Slashdot Mirror
ARIN IPv6 Allocation Policy
possible writes: "ARIN has announced the last call for public comments on its proposed IPv6 address allocation policy. This last call for public comments will expire on 23:59 EDT August 03, 2001."
← Back to Stories (view on slashdot.org)
Use a logical GEOGRAPHIC based struct, 3 bits for the continent, 16 bits for the nation, 24 for the city, 48 for the company/individual, and 32 for each of the last cagegory to play with. As for the remaining 5. Let that designate the planet. Plan ahead. You've got 128 bits, right?
--
$x='S24;r)>63/* h@<5+oZ)32"5cz';$me='phroggy'x$];
$x=~y+ -xz+\0-Tx+;print$_^chop$me for split'',$x;
Not only that. If you have a /48, that gives you 80 variable bits (IPv6 addresses are 128 bits long), which gives you 2^80 IPs (1,208,925,819,614,629,174,706,176). That's more than enough to give every atom in your house an IP, let alone every appliance.
10 PRINT CHR$(205.5+RND(1)); : GOTO 10
Divide your namespace properly, man. Major space-borne bodies should have their own TLDs. Maybe group the asteroid belt all under one, the way the .us domain is chopped up now. Vehicles and space stations to be registered under their controlling entities...
Gee, I managed to talk to her with nothing more than analog voice modulated carrier.
I see even classic Slashdot is now pretty much unusable on dial up anymore.
There is absolutely no downside for the ISP in allocating /48 prefixes rather than /128 - no extra hardware or bandwidth. The hardware upgrades are due to IPv6, not to the address allocation policy.
What's more interesting is to speculate when most ISPs will offer IPv6 - UMTS Release 5 (the future 3G mobile phone standard for GSM operators) specific IPv6 for all multimedia services, so if 3G takes off this could be a big driver for IPv6 adoption.
Permanent IPv6 addresses that can roam screw up the routing tables. Right now the big problem on the backbone isn't the IPv4 address space, it's the sheer number of routing entries needed. If they force everyone connecting through a given provider to use the provider's network number, they drasticaly simplify the routing. And with 16 bits for the provider to subnet, and 64 bits that the end user can play with and subnet if they want ( none of the policies preclude dividing the 'host' portion up into sections by the end user ), handling dynamic network numbers isnt' nearly the problem it is under IPv4.
Portable addresses are why the routing tables are so big. Compact routing tables require that everything down a given branch of the routing tree have the same address prefix. The larger the number of prefixes down a given branch, the larger the routing tables need to be. IPv6 tries to deal with this by a) insuring that there's enough room in the 'host' portion that customers can subnet their networks completely within it and b) the provider has a large enough address space to assign a single subnet to each customer. That's also why they've kept alive the idea of a subnet hierarchy within the rightmost 64 bits.
And don't try invoking a different addressing method. All of them eventually boil down to the address being a string of bits, and while the terms for each field in that string change the basic problem of the routing tree doesn't.
Actually pppp.pppp.pppp wil be assigned to the provider, ssss will be assigned to the user, and hhhh.hhhh.hhhh.hhhh can be assigned however the user wants. The RFCs specify that the host part should be derived from the Ethernet MAC address on Ethernet-based networks, but they can't really write in dependence on anything but the host part being unique within the subnet ( think about PPP, which doesn't have anything like a MAC address ).
Apparently you failed to read RFC2462, which addresses this. Hosts do not configure the high 64 bits of their address, they are told what it is by their router(s) during configuration of the interface. A site's local address topology is completely independent of the 48-bit prefix assigned to them by their provider. Creative abuse of the relevant RFC lets you do this even if your provider gives you a /64.
Third generation beer, yuck!
I doubt you will have that many programs running on your systems. Even at a company level.
With each /64 subnet having a full 64bits for specific machine identification you could easily assign machine addresses randomly and not really worry about collisions. You're talking about a huge address space. So what you assign machines a few billion address so they can assign one to each program. Current process tables are only measured in the thousands. It's a non issue at this point. I can see a senario where it could be an issue, but then having more than 2^64 objects is rather unlikely.
