System administrators use very often "simple" IP addresses on the equipment for test purposes. E.g. address 22.214.171.124/24. Sounds like a big deal? No, it's just a random address that can be typed on the keyboard simply and quickly and is quite suitable for test purposes. And even if you read examples in the set up documentation you may often come across Router1 IP 126.96.36.199, Router 2 IP 188.8.131.52. However, the effect of such settings may be rather unexpected. For example, on March 23, 2018, the public DNS service from CloudFlare using the address 184.108.40.206 was disrupted. Let's see what about other "simple" addresses and prospects for their use.
CloudFlatre public DNS server.
All about this DNS server here: https://220.127.116.11
A fast and safe public DNS service. CloudFlare promises that it will never use the data to advertise, target, or collect information about you. They emphasize that their DNS service is very fast and secure. Several times faster than any standard provider DNS, faster than Google and Cisco public services.
To use the service, the company proposes to specify the following DNS addresses as permanent ones:
18.104.22.168 22.214.171.124 2606:4700:4700::1111 2606:4700:4700::1001
The address 126.96.36.199 is announced by the autonomous system AS13335 (CLOUDFLARENET) as part of the network 188.8.131.52/24.
The address 184.108.40.206 is announced by the same AS, as part of chunk 220.127.116.11 / 24.
Both addresses are resolved in the same way:
# host 18.104.22.168 22.214.171.124.in-addr.arpa domain name pointer one.one.one.one. # host 126.96.36.199 188.8.131.52.in-addr.arpa domain name pointer one.one.one.one.
FQDN turns back when resolving to the address list:
# host one.one.one.one one.one.one.one has address 184.108.40.206 one.one.one.one has address 220.127.116.11 one.one.one.one has IPv6 address 2606:4700:4700::1001 one.one.one.one has IPv6 address 2606:4700:4700::1111
Top-level domain .one is publicly available from May 20, 2015.
Networks 18.104.22.168/24 and 22.214.171.124/24 are announced by dispersed nodes that are as close as possible to the end user. This is good both for reliability, speed and safety.
Something happens regularly with the address 126.96.36.199. For example, May 23, 2018 was marked by one of the most extraordinary events: during trial configuration of hardware using this address, the route 188.8.131.52/24 from Security Technology Co. 'leaked' to the global routing table causing disruption in operation of this service. Here e.g. you can find a detailed article about the incident:
CloudFlare announces the longest possible prefix for global connectivity networks - /24, but it was still not enough. The service operation was partially disrupted.
Currently, the host 184.108.40.206 is included in the global BGP table announced as part of the network 220.127.116.11/16 (France Telecom Orange), AS3215 (and also France Telecom). This address doesn't have a DNS name, doesn't respond to ping. There is clearly no public service on this host. Moreover, neither address from 18.104.22.168/24 network responds to ping. This is strange - such a richness and not in use!
I think the French will come up with a good use for this address a bit later.
Address space with 22.214.171.124 as its part is allocated to ARIN. The network 126.96.36.199/9 is owned by Amazon. The address is currently not announced in the global routing table.
A short time before, in late 2018 there was a broad public discourse about the Amazon's decision to acquire 188.8.131.52/8 from General Electric. The sale was implemented in two large chunks: 184.108.40.206/9 and 220.127.116.11/9.
Apparently, this is the most promising address today in terms of a new service launched. We have to wait now since only few month have passed so far.
Address 18.104.22.168 as part of the network /8 is allocated to Level3 (currently CenturyLink):
refer: whois.arin.net inetnum: 22.214.171.124 - 126.96.36.199 organisation: Level 3 Parent, LLC status: LEGACY Route: 188.8.131.52/9 Origin: AS3356 ASName: LEVEL3
Unfortunately, address 184.108.40.206 does not respond to ping, it seems that it is missing inside the network. It's a pity, it is a rather pleasant address as well.
However, one could be in for some surprises there too. In November 2017, CenturyLink has completed its acquisition of Level 3. Yes, it's been more than a year ago and the main objective of the purchase deal was clearly not to obtain the network address 220.127.116.11. This was pure commercial takeover of the company. However, CenturyLink is the largest ISP, maybe they will come up with something for this address.
This address space is allocated to Europe:
IANA: inetnum: 18.104.22.168 - 22.214.171.124 organisation: RIPE NCC status: ALLOCATED
more precisely, to the German operator Telefonica Germany
RIPE: route: 126.96.36.199/14 descr: Telefonica Germany GmbH & Co. OHG remarks: netname: DE-MEDIAWAYS origin: AS6805 mnt-by: MDA-Z created: 2018-08-08T09:03:25Z last-modified: 2018-08-08T09:13:47Z source: RIPE
Address 188.8.131.52 is announced as part of the network /14 by the autonomous system AS6805 (Telefonica Germany GmbH & Co. OHG).
And that's again disappointing: the address does not respond to ping, does not provide any public services. It's a pity.
