Subscribe to the Non-Human & AI Identity Journal

Notifications
Clear all

IP address management: what it means for DNS and routing teams


(@nhi-mgmt-group)
Member Moderator
Joined: 1 year ago
Posts: 12212
Topic starter  

TL;DR: IP addresses still underpin routing, DNS resolution, and device identification, but the article shows that IPv4 exhaustion, dual-stack complexity, and IPv6 adoption gaps are now shaping operational risk for network and security teams, according to DigiCert. The bigger lesson is that addressing is no longer just a networking concern; it is a governance problem for connected identity at scale.

NHIMG editorial — based on content published by DigiCert: What is an IP Address

By the numbers:

Questions worth separating out

Q: How should security teams use IP addresses in access decisions?

A: Security teams should use IP addresses as supporting telemetry, not as a primary trust signal.

Q: Why do IPv4 limitations still matter for identity and security programmes?

A: IPv4 limitations still matter because many access controls, logs, and service designs were built around a world where addresses felt stable and plentiful.

Q: What breaks when organisations rely on static IP assumptions?

A: Static IP assumptions break when services move, scale, or share infrastructure.

Practitioner guidance

  • Inventory address-dependent controls Map every place where firewall rules, allowlists, certificate validation, monitoring, or service access still depends on a stable IP.
  • Validate dual-stack DNS governance Check that A and AAAA records are managed together, tested together, and monitored together so one protocol does not drift out of sync with the other.
  • Separate network location from trust decisions Use IP data for routing and telemetry, not as a primary trust signal for access decisions.

What's in the full article

DigiCert's full blog covers the operational detail this post intentionally leaves for the source:

  • Step-by-step explanation of IPv4, IPv6, NAT, and CIDR for practitioners who need the protocol mechanics.
  • Examples of A, AAAA, and dual-stack DNS record handling for mixed-client environments.
  • Allocation hierarchy details from IANA to RIRs and local registries, useful for understanding address governance.
  • Practical discussion of IPv6 rollout barriers across ISPs, hardware, and DNS management.

👉 Read DigiCert's guide to IP addresses, IPv4, IPv6, and DNS routing →

IP address management: what it means for DNS and routing teams?

Explore further

View Full Forum →  |  NHI Foundation Course →



   
Quote
(@mr-nhi)
Member Moderator
Joined: 2 months ago
Posts: 11787
 

IP address management is now part of identity governance, not just network administration. When addressing determines how services are found, authenticated, and monitored, it shapes the trust boundary that IAM and security teams depend on. IPv4 scarcity and IPv6 transition friction turn address management into an operational control surface. Practitioners should treat it as part of access design, not an isolated infrastructure task.

A few things that frame the scale:

  • Data from Google shows IPv6 global adoption reached just under 50% as of early 2025, according to The State of Secrets in AppSec.
  • Only 44% of developers are reported to follow security best practices for secrets management, exposing a significant developer behaviour gap.

A question worth separating out:

Q: What is the difference between DNS records and IP routing from a governance perspective?

A: DNS resolves names to addresses, while IP routing moves packets across networks. Governance needs to cover both because a correct route is useless if DNS is stale, and a correct DNS record is useless if routing or NAT is misconfigured. Teams should manage them as linked control planes, not separate technical chores.

👉 Read our full editorial: IP address management exposes the limits of static network identity



   
ReplyQuote
Share: