We are looking for free IPv4 in BGP full-view
We all know that IPv4 addresses have already ended and more than once . Most recently, this was quite a popular topic for discussion, including on Habrahabr : they made plans and forecasts , counted losses . In the yard in 2016, but IPv4 is still in service.
On April 21, the RIPE NCC published a brief technical news about the very exhaustion of IPv4 addresses. Actually, the meaning of the news is that the graph has been updated showing the current position with free addresses from which RIPE is left at its disposal almost on the full block / 8. APNIC only has half / 8. Probably, the rigid address distribution policy is doing its job and this latest / 8 RIRs will drag on for a very long time.
But all this refers to the "paper" addresses. And how many real addresses are available for routing to the Internet? More precisely, how many addresses possible for routing to the Internet is not used. To calculate this, we will use a unique live witness - the BGP routing table.
')
Further, some technical details on how to calculate the results of this calculation.
BGP full-view contains all the addresses available for routing, currently about 600,000 prefixes. The table with addresses looks like this:
for calculations we need only the prefixes themselves (the first column).
The prefixes are sorted in ascending order, and the shorter prefix of the same network will always be ahead of the long one. This will greatly simplify the search for spaces in the table, since only 3 situations are possible:
In all other cases, there is a hole between the prefixes, and then we need to write it down.
I did not begin to look for ready-made solutions, perhaps the same could be done using ipaddress . In my implementation, the stack is used as the main working tool:
The whole code can be picked up on Github .
The prefix received at the input is compared with the fact that it is on the stack to fulfill one of the 3 conditions listed above:
If none of this happens, then we calculate the starting and ending address of the gap for convenience, convert it into prefix notation.
It remains only to take BPG full-view. It would be possible to use the nearest BGP router at hand, but not everyone has this opportunity. Therefore, take the data from here www.routeviews.org - a good research, academic resource. The archive itself with data in which the Internet routing tables are collected for a considerable period of time is located here archive.routeviews.org/oix-route-views . I selected the file for April 20th .
The table is slightly noisy with addresses from a private address space and / 32 addresses. Therefore, everything was filtered to the prefix / 24 (which corresponds to practical realities), repeated prefixes were removed. Nothing special was invented for this - the grep and uniq tools were used. It was the longest 10 minute process.
As a result, the source table contains 628,105 prefixes, more than half of them 344,704 falls on / 24. In my opinion, a good indicator of the shortage of addresses, since due to a shortage, the address space is fragmented. 8697 prefixes are not under the control of the RIR and belong to the organizations that received them until the formation of the RIR. The shortest announced prefix / 8 of them in total in Table 16, 13 of which, again, are not under the authority of the RIRs.
LEGACY - addresses not under the administration of the RIRs.
The routing table contains overlapping prefixes. In order to get some data you need to go further. We will not do this, it is much more interesting to count how many addresses are not routed.
We execute our script and get the result. Since before this, the prefixes from the private address space were cleaned from the source table and some special addresses appeared again, but not in the table already non-routable (which confirms the correctness of the program's operation). We clean them again. It makes no sense to take them into account - most likely they will never be used for routing. For a moment we pay attention to the block 240.0.0.0/4 where 1/16 of all addresses is mothballed.
From the address space that is left is not routed in a total of 79 blocks by / 8. ARIN accounts for 39, for APNIC 12, for RIPE 7. In fact, a second Internet can be built from this. Recall that RIPE reports only one unallocated block / 8.
The largest non-routable block is from 28.0.0.0 to 30.255.255.255 . It belongs to two organizations according to this document DSI-North and Defense Information Systems Agency .
It is worth noting that the address blocks that are under the administrative control of the RIR could have come to them in fact. For example, the 7.0.0.0/8 block administered by ARIN is wholly owned by the DoD Network Information Center as judged by whois ARIN and is not routed. The total number of addresses in such blocks corresponds to approximately 42 address spaces with the / 8 prefix.
It is interesting to observe that sometimes in a solid block, for example, 13.128.0.0/9 or 29.0.0.0/8, there are objects distributed inetnum and route, but still there is nothing globally seen.
In some cases, the company has a large continuous block, for example, 2.0.0.0/12 , but apparently due to the uselessness it announces only a part of this block. Spaces are obtained in 2.7.0.0/16 and 2.15.0.0/16 . It may be a trifle, but precisely / 16 is the peak at the free addresses.
If you look back a little and take the data for April 20, 2011 , we get the following picture.
There were more addresses, almost 1/3 of them. During this time, all the RIRs spent the addresses of someone not so much, some very many, like LACNIC, but in general from 1/3 to half. It can be seen that the non-directly administered RIR addresses have remained almost in full strength. On the contrary, some of the addresses were freed. It turns out that at the dawn of the development of the Internet, one-fifth of all addresses were distributed that are still not used. More precisely, they can be used somewhere locally, but in our reality BGP Internet access does not exist.
I didn’t expect so many addresses to be seen in BGP full-view. Someone allocated them a lot, but that they are not used at all. Of course, I was embarrassed and I began to look for where I was wrong. I was mistaken seriously and repeatedly, but after all corrections the final result did not change much. Maybe I did not find everything or think wrongly. In the end, I checked all the blocks corresponding to AFRINIC manually for the presence in the routing table of my BGP routers and made sure, at least, in this case it’s considered true.
From the original idea to compare the free blocks in the routing table with the RIR databases had to be abandoned, too many addresses. I put all the received dumps next to the script that calculates spaces in the list of prefixes, calling everyone to try to repeat my calculations. In the meantime, we look with envy at the pioneers who are certainly not facing a shortage of addresses, not in the near future. The survey is relevant:
On April 21, the RIPE NCC published a brief technical news about the very exhaustion of IPv4 addresses. Actually, the meaning of the news is that the graph has been updated showing the current position with free addresses from which RIPE is left at its disposal almost on the full block / 8. APNIC only has half / 8. Probably, the rigid address distribution policy is doing its job and this latest / 8 RIRs will drag on for a very long time.
But all this refers to the "paper" addresses. And how many real addresses are available for routing to the Internet? More precisely, how many addresses possible for routing to the Internet is not used. To calculate this, we will use a unique live witness - the BGP routing table.
')
Further, some technical details on how to calculate the results of this calculation.
BGP full-view contains all the addresses available for routing, currently about 600,000 prefixes. The table with addresses looks like this:
* 1.1.8.0/24 216.221.157.162 0 0 0 40191 3257 4134 i * 1.1.8.0/24 147.28.7.2 0 0 0 3130 1239 4134 i * 1.1.8.0/24 185.44.116.1 0 0 0 47872 3356 4134 i * 1.1.8.0/24 80.91.255.137 0 0 0 1299 4134 i * 1.1.16.0/20 80.241.176.31 0 0 0 20771 47872 286 49597 i * 1.1.16.0/20 185.44.116.1 0 0 0 47872 286 49597 i * 1.1.16.0/20 134.222.87.1 750 0 0 286 49597 i * 1.1.20.0/24 85.114.0.217 0 0 0 8492 9304 18046 133948 e * 1.1.20.0/24 185.44.116.1 0 0 0 47872 9304 18046 133948 i
for calculations we need only the prefixes themselves (the first column).
The prefixes are sorted in ascending order, and the shorter prefix of the same network will always be ahead of the long one. This will greatly simplify the search for spaces in the table, since only 3 situations are possible:
- One prefix includes the other (the first includes the second, but not vice versa), or they are equal;
- Prefixes are summed to one with a shorter mask;
- Prefixes are consecutive, but not cumulative.
In all other cases, there is a hole between the prefixes, and then we need to write it down.
