
Tell HN: Amazon now owns 3.0.0.0/8 - STRML
Apparently bought in two chunks: 3.0.0.0&#x2F;9 and 3.128.0.0&#x2F;9.<p>Previous owner was GE.<p>Anecdotal reports across the Internet that AWS EIPs are now being assigned in that range.<p>https:&#x2F;&#x2F;whois.arin.net&#x2F;rest&#x2F;net&#x2F;NET-3-0-0-0-1.html<p>https:&#x2F;&#x2F;whois.arin.net&#x2F;rest&#x2F;net&#x2F;NET-3-128-0-0-1.html
======
btown
Wow. This is a significant slice of the IPv4 address space, and one of the few
remaining uninterrupted /8s owned by the private sector. This is a 10-year old
visualization, but it's still a good one to visualize the scale of this
purchase.

[http://maps.measurement-factory.com/](http://maps.measurement-factory.com/)

It's a great purchase for them, and a shot at Azure and GCP - Amazon can now
legitimately tell larger clients "we will have enough IPv4 space to be your
partner for all your static-IP-dependent applications, no matter how much you
need to scale."

~~~
degenerate
Much larger and more readable version of this map:

[https://www.caida.org/research/id-consumption/whois-
map/imag...](https://www.caida.org/research/id-consumption/whois-
map/images/whois-20071001.png)

Each pixel in the image is a /24 network.

~~~
jandrese
It's really incredible how so many non-tech companies have /8s still. What is
Prudential doing with all of that address space? Eli Lily?!? Who the hell is
Cap Debis?

~~~
trynewideas
> Who the hell is Cap Debis?

Debis = Daimler-Benz InterServices, sold to T-Mobile (specifically T-Services)
in the early 2000s

CAP Debis was a partnership with CAP Gemini.

Today it's mostly enterprise telecom/IT, though that maybe oversimplifies
things. It's a big beast in Europe, Germany specifically.

~~~
nashashmi
I wonder if T-mobile is aware of that purchase. Sometimes these little known
assets get lost by the big predator because they were interested in something
very specific of the prey company.

~~~
netopexcept
I'm sure TMobile is intimately familiar with their networking assets. They
pioneered squatting on MoD space for internal routing to avoid dual homed
conflicts. (25.0.0.0/8)

[https://blog.wireshark.org/2010/04/t-mobile-clever-or-
insane...](https://blog.wireshark.org/2010/04/t-mobile-clever-or-insane/)

------
Ambroos
Coming soon: Amazon launches free DNS service on 3.3.3.3 and 3.4.3.4?

It's pretty crazy though that that huge range goes to Amazon in full. Wouldn't
it have been better for the health of the internet as a whole to get them back
to IANA for redistribution?

~~~
Symbiote
Best for the internet is encouraging IPv6. There aren't extre fees for that,
so people with less money are equal.

Meanwhile, if Amazon is going to use all these in the medium-term future, that
seems OK to me.

(3.3.3.3 and 3.2.1.0 would be more memorable.)

~~~
Ocha
While 3.2.1.0 is a valid IP address, some users might experience problems with
IP address ending in 0. It would not be a good idea to use 3.2.1.0 if you want
best compatibility with all available hardware/software on the market.

~~~
ghshephard
I wouldn't bet my life on it, but I've never experienced a problem with an IP
address ending in 0, and I've been using them for over 10 years. Our primary
VPN end-point used to end in .0 - so we had lots of opportunity to find chance
for breakage. :-)

~~~
ryan-c
I have, actually. Most of our networks were /23s, and the syslog server was a
.0 in the middle of one. An SMS sending appliance we bought would not accept
IPs ending in .0. Fortunately, the check was client-side in javascript, and
once overridden, everything worked.

------
Symbiote
Amazon's documentation shows it is already in use on AWS.

They also have 18.128.0.0/9, bought from MIT.

[https://docs.aws.amazon.com/general/latest/gr/aws-ip-
ranges....](https://docs.aws.amazon.com/general/latest/gr/aws-ip-ranges.html)

~~~
sah2ed
And here's a JSON of their IP blocks:

[https://ip-ranges.amazonaws.com/ip-ranges.json](https://ip-
ranges.amazonaws.com/ip-ranges.json)

------
akulbe
I wonder what they got it for? if just for more IPs for AWS stuff, or if it's
for something like IoT stuff?

~~~
nothis
What's up with IPv6, anyways?