This address is more interesting: it is allocated to:
refer: whois.arin.net inetnum: 184.108.40.206 - 220.127.116.11 organisation: Army Information Systems Center status: LEGACY changed: 1994-02 source: IANA NetRange: 18.104.22.168 - 22.214.171.124 CIDR: 126.96.36.199/8 NetName: CONUS-YPG-NET NetHandle: NET-6-0-0-0-1 Parent: () NetType: Direct Allocation OriginAS: Organization: Headquarters, USAISC (HEADQU-3) RegDate: 1994-02-01 Updated: 2011-02-24
The network is allocated to the United States Army Intelligence and Security Command. The network is not available in the global routing table, the host is not accessible through the public network.
And here we once again come up against the security and law enforcement agencies of the USA: Department of Defence as part of the network.
NetRange: 188.8.131.52 - 184.108.40.206 CIDR: 220.127.116.11/8 NetName: DISANET7 NetHandle: NET-7-0-0-0-1 Parent: () NetType: Direct Allocation OriginAS: Organization: DoD Network Information Center (DNIC) RegDate: 1997-11-24 Updated: 2006-04-28
And this network is available in the routing table!
Route: 18.104.22.168/24 Origin: AS27651
The host itself doesn't respond, though. Either it is well filtered, or there is really no such host in the network.
Only 22.214.171.124 - the only (!) address has responded to ping from the whole network 126.96.36.199/24. And even there, unfortunately, there is not a single publicly available service.
A well-known public DNS address from Google. Online, is announced as part of the Route network: 188.8.131.52/24 with /24 prefix which is logical for safety reasons. Is announced by the autonomous system AS15169 (Google).
The address is resolved to some ugly picture:
# host 184.108.40.206 220.127.116.11.in-addr.arpa domain name pointer google-public-dns-a.google.com.
It's a pity that there is no TLD. eight at the moment - it would be very useful.
Moreover, when accessing https://18.104.22.168/directly, you get an 404 error page:
Besides, it's also not so easy to find a description of the dns.google.comservice. The page with service description is located strangely enough at the address:
It is curious that Google doesn't care at all for ease of use and beauty. It is true that CloudFlare made it much better (direct/reverse resolving, direct referral to the address, service description page, etc.).
To use its DNS service, Google proposes to use the following addresses as DNS servers:
Besides, IPv6 addresses on the service main page are not specified, they can be found somewhere deeper in documents:
The implementation of the DNS service from Google gives a very strange impression: technically it is good, however is not convenient, complicated. By the way, like many Google services. CloudFlare is far superior in this regard.
Netowork 22.214.171.124/24 is allocated to QuadDNS:
OrgName: Quad9 OrgId: CLEAN-97 Address: 1442 A Walnut Street, Suite 501 City: Berkeley Country: US AS19281 (Quad9).
Quad9 service is a reliable, secure DNS service for free public use. Is supported by a non-profit organization sponsored by IBM, Packet Clearing House (PCH), Global Cyber Alliance (GCA) and many other entities.
About the service: https://www.quad9.net/about/
Quad9 offers to use the addresses as follows to configure the service:
dns.quad9.net has address 126.96.36.199 dns.quad9.net has address 188.8.131.52 dns.quad9.net has IPv6 address 2620:fe::9 dns.quad9.net has IPv6 address 2620:fe::fe
A special emphasis is placed on performance and safety. This is a geographically distributed service in the similar fashion. It is announced from 150 different locations in 77 countries, and further expansion is planned. Basic location strategy - in Internet exchange points.
Address 10.10.10.10 is included in a private, not announced network 10.0.0.0/8
Finally, only three addresses from the first ten 'nice' addresses are functioning in the network.
|184.108.40.206||-||France Telecom Orange||220.127.116.11/16, AS3215|
|18.104.22.168||-||Level3 (CenturyLink)||22.214.171.124/9, AS3356|
|126.96.36.199||-||Telefonica Germany GmbH & Co. OHG||188.8.131.52/14, AS6805|
|184.108.40.206||-||Army Information Systems Center||-|
|220.127.116.11||-||Department of Defence||18.104.22.168/24, AS27651|
The DNS service really plays an important role in the load speeds of websites. Currently, if you like to create a single web page, you need to download resources (pictures, design styles, scripts, fonts, etc.) from different servers. These servers are indicated with the DNS name. This means that you need to perform a lot of DNS name resolution operations in order to load a single website. And the sooner this happens, the faster the real data will start loading and the faster the web page will be rendered in full. Therefore, the operation speed of DNS resolver is a very important parameter.
However, it seems a little bizarre that only DNS services are available on nice, easy-to-remember addresses. There are a lot of utility services in the Network and it would be nice to have it always on hand. E.g. NTP server. Or a BGP route server with Telnet access. Or a service that allows you to determine your IP address through Telnet or other text service.
The situation might change. Perhaps most of all, we are waiting for Amazon inventions: will it take the usual DNS track or is it going to create something completely new. And it is quite possible that the colleagues from FranceTelecom, CenturyLink, Telefonica Germany will surprise us as well. These large companies have more than sufficient capacities.
Please write in comments which another network service could also be deployed on the host with a 'nice' address.