Lookin'BotReal BGP table Telegram Bot with some network utilities |
Connect BOT |
Analyze stats |
Read blog |
March 5, 2019
#ipv4 #services #about
System administrators use very often "simple" IP addresses on the equipment for test purposes. E.g. address 1.1.1.1/24. Sounds like a big deal? No, it's just a random address that can be typed on the keyboard simply and quickly and is quite suitable for test purposes. And even if you read examples in the set up documentation you may often come across Router1 IP 1.1.1.1, Router 2 IP 2.2.2.2. However, the effect of such settings may be rather unexpected. For example, on March 23, 2018, the public DNS service from CloudFlare using the address 1.1.1.1 was disrupted. Let's see what about other "simple" addresses and prospects for their use.
CloudFlatre public DNS server.
All about this DNS server here: https://1.1.1.1
A fast and safe public DNS service. CloudFlare promises that it will never use the data to advertise, target, or collect information about you. They emphasize that their DNS service is very fast and secure. Several times faster than any standard provider DNS, faster than Google and Cisco public services.
To use the service, the company proposes to specify the following DNS addresses as permanent ones:
1.1.1.1 1.0.0.1 2606:4700:4700::1111 2606:4700:4700::1001
The address 1.1.1.1 is announced by the autonomous system AS13335 (CLOUDFLARENET) as part of the network 1.1.1.0/24.
The address 1.0.0.1 is announced by the same AS, as part of chunk 1.0.0.0 / 24.
Both addresses are resolved in the same way:
# host 1.1.1.1 1.1.1.1.in-addr.arpa domain name pointer one.one.one.one. # host 1.0.0.1 1.0.0.1.in-addr.arpa domain name pointer one.one.one.one.
FQDN turns back when resolving to the address list:
# host one.one.one.one one.one.one.one has address 1.1.1.1 one.one.one.one has address 1.0.0.1 one.one.one.one has IPv6 address 2606:4700:4700::1001 one.one.one.one has IPv6 address 2606:4700:4700::1111
Top-level domain .one is publicly available from May 20, 2015.
Networks 1.0.0.0/24 and 1.1.1.0/24 are announced by dispersed nodes that are as close as possible to the end user. This is good both for reliability, speed and safety.
Something happens regularly with the address 1.1.1.1. For example, May 23, 2018 was marked by one of the most extraordinary events: during trial configuration of hardware using this address, the route 1.1.1.0/24 from Security Technology Co. 'leaked' to the global routing table causing disruption in operation of this service. Here e.g. you can find a detailed article about the incident:
https://www.internetsociety.org/blog/2018/05/cloudflare-1-1-1-1-outage/
CloudFlare announces the longest possible prefix for global connectivity networks - /24, but it was still not enough. The service operation was partially disrupted.
Currently, the host 2.2.2.2 is included in the global BGP table announced as part of the network 2.2.0.0/16 (France Telecom Orange), AS3215 (and also France Telecom). This address doesn't have a DNS name, doesn't respond to ping. There is clearly no public service on this host. Moreover, neither address from 2.2.2.0/24 network responds to ping. This is strange - such a richness and not in use!
I think the French will come up with a good use for this address a bit later.
Address space with 3.3.3.3 as its part is allocated to ARIN. The network 3.0.0.0/9 is owned by Amazon. The address is currently not announced in the global routing table.
A short time before, in late 2018 there was a broad public discourse about the Amazon's decision to acquire 3.0.0.0/8 from General Electric. The sale was implemented in two large chunks: 3.0.0.0/9 and 3.128.0.0/9.
Apparently, this is the most promising address today in terms of a new service launched. We have to wait now since only few month have passed so far.
Address 4.4.4.4 as part of the network /8 is allocated to Level3 (currently CenturyLink):
refer: whois.arin.net inetnum: 4.0.0.0 - 4.255.255.255 organisation: Level 3 Parent, LLC status: LEGACY Route: 4.0.0.0/9 Origin: AS3356 ASName: LEVEL3
Unfortunately, address 4.4.4.4 does not respond to ping, it seems that it is missing inside the network. It's a pity, it is a rather pleasant address as well.
However, one could be in for some surprises there too. In November 2017, CenturyLink has completed its acquisition of Level 3. Yes, it's been more than a year ago and the main objective of the purchase deal was clearly not to obtain the network address 4.4.4.4. This was pure commercial takeover of the company. However, CenturyLink is the largest ISP, maybe they will come up with something for this address.
This address space is allocated to Europe:
IANA: inetnum: 5.0.0.0 - 5.255.255.255 organisation: RIPE NCC status: ALLOCATED
more precisely, to the German operator Telefonica Germany
RIPE: route: 5.4.0.0/14 descr: Telefonica Germany GmbH & Co. OHG remarks: netname: DE-MEDIAWAYS origin: AS6805 mnt-by: MDA-Z created: 2018-08-08T09:03:25Z last-modified: 2018-08-08T09:13:47Z source: RIPE
Address 5.5.5.5 is announced as part of the network /14 by the autonomous system AS6805 (Telefonica Germany GmbH & Co. OHG).
And that's again disappointing: the address does not respond to ping, does not provide any public services. It's a pity.
