O'Reilly logo

BGP by Iljitsch van Beijnum

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Requesting Address Space

If you have decided you want to use addresses from the PA space of one of your ISPs, you should discuss this with both ISPs to make sure they’re on board with what you want to do. It’s a good idea to get this in writing. Then you can proceed to request the addresses from your ISP.

PI addresses can be requested directly from a RIR, but in most cases, it’s better to request them through one of your ISPs or at least consult with the ISP first. They’ll have to forward your request to the RIR anyway, but involving an ISP will most likely save you time. Your ISP can make sure the request is in order before forwarding it, and the RIRs have more trust in an ISP they’ve worked with before than in someone they don’t know. It may also save you some fees. Make sure your ISP understands you’re talking about provider-independent address space, since this isn’t all that common; few organizations qualify for a large enough block of PI space to avoid filtering.

If you want a PA block of your own, consult your RIR’s web site.

As an end-user organization, you will be asked to provide a full list of subnets with the projected immediate and future use of each subnet when requesting IP address space. Example 4-1 shows how this would appear in the ARIN request form.

Example 4-1. A list of subnets as required for ARIN address requests

Subnet#  Subnet Mask      Max  Now   1yr   Description
1.0   64   36    49   Wired PCs
1.1   32   15    30   Wireless PCs
1.2   16    7    10   Web servers, DNS
1.3    8    8     8   Dial-up modems
1.4    8    2     2   Firewall DMZ
Totals                    128   68    99

The first number (“Subnet#”) doesn’t mean anything: it’s just to keep the subnets apart in later discussions. Note that the “Max” number is the total number of addresses in the subnet, including the normally unusable first (network) and last (broadcast) address, but the “Now” and “1yr” numbers include only the number of addresses actually used for hosts and other systems that require an IP address, such as routers. When compiling the list, start with the largest subnet, so that all subnets automatically start on the proper bit boundaries. See Appendix A for more information on (sub)netmask calculations. The use of Variable Length Subnet Masking (VLSM) and subnet zero are mandatory, but this shouldn’t be a problem for today’s routers. There are also policies about giving each virtual web server its own IP address and giving dial-up, ADSL, and cable users fixed IP addresses. These policies boil down to something like, “Please use dynamic addresses, but if you insist on using static addresses, we’ll assign them, for now.”

If you are in the RIPE or APNIC regions, don’t forget to request delegation of the DNS reverse mapping of your new IP addresses, using the appropriate request forms.[17] The ARIN IP address request form has room for two name servers, so if your name servers will not move to the newly requested address range, there is no need to request delegation separately. If it’s necessary to change this information later, send in a request based on a template that is mentioned in the IP address request form. Due to the structure of the in-addr.arpa zone, the delegation may have to come from the RIR even for IP addresses assigned by an ISP. Ask your ISP if this is the case. It’s also possible just to request delegation from the RIR; they will inform you if your ISP is responsible for delegating authority over this part of the in-addr.arpa space.

The information about IP address assignments and allocations is recorded in publicly accessible databases, one for each RIR. These databases can be queried using the whois protocol, which is, of course, implemented in the whois command, available on every Unix system. There are also versions for most other operating systems, and if all else fails, you can use the whois query tool on each RIR’s web page. (URLs are at the beginning of the chapter.) If you haven’t done this before, you might want to look up your current IP address in the appropriate regional registry’s database:

whois -h whois.apnic.net <address>
whois -h whois.arin.net <address>
whois -h whois.ripe.net <address>

The whois server will then give you the details of the organization the addresses are assigned to, as well as contact information for the administrative and technical contacts for this organization. (This could be you!) The RIR databases contain similar information about Autonomous System numbers, which can be queried by doing a whois query on the AS number (preceded by “AS” for RIPE and APNIC). Much more information about ASes is present in the Routing Registries, discussed later this chapter.

[17] The reverse mapping is the special domain in-addr.arpa in the DNS system that makes it possible for a name server to find the name associated with an IP address. To create a reverse mapping for your IP addresses, authority over the appropriate part of the in-addr.arpa domain must be delegated to your DNS servers.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required