19

The IP addressed 8.8.8.8 (in addition to 8.8.4.4) is now used for Google's DNS server. How did they obtain this IP?

Specifically, what has to happen for an IP to be routed to a different location.

Tom Marthenal
  • 2,106
  • 7
  • 25
  • 37
  • Did you try Googling the answer? Not trying to be glib, but, c'mon. Also, see this: http://googlecode.blogspot.com/2009/12/introducing-google-public-dns-new-dns.html Google's public DNS has been around almost 2 years, so not sure about "is now used". Finally, it is 8.8.4.4, not 8.8.6.6 – JDS Oct 08 '11 at 02:14
  • Whoops, fixed the address. Nice catch. – Tom Marthenal Oct 08 '11 at 02:24
  • 4
    @JDS You know what I hate most about Stack Exchange comments saying "Google it dumbass" is that, that same post is the first result. This happens quite frequently. Yes JDS, I googled the question. This is the first link. – Jack Jan 27 '15 at 03:50
  • @Jack That is definitely true now. but when I wrote that answer 4 years ago, it wasn't necessarily the case – JDS Jan 27 '15 at 20:05

1 Answers1

21

It looks like they purchased and/or leased some address space out of Level 3's 8.0.0.0/8 block. This is a standard thing - a company with a large IP block such as a /8 (e.g. Level3's 8.0.0.0-8.255.255.255) will allocate blocks out to other companies. Level 3's had the 8.0.0.0/8 netblock for a while - since 1992 according to WHOIS. Below is an output from ARIN's WHOIS system:

Google Incorporated LVLT-GOOGL-1-8-8-8 (NET-8-8-8-0-1) 8.8.8.0 - 8.8.8.255
Level 3 Communications, Inc. LVLT-ORG-8-8 (NET-8-0-0-0-1) 8.0.0.0 - 8.255.255.255

Google Incorporated LVLT-GOOGL-1-8-8-4 (NET-8-8-4-0-1) 8.8.4.0 - 8.8.4.255
Level 3 Communications, Inc. LVLT-ORG-8-8 (NET-8-0-0-0-1) 8.0.0.0 - 8.255.255.255

NetRange:       8.0.0.0 - 8.255.255.255
CIDR:           8.0.0.0/8
OriginAS:       
NetName:        LVLT-ORG-8-8
NetHandle:      NET-8-0-0-0-1
Parent:         
NetType:        Direct Allocation
RegDate:        1992-12-01
Updated:        2009-06-19
Ref:            http://whois.arin.net/rest/net/NET-8-0-0-0-1

NetRange:       8.8.4.0 - 8.8.4.255
CIDR:           8.8.4.0/24
OriginAS:       
NetName:        LVLT-GOOGL-1-8-8-4
NetHandle:      NET-8-8-4-0-1
Parent:         NET-8-0-0-0-1
NetType:        Reassigned
RegDate:        2009-11-10
Updated:        2009-11-10
Ref:            http://whois.arin.net/rest/net/NET-8-8-4-0-1

NetRange:       8.8.8.0 - 8.8.8.255
CIDR:           8.8.8.0/24
OriginAS:       
NetName:        LVLT-GOOGL-1-8-8-8
NetHandle:      NET-8-8-8-0-1
Parent:         NET-8-0-0-0-1
NetType:        Reassigned
RegDate:        2009-09-21
Updated:        2009-09-21
Ref:            http://whois.arin.net/rest/net/NET-8-8-8-0-1

Once these addresses have been registered as allocated out to another entity by Level3, Google can now advertise these addresses out of their infrastructure.

There's a bit of magic that happens behind that which would take a bit of time to explain. The Internet works by having a lot of disparate networks from different entities connect together to form the global network that we call the Internet. They use a protocol called BGP to advertise that they either own a block of IP addresses or that they have a path to get to them. Other entities use this advertisement to know where to route stuff destined for those addresses.

A lot of these entities (be it universities, companies, long-haul providers like telcos) also perform filtering of these advertisements as a way to keep entities honest about their advertisements. As an example, Joe Shmoe, Inc. couldn't advertise that they are the destination for Yahoo's network blocks because their upstream providers will only allow them to advertise the network blocks that are owned by Joe Shmoe, Inc.

The Internet's routing architecture is actually a lot more precarious than most people realize. It's built on a lot of gentlemanly agreements and implicit trust. It does occasionally happen that someone is not performing correct route filtering on a customer link and the customer will, either acccidentally or maliciously, advertise that they are the destination for networks that they don't own. This can, and has, cause outages for people and systems that are logically close (from an Internet standpoint) to the malicious advertisement.

Hope this helps.

haymaker
  • 1,242
  • 9
  • 9
  • There is, of course, a little more to this - for example, the smallest amount of IPs that can be allocated in a single block is a /24, or 256 addresses (254 usable). Above, google has two /24's allocated to them. – haymaker Oct 08 '11 at 02:49
  • Here's an article on Network World that summarizes a few of the more highly-publicized routing hijacks: http://www.networkworld.com/news/2009/011509-bgp-attacks.html – haymaker Oct 08 '11 at 03:04