What stops someone from configuring their network with IP addresses they do not own?
Here's the scenario. I was picturing a university that bought a range of IP addresses. I think they'd still be inside a ISP (right?), but they'd have freedom to configure stuff the way they wanted.
What stops them from attributing their routers and hosts already in use IP addresses?
And what would happen if indeed someone do this?
router ip network internet ip-address
New contributor
add a comment |
Here's the scenario. I was picturing a university that bought a range of IP addresses. I think they'd still be inside a ISP (right?), but they'd have freedom to configure stuff the way they wanted.
What stops them from attributing their routers and hosts already in use IP addresses?
And what would happen if indeed someone do this?
router ip network internet ip-address
New contributor
add a comment |
Here's the scenario. I was picturing a university that bought a range of IP addresses. I think they'd still be inside a ISP (right?), but they'd have freedom to configure stuff the way they wanted.
What stops them from attributing their routers and hosts already in use IP addresses?
And what would happen if indeed someone do this?
router ip network internet ip-address
New contributor
Here's the scenario. I was picturing a university that bought a range of IP addresses. I think they'd still be inside a ISP (right?), but they'd have freedom to configure stuff the way they wanted.
What stops them from attributing their routers and hosts already in use IP addresses?
And what would happen if indeed someone do this?
router ip network internet ip-address
router ip network internet ip-address
New contributor
New contributor
edited 3 hours ago
Tiago Oliveira
New contributor
asked 4 hours ago
Tiago OliveiraTiago Oliveira
7415
7415
New contributor
New contributor
add a comment |
add a comment |
2 Answers
2
active
oldest
votes
Most likely if they're a big university they are their own ISP, using BGP to connect their network to the internet via a number of upstream networks.
Nothing stops them from using IP addresses they should not be using, and it would work in their local network. However, it won't work on the internet. Their upstream networks providing them connectivity should have filters in place which would only allow the university to advertise IP addresses assigned to them. If the direct upstreams wouldn't filter them, the upstreams' upstreams will. And if IP addresses which are in use by another network would be used by the university, that other network would become unreachable from the university network.
In addition, there are a number of project (for example RIPE RIS and BGPmon) which monitor routing tables and alert on any "illegal" IP advertisement (BGP Hijacks and routing anomalies).
add a comment |
Nothing will stop them using the addresses on their own machines.
What happens if they try to advertise them to the Internet depends on how sloppy their providers are. If their providers are following best practices then there will be filters in place and the advertisements won't get beyond the hijacker's borders.
OTOH if their providers and their providers providers are sloppy then a bogus announcement can go much further resulting in significant disruption to the legitimate owners of the IP space.
Such happenings will almost certainly get noticed and there will likely be some heated discussions and some extra filtering added.
add a comment |
Your Answer
StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "496"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});
function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: false,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: null,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
noCode: true, onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});
}
});
Tiago Oliveira is a new contributor. Be nice, and check out our Code of Conduct.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fnetworkengineering.stackexchange.com%2fquestions%2f56208%2fwhat-stops-someone-from-configuring-their-network-with-ip-addresses-they-do-not%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
2 Answers
2
active
oldest
votes
2 Answers
2
active
oldest
votes
active
oldest
votes
active
oldest
votes
Most likely if they're a big university they are their own ISP, using BGP to connect their network to the internet via a number of upstream networks.
Nothing stops them from using IP addresses they should not be using, and it would work in their local network. However, it won't work on the internet. Their upstream networks providing them connectivity should have filters in place which would only allow the university to advertise IP addresses assigned to them. If the direct upstreams wouldn't filter them, the upstreams' upstreams will. And if IP addresses which are in use by another network would be used by the university, that other network would become unreachable from the university network.
In addition, there are a number of project (for example RIPE RIS and BGPmon) which monitor routing tables and alert on any "illegal" IP advertisement (BGP Hijacks and routing anomalies).
add a comment |
Most likely if they're a big university they are their own ISP, using BGP to connect their network to the internet via a number of upstream networks.
Nothing stops them from using IP addresses they should not be using, and it would work in their local network. However, it won't work on the internet. Their upstream networks providing them connectivity should have filters in place which would only allow the university to advertise IP addresses assigned to them. If the direct upstreams wouldn't filter them, the upstreams' upstreams will. And if IP addresses which are in use by another network would be used by the university, that other network would become unreachable from the university network.
