The Impending IP Crisis

Factomatic writes "With the supply of IP addresses expected to run out by 2005 due to the popularity explosion of the Internet and the expectation that everything from your phone to your washing machine will soon have its own IP address, Alex Lightman, CEO of Charmed Technology and chairman of last month's North American IPv6 Global Summit tells the New York Times "we're going to need something like 100 IP addresses for each human being." IPv6 will increase the supply of addresses from 4 billion today to a number in excess of 35 trillion that is "so big that there's not a word for the number," says Cody Christman, director of product engineering for Verio, which offers IPv6 in San Francisco, Washington and elsewhere. The article is a good layman's backgrounder on the looming IP crisis."

Re:Imagine the uses

[dasmegabyte]

Alright, so I'll have 100 devices that require an IP. I could see that, although I fully intend to become a luddite sometime after OS 10.5 comes out. My question is this: does each device that has internet connectivity NEED its own IP?

And of course, the NAT community says NYET.

The end user's desire for privacy and security combined with the world's ISPs' need to cut down on the number of machines running active web/ftp/samba/gopher/finger servers over their lines (and essentially bypassing their commercial services, which is where the real money is), will eventually mean that all consumers will be given a single IP, or less, from their provider. And you'll have to make do or pay a huge fee.

(What, you think just because IP banks are massive with IPv6 that your ISP is just going to give you a shitload of them? No dice, kid. They'll make you pay just like everything else, and try to tell you it's a deal.)

But this is not necessarily a bad thing. Most connection sharing devices -- routers, gateways, access points, etc -- also act as a pretty good form of security. They close devices off from the rest of the internet, unless you explicitly allow internet users in. I'm pretty much unworried about the threat of hackers getting into my printer; all i have to worry about is hackers getting into the router. And a single path of entry makes it easier to cut them off as well.

Sure, you can get a personal router with IPv6. But you don't HAVE to, and a lot of people won't. So the current scheme is forcing people to use slightly better security. And while roughly 4 billion addresses isn't enough for every widget on the planet, it's far more than the number of conceptual groups on the planet. One IP per organization or per household...should be enough for a LONNNNNG while.

Re:IPv6: A Protocol of Failure

[Brandon+Hume]

I'm not sure you know what you're talking about.

1. Cisco routers suck at IPv6 because Cisco has been dragging its ass getting a production release of IOS which supports v6 out. That will be fixed this summer, I'm told. And considering the problems Cisco has been displaying in IOS, are you sure it handles IPv4 that much better?

Your points 2, 3, and 4 are just the same thing repeated: "IPv6 addresses are big".

2. IPv6 has ROOM TO GROW. It takes the /64 link-local address, and pastes on a 64 bit length for routing, and gives you an IP. You get your autoconfiguration, and your routing, and it's nice and neat. 64 bits is a perfectly reasonable size of data to expect to deal with at any particular time; we're already moving into a 64-bit computing world.

If you want an application that requires loads of addresses: cellphones. Pagers. PDAs. You can NOT use NAT for millions of remote communications devices trying to talk to *other* remote communication devices. NAT *breaks* things. Anyone who has tried to connect a machine behind a NAT to a remote machine which is also behind a NAT knows what this is about. (And if you have to manually configure a port forwarding, or designate a DMZ, then something is broken!)

I'm getting tired of the "IP-enabled fridge" remarks. Someone suggested something like that a long time ago as a "you possibly could", and people who don't understand the technology and don't want to understand the technology jumped on it as an example of pointless waste, as if such things were the driving force behind v6. It isn't.

3. You don't understand how IPv6 routing works. IPv6 does NOT take the IPv4 world of "a.b.0.0/16 is reachable via c.d.e.0/24 which is reachable via z.y.0.0/16 AND x.w.u.0/24 and..." IPv6 routing is a strict tree to explicitly combat that problem. How do you get to abcd::/32? You go through abc::/24.

*Reducing* the size of the core routing tables is an EXPLICIT DESIGN GOAL of IPv6.

4. Again, you haven't done any research. IPv4 networks have a minimum MTU of 576 octets. The minimum MTU for IPv6 is *1280* octets. Yes, the header is larger. But the payload capacity has risen to match it. Your transport efficiency has not decreased.

I think you need to do some more reading on this protocol. And try, if you can, to not fixate yourself on the size of the address. If that was all that mattered, we'd all be using Appletalk.

A new form of the 'remote control' syndrome

[stuuf]

A similar revolution to what you are describing has already happenned in the audio/video/home theater industry. Remember when your VCR had that little door on the front that covered that huge array of tiny buttons for things like tracking, timers, tuning? Remember when you used a vcr? Now they have power, eject, channel, and transport controls. Everything else is on the remote that your universal unit can't emulate. Eventually the control panel on the washing machine will disappear in evolution, and you will have to run over to your pc, log into your washer, ener a password, start the cycle, etc. Or grab your cellphone and dial into your network's internet gateway (maybe dozens of routers away in timbuktu), connect to your home computer...

Some devices weren't meant to be remote-controlled. And by some, I mean most. And even if they need to be, they don't need separate global IP's. People seem to forget that each of these 4 billion ipv4's have 65535 TCP ports.

Re:Imminent death of IPv4 predicted!!

[Tackhead]

> The 'crisis' is really another example of media fear-inducing hype. Worst case senario, your ISP will begin issuing private IPs for for customers with basic accounts.
> Yes, some things will break. But there's not much out there that doesn't function in a NAT enviroment from a client standpoint.
> It'd also save ISPs a lot of headache with customers running unauthorized services.

*applause*

Port 25 filtering would finally make sense - no more luzers with open exploitable proxies spewing bilge from attbi.com, rr.com, pacbell.net, comcast.net, and so on.

Add to that the possibility of doing ingress filtering, and you've got something that wouldn't just be less expensive for tech support, but a little safer for Joe Luser, whose unpatched box would be on a private subnet.

If the skript kiddie can't talk to port 135, 137, 138, 139, 445, or 1900 of Joe's box, he's gonna have a harder time 0wning him.

Aren't IPv6 addresses a bit long?

[sabNetwork]

I'm not an expert on IPv6 (nor IPv4 for that matter), but there is some practicality in question here.

Can you memorize 204.172.4.36? Maybe not at first glance, but after you type it in a few times, you probably will.

Can you memorize FEDC:BA98:7654:3210:FEDC:BA98:7654:3210? Definitely not at first glance, and very unlikely unless it is something which you must type every day.

Some people's jobs depend on entering IP addresses, and IPv6 addresses are just so unnecessarily long that typing them is a total drag.

---

Here's my RFC. 40-bit addresses. That gives you roughly a trillion addresses (a bit more actually), which is more than we should ever need. And you can write them in dotted-decimal format.
Can you memorize 430.168.957.249? Probably.