Home / Blogs

The Importance of IP Resource Planning in Government ICT Strategic Plans

Mukom Akong Tamon

It seems everywhere I turn, there's someone throwing around statistics for how the Internet and broadband will drive economic growth, create jobs, end world hunger and bring world peace (ok, maybe not the later). Sure enough, government officials are buying into that rhetoric and extending it in initiatives like national broadband strategies, cybercrime and cybersecurity plans as well as e-governance strategies.

Often missing from these initiatives (particularly in the ICT strategies of most developing countries) is an explicit analysis of the role and impact of IP resources towards the success of the initiative. A gross simplification of the how the Internet works is that it is a network of networks (inter-net). Each network is comprised of nodes (servers and clients) identified primarily by IP address (e.g. one of Google's search servers is 173.194.40.136 and 2a00:1450:4007:808::100). All the addresses for a given network are identified as belonging to an Autonomous System Number (ASN). These ASNs identify individual networks and are required for one network to communicate with another network. This typically happens using what network engines call the BGP routing protocol.

Therefore, you cannot have an independent Internet identity for your network if you don't have both your own IP address space and ASN. Governments typically will own many networks. Networks for datacenters which power online government services, user networks that power the work of the agents of government, networks to facilitate research and education (typically called Research and Education Networks) and even networks for things like surveillance aka national security. I'll call on governments particularly in developing countries to go the extra step and secure the IP addresses and an ASNs required to have complete control of their networks.

So you might ask, lots of governments are doing just fine today without having IP address space and ASNs, how are they functioning on the Internet? The answer is that they are using the IP address resources of an Internet Service Provider which connects them to the Internet. There are several reasons this might not be an effective thing to do and here are some:

  1. From an addressing perspective, the government network doesn't exist. It is seen as part of the ISPs network by the rest of the world.
  2. The Internet reputation of the government is then tied to that of the ISP and its other clients. Bad behaviour by any of the clients of the ISPs will be traced back to the ISPs and all of its clients by association. Think of it as the technical version of generalising for the negative (you had a bad meal at a restaurant and then vow never to eat anything in that restaurant or chain of restaurants.)
  3. This model severely limits the governments ability to provide redundant connections to the Internet. If the ISP fails, the government online services goes down with it.
  4. The government is unable to create and implement a policy about which networks it wants to or doesn't want to exchange traffic with (i.e routing policy) because it cannot run BGP and act as a player that connects to other networks.
  5. It hampers governments ability to act as an independent content provider. What if the ISP for its own business reasons doesn't like to communicate with another network whose users need access to government online content?

The last scenario is most likely to happen within the country. Imagine a country with several large ISPs who naturally are in competition with each other. The government happens to be a client of one of those ISPs (a very dependent client if that government doesn't have its own IP resources). Despite the competition amongst the ISPs, users of all the networks might still need access to government services that reside on the network of a competitor. It so happens that a tactic of such competitiveness might be hostile treatment of a competing ISPs traffic (throttle traffic to or from a competitors network and give your own users an advantage). You could end up with a situation where large sections of the population are unable to access government online services. As an aside governments should be impartial to businesses in the country and not let themselves be wittingly used as pawns in competitive games of various ISPs - the best way to ensure this is for the government to have its own IP identity (IPv4 space, IPv6 space, ASNs), get physical connectivity from one or more ISPs and then peer with all other ISPs ideally an Internet Exchange Point.

Of course, many government networks in developing countries use network address and port translation (NAT) on their internal networks. This has quite a few bad consequences that we'll explore in another post. So here is what I'd advocate for any government and particularly those in Africa.

  1. Determine the exact address needs for all of your infrastructure. The goal should be - "how do we eliminate the use of NAT so that each device on the government network is uniquely identifiable? Eliminating NAT results in simpler networks that are easier maintain, extend and innovate..
  2. Contact your regional Internet registry (RIR) to get the address space you need. This would be AFRINIC for Africa, LACNIC for Latin America, APNIC for the Asia Pacific, RIPE NCC for Europe, the middle east and Russia and ARIN for North America.
  3. You will also need one or more ASNs for your address space. Start with one and if there's a need for more you can always get it.
  4. And while you are at it bear in mind that the we are running out of IPv4 address space, so future-proof your network by making it run IPv6 as well.

Going back to the opening, a good IP resource strategy is key to realising the broadband initiatives of a country, as well as driving the use of the Internet as development too. Without more IP addresses, IP-address poor countries (think most African and Asia Pacific countries) will never sustainably realise their universal broadband ambitions (and can kiss goodbye to that 0.3% GDP growth that results from doubling broadband speed). Without a good IP resource strategy, it will become increasingly difficult and expensive to protect the Internet from abuse by criminals. Without a good IP resources strategy, a government cannot assure that the Internet will continue to grow and be accessible to all its citizens. Make sure your national ICT strategies explicitly includes and IP resources strategy.

By Mukom Akong Tamon, IPv6 Consultant/Trainer | Lean Six Sigma Green Belt | GTD Guru. Mukom works for a Regional Internet Registry (RIR). Everything he writes are his opinion and do not necessarily reflect the views of his employers, past, present or future.

Related topics: Cybercrime, Internet Governance, Internet Protocol, IP Addressing, IPv6, Net Neutrality, Regional Registries, Telecom

WEEKLY WRAP — Get CircleID's Weekly Summary Report by Email:

Comments

To post comments, please login or create an account.

Related Blogs

Related News

Topics

Industry Updates – Sponsored Posts

Q3 2014 DDoS Trends: Attacks Exceeding 10 Gbps on the Rise

Afilias Director Wins ICANN's 2014 Leadership Award

Afilias Partners With Internet Society to Sponsor Deploy360 ION Conference Series Through 2016

DotConnectAfrica Contributes at the 9th IGF in Istanbul, Turkey

Nominum Announces Future Ready DNS

Video Interviews from ICANN 50 in London

ICANN London Recap Webinar

DotConnectAfrica Delegates Attend the Kenya Internet Governance Forum

Sophia Bekele Weighs in on Obama's August US-Africa Leader Summit at the NYF Africa

Tips to Address New FFIEC DDoS Requirements

DotConnectAfrica's Expert Selected to Attend the Hague Institute of Global Justice

DotConnectAfrica Delegates Attend the KHRC Internet & Human Rights Breakfast Roundtable in Nairobi

Smokescreening: Data Theft Makes DDoS More Dangerous

Internet Business Council for Africa Participates at the EU-Africa 2014 Business Forum, Brussels

DotConnectAfrica Statement Regarding NTIA's Intent to Transition Key Internet Domain Name Function

Afilias Joins Internet Technical Leaders in Welcoming IANA Globalization Progress

2013: A Year in Review, End of Year Message from DotConnectAfrica

SPECIAL: Updates from the ICANN Meetings in Buenos Aires

DotConnectAfrica Attends Transform Africa 2013 Summit in Rwanda

DCA Trust Raises Ethical Questions, Writes to Newly Elected African Union Leaders on .africa Debacle

Sponsored Topics

dotMobi

Mobile

Sponsored by
dotMobi
Afilias

DNS Security

Sponsored by
Afilias
Verisign

Security

Sponsored by
Verisign
Minds + Machines

Top-Level Domains

Sponsored by
Minds + Machines