I did not begin to look for ready-made solutions, perhaps the same could be done using ipaddress . In my implementation, the stack is used as the main working tool:
for line in fileinput.input(): prefix = ipv4num(line) while len(ipstack): cur_prefix = ipstack.pop() sum_prefix = netsum(cur_prefix, prefix) if sum_prefix[0]: prefix = sum_prefix continue elif issubnet(cur_prefix, prefix): prefix = cur_prefix break elif isseq(cur_prefix, prefix): if prefix[1] <= cur_prefix[1]: ipstack[:] = [] break else: ipstack.append(cur_prefix) break else: for gapprefix, mask in subnets(cur_prefix[0] + ipaddrcount(cur_prefix[1]), prefix[0]): print "{}/{}".format(numipv4(gapprefix), mask) ipstack[:] = [] break ipstack.append(prefix) The whole code can be picked up on Github .
The prefix received at the input is compared with the fact that it is on the stack to fulfill one of the 3 conditions listed above:
- If the prefixes are summed up then we perform the summation and continue moving to the bottom of the stack, comparing the already summed prefix with the new one taken from the top in the hope that it can again be summed up;
- If the prefix from the stack includes the prefix at the input, then go to the next prefix from the input, returning the prefix to be checked to the top of the stack;
- If the prefixes follow each other and the prefix mask from the input is longer than the one taken from the stack, then put the new prefix on the top (later it can be summed up with other prefixes from the input). If the mask is shorter or equal, it makes no sense to keep the entire previous stack, since in any case all further checks will be only with the new prefix. The stack is cleared, the incoming value is put on top.
If none of this happens, then we calculate the starting and ending address of the gap for convenience, convert it into prefix notation.
It remains only to take BPG full-view. It would be possible to use the nearest BGP router at hand, but not everyone has this opportunity. Therefore, take the data from here www.routeviews.org - a good research, academic resource. The archive itself with data in which the Internet routing tables are collected for a considerable period of time is located here archive.routeviews.org/oix-route-views . I selected the file for April 20th .
The table is slightly noisy with addresses from a private address space and / 32 addresses. Therefore, everything was filtered to the prefix / 24 (which corresponds to practical realities), repeated prefixes were removed. Nothing special was invented for this - the grep and uniq tools were used. It was the longest 10 minute process.
As a result, the source table contains 628,105 prefixes, more than half of them 344,704 falls on / 24. In my opinion, a good indicator of the shortage of addresses, since due to a shortage, the address space is fragmented. 8697 prefixes are not under the control of the RIR and belong to the organizations that received them until the formation of the RIR. The shortest announced prefix / 8 of them in total in Table 16, 13 of which, again, are not under the authority of the RIRs.
LEGACY - addresses not under the administration of the RIRs.
Initial data
| TOTAL | ARIN | Ripe | APNIC | AFRINIC | LACNIC | LEGACY | |
|---|---|---|---|---|---|---|---|
| / 24 | 344704 | 120580 | 81055 | 92632 | 8293 | 35894 | 6250 |
| / 23 | 61168 | 20135 | 17563 | 13976 | 1373 | 7332 | 789 |
| / 22 | 72588 | 24472 | 19366 | 17587 | 1799 | 8803 | 561 |
| / 21 | 44409 | 11721 | 13596 | 11143 | 1376 | 6250 | 323 |
| /20 | 40035 | 13363 | 8312 | 12006 | 712 | 5320 | 322 |
| /nineteen | 27055 | 7140 | 6929 | 7131 | 540 | 5222 | 93 |
| /18 | 13300 | 3868 | 3114 | 4229 | 558 | 1465 | 66 |
| / 17 | 7928 | 2431 | 2145 | 2235 | 257 | 810 | 50 |
| /sixteen | 13212 | 5563 | 2600 | 3894 | 315 | 660 | 180 |
| /15 | 1804 | 502 | 557 | 506 | 56 | 156 | 27 |
| /14 | 1052 | 280 | 276 | 295 | 58 | 135 | eight |
| /12 | 516 | 123 | 121 | 233 | 31 | five | 3 |
| /eleven | 269 | 96 | 50 | 101 | 17 | 2 | 3 |
| /ten | 36 | 13 | 9 | 14 | 0 | 0 | 0 |
| /9 | 13 | four | 0 | 0 | 0 | 0 | 9 |
| /eight | sixteen | 2 | 0 | one | 0 | 0 | 13 |
| / 7 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
| Total: | 628105 | 210293 | 155693 | 165983 | 15385 | 72054 | 8697 |
The routing table contains overlapping prefixes. In order to get some data you need to go further. We will not do this, it is much more interesting to count how many addresses are not routed.
