Home / Blogs

The Importance of IP Resource Planning in Government ICT Strategic Plans

Mukom Akong Tamon

It seems everywhere I turn, there's someone throwing around statistics for how the Internet and broadband will drive economic growth, create jobs, end world hunger and bring world peace (ok, maybe not the later). Sure enough, government officials are buying into that rhetoric and extending it in initiatives like national broadband strategies, cybercrime and cybersecurity plans as well as e-governance strategies.

Often missing from these initiatives (particularly in the ICT strategies of most developing countries) is an explicit analysis of the role and impact of IP resources towards the success of the initiative. A gross simplification of the how the Internet works is that it is a network of networks (inter-net). Each network is comprised of nodes (servers and clients) identified primarily by IP address (e.g. one of Google's search servers is and 2a00:1450:4007:808::100). All the addresses for a given network are identified as belonging to an Autonomous System Number (ASN). These ASNs identify individual networks and are required for one network to communicate with another network. This typically happens using what network engines call the BGP routing protocol.

Therefore, you cannot have an independent Internet identity for your network if you don't have both your own IP address space and ASN. Governments typically will own many networks. Networks for datacenters which power online government services, user networks that power the work of the agents of government, networks to facilitate research and education (typically called Research and Education Networks) and even networks for things like surveillance aka national security. I'll call on governments particularly in developing countries to go the extra step and secure the IP addresses and an ASNs required to have complete control of their networks.

So you might ask, lots of governments are doing just fine today without having IP address space and ASNs, how are they functioning on the Internet? The answer is that they are using the IP address resources of an Internet Service Provider which connects them to the Internet. There are several reasons this might not be an effective thing to do and here are some:

  1. From an addressing perspective, the government network doesn't exist. It is seen as part of the ISPs network by the rest of the world.
  2. The Internet reputation of the government is then tied to that of the ISP and its other clients. Bad behaviour by any of the clients of the ISPs will be traced back to the ISPs and all of its clients by association. Think of it as the technical version of generalising for the negative (you had a bad meal at a restaurant and then vow never to eat anything in that restaurant or chain of restaurants.)
  3. This model severely limits the governments ability to provide redundant connections to the Internet. If the ISP fails, the government online services goes down with it.
  4. The government is unable to create and implement a policy about which networks it wants to or doesn't want to exchange traffic with (i.e routing policy) because it cannot run BGP and act as a player that connects to other networks.
  5. It hampers governments ability to act as an independent content provider. What if the ISP for its own business reasons doesn't like to communicate with another network whose users need access to government online content?

The last scenario is most likely to happen within the country. Imagine a country with several large ISPs who naturally are in competition with each other. The government happens to be a client of one of those ISPs (a very dependent client if that government doesn't have its own IP resources). Despite the competition amongst the ISPs, users of all the networks might still need access to government services that reside on the network of a competitor. It so happens that a tactic of such competitiveness might be hostile treatment of a competing ISPs traffic (throttle traffic to or from a competitors network and give your own users an advantage). You could end up with a situation where large sections of the population are unable to access government online services. As an aside governments should be impartial to businesses in the country and not let themselves be wittingly used as pawns in competitive games of various ISPs - the best way to ensure this is for the government to have its own IP identity (IPv4 space, IPv6 space, ASNs), get physical connectivity from one or more ISPs and then peer with all other ISPs ideally an Internet Exchange Point.

Of course, many government networks in developing countries use network address and port translation (NAT) on their internal networks. This has quite a few bad consequences that we'll explore in another post. So here is what I'd advocate for any government and particularly those in Africa.

  1. Determine the exact address needs for all of your infrastructure. The goal should be - "how do we eliminate the use of NAT so that each device on the government network is uniquely identifiable? Eliminating NAT results in simpler networks that are easier maintain, extend and innovate..
  2. Contact your regional Internet registry (RIR) to get the address space you need. This would be AFRINIC for Africa, LACNIC for Latin America, APNIC for the Asia Pacific, RIPE NCC for Europe, the middle east and Russia and ARIN for North America.
  3. You will also need one or more ASNs for your address space. Start with one and if there's a need for more you can always get it.
  4. And while you are at it bear in mind that the we are running out of IPv4 address space, so future-proof your network by making it run IPv6 as well.

Going back to the opening, a good IP resource strategy is key to realising the broadband initiatives of a country, as well as driving the use of the Internet as development too. Without more IP addresses, IP-address poor countries (think most African and Asia Pacific countries) will never sustainably realise their universal broadband ambitions (and can kiss goodbye to that 0.3% GDP growth that results from doubling broadband speed). Without a good IP resource strategy, it will become increasingly difficult and expensive to protect the Internet from abuse by criminals. Without a good IP resources strategy, a government cannot assure that the Internet will continue to grow and be accessible to all its citizens. Make sure your national ICT strategies explicitly includes and IP resources strategy.

By Mukom Akong Tamon, Chief Excellence Officerâ„¢ | Certified in IPv6, 4DX Strategy Execution, Lean Si. Mukom works for a Regional Internet Registry (RIR). Everything he writes are his opinion and do not necessarily reflect the views of his employers, past, present or future.

Related topics: Cybercrime, Internet Governance, Internet Protocol, IP Addressing, IPv6, Net Neutrality, Regional Registries, Telecom

WEEKLY WRAP — Get CircleID's Weekly Summary Report by Email:


To post comments, please login or create an account.

Related Blogs

Related News

Explore Topics

Industry Updates – Sponsored Posts

i2Coalition to Host First Ever Smarter Internet Forum

Best Practices from Verizon - Proactively Mitigating Emerging Fraudulent Activities

Neustar Data Identifies Most Popular Times of Year for DDoS Attacks in 2015

The Framework for Resilient Cybersecurity (Webinar)

2015 Trends: Multi-channel, Streaming Media and the Growth of Fraud

Season's Greetings - 2015 End of Year Message from DotConnectAfrica

Verisign Mitigates More Attack Activity in Q3 2015 Than Any Other Quarter During Last Two Years

"The Market Has No Morality" Sophia Bekele Speaks on Business Ethics and Accountability

Dyn Comments on ICG Proposal for IANA Transition

Verisign's Q2'15 DDoS Trends: DDoS for Bitcoin Increasingly Targets Financial Industry

Announcing Verisign IntelGraph: Unprecedented Context for Cybersecurity Intelligence

The Deep Web and the Darknet - The Nether Regions of the Internet

Introducing the Verisign DNS Firewall

DotConnectAfrica on "CONNECTing the Dots: Options for Future Action" at UNESCO, Paris

IBCA Presentation to ICANN GAC on Protection of Geographic Names in New gTLDs

Verisign iDefense 2015 Cyber-Threats and Trends

Season's Greetings - 2014 End of Year Message from DotConnectAfrica

Domain Name .Africa Faces Hurdles - Q&A with Sophia Bekele

Q3 2014 DDoS Trends: Attacks Exceeding 10 Gbps on the Rise

Afilias Director Wins ICANN's 2014 Leadership Award

Sponsored Topics


DNS Security

Sponsored by


Sponsored by
Afilias - Mobile & Web Services


Sponsored by
Afilias - Mobile & Web Services


Sponsored by