What is DHCP?


The Internet is a vast source of information that is continuously updated and accessed via computers and other devices. For a device (also referred to as a host) to connect to the Internet, it is necessary that among other configurations, it must have an Internet Protocol (IP) address. The IP address is the computer's address on the Internet. A common comparison of an IP address is an individual's telephone number, which is an identifier for people to communicate with the individual. Up until the late 1980s, configuring a computer to connect to the Internet was a manual process. The protocol Bootstrap Protocol (BOOTP) was the first Transmission Control Protocol/Internet Protocol (TCP/IP) network configuration tool used to prevent the task of having to manually assign IP addresses by automating the process.

While the introduction of the BOOTP network protocol was a welcome innovation for network administrators tasked with managing large numbers of computers on a network, it was the first attempt and a new and improved TCP/IP network protocol soon followed. This protocol is called Dynamic Host Configuration Protocol (DHCP). DHCP was not designed as a replacement for BOOTP, but an extension of its functionality.

How DHCP Works

As its name indicates, DHCP provides dynamic IP address assignment. What this means is that instead of having to rely on a specific IP address, a computer will be assigned one that is available from a subnet or "pool" that is assigned to the network. DHCP also extends BOOTP functionality to provide IP addresses that expire. BOOTP indirectly uses a form of leasing that never expired, but the term wasn't actually used until the introduction of DHCP. When DHCP assigns an IP address, it actually leases the identifier to the host computer for a specific amount of time. The default lease is five days, but a network administrator should evaluate their own particular circumstances to determine an appropriate lease.

In basic terms, the DHCP lease process works as follows:

  1. A network device attempts to connect to the Internet.
  2. The network requests an IP address.
  3. The DHCP server allocates (leases) the network device an IP address, which is forwarded to the network by a router.
  4. DHCP updates the appropriate network servers with the IP address and other configuration information.
  5. The network device accepts the IP address.
  6. The IP address lease expires.
  7. DHCP either reallocates the IP address or leases one that is available.
  8. The network device is no longer connected to the Internet.
  9. The IP address becomes an available address in the network pool of IP addresses.

To set up DHCP, you basically need a DHCP-supported client (at least one) and router, and a DHCP server. The client is a computer or other device on a network that requires an IP address and or other network configuration information. The router functions as a forwarding (or routing) agent of IP address requests from the DHCP server. The DHCP server is key to the entire operation. It is responsible for allocating, leasing, reallocating, and renewing IP addresses. Windows and Linux both support DHCP software.

How do I change my IP address?


"How do I change my IP address?" and "Can I change my IP address?" are probably the most commonly asked questions. Please attempt the following then, if that does not work, visit the Change IP Address forum.

Before trying any other methods to change your IP address, try turning off (or unplugging the power of) your Cable/DSL modem for five minutes. In many cases this will change your IP address. However, if that does not change your IP address, repeat the process for 8 hours (overnight works well) instead of 5 minutes. Hopefully this will result in an IP change.

If the above does not result in your IP address changing, please look through the below for the situation that best matches yours and attempt to change your IP address that way. Unfortunately you are not able to get your IP address to change in all cases, as it is ultimately determined by your ISP's DHCP configuration (when you've got a dynamically assigned IP address, that is.)

Windows

- Computer connected directly to the modem

  1. Get to a command prompt. (START, run, cmd).



  1. Type "ipconfig /release" (without the quotes, on the command line by itself).

  1. Type "ipconfig /renew" (without the quotes, on the command line by itself).

Windows (second option)

- Computer connected directly to the modem

  1. Get to a command prompt. (START, run, cmd).
  2. Type "ipconfig /release" (without the quotes).
  3. Shut down computer.
  4. Turn off computer.
  5. Turn off all ethernet hubs/switches.
  6. Turn off cable/DSL modem.
  7. Leave off overnight.
  8. Turn everything back on.

Network with Router

  1. Log into the router's admin console. (Often http://192.168.1.1/)
  2. Release the IP address. (Method varies by router manufacturer)
  3. Turn off router, ethernet hubs/switches, and the cable/DSL modem.
  4. Leave off overnight.
  5. Turn everything back on.

If you are using a cable/DSL modem and a router, you may wish to connect your computer directly to the cable/DSL modem. Please note that this could significantly impact your system security. This allows your ISP's DHCP to issue you a new (hopefully changed) IP address based of the (hardware) MAC address of your computer's ethernet card.

