Research Around Network and IP Management Obstacles
On the second day of the ARIN 52 Public Policy and Members Meeting held last month in San Diego, California, and online, IPXO Chief Technology Officer Vaidotas Januska delivered a presentation titled “Research Around Network and IP Management Obstacles” in which he shared insights gathered from interviews with more than 100 companies in the U.S. and Europe. Here’s a recap of Vaidotas’s presentation, which shed light on the challenges faced by organizations in managing IP data and the obstacles impacting efficient IP address utilization as well as network stability, planning, and security.
Watch the recording of Vaidotas Januska’s presentation on YouTube.
Hypothesis and Scope
Vaidotas began by laying out the hypothesis IPXO sought to address through its research: Despite the maturity of IPv4 and the advancement of IPv6, some obstacles still exist when it comes to managing the data related to IP addresses. To test that hypothesis, IPXO interviewed companies for which IP addresses are a core business enabler and key component to gain understanding of the various hurdles faced when managing IP data. Including both owned and leased space, the number of IP addresses in use by the companies in question totals about 10 million, mostly from the ARIN and RIPE regions.
The scope of this research focused on specific facets of IP data management that Vaidotas described as “governing elements that shape an organization’s presence on the Internet”: Resource Public Key Infrastructure (RPKI) and Route Origin Authorization (ROA) handling; Whois data management, including domain delegations and route objects; geolocation; abuse-related data management; and IPv6 adoption.
Diverse Industry Insights
Vaidotas went on to highlight the diversity of the organizations interviewed for this research. They spanned a wide range of industries, including cloud providers, hosting and proxy services, data mining, telecommunications/Internet Service Providers (ISPs), and Local Internet Registries (LIRs). They also represented various business verticals, stages of operational maturity, and levels of expertise in core networking. Some run their own infrastructure and provide services to others, while some use infrastructure as a service.
Identified Obstacles
Following the journey from obtaining to using IP addresses, Vaidotas outlined the obstacles faced by organizations in IP data management and their subsequent impact on network stability, planning, and security:
Resources in Various RIRs
Getting and managing resources from multiple Regional Internet Registries (RIRs) requires navigating different portals and processes for the same functions. “Every RIR has their special twist here and there when it comes to managing the data,” Vaidotas said. “Personally, I appreciate that; nevertheless, we heard that this is seen as an extra complexity or obstacle [to] managing that fundamental data from the participants that … had resources from multiple RIRs.”
In-house, Old, Complex Tools
Using Microsoft Excel or other legacy in-house apps rather than an API as the IP Address Management (IPAM) tool offers limited or no automation, and lack of knowledge or desire to touch something that’s not broken deters updates to these systems.
Key People Dependency
Having various people or teams handle different aspects of IP management, from Whois records and edge routing to data center networking, can lead to documentation gaps and potential mistakes, especially in emergency situations.
Effective Utilization
Without proper tools at hand (i.e. relying on people and not automation to maintain accuracy and completeness of IP address documentation), it’s hard to effectively utilize the whole IPv4 inventory.
“Most of our respondents said that they’re not 100 percent sure that their documentation is up to date,” Vaidotas revealed. “[And] if you are not sure about your inventory, you can’t be sure if you use it efficiently. It’s as simple as that.”
IP Reputation Management
With various organizations maintaining block lists based on different procedures and lacking standardization and aggregation, it is a difficult, labor-intensive task to discern the status of specific IP addresses and the necessary actions to remove them from a block list.
“Due to the lack of standards, lack of aggregation of the domain,” Vaidotas explained, “it’s very hard to understand where one or the other IP is listed and what actions are necessary actually to take this IP out of that list once you sorted with the root cause, the bad actor.”
IP Geolocation Management
The proliferation of numerous geolocation databases, each with its own decision-making process and update frequency, has led to inconsistencies in IP location data. Despite the existence of standards like RFC8805 and RFC9092, which enhance control over geolocation legitimacy, managing the various data points remains a complex task for ensuring accurate IP geolocation across providers.
Impact on Network Stability and Planning
Based on these research findings, Vaidotas underscored the significance of accurate and consistent IP data management to ensure network stability and effective network planning. He highlighted how incorrect routing policies and IP reputation and geolocation problems could lead to routing errors and how inadequate documentation and inconsistencies in ROA and Internet Routing Registry (IRR) records could result in hijacks and security vulnerabilities.
Additionally, without reliable data, organizations struggle to make informed decisions regarding IP address allocations and utilization, slowing down their network planning and expansion. Lack of control over IP data can impact the transition to IPv6, diverting valuable resources and attention from the migration process.
Proposed Solutions
To address these challenges, participants in IPXO’s research indicated the desire for a comprehensive IP data management system that would enable them to spot inconsistencies between the different planes of IRR data, routing policy data, routing configuration, geolocation, etc. Vaidotas described how the ideal system would provide real-time recommendations to address inconsistencies, empower organizations to define and maintain their desired data state, identify opportunities for optimizing IPv4 resource utilization, and be API-enabled to seamlessly integrate into the current tech stack.
Looking to the Future
In closing, Vaidotas encouraged organizations to look toward the future, where efficient IP data management could enable smoother IPv6 adoption and free up time to address other technological advancements and challenges.
Recent blogs categorized under: Public Policy
GET THE LATEST!
Sign up to receive the latest news about ARIN and the most pressing issues facing the Internet community.
SIGN ME UP →Blog Categories
IPv6 • Business Case for IPv6 • Internet Governance • Public Policy • Elections • ARIN Bits • Fellowship Program • Grant Program • RPKI • Caribbean • Outreach • Training • Updates • IPv4 • Security • Data Accuracy • Tips • Customer Feedback • IRR