Slashdot Mirror

← Back to Stories (view on slashdot.org)

The Impending IP Crisis

Posted by ryuzaki0 on from the ominous-chords-go-here dept.

Factomatic writes "With the supply of IP addresses expected to run out by 2005 due to the popularity explosion of the Internet and the expectation that everything from your phone to your washing machine will soon have its own IP address, Alex Lightman, CEO of Charmed Technology and chairman of last month's North American IPv6 Global Summit tells the New York Times "we're going to need something like 100 IP addresses for each human being." IPv6 will increase the supply of addresses from 4 billion today to a number in excess of 35 trillion that is "so big that there's not a word for the number," says Cody Christman, director of product engineering for Verio, which offers IPv6 in San Francisco, Washington and elsewhere. The article is a good layman's backgrounder on the looming IP crisis."

10 of 765 comments (clear)

  1. Re:Not so much a crisis... by binaryDigit · · Score: 4, Informative

    That's fine but unless you're talking about incoming originating comms. With NAT, you have to rely on ports instead of ips to address specific items. This means a mod to your dns (or whatever replaces it). You can't just assume that the cell phone port is port 32768, since the household may have several different cell phones (or toasters, or tv's, or whatever). Not a huge problem, but it does require more changes than would simply assigning everything it's own unique id.

  2. IPv6: A Protocol of Failure by Anonymous Coward · · Score: 4, Informative

    While IPv6 fixes many problems in IPv4, the developed world will not embrace IPv6 until many shortcomings in the protocol are addressed.

    1. Cisco routers suck at IPv6. Many of cisco's routers use the router's CPU to process IPv6 packets instead of the fast-path. The reasons for this are explained in the next few points. While Juniper's routers are substantially better at IPv6 than cisco's, IT managers are often restrained by insane corporate policy that dictactes the use of cisco.

    2. There are too many addresses. There are 16.7 million addresses per square metre of the earth's surface, including the oceans. This is overkill. The world does not need more than the 4 billion addresses available with IPv4, and I challenge you to come up with an application that requires that many. Assuming that you can actually come up with one, it could easily be solved with Network Address
    Translation, or NAT as it is commonly known.

    3. IPv6 addresses are too large. An IPv6 address is 128 bits in size - 64 bits of which are reserved for addressing hosts, and 64 bits of which are reserved for routing. One thing that is cool with IPv6 is address autoconfiguration. Take your 56-bit MAC address on your ethernet card, ask for 64-bits of network prefix, bang it together with EUI-64 and you are set. The problem with a 64-bit network prefix is that routing tables become massive. Just do the math and you'll see that extreme amounts of memory are required to hold routing tables.

    4. The IPv6 header is too large. An IPv4 header compact at 20 bytes in length, while the IPv6 is bloated at 40 bytes. That's right people, each one of your IP packets has twice as much overhead as before.
    While this may not sound much, IP networks have a requirement that the minimum MTU supported must be 576 bytes. That means that where you might have got 556 bytes of data in your IP packets, you now get 536 bytes. This means that downloading stuff will take 3.4% longer.

    Sure, IPv6 allows for nice hacks, but is it really ready for prime time?

    1. Re:IPv6: A Protocol of Failure by riflemann · · Score: 5, Informative

      1. Cisco routers suck at IPv6.

      Cisco is working on hardware support for IPv6 for most platforms. As it becomes more widespread, they will develop full hardware routing for all devices. It's a chicken and egg problem, but a lot of people have decided to start somewhere.From what I've seen, there has been more interest in getting IPv6 running in the last 6 months than there ever has been.

      2. There are too many addresses.

      NAT doesnt work when you have devices that need to be addresses externally. What NAT-Portfw port is your device 'X' listening on? Hmm?? IPv6 is designed such that address space is _not_ a resource, but a method of being able to access _any_ device attached to the net. I dont _want_ to have to explain to someone why I want an address. I just want the thing to work.
      Another benefit is address management. With Ipv6, the days of deciding how big your subnets are will be numbered. Every subnet has trillions of addresses. Nowadays you have to wonder whether your subnet needs a /24, /25, /26, etc. Yuck! With Ipv6, you never have to worry - there's enough space in _one_ subnet to scale indefintely. No more subnet-resizing games.

