Quick note that I do not have anything to say about the services above; They are simply services that I am aware exist. I am not getting compenstation in any kind for linking to them.

Overview

Residential proxy services exist. There are some legitimate use cases for them, such as confirming A/B testing, comparative pricing checks, etc. There are also less legitimate use cases such as bypassing a security mechanism to automatically post referral links on forums, or to bypass captcha systems or rate limits.

Internet service providers use BGP to communicate route advertisements to other autonomous systems (ASs). These BGP systems are almost always run on routers, although there are some specialized use cases that avoid having actual IP traffic hit the BGP speaker itself.

In most cases, traffic destined to the end user is received via BGP router(s) at the edge of the ISP network. That is, if Google is attempting to send a response to a search that was just made, the IP packets will usually flow through the BGP router(s), then into the residential ISP network, and eventually be routed to the end users connection.

Idea

  • Allow residential IP addresses to be used by entities that are not at the end users premsis.
  • Peer with a residential ISPs BGP router(s).
  • Have a system that can tap off traffic that is part of ongoing requests that we care about.
  • This system can also make requests with a source IP of the one that is being tapped.
  • Send all data that doesn’t match our system back to the ISPs BGP router(s) to be sent through normal channels.

Use cases

There are legitimate uses for residential proxy services; The difficulty with existing systems is validation that the end user is not being abused, and is aware that they are proxying data. In this model the ISP controls the service to some extent, and can better leverage virtual assets that are under its control.

That is, a large residential ISP network could start to offer this service, there would be no easy way for external parties to distringuish requests through this system as not being from existing customers. The ISP can get more value for the virtual assets that it has ( IP addresses ) under its control, and it also could retain control / authentication of what entities get to use the proxy service, or what the use cases of that system could be.

Challenges and issues

Residential ISP router configuration for returning data.

Some configuration on the part of the residential ISP network would need to be done, in addition to simply peering with this service. The residential ISP router would have to accept packets from the service and route them the way it would normally, if it wasn’t peering with the service. This is required to avoid a loop situation, whereby an external packet comes into the residential ISP networks router, is sent to the service, which then sends it back to the same residential ISP router.

On first glance there may be some legal concerns relating to this service; If the ISP is found to be prioritizing or in any way manipulating the data that is destined to the end user, this could open up some liability concerns.

Most of these issues I think can be addressed as the ISP simply utilizing a system that allows it to tap into an alternative revenue stream. If proper logs are kept around what data is sent through this system, rather than routing through the residential ISP network in a normal fashion, any requests from law enforcement about identification should remain unchanged.

Small subnets being advertised over BGP

Ideally the service would advertise individual /32 routes over an IBGP or similar. The minimum size of a globally routable advertisement is a /24 with IPv4 space. The residential ISP router(s) would have to allow for these small subnets.

Implementation

To be written..