back to article Internet samurai says he'll sell 14,700,000 IPv4 addresses worth $300m-plus, plow it all into Asia-Pacific connectivity

IPv6 advocate Jun Murai today announced he will put more than 14 million IPv4 addresses up for sale, with all the proceeds – expected to top US$300m – going to a trust focused on boosting Asia-Pacific connectivity and online services. Writing on the website of the Japan-based WIDE Project, which Murai founded in 1985 and which …

  1. Anonymous Coward
    Windows

    Civilian note

    It turns out that IPv6 works OK and dual stack works fine. That /n has absolutely no value whatsoever.

    Too late.

    1. C_H

      Re: Civilian note

      You've clearly never tried to run an SMTP service on IPv6 and assume all end users have some IPv6 capability.

      1. boxplayer

        Re: Civilian note

        My dual stack SMTP is working fine, thank you.*

        No, I wouldn't make it IPv6 only. The only way forward is dual stack everywhere until everyone has IPv6.

        * I may have been inadvertently hiding under a rock - is there a problem with SMTP over IPv6 that I don't know about?

        1. AndrueC Silver badge
          Thumb Up

          Re: Civilian note

          is there a problem with SMTP over IPv6 that I don't know about?

          None whatsoever. My personal mail server supports it just fine. You can even get spam using it :)

          22/3/2020 11:38:24.541 - Client:2001:EE0:4141:B State:RcptTo Action:Reject Rule:Reject general crap Size:129413 MAILFROM:blogerzoomcom@zewen.se Recipients:(be3b1ce3b@XXXXXXX)

          1. Bronek Kozicki

            Re: Civilian note

            Yes, hmmm, RBLs might not work very well for IPv6 addresses

            1. AndrueC Silver badge
              Boffin

              Re: Civilian note

              Yes, hmmm, RBLs might not work very well for IPv6 addresses

              Assumptions don't work well for IT either ;)

              It's rejecting based on the recipient. 'be3b1ce3b' isn't even close to the required format so the message is rejected immediately. My mail server has very strict recipient rules because I use a DEA system. That recipient name isn't even close to acceptable.

              The only blacklisting my server does is on security violations. There are no IPv6 addresses in the list at the moment but I don't know if that's because it doesn't store them or because there have been no attacks from IPv6 addresses.

            2. Nanashi

              Re: Civilian note

              I see no reason why RBLs wouldn't work for v6 addresses (or more importantly, for v6 prefixes).

              1. Len
                Holmes

                Re: Civilian note

                An RBL based on prefixes could work. You do, however, run into the same problem that makes IPv6 Privacy Extensions more anonymous than IPv4, you will need to know the size of a prefix for every IP to make it accurate.

                Most ISPs give out a /56 per connection, some more generous ones give out a /48, the most stingy ones only give out a /64. If you take a wild guess and assume that every IP is part of a /56 block you run the risk of either not blocking enough or blocking half the subscriber base of some ISP.

                1. Nanashi

                  Re: Civilian note

                  Start at /64 and expand leftwards every time the spammer demonstrates the ability to use adjacent unblocked addresses. You'll find the right size in O(log n) trials, not the O(n) that everybody seems to assume. Bonus points for expanding 4 bits at a time to keep on nibble boundaries, and for remembering the size on a per-ISP basis so you only have to do it once for each ISP.

                  1. Bronek Kozicki

                    Re: Civilian note

                    Good idea. Now, for implementation ....

                2. Alan Brown Silver badge

                  Re: Civilian note

                  "If you take a wild guess and assume that every IP is part of a /56 block you run the risk of either not blocking enough or blocking half the subscriber base of some ISP."

                  An ISP stingy enough to be assigning /64s is unlikely to have someone running a _personal_ mailserver on their ranges. That's on par with the /56 being a dialup range (and the /64 is probably part of a /56 being resold in any case). As such I'd be perfectly happy to block first and punch holes in it later - I'm betting that exceptions would be few and far between.

