Slashdot Mirror
A New Approach to IP Address Exhaustion
akkem writes "For a while now, we've been running out of IPv4 address space, resulting in more and more computers getting put behind NAT devices. That's fine for many computers, but what if you want that computer to be available as a server? As part of his PhD work, my friend Eugene has come up with a nifty solution, AVES, which enables any computer on the Internet to reach one or more servers placed behind a NAT. His approach is to give each server a unique name (via DNS), and to handle all the IP address translation automatically via an overlay network." This looks somewhat similiar to virtual DNS, but taking it another step, and having the server route the requests behind itself instead of just handling it a little differently.
Here are some stats from ARIN (unfortunatelly these are circa 1996...):
Right... so there are 127 institutions with class A's all to themselves. Now that's really efficient. Even a full class B (which 10000 organizations have been blessed with) is overkill.
Now, the offenders are here (this list _is_ up-to-date). Most notable class A assignments:
The rest goes to IP registries to dish out in comparatively puny class B and C chunks, and of course the US government.
"Hot lesbian witches! It's fucking genius!"
More security issues to contend with. Let's be honest here. How many servers do you really need? For crying out loud, you don't need 19 servers running web pages and DBs and god knows what anymore. Use yous allocated IP's wisely, Nat what can be natted, and let everything else reside peacefully behind that firewall. And wait for IPV6 already.
This works fine for software that uses domain names to communicate. An http request, for example, resolves a domain name and includes that domain name in the request header. That is why virtual domains can work so well under Apache. However, there are other protocols, often somewhat non-standard, that do not use a domain name at any point. These protocols will continue not working under this scheme.
Consider, for example, many multiplayer games. You connect to another person's IP address. You do not use a name. If that person is behind a NAT firewall, I do not see how this proposed solution will help at all.
Besides, for all but huge internal networks protected by NAT, how is this any better than forwarding ports? For example, when you hit port 8080 on the firewall, it is forwarded to port 80 on apache1. When you hit 8081, it is forwarded to apache2, port 80. And so on. Any modern firewall allows this fairly easily and lets you hide a whole series of servers behind a NAT firewall.
The downside, of course, is that the protocol of choice must be able to connect on arbitrary ports. No problem with http but probably you cannot set up your multiplayer game to do this. On the other hand, you do not need to install any new software assuming your firewall is half decent.
--
Oceania has always been at war with Eastasia.
I appreciate all the work your friend has done, but why try to extend IPv4 when IPv6 is already here? This reminds me of companies producing "blazingly-fast" ISA video cards years after the PCI and AGP specs were defined...
--
Have fun: Join D.N.A. (National Dyslexics Association)
AVES, and other domain services are probably going to be the way we do things for a long time to come. Despite the fact that the technology exists, the sheer cost of upgrading the *entire* internet to IPv6 is prohibitive.
If you're Cisco, you're interested in getting IPv6 capable routers out the door, but recognize the fact that very few people want or need them yet because the 'rest of the internet' doesn't use IPv6 yet. Even if you can muster the cash to make the code change (which Cisco has, if I remember correctly) you still have to provide combo routers and switches, and hope for market penetration to make the investment in IPv6 worth it.
If you're an ATT or a Worldcom, you more than have the cash to do it, but it will make your bottom line look bad if you spend millions on upgrading routers and switches. As we all know, in the U.S. nothing is more important that the bottom line (gag).
If you're a home user, you'd love to go to IPv6 so that you can run your own OpenNap, Icecast, FTP, Web, etc... server, but realize that you will never convince your ISP to allow you to do so since they're still using IP4 protocols and working with backbone providers who use IP4 protocols.
So you use AVES, making it possible for those who would otherwise be force to use it put off IPv6 off just a little longer.
The next Slashdot story will be ready soon, but subscribers can beat the rush and slashdot the links early!
Since IP6 is a logical solution to the problem with address, is there any reason we shouldn't push hardware companies to adopt it instead of focusing so much on workarounds?
Short sightedness has caused the depletion problem (if you can call 160 million possibilities short sightedness)...but the issue is kind of moot right now.
IPv6 is coming...and we won't run out of addresses. We need creative ways to deal with problems that we have right now as we wait for IPv6.
The issue of NATed addresses is a real one and a barrier for peer-2-peer communications, not the hype, but true application-to- application communications that can allow networks to understand their state and topology to make intelligent routing and communications decisions. In order for this to occur the Internet needs to go back to its roots of true bi-directional communications. Publishers cannot simply view nodes as passive receivers of content...but as active participants on the network at large with important things to say and receive. The current trend for ISPs to provide asynchronous bandwidth is our next barrier and a trend that hopefully is reversed as more devices and home users demand to be publishers of content and information.