Monthly Archives: April 2010

T-Mobile: Clever or Insane?

I recently got an Android phone. After downloading the Android SDK I noticed that my cellular provider (T-Mobile) was doing something odd. According to the netcfg command they’re using 25.0.0.0/8 on their GPRS/EDGE network:

$ netcfg
lo       UP    127.0.0.1       255.0.0.0       0x00000049
dummy0   DOWN  0.0.0.0         0.0.0.0         0x00000082
rmnet0   UP    25.130.205.212  255.255.255.252 0x00001043
rmnet1   DOWN  0.0.0.0         0.0.0.0         0x00001002
rmnet2   DOWN  0.0.0.0         0.0.0.0         0x00001002
sit0     DOWN  0.0.0.0         0.0.0.0         0x00000080
ip6tnl0  DOWN  0.0.0.0         0.0.0.0         0x00000080

T-Mobile doesn’t own that netblock. The UK Ministry of Defence does. Why would they do such a thing? After all, RFC 1918 gives you three whole blocks (10.0.0.0/8, 172.16.0.0/12, and 192.168.0.0/16) to do with as you please. Straying from those on your private will damn you to an eternity of network flakiness and give your twisted pair cabling scurvy, right?

Why this is clever

According to several BGP looking glasses and figure 5 of Geoff Huston’s IPv4 Address Report the Ministry of Defence doesn’t advertise any routes for 25.0.0.0/8. That means that none of the 25.x.x.x addresses are being used on the public Internet. If you’re on a private network they’re effectively free for the taking. But still, why aren’t they using the officially-sanctioned RFC 1918 address?

My phone also has an 802.11 interface. Let’s take a look at netcfg’s output when I’m connected to T-Mobile’s network and my home network:

$ netcfg     
lo       UP    127.0.0.1       255.0.0.0       0x00000049
dummy0   DOWN  0.0.0.0         0.0.0.0         0x00000082
rmnet0   DOWN  25.130.205.212  255.255.255.252 0x00001002
rmnet1   DOWN  0.0.0.0         0.0.0.0         0x00001002
rmnet2   DOWN  0.0.0.0         0.0.0.0         0x00001002
sit0     DOWN  0.0.0.0         0.0.0.0         0x00000080
ip6tnl0  DOWN  0.0.0.0         0.0.0.0         0x00000080
eth0     UP    192.168.25.4    255.255.255.0   0x00001043

See the 192.168.25.4? That could just as easily be 10.0.0.4, 172.18.34.4, or any other RFC 1918 address. On many networks (particularly universities) it could even be a public address. T-Mobile has no way of predicting or controlling what happens on that interface. The 25.0.0.0/8 netblock has the following advantages:

  • It doesn’t overlap with any other network, public or private. Therefore you won’t get any routing confusion when the phone is connected on GPRS/EDGE and WiFi at the same time.
  • It’s not in public use. The next Facebook or Lolcats isn’t going to show up with a 25.x.x.x address, thereby causing routing confusion for your users.
  • Even if the UK MoD is handing out 25.x.x.x address over 802.11 they’re way over in the UK. It’s unlikely that my phone will be connected to the MoD and T-Mobile networks at the same time.

Why this is insane

IPv4 addresses are getting scarce. Who says the MoD won’t turn the 25.0.0.0/8 netblock over to RIPE or IANA next week? Even then my phone has to go through a proxy server on T-Mobile’s network so it’s probably not a huge deal.

Update

Just before publishing this I ran netcfg and my phone was using 14.64.186.160. The 14.0.0.0/8 netblock used to be reserved for public data networks but was allocated to APNIC earlier this month. I wonder what other questionable netblocks they’re using.