If all the above has not worked to change your IP address and you have a router, check and see if there is a "Clone MAC Address" option. Using it should change your IP address; however, you'll only be able to do it once (in most cases).

These will not work in all cases. If all else fails contact your internet service provider (ISP) and ask them if they are able to change your IP address or how long your connection needs to be off for your IP address to change.

If you trying to change your IP address because you are just trying to access web based forums you may wish to attempt to configure your internet browser to use a proxy server.

What is a Cable/DSL Modem?


First of all, you need to understand what a broadband connection is and how it works. According to Dictionary.com, broadband is "a high-speed, high-capacity transmission medium that can carry signals from multiple independent network carriers. This is done on a single coaxial or fiber-optic cable by establishing different bandwidth channels. Broadband technology can support a wide range of frequencies. It is used to transmit data, voice and video over long distances simultaneously."

Instead of carrying a phone conversation or a television signal over these broadband lines, phone companies and television companies now allow data to be sent as well through DSL connections (phone service) and cable connections. Thus, you can hook your modem up to any cable outlet or phone jack and have instant Internet access (Just make sure the cable guy remembered to activate all your outlets).

In order for you to receive the information carried through the broadband connection, you must have a modem that delivers it to your computer. There are specific modems for DSL connections, and specific modems for cable Internet access. The difference primarily rests on the type of wire required to connect the modem to the outlet.

Choosing a Modem

Now that you know how a modem works, where do you find one. The answer varies between company, but phone service and cable service each have a general way of making sure you have a modem.

If you are getting DSL service, you will probably be buying your modem as you sign up for your service. Most of the time, you can get a discount by purchasing the modem from your phone company. Comparison shop, though, just to be sure you're getting a good deal. Also remember that with DSL, you'll probably be signing a year contract, so if you only request month-to-month service, you may not get the same discount price.

Cable companies provide a modem in a completely different way. Rather than having you purchase the modem, they often try to convince you to rent the modem from their company. At three to five dollars a month, this is a great deal if you don't expect to have the service permanently, but it's a terrible deal if you know you'll need Internet over the next few years. Sometimes, though, you can find deals through other companies on the Internet that offer discounted service from your cable company AND a free modem (after rebate, of course). Check out all the options and see which ones best fit your needs and save you the most money.

Now, there is just one more thing to discuss. If you are wanting wireless Internet, you will need to purchase a wireless router separately. You can find these at any Best Buy or Wal-Mart, and if you wait for a sale, you can get a good price. Before purchasing, though, make sure your computer has an Ethernet card - most laptops should come with this, but there are a few exceptions.

Once you receive everything, all you need to do is hook up your modem to the outlet and your wireless router to the modem. Now you can surf the Internet from anywhere in your home or even in your backyard!

What is a Router?


Before we delve into the world of routers, you need to understand what a broadband connection is and how it works. According to Dictionary.com, broadband is "a high-speed, high-capacity transmission medium that can carry signals from multiple independent network carriers. This is done on a single coaxial or fiber-optic cable by establishing different bandwidth channels. Broadband technology can support a wide range of frequencies. It is used to transmit data, voice and video over long distances simultaneously."

Routers take information that arrives through your broadband signal via a modem, decipher it, and deliver it to your computer. The router will also choose the best route for the data packet so that you receive the information quickly.

Many different types of routers have been developed so that the information coming over your broadband connection can be sent to a variety of different receivers including your computer, your phone, and others.

Types of Routers

There are several types of routers that you will want to understand. You need to know the difference so that you can set up your network or at least so that you can understand what the local computer guy tells you to do.

Broadband Routers

Broadband routers can be used to do several different types of things. They can be used to connect two different computers or to connect two computers to the Internet. They can also be used to create a phone connection.

If you are using Voice over IP (VoIP) technology, then you will need a broadband router to connect your Internet to your phone. These are often a special type of modem that will have both Ethernet and phone jacks. Although this may seem a little confusing, simply follow the instructions that your VoIP provider sends with your broadband router - usually you must purchase the router from the company in order to obtain the service.

Wireless Routers

Wireless routers connect to your modem and create a wireless signal in your home or office. So, any computer within range can connect to your wireless router and use your broadband Internet for free. The only way to keep anyone from connecting to your system is to secure your router.

