Internet Architecture

IP4 address market & AS-Path Prepending

Coordinator: Lars Prehn

The Internet is an essential part of most people’s daily life. Its popularity is largely driven by the diverse services it offers. To interact with services, user devices needs to identify and reach the infrastructure they are hosted on. Hosting servers, and their associated interfaces, are identified using IP addresses. While the Domain Name System (DNS) resolves a service’s name—-more specifically, its Fully Qualified Domain Name (FQDN)—to a set of IP addresses, the Border Gateway Protocol (BGP) provides the routes needed to reach those IPs. Those mechanisms have not changed substantially throughout the last two decades, even though they still pose research questions.

The allocation of IP addresses to organizations is managed by the Regional Internet Registries (RIRs). Traditionally, networks received decently-sized sets of 32-bit long (IPv4) addresses from their respective RIR at negligible cost. With the deployment of new services and the growth in Internet organizations, the number of freely-available IPv4 addresses rapidly decreased. To cover the existing need, 128-bit long (IPv6) addresses were introduced. While most RIRs have little-to-none IPv4 addresses left for allocation, only around one-third of all users have yet adopted IPv6. Similarly, many services are only accessible via IPv4. To bridge the gap between availability and need, organizations recently increased their reliance on buying and leasing of IPv4 addresses. Similar to most open markets, brokers
facilitate the matching between selling and buying parties and carry out most of the paperwork in exchange for a certain commission.

When analyzing the (private) transaction data for four of the largest brokers, we found that prices for IPv4 addresses doubled since 2016 regardless of region or block-size; however, they are far lower than previous academic works suggested. Despite the persistent demand and continuously decreasing availability of IPv4 addresses, we find that the market has entered a consolidation period in early 2019. During such a period, the market converges on a fixed price and some brokers hold back assets because they expect “big players” to make a drastic move that dictates future price trends. When analyzing leasing agreements via the lenses of BGP, RPKI, and RDAP, we find that individual data sources complement others with regards to their visible leasing agreements. Further, we showed that,
due to regional incompleteness, even combining all available data sets draws an incomplete picture which leaves room for future research. [2]

To allow others to reach newly acquired IPv4 addresses, networks—also called autonomous systems (ASes)—announce their set of IP addresses (also referred to as “prefixes”) using the BGP to other networks. Every AS that (re-)distributes a prefix adds itself to the AS PATH—the sequence of ASes that needs to be traversed in order to reach the IPs inside the prefix. When an AS receives multiple paths for the same prefix, it has to perform a best-path
selection process to determine its currently used path to addresses within the prefix. The AS PATH length is the first tie-breaker in this process that does not depend on local preference. Manipulating the length of the AS PATH before announcing a prefix is commonly used to influence how traffic from remote ASes ingresses the own network—a process known as AS PATH Prepending (ASPP).

While prior works already analyzed ASPP, our work was the first to characterize its usage policies in the wild. Out of the 35 % of ASes that use ASPP, only around 86 % use effective policies on all of their prefixes. The remaining prefixes announce at least one prefix that uses the “uniform” prepending-policy, i.e., all paths for this prefix show the same artificially increased length which, as a consequence, does not favor any path during the best-path selection process of remote ASes. We further show that this condition is rarely transitional: More than half of all uniformly-prepended prefixes remained in this policy for more than two years. To put importance of this finding into perspective, our large-scale, real-world emulations suggest that even small prepending sizes can substantially amplify the impact of security threats such as BGP hijacks. [1]

[1] P. Marcos, L. Prehn, L. Leal, A. Dainotti, A. Feldmann, and M. Barcellos. AS-Path Prepending:
There is no rose without a thorn. In IMC’20, 20th ACM Internet Measurement Conference,
Virtual Event, USA, 2020, pp. 506–520. ACM.
[2] L. Prehn, F. Lichtblau, and A. Feldmann. When wells run dry: the 2020 IPv4 address market.
In D. Han and A. Feldmann, eds., CoNEXT’20, 16th International Conference on Emerging
Networking Experiments And Technologies, Barcelona, Spain (Virtual Event), 2020, pp. 46–54.