This address is more interesting: it is allocated to:
refer: whois.arin.net inetnum: 6.0.0.0 - 6.255.255.255 organisation: Army Information Systems Center status: LEGACY changed: 1994-02 source: IANA NetRange: 6.0.0.0 - 6.255.255.255 CIDR: 6.0.0.0/8 NetName: CONUS-YPG-NET NetHandle: NET-6-0-0-0-1 Parent: () NetType: Direct Allocation OriginAS: Organization: Headquarters, USAISC (HEADQU-3) RegDate: 1994-02-01 Updated: 2011-02-24
The network is allocated to the United States Army Intelligence and Security Command. The network is not available in the global routing table, the host is not accessible through the public network.
And here we once again come up against the security and law enforcement agencies of the USA: Department of Defence as part of the network.
NetRange: 7.0.0.0 - 7.255.255.255 CIDR: 7.0.0.0/8 NetName: DISANET7 NetHandle: NET-7-0-0-0-1 Parent: () NetType: Direct Allocation OriginAS: Organization: DoD Network Information Center (DNIC) RegDate: 1997-11-24 Updated: 2006-04-28
And this network is available in the routing table!
Route: 7.7.7.0/24 Origin: AS27651
The host itself doesn't respond, though. Either it is well filtered, or there is really no such host in the network.
Only 7.7.7.3 - the only (!) address has responded to ping from the whole network 7.7.7.0/24. And even there, unfortunately, there is not a single publicly available service.
A well-known public DNS address from Google. Online, is announced as part of the Route network: 8.8.8.0/24 with /24 prefix which is logical for safety reasons. Is announced by the autonomous system AS15169 (Google).
The address is resolved to some ugly picture:
# host 8.8.8.8 8.8.8.8.in-addr.arpa domain name pointer google-public-dns-a.google.com.
It's a pity that there is no TLD. eight at the moment - it would be very useful.
Moreover, when accessing https://8.8.8.8/directly, you get an 404 error page:
Besides, it's also not so easy to find a description of the dns.google.comservice. The page with service description is located strangely enough at the address:
https://developers.google.com/speed/public-dns/
It is curious that Google doesn't care at all for ease of use and beauty. It is true that CloudFlare made it much better (direct/reverse resolving, direct referral to the address, service description page, etc.).
To use its DNS service, Google proposes to use the following addresses as DNS servers:
8.8.8.8 8.8.4.4
Besides, IPv6 addresses on the service main page are not specified, they can be found somewhere deeper in documents:
2001:4860:4860::8888 2001:4860:4860::8844
The implementation of the DNS service from Google gives a very strange impression: technically it is good, however is not convenient, complicated. By the way, like many Google services. CloudFlare is far superior in this regard.
Netowork 9.9.9.0/24 is allocated to QuadDNS:
OrgName: Quad9 OrgId: CLEAN-97 Address: 1442 A Walnut Street, Suite 501 City: Berkeley Country: US AS19281 (Quad9).
Quad9 service is a reliable, secure DNS service for free public use. Is supported by a non-profit organization sponsored by IBM, Packet Clearing House (PCH), Global Cyber Alliance (GCA) and many other entities.
About the service: https://www.quad9.net/about/
Quad9 offers to use the addresses as follows to configure the service:
dns.quad9.net has address 9.9.9.9 dns.quad9.net has address 149.112.112.112 dns.quad9.net has IPv6 address 2620:fe::9 dns.quad9.net has IPv6 address 2620:fe::fe
A special emphasis is placed on performance and safety. This is a geographically distributed service in the similar fashion. It is announced from 150 different locations in 77 countries, and further expansion is planned. Basic location strategy - in Internet exchange points.
Address 10.10.10.10 is included in a private, not announced network 10.0.0.0/8
Finally, only three addresses from the first ten 'nice' addresses are functioning in the network.
Overview table:
Address | Service | Owner | Route |
1.1.1.1 | DNS | CloudFlare | 1.1.1.0/24, AS13335 |
2.2.2.2 | - | France Telecom Orange | 2.2.0.0/16, AS3215 |
3.3.3.3 | - | Amazon | - |
4.4.4.4 | - | Level3 (CenturyLink) | 4.0.0.0/9, AS3356 |
5.5.5.5 | - | Telefonica Germany GmbH & Co. OHG | 5.4.0.0/14, AS6805 |
6.6.6.6 | - | Army Information Systems Center | - |
7.7.7.7 | - | Department of Defence | 7.7.7.0/24, AS27651 |
8.8.8.8 | DNS | 8.8.8.0/24, AS15169 | |
9.9.9.9 | DNS | Quad9 | 9.9.9.0/24, AS19281 |
The DNS service really plays an important role in the load speeds of websites. Currently, if you like to create a single web page, you need to download resources (pictures, design styles, scripts, fonts, etc.) from different servers. These servers are indicated with the DNS name. This means that you need to perform a lot of DNS name resolution operations in order to load a single website. And the sooner this happens, the faster the real data will start loading and the faster the web page will be rendered in full. Therefore, the operation speed of DNS resolver is a very important parameter.
However, it seems a little bizarre that only DNS services are available on nice, easy-to-remember addresses. There are a lot of utility services in the Network and it would be nice to have it always on hand. E.g. NTP server. Or a BGP route server with Telnet access. Or a service that allows you to determine your IP address through Telnet or other text service.
The situation might change. Perhaps most of all, we are waiting for Amazon inventions: will it take the usual DNS track or is it going to create something completely new. And it is quite possible that the colleagues from FranceTelecom, CenturyLink, Telefonica Germany will surprise us as well. These large companies have more than sufficient capacities.
Please write in comments which another network service could also be deployed on the host with a 'nice' address.