                  What I would ALSO do - based on observation - is link it into fail2ban and block anything knocking on other ports around the same time as well as using the fail2ban cloud

      2. IGnatius T Foobar !

        Re: Civilian note

        You've clearly never tried to run an SMTP service on IPv6 and assume all end users have some IPv6 capability.

        What, there are people not using gmail? <<snicker>>

        Seriously though ... my mail server is dual-stack and I find that the majority of email that arrives via IPv6 is coming from the big providers (gmail, yahoo, microsoft etc). Pretty much anyone who doesn't host their mail "in the cloud" is still on IPv4-only. I suppose that's a blessing for now, because the majority of the spammers are still using IPv4 as well.

        The way you migrate the world from IPv4 to IPv6 is to start moving *consumers* away from IPv4. My T-Mobile service, for example, gives me native IPv6 and NAT IPv4 over a 4-6-4 CGN tunnel. Once the masses are all on IPv6, service providers will want to start providing that native IPv6 support.

        (As a side note ... you'd be surprised how many people believe that it's illegal to run your own mail server, because they know that Hillary Clinton got in trouble for it; they don't understand that the email server itself isn't what got her in trouble.)

    2. jake Silver badge

      Re: Civilian note

      The addresses are worth precisely what he can get for them. I rather suspect that that number is quite a bit higher than your estimation.

    3. IGotOut Silver badge

      Re: Civilian note

      It has no value, if you ignore the millions of dollars it will raise.

      Still guess you know better, that's why people come to you for advice on running multi billion dollar internet companies.

    4. Roland6 Silver badge

      Re: Civilian note

      >It turns out that IPv6 works OK and dual stack works fine.

      I think Jun Murai, an "IPv6 advocate" would agree with you.

      >That /n has absolutely no value whatsoever.

      Clearly Jun Murai disagrees with you here. Perhaps because he wants money to fund a pet project: "boosting Asia-Pacific connectivity and online services".

      1. Alan Brown Silver badge

        Re: Civilian note

        > Clearly Jun Murai disagrees with you here.

        It has no value to Jun Murai - however as an IPv6 advocate it leaves him vulnerable to accusations of hoarding IPv4 space to push people onto IPv6, so getting rid of it kills two birds with one stone AND gets him some pocket money for his pet hobbyhorse.

        At some point the companies which have splashed out billions of dollars for IPv4 space are going to find that space is valueless - and then have to explain this to the shareholders.

        It's arguable this is acting as a handbrake on moving to IPv6 ("Why should we do that when we paid SO MUCH for this IPv4 space?"), along with the "We have plenty of IPv4 space, why do you want IPv6?" one I keep running into - particularly from Certain UK ISPs who shall not be named but we all know who they are....

        1. Yes Me Silver badge
          Happy

          Re: Civilian note

          I don't think that improving (IPv6) connectivity in the Asia-Pacific region is a hobby-horse. It's more like, say, being able to sell most of the (US) 847 area code numbers and use the proceeds to improve 5G coverage in rural Illinois.

          Anyway, I've known Jun for 20+ years and whatever he does always works out brilliantly well. My only comment is Kampai!

  2. Kevin McMurtrie Silver badge

    More gold to be found

    APNIC could threaten to recall all of the IPv4 addresses owned by the Chinese government. Everything in those APNIC records has been fake or null-routed since about 20 years ago when China decided that spamming and hacking other countries is a pretty good use of the Internet. You can't have the rest of the world submitting billions of abuse complaints to a legit POC.

    I'm not sure how APNIC would contact the Chinese government's networks about this, being that their contacts are fake. Maybe start re-assigning blocks then see who calls. The other registries could do the same with their networks. AFRINIC is pretty bad and ARIN has numerous records flagged as having an unknown owner.

    1. Alan Brown Silver badge

      Re: More gold to be found

      "AFRINIC is pretty bad and ARIN has numerous records flagged as having an unknown owner."

      The _entire_ address space involved in the accusations you've just made would satisfy about 10 minutes of backlogged requests.