IPv6 is fundamentally flawed. It has the same fundamental flaw that IPv4 has. That flaw is that it does not support universally portable IP space. Just like IPv4, IPv6 requires a massive routing table space to be able to route to different address spaces. The only advantage of IPv6 over IPv4 is more addresses. It is NOT going to provide you with your own portable address block.
The Internet is going to end up splitting into a commercial version and a free (as in speech) version, anyway, so who cares. The latter will never need more than the IPv4 space, so IPv6 just isn't needed.
now we need to go OSS in diesel cars
The problem of multi-homing in integrated in the design of both IPv4 and IPv6. The flaw is in the address concept itself. To fix this, you cannot just retrofit something on top of the existing IPv6. I do have an idea I call "layered addressing". It pretty much eliminates the core routing tables (it would most likely be way fewer than 1000 entries, perhaps just 200). But it also requires a whole new way to think about addresses. It has some similarities to "loose source routing", but works on the basis of autonomous secured zones. And that just isn't part of the IPv6 design. I highly doubt the multi6 working group has the authority to scrap the whole IPv6 addressing scheme and start over, so there would be no point in trying to do anything in that group.
So do you know where to reach the IPv7 working group?
now we need to go OSS in diesel cars
no one is interested it.
./'s reputation as a hang-out for those who cannot spell, or figure out just exactly what the word "capitalization" means.
Thank you for contributing this error. It will help maintain
--
--
"Outlook not so good." That magic 8-ball knows everything! I'll ask about Exchange Server next.
well, one thing with IPv6 (kind of like IPX in this respect) is that the last 48 bits of your address are your MAC address. while this is ethernet (and compatible) addressing specific, that's most everything these days. so it's not even a matter of static or dynamic anymore, as everything just *IS* what it is, and that's about it. I don't know if you remember the IPX days, or even experienced them, but there wasn't much of an issue with addressing with it (at least in the same respect as we have with IP now.) I look forward to IP addressing being less of an issue.
:)
e ntation/ip6routing.html
That being said, routing protocols will need to be furthered, and some of the new routing protocols as well as the IPv6 versions of old standbys (like BGP, OSPF, etc) are pretty slick. think about the amount of route summarization you'd need to do for BGP so you don't kill yourself! we're talking massive exponentional expansions in potential routes. ouch. I think that's why most of the IPv6 space is going to be kept close together to save us all the hassle of watching our older equipment die under the load. thinking of all those little ISP's loading up IPv6 BGP on a cisco 3640 or something equivalent just makes me want to cry
Here's a good link on the routing issues moving to IPv6: http://www.t17.ds.pwr.wroc.pl/~misiek/ipv6/!Docum
EOM
Sure you can do dynamic dns for vanity names and domains through any service now. I want to be my own dns, i want legal mail services, i want to do vanity domains or virtual hosts based on having a constant ip.
just an idea.. dunno if it is even feasable
Standardization is why we have area codes. You know that 281,713 and 409 are houston, you know that 610 is philadelphia, you know that 215 is a place you don't want to call.
Cell phones are just mobile phones and believe it or not cell phone users have a home market. Much like the area codes, this helps identify and localize the user.
Extensions suck. It is nice to have my own phone number at work, at home and on my cell phone. You want to try and remember extensions and numbers? You extension idea is simply adding incomprehensible and unplanned numbers BEHIND the normal 7 digit number adding only to the confusion. 10 didgit dialing is alot easier then 7+4 digit extensions that don't mean squat unless you work within the company. Most business use the suffix of the number as the extension anyway only adding to the EASE OF USE.
Private networks wouldn't be needed and all the computing resources being utilized for managing private networks coould be a thing of the past if it wasn't necessary.
Service levels will increase, productivity would increase and network management would increase.
But then again, i may be dreaming.