In addition, there are a number of project (for example RIPE RIS and BGPmon) which monitor routing tables and alert on any "illegal" IP advertisement (BGP Hijacks and routing anomalies).
add a comment |
Most likely if they're a big university they are their own ISP, using BGP to connect their network to the internet via a number of upstream networks.
Nothing stops them from using IP addresses they should not be using, and it would work in their local network. However, it won't work on the internet. Their upstream networks providing them connectivity should have filters in place which would only allow the university to advertise IP addresses assigned to them. If the direct upstreams wouldn't filter them, the upstreams' upstreams will. And if IP addresses which are in use by another network would be used by the university, that other network would become unreachable from the university network.
In addition, there are a number of project (for example RIPE RIS and BGPmon) which monitor routing tables and alert on any "illegal" IP advertisement (BGP Hijacks and routing anomalies).
Most likely if they're a big university they are their own ISP, using BGP to connect their network to the internet via a number of upstream networks.
Nothing stops them from using IP addresses they should not be using, and it would work in their local network. However, it won't work on the internet. Their upstream networks providing them connectivity should have filters in place which would only allow the university to advertise IP addresses assigned to them. If the direct upstreams wouldn't filter them, the upstreams' upstreams will. And if IP addresses which are in use by another network would be used by the university, that other network would become unreachable from the university network.
In addition, there are a number of project (for example RIPE RIS and BGPmon) which monitor routing tables and alert on any "illegal" IP advertisement (BGP Hijacks and routing anomalies).
answered 4 hours ago
Teun Vink♦Teun Vink
11k52751
11k52751
add a comment |
add a comment |
Nothing will stop them using the addresses on their own machines.
What happens if they try to advertise them to the Internet depends on how sloppy their providers are. If their providers are following best practices then there will be filters in place and the advertisements won't get beyond the hijacker's borders.
OTOH if their providers and their providers providers are sloppy then a bogus announcement can go much further resulting in significant disruption to the legitimate owners of the IP space.
Such happenings will almost certainly get noticed and there will likely be some heated discussions and some extra filtering added.
add a comment |
Nothing will stop them using the addresses on their own machines.
What happens if they try to advertise them to the Internet depends on how sloppy their providers are. If their providers are following best practices then there will be filters in place and the advertisements won't get beyond the hijacker's borders.
OTOH if their providers and their providers providers are sloppy then a bogus announcement can go much further resulting in significant disruption to the legitimate owners of the IP space.
Such happenings will almost certainly get noticed and there will likely be some heated discussions and some extra filtering added.
add a comment |
Nothing will stop them using the addresses on their own machines.
What happens if they try to advertise them to the Internet depends on how sloppy their providers are. If their providers are following best practices then there will be filters in place and the advertisements won't get beyond the hijacker's borders.
OTOH if their providers and their providers providers are sloppy then a bogus announcement can go much further resulting in significant disruption to the legitimate owners of the IP space.
Such happenings will almost certainly get noticed and there will likely be some heated discussions and some extra filtering added.
Nothing will stop them using the addresses on their own machines.
What happens if they try to advertise them to the Internet depends on how sloppy their providers are. If their providers are following best practices then there will be filters in place and the advertisements won't get beyond the hijacker's borders.
OTOH if their providers and their providers providers are sloppy then a bogus announcement can go much further resulting in significant disruption to the legitimate owners of the IP space.
Such happenings will almost certainly get noticed and there will likely be some heated discussions and some extra filtering added.
answered 55 mins ago
Peter GreenPeter Green
7,47621226
7,47621226
add a comment |
add a comment |
Tiago Oliveira is a new contributor. Be nice, and check out our Code of Conduct.
Tiago Oliveira is a new contributor. Be nice, and check out our Code of Conduct.
Tiago Oliveira is a new contributor. Be nice, and check out our Code of Conduct.
Tiago Oliveira is a new contributor. Be nice, and check out our Code of Conduct.
Thanks for contributing an answer to Network Engineering Stack Exchange!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fnetworkengineering.stackexchange.com%2fquestions%2f56208%2fwhat-stops-someone-from-configuring-their-network-with-ip-addresses-they-do-not%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown