Categories ArticlesNetworking

Secondary marketplace for IPv4 addresses: Everything you must know

I always prefer buying new instead of used, especially when it comes to something I need for business purposes. Depreciation of business assets can lower the tax burden of your company by spreading capital acquisition expenses over the lifetime of the asset. Plus I like the nice smell and shiny look of stuff that’s never been used. Sometimes however when you buy something used you can get yourself a real bargain, especially if it’s something that doesn’t rot or accrue mold or mildew over time. On the other hand, buying used can also incur certain risks, especially if you don’t perform due diligence and thoroughly examine the item before you lay down your money. IPv4 addresses are an example of both the above perspectives. On the one hand, IPv4 addresses don’t wear out, break down, or grow obsolete with time. But on the other hand, if you don’t know what their previous owners were doing with them, you might end up with a big fat lemon on your hands.

IPv4 addresses: Supply and demand

Internet authorities like ARIN, RIPE and APNIC already ran out of virgin (previously unused) IPv4 address blocks several years ago. And yet the demand for IPv4 address blocks is still there for companies ranging from small internet service providers to large enterprises. Reasons for such continuing demand especially here in North America range from lack the of IPv6 technical expertise in many organizations that has hindered the growth of IPv6 adoption, the cost and complexity for implementing IPv6 deployments, issues with software compatibility in enterprise environments where legacy system are still business-critical, and corporate inertia that’s satisfied with workaround solutions like network address translation (NAT). Things are better in some other parts of the world as far as transitioning to pure IPv6 networks but there’s still a lot of room for IPv6 to grow.

And because the demand is still there for IPv4 addresses even as the original supply has run out, a thriving secondary market for these addresses has come into being. This secondary market involves third-parties acting as brokers to resell previously used blocks of IPv4 addresses purchased from an organization that no longer wants them and transfer the addresses to another organization that needs them. This secondary market here in North America is also controlled to a certain extent by the requirement of pre-approval by ARIN before implementing a transfer of an IPv4 address block from one party to another. There also exists a more hidden secondary market whereby no broker is involved and two organizations privately exchange IPv4 address blocks in exchange for monetary payment or other services rendered. But in general it’s probably best if you arrange the transfer through a registered transfer facilitator like the ones listed on this ARIN page who have no stake themselves in the address blocks they transfer.

So all this is just the Invisible Hand of the free market working its magic to make everyone happy, right?

Well, not always. Because there are problems that can arise when you purchase or trade for otherwise acquire a previously owned block of IPv4 addresses. For example, I recently heard of a company that bought a /24 block of IP addresses from a broker. Now a /24 block is a small block of addresses, only about 256 addresses in number but actually only 254 since the 0 and 255 addresses aren’t usable for hosts. These /24 addresses used to be called Class C addresses when I first started working in the IT profession, but address classes aren’t used anymore for routing purposes because of the way they bloated routing tables.

Anyway, you would think that buying a small block like this from another party would be free of problems because the party that acquired the block had done some necessary due diligence. Specifically, the /8 block didn’t show up as having been blacklisted anywhere on the Internet; there was no evidence therefore that the block had ever been used for sending out spam or launching a distributed denial of service (DDoS) attack against anyone. Everything seemed legit with the newly acquired block of addresses.

Reachability problems

Shutterstock

Except there were problems. Some addresses in the block weren’t reachable by some users outside the company. Reachability problems like this usually indicate the address is on a block list somewhere on the Internet. The administrator of the company struggled for some time until a colleague suggested checking whether the parent /16 block in which the acquired /8 block resided might be on a block list somewhere. It turned out that it was. Notifying the owner of the parent block then turned into a problem of its own because the /16 owner’s company’s contact info was just a form on a website, no phone number or abuse email address. The administrator ended up having to repeatedly post comments on the twitter stream of the /16 block owner until someone there finally responded with an email that led to resolution of the problem.

I’ve been told that these kinds of problems aren’t unusual when it comes to transferring address blocks from one party to another as apparently v4 addresses that have a history of being abuse are quite common for resale on the secondary market. One way organizations can mitigate the potential effect of such problems is to make sure at the outset that your new address space is also reachable by IPv6. The default behavior of Microsoft Windows since Windows 7, for example, has been to prefer IPv6 connectivity first if it is available and only falls back to IPv4 if it is necessary in order to communicate with the other host.

Greed or entrepreneurship?

There’s one final aspect of the secondary market that companies in need of new IPv4 addresses should also be aware of. Like any product or service that grows more and more scarce over time, the cost of acquiring the product or service tends to rise. Part of this is just the Invisible Hand at work again, coupled with that all too human characteristic some call entrepreneurship and others label greed. But greed (or entrepreneurship) in the wrong (or what some would call right) hands can also lead to larger IPv4 address brokers buying up smaller brokers. It’s the old bigger fish eat littler fish syndrome at work again. The worry of course is that we’ll end up with a single gigantic fish and nothing else swimming in the pond. And once you have One Fish To Rule Them All, then you know the end has come and prices will skyrocket because of the monopoly.

So my advice to enterprises that think they might need more IPv4 addresses in the future is buy now before you get priced out of the market.

Featured image: Shutterstock

Mitch Tulloch

Mitch Tulloch is a widely recognized expert on Windows Server and cloud technologies who has written more than a thousand articles and has authored or been series editor for over 50 books for Microsoft Press. He is a twelve-time recipient of the Microsoft Most Valuable Professional (MVP) award in the technical category of Cloud and Datacenter Management.

Share
Published by
Mitch Tulloch

Recent Posts

How to assign network security groups in Azure using PowerShell

Azure network security groups are essential to protect the traffic in any subnet within a virtual network. Here’s more on…

10 hours ago

Intel next-gen Cooper Lake CPU delivers 56 processor cores

Intel says its next-gen Cooper Lake processors will deliver “breakthrough platform performance” with built-in AI training acceleration.

14 hours ago

Lock it down: Securing and protecting your IoT network

Even the slightest misconfiguration of an IoT network can serve as a point of entry for cyberattacks, security breaches, data…

17 hours ago

Using Desktop Analytics to ease Windows update headaches

Microsoft Desktop Analytics has the potential to greatly simplify the preparation for future Windows 10 update releases. Here’s more on…

3 days ago

Microsoft unveils preview version of Azure Dedicated Host

Microsoft’s new Azure Dedicated Host will help organizations run their Linux and Windows virtual machines on single-tenant physical servers.

4 days ago

Azure Blueprints: Building and automating better and faster deployments

Using Azure Blueprints, you can automate the creation of ARM Templates, Azure policies, and RBAC permissions in a single package…

4 days ago