On the otherhand, is it possible for someone to do virtual ip's in some fashion? Like a vpn connection that authenticates the client and then does shortest path routing? Something like provider x assigns me 222.222.222.222 through the vpn and then bgp's the routes to the dynamic ip address by weights (so that your traffic still goes through your local provider and doesn't need to be tunneled through the vpn).
Just wondering. Too many big companies screwing over the lil guys and customers. "It is our policy to not assign static ip's". Thats like saying you sell me a 100% connect dedicated DSL circuit and say i need dynamic ip's because it saves your space on your ip subnets.. thats bs since the same customers are going to be on.. save yourself a dhcp server and assign ips. If your all about spam and email filtering with your new no smtp/pop outside of verizon email addy policy then why not implement static ip's so you can CATCH the people doing it instead of chasing them elsewhere and ruining services for people who don't do bad.
2^48 actually.
Although this COULD become a problem when we get into nanotechnology and ever nanite needs its own IP address. A body full of these suckers COULD potentially run out of IP addresses.
"No, but you don't understand. I need an extra block of addresses because it is vitally important that I can access nanite #38273749590627
directly from a computer on the other side of the world. A double hop is simply NOT an option guys!"
Enough for anyone. Humph!
-Restil
Play with my webcams and lights here
If you want to address all those lovely items behind the NAT from the outside, you're screwed.
Inside going out, NAT is fine. However outside coming in it is a mess. IPv6 will fix this.
--
Charles E. Hill
Learning HOW to think is more important than learning WHAT to think.
NAT and PF (port forwarding) forces everything to go through a SPF (single point of failure). Lost the NAT, and your entire network is offline.
Yes, there are benefits from a security standpoint but I prefer my security solution to be more flexible. My coffee pot doesn't need the same protection that my home alarm system does. NAT with PF forces this to a good degree.
It also causes problems with things like redundant links. Multiple connections to the 'net would be a good thing. A full-mesh config on your internal LAN with a couple of redundant egress points could help. Not to mention the possibility of different speed connections.
Simple devices can be controlled/monitored with simple commands (SNMP-like) and slow/small-bandwidth links. Again, my coffee pot doesn't need a DS-3, but my porn-scouring spider would like one!
Having to reconfig multiple similar devices (like clocks and/or TVs that naturally use the same ports) to use different ports will be a pain -- though I suppose some form of DHCP for port assignment could be created.
IPv6 also has better support for QoS and a few other additions that make it desirable. No, it isn't perfect but it is a step in the right direction.
--
Charles E. Hill
Learning HOW to think is more important than learning WHAT to think.
This isn't going to fix the current problem (which is the router tables are too large to deal with properly) and all it does is push it away a bit and attempt to hide it.
/22 (or larger) blocks to two ISPs at a time. This way every ISP will have a block that they must share with a different ISP and it allows small groups to dual home. Right now to properly dual home you have to pay thousands per year and you get a very wasteful /20.
This and every other Ip address scheme is based on the concept that the end user is a leaf node and has one upstream and that is the root of the problem since the "Internet" is about having multi-homed hosts which have 1 or more upstream connections.
The current mess with ip v4 could be fixed by telling every ISP that they will have to return 10% of their address space per year and then only allocate
They are basically saying that in IPv6 everyone will be given a /48 which means that as you connect to your ISP it will automatically give you a range of IP addresses large enough for you to have 2^16 or 65536 different subnets. Because IPv6 is a 64bit network with 64bit host system that means each subnet can have practically an unlimited number of devices in it. You can basically give every piece of dust floating around in your house an IP address and each room could be on it's own subnet!
/48 network numbers away until address assignment starts to become an issue again which still leaves 85% of the address space unused.
And still as they state, they can easily give up to 178 billion of these
Now the real trick as the article alludes to but doesn't really address is the complexity of handling the routing for multihomed sites. Someone still has to figure out how to make multihomed routing easy, fast, and efficient.
