Anybody know why 240.0.0.0/4 is not used?

3 points by PugCPC ↗ HN
We have figured out a scheme to use it in a newly created layer of cyberspace between the current public and private networks, thus avoiding the legacy issues. A proposal nicknamed EzIP (phonetic for Easy IPv4) has been submitted to IETF:

https://tools.ietf.org/html/draft-chen-ati-adaptive-ipv4-address-space-03

EzIP can establish stand-alone "sub-Internets", each from one IPv4 public address to serve a region with population up to Tokyo Metro or 75% of the countries on earth. The sub-Internet configuration can realize the CIR (Country-based Internet Registry) model proposed by ITU several years ago, without establishing the CIR organization. If a government is not interested, private enterprises can make use of it to provide "Local Internet" services. Either way, it will be an option for consumers may to choose from for an more open competitive environment.

Thoughts and comments will be much appreciated.

Abe (2018-09-17 12:12)

6 comments

[ 3.1 ms ] story [ 24.1 ms ] thread
240/4 is not globally reachable, so you can certainly use it in your org if you are not already using it for any multicast applications. [1]

This could vary wildly from company to company so there is not a universally correct answer here.

[1] - https://www.iana.org/assignments/iana-ipv4-special-registry/...

Not necessarily. Some OSes will not allow you to assign unicast IPs in that space. You may not even be able to route it locally.
For sure, people may have to configure systems and routers to allow this. People would also have to ensure they don't accidentally leak routes for this. That happens from time to time. I'm just saying it would be fine to use this if you are not already using it internally for multicast applications.

An example of vpn's that already do this with routable IP space is the LogMeIn Hamachi gaming VPN [1]. It uses 25.0.0.0/8 (Ministry of Defense). Gamers don't need to talk to the MoD, so that VPN implements it locally on each PC. You can take over address space of anything you know for certain you won't need to talk to, ever.

[1] https://en.wikipedia.org/wiki/LogMeIn_Hamachi

Avoid using that VPN btw, super insecure and dangerous. You bridge your PC with lots of potentially infected PC's. I am just linking as an example.

240.0.0.0/4 is a bit different, however. It is "reserved" (class E) space, not multicast, and some OSes are hard coded to not even allow its use. My understanding is newer OSes have relaxed these restrictions.
I could imagine HPUX 10.x not allowing that. They followed all manor of optional RFC's, then later added options to disable the checks for some of them.

Somewhat related, I used to blackhole 169.254/16 (zeroconf) on our linux images. Then people started using that in AWS and could not reach their internal API's. They route that network internally.

Ah yes, EC2 uses 169.254 for the "metadata API." Basically, an internal network that allows a host to retrieve its own configuration data. I can see how that denying that would cause problems!