is complex. The networks that connect banks, both sanctioned and un-sanctioned ones, are many and strange. So, regulators and governments seeking to restrict the flow of funds to and from the many banking systems and via the world’s byzantine transfer methods are currently in the process of adding controls, step by step. At the same time, sanctioned banks are trying to find ways around those controls. As of this writing, two things are clear: funds transfer to and from Russia are possible and they are becoming increasingly difficult. In any case, before considering such a transfer, consult with your banker and a qualified attorney.
The registries want to maintain authoritative data for the user of IP addresses so that network operators can establish routing policies and communicate effectively with each other. That’s why they have developed policies enabling the transfer of IP addresses: so the transfers are under their control. Registries that are incomplete or inaccurate are less useful. Missing data makes internet crime and other attacks easier.
Registries also must comply with international sanctions laws. In 2018, ARIN’s CEO stated that its due diligence checks “includes verification of the legal entities involved and their pertinent bona fides. ARIN reviews transactions for potential conflict with applicable law and has in the past declined to process transactions that are unclear in that regard and referred parties to US Treasury/OFAC to obtain appropriate clarity or licensing as appropriate.”
The Office of Foreign Assets Control (“OFAC”) of the US Department of the Treasury, “administers and enforces economic and trade sanctions. Its work is based on US foreign policy and national security goals against targeted foreign countries and regimes, terrorists, international narcotics traffickers, those engaged in activities related to the proliferation of weapons of mass destruction, and other threats to the national security, foreign policy or economy of the United States.”
The RIPE NCC regularly updates the document describing the scope of its due diligence checks. It also publishes a quarterly sanctions transparency report. For instance, they reported in January 2022 that 250,000 IP addresses had been frozen in its database. These were registered to a member in Syria and a member in Iran.
Many private organizations perform due diligence checks on new suppliers, customers and other partners. This includes those with whom they transfer IP addresses. Such institutions and businesses want to know that their business partner will be reliable. Some want to know they are reputable. And, many in the IP transfer process have concluded that organizations based in Russia are unworthy partners in any exchange and regardless of permissions available (though there aren’t many) they will not participate with Russian entities. The checks done by institutions, firms, banks and registries do not replace the legal process. They add an extra layer of confidence that any transfer is legal and acceptable to all the participants.
For those with any number of reservations and/or questions about the restrictions involved in transfers generally, please contact IPv4.GLOBAL by email or by phone (212) 610-5601. For specific issues – especially those revolving around sanctions against Russia, contact your attorney for guidance.
The five Regional Internet Registries are subject to the jurisdiction, including sanctions regime, of the countries in which they are based. These are:
The five Regional Internet Registries are subject to the jurisdiction, including sanctions regime, of the countries in which they are based. These are:
Demand for large blocks (/16 and larger) continues to exceed supply, continuing the trend of rising prices. Demand for smaller blocks has slowed a little bit, with prices falling as sellers compete for buyers’ attention.
Lee Howard
April 26. 2022
Recent Department of Defense IPv4 activity and announcements about IPv6 indicate a shift in their perspective and suggest potential impacts on the IPv4 address market. The shift could include the release of up to 175 million IPv4 addresses in coming years, creating a risk of a glut in the market. For perspective, the market has transferred 380 million addresses over eleven years.
In June 2021 the United States Department of Defense (U.S. DoD) adopted the Office of Management and Budget (OMB) directive from 19 November 2020 (DoD DTM 21-004 adopts OMB M-21-07). This directive is different from previous efforts, because it has the support of civilian agency leadership and the DoD.
The OMB memo says both agencies will issue an agency-wide IPv6 policy by the end of 2021. This IPv6 policy must require that, no later than Fiscal Year 2023, all new networked Federal information systems must be IPv6-enabled at the time they are deployed. Plus, the policy will state the agency’s strategic intent to phase out the use of IPv4 for all systems.
Under past efforts, if a vendor checked a box saying a computer or software worked with IPv6, the requirement was met. This directive defines “IPv6-enabled” as “IPv6 is turned on for production use.” Claiming that a device or service is capable of using IPv6 does not satisfy the requirement.
The plan must also include plans for IP-enabled assest on Federal networks:
Again learning from earlier corner cutting, “IPv6-only” is defined as a state where IPv4 is not in use. The memo does allow for IPv4 transition mechanisms (such as NAT64, SIIT-DC, 464xlat, MAP-T, MAP-E), but the backend systems should be IPv6-only.
Phasing out IPv4 means most of those addresses will be useless to the U.S. military and government. Some other activity hints at what they might do with those addresses.
In late 2019, the the U.S. House of Representatives passed the National Defense Authorization Act (NDAA) to fund the DoD for 2021, with text requiring the DoD to sell off all of its hundreds of millions of IPv4 addresses. This line did not survive reconciliation with the Senate, but it shows that some in Congress are aware of the existence of billions of dollars of addresses in government coffers. In reviewing the bill, the Congressional Budget Office (CBO) noted, “DoD would have to amend its existing agreement with the American Registry for Internet Numbers (ARIN), which requires DoD to release unneeded IP addresses to ARIN for redistribution.” This may well have been what killed the line in committee.
Regarding that agreement, ARIN CEO John Curran said in a public email, “The provisions were never intended to constrain the USG/DoD any differently than any other party in the registry and given the availability of the transfer policies in the number resource policy manual we have made plain to the USG/DoD that ARIN is neither encouraging nor an impediment to the transfer of IPv4 number resources at this time.”
So those addresses could still find their way to the address market.
The DoD has apparently take this possibility seriously. In January 2021, a previously unknown company began “announcing” DoD IPv4 space on the Internet (technical jargon for “looks like they’re using it”). In April 2021, the DoD said the announcement was to “assess, evaluate, and prevent unauthorized use of DoD IP address space.”
A surprising number of companies use unannounced DoD IPv4 space for internal, private, or “walled garden” networks—scenarios where the addresses will only be used internally, not on the Internet. But some devices connect both to walled gardens and to the Internet.. If DoD addresses were sold and used on the Internet, those devices would have conflicts: do they send traffic to the private network or the public Internet? So this project is exactly the due diligence one would expect before the DoD released its IPv4 addresses.
If the DoD won’t need 20-80% of its IPv4 addresses in the next 2-4 years, it looks like the Department of Defense will release some of its IPv4 addresses. What then?
Civilian agencies who achieve 20% – 80% IPv6-only deployment between 2023 to 2025, even with some holdback for translation, will find themselves with a surplus of IPv4 addresses. Under federal government rules, those addresses may have to be “returned” to the DoD, who then has an even greater surplus.
If Congress made the DoD offer its 175 million IPv4 addresses on the market, it is likely that the big buyers would buy as much as they need. There would be little remaining demand for /8 – /13 blocks, and DoD might even have to sell down to /16, virtually eliminating the mid market. If civilian agencies with /16 blocks release chunks of their space, there’s a similar threat to the small market. That much address space would sate the market for several years, based on historical transfer rates.
Source: RIR Transfer Logs
Many IPv4 address holders have indicated a desire to lease addresses as prices are rising. This can be a great strategy to maximize returns, but the longer the wait, the higher the risk that the DoD will make those addresses worthless at the end of the lease. The risk is lowest now, and increases year by year.
Of course, a rush to sell now could backfire if the U.S. government and DoD don’t ultimately release their addresses. People in the US government who are advancing the IPv6 initiatives are aware of market dynamics, and may also be reluctant to flood the market with IPv4 addresses just as their efforts to move to IPv6-only are culminating.
Most financial advisors argue against trying to time the market. Don’t worry about price fluctuations: decisions to buy or sell should be based on fundamentals and demonstrable needs.
By Leo Vegoda
April 19, 2022
We refer to the internet services we use with names like hilcoglobal.com but those names hide a layer of numbers. These are internet protocol, or IP, addresses. The most widely deployed version is IPv4. It has a theoretical maximum of about 4.3 billion addresses. Only about 3.8 billion IPv4 addresses are available for use by ordinary internet devices. That means we have about half as many addresses as people on Earth.
An IP address is just a number. People are familiar with IPv4 addresses in “dotted decimal” format. But we could write an address like 198.51.100.42 as 3,325,256,746. We use the dotted decimal format to help us understand quickly and easily where a block (or sequence) of numbers starts and ends.
Blocks of IPv4 addresses used to be assigned in three sizes. The smallest, known as a Class C, contained 256 addresses. The middle size had just over 65,000 addresses and was called a Class B. The largest size had over 16 million addresses and was called a Class A. These dramatically different sizes meant that users were assigned blocks of IP addresses (classes) of very different proportion. What’s more, it resulted in many networks being distributed far more than they needed simply because a smaller block wasn’t enough. Registries gave organizations that needed just a few thousand IPv4 addresses a whole Class B.
Times have changed. IPv4 addresses have significant market value because the registry pools of available addresses have been emptied by ever-growing demand. That heavy use occurred because people have multiple devices. And they use them at home, on the move, and in the office.