      The real gold mines are in the /8s and larger allocated by Jon Postel prior to ARIN coming into existence - because Jon died before any of this became an issue or handed administratio over to ARIN, they've always been regarded as untouchable.

      Several of those are not in the hands of the organisations that they were originally given to, having been "walked off with" by employees as the original companies folded, etc. (In one case an outside consultant only peripherally related to the original org took the address space and claimed it as his own - and when it was finally noticed it took the best part of 20 years to get it returned to the pool due to his combative stance. The sex.com saga has nothing on the deviousness and posessiveness of people when it comes to "low numbered" IP address ranges)

  3. Anonymous Coward
    Anonymous Coward

    In 3.. 2.. 1..

    The printer repair men and single person IT departments of el reg will be out in force to tell us "ha! I told you IPv4 will never run out", "I ain't learning no stinking new IP syntax.. DNS? what's DNS? Does it work better than IP addresses written in biro on the back of my hand?" and "Why configure stuff properly when NAT breaks everything well enough that it gives the illusion of security".

    1. Muppet Boss

      Re: In 3.. 2.. 1..

      Nice attempt, AC, looks like you successfully deployed IPv6 in single person IT environments. Now you you may have a few weeks, depending on where you are, to read about IPv6 deployments in larger, regulated organizations.

      1. Anonymous Coward
        Anonymous Coward

        Re: In 3.. 2.. 1..

        Oo er get this one. Bet 'e even has a 48 port switch[0] at 'ome. Probably thinks because 'es the only one with the excel sheet of passwords and cisco'd up to the eye balls that them haxors aren't already in 'es corporate network.

        [0] - only 3 things plugged in

        [1] - 4 windows PCs and a NAS he built from parts off Amazon because he's so very smart or a network with so many VLANs and superduper level 7 filtering proxies that all of the devs have already tunnelled out to machines in AWS or wherever and are laughing behind his back as they work totally oblivious to all of the *security* he boasts about while crying about how IPv6 is hard.

        1. Pseudonymous Clown Art

          Re: In 3.. 2.. 1..

          IPv6 isn't hard. It's just a pain in the ass to remember the IPs for your machines.

          My brain is hardwired for IPv4 at this stage, I just naturally think of AD as .250 and ESX-01 as .10 , gateway as .254 etc...it just won't rewire to IPv6...which brings my piss to a boil because I otherwise quite like IPv6.

          Yeah, yeah I know DNS etc etc. But a proper engineer knows the IPs of his kit. That way if DNS is down you can still crack on as usual and get it fixed quicker.

          1. Nanashi

            Re: In 3.. 2.. 1..

            The v6 equivalent could easily be "AD as ::250, ESX-01 as ::10, gateway as ::254". Is that really too much to handle?

          2. Anonymous Coward
            Anonymous Coward

            Re: In 3.. 2.. 1..

            "gateway as .254 "

            You learned networking from Microsoft, didn't you? The MS guys always put the gateway on .254. The guys who learned from Cisco seem to put the gateway at .1.

            Not intended as a criticism, just a pattern I've noticed.

            1. theblackhand

              Re: In 3.. 2.. 1..

              Microsoft people put the gateway on .1 or .254.

              Cisco people understand you can allocate subnets other than /24 and allocate the gateway accordingly.

              1. Anonymous Coward
                Anonymous Coward

                Re: In 3.. 2.. 1..

                Heh. Back in my dialup ISP days, we once got a snooty email from a customer that was pissed he got a broadcast address when he dialed in and got an IP ending in n.255. I explained the concept of a /23 and large dialup pools to him.

            2. Roland6 Silver badge

              Re: In 3.. 2.. 1..

              >The guys who learned from Cisco seem to put the gateway at .1.

              Given the origins of Cisco, I suspect they just picked up a pre-existing convention, which was probably set by Jon Postel et al: ".1" is only two characters to be keyed, ".254" is four - important in the time before DNS and RIP...

              1. jake Silver badge

                Re: In 3.. 2.. 1..