~~~
OedipusRex
Enough address space for every atom on the surface of the earth.

~~~
dijit
Yet as far as I can tell no cloud provider is taking it seriously.

GCP only supports it on the edge for their load balancers for instance.

~~~
rsync
All rsync.net locations[1] have ipv6 addresses.

[1] Cali., Denver, Zurich, Hong Kong

~~~
cbm-vic-20
Been a customer of yours for ten years. No BS. Just works.

------
int_19h
Given that IP is a scarce resource, why aren't we taxing those large IP blocks
similar to property taxes on land? If holding an /8 came with a hefty tax bill
attached, it would 1) encourage companies that got them for historical reasons
and don't have much practical use for them to sell them to those who actually
need a lot of IPs, and 2) encourage IPv6 MIGRATION.

~~~
nolok
Who do you pay the tax to? Be warned that your answer will probably lead to a
fragmented Internet, or encourage even less redistribution according to real
needs

------
aanfhn
Does anyone mind sharing how IP addresses are allocated and bought in the
first place? Like who did GE buy it from if it wasn't another company?

~~~
xenadu02
In the very early days no one understood that over half of all humans would be
on the internet. It was just this ARPANet thing for the military and
universities, then a few big companies.

So you got a /8 by asking for one; they handed them out for free.

Same goes for DNS. You used to request the name and it was yours. No yearly
fees.

The IP blocks were never reclaimed because it was pointless. Even now clawing
back the big /8 assignments only kicks the can down the road for a year, maybe
two.

~~~
parliament32
And oddly enough, this seems to be happening all over again with ipv6.

My company has a /32 ipv6 space. That's 79228162514264337593543950336 /128s.
And we got it by... just asking for it.

I know everyone's shouting about "there are enough IPs for every atom on
earth!" but just like "no one understood that over half of all humans would be
on the internet", maybe we'll need more IPs in the future becuase of some
unforeseen development... it seems silly to be handing out blocks like this
just for giggles.

~~~
PC_LOAD_LETTER
Yeah, we can only give out 4,294,967,295 more /32s to large companies.

~~~
nolok
So to take a known scale, there is not enough to give one to each person
alive. Which might seem crazy but then again, why would everyone not only need
an ipv4, but need several (phone, computers, watch, tv,...)? Crazy

------
Jedd
IBM owns 9/8 - it's used for their internal network (really). They're mid-way
through a 2y project to move everything to IPv6

The recent purchase of OpenShift may be a good answer to 'I wonder what they
are intending to do with a /8 in a year'.

------
lgregg
Can someone give an ELI5 summary on why this is important and has 360+
upvotes? Why would GE have had this? Why did Amazon want it?

~~~
adamt
3/8 or 3.0.0.0/8 means the IP address range from 3.0.0.0 to 3.255.255.255 -
this is 2^24 or 16.7M IP addresses.

Why does Amazon want it? - Amazon has a lot of customers who want EC2/ELB
instances with their own IP addresses. IPv4 addresses are a scarce resource.

Why did GE have it? When the IPv4 address space was formed, various big US
companies managed to get the initial IP address allocations. You can see more
on these allocations here:
[https://en.wikipedia.org/wiki/List_of_assigned_/8_IPv4_addre...](https://en.wikipedia.org/wiki/List_of_assigned_/8_IPv4_address_blocks)

Why so many upvotes? It's relatively rare to see what is 1/255th of the IPv4
address space sold.

~~~
lgregg
Does that mean Amazon has a lease from ARIN on those batches of IPv4 addresses
for a period of time (in the same sense as a domain registry for x years) or
actually own them?

Also, That Wikipedia article was particularly helpful. I knew the /32 was
specific to my IP that I use but didn't realize the sheer scale of those
blocks.

~~~
Ayesh
IP Address purchases one-time purchases, you don't pay annual fees.

There is another comment here that said Amazon paid ~18/IP. They won't pay
this next year.

------
floriferous
Can someone explain what /8s /16s etc. are? Or a link to a good explainer?

~~~
lolc
It tells you how many of the 32 bits in your IPv4 addresses are fixed. The
rest belongs to your space.

In binary, a /8 netmask would look like this:
11111111.00000000.00000000.00000000 and a /16 would look like this:
11111111.11111111.00000000.00000000

So 3.0.0.0/8 means only the first eight bits are fixed. Which gives Amazon
2^24 IP-Addresses to use (32-8 bit). That is huge because it's 1/256 of all
available IPv4 addresses. It is small because it's only 16777216 addresses.

------
zwieback
When we were hp we used to own all of 15.0.0.0 and 16.0.0.0 (formerly DEC) but
now we're down to only 15 and hpe has 16. It's weird how these blocks move
around, should really be more of a shared resource.

~~~
icedchai
As an individual, I own an entire /24, registered back in 1993. The people who
got in early got a disproportionate amount of address space. New ISPs /
companies have to beg and borrow just to get a small slice.

~~~
dijit
This is happening with IPv6. People think there's so much address space that
wasting several trillion isn't going to matter.

The issue is that when you have 95% of your address space allocated and unused
you can't reap individual sections, and if you could then you'd bloat the BGP
tables to epic proportions.

IANA/RIPE need to be more reserved when they have abundance.

Actually, that goes for technology in general; just because most of your users
have 8G of ram doesn't mean you should think that using 5G is acceptable.
(looking at you skype/slack/chrome)

~~~
Symbiote
Perhaps the visualization here would show you just how huge IPv6 space is.

[https://subnettingpractice.com/ipv6_is_huge.html](https://subnettingpractice.com/ipv6_is_huge.html)

~~~
deepsun
By the way, I always wondered what if companies start acquiring large IPv6
space chunks, and it will become the same problem as with IPv4. For example in
hand, if AWS bought 3.0.0.0/8, cannot they buy 03::?

And once enough companies buy huge ranges of IPv6, we would come to the same
scarcity as in IPv4, no?

PS: I understand that largest CIDR block that can be allocated in IPv6 is /20,
not /8\. But they could buy 4096 blocks of size /20 to get the whole of /8.

~~~
icedchai
No, because all global unicast allocations are done out of 2000::/3 This means
even if we screw up all these allocations, we have many other chances to get
it right.

See [https://www.iana.org/assignments/ipv6-address-
space/ipv6-add...](https://www.iana.org/assignments/ipv6-address-
space/ipv6-address-space.xhtml)

------
mrbill
I worked for Halliburton as a sysadmin for 12 years.. during that time they
owned 34/8 and 134.132/16.

Looking now:

134.132/16: still LGC/HAL

34/10: HAL

34.64/10: Google

34.128/10: HAL

34.192/10: Amazon

So I guess they decided to make some hefty profit...

------
simonmales
Re: IPv6

Would love for each AWS account to have it's own IPv6 range out of the box. I
feel like this solve the pains the AWS Lambda fans (like myself) have when
they need to access a whitelist only service.

Disclaimer: Board strokes, I don't really know what I am talking about

~~~
Sohcahtoa82
If AWS ever implements IPv6, that's totally possible. The standard IPv6
distribution model calls for end users to be given a /64.

------
jedberg
According to their usually up to date json[0], the IPs are already in use and
all 17+M have been assigned to the Singapore region (ap-southwest-1).
According to the json they are available for both EC2 and other infrastructure
as well (ELBs, API gateway, etc).

[0] [https://ip-ranges.amazonaws.com/ip-ranges.json](https://ip-
ranges.amazonaws.com/ip-ranges.json)

~~~
cflee
It's definitely not all assigned to Singapore or to ap-southwest-1, the ip-
ranges.json file reports assignments to other regions, i.e.

3.0.0.0/15 ap-southeast-1 EC2 (Singapore) 3.8.0.0/14 eu-west-2 EC2 3.16.0.0/14
us-east-2 EC2 3.40.0.0/14 eu-west-1 EC2 3.80.0.0/12 us-east-1 EC2 3.104.0.0/14
ap-southeast-2 EC2 3.112.0.0/14 ap-northeast-1 EC2 3.120.0.0/14 eu-central-1
EC2

------
eganist
Considering GE's downward spiral (www.google.com/search?q=nyse:ge), I wonder
if Amazon managed to get a good deal out of it or if GE managed to actually
extract some value out of this sale.

I can't imagine why sales and values of IP blocks would be publicly tracked
(beyond just IP blocks trading hands), but is anyone aware of the sale price?

~~~
iamgopal
Amazon should buy GE.

~~~
briffle
Order a locomotive, or 5MW Wind Generator with free 2 day shipping with your
prime membership..

