Africa and the Internet
PhD student Jan Marius Evang discuss the current controversies happening with the African Regional Internet Registry (AFRINIC) and how this might affect the stability and resilience of the Internet.
The Internet today is a very loosely organised network, where each organisation mostly make decisions themselves, without answering to a central authority, as long as they observe the contractual obligations to their immediate neighbours. This de-centralisation means that the Internet is very robust, both to physical damage and to interruptions from governmental or legal influence.
There are, however, some centralised services that are required for the Internet to function. Examples are DNS (Domain Name System) and certificate authorities. These services are also now designed to be decentralised, to improve robustness. One other very important service that has seen some problems lately, is the system that organises the usage of IP (IPv4 and IPv6) addresses. At the top of this system is the ICANN (Internet Corporation for Assigned Names and Numbers). ICANN allocates IP addresses to the Regional Internet Registries (RIRs), of which there are five, all of them registered as Non-Profit organisations and subject to the laws in the countries they are present. ARIN is a US organisation handling USA, Canada and some other areas. RIPE NCC is a Dutch organisation, serving Europe and parts of Asia. LACNIC is an Uruguayan organisation serving mostly Latin America, APNIC is an Australian organisation serving Oceania and the rest of Asia, and AFRINIC is Mauritius-based and serves Africa. The RIRs are then responsible for allocating IP addresses and AS numbers in their part of the world to a large number of Local Internet Registries (LIRs, around 24.000 in the RIPE area alone (ripe.net)) .
This system of IP address management has worked well with one exception, AFRINIC. AFRINIC has been subject to some controversy lately. In 2016, a significant percentage of the African IP addresses were allocated to a new business registered on the Seychelles, which makes money from leasing these to other operators, mainly in China, and often used for illegal or immoral activities. While this is not strictly against the AFRINIC rules (in 2016), it was thought to be against the AFRINIC intention, and the CEO of AFRINIC was suspected of corruption. In 2021, the new CEO of AFRINIC threatened to revoke the IP addresses, which would mean a very large financial blow. AFRINIC reports that this could concern as many as 4.1 million IPv4 addresses (afrinic.net), and because IPv4 addresses have more or less run out they are traded at 38 to 40 USD per IP address (ipv4marketgroup.com), which would make the total cost of the addresses 164 million USD. The response to the threat was multiple lawsuits, and the Mauritius court froze all the assets of AFRINIC for 3 months while considering the case, effectively cripping their operations.
With the court cases still ongoing, this caused the AFRINIC management to apply for a status of "international organisation", for which the Mauritian court cannot freeze assets. And they got the CEOs of all the other RIRs to write a letter in support of this application.
This caused a lot of criticism. Opinions were voiced that other RIRs have no right to interfere in the affairs of the Mauritius government/court, and the various heads (also AFRINIC’s) acted without the support of their members. In addition, it surfaced that not everybody involved realised what the status as “international organisations” actually means.
The most important lesson learned from this case is that when considering Internet resilience, we have to consider the risks associated with failure of the central services of the Internet, like the RIRs. (This issue has also been pointed out in the Russian-Ukrainan conflict where requests were made to shut out Russia from the Internet altogether.) No matter where the RIRs are located, they are subject to the local laws, and may be shut down or influenced by their respective governments and courts. Risk is usually quantified by looking at the likelihood and the impact of a possible risk violation. The likelihood of such issues happening has been regarded as low, but these two recent cases have illustrated that likelihood has increased. Observing what governments they are registered under and what sanctions the local regulations permit might give an indication of the likelihood, but it is very hard to say definitely.
The Impact, however, is easier to analyse. In the absolute worst case, what would happen is… nothing… That is, all activities of one RIR would stop. In this scenario, no new IP Addresses or AS numbers would be allocated, no (official) change of ownership of IP Addresses would happen, no membership changes would happen and no training would be performed. The Internet would just go on running the way it was before the incident. This is lucky for the Internet as a whole, but unfortunately also lucky for illicit actors who can use this to protect themselves. On a longer timescale, the worst case might be a huge undertaking: to do a reboot and create a new RIR organisation. But the other RIRs might take over some of their responsibilities in the meantime.
The more immediately serious impact of the halting of an RIR would be if the court halts the operation of an RIR’s services. The Internet Routing Registry (IRR) (apnic.net) is a globally distributed routing information database established to ensure the stability and consistency of Internet-wide routing by sharing information between network operators. Many network operators use information from the IRR to automatically configure route filters, and if one RIR went missing (or published “blocking” information to the IRR), Internet routing might be severely affected. Mirrors of the IRR exist, for instance RADb, and in an emergency situation, this might be able to keep the Internet connected, but it does not help networks on “the wrong side” if RADb agrees to the block. The RPKI (Resource Public Key Infrastructure) is also funded on cryptographic Trust Anchors held by the RIRs. A failure of these Anchors, or even a willful invalidation might lead to prefixes being automatically blocked by Route Origin Validation (ROV).
In summary, the risks associated with events such as what is happening with AFRINIC now are real, but the impacts are currently not immediately dangerous. Still, we should be aware that they might be so in the future, and plan our resilience accordingly.