We execute our script and get the result. Since before this, the prefixes from the private address space were cleaned from the source table and some special addresses appeared again, but not in the table already non-routable (which confirms the correctness of the program's operation). We clean them again. It makes no sense to take them into account - most likely they will never be used for routing. For a moment we pay attention to the block 240.0.0.0/4 where 1/16 of all addresses is mothballed.
From the address space that is left is not routed in a total of 79 blocks by / 8. ARIN accounts for 39, for APNIC 12, for RIPE 7. In fact, a second Internet can be built from this. Recall that RIPE reports only one unallocated block / 8.
Free prefixes
| TOTAL | ARIN | Ripe | APNIC | AFRINIC | LACNIC | LEGACY | |
|---|---|---|---|---|---|---|---|
| / 24 | 27358 | 14225 | 6213 | 5287 | 401 | 1211 | 21 |
| / 23 | 18763 | 10260 | 4159 | 3419 | 257 | 648 | 20 |
| / 22 | 15170 | 7469 | 3618 | 3363 | 221 | 479 | 20 |
| / 21 | 8366 | 4533 | 1684 | 1650 | 139 | 336 | 24 |
| /20 | 5312 | 3081 | 819 | 1069 | 74 | 236 | 33 |
| /nineteen | 3355 | 2011 | 426 | 701 | 56 | 136 | 25 |
| /18 | 1959 | 1254 | 181 | 397 | 31 | 76 | 20 |
| / 17 | 1194 | 750 | 127 | 241 | 22 | 43 | eleven |
| /sixteen | 1907 | 1405 | 168 | 251 | 24 | 47 | 12 |
| /15 | 586 | 381 | 69 | 106 | eleven | 7 | 12 |
| /14 | 193 | 114 | 20 | 38 | eight | 2 | eleven |
| /12 | 70 | 31 | 9 | 17 | 6 | 0 | 7 |
| /eleven | 40 | nineteen | one | 9 | 2 | 0 | 9 |
| /ten | sixteen | four | one | four | one | 0 | 6 |
| /9 | eight | one | 0 | 0 | 0 | 0 | 7 |
| /eight | ten | one | 0 | 0 | one | 0 | eight |
| / 7 | one | 0 | 0 | 0 | 0 | 0 | one |
Free prefixes reduced to / 24
ADMINBY - according to IANA, have LEGACY status, but are assigned to some or their RIRs (Administered by RIR)
| TOTAL | ARIN | Ripe | APNIC | AFRINIC | LACNIC | LEGACY | ADMINBY | |
|---|---|---|---|---|---|---|---|---|
| / 24 | 27358 | 14225 | 6213 | 5287 | 401 | 1211 | 21 | 9439 |
| / 23 | 37526 | 20520 | 8318 | 6838 | 514 | 1296 | 40 | 13748 |
| / 22 | 60680 | 29876 | 14472 | 13452 | 884 | 1916 | 80 | 21836 |
| / 21 | 66928 | 36264 | 13472 | 13200 | 1112 | 2688 | 192 | 27104 |
| /20 | 84992 | 49296 | 13104 | 17104 | 1184 | 3776 | 528 | 37792 |
| /nineteen | 107360 | 64352 | 13632 | 22432 | 1792 | 4352 | 800 | 53760 |
| /18 | 125376 | 80256 | 11584 | 25408 | 1984 | 4864 | 1280 | 73024 |
| / 17 | 152832 | 96000 | 16256 | 30848 | 2816 | 5504 | 1408 | 97664 |
| /sixteen | 488192 | 359680 | 43008 | 64256 | 6144 | 12032 | 3072 | 396800 |
| /15 | 300032 | 195072 | 35328 | 54272 | 5632 | 3584 | 6144 | 229888 |
| /14 | 197632 | 116736 | 20480 | 38912 | 8192 | 2048 | 11264 | 130048 |
| /12 | 143360 | 63488 | 18432 | 34816 | 12288 | 0 | 14336 | 94208 |
| /eleven | 163840 | 77824 | 4096 | 36864 | 8192 | 0 | 36864 | 81920 |
| /ten | 131072 | 32768 | 8192 | 32768 | 8192 | 0 | 49152 | 57344 |
| /9 | 131072 | 16384 | 0 | 0 | 0 | 0 | 114688 | 16384 |
| /eight | 327680 | 32768 | 0 | 0 | 32768 | 0 | 262144 | 32768 |
| / 7 | 65536 | 0 | 0 | 0 | 0 | 0 | 65536 | 0 |
| Total: | 2611468 | 1285509 | 226587 | 396457 | 92095 | 43271 | 567549 | 1373727 |
| Total blocks by / 8 | 79.70 | 39.23 | 6.91 | 12.10 | 2.81 | 1.32 | 17.32 | 41.92 |
ADMINBY - according to IANA, have LEGACY status, but are assigned to some or their RIRs (Administered by RIR)
The largest non-routable block is from 28.0.0.0 to 30.255.255.255 . It belongs to two organizations according to this document DSI-North and Defense Information Systems Agency .
It is worth noting that the address blocks that are under the administrative control of the RIR could have come to them in fact. For example, the 7.0.0.0/8 block administered by ARIN is wholly owned by the DoD Network Information Center as judged by whois ARIN and is not routed. The total number of addresses in such blocks corresponds to approximately 42 address spaces with the / 8 prefix.
It is interesting to observe that sometimes in a solid block, for example, 13.128.0.0/9 or 29.0.0.0/8, there are objects distributed inetnum and route, but still there is nothing globally seen.
In some cases, the company has a large continuous block, for example, 2.0.0.0/12 , but apparently due to the uselessness it announces only a part of this block. Spaces are obtained in 2.7.0.0/16 and 2.15.0.0/16 . It may be a trifle, but precisely / 16 is the peak at the free addresses.
If you look back a little and take the data for April 20, 2011 , we get the following picture.
Free prefixes 2011
| TOTAL | ARIN | Ripe | APNIC | AFRINIC | LACNIC | LEGACY | |
|---|---|---|---|---|---|---|---|
| / 24 | 19270 | 10418 | 4089 | 3725 | 246 | 789 | 3 |
| / 23 | 14019 | 7864 | 2978 | 2435 | 189 | 547 | 6 |
| / 22 | 10221 | 5683 | 2251 | 1634 | 183 | 459 | eleven |
| / 21 | 6728 | 3637 | 1533 | 1090 | 104 | 356 | eight |
| /20 | 4899 | 2625 | 903 | 853 | 63 | 430 | 25 |
| /nineteen | 3068 | 1751 | 485 | 554 | 52 | 210 | sixteen |
| /18 | 1876 | 1165 | 221 | 330 | 39 | 106 | 15 |
| / 17 | 1186 | 710 | 148 | 224 | 20 | 73 | eleven |
| /sixteen | 2069 | 1503 | 179 | 309 | 14 | 54 | ten |
| /15 | 672 | 424 | 65 | 147 | 9 | 18 | 9 |
| /14 | 280 | 147 | 22 | 80 | eight | 14 | 9 |
| /12 | 129 | 54 | eleven | 41 | eight | 9 | 6 |
| /eleven | 73 | thirty | 7 | 22 | four | 3 | 7 |
| /ten | 27 | 9 | four | 7 | one | one | five |
| /9 | 17 | 3 | 3 | 3 | one | 2 | five |
| /eight | sixteen | 3 | 2 | 0 | one | 2 | eight |
| / 7 | 2 | one | 0 | 0 | 0 | 0 | one |
Free prefixes given to / 24 2011
| TOTAL | ARIN | Ripe | APNIC | AFRINIC | LACNIC | LEGACY | ADMINBY | |
|---|---|---|---|---|---|---|---|---|
| / 24 | 19270 | 10418 | 4089 | 3725 | 246 | 789 | 3 | 6335 |
| / 23 | 28038 | 15728 | 5956 | 4870 | 378 | 1094 | 12 | 9642 |
