> IPv4 addresses are limited and constantly reallocated. Most are rented and passed between hosting providers, resold between datacenters, or migrated across regions. The Iranian filtering system uses GeoIP databases and BGP information to decide which IP ranges to trust and which to block. But those records lag behind the changes.
This is surprising to me. Surely iranian ISPs would have directly allocated IP space?
Or alternatively, surely Iran's gov would be in the routers and be able to blackhole any routes leaving the country?
Are they sanctioned away from RIPE, like Russia is? Russia isn't allowed to be allocated any IP addresses they don't already have. They're Russia, so they already have a bunch, but if they didn't, they'd have to keep borrowing them on grey markets, possibly different ones each time. Iran might be that way.
(Fun fact about sanctions: the International Criminal Court is sanctioned away from Microsoft, so they can't legally get access to Windows or Office. This is because they prosecuted a war criminal the USA likes.)
I'm ignorant about this, but I'm surprised there isn't just some physical switch that just straight up airgaps all network routes going out of the country.
There is, so that's why you need to use Starlink as the exit. A Starlink terminal connects directly to a stattelite bypassing all local infrastructure. Unless Iran confiscates those terminals or shoots down those satellites, they can't block it.
Yes also typical disturbance noises seem to not work on these satellites otherwise they would've done it. probably due to them being LEO satellites. because they have stronger signals and that makes it harder for noise/jammers to overpower legitimate signals (higher signal-to-noise ratio).
This is surprising to me. Surely iranian ISPs would have directly allocated IP space?
Or alternatively, surely Iran's gov would be in the routers and be able to blackhole any routes leaving the country?