Continuously growing demand did not end when the registries’ free pools were emptied. The RIRs introduced policies to support a market where organizations can legitimately exchange IPv4 address blocks. This keeps accurate contact information about network operators available. In 2022, many new organizations and growing cloud services companies are buying IPv4. Prices have risen in recent years and generally more than cover the cost of reassigning an IP address to a new device, a.k.a. “renumbering.”
To put it simply, when additional IPv4 addresses are acquired, the devices that will use those addresses must have their identifying IP changed. This change is known as renumbering and, when large numbers of devices are involved, can be time-consuming.
Any successful change starts by understanding the current situation. An IP Address Management (IPAM) tool will inventory the IP addresses on your network. You can use this to build a picture of what needs to change.
IPAMs are more than databases recording which addresses are used and where. They can discover where IP addresses are used. You can then use your IPAM as part of your deployment by updating DNS and detecting unauthorized devices.
Then you need to centralize and automate configuration.
Using a configuration management and orchestration system will help you maintain baseline configurations. You can then adjust individual configurations as needed and automate updates. And you can audit configurations and deploy improvements when you centralize configuration management.
Organizations are sometimes worried about renumbering because they use static addresses. Some software vendors demand that software be tied to addresses. This is less common now, with online license validation or audits available as alternatives. Where neither of these is offered, it is often possible to use IPv6 addresses instead.
Some organizations periodically stop production to perform maintenance on capital equipment. Planning around these situations before starting to renumber is recommended. If that’s not possible, taking an incremental approach might work well. Start with a small segment and get used to the new tools. Then, expand across the whole network in steps.
Whichever approach is right for your organization, you need to manage renumbering in the following stages:
It is often possible to introduce a new prefix alongside the old one. You can then remove the old prefix once you have the new one up and running and have tested that traffic is using it. You can remove it when you are sure there are no more dependencies on the old prefix.
Some organizations distribute responsibilities for network, servers, and applications to different teams. If yours does this, then your internal communication will be just as important as the technologies you use. People in different parts of your organization will need to actively cooperate.
You don’t need to develop and execute a plan for renumbering on your own. We can help. Contact us so we can get you the experience you need for your team. We’ll help you do three important things:
The IETF has produced a collection of documents that look at renumbering. While they focus on IPv6 networks, most of what they say applies to any network.
The IPv6 Site Renumbering (6renum) Working Group produced documents on:
The IPv6 Operations (v6ops) Working Group produced a document on how to renumber without a flag day.
By Leo Vegoda
April 12, 2022
In the world of networking, internet connectivity is covered by the mass media either thinly or inaccurately. Or both. Most news outlets only publish reviews of consumer products. Ditto publications about personal computers and handheld devices. The internet’s foundations get much less coverage. Only the technology news industry explores topics like server hardware and operating systems in ways that are useful to networking professionals.
Here are lists of the highest-quality web industry blogs and podcasts:
Some technology news blogs and publications are more useful to serious network professionals than others.
In addition, some regional industry publications, like South Africa’s MyBroadband, have done excellent work covering recent events leading to criminal investigations and multiple lawsuits at AFRINIC.
They often include articles about governance, community projects, and standards development. What makes them stand out is their ability to effectively summarize and communicate complex issues to a broad audience.
Here are the most trusted and valuable tech news podcasts that cover internet and network-related topics:
Valuable connectivity news now (sometimes) comes via talking heads on screen:
Good advice on how to start and stay current regarding reputation management is available from Mailop, whose community publishes the best practices and hosts a mailing list for advice and discussion.
DomainIncite – https://domainincite.com
Domain Name Wire – https://domainnamewire.com
IEEE Spectrum – https://spectrum.ieee.org/magazine/
The Internet Protocol Journal – https://ipj.dreamhosters.com
The Register – https://www.theregister.com
MyBroadband – https://mybroadband.co.za/news/
AFRINIC – https://afrinic.net/news
APNIC (main) – https://blog.apnic.net
APNIC (labs) – https://labs.apnic.net
ARIN – https://www.arin.net/blog/
CENTR – https://centr.org/news.html
RIPE NCC – https://labs.ripe.net
Internet Governance Project – https://www.internetgovernance.org
Internet Society – https://www.internetsociety.org/blog/
Internet News – https://www.internetnews.me
Interplanetary Network Special Interest Group – https://ipnsig.org
Netnod – https://www.netnod.se/blog
Cloudflare – https://blog.cloudflare.com
ICANN – https://www.icann.org/en/blogs
Kentik – https://www.kentik.com/blog/
APNIC Ping – https://blog.apnic.net/2021/10/29/have-you-heard-apnic-has-a-new-podcast/
Ask Mr DNS – https://askmrdns.com
Economist Babbage (mainstream technology news) – https://podcasts.apple.com/us/podcast/babbage-from-the-economist/id508376907
LINXcast – https://www.linx.net/news-and-events/linxcast/
NANOG TV – https://nanog.org/news-stories/nanog-tv/
UKNOF – https://www.youtube.com/user/UKNOFconf/videos
Journal of Cyber Policy – https://www.tandfonline.com/loi/rcyb20
Light Blue Touchpaper – https://www.lightbluetouchpaper.org
Six months ago, if you had a /16 to sell, you were better off splitting it into smaller blocks. March saw a price inversion that flips that advice on its head, as /16s sold for more per address than smaller blocks. The converse is: if you’re a buyer needing a /16, you’ll find better bargains by picking up a few /17 or /18 blocks. This is a dynamic market, so keep checking https://auctions.ipv4.global/prior-sales for the latest transactions.
New Agreement makes IPv4.GLOBAL’s auctions, private sales and leasing services available to E&I members in higher education, K-12, and healthcare teaching institutions across the U.S.
New York, NY — April 7, 2022 — Hilco Streambank’s IPv4.GLOBAL, the world’s most experienced internet protocol address broker, today announced that it has been awarded a competitively solicited contract by E&I Cooperative Services (E&I) to provide its members with these often-overlooked educational assets. Premium services – at discounted costs – are available to E&I’s more than 5,500 member institutions across the U.S. The contract is effective immediately, runs through January 31, 2027, and includes a renewal option.
Through this contract, IPv4.GLOBAL provides E&I members with assistance in the private sale or public auction of IP addresses on its web platform. IPv4.GLOBAL will also help the seller of addresses transfer them to the buyer. Escrow services for these transfers will be supplied at no additional charge.
“We’re very happy to be awarded the E&I contract to help serve their members,” said Gabe Fried, CEO of Hilco Streambank and IPv4.GLOBAL. “Hilco Streambank and IPv4.GLOBAL are thrilled to have a cooperative contract vehicle to support the work we’ve done for educational institutions and the services we provide. We look forward to helping these institutions raise much-needed cash through the sale of their surplus IPv4 addresses.”
According to Keith Fowlkes, Vice President, Technology at E&I, E&I members will benefit significantly from finding new revenue through sales of their unused IPv4 address blocks. “Opportunities for revenue generation on campus are increasingly important given the current financial climate. We’re excited about the addition of this new competitively solicited agreement to our technology contract portfolio. Our members now have easy access to their full range of services at discounted contract rates.”
For more information, contact the E&I Team at (703) 673-3518, EducationSales@hilcoglobal.com or www.ipv4.global.
Hilco Streambank provides intellectual property services and expertise at the intersection of intangible assets and corporate finance – identifying, preserving, and extracting value for clients. The firm combines an understanding of how to run a successful disposition project with an extensive network of technical professionals providing research, packaging, and marketing expertise to support the sales process. Hilco Streambank’s appraisal process provides lenders with an accurate recovery estimate under a variety of disposition scenarios. For more information, please visit www.hilcostreambank.com.
IPv4.Global is a division of Hilco Streambank. As trusted marketplace leaders, the company is dedicated to reliable transparent service. It facilitates the purchase and sale of IP blocks, regardless of the size, and have completed more transfers than anyone else in the world. IPv4.GLOBAL’s multi-tiered services facilitate transactions of varying IPv4 block sizes, ranging from smaller transactions through our online platform to large private transactions through our brokerage business. For more information, please visit www.IPv4.Global.
E&I Cooperative Services (E&I) is the only member-owned, non-profit procurement cooperative exclusively focused on serving education. E&I delivers unsurpassed value and an exceptional experience to its members through a broad portfolio of competitively solicited contracts with industry-leading suppliers as well as innovative sourcing solutions. The Cooperative empowers its members to make informed, analytics-driven decisions to capture more spend and optimize their education dollars. For more information, please visit www.eandi.org.
By Leo Vegoda
April 5, 2022
Network operators rely on guidance from IP address experts because not all IP addresses used on the Internet are the same. The “reputation” of email senders is especially important because some are malicious users of the system. But identifying “senders” based on their email addresses or the individual IP address of a user presents issues that are unnecessarily complex.
So, for many years, the people who run the Internet’s email systems have rejected messages coming directly from the IP addresses used by home Internet connections. (There were about 1,300,000,000 wired home broadband connections at the end of 2021.) It would be difficult to maintain a database of addresses belonging to responsible users versus people (intentionally or because of virus or botnet infection) sending unsolicited bulk email, phishing, or engaged in other malicious activities.