- Home network subscribers, connecting through on-demand or always-on connections should receive a /48.
This means that every home will have enough IP addresses for about everything in the home. Finally I will be able to telnet into my coffee machine from downstairs and brew a new pot of joe! The possibilities for us caffeine soaked programmers are endless!!!
> telnet fridge.appliance.myhome.org
/bottomshelf/beer /dev/null
Welcome to the FreezyFridge 2010
Running Linux 2.4.15
Login:root
Password:******
# mv
# exit
> _
Then no more beer!!!!
Where is your forward thinking? :)
On the other hand, I do agree with you regarding the heirarchical designation, however it appears that ARIN want to give everyone a /48 address by default (that is 2^80 addresses per person). Only 1/8th of the IPv6 address space will be available (001 designation) by default, allowing 2^45 entities to have up to 2^80 addresses.
The paper says that there will be 10billion people on the Earth by 2050. I bet IPv6 will last until 2100 at least though, and you shouldn't design upgrades into the system for something anyway, so assume that it will last forever...
In 3000, the Interplanetary Confederation will have 10 trillion people under its finger, and 100 billion companies (imagine giving each of those a unique name to avoid .com naming problems!). 2^45 is more than the sum of these (2^35), so even then IPv6 will be fine. I assume that the average person will not have more than 2^80 IPv6 addressable elements on or within their body though. I think this is reasonable... !
1. Ipv4 Address space is sufficient?
wrong. There are large chunks of the world that can't get address space to do what they want. Especially Asia which is only now starting to get into the Internet. it is also estimated that giving every mobile phone over the next 10 years or so an IP address will also make us run out of addresses.
2. NAT is the answer? No, for true secure internet you need end to end connectivity. This means live IP addresses, not hiding behind NAT. Also NAT can't pass everything through. e.g. try to pass ESP for several devices through NAT. Also try to run several independent servers of the same service type (e.g. web sites) behind a NAT. Gets very difficult.
3. Routing for Ipv6 will fall apart because of the large routing tables?
Wrong. The way strong aggregation is defined in Ipv6 results in the Default Free Zone (DFZ) of the core internet being very small (designed to be < 8000 or so entries). That same aggregation policy applies to for TLA (top level aggregate), NLA (next level aggregate) and SLA (Site level aggregate). If people adhere to the rules, there will be no routers blowing up any time soon. Router lookups will be faster than they have ever been because of the strict aggregation boundaries.
As an aside, Ipv6 does not have a header checksum so routers will no longer need to checksum all headers as they pass through. This will also reduce router processing overhead.
To qualify (3) I must add that multihoming is done differently in Ipv6. No site will ever "own" their address space so it can never be advertised into the DFZ. This is the mistake that we learnt from IPv4. To multihome you will be required to have an address space from each provider (SLA/NLA or TLA) that you are multihoming to. This means that nodes in a multihomed site will potentially have more than one visible address on the internet to maintain connectivity. The details of how to deal with the multiple address issue are in the process of being sorted out, but I can assure you there are several solutions to the issue of multihoming in Ipv6.
4. Privacy is gone in Ipv6. (in case anyone wants to raise the point).
This has been debated before about the issue of your NIC address being publicized. It is a simple matter to anonymize the address and an I-D has already been done to deal with this.
So Ipv6 is not DOA as some would suggest. It's only a matter of time before people realize that it's absolutely required for the Internet to move forward.
Do your research and you'll find that Ipv6 is needed and will make life on the internet much more saner. The availability of reasonable address space is the fundamental one, and I'm sure the IAB/IETF can bring enough pressure to bear on providers to make sure everyone gets a fair share of this address space. Don't also forget that it's a free market - giving adequate address space can be a selling point for a competitive ISP.
You're now limited to 65,535 possible things you can address through that firewall (TCP ports are a 16-bit field).
So you've got 10/8 behind the firewall (2^24 devices) and you can only address 2/3 of them--assuming each one "only" needs one TCP port. Oops!
