Can’t sell your IPv4 numbers? Try leasing them.

In a “policy implementation and experience report” presented at ARIN 31 in Barbados, ARIN’s staff noted that they are seeing “circumstances” related to the leasing of IPv4 number blocks.  At the recent INET in Denver, ARIN’s Director John Curran alleged that there is a “correlation” between address leasing activity and organizations that have been unable to complete specified transfers through the ARIN process, which requires needs-based justification.

The issue of leasing – or rather sub-leasing, because ARIN is already leasing the addresses to its members – is yet another symptom of the growing scarcity of IPv4 addresses. Subleasing is interesting, however, as another example of the way RIR’s bureaucratic control of transactions between willing sellers and buyers can lead to workarounds that make the Whois directory less accurate.

It’s unclear exactly how ARIN is aware of this nominally private activity.  Perhaps someone involved is tipping ARIN off, or maybe its staff is observing instances where the ASN information associated with a routed block is changing while the contact information in the ARIN Whois directory remains the same.  In either case, a greater degree of transparency about refused transfers and the basis for ARIN’s determination would be welcome.  On a related note, we sought to shed some light on the emerging transfer market in a paper last year.

What is troubling, for ARIN at least, is that the subleasing of addresses is taking place outside of the RIR address governance regime. It is understandable that ARIN would react to something that might undermine its control over address space. Part of ARIN’s power stems from its ability to identify who is allocated or assigned what address block(s) via its Whois Directory Service. Practically, the Whois has also been used to identify the party actually routing an address block, although technically this is a distinct activity over which ARIN claims no control.

From an operational perspective, if the organization actually routing an address block is unable to be contacted this could be detrimental to administrators attempting to resolve networking issues, and to parties seeking to use the Whois for law enforcement or related policy matters. However, at this point it is unclear if lessees are actually unreachable. In fact, one could argue that lessors are in a better position to keep accurate lessee contact records than the address registry – they are invoicing their lessees, we assume! Whether, and under what conditions, they would release contact information is basically unknown at this point.

For now, ARIN does not seem to be too alarmed. It suggests three potential policy solutions:

  1. Decide this is not an issue for ARIN to deal with
  2. Create new policy requiring that the actual party using the addresses be listed as an operational contact in Whois
  3. Create new policy that would prevent leasing of address space without needs based justification.

Again, absent any data on leasing, it is hard to say which way ARIN or its membership might go, although the third option seems increasingly unlikely as ARIN moves closer to IPv4 exhaustion and the RIPE region is contemplating elimination of needs based justification entirely.

It may just turn out that private subleasing transforms the address transfer market.  As Addrex’s Charles Lee pointed out at INET in Denver, all kinds of parties lease assets (including ARIN leasing addresses to its own customers). It serves a useful business purpose and is not a bad thing per se.  The entry of large subleasing companies without any Internet operations, Lee noted, might transform the address market.  It could create entirely new ways of allocating addresses and provisioning post allocation services.  It might lead to innovative product offerings such as providing means to mitigate the technological obsolescence of IPv4. We just don’t know. What we know for sure is that it will create governance dilemmas.