As a result, we need to send email through dedicated systems and the system administrators use a variety of tools to measure the reputation of that smaller number of systems.
The same approach is used to monitor IP addresses for their reputation on several dimensions. Not only, “should this address be sending email?” but also geographical location, whether an IP address is infected with malware, is involved in stealing others Internet users’ identities, or an open proxy that can be used by miscreants to do any of those things.
Deploying a new range of IP address space is more complex than just configuring those addresses on equipment and using them on the Internet.
Any significant sized range of addresses will have been used on some other network before. While a transfer to your organization will show up in the Regional Internet Registry or National Internet Registry database, propagating that change through the various types of reputation tracking systems in place is not instant or automatic.
Updating those systems about changes in management, purpose, and geography are important elements in the IP addresses your organization needs.
A sudden transition from one user and purpose to another is less likely to be successful than a careful deployment. Address space in active use immediately before being transferred may be tainted. If it sat fallow for some time before it is more likely not to be on a block list. If you’ll be using the range for the same purpose as the previous registrant, you’ll want to understand what the relevant reputation databases report about it.
Reputation tracking started for addresses that send email and that continues to be important. Good advice on how to start and stay current is available from Mailop, whose community publishes the best practices and hosts a mailing list for advice and discussion.
If your new range of address space was transferred from a different geography and will be used for consumer Internet access you will probably need to contact the companies that manage databases tracking the geographic location of IP address ranges (GeoIP). Most consumer content is licensed for specific markets and these databases help the content distribution networks implement geographic restrictions where they are required by the content owners.
If the address range was previously used in a place where they use different languages than in your region, popular platforms will need to know about the transfer, so they present interfaces using the languages your users prefer.
If you will be using your new address space for a different purpose than in the past, you will need to make sure that reputation systems know about the change, so they don’t characterize your use as unexpected and add your network to lists of blocked addresses. For instance, when an address range previously used for subscriber Internet access is repurposed for cloud servers that are likely to send email, it will need to be removed from various lists. One example is Spamhaus’s Policy Block List, which lists address ranges that should not send email.
The Brothers WISP publishes a regularly maintained list of GeoIP databases. This is a great resource for consumer ISPs whose address space is rejected by local content distribution services, like video streaming or gaming platforms.
The Spamhaus Project maintains lists networks can use to help them decide whether to block traffic from other networks. Its lists are advisory and can be used in conjunction with other services, sometimes proprietary, to make decisions about whether to accept traffic.
Discover the existing reputation of your new address range at the places that matter for you and update where necessary. Actively search for lists and their importance to your intended purpose. Contact the administrators and let them know about how the address range has changed registrant, and whether its geography or purpose has changed.
This will take time and you will either need to include that time in your deployment plan or manage problems with block lists and other reputation databases as they arise.
About Leo: Leo has been involved with the management of Internet Number Resources at ISPs, the RIPE NCC, and in ICANN’s IANA team. He now provides bespoke services to a number of Internet-space organizations, including Euro-IX and PeeringDB.
By Leo Vegoda
March 29, 2022
The IPv4 market is a collection of systems where holders of IPv4 addresses transfer the right to the registry records of those holdings’ addresses to other internet users of them. These rights often transfer in what amounts to a sale. At other times the rights are transferred temporarily, in a leasing agreement. Transfers are sometimes negotiated privately and at other times in public auctions.
An internet “address” indicates to the system the source and destination of information being sent. It can route traffic to a number of different locations but most commonly identifies a specific internet-connected machine.
The early, IPv4 version of “naming” IP (Internet Protocol) addresses, uses a “dotted decimal” format such as “198.51.100.42” which could also be written “3,325,256,746” as it is sequentially in that place in line. The dotted decimal system is used as a convenience to help network administrators understand where one “block” of numbers begins and ends. There are about 3.8 billion IPv4 addresses that can be used for regular Internet connections. About 500 million more addresses are reserved for protocols like multicast, private use, and future uses that were never defined, and which probably never will be.
The IPv4 transfer market was spurred by the exhaustion of the free pool of addresses. This happened because “only” about 4 billion addresses were created in version 4 of the addressing system and the growth of the internet used them up entirely. IANA, the registry at the top of the hierarchy, allocated its final blocks of 16 million addresses in 2011 and it allocated the last crumbs in 2019. Some regional internet registries’ (RIRs) policies attempted to retain small blocks of address space for new market entrants, while others continued a first-come, first-served need policy. But for several years it has only been possible to get enough new addresses to address a large network through the transfer market.
To further complicate the impacts of rapid internet growth, early protocols for connecting independently managed IPv4 networks supported just three network sizes. As a result, “blocks” of addresses were distributed in these sizes. The largest was Class A, which each contained just over 16 million addresses. Then there is Class B and these blocks contained 65,536 addresses. Finally, Class C networks each had 256 addresses.
Engineers developed ways to make more efficient use of address space in the late 1990s and it is now common to see networks of different sizes. The number of addresses in a network is designed by its prefix length, using a slash before the prefix length in bits. Old Class A networks are now known as “/8s” and can be broken up into smaller parts. Those 16 million addresses could be turned into 16 “/12s” of 1 million addresses each – or smaller networks if needed.
When only three sizes of network could be used on the Internet, some organizations got more addresses than they now need. These organizations have been able to retain the addresses they still need and transfer the remainder to other organizations whose deployments depend on them. The alternatives to a market in the registration rights to database entries for IP address space are not very attractive. These include:
One option would have been to try and ignore the market by only recognizing transfers arising from mergers and acquisitions. The organizations that did not need the addresses would have needed to create new legal entities to hold those addresses and market participants could then buy and sell those legal entities.
One major operational downside of this approach would be that it breaks the connection between the registrant of the addresses and the operator of the network. So, it would complicate the communication needed to resolve operational issues. This approach would also add overhead when splitting a larger block up so that the addresses can be used on several smaller networks.
Another approach to this problem might be for the actual registrant of the addresses to rent them to users but not transfer the registration. This shares the operational problems caused by only recognizing mergers and acquisitions, but also removes the incentive for users to use the addresses responsibly. Temporary leases are likely to attract users who want to send spam or engage in other malicious activities and so require careful vetting of lessors by responsible intermediaries.
Responsible facilitators of leasing programs restrict access to this option today. However, the extent of the vetting to qualify potential lessors varies.
Anyone around in the late 1990s will remember the dot-com bubble and the near constant deal making that resulted in small networks being merged into larger organizations. All that merger and acquisition activity needed to be properly recorded in the Regional Internet Registry and National Internet Registry databases so that network operators and Internet users could contact each other when problems arose. Old RIR policy documents, like ripe-185 from 1998, include sections on changes in registry ownership. Four years later, those two paragraphs had become a seven-page document.
Across differing RIRs, the procedure for transfer varies somewhat. Each RIR’s policy is developed by its own policy making community to meet the needs of their specific region and this has resulted in small differences among the policies.
RIPE policy allows the “legacy” status of an IPv4 address block that was obtained before the RIR system was established to stay with the new registrant. This means the new registrant can choose an agreement that protects it from deregistration in some circumstances not available to other registrants.
As of January 2022, AFRINIC’s policy only supports transfers within the AFRINIC region and not between regions. Parts of the AFRINIC policy-making community are concerned that its limited pool of IPv4 address space – the smallest RIR pool – could be exported to networks in wealthier regions. But North America’s RIR, ARIN, generally exports more addresses to other regions than it imports.
ARIN, and other RIRs, publish lists of organizations that can facilitate address transfers. This market helps the Internet’s continued growth as IPv4 addresses can move from registrants who can afford to do without them to those who need them to grow.
About Leo: Leo has been involved with the management of Internet Number Resources at ISPs, the RIPE NCC, and in ICANN’s IANA team. He now provides bespoke services to a number of Internet-space organizations, including Euro-IX and PeeringDB.
After 2021’s meteoric rise in prices, different sizes of blocks were selling for wildly different prices per address; that pricing difference has mostly disappeared. IPv4 address prices have converged around $53-$56 per address, with occasional outliers.
A lot can go wrong when transferring addresses from one company to another. After 2,500 transfers, the team at IPv4.Global has seen it all. Here are some tips to make sure everything will go smoothly.
In General
In the U.S., Canada, Bermuda, and English-speaking Caribbean locations (ARIN Region)
In Europe and the Middle East (RIPE Region)
In Asia and Pacific nations (APNIC region)
In South America, Central America, Mexico, and non-English-speaking Caribbean locations (LACNIC)
In Africa (AFRINIC)
Transferring IPv4 addresses isn’t generally difficult, but because they are so valuable, the RIRs are very careful about their transfer policies. Support from IPv4.Global can help expedite your transfer, and reduce the chance of anything going wrong.
A lot can go wrong when transferring addresses from one company to another. After 2,500 transfers, the team at IPv4.Global has seen it all. Here are some tips to make sure everything will go smoothly.
In General
In the U.S., Canada, Bermuda, and English-speaking Caribbean locations (ARIN Region)
In Europe and the Middle East (RIPE Region)
From my.ripe.net, click RIPE Database, Create an Object, and select “organisation.” Use the mntnr created above. For “organisation” use something like ExampleCo-ripe where the org-name Example Company, Inc.
In Asia and Pacific nations (APNIC region)
In South America, Central America, Mexico, and non-English-speaking Caribbean locations (LACNIC)
In Africa (AFRINIC)
IP address demand has continued to rise, with June ending with over 192,000 addresses sold. The #IPv4 market is not slowing down, and we are seeing record-breaking prices across the board. #IPv4 sellers, list your #IP blocks and get the most value for your addresses.
IP address demand soared during the month of May with over 114,000 sold – our best month of the year so far! Demand for IPv4 addresses is unmatched, and prices are rising across the board with prices exceeding $40/IP. The time to sell your IPv4 addresses is now.
By Lee Howard
May 25, 2021
Pronounced “cider,” CIDR stands for Classless Inter-Domain Routing. CIDR is a method for summarizing IP addresses. Its original goal was to slow the exhaustion of IPv4 addresses and help extend the life of IPv4. It also improved the efficiency of IP address assignments, and overall significantly improved the availability.
Before we cover how CIDR works, it’s important to understand the technology that CIDR replaced.
In the early 1990s, Internet engineers realized they were going to run out of IPv4 addresses. Until then, they had been allocating addresses in one of three block sizes, known as Classes. A Class C block had 256 addresses, a Class B block had 65,536 addresses, and a Class A block had 16,777,216 addresses. If you needed more than one or two Class C blocks, you got a Class B, and so on.
Consider the anatomy of an IPv4 address:
The format on the left is called “dotted decimal” or “dotted quad” notation. Each number is a regular (base 10) number from 0 to 255. The format on the right is the same number in binary.
The network number is the first address. In dotted decimal, it always ends in zero[1]. (The network number for subnets of a Class C can end in other numbers, like 192.0.2.32/27, which means you can assign very few addresses to a network, but assignments from the registries are never smaller than Class C). In binary, the first bits would identify the class of IPv4 address. Technically, if the first bit was 0, it was a Class A block, or 0.0.0.0 – 127.255.255.255.
If the first two bits were 01, it was a Class B block, or 128.0.0.0 – 191.255.255.255.
If the first two bits were 11, it was a Class C block, or 192.0.0.0 – 223.255.255.255.
Class D was reserved for multicast, and class E for experimentation; you will never see them.
With only 128 possible Class As, and 65,536 possible Class Bs, by the early 1990s, it was clear that more specific allocations would be required. So, the class system was demolished and we moved to a classless system.
In Classful numbering, it’s easy to recognize the class from the address: a Class A is identified by the first byte (10.0.0.0), a Class B is identified by the first two bytes (172.16.0.0 and 172.17.0.0 are different Class B blocks) and a Class C by the first three bytes (192.186.1.0 and 192.186.2.0 are different Class C blocks). But, in Classless numbering, the number of bits identifying a block can be any of the 32 bits.
If that address was part of a /24 (“slash twenty-four”), the first 24 bits define the network block, and the last 8 bits are used for individual devices. You would write the network as 192.0.2.0/24, which tells you that the possible addresses are 192.0.2.0 – 192.0.2.255. The number after the slash tells you how many bits are used to define the network.
That’s distinct from a /20:
The network is 192.0.0.0/20, with possible addresses from 192.0.0.0 – 192.0.15.255.
Some addresses in this same /20 network:
A network can be subnetted.
192.0.0.0/20 also contains:
Or, 192.0.0.0/20 also contains:
The main thing to remember is that networks can be subnetted. The smallest network that can be bought, sold, transferred, or generally routed on the Internet is a /24. You will need to refer to this chart often:
Because of the inefficiencies of the class system, CIDR became the solution.
With CIDR, assigning addresses is more efficient as engineers can divide an IP address into subnets, without using many addresses. CIDR addresses have two sets of numbers:
For example, a CIDR address might look like: 192.168.125.23/16
So this network has 16 bits.
And as you may know, IPv4 addresses can have up to 32 bits. CIDR is also used for IPv6, with /64, /48, and /32 prefixes being common; IPv6 addresses can go up to 128 bits.
Companies can take advantage of CIDR’s supernetting. When different parts of the corporate network have /27 networks, a few /24s, and a /23, all of those subnets may be part of one /22 supernet. Your home ISP may only have assigned you one address (a /32 network), but may be summarizing all of their customers as one or more /16s.
CIDR is an efficient way to make the most of your IPv4 addresses. If you’d like more information on the differences between IPv4 vs. IPv6 check out this blog, or if you’d like to learn more about renumbering your network more efficiently so you can sell off some of your IPv4 addresses, please reach out to us today.
Closed off April with more than 38,000 IP addresses sold. The number of addresses paced lower this month, but prices for IPv4 have increased significantly across all block sizes as demand outnumbers supply! View all monthly trend cards and explore our newly updated website with helpful new features.
November 10, 2020
IPv4.Global’s Lee Howard will be a panelist at the Internet Governance Forum’s session, “IGF 2020 WS #327 Believe it or not, the Internet Protocol is on Sale!” Preparing for this session has provided an opportunity to research how the IPv4 address market has affected the deployment of IPv6. To begin, we look at the total addresses transferred and the number of addresses transferred over time.
Chart outlining total transfers since January 2014.
There are a few spikes where a large number of addresses was transferred in a single transaction, most recently from APIDT.org. More broadly, the number of transfers has been slowly increasing over time, though there’s no corresponding trend in the number of addresses. In other words, there are ever more transfers of smaller blocks, a strength of the IPv4.Global online marketplace.
A few organizations have dominated this market.
Pie chart noting IPv4 addresses received in transfers.
Cloud providers continue to dominate the market, roughly in proportion to their market share. A few access providers are represented. There has long been speculation that the IPv4 market has slowed IPv6 deployment.
IPv4 vs IPv6 trend lines.
The “Global IPv6 Percentage” here is taken from Google’s IPv6 deployment statistics, which is widely cited though conservative. It reflects the percentage of his on Google sites using IPv6. There is an annual spike around December 23 – January 2, reflecting holidays where many more people are accessing Google sites from home: residential and mobile providers have much higher IPv6 deployment levels than enterprise IT departments.
The number of addresses is a cumulative total of the number of addresses transferred. The total accelerated in 2017 – 2018 as Charter Communications bought a lot of address space, and when they stopped, the IPv4 transfer growth returned to its previous linear rate.
The fact that these two lines are almost perfectly parallel suggests that the influence of one on the other is minimal: this is the Internet growth rate.
The acquisition by Charter is somewhat similar to the other two access providers among top buyers, although the three are very different companies. Charter is a cable TV and Internet company solely in the U.S. Vodafone may be unfairly grouped, but includes all Vodafone companies globally. Reliance Jio is an Indian mobile company.
IPv4 Acquisition information 2012 to today.
Reliance Jio came into the market like a rocket, which reflects the unique growth curve of their business, and then stopped. Charter made an initial investment, and then went on a two year binge, and stopped. Vodafone companies have been gradually accumulating, at their normal growth rate. IPv6 has seen increasing deployment over the same time period.
2012 to today, IPv6 deployment.
As with its meteoric acquisition of IPv4, Reliance Jio deployed IPv6 in a very short period of time, and nearly all devices on their network are IPv6 capable. Charter consists of multiple independent networks; averaging their IPv6 deployment shows a very gradual deployment rate, typical of churn rates. They did accelerate deployment in 2018-2019, shortly after their final IPv4 acquisitions.
There is no evidence that IPv4 purchases delay the deployment of IPv6.
IPv6 deployment among cloud providers is harder to measure, since they are hosting many different customers’ equipment. Just from researching their IPv6 capabilities, most services offered by Amazon Web Services are IPv6 capable, although Amazon.com and other web properties are not. Google Cloud Platform the reverse, where very few services are IPv6 capable, but most of their web properties are. Microsoft Azure is in the middle, with a few IPv6 cloud offerings, and a mix of IPv6 capability on their web properties. Within that small sample size, IPv4 purchase and IPv6 capability and size all correlate.
Based on this limited view, it would seem that IPv6 deployment and the purchase of IPv4 addresses are complementary responses to growth and scarcity. Companies that buy large amounts of IPv4 addresses also tend to deploy IPv6.
Most of the data above has been taken from the RIRs’ transfer logs, and excludes transfers known to be mergers and acquisitions. IPv6 ISP deployment is from APNIC’s measurements.
The Internet Governance Forum session, “IGF 2020 WS #327 Believe it or not, the Internet Protocol is on Sale!” is on Tuesday, November 10 at 1120 UTC. Attending the session is a free but multi-step process.
