IP addresses aren’t an unlimited resource, not on the current version of the Internet anyway. There are only a limited number of them and, while some of the doom and gloom proclamations about us running out in the next year or two may be exaggerated, we are running low on them and should be conserving them where we can.
An ISP can’t create new IP addresses from whole cloth. Instead, when they need more IP addresses they must petition one of the regional internet registries (RIRs) for a new set of addresses which they can then parcel out to their customers. There’s a RIR for each part of the world. ARIN distributes IP addresses for use in North America, RIPE handles IP addresses for Europe, APNIC handles them for the Asia-Pacific region and LACNIC for Latin America.
Each RIR enforces a fairly complex set of rules on the ISPs to ensure that the distribution of IP addresses is somewhat fair and reasonably parsimonious. The rules vary slightly from RIR to RIR in the details, but are fairly consistent in the general meaning. Unless you’re petitioning your local RIR for your own chunk of addresses for some reason (which you aren’t, unless you have a genuine need for more than 2000 IP addresses, or a legitimate need for more than 500 addresses and a complex redundant network setup) you only need to care about the rules that each RIR asks the ISP to enforce on their customers.
When an ISP asks, for example, ARIN for a new block of IP addresses they may be asked to demonstrate efficient usage of the IP addresses they’ve received previously. If they can’t do that, they may not be able to get the new IP addresses. This is, obviously, a Big Deal so ISP network engineers do their best to use address space efficiently, and try and stop their sales reps from handing address space out like candy at Halloween. The end result is that an ISP really does need to have you justify your IP usage – they’re not just being mean or trying to gouge you for more money.
There are several rules that an ISP might follow. One is that an initial allocation of more than, perhaps, 16 addresses will need some justification of how a quarter of those will be efficiently used immediately and how half of them will be used within six months. Another is that if you’re asking for additional IP addresses you’ll need to demonstrate that you’re efficiently using perhaps 80% of the addresses you’ve been assigned previously. The details may vary, and you can probably negotiate with the ISP, but eventually the ISP will need to justify themselves to ARIN, so they’re going to enforce something like this on their customers – or make you pay through the nose to cover the risks they take by bending the rules.
So what does efficient usage mean? That’s very simple in some cases, fuzzier in others. If you have 50 physical machines providing services on the internet, that’s a good justification for 50 IP addresses. If you’re providing internet access to end users (cable modems, DSL, dial-up) then one IP address per user is easy to justify. Virtual webhosting doesn’t justify one IP address per user, but virtual webhosting using SSL does. This is one of those rare cases where you really do have to explain your business model, showing that you’re making efficient use of the addresses you have, and that you have some room for expected growth but aren’t wasting address space by leaving too many addresses idle.
How about ESPs and other bulk mail senders – what does efficient address space usage mean for them? That’s something that seems, from recent conversations I’ve had, to be poorly understood by either ISPs or ESPs. And it’s fairly complex, that’s for sure. So I’ll save that for my next post.