A word of warning about wireless routers: Be sure your secure them, or you will be susceptible to hackers and identity thieves. In order to secure your router, you simply need to come to WhatIsMyIPAddress.com, and get your IP address. Then, you'll type that into your web browser and log into your router (the user ID and password will come with your router).

Remember to change the router ID and password as well or someone else might lock you out of your system.

Once there, visit the wireless settings, type in a security key and you'll be about ready to go. Make sure you write down the key or save it in a Word document. When you try to log onto your Internet connection, you'll just need to enter the key. Your computer should remember the key, but write it down somewhere for safe keeping just in case.

What is a Private IP Address?


When you send a letter from your house to a friend, you have to know the address to send it to so that the postman knows which street and which house to take it to. Computer networks such as the Internet are no different except instead of sending your web traffic to "1145 Main Street"; your computer's location is known as an IP Address.

An IP address is your computer's equivalent of your postal address and just like the mail service, each computer has to have its own address so that it will only receive the information that is meant for it and not anything that is meant for someone else.

While we are used to writing out streets and house numbers on envelopes, inside your computer IP Addresses are usually represented in what is known as dotted-decimal format such as 124.62.112.7 as this is the system that is understood by computers. As you can see, the address is split into 4 sections known as "octets" and each of the four octets can be numbered from 0-255, providing a total of 4,294,967,296 potentially unique IP Addresses.

Now, while 4.2 Billion might seem like a lot, for many years large amounts of these have been allocated and used by large network such as backbone providers, ISPs and large Universities that made up the early Internet While other groups still have been reserved for special purposes and are not usable, so in practice the real amount is far less than 4.2 billion. The problem that we face today is that with many homes owning more than one computer and with cell phones, PDAs and even fridges being enabled for Internet access these days, IP Addresses are running out.

When I mentioned above that some blocks of addresses had been reserved for special purposes, one of these purposes was for private networking and it is these private addresses that help to relieve the pressure on the remaining address space and make possible many of the cable and DSL routers that people have at home today to share their Internet connection amongst many PCs.

Private IP address ranges

The ranges and the amount of usable IP's are as follows:
10.0.0.0 - 10.255.255.255
Addresses: 16,777,216
172.16.0.0 - 172.31.255.255
Addresses: 1,048,576
192.168.0.0 - 192.168.255.255
Addresses: 65,536

So, what are these addresses and how do they work?

For example, if I had 6 computers that I wanted to network, I might number them from 172.16.0.1 up to 172.16.0.6 and this would still leave over a million more addresses that I could use if I were to buy some more computers or if I was networking a large office and needed lots and lots of addresses.

These blocks of addresses can be used by anyone, anywhere - even if your neighbor is using the exact same addresses this won't cause a problem. This is possible because these addresses are known as "non-Routable addresses" and the devices on the internet that move data from one place to another are specially programmed to recognize these addresses. These devices (known as routers) will recognize that these are private addresses belonging to your network and will never forward your traffic onto the Internet so for your connection to work; you will always require at least one real address from the general pool so that your home router can perform what is known as "Network Address Translation".

NAT is a process where your router changes your private IP Address into a public one so that it can send your traffic over the Internet, keeping track of the changes in the process. When the information comes back to your router, it reverses the change back from a real IP Address into a private one and forwards the traffic back to your computer.

Private addresses and NAT is what makes your home router work and by using them, anyone is able to connect as many computer's as they wish to the Internet without having to worry about running out of addresses and this gives everyone many more years until all the available addresses are used up.

What is Network Address Translation?


Network Address Translation (NAT) is the process where a network device, usually a firewall, assigns a public address to a computer (or group of computers) inside a private network. The main use of NAT is to limit the number of public IP addresses an organization or company must use, for both economy and security purposes.

The most common form of network translation involves a large private network using addresses in a private range (10.0.0.0 to 10.255.255.255, 172.16.0.0 to 172.31.255.255, or 192.168.0 0 to 192.168.255.255). The private addressing scheme works well for computers that only have to access resources inside the network, like workstations needing access to file servers and printers. Routers inside the private network can route traffic between private addresses with no trouble. However, to access resources outside the network, like the Internet, these computers have to have a public address in order for responses to their requests to return to them. This is where NAT comes into play.