By Jack Hazan
October 9, 2020
In a publication released on October 2, 2020, RIPE NCC reported its first seizure of IPv4 registration rights pursuant to a Dutch court order. Pursuant to the order, RIPE NCC effectuated a transfer of the IP Addresses from the liquidating debtor to its creditor. Although these IP Addresses could not be owned – they were apparently not legacy, and thus conferred no “property rights” – the registration rights were deemed an enforceable right that has value, and were to be utilized towards satisfaction of a judgment.
RIPE NCC provided specific guidance for future cases:
In summary, the RIPE NCC will only comply with court orders for the seizure of the right to registration of IP addresses for the recovery of money that:
Finally, it’s worth noting that each order will be reviewed on a case by case basis. If we believe that an order or the third party seeking to enforce the order does not comply with RIPE policies or RIPE NCC procedures, we reserve the right to dispute any transfer.
In any event, this development certainly raises many questions:
It would seem that, subject to a lender getting comfortable with terms and procedure, that this should open the door to more direct lending with IP addresses as collateral.
IPv4.Global by Hilco Streambank is the market leader in IP address transfers, and this is only the beginning of a conversation. No one has more experience in the valuation of intellectual property assets (the other IP) than Hilco Streambank, and we already have a partnership with WRG Finance to provide loans for the purchase of IP addresses. Contact us at IPv4.Global or Hilco Streambank to continue the conversation! Do you have thoughts?
October 8, 2020
One reason the Internet is so robust is that authority is decentralized: every network is run independently. Each network operator, whether a major cable or mobile company or community WISP (wireless ISP) decides who they will connect to. As those networks connect, they tell each other what IP addresses they know how to reach.
In a system as large and complex and ever-changing as the Internet, this can’t be done manually. Instead, routers (specialized devices that figure out the best way to get somewhere on the Internet) tell each other about what IP addresses they know how to reach. They do this using BGP, Border Gateway Protocol. This protocol, like all protocols, defines how they communicate with each other: what kinds of things can be communicated, and how they can be communicated.
A router speaking BGP to another will “announce” or “advertise” what IP addresses it knows how to reach. This is what is meant by what routes are advertised or prefixes are being announced, and so on. That router’s “neighbor” routers will listen to those route announcements, then compare them to routes it already knows. Based on a well-known set of rules (an algorithm), it selects the best path or best route (same thing) to addresses in that network. It then shares that information with its own neighbor routers.
If the neighbor routers are controlled by different organizations they are in different autonomous systems. A simplified route announcement might look like:
192.0.2.0/24 172.18.14.1 65536 65525
In this example, the first section is the prefix: the IP address block being announced. In this case, it’s a /24 network. The second section is the “next hop,” the address of the next router in the path. The last section has two numbers: those are ASNs. ASNs appear in the order your data will cross them. The last number (65525) is always the ASN that “originated the route.” It’s the last ASN in the path, because it’s where the devices with those IP addresses are.
The same ASN can also originate IPv6 addresses:
2001:db8:12: :/36 2001:db8: :1 6536. 65525
This route is only different from the previous example in using IPv6 addresses instead of IPv4.
The Regional Internet Registries (RIRs) have unallocated ASNs available for a nominal fee. For various reasons, some people prefer shorter numbers (maybe they’re easier to remember). IPv4.Global has ASNs for sale on our online marketplace.
As with IP address sales, we list the price of ASN transactions made through the marketplace.
September 23, 2020
IPv4.Global is beginning to lease IPv4 addresses, starting with a /16 registered in ARIN available for a long-term lease. With address prices rising, the reasons you may want to become a lessor are clear: extended predictable revenue. Leasing creates an opportunity to monetize IP addresses and sell an IP block for a higher price in the future versus in the current market – it allows the lessor to keep the IPv4 block in case of future need. But what are the benefits to the lessee (the one receiving the IP address block)? Not as obvious, but still substantial for many businesses, there are a number of advantages, including:
As with any sort of leasing agreement, it’s important to note that while a great option, leasing still has risks. These risks can range from minor timing issues to malicious lessee intent, but are things all parties involved should consider. Potential risks may include:
Generally, the cost of leasing can also be higher than buying addresses long-term. The actual break-even point depends on the terms of the lease, and is something to be considered while making the decision. The team here at IPv4.Global has plans in place to mitigate all of these risks to ensure all clients are happy with their agreement and terms. When leasing address space, every offer must include a monthly price per address and a term length, so the lessor can evaluate offers comparably. We look forward to providing you the space you need! ___ Follow us on Medium.com
September 18, 2020
Recently, I had a conversation with someone whom I would classify as an IPv4 market opponent while I was at the African Network Information Center (AFRINIC) in Nairobi. It was a useful conversation for me, and hopefully for him as well.
Taking a cue from everything I’ve read about productive dialogue, I asked him about his concerns and we proceeded from there. His principal concern was that the presence of IPv4 brokers in the market would cause IPv4 pricing to be higher than it would without the brokers. This is an easy conclusion to reach if you look at the prices that the buyer pays, the proceeds that the seller receives, and the commission that the broker earns in the process. Remove the IPv4 broker commission and there is room for both buyer and seller to improve their outcomes. A larger concern was the existence of a market at all, when Registries already had a mechanism to deal with the allocation of scarce resources that wasn’t purely price. Totally understandable points of view, but it overlooks a few other things that brokers do, which actually improve market outcomes.
But I suspected there was more to his concern, so I asked a probing question: What if you’re right, and IPv4 brokers cause prices to be higher than they would otherwise be? Isn’t IPv4 an old technology at this point? It’s been declared “historic” by the IETF. Who cares if the prices are high?
The answer didn’t surprise me at all, as it’s been at the core of every “soft landing” discussion in each Regional Internet Registry (RIR). He was concerned that new African ISPs who currently did not have access to resources would price the end user out of the market, leaving more end users offline for longer as a result. The lack of access should clearly be a concern to everyone who believes that internet access is socially beneficial and has the potential to enrich lives, further education, enhance standards of living, slow the spread of disease, improve economic efficiency and build communities. For sure, universal internet access is a worthwhile objective, and sooner rather than later is always better. However, it’s not clear to this author that the address transfer market impacts universal access in any way. I share his concern, but think it’s misplaced in the context of the transfer market.
The answer didn’t surprise me at all, as it’s been at the core of every “soft landing” discussion in each RIR.
I asked if $5,000 for a /24 would be prohibitively expensive for new entrant, such as a small ISP, in a poor country who wanted to bring a community online. The answer was unambiguously, “yes.”
At $4,000? Still yes. At $3,000? Yes. This makes the case that having an IPv4 broker in the middle of that /24 transaction has no impact on connecting that poor community. When non-profits such as the Internet Society (ISOC) are involved in building networks, some of their funding will undoubtedly go toward acquiring IP addresses, which diverts the money away from other uses and would clearly have a negative impact on new deployments. The right price for that yet-to-be-connected community is as close to $0 as possible. Or IPv6. Those issues need to be addressed by community policy around the last /8 and continued progress to deploy IPv6. I will return to this point later.
I asked this individual if I could offer a perspective on how I believe we create value in the marketplace, and he graciously agreed to listen. I boiled it down to three quick points.
First, the IPv4 brokers do the digging/mining to find allocated but unused blocks and bring them to the market, which increases supply. If you refer to introductory economics, increases in supply reduce price, (holding everything else constant). This work requires retracing the history of defunct companies, cold calling into organizations to find the right person in charge of the network who might be able to find available address ranges, and working with Registry staff to ensure that there wasn’t fraud perpetrated somewhere along the way. We bring clean supply to the IP address marketplace. When the price is zero, no one has an incentive to hunt for inefficiently used space and facilitate a transfer.
Second, we provide price information to the market that’s more robust and reliable than posting to the local ‘NIC or ‘NOG mailing list to ask if a certain offer you’ve received is reasonable or not. By posting price data going back several years and covering hundreds of transactions, we provide support for those people who need to make a case internally for buying or selling IP addresses. We’ve heard that charts of our data on address sales have appeared in numerous investment memos or requests to sell IPs on the basis that the proceeds will be used to fund infrastructure investments.
Third, we simplify the transaction process. Whether it’s creating standardized documentation, developing relationships with RIRs to get answers quickly, or providing free escrow services, we do everything to save buyers and sellers time (which is money) and aggravation. Most organizations will only buy or sell IPv4 once or twice. Developing the expertise in-house is time consuming and wasteful.
We do everything to save buyers and sellers time and aggravation.
We’re looking forward to bringing our IPv4 transfer market expertise to AFRINIC members in the coming years and working with all of the stakeholders in the community to productively address concerns as they arise. It’s been a pleasure participating as an IPv4 broker in several AFRINIC meetings so far and we look forward to more.
Returning to the issue of available “free pool” addresses for new entrants, the communities of each Regional Internet Registry have developed policies aimed at meeting the specific needs of their region. In the ARIN region, no reserve pool was left for new entrants. In the rest of the world there are reserve pools for either new entrants, incumbent members, or both. All of these regions restrict allocations from these reserve pools. The debate typically revolved around the issue of “need” and putting the needs of existing members either ahead or behind the needs of future entrants. What’s clear from each policy is that the “landing period,” whether “soft” or “hard,” triggered an active interest in the trading market for existing RIR members as well as their downstream customers. The existence of the free pools appears to have little impact on market activity in the short run. Hopefully, those not yet online can get online soon, and hopefully on IPv6, where address space is plentiful and therefore inexpensive.
