Replying to Avatar semisol

I wonder who manages IPs
Avatar
Super Testnet 5mo ago

As I understand it, ICANN gives each ISP a range of ip addresses, and they do two things with them: (1) they assign each one to a customer, who effectively rents it (2) they maintain an internal database of which customer rents which ip address.

Suppose Alice uses ISP A and Bob uses ISP B. If Alice wants to send a message to Bob, she sends a query to her own ISP -- ISP A -- containing Bob's ip address. ISP A looks at the first part of the ip address, which identifies ISP B, so ISP A forwards the query to ISP B through wires, radio waves, or both.

Once ISP B has the message, they use their internal database to look up which of their customers rents that IP address to, and forward the message to them in a similar manner (wires, radio waves, or both).

Due to this structure, ICANN cannot block a particular ip address, because ISPs don't query ICANN when resolving a particular ip address. They just look up what range it is in and then forward it to the ISP responsible for that range.

An ISP *could* block a particular IP address, however, by just refusing to provide further service to whatever customer rents that ip address. Thankfully, at least at the present time, it is easy to rent an IP address without KYC, so ISPs do not have identity information on all of their users, making it hard to censor them in this manner. An ISP might block a particular IP address, but you can easily just rent another one, even from the same provider, because they don't have your identity info.

Reply to this note

Please Login to reply.

Discussion

Avatar
modulo 5mo ago

But what about“black-holeing” wrt state authorities trying to shut down “malicious” traffic?

Avatar
Super Testnet 5mo ago

I don't know what that term refers to. Do you have a link?

Avatar
modulo 5mo ago

https://en.m.wikipedia.org/wiki/Black_hole_(networking) Sometimes used as a threat against entire ISP if they don’t comply to traffic monitoring standards.

Avatar
Super Testnet 5mo ago

I mentioned that an ISP can censor an ip address in their range. It sounds like black-hole-ing is a form of that. Thankfully, at least right now, it's easy to get around such censorship by renting a different ip address, since there are many ip address providers who do not require identity info. But I imagine it is difficult in some countries to rent an ip address without KYC, and if it becomes difficult worldwide, that will suck pretty badly.

Avatar
modulo 5mo ago

This is correct, but blackholing I am referring to is at a layer above the ISP. If an ISP doesn’t sufficiently comply with an authority, the authority directs name services to prevent access (in and out, that is, black hole) to the range of IP that the ISP controls.