Internet requests that require Network Address Translation (NAT) are quite complex but happen so rapidly that the end user rarely knows it has occurred. A workstation inside a network makes a request to a computer on the Internet. Routers within the network recognize that the request is not for a resource inside the network, so they send the request to the firewall. The firewall sees the request from the computer with the internal IP. It then makes the same request to the Internet using its own public address, and returns the response from the Internet resource to the computer inside the private network. From the perspective of the resource on the Internet, it is sending information to the address of the firewall. From the perspective of the workstation, it appears that communication is directly with the site on the Internet. When NAT is used in this way, all users inside the private network access the Internet have the same public IP address when they use the Internet. That means only one public addresses is needed for hundreds or even thousands of users.

Most modern firewalls are stateful - that is, they are able to set up the connection between the internal workstation and the Internet resource. They can keep track of the details of the connection, like ports, packet order, and the IP addresses involved. This is called keeping track of the state of the connection. In this way, they are able to keep track of the session composed of communication between the workstation and the firewall, and the firewall with the Internet. When the session ends, the firewall discards all of the information about the connection.

There are other uses for Network Address Translation (NAT) beyond simply allowing workstations with internal IP addresses to access the Internet. In large networks, some servers may act as Web servers and require access from the Internet. These servers are assigned public IP addresses on the firewall, allowing the public to access the servers only through that IP address. However, as an additional layer of security, the firewall acts as the intermediary between the outside world and the protected internal network. Additional rules can be added, including which ports can be accessed at that IP address. Using NAT in this way allows network engineers to more efficiently route internal network traffic to the same resources, and allow access to more ports, while restricting access at the firewall. It also allows detailed logging of communications between the network and the outside world.

Additionally, NAT can be used to allow selective access to the outside of the network, too. Workstations or other computers requiring special access outside the network can be assigned specific external IPs using NAT, allowing them to communicate with computers and applications that require a unique public IP address. Again, the firewall acts as the intermediary, and can control the session in both directions, restricting port access and protocols.

NAT is a very important aspect of firewall security. It conserves the number of public addresses used within an organization, and it allows for stricter control of access to resources on both sides of the firewall.

What is a Firewall?


A firewall is a security device that can be a software program or a dedicated network appliance. The main purpose of a firewall is to separate a secure area from a less secure area and to control communications between the two. Firewalls can perform a variety of other functions, but are chiefly responsible for controlling inbound and outbound communications on anything from a single machine to an entire network.

Software Firewalls

Software firewalls, also sometimes called personal firewalls, are designed to run on a single computer. These are most commonly used on home or small office computers that have broadband access, which tend to be left on all the time. A software firewall prevents unwanted access to the computer over a network connection by identifying and preventing communication over risky ports. Computers communicate over many different recognized ports, and the firewall will tend to permit these without prompting or alerting the user. For example, computers access Web pages over port 80 and use port 443 for secure Web communications. A home computer would expect to receive data over these ports. However, a software firewall would probably block any access from the Internet over port 421, over which it does not expect to receive data. Additionally, port 421 has been used by certain Trojans (a type of malware) in the past. Software firewalls can also detect "suspicious" activity from the outside. They can block access to a home computer from an outside address when activity matches certain patterns, like port scanning.

A software firewall also allows certain programs on the user's computer to access the Internet, often by express permission of the user. Windows Update, antivirus software, and Microsoft Word are a few programs that a user might legitimately expect to access the Internet. However, a program called gator.exe that is attempting to access the Internet when it shouldn't be running might be reason for concern, so the user could decline access for this program. This is a useful feature when spyware, adware or some type of malware is suspected.

Some software firewalls also allow configuration of trusted zones. These permit unlimited communication over a wide variety of ports. This type of access may be necessary when a user starts a VPN client to reach a corporate intranet.

One drawback to software firewalls is that they are software running on a personal computer operating system. If the underlying operating system is compromised, then the firewall can be compromised as well. Since many other programs also run on a home computer, malicious software could potentially enter the computer through some other application and compromise the firewall. Software firewalls also rely heavily upon the user making the right decisions. If someone using a software firewall mistakenly gives a keylogger or a Trojan permission to access the Internet, security on that machine is compromised even though there is nothing wrong with the firewall itself.