Some marketplaces create externalities that are not fully built into the price. Some of those externalities are positive, and some are negative. What we’ve found in the IPv4 marketplace is that it creates a business case for migrating to IPv6 for sellers (good!) and provides a cost-efficient way to get started for buyers, who presumably are rational and therefore also advantaged by the process. Increasing overall supply into the marketplace has no impact on available free pools and creates choices for buyers and sellers. The existence or absence of the IPv4 marketplace is an indicator of how ready the world is to abandon IPv4.
August 27, 2020
IPv4, or Internet Protocol version 4, is a set of rules that allows devices, like computers and phones, to exchange data on the Internet. Each device and domain connected to the Internet is assigned a unique number, called an IP address. These addresses ensure data is routed to the correct device.
IPv4 addresses are 32-bit numbers written with four decimals. Between each decimal is a number between 0 and 255. Example: 192.0.2.235 In this article, we cover Internet Protocol and the future of IPv4.
Internet Protocol (IP) are rules, first established in the late 70s by DARPA, for routing or sending packets of data across networks between devices. When data or information travels over the Internet or web, it travels in small packets. IP addresses ensure that devices like computers, servers, domains, etc. route those data packets to the correct place. Domain Name Systems or DNS are like the Internet’s phone book. They translate domain names (like Netflix.com) into IP addresses. So, when you type Netflix.com into your laptop browser, DNS allows your computer to communicate with Netflix’s IP address, and Netflix sends content (via packets) back to your laptop’s IP address.
With 32 bits, IPv4 addresses limit the number of unique hosts to 232—meaning there are roughly 4.3 billion IPv4 addresses available. Turns out, that by 2011, 4.3 billion potential IPv4 addresses wasn’t enough. That year, the Internet Assigned Numbers Authority (IANA) ran out of addresses to allocate to regional registries. And, in 2017, Pew Research found that the median American household had five devices. Just two years later, Deloitte found that the median American household had 11 devices.
Because of the exponential increase in devices connected to the Internet and the lack of new blocks on IPv4, the Internet Engineering Tracking Taskforce (IETF) created a new Internet protocol, IPv6. Below are the basic differences between the two versions.
There are many pros and cons of IPv4 vs. IPv6 (find an in-depth list here). To summarize those pros, IPv4 is what most of the Internet runs on. Because of that, devices running on IPv4 have a more seamless connection to other devices. IPv6 allows for more addresses and will be slightly faster once most of the Internet has converted to IPv6.
Most of the Internet’s traffic today is still routed to IPv4 addresses. Because IPv6 is relatively new, not all devices are configured to communicate with IPv6. For this reason, IPv4 remains in demand for many businesses today. With a definite need to own IPv4 space, and often value in selling the IPv4 addresses you no longer use, IPv4.Global is here to help broker deals and provide the space you need. Contact us today for all your IPv4 needs.
August 18, 2020
The “IP” in IPv4 and IPv6 stands for Internet Protocol, which is a set of rules that determine how devices transmit data packets across the Internet. Internet Protocol also assigns a unique address to each device on the web. These addresses ensure data packets are routed to the correct device.
IPv4 or Internet Protocol Version 4 is the most common protocol for transmitting data packets on the web. IPv4 provides both the identification (IP addresses) for each device on the Internet and the rules that govern how data packets are transmitted between those devices. With IPv4, a typical IP address has 32 bits and is in dotted-decimal form, like this: 192.0.2.235 Because there are only 232 unique hosts in this decimal format, there are only about 4.3 billion IPv4 addresses.
There’s been a massive increase in devices connected to the Internet in the last decade—with a rise from 5 Internet devices per household to 50 Internet devices per household from 2015 to 2020. This prompted the Internet Engineering Tracking Taskforce (IETF) to create a new Internet protocol, IPv6. It was released in December 1998. IPv6 addresses are written in hexadecimal format, like this: 2001:0db8:85a3:0000:0000:8a2e:0370:7334
Despite IPv6 being the newer, updated IP, there are still many advantages of IPv4.
Running short on IPv4 addresses isn’t the only con of version four.
The pros of IPv4, combined with the lack of addresses, created a new marketplace. Today, companies that need IPv4 addresses can buy them through IPv4 Brokers, or a company looking to move to IPv6 can sell IPv4 addresses. When a company needs more IP addresses, they have three options:
There’s much debate around which is better—IPv4 or IPv6. But really, it’s about your specific needs. If you’d like more information on the differences between IPv4 vs. IPv6, or if you’re looking for help with either, please reach out to us today.
By Lee Howard
June 23, 2020
Everyone hates spam. Even worse is malware—something that infects your computer and sends spam out to you and others or tries to hack into systems. In response to these problems, many people began to maintain lists recording who generates spam and malware. An “IP blocklist” is used by most mail servers and some firewalls as a step in deciding whether to accept emails, mark as “Junk,” or just drop traffic altogether.
Different blocklists have different ways of collecting addresses. Some mail servers collect data from users clicking “This is spam” and report this to blocklist maintainers, while other blocklist operators have “honeypots.” Honeypots are systems designed to attract spam, so they can blocklist any IP address from which they receive spam.
A significant amount of spam comes from home computers and other devices that have been infected with malware, making them part of a “botnet.” Some operators even actively scan the Internet, looking for devices with certain vulnerabilities that they know have been exploited by botnets. Residential users and cell phones generally don’t run mail servers, so any indication that an IP address is part of a pool used for those may put an address range on a blocklist.
The main problem with blocklists is collateral damage – traffic blocked that shouldn’t be. A few blocklists intentionally do this, to force large IPv4 block holders to take action in preventing spam from reaching their customers. In some cases, a device got blocklisted for spam, but was later patched and the spam stopped. Many blocklists have an “aging” policy, where if no further problems are seen or reported over a period of time, an IP address will be removed from the list. If it’s reported again, it may take longer to age out next time.
Often, IPv4 addresses for sale will include some that have been blocklisted. Companies looking to buy, should always conduct some diligence. But it is important to remember that IP addresses can be listed (or de-listed) at any time, so a blocklist check two weeks ago may have no correlation with one today.
Most blocklists offer a web page where you can check whether an IP address has been listed. That’s not going to work if you want to check 65,536 IPv4 addresses. A few blocklists allow you to download their list to search locally (or sync with github). For two major operators, SORBS and Spamhaus, you’ll need to script a test.
Both SORBS and Spamhaus operate DNSBLs, for Domain Name Service Block-Lists. They allow queries over DNS and return a code that tells you which list an address is on.
For instance, if I want to find out about 192.0.2.43, I can run the Unix command:
$ dig 43.2.0.192.in-addr.arpa @dnsbl.sorbs.net +short
I may get a response like “127.0.0.6,” which SORBS tells me means it’s on their spam list. The equivalent command in Windows command line console is:
> nslookup -server=@dnsbl.sorbs.net 43.2.0.192.in-addr.arpa
To query an entire block, you’ll need a script that queries every address in that block. IPv4.Global is able and happy to run such a check for our customers.
Every blocklist maintainer has their own mechanism for getting addresses removed that often requires some demonstration that the original cause of the listing has been removed. For several SORBS lists, you have to request a retest:
If the test passes, SORBS will flag the address to be removed. If you don’t have access to that machine, or it doesn’t have a browser, you can try to open a support ticket.
Spamhaus similarly provides a web interface, which tells you which list you’re on with links to clean up.
Fortunately, most blocklist operators recognize that spam doesn’t come from unrouted IP addresses, so simply taking the network offline, as you would in preparation to sell, provides a good reason why you can’t retest and why they should reconsider. Similarly, showing the record of when an IPv4 address block was transferred is often acceptable documentation: the old management may have been lacs, but you, the IP address buyer, are not responsible for their actions.
As with so many parts of buying and selling IP addresses, you can do it yourself, but the help of an experienced broker like IPv4.Global can make your life a whole lot easier. Reach out to us today for all of your IPv4 needs.
We use the term “blocklist” here instead of “blacklist” because that’s how the services refer to themselves. Spamhaus has its DNS Block List (DNSBL) and Spamhaus BlockList, as well as other BlockLists. SORBS stands for Spam and Open Relay Blocking System. We note that historically, a “blacklist” is a list of people who are prohibited from employment or other activity by an authority (such as a government or cartel). The Reputation Block Lists (RBLs) described here take pains to point out that they are not an authority and do not block services themselves; we therefore eschew the use of “blacklist” as inaccurate.
By Jan Zorz
May 14, 2020
May 14, 2020 Resource Public Key Infrastructure (RPKI) is a mouthful. Essentially, RPKI ensures that the network saying, “We are the place to send traffic for network A.B.C.D” really is the right place. It is a way of improving the security of the Border Gateway Protocol (BGP), which uses the Autonomous System Number (ASN) to identify a network, which is a block of IP addresses. It doesn’t matter whether they are IPv6 or IPv4 addresses.