~~~
anticensor
Fine print would say _free locomotive offer only applies to 1435mm
territories._

~~~
anticensor
_Aaaand, your locomotive will not move unless your CBTC reports to Alexa
network, enabling precise location tracking of these trains_

------
dvno42
Just a thought but why hasn't Multicast or Reserved sections been sliced up
further and added back into the pool? I'm guessing going back and making those
addresses Internet routable would be very difficult at this point. Since
MBONE[0] is gone I feel like even a /16 would be sufficient for reserved
multicast in private networks. A /4 just seems ridiculous to me. I suppose at
this point the path of least resistance is to just go to IPv6 though.

[0]:
[https://en.wikipedia.org/wiki/Mbone](https://en.wikipedia.org/wiki/Mbone)

~~~
jandrese
If you're going to have to hack every single router to support using these
addresses for regular unicast traffic you might as well just switch to IPv6.

------
chiph
And GE sells another valuable asset. (Previously: appliances to Haier,
property portfolio to Wells Fargo)

------
pkulak
Found one more piece to sell off, I guess:

[https://www.npr.org/sections/money/2018/10/03/654141402/what...](https://www.npr.org/sections/money/2018/10/03/654141402/what-
happened-to-ge)

------
RKearney
As you pointed out, they own 2 /9's. While this covers the entire 3/8 space,
they cannot have ROAs signed for the /8 nor can they submit route objects for
the /8 until the 2 /9's are consolidated into a single /8.

------
jedisct1
[https://api.iptoasn.com/v1/as/ip/3.0.0.0](https://api.iptoasn.com/v1/as/ip/3.0.0.0)

------
equasar
How much does cost to own those kind of DNS resolvers?

~~~
tyingq
The cost for a "vanity/memorable ip" like 8.8.8.8, or the cost of a global
anycast redundant recursive resolver setup?

~~~
mxuribe
Yeah, i'm curious, so what does it cost for a "vanity/memorable ip like
8.8.8.8"?

~~~
caymanjim
You're not going to be able to have a single IP address globally routed.
Practically speaking, you can't own anything smaller than a /24 network.

~~~
tyingq
A /24 is probably in the ~$4k range. No idea what a netblock with a
cool/vanity IP might cost. Pretty sure all the single digit ones are
impossible to buy, but there could be others that would be a premium above
regular pricing.

------
amelius
What's next? Rent seeking on IPv4 address space?

~~~
EamonnMR
It's already a thing, usually called leasing.

------
mixmastamyk
Do they own them, or is that a figure of speech? Probably should be rented so
that the unused eventually come back to the pool.

------
chaoticmass
Given General Electric's dire straits lately, it doesn't surprise me they
would sell it.

------
ajmarsh
The xkcd map will need an update.

[https://xkcd.com/195/](https://xkcd.com/195/)

~~~
Majestic121
Is this whole list of unallocated blocks still relevant ? I though there was a
shortage of IPv4 adresses ?

~~~
anonymfus
No, it's a map from 2006

------
arduinomancer
How much would something like this cost Amazon?

------
jenscow
Meh, I have 2 /8s.

10 and 127.

------
matt_lo
Eventually Amazon is going to rule us all.

~~~
JustSomeNobody
No doubt. While everyone is looking at Apple, Google and FaceBook, Amazon is
back there plotting their take-over.

------
lbalik
Not only that, Amazon's HQ2 now covers more of the US than MetroPCS.

[https://www.techloaf.io/2018/11/08/amazon-hq2-now-covers-
mor...](https://www.techloaf.io/2018/11/08/amazon-hq2-now-covers-more-of-us-
than-metropcs/)

(This is a tech humor blog/email I follow - they have been vicious with Amazon
this week)

------
danzun
The shortage of IPv4 addresses is "self-inflicted". If the internet didn't
follow this stupid libertarian approach of selling and buying addresses, we
could have addresses for everybody.

~~~
forgottenpass
How exactly do you fit 7.5 billion unique identifiers into a 32 bit address
space?

And that's ignoring population growth, multiple devices per person,
infrastructure addresses and overhead.

~~~
techplex
Not everyone needs a public IP, right? Especially with the advent of carrier
grade NAT.

~~~
ancarda
CGNAT will hopefully drive people to IPv6 because it's really quite bad. This
talk is really interesting in explaining why it's so bad:
[https://www.youtube.com/watch?v=fbk4H6EmZzI](https://www.youtube.com/watch?v=fbk4H6EmZzI)

Edit: Changed likely to hopefully... as let's be honest, we'll probably still
be using IPv4 in a few decades.

~~~
lolc
Wow that was a very good, if scary, summary of the situation. Whenever my
phone browser drags now I'll just say: "thanks CGN".