There are many different brands of software firewalls, each with their own features. Some examples include ZoneAlarm, BlackICE, and Kerio.

Hardware Firewalls



Hardware firewalls are more complex. They also have software components, but run either on a specially engineered network appliance or on an optimized server dedicated to the task of running the firewall. The operating system underlying a hardware firewall is as basic as possible and very difficult to attack. Since no other software runs on these machines, and configuration takes a little more thought than clicking on an "allow" prompt, they are difficult to compromise and tend to be extremely secure.

A hardware firewall is placed between a network, such as a corporation, and a less secure area, such as the Internet. Firewalls also can separate more secure networks from less secure networks, such as one corporate location within a larger corporate structure. Versions of hardware firewalls are available to home users who want stronger protection from potential Internet attacks. There are many different default configurations for these devices - some allow no communications from the outside and must be configured, using rules, others (like those available for the home market) are already configured to block access over risky ports. Rules can be as simple as allowing port 80 traffic to flow through the firewall in both directions, or as complex as only allowing 1433 (SQL server) traffic from a specific IP address outside of the network through the firewall to a single IP address inside the network.

Firewalls are also used for Network Address Translation (NAT). This allows a network to use private IP addresses that are not routed over the Internet. Private IP address schemes allow organizations (or even household networks) to limit the number of publicly routed IP addresses they use, reserving public addresses for Web servers and other externally accessed network equipment. NAT allows administrators to use one public IP address for all of their users to access the Internet - the firewall is "smart" enough to send the requests back to the requesting workstation's internal IP. NAT also allows users inside a network to contact a server using a private IP while users outside the network must contact the same server using an external IP.

In addition to port and IP address rules, firewalls can have a wide variety of functionality. They can also act as caching servers, VPNs, routers, and more. Some examples of hardware firewalls are CheckPoint, Cisco PIX, SonicWall, Contivity from Nortel, and Linksys (for the home market).

Firewalls are vital to network management. Without this control over computer and network access, large networks could not store sensitive data intended for selective retrieval. Firewalls are also very important for home broadband users - without a home version of one of these products, your personal data is at risk.

Can Someone Find me with my IP Address?


Possibly, but most likely not without a subpoena.

In most cases all that can be easily determined is who the person's ISP is and possibly the state and city they reside in.

In some cases with static IP address DSL or business DSL services the ISP provides IP allocation records to the American Registry for Internet Numbers, the non-profit organization responsible for managing Internet numbering resources in North America.

As an example SBC used to include customer information in those allocation records, but due to privacy concerns now uses their own information with a customer reference number.

For users who want to afford themselves some additional level of anonymity we suggest you read about internet anonymity, Proxy Servers, and how to hide your ip address.

Try using this tool to look up your IP address.

How can someone find out who I am?

A little background first.

IP address allocation is handled by The Internet Assigned Numbers Authority (IANA). IANA in turn, delegate authority to Regional Internet Registries (RIRs). The RIRs, in turn, following their own regional policies, further delegate blocks of IP addresses to their customers, which include Internet Service Providers (ISPs) and end-user organizations.

Each of the RIRs handles a specific geographic area:

  • ARIN (North America and portions of the Caribbean)
  • AfriNIC (Africa)
  • APNIC (Asia and the Pacific region)
  • LACNIC (Latin America and portions of the Caribbean)
  • RIPE (Europe, Middle East, Central Asia)

Each of these organizations allow lookups to be to that data. Different ISP's segment their blocks of IP addresses by region and you can see that in the lookup. The lookup provides the name and address of the organization the block of IP addresses was allocated to. The ISP's can name these blocks if they choose. The naming often indicates a geographic location, for example, IRV-CA, aka Irvine, California.

Here are links to the URLs where you can lookup an IP address. Be aware that if you lookup an Asian allocated IP address in a different region's RIR it will provide a link to the appropriate RIR.

  • North America and portions of the Caribbean
  • Africa
  • Asia and the Pacific region
  • Latin America and portions of the Caribbean
  • Europe, Middle East, and Central Asia

In general, I start by looking up an IP address with ARIN seeing what geographic location information I can learn from the results.

From there I do a reverse DNS (rDNS) lookup to see what hostname the ISP provides. A hostname is something like www.example.com, or can be more specific to include regional information.