RPKI will validate the origin of the IP prefix (the IP address block in CIDR notation) (“Send traffic for A.B.C.D to ASN 55555”) but can’t do path validation (“The way to get to ASN 55555 is through ASN 55556”). The RIPE.net website defines RPKI as “prov[ing] the association between specific IP address blocks or ASNs and the holders of those Internet number resources. The certificates are proof of the resource holder’s right to use their resources and can be validated cryptographically. RPKI is based on an X.509 certificate profile defined in RFC3779.”
If you’ve ever gone to a website and gotten an error saying that the browser can’t confirm that the website is real, and looked for more information to find that it had an invalid or expired certificate, this is exactly the same thing.The certificate is a document with a cryptographic key in it, and your browser (or RPKI validator) can ask the Certificate Authority (CA) “Is this the right key for what I’m looking at?” The actual cryptography is more complex but isn’t necessary to use the tools.
Why bother with RPKI? Without it, anyone anywhere in the world can just start using your IP addresses. Best current practice is for Internet Service Providers (ISPs) only to accept route announcements that they have checked are correct, but not everyone does that. It’s a bad day when your addresses get hijacked. You’re at least partly off the Internet, and the hijacker is probably spamming the world, so even when they stop, mail servers and firewalls may reject your traffic as having a bad reputation. How to use RPKI Using RPKI is very simple in concept and consists of two parts. You will need:
First you need to sign your IP resources. Login to your RIR LIR portal and find instructions on how to sign your resources. The process is very simple at most RIRs, and once you’ve done the first one it should only take a few seconds per prefix.
Visit the below site for information on how to sign your prefixes per RIR:
Signing your resources means creating a ROA (Route Origin Authorization), which authorizes an ASN to originate a route announcement. Once you sign your IP resources, everyone that is doing RPKI validation can tell if your IP prefix was announced from right AS number and if the prefix size matches the size, specified in the ROA.
The second part of RPKI is validation. Earlier, we made sure that the rest of the world can validate your announcements and distinguish your announcement from attackers. With validating the incoming prefixes we make sure that we can also distinguish other networks’ announcements from attackers. What you need for RPKI validation is a (virtual) server to run a validator and a BGP router that has RPKI functionality implemented.
You can choose between several RPKI validator implementations; this RIPE Labs article describes how to install some of the more popular ones.
Once you have a validator in place, it’s time to configure your BGP router to create a RPKI-to-Router (RTR) session to validator and start validating. Here is a list of routers that support RPKI.
Once you have validation set up, you can decide how exactly to implement the route validation. An RPKI check will either tell you that the route is valid (has a signed ROA that checks out), invalid (there’s a ROA, but this route announcement doesn’t match), or unknown (ROA not found). Generally, if you receive three route announcements, you would prefer one that is signed over one that is unsigned, but either is better than a route that is invalid.
One option is to install prefixes with different local preferences, for instance valid = 110, not_found = 100, invalid = 90. In this case, a valid announcement will always take precedence over the attacker, who also announces prefix, but a false announcement will be installed with lower local preference and will never be used if there is a route with higher local preference. Unfortunately, this option will not protect you if an attacker starts announcing smaller prefixes than yours: a /24 route is more specific, and therefore always preferred, over a /8. An increasing number of operators finds this consistently less useful as it’s not a real protection.
An alternative that is getting more vocal support by major operators is not installing invalid prefixes at all (rather than assigning them a lower local_pref). This variant is the safest because invalid route announcements have nothing to do in the routing table. But you have to trust the RIR. Let’s say the federal police come to an RIR and require that it replace Company_X’s ROA with a different one (pointing to their network, so they can intercept all the traffic). Company_X is off the Internet—to the rest of the world, their signed route announcements are invalid.
There are pros and cons to both options. Typically, operators start with the first option (invalid = lower local_pref) and watch their log files. When they are confident that dropping invalids would not break their connectivity (or some local laws or legal agreements in some cases), then they can reconfigure the system to start dropping invalids. In case the central RPKI database gets fiddled with, they can always reconfigure the RPKI policy back to whatever suits them in that moment.
Consider another failure case, that actually happened at the RIPE NCC. All ROA records disappeared for a couple of hours. Anyone checking ROAs would get a “not_found” error (“unknown”) and set local_pref to that level. No routes would be dropped (including malicious ones that should be).
Recently, CloudFlare published an RPKI testing tool that everyone can use.
Test your network to see if it’s properly implementing RPKI.
The test tries to get a web page from two different web servers, one from a prefix with a valid ROA, and one with an invalid ROA. If both work, your network (or your ISP) is accepting and using an invalid prefix announcement.
RPKI is rapidly becoming an essential part in MANRS, the Mutually Agreed Norms for Routing Security and while you are looking into RPKI – have a look also in MANRS and join the increasing pool of operators that takes the routing hygiene and security seriously.If both work, your network (or your ISP) is accepting and using an invalid prefix announcement.
Your IP addresses are a valuable resource: you should protect them!
In March we saw slightly lower prices but significantly higher volume. Midrange blocks are about $20, with smaller blocks often reaching $21 or more.
By now, many people have seen the U.S. Office of Management and Budget (OMB) request for comments to a memo outlining stages to move to IPv6-only. The memo includes some migration milestones:
It would also require agencies to identify systems that can’t use IPv6 and provide a schedule for replacing or retiring these systems. There’s been some talk in social media about this, but not much conversation about how it might affect the IPv4 address market. First, “IPv6-only” isn’t absolute; the memo says “for public Internet services, maintaining viable IPv4 interfaces and transition mechanisms at the edge of service infrastructure may be necessary for additional time.” So it’s clear that IPv4 will be around for a while. It would be nice to see the IPv4 address space appear on the market, as was suggested in a failed DoD funding bill. If agencies could keep the money from the sale of IPV4 blocks, it might help motivate agency CIOs to accelerate the government IPv6 transition. However, the rules for government agencies making money are famously complex, and not especially likely. Unlike the DoD, civilian agencies other than the independent Postal Service (USPS) don’t have so much address space that the market would be significantly affected. What it may do is further reduce obstacles businesses still see in deploying IPv6. By having dozens of organizations all working toward the same deadline, vendors will have to improve interfaces, fix bugs, and add features, in order to continue making sales. That’s good for the Internet, as it gets everyone moving toward using a single protocol. Even if the government achieves its goals, businesses will still be at least a few years behind. IPv4 will continue to be needed for at least a few more years after the last 2025 deadline. The market, therefore, should continue to be strong.
January saw very strong volume, with mixed changes in pricing.
After a year of flat or softening prices, December ended strong, with a slight uptick in prices and a significant rise in volume.
May 2019 Average Price/IP (USD) – By Block Size
May 2019 Number of Transactions by Block Size
2019 Number of Transactions/Month
April 2019 Average Price/IP (USD) – By Block Size
April 2019 Number of Transactions by Block Size
2019 Number of Transactions/Month
March 2019 Average Price/IP (USD) – By Block Size
March 2019 Number of Transactions by Block Size
2019 Number of Transactions/Month
By Gabe Fried
March 25, 2019
As previously discussed in part one of this series, IPv6 hasn’t quite made the giant splash throughout the enterprise landscape that many expected. Now, don’t get me wrong, IPv6 still plays a major role in the IT space. In the world of telecommunications, IPv6 is a key enabler of next-generation technologies and communication strategies, as carrier networks, ISPs, and mobile networks roll out the new protocol across their networks. That said, enterprises, both global and domestic, haven’t been so quick to adopt this burgeoning technology; but that doesn’t mean things aren’t changing.
Having been in this industry for many years, at IPv4.Global, we have identified three distinct stages of supply within the IPv4 procurement space. Like mining, the first phase was easily accessible from the surface. Large blocks of allocated IPs which, in many cases, had never been used, were easy for firms to sell as they had no other use-value.
The second phase, which defines the current market, involves more effort on the part of the seller to re-number and re-architect their networks to free up space. In this instance, the return is often worth the investment. In the third phase, we’ll see companies being acquired for their IPv4 assets. Some small ISP and hosting companies will find themselves in this position at some point above current prices.
This third phase occurs when sellers begin shutting off IPv4 completely, as opposed to learning how to use it more efficiently. We don’t believe we are there yet in a meaningful way, and given the long-term investment focus of our buyers, we believe phase three is many years away.
As we continue to move toward eventual ubiquitous IPv6 adoption, it’s looking like we’re going to have to get used to what is known as a “dual protocol” or “dual-stack” world for a while. The two different IP address formats are incompatible, and total conversion to IPv6 isn’t going to be in the cards for quite some time. Until we enter that entirely IPv6-run world, ISPs still need to provide customers with internet connectivity, and enterprises still need to ensure their applications continue to run smoothly. Enter the dual-stack solution.