Admittedly, you could as much as double the "address space" by using UDP for some things...but since most of your embedded gear is probably going to want to use HTTP, that won't work too well.
If your control software is smart enough, I suppose you could use an HTTP proxy on the gateway...but does the Linksys box provide one? Didn't think so.
Maybe someday we'll see RFCs in HTML - that way we there can be links instead of footnotes. Now that would be progress.
Actually, in the meantime, an additional draft has been released, see for example this copy. However, no technical changes have been made.
What does /48 mean?
Will I retire or break 10K?
Uhm, why don't you learn some things about IP before saying how stupid things are. Why don't we use 0.0.0.0 all the time? Because the network 192.168.1.0 is different from the network 192.168.1.16. It logically follows the same for a broadcast: 192.168.1.15 is different from 192.168.1.31. Sure, 0.0.0.0 might be a network number... and 255.255.255.255 might be a broadcast, but they don't refer to anything specifically! Your comments are beginning to annoy me.
"Nature doesn't care how smart you are. You can still be wrong." - Richard Feynman
> Use a logical GEOGRAPHIC based struct
/48 from www.freenet6.net. Use and learn about the technology now because we're going to be building networks with this stuff real soon now.
There are a number of reasons why this is a bad idea -
1) Privacy. Maybe I don't want people (read companies) to know what city I'm currently in.
2) Speed. Most IP traffic is routed between major network providers which do not operate within set geographic boundaries. Knowing that a packet at a major peering point needs to go to Cambridge, England is nowhere near as helpful as knowing the transit provider is PSInet.
3) The last 64 bits of an IPv6 address are often used to store the MAC address of the sending host. This is going to make things like Mobile IP and automatic IP allocation (think DHCP) a breeze.
All these reasons and more are why the (substantially more knowledgable than you and I) members of the IETF working group chose the current system 8-)
Si
ps. go visit www.6bone.net to learn more. Get yourself a free
actually in says quite explicitly that each entity will get a /48 address, and can can assign all the subnet ranges as it sees fit.
The whole idea behind this is so that an ISP will not have to distinguish address assignment between an occaisional dialup user and a major multinational corporation- they both get as many routable addresses as they could ever use.
The rfcrfc also makes a long argument about why this is desirable. Go read it ;)
That's okay, his number of available IPv4 addresses was off by 3 orders of magnitude.
Education is a better safeguard of liberty than a standing army.
Edward Everett (1794 - 1865)
I've heard a lot of FUD lately about how ARIN was going to limit the amount of IPv6 space given out so that it could lease the addresses and make money. The proposed policy, if adopted, appears to mitigate that fear. As the document says:
(Now let's get IPv6 fielded! I'm ready...)this can't be slashdot.. if it is.. i feel kind of betrayed..
Until we discover a means of FTL communication, interplanetary networks will have to use something other than TCP/IP.
--
"Open source is good." - Steve Jobs
"Open source is evil." - Microsoft
As we are getting closer to IPv6, I am looking forward to get a IP for my fridge, doorbell, TV, ferrets and whatever. :-) :-)
I remember the days where getting 100s of IPs was cheap and no problem what so ever. These days I still wonder why some companies that I visit, still have a full range of IPs when they only use one or two.
I have been told that is is hard even to get a small range today, but I see many private people with their xDSL lines getting 8 IPs. hmm.
Most people forget that they can host many servers on one IP using layer 4 switching. I just love to configure those Foundry boxes
But I can't help to wonder that we might have missed something, I'll bet that real soon someone comes up with something that will make the amount of IPs available with IPv6 too small.
Just like when you got that 4GB harddrive, "Now I will never need another drive", then came 37GB "now I will truly never need a bigger drive", deal if you know what I mean.