| / 22 | 40884 | 22732 | 9004 | 6536 | 732 | 1836 | 44 | 14232 |
| / 21 | 53824 | 29096 | 12264 | 8720 | 832 | 2848 | 64 | 19240 |
| /20 | 78384 | 42,000 | 14448 | 13648 | 1008 | 6880 | 400 | 29760 |
| /nineteen | 98176 | 56032 | 15520 | 17728 | 1664 | 6720 | 512 | 43776 |
| /18 | 120064 | 74560 | 14144 | 21120 | 2496 | 6784 | 960 | 64192 |
| / 17 | 151808 | 90880 | 18944 | 28672 | 2560 | 9344 | 1408 | 86272 |
| /sixteen | 529664 | 384768 | 45824 | 79104 | 3584 | 13824 | 2560 | 436480 |
| /15 | 344064 | 217088 | 33280 | 75264 | 4608 | 9216 | 4608 | 250368 |
| /14 | 286720 | 150528 | 22528 | 81920 | 8192 | 14336 | 9216 | 171008 |
| /12 | 264192 | 110592 | 22528 | 83968 | 16384 | 18432 | 12288 | 135168 |
| /eleven | 299008 | 122880 | 28672 | 90112 | 16384 | 12288 | 28672 | 135168 |
| /ten | 221184 | 73728 | 32768 | 57344 | 8192 | 8192 | 40960 | 65536 |
| /9 | 278528 | 49152 | 49152 | 49152 | 16384 | 32768 | 81920 | 65536 |
| /eight | 524288 | 98304 | 65536 | 0 | 32768 | 65536 | 262144 | 131072 |
| / 7 | 131072 | 65536 | 0 | 0 | 0 | 0 | 65536 | 0 |
| Total: | 3469168 | 1614022 | 394657 | 621883 | 116412 | 210887 | 511307 | 1663785 |
| Total blocks by / 8 | 105,87 | 49.26 | 12.04 | 18.98 | 3.55 | 6.44 | 15.60 | 50.77 |
There were more addresses, almost 1/3 of them. During this time, all the RIRs spent the addresses of someone not so much, some very many, like LACNIC, but in general from 1/3 to half. It can be seen that the non-directly administered RIR addresses have remained almost in full strength. On the contrary, some of the addresses were freed. It turns out that at the dawn of the development of the Internet, one-fifth of all addresses were distributed that are still not used. More precisely, they can be used somewhere locally, but in our reality BGP Internet access does not exist.
I didn’t expect so many addresses to be seen in BGP full-view. Someone allocated them a lot, but that they are not used at all. Of course, I was embarrassed and I began to look for where I was wrong. I was mistaken seriously and repeatedly, but after all corrections the final result did not change much. Maybe I did not find everything or think wrongly. In the end, I checked all the blocks corresponding to AFRINIC manually for the presence in the routing table of my BGP routers and made sure, at least, in this case it’s considered true.
From the original idea to compare the free blocks in the routing table with the RIR databases had to be abandoned, too many addresses. I put all the received dumps next to the script that calculates spaces in the list of prefixes, calling everyone to try to repeat my calculations. In the meantime, we look with envy at the pioneers who are certainly not facing a shortage of addresses, not in the near future. The survey is relevant:
Source: https://habr.com/ru/post/282532/
All Articles