Dual stack is an IP address transition method in which every networking device, server, switch, router, and firewall within a given network will be configured with both IPv4 and IPv6 connectivity capabilities, allowing for the simultaneous processing of data across both protocols. This will prove to be a key strategy for global organizations, as the range of IPv6 adoption varies widely across the world.
For now, in order to maintain a consistent flow of data and internet traffic, IPv4 address availability is critical, and companies are recognizing that buying may be better than leasing. A 10-year time horizon for amortization and customers paying $1/month with a 10% cost of capital would put address prices at $70, roughly three times today’s prices. Stated differently, purchasing addresses today at $70 that can be leased to customers for $1/month would generate an 11% return annually for 10 years, after which the owner would still own the addresses. In just under 6 years you would have earned back your original investment, and it’s likely that in 6 years, regardless of the market price for IPv4, the address protocol will still be in use.
Most companies are bundling these addresses with other services that have healthy margins. Fortunately for those in the market today, sellers are mostly non-speculative. When the addresses are free of use and they have no cost basis, or if the extraction costs are low enough, they’ll sell. The challenge is that supply is dwindling, so sellers are mining deeper and deeper to incur greater expense which is only worth the effort if the price of the extracted resource climbs.
Global demand for IPv4 addresses remains strong. Even though RIR allocations of IPv4 space has diminished as their stockpiles became depleted, the market has picked up the slack and is steadily reallocating addresses to organizations for whom they remain a critical resource. The “disruptive” trends of cloud computing, the nearly ubiquitous ecosystem of mobile devices, and the growing deployment of IoT are making the Internet ecosystem both bigger and more valuable, and resources are not being diverted to decommissioning IPv4 en masse. As the number of devices continues to climb and the number of available IP addresses continues to dwindle, consumers can rightfully expect prices to increase at a steady rate.
Looking further into the future, we also know that the customers investing the most in IPv4 address procurement are well-resourced, making a slow yet steady movement toward IPv6 adoption. As a result, there will be a tipping point when they begin to shut off IPv4 access for customers or switch over to a new model of sales that separates IPv4 provision. At that point it’s possible that market prices will taper off and even fall, but it’s not clear that the largest of the address holders have enough inventory to satisfy global market demand even at current prices. Additionally, the relatively resource-deprived regions (Latin America and Africa) are making progress toward enabling inbound transfers of resources to their network operators. This will contribute to the demand for resources currently held in the other regions of the world.
While the future promises a major market shift, we don’t believe it is going to begin in the next few years and will likely be gradual and not sudden. For now, IPv4.Global is dedicated to serving the immediate needs of enterprises as the most trusted and knowledgeable IPv4 address broker in the market. To learn more about IPv4.Global and how we are transforming the IPv4 buyer and seller marketplace, visit www.IPv4.global or click here to send us a message.
About the author, Gabe Fried began liquidating intangibles in 2000 when he was retained to dispose of his former employer’s digital and trademark assets. Gabe pioneered the distressed brokerage of intangibles during his roles as liquidator, auctioneer, investor, buyer’s agent, expert witness, and appraiser. Read Part I
By Gabe Fried
March 7, 2019
As we progress further into the digital age, new technologies are the driving forces behind IoT, Big Data, and enterprise cloud computing. The growth in these areas comes principally from massive economies of scale in storage, bandwidth, chipset manufacturing and other inputs. Each of these new technologies relies on internet connectivity, and until IPv6 adoption takes over as the dominant protocol, demand for IPv4 addresses will continue to grow. Connecting the remaining 1+ billion people on earth plus the myriad new devices trying to connect with older devices will require a dual-stack existence for many more years. The balance of the 4.3 billion IPv4 addresses that remain unused is shrinking, and enterprises around the world are scrambling to ensure they have enough to meet their growth plans.
For the past seven years, IPv4.Global has worked with more than one thousand IPv4 buyers who have purchased address ranges as small as a /24 block, containing 254 usable addresses, and those who have purchased an /8 block or more, containing more than 16.7 million usable addresses. The prices of IP addresses have also drastically increased, and larger block sizes which traded for $5/IP in 2012 are now (2018) selling for $20/IP or more.
Understanding the components of demand will provide some insight into the market’s transformation over the last 7 years, since Microsoft acquired 10 Class B ranges from Nortel during Nortel’s bankruptcy (the first pure IP sale where price information was made public). Demand is often influenced by (i) expectation of future price changes, (ii) price and availability of substitutes, (iii) and growth of market to be served. For IPv4, it’s easy to see how each of these components will influence the market going forward. In this series, we will explore the complex world of IPv4 procurement, including the past, present, and future state of our industry and the role of IPv4.Global.
On April 15, 2011, the Asia-Pacific registry (APNIC) was the first regional internet registry to run out of freely allocated IPv4 addresses. This was soon followed by the Europe, Middle East and Central Asia registry (RIPE NCC) in 2012, the Latin America and Caribbean registry (LACNIC) in 2014, and the North America registry (ARIN) in 2015. In APNIC and RIPE the communities held back “austerity pools” of remaining IP space to be allocated on a one-time basis to community members in ranges no larger than a /22. ARIN completely depleted it’s pool other than a small remaining block reserved for critical infrastructure and IPv6 transition. AFRINIC reached it’s “last /8” rules in 2017.
At the start of IPv4 exhaustion in the early 2010s, buyers began to purchase additional IP addresses to support their future growth using a “buy-now transfer-later” agreement, or a simple option agreement for which the buyer paid a premium at closing and the seller was obligated to sell to the buyer on demand for a pre-determined price prior to the expiration date. This was considered belt-and-suspenders insurance against a slow roll-out of the upcoming IPv6 protocol that promised more than 340 undecillion IP addresses (that’s 36 0s for those of us who haven’t learned to count past the trillions). If worldwide IPv6-adoption proved to be slower than originally forecasted (spoiler alert: it did) and the enterprise’s network was growing, having extra IPv4 available ahead of time made a lot of sense. Paying $5, $6, or $7 per address through 2014 seemed like cheap insurance – and it was. In these early transactions, motivation was principally the avoidance of paying much higher prices later, or ensuring availability at a lower cost when the resources were finally needed. Some of these transactions dating back to 2012 remain unrecorded at the RIR level, as the sellers are still the rightful registrants of the addresses. In this way, market transfer statistics from the RIRs underreport the volume of activity in the market.
Once ARIN’s free pool was exhausted on September 24, 2015, awareness of the shortage became more acute and any organization with unmet need for IPv4 resources was forced to participate in the market. The capital expense of the addresses gave bundled providers, principally hosting, storage and ISPs, license to charge their customers for IPs that maybe have been previously included for free as part of a bundle of services. As an alternative to renting IPs from their service providers, bring-your-own-IP started to become a sound investment for enterprise end users, resulting in a growing demand for smaller blocks. As pricing for IPs climbed from $7 to $12 or more, buyer justification was principally based on a relatively rapid return on investment. If an end user was being charged $1/month for an address, a $12 purchase price yielded a one-year payback. Even at lower monthly rates, three and four-year ROIs remained a sound investment as IPv6 adoption still seemed far away.
IPv6 has been in the works since 1998 as experts attempted to address the impending exhaustion of IPv4 addresses, however, despite its clear advantages when it comes to efficiency and security, adoption has been incredibly slow. It’s now the beginning of 2019 and we’re still not seeing widespread enterprise adoption of IPv6 protocol. So, what happened?
The fact of the matter is, it’s hasn’t necessarily been all that slow, it just hasn’t yet made its way into the mainstream enterprise space. Some carrier networks, ISPs and mobile networks have been successfully deploying this technology across their networks, some citing that more than 90 percent of their traffic uses IPv6. Many more have been working behind the scenes on IPv6 deployment plans and will roll them out and stop provisioning IPv4 to new customers in the coming years. These changes take significant time. Enterprises, by comparison, aren’t adapting as quickly, because the business case isn’t as compelling. IT departments are often considered cost centers in large enterprises, and it is sometimes difficult to convey the benefit of moving to IPv6, even if it means selling the surplus IPv4 for $18/IP or more. As prices increase the case becomes more compelling, and slowly but surely, we will continue to inch away from IPv4 toward IPv6.
In part two of this series, we will explore predictions for the future of the IP address industry. Click below to read Part II of the series.
About the author, Gabe Fried began liquidating intangibles in 2000 when he was retained to dispose of his former employer’s digital and trademark assets. Gabe pioneered the distressed brokerage of intangibles during his roles as liquidator, auctioneer, investor, buyer’s agent, expert witness, and appraiser. Read Part II
February 2019 Average Price/IP (USD) – By Block Size
February Number of Transactions by Block Size
2019 Number of Transactions/Month
January 2019 Average Price/IP (USD) – By Block Size
January 2019 Number of Transactions by Block Size
32 Total Transactions in January 2019
December 2018 Average Price/IP (USD) – By Block Size
December 2018 Number of Transactions by Block Size
2018 Number of Transactions/Month
November 2018 Average Price/IP (USD) – By Block Size
November 2018 Number of Transactions by Block Size
2018 Number of Transactions/Month