      3. IPv6 addresses are too large.

      Ipv6 is designed to be very hierarchial. The top organisations get /32s, the next one down get smaller subnets (/48), etc. The routing table will no longer be populate with tiny piddly subnets (eg /24s today). Go into an aggregate and things will behave.
      And as for the routing table size, modern routers have oodles of memory, on average 512Mb RAM. A full BGP table of 130k routes takes up around 64Mb of that at most. IPv6 will have better aggregation, so smaller numbers of routes, and my the time it gets large, standard memory on routers will not have a problem storing the table.

      4. The IPv6 header is too large.

      3.4% longer if you use a 576 MTU. Use a sensible 1500 byte MTU and your downloads will not be much slower at all. Anyway, the elimination of fragmenting, the simplification of subnetting, and the many other benefits will far outweigh your 20-byte concerns. See my other post on security too (no more network host scans).

      IPv6 is not ready to fully replace IPv4 overnight now, sure. But it's gaining a heck of a lot of momentum and by the time your concerns will actually become enough to be worried about, they will have been either solved or rendered moot.

      Another nice thing about IPv6 (at least now), is that it's a return to the good ol' days of the net when everyone was friendly with each other. 15 years ago you askes someone for addresses or transit and you were quite likely to get it for next to nothing. Ask for addresses or transit/peering with IPv6 today - you're likely to get it, with a friendly response. it's a great community.

      --
      Sparks:Gadget:Beer Maker
  3. Re:What's wrong with IPv6 by sporty · · Score: 5, Informative

    Not too hard.

    Backbones should switch over first, proxying ipv4 over ipv6, then propogate downwards.

    When it hits users, they'll have an ultimatum. Upgrade within the next 180 days, or j00 are fux0red.

    As for the OS and device makers, simply make dhcp check ipv6 first, then fallback to ipv4. That'll be transparent for all the chuckleheads who would ignore the "switch" thing.

    --

    -
    ping -f 255.255.255.255 # if only

  4. Re:Oh Puleeeze! by lfourrier · · Score: 4, Informative

    rfc1918 says we have:
    10.0.0.0 - 10.255.255.255 (10/8 prefix)
    172.16.0.0 - 172.31.255.255 (172.16/12 prefix)
    192.168.0.0 - 192.168.255.255 (192.168/16 prefix)

    so you are very pessimistic

  5. Bullshit! by Fefe · · Score: 5, Informative

    IPv6 is bad because Cisco routers suck. No, wait, "Many of Cisco's routers" suck. You can' be serious! Once IPv6 gets off the ground, IPv6 will become fast path and eventually IPv4 will be dropped to legacy mode.

    About your point 2: IPv6 does not actually give out all those 2^128 IPs. The first half is for the network part, the second 64 bits are for the host part. This is necessary because autoconfiguration (which is really great, by the way!) uses a 64-bit part. The IPv6 autoconfiguration is stateless, by the way, which means it will also work without a DHCP server and it won't need reboot if the routers were down when the autoconfiguration process started.

    The point about having this many addresses is that you never ever want to have to come into the remote possibility to have to switch to IPv8 because IPv6 is too small. And when you rant about the IPv6 header being 20 bytes larger than the IPv4 header, consider that the overhead of the TCP header (20+ bytes), the HTTP header (300 bytes), the Email header (500 bytes?), ... most of the internet protocols are very wasteful. On the other hand, they are easily debuggable with relatively simple tools. This is a trade-off, obviously, and IPv6's choice is not per se good or bad, it's just different. We will see whether it will have a significant overhead. I say getting rid of spam is a better way to reduce bandwidth requirements on the internet than talking about header sizes.

    IPv6 is ready for prime time. People are using it (I, for example). You can buy access to IPv6-native backbones. All the major OSses support it. There is really no excuse not to be already using it.

  6. There is a word for the number by adenied · · Score: 5, Informative
    2^128 is: 340,282,366,920,938,463,463,374,607,431,768,211,45 6

    Which is: 340 undecillion, 282 decillion, 366 nonillion, 920 octillion, 938 septillion, 463 sextillion, 463 quintillion, 374 quadrillion, 607 trillion, 431 billion, 768 million, 211 thousand, 456.

    A far cry from "35 trillion". To give you an order to this magnitude, some Australian scientists recently announced that there are 70 sextillion stars (give or take) in the known universe.