From there I do a traceroute which displays the hostnames many of the machines in between two points on the internet. (I'm making this *really* none technical here...) Sometimes the rDNS/hostname of a specific IP address will not reveal any location but the rDNS/hostname of the machine next along the path will reveal some.

That's about all the information that can be obtained without a subpoena. In many cases people reveal small amounts of personal information about themselves on forums, chat rooms, blogs, etc that can be used to build a profile of who you might be.

Staying Anonymous Online


Internet anonymity is, in essence, the subject of internet privacy and its issues. Internet anonymity is basically the method by which people send messages and conduct business via the Internet without revealing their true identity. The information that they do reveal is controlled by the user him or herself. It includes the obvious personal information, however maintaining Internet anonymity extends far beyond the user: it includes computer information and location as well. To maintain Internet anonymity means to utilize the Internet without giving anyone the ability to trace or link web activity, or personal information, back to the user.

Those who are concerned about Internet anonymity often discuss several risks to personal privacy. Cookies are among the most talked about privacy risk. Cookies are text sent to a web browser about a site or page that has been visited. The text is stored by the computer's server and sent back every time that particular web page is revisited. It makes for downloading the page quicker since the computer accessing the page is authenticated by the cookie. Cookies also contain specific information about the user, such as preferences, passwords, log-in IDs and even electronic shopping cart information. This is why the cookie is considered a privacy risk by Internet users, and has thus been disabled by many computer owners prior to surfing the web.

Advocates for Internet anonymity argue that it is the most important aspect of free speech on the Internet. Anonymity allows for Internet users to express themselves freely without worry of being discovered or tracked, ridiculed, or harassed. This is important to online discussions and forums, especially those involving personal questions or topics, in which those participating do not want to have to admit who or where they are. A perfect example of the importance of such anonymity is in medical forums where patients are free to ask medical questions of doctors or others with similar medical afflictions. Advocates also maintain that Internet anonymity is essential for transmitting information that must remain anonymous. The reporting of illegal activities and criminal behavior via the Internet is also an example of how vital anonymity can be: it gives witnesses and reporters the comfort and security necessary to offer their testimony.

Opponents argue that certain abuses and illegal activities are perpetuated by available Internet anonymity. Spam, or unsolicited email, is a common abuse of Internet anonymity. Most spam emails are junk mail and non-threatening; however, there have been cases where spam has been utilized to communicate hate-speech, threats, and harassment, and the anonymity of such spam has made it difficult, if even impossible, to track their originators. Opponents also debate that anonymity protects criminals and sexual predators. These offenders utilize the forums and discussions groups that protect the identity of all users to target their prey via the Internet.

The reality of Internet anonymity is that it will be a subject of heated discussion for years to come. Fortunately there exist avenues that Internet users can take to protect their identity, preferences, and IP addresses, if anonymity is important to them. Disabling cookies is common choice and some web browsers, like Mozilla Firefox and Opera, have a setting that automatically deletes all cookies at the end of an Internet session. Overall, users need to remain cognizant of what information they provide on the Internet, including that in on-line screen names and profiles, if they want to maintain anonymity while using the web. 

What is IANA?


While IP Addresses may not be formally "owned" by anyone, this does not mean that everyone is free to use whatever IP Addresses as they see fit as when it comes to something the size of the Internet, this would produce nothing but chaos if people just did anything they wanted.

For most people who want to build private home or office networks, there are blocks of private IP addresses that are reserved for use by anyone but when it comes to real, global IP addresses, there has to be some sort of ordering scheme for their allocation and in the case of the Internet, there is a single, worldwide process for this that begins with the Internet Assigned Numbers Authority or IANA.

The Internet Assigned Numbers Authority is a US-based organization tasked with overseeing the allocation of IP addresses in a fair and consistent manner that benefits everyone. With a total number of over 4 billion addresses this is somewhat impractical for one organization, so IANA has broken down this function by assigning large blocks of addresses to what are known as Regional Internet Registries, or RIRs. Each registry takes charge of looking after the IP addresses assigned to their region on on behalf of IANA and for the good of the Internet and it's users.


What is an RIR?


A Regional Internet Registry (RIR) is a governing body that is responsible for the administration of Internet addresses in a specific geographic region. Typically, an RIR has a mandate to control the allocation and distribution of IP addresses and domain registrations. The control and delegation of Internet addresses rose in prominence with the growth of Internet Protocol (IP) networks and the popularity of IP addressing and routing that is the cornerstone of the Internet.

