datatracker.ietf.org
Sign in
Version 5.10.0, 2014-12-21
Report a bug

Embedding Globally-Routable Internet Addresses Considered Harmful
RFC 4085

Document type: RFC - Best Current Practice (June 2005; No errata)
Also Known As BCP 105
Document stream: IETF
Last updated: 2013-03-02
Other versions: plain text, pdf, html

IETF State: (None)
Consensus: Unknown
Document shepherd: No shepherd assigned

IESG State: RFC 4085 (Best Current Practice)
Responsible AD: David Kessens
Send notices to: gih@telstra.net, isoc-contact@aarnet.edu.au, dmm@1-4-5.net

Global Routing Operations                                      D. Plonka
Network Working Group                            University of Wisconsin
Request for Comments: 4085                                     June 2005
BCP: 105
Category: Best Current Practice

   Embedding Globally-Routable Internet Addresses Considered Harmful

Status of This Memo

   This document specifies an Internet Best Current Practices for the
   Internet Community, and requests discussion and suggestions for
   improvements.  Distribution of this memo is unlimited.

Copyright Notice

   Copyright (C) The Internet Society (2005).

Abstract

   This document discourages the practice of embedding references to
   unique, globally-routable IP addresses in Internet hosts, describes
   some of the resulting problems, and considers selected alternatives.
   This document is intended to clarify best current practices in this
   regard.

Table of Contents

   1. Introduction ....................................................2
   2. Problems ........................................................2
   3. Recommendations .................................................4
      3.1. Disable Unused Features ....................................4
      3.2. Provide User Interface for IP Features .....................4
      3.3. Use Domain Names as Service Identifiers ....................4
      3.4. Use Special-Purpose, Reserved IP Addresses When Available ..5
      3.5. Discover and Utilize Local Services ........................6
      3.6. Avoid Mentioning the IP Addresses of Services ..............6
   4. Security Considerations .........................................6
   5. Conclusion ......................................................7
   6. Acknowledgements ................................................7
   7. References ......................................................7
   Appendix A.  Background ............................................9

Plonka                   Best Current Practice                  [Page 1]
RFC 4085       Embedding IP Addresses Considered Harmful       June 2005

1.  Introduction

   Some vendors of consumer electronics and network gear have
   unfortunately chosen to embed, or "hard-code", globally-routable
   Internet Protocol addresses within their products' firmware.  These
   embedded IP addresses are typically individual server IP addresses or
   IP subnet prefixes.  Thus, they are sometimes used as service
   identifiers, to which unsolicted requests are directed, or as subnet
   identifiers, specifying sets of Internet addresses that the given
   product somehow treats specially.

   One recent example was the embedding of the globally-routable IP
   address of a Network Time Protocol server in the firmware of hundreds
   of thousands of Internet hosts that are now in operation worldwide.
   The hosts are primarily, but are not necessarily, limited to low-cost
   routers and middleboxes for personal or residential use.  In another
   case, IP address prefixes that had once been reserved by the Internet
   Assigned Numbers Authority (IANA) were embedded in a router product
   so that it can automatically discard packets that appear to have
   invalid source IP addresses.

   Such "hard-coding" of globally-routable IP addresses as identifiers
   within the host's firmware presents significant problems to the
   operation of the Internet and to the management of its address space.

   Ostensibly, this practice arose as an attempt to simplify IP host
   configuration by pre-loading hosts with IP addresses.  Products that
   rely on such embedded IP addresses initially may appear to be
   convenient to the product's designer and to its operator or user, but
   this dubious benefit comes at the expense of others in the Internet
   community.

   This document denounces the practice of embedding references to
   unique, globally-routable IP addresses in Internet hosts, describes
   some of the resulting problems, and considers selected alternatives.
   It also reminds the Internet community of the ephemeral nature of
   unique, globally-routable IP addresses; the assignment and use of IP
   addresses as identifiers is temporary and therefore should not be
   used in fixed configurations.

2.  Problems

   The embedding of IP addresses in products has caused an increasing
   number of Internet hosts to rely on a single central Internet
   service.  This can result in a service outage when the aggregate
   workload overwhelms that service.  When fixed addresses are embedded

Plonka                   Best Current Practice                  [Page 2]
RFC 4085       Embedding IP Addresses Considered Harmful       June 2005

[include full document text]