                "only two characters to be keyed"

                This is correct, ask anyone who ever hand-keyed in static routing tables. Microsoft either cluelessly got it wrong, or couldn't handle the concept of using established standards, as usual.

                It wasn't Jon's doing, per se. It was just something that happened pretty much everywhere simultaneously as the logical way to do it. We were using it with TCP/IP before TCP/IP went "live" Internet wide at the beginning of 1983 ...

                Yes, Cisco probably got it from their roots at Stanford, but I remember Stanford using .11 early on (2.0.0.11 and 6.0.0.11 are forever etched into my memory). My lizard hind-brain is suggesting that .1 as a standard may have originated at BBN, but I wouldn't put money on it (24.2.0.1 had something important hung off it, that was definitely BBN, but other than that I can't remember).

                Corrections/additions welcome ... Have a beer while you cogitate :-)

            3. Anonymous Coward
              Anonymous Coward

              Re: In 3.. 2.. 1..

              Actually, it's usually not a choice I get to make. Most of the networks I look after were originally built by someone else a long time ago and certains IPs have been hard coded into devices that aren't in my scope...burglar alarms, door access systems...whatever has some sort of additional support contract on it that prevents me from knowing the passwords.

              That and I work in a couple of consumer tech testing labs so they keep their test networks as consumer oriented as possible to not interfere with the testing.

              I know what you mean though. I've had calls from actual techies trying to get MSDN examples working and they leave in the "contoso" FQDNs after straight up copy/pasting.

              I actually learnt from neither Cisco or Microsoft when I learnt how to build networks. I was 10 years old, it was 1994/5 and I was cobbling my home LAN together with knackered old hubs (can't remember the brand, though Proxim and/or 3com rings bells, they were beige) and old cables I salvaged from a bin on an industrial estate somewhere near Heathrow.

              I didn't touch Cisco kit until around 1990.

  4. jake Silver badge

    Translation

    "Murai received his address blocks in the early internet days before the rules were put in place"

    Meaning he emailed Jon Postel and said something along the lines of "I'm using this Class A, will you please add it to your list?" ... to which Jon replied something along the lines of "Noted. Added. Need any more?".

    The world was a very different place back then ...

    1. Yet Another Anonymous coward Silver badge

      Re: Translation

      "Far back in the mists of ancient time, in the great and glorious days of the former Galactic Empire, life was wild, rich and largely tax free" .....

      "In those days spirits were brave, the stakes were high, men were real men, women were real women and small furry creatures from Alpha Centauri were real small furry creatures from Alpha Centauri."

    2. Persona Silver badge

      Re: Translation

      "The world was a very different place back then …"

      ……. and making routing work as easily as possible was very important to helping get Internet Protocol adopted.

      1. Alan Brown Silver badge

        Re: Translation

        "……. and making routing work as easily as possible"

        The original iteration of IPv4 used the first octet AS the route to the site and the second as the departmental route inside the site

        Remember it was a hackly kludge only intended to last 5-6 years, which is why 32 bits was regarded as sufficient for the amount of time it would be in use. Vint Cerf wanted to use 128 bits at the outset and was browbeaten into 32 for that reason. If he'd stood his ground we wouldn't have this mess now.

        (My reminder about "temporary kludges" is the temporary hut for comms equipment that was part of my beat as a tech that was erected in 1946. It was finally demolished and replaced with a permanent building in 1988. The standing joke was that when the ancient equipment racks and their frames were unbolted from the walls, those walls fell off the building and what was left simply collapsed (building being an exaggeration, it was fractionally larger than a garden shed)

        1. jake Silver badge

          Re: Translation

          "Remember it was a hackly kludge"

          Absolutely!

          "only intended to last 5-6 years"

          Absolutely not! It was intended to last until something better came along ... but nobody was working on something better, so we built it to last indefinitely. Seems the plan[0] worked.

          "Vint Cerf wanted to use 128 bits at the outset and was browbeaten into 32 for that reason."