The architecture of the modern Internet requires each Internet aware device to have a unique IP address. The lack of an unlimited supply of IP addresses emphasizes the need for proper management of the current inventory of addresses to ensure a fair global distribution of Internet resources. RIRs must maintain a neutral policy of address allocation and distribution to prevent address hoarding and other potentially limiting practices.

Globally, there are 5 RIRs that administer Internet addressing. All five RIRs combined to form the Number Resource Organization (NRO). The NRO was created as a way to coordinate technical and policy initiatives between the RIRs and to coordinate global activities. In January 2007, the NRO published a comparative policy overview of the RIRs intended as a public reference document intended for the Internet community.

The Internet Assigned Numbers Authority (IANA) allocates addresses to each RIR. The RIR is responsible for the next level of allocation to large regional entities including Internet Service Providers (ISPs), educational institutions, government bodies, and large private enterprises.




American Registry for Internet Numbers (ARIN)

The American Registry for Internet Numbers (ARIN) is an RIR responsible for the administration of Internet addresses and domains for North America including Canada, the United States, and portions of the Caribbean. Established in 1997, ARIN was the result of the American government's decision to separate support for the commercial Internet from the United States Department of Defense (DoD). The original transfer of responsibilities occurred in 1991 when the government awarded a private contractor, Network Solutions, a contract to perform Internet addressing and registration services including domain registration, addressing, user registration and support, and support for the distribution and archival of RFC documentation.

Reseaux IP Europeens Network Coordination Centre (RIPE NCC)

The Reseaux IP Europeens Network Coordination Centre (RIPE NCC) is an RIR responsible for administration of Internet addresses and domains for Europe, the Middle East, and Central Asia. Headquartered in Amsterdam, Netherlands, RIPE NCC was established in 1992 with arms-length funding from European consortium of research networks and a group of smaller, commercial network companies. RIPE NCC is a membership based organization responsible for coordinating and governing the activities of the RIPE community. RIPE NCC was considered the first RIR as the United States government was still actively involved with managing Internet addressing for much of North America at that time.

Asia-Pacific Network Information Centre (APNIC)

The Asia-Pacific Network Information Centre is an RIR responsible for the administration of Internet addresses and domains for Asia and the Pacific Rim. Founded in Tokyo, Japan, APNIC was the second RIR to be established. In 1993, APNIC became active and was originally designed as a trial to meet the addressing needs of regional network infrastructures at the time. APNIC relocated to Brisbane, Australia in 1998.

Latin American and Caribbean Internet Address Registry (LACNIC)

Established in 2001, the Latin American and Caribbean Internet Address Registry (LACNIC) is an RIR responsible for the administration of Internet addresses and domains for Latin America and the Caribbean. Headquartered in Montevideo, Uruguay, LACNIC is a non-profit organization responsible for regional Internet address and domain registrations and is active in promoting Internet expansion initiatives within the region.

African Network Information Centre (AfriNIC)

The African Network Information Centre (AfriNIC) is responsible for the administration of Internet addresses and domains for African continent. Based in Ebene City, Mauritius, AfriNIC became operational in 2005. Prior to the establishment of AfriNIC, IP address distribution for Africa was managed jointly by APNIC, ARIN, and RIPE NCC. Like the other RIRs, AfriNIC is a membership based non-profit organization that relies on a system of self-governance from it's membership.

The RIRs do not charge for resources since IP's are assigned, not sold. Instead, the RIRs accept member that pay an annual fee proportional to the workload involved in servicing their requests and as an example in the case of ARIN, the annual membership fee is currently $500US and the service charges for allocating IP addresses currently range from $1,250-$18,000US with the amount being dependent on the amount of addresses being assigned and the workload involved. Generally large organizations such as Universities, banks and ISP's are members of their local RIR, as are anyone else requiring blocks of IP's such as hosting providers and data center operators, to name a few.

To obtain an allocation, members will generally fill in a form detailing their requirements, what routing and switching hardware they have to service the allocation and what justification they have for their request i.e. an ISP will have a clear justification to request a block of 4,000 IP addresses but an individual will have difficulty justifying a need for this space.