--------
For sale: Rhesus-Monkey-Torture-Kit 40$
Why are all you people complaining about IPv6 not having global addresses that work everywhere? The whole point of router discovery is so that stateless autoconfiguration can make renumbering instantaneous and transparent. If you don't use stateless autoconfiguration, you're either using DHCP (in which case you have no problem), or static addresses (which is kind of stupid). Taking the idea of a unique global address to its extreme, every router in the world would have to know how to route data to every single device in the world. Plugging your device into a network jack somewhere else requires updating the routing table on every single backbone router on the Internet, which is infeasable.
No worries, by that time we'll either be telepathic or we will have invented something that will probably be called 'NAT'
Was it not Bill Gates who said "640Kb RAM should be enough for everyone"? :-)
karma capped
I wonder if IP v6 will have an affect on all the script kiddies and black hats out there who need to sweep ip ranges to find targets. At present our class C in lodon gets sweeped about 5 times a day, and usually for a single port, having to scan a /48 for every company/ house would take a long time, and even then the marority would be for smaller busineses and such that would have a few devices. I believe this would discourage many as the chance of finding a target would be almost impossible. this added to the fact of once the intrusion system picks up a scan, there would be a lot of time to act on it.
Now if only they would introduce 128 bit port numbers
It's called a subspace channel. I've been trying to tunnel TCP/IP over one, but I keep getting problems with timeouts and dropped packets that are associated with non-causality paradoxes.
I did manage to use my setup to chat with a hot black chick who seemed to be on some kind of space mission, though...
- That only by having a provider-independent boundary can we guarantee that a change of ISP will not require a costly internal restructuring or consolidation of subnets."
It is not in the larger ISP's (AOL, Baby Bells, etc.) to allow customers to easily change providers.
"- To allow easy growth of the subscribers' networks without need to go back to ISPs for more space (except for that relatively small number of subscribers for which a /48 is not enough)."
The more devices you have in your network, the more bandwidth the ISP will be exptected to provide. Bandwidth costs ISPs money, and many home broadband providers to home users don't like you using all your alloted bandwitdth for any period of time.
"- To remove the burden from the ISPs and registries of judging sites' needs for address space, unless the site requests more space than a /48."
If they maintain control over those decisions, they can keep a cap on the bandwidth they need to provide. Besides, everybody likes hanging on to power.
"- To allow the site to maintain a single reverse-DNS zone covering all prefixes."
Then how will the ISPs charge you for using their DNS servers?
From where I sit, the big ISPs/telecoms stand to make more money in maintaining the current IPv4 structure of the internet than moving to this implementation of IPv6. I mean, come on: Charge $40/month for a /48 or for a /128? You do the math.
So they're requesting for comments before it gets publicized as a Request For Comments? No wonder the internet is so fucked up!
Ofcourse, unfortunately, I would only be able to use 65535 or so portnumbers... Hums hums.. BUMMER! 'Mom, you cannot put more than 60k devices on our home network damnit! How many times do I have to repeat this, your hairdryer just CAN'T be controlled through the internet, you will REALLY have to control it through the local LAN.
Ofcourse, as another poster suggested, a name based HTTP proxy on the 'router' would also be cool. So let the proxy server decide which IP address on the local LAN to forward requests for http://coffeepot.mydomain.com to! That'd kick ass, I bet Linksys could fairly easily put such functionality in their little box. Ofcourse when you have a Linux internet gateway that's trivial to set up anyway.
However, wasting 'numbers' is not so harmfull as the more typical American waste, so why the hell not implement IPv6 and have a plethora of numbers available. Hmmm. Hey it would probably be good for the IT work opportunities in the future, all those routers that will have to be replaces 'n all, all those computers that'll need to be reconfigured. Hmm. I like it. Let's do it!
Out of curiosity, how is allocation such a major issue here? IPv6 will allow for enough IPs that every square foot of the earth's surface (including oceans and other uninhabitable places) is able to have it's own IP, with plenty of IPs leftover.
The One Rule Of Chess You'll Ever Need: Don't play someone who carries a kit in their bookbag.
Two words: Dynamic DNS. Hosts in IPv6 world are auto-configured. Dynamic DNS is a necessity.
--