          We used 32 bits because that's what the DEC hardware that we had available could switch efficiently. The Cerf story sounds good, but it's just a story and never happened.

          [0] Plans? We don' need no steenkeen' plans!

    3. O RLY

      Re: Translation

      Agreed. A problem with IPv4 was its allocation and the reluctance to take it away. MIT was famous (s/famous/notorious or other preferred adjectives) for having its /8 until 2017, despite a /8 being larger than the allocations to the sum of ~130 nations.

  5. Anonymous Coward
    Anonymous Coward

    Old blocks that not abide to current rules should not be routed

    This kind of Internet 'noble blocks' have no reason to exist. They got them when it was a kind of experiment, now the experiment has been over for a long time. Making them non routable will drop their usefulness and value to 0.

    1. ratfox
      WTF?

      Re: Old blocks that not abide to current rules should not be routed

      Who would benefit from that? And I don't mean in a money sense. Literally, what good would it make to make these non-routable? It feels to me like you just discovered somebody has been hoarding a collection of rare stamps, so you decide to... burn it all.

      1. Anonymous Coward
        Anonymous Coward

        "Who would benefit from that?"

        Those who need IPs that are owned by people who have no uses for them and just hoarded them when the internet was just an experiment, moreover often built with taxpayers money, and while being often paid with taxpayers money? The initial allocation of IPv4 wasn't fair at all. Not even clever.

        Making them non routable until their owner abide to the same actual rules to which everybody else have to abide too would be fair. Why they should be exempt?

        In the centuries many hoarded resources until they had to release them because it wasn't legal any longer. This is a kind of internet "latifundium" - quite idiotic, especially from people who usually think about themselves as "liberals" - but "hey, don't touch my big /8, serf!"

        1. Anonymous Coward
          Anonymous Coward

          Re: "Who would benefit from that?"

          I am guessing that you are pissed off because you missed the boat?

          Cheers… Ishy

          1. Anonymous Coward
            Anonymous Coward

            Re: "Who would benefit from that?"

            No, just because those "grandfathering" clauses are plainly silly - another example of how Internet has been mismanaged since the beginning. ICANN & C. are just the obvious offspring of that mentality - rules are just valid for some people but not for others, "just because we can".

            It would be like Mayflower descendant asserting they are not bound to US laws because they came to America before US existed.

            Hope IPv6 starts to be deployed broadly soon, so all those IPs become useless.

    2. Roland6 Silver badge

      Re: Old blocks that not abide to current rules should not be routed

      >Making them non routable will drop their usefulness and value to 0.

      Might get a call from the US military/defense establishment - they seem to be sitting on rather a lot of /8 address ranges...

      1. Alan Brown Silver badge

        Re: Old blocks that not abide to current rules should not be routed

        "Might get a call from the US military/defense establishment - they seem to be sitting on rather a lot of /8 address ranges..."

        They're not using most of them (or weren't in the 1990s) and were considering handing them back at one point (one question that got asked was "To whom though?". I suspect they'd prefer to sit on them now as a way of pushing the world to IPv6

  6. Dinanziame Silver badge
    Paris Hilton

    What would somebody like Google need IPv4 addresses for? Surely they already have enough to serve their current needs, and the usage should be going down rather than up, right?

    1. Tromos

      @Dinanziame

      Just a small step towards the final target - ownership of the Internet.

    2. Crypto Monad Silver badge

      Google, Microsoft and Amazon are infrastructure providers. In most cases, each individual VM fired up needs an IPv4 address. Cloud usage is going up, not down.

      However, more importantly, Google is an advertising company, and its money depends on eyeballs on the adverts. They can't afford to cut off IPv4-only users, which are still the vast majority.

      Think about what happened with IE5. For a long time, websites had to have a completely different version to support IE5, which was really painful and expensive. They continued to do so, until the number of people on IE5 fell to about 1% - at that point they felt safe to drop IE5 support.