    It may be pedantic, but someone who is so blinded by their work that they make hysterical claims that there's no word for the number they're pushing doesn't make me want to buy into their idea so quickly.

  7. Re:Duplicate story... by Merk · · Score: 4, Informative

    Say you have 5 servers behind a NAT box, all running SSHD. How are you going to set them all up so that they can have incoming connections? Sure, if your NAT box is a good one you can manually set up port forwarding, but that's a pain.

    What about strange services like FTP that require 2 different connections? They're always a pain when using NAT, so you need to find some means of dealing with them.

    What about games? Say 3 people behind one NAT box want to play the same online game at the same time? What about filesharing applications that want to allow incoming connections?

    NAT != firewall. If you're using it like it is, expect to get hacked anyhow. Besides, if you don't want a particular device to be exposed to the IPV6 world, you are free to put it behind a NAT box or a firewall, it just means that the machines that you want to have routable addresses can have them.

    I already want more IP addresses. I have a server which hosts websites for various domains, but only uses 1 IP address. That works for HTTP because it sends the hostname as part of the request, but nearly every other protocol doesn't. That means that I can't deal with HTTPS easily, and makes configuration of things like mail much harder. If each host could have its own IP then it would make management and configuration much easier. It would also make it possible to have much more fine-grained control over services and access to various IPs.

    I can just picture you when they finally start selling flying cars: "Hello? I already have transportation, it's called a car. In many ways it's better to move slowly in gridlock. At least that way if you have an accident you're only moving 4 miles per hour!"

  8. I like my buggy whip just fine! by Merk · · Score: 4, Informative

    I can't believe how many people have commented that there is no need for IPV6 because of NAT. Are you really willing to put up with the limits of NAT when you could give every computer its own routable address?

    NAT does a decent job of allowing you to surf the web using a non-routable IP address. For anything more advanced it starts working less and less well.

    I, personally have had many troubles with NAT:. Games which don't work properly unless they have huge ranges of ports exposed to the net. Instant messenger apps which fail in subtle ways. Brain-dead DHCP servers which don't properly pass on DNS settings, etc. Add to that the fact that the DHCP/NAT combination in most consumer boxes (like Liksys routers) is awful. You can port-forward from the router to a fixed IP address, but if you're using DHCP, you never know what machine will get that IP address! Even when it does work, there are far too many programs that don't work right when something is on a non-standard port.

    In fact, I don't just want each of my machines to have its own routable IP address, I want some machines to have multiple addresses. That way I can host multiple domains on a single machine and truly administer them differently. Right now HTTP sends a host neader so that you can have multiple domains on a single IP and things just work. On the other hand, HTTPS doesn't work like this, so you need a work-around if you want to use HTTPS. The simple truth is that today if you want to have multiple domains using anything other than straight HTTP on a single machine you really do need multiple IPs.

    For many people, NAT is a comfort thing. They think they don't have to worry about patching their systems because they're behind a dinky broadband router. Hint: that's security through obscurity. The devices you're buying aren't meant as firewalls, they're meant to let joe-consumer connect two computers to the Internet easily.

    The main reason I want IPV6 now is so that my damn Internet provider can't get away with charging extra for extra IP addresses. At the moment they can because they're relatively scarce, but I can't see them getting away with that with IPV6.

    If you're content with your buggy whip, that's great. But I personally have a use for at least 20 IPs that NAT won't solve. So don't make a blanket statement that IPV6 isn't necessary. Maybe not for you, but some of us can't wait to have it.

  9. There is a word for the number... by ikewillis · · Score: 4, Informative

    The number, 2^128, or 340,282,366,920,938,463,463,374,607,431,768,211,45 6, can be read as:

    Three hundred forty undecillion,
    two hundred eighty-two decillion,
    three hundred sixty-six nonillion,
    nine hundred twenty octillion,
    nine hundred thirty-eight septillion,
    four hundred sixty-three sextillion,
    four hundred sixty-three quintillion,
    three hundred seventy-four quadrillion,
    six hundred seven trillion,
    four hundred thirty-one billion,
    seven hundred sixty-eight million,
    two hundred eleven thousand,
    four hundred fifty-six.

    That's a lot of IP addresses.