      The same will happen here. When 99%+ of the end-users on the Internet are dual-stack or v6+NAT64, content providers will feel it's OK to drop v4. Not before.

      1. Anonymous Coward
        Anonymous Coward

        Not really

        Not entirely. You obviously know of NAT64 but fail to realize it works both ways. You can easily just have the "instance" use IPv6 and then assign IPv4 "elastic" IPs as needed using their load balancing applications. Pretty easy.

        No reason to burn an IPv4 IP for your backend instances.

      2. Alan Brown Silver badge

        "The same will happen here. When 99%+ of the end-users on the Internet are dual-stack or v6+NAT64, content providers will feel it's OK to drop v4. Not before."

        Up to that point, the end users will slowly see their horizons starting to diminish, just like IE5 users did.

        Just because it will take time to happen isn't a reason to not start the journey and encourage the transition as quickly as possible - especially when you bear in mind that there are parts of the world where entire countries have tens of millions of people behind a single /24 (Vietnam) or up to 6 layers of NAT (Myanmar)

        Uptake of IPv6 is now at the point where it's mostly only the dinosaurs who haven't transitioned. and they won't unless their feet are held to the fire.

  7. karlkarl Silver badge

    “Ideally, he should have given them to the free pool,”

    Haha, not a chance. For one, the pool is in no way free.

    1. Roland6 Silver badge

      >For one, the pool is in no way free.

      Given the recent events at ICAAN, can't help but think Wilson was thinking more of his potential slice of the resale revenues such a cache of IP addresses could deliver...

  8. Richard Hector

    No v4 unless you're doing v6

    I hope that these addresses are not available to those who can't be bothered doing IPv6.

    No organisation should be eligible for more IPv4 space unless they're actively using IPv6 - with the possible exception of those of us small operators who are stuck behind lagging upstreams. But then, such organisations generally don't apply for space from APNIC anyway.

    1. sebbb

      Re: No v4 unless you're doing v6

      It should be something absolutely like this, and whoever's too lazy to learn something new (well... more like 20+ years old...) can find another job. My company (transit folks...) already has a peering policy that it will accept only dual stack on new agreements.

  9. Zack Mollusc

    why so cheap?

    IPv4 addresses have been running out for years, with much wailing and prophecying of doom, so why are they only worth 20 dollars ? You can't even buy a toilet roll for that.

    1. A.P. Veening Silver badge

      Re: why so cheap?

      Try dollars from another country than Zimbabwe.

      1. Ken Hagan Gold badge

        Re: why so cheap?

        Whoosh! (Or should I say "Fluuush"?)

  10. Ian Johnston Silver badge

    The IPv4 addresses in question are the vast majority of 43/8, aka 43.*.*.*. Some are already allocated; the WIDE Project owns the other 87.5 per cent, which it will transfer to the aforementioned trust, which is joint owned by WIDE and Asia-Pacific internet overseer APNIC.

    So "the vast majority" is 12.5%?

    1. sebbb

      Read again slowly and carefully the last sentence, after the semicolon...

  11. Robert Grant

    “Ideally, he should have given them to the free pool,” Wilson said. “And I offered that. In fact, I felt obliged to push that, and that’s what we would have done if he had been prepared to do so.”

    A handy tautology; everyone would do something that were prepared to do.

    1. Anonymous Coward
      Anonymous Coward

      Naaaah. He said "that's what *we* would have done if *he* had been prepared to"

      So, only half a tautology! :-)

  12. Grogan Silver badge

    If IPV4 addresses are just being hoarded for speculative value, they should be taken away and allocated elsewhere.

    I have to justify my IP addresses...

    1. Anonymous Coward
      Anonymous Coward

      Hoarding is the easy part - building the time machine to allow you to go back and acquire the large blocks in the first place is the hard part...

  13. all ears

    Obligatory nit

    "to ensure that the internet's foundational layer is treated with equanimity" -- You're right, these guys are getting way too excited. They just need to chill a bit...

  14. Oneman2Many

    How many of those class A address holders actually use them for public exposed services ?

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon