The Impending IP Crisis

Factomatic writes "With the supply of IP addresses expected to run out by 2005 due to the popularity explosion of the Internet and the expectation that everything from your phone to your washing machine will soon have its own IP address, Alex Lightman, CEO of Charmed Technology and chairman of last month's North American IPv6 Global Summit tells the New York Times "we're going to need something like 100 IP addresses for each human being." IPv6 will increase the supply of addresses from 4 billion today to a number in excess of 35 trillion that is "so big that there's not a word for the number," says Cody Christman, director of product engineering for Verio, which offers IPv6 in San Francisco, Washington and elsewhere. The article is a good layman's backgrounder on the looming IP crisis."

Imminent death of IPv4 predicted!!

[krog]

Great, another "we're running out of IPs, really, for real this time guys we mean it" story. I mean, sure, IPv6 will eradicate this problem (while introducing a slew of new ones) but IPv4 is fine for a while. We should just revoke the IPs for China and other firewalled nations who dont' play nice with DARPAnet.

Re:Imminent death of IPv4 predicted!!

[BWJones]

Don't forget the spammers. We can take a few IPs away from them as well.

Re:Imminent death of IPv4 predicted!!

[operagost]

Hey, if all of China is behind a firewall anyway, that should work. Just give them one public IP and let them put the rest of the nation behind 10.x.x.x and 172.16.x.x.

Re:Imminent death of IPv4 predicted!!

[Jeremiah+Cornelius]

The number of spammer's IP's are relatively insignificant...

A possibility of success for SCO would see the resultant world-wide demand for IP addresses drop to a manageable level: Somewhere's about a hundred and seven, or so...

Re:Imminent death of IPv4 predicted!!

[Troed]

No, we should withdraw all the A-class networks that are unnecessarily allocated to US companies.

OTH - I'd rather move to IPv6.

Re:Imminent death of IPv4 predicted!!

[The+Spoonman]

Agreed. In the last 5 companies I was an administrator, only one had public IPs on their machines. The company had bought a couple of class-Cs a few years back...then put them behind a natting firewall (no wonder they needed a new admin). There are very few reasons any company would need more than one or two public IPs. Okay, much larger companies will need more to cover a large range of campuses, but since the vast majority of companies are small/medium size (under 1000 employees), they're rare. As for phones needing a public IP, why? Hell, there's really no reason an ISP needs to give out public IPs, either. Well, maybe one: customers who have need of a VPN w/ their company. No problem, a lot of broadband ISPs already charge extra for the "right" to use this type of technology, force the issue by paying a little extra for an IP. It would also cut down on viruses and worms a little, as those machines can only really be hacked by people behind the same firewall now.

Okay, that was a bit of a ramblin' rant, but this really pisses me off. I'm tired of hearing how we're running out of addresses when the simple solution is to stop friggin' using them!

Re:Imminent death of IPv4 predicted!!

[VPN3000]

I don't see this as being much of a crisis. I've worked for several companies that employ ~10,000 people, most of which have systems connected to the network.

I remember in 1995, every Windows box had it's own public facing IP. Then over the years, everyone who could use NAT was moved over to private IP space.

The 'crisis' is really another example of media fear-inducing hype. Worst case senario, your ISP will begin issuing private IPs for for customers with basic accounts.

Yes, some things will break. But there's not much out there that doesn't function in a NAT enviroment from a client standpoint.

It'd also save ISPs a lot of headache with customers running unauthorized services.

I can already see the call to tech support..

customer "My web server/P2P/Warez FTP/etc doesn't work now that you changed my account to use a private IP."

ISP "Well, sir. You can upgrade to a business class account and get a static, public IP address."

customer "DOH."

I don't know about restricting the usage of IPs in countries that the US has a political agenda against. That would seem to defeat the whole idea behind the Internet. At least, that idea that was lost when Ebay and Amazon started suing everyone under the sun. It would keeps us going for a while longer, but I can see the NAT thing happen before that.

Personally, I would like to see one of the educational networks grow to a decent size and allow commoners onto their network with the restriction of no commercial activity. How I miss visiting Usenet and content outnumbering SPAM.

Also, doesn't Mercedes and a bunch of other companies that don't need an excessive number of IPs still have their own Class A? I know when I worked at an ISP that gobbled up a bunch of other companies in the late 90's, they were forced to hand over tons and tons of IP addresses because they could not prove they were actually being used for anything useful. That's what I was told, mind you I could see something underhanded going on since public IPs are quite a commodity these days.

Re:Imminent death of IPv4 predicted!!

[Ian+Jefferies]

Okay, that was a bit of a ramblin' rant, but this really pisses me off. I'm tired of hearing how we're running out of addresses when the simple solution is to stop friggin' using them!

Would the last person to leave the Internet please turn off the routers?

Re:Imminent death of IPv4 predicted!!

[Tackhead]

> The 'crisis' is really another example of media fear-inducing hype. Worst case senario, your ISP will begin issuing private IPs for for customers with basic accounts.
> Yes, some things will break. But there's not much out there that doesn't function in a NAT enviroment from a client standpoint.
> It'd also save ISPs a lot of headache with customers running unauthorized services.

*applause*

Port 25 filtering would finally make sense - no more luzers with open exploitable proxies spewing bilge from attbi.com, rr.com, pacbell.net, comcast.net, and so on.

Add to that the possibility of doing ingress filtering, and you've got something that wouldn't just be less expensive for tech support, but a little safer for Joe Luser, whose unpatched box would be on a private subnet.

If the skript kiddie can't talk to port 135, 137, 138, 139, 445, or 1900 of Joe's box, he's gonna have a harder time 0wning him.

Re:Imminent death of IPv4 predicted!!

[Cheeko]

You mean like HP which now has two Class A's (HP and DEC) and a couple of class C's from the combine companies.

Re:Imminent death of IPv4 predicted!!

[aldoman]

Uh, this would break a lot of other stuff aswell.

IM file transfers : broke
Video Confrencing: broke
voice over IP: broke
host a game (on xbox live for example): broke

now, i dont know about you but most of the people do one of the above things regually. IM has latley became the killer app of the internet (for the younger people).

This would reduce the internet to one way communication - something that I dont want.

Re:Imminent death of IPv4 predicted!!

[AndroSyn]

I disagree. Using unique IP addresses whenever possible is the way the internet is supposed to work. This NAT stuff is just an awful, awful hideous hack. The correct solution is IPv6, not NAT ourselves forwards and backwards.

Re:Imminent death of IPv4 predicted!!

[NecroMancer]

IMHO, NAT would almost be completely unnecessary if the IP space was better used. All registries have such statistics, just check for yourselves in the APNIC, ARIN, RIPE, and others...

Nevertheless, there is so much you can (NOT!) do with NAT, especially peer-to-peer and applications that use UDP.

Re:Imminent death of IPv4 predicted!!

[The+Spoonman]

In a way, we're not talking about the Internet here. We're talking about a company's, or even an ISP's, private network which also has access to the Internet. Giving those machines puplic IPs is not only a waste of address space, but a security risk. Those that need to access the Internet don't need public IPs. Those that need the Internet to access them, do. Forcing the world into a MAJOR move to IP6 just because you consider NAT a "hack" is unreasonable. NAT works, and works well. There's nothing I can't do behind NAT that I can't do with a public IP (including VPN, that's just easier with a public). The correct solution is to not give Nancy-in-accounting's printer a public IP, or worse, have to force accounting to upgrade that printer because its hardware doesn't support IP6.

Shame on you for suggesting otherwise.

Re:Imminent death of IPv4 predicted!!

[The+Spoonman]

especially peer-to-peer

Really? Huh and all this time I've been grabbing and sharing off of Kazaa on my machine behind a NAT router. Silly me, I must've imagined all that porn I downloaded. Man, do *I* have a sick imagination! :)

Re:Imminent death of IPv4 predicted!!

[Electrum]

I agree that there are a number of protocols that these places use that simply cannot be NATed, but IMO they need to quit catering to these broken-ass apps, NAT the system and tell the users to get software that plays nice.

You're right, let's get rid of all games.

Re:Imminent death of IPv4 predicted!!

[Electrum]

Hell, there's really no reason an ISP needs to give out public IPs, either.

Because no one plays games online, right?

Re:Imminent death of IPv4 predicted!!

[Electrum]

I can already see the call to tech support..

customer "My web server/P2P/Warez FTP/etc doesn't work now that you changed my account to use a private IP."

Customer: "Why can't I play games online anymore?"

Consider an RTS game such as Starcraft. If you and your friend both have a private IP, you can't play. NAT is not a good solution.

Re:Imminent death of IPv4 predicted!!

[peccary]

What? "broken"?? My god, referring to the correct, as-designed intended use of the protocol as BROKEN!

I know, let's just forget about Host Requirements, and about a richly-interconnected fully-reachable peer-to-peer network. That old Internet stuff is just "broken". Let's build us a hierarchical circuit-switched network, and then appoint a monopoly to manage it!

Re:Imminent death of IPv4 predicted!!

[AndroSyn]

Well see, private networks should still have public addresses. Just because the address space is public doesn't mean that you still don't use firewalls. NAT != firewall nor does it equal security. As for Nancy's printer, it can keep using its IPv4 address, as IPv6 machines can talk to anyways.

Now consider this, say if your internal networks are using 10.0.0.0/8 for its addresses. What happens when your company merges with another and the networks get integrated and suddenly you realize that the other company you are merging with also uses the same address space. Now suddenly you are faced with the task of renumbering lots and lots of devices, reconfiguring routers, firewalls, servers, printers, etc, etc.

I'll agree that NAT can be useful given the current situation, but its a hack to put off the fact that we are running out of IP addresses. With IPv4 you can't even assign one address per person in the world.

Also I noticed in your parent post of having ISPs give their customers private addresses. Consider if internally they number one way themselves, and then customers NAT themselves. You end up going through how many layers of NAT? And what does this solve, other than breaking whole design philosophy of IP in the first place.

Ever here of fixing the cause rather than the effect?

Shame on you for wanting to break the Internet.

Re:Imminent death of IPv4 predicted!!

[jez9999]

Sounds to me like one of many Mozilla standards zealot arguments.

A: Why doesn't Mozilla popup image ALT text as a tooltip?
B: Because it's not meant to do that, the standard says so.
A: But nearly every other browser does it!
B: But the standard doesn't say you should.
A: But many websites use this functionality anyway!
B: But the standard doesn't say you should.
A: These sites are *already using* this functionality! Why are you building a browser that doesn't work properly with a large number of websites, and when implementing this functionality wouldn't hurt anyone, and may even help accessibility??
B: Because the standard doesn't say you should.
ad infinitum...

Re:Imminent death of IPv4 predicted!!

[asdfghjklqwertyuiop]

I agree that there are a number of protocols that these places use that simply cannot be NATed, but IMO they need to quit catering to these broken-ass apps, NAT the system and tell the users to get software that plays nice.

Um, you have it backwards. There is nothing broken about those apps. They are using the internet the correct way. NAT is breaking them. These places need to quit crippling their users to cater to broken-ass networks.

Re:Imminent death of IPv4 predicted!!

[Nurgled]

Hell, there's really no reason an ISP needs to give out public IPs, either.

NAT works okay when I'm controlling the box doing it. I can hack in special stuff to handle esoteric protocols which expect a public IP.

If my ISP runs the box doing NAT, there's suddenly a bunch of things I won't be able to do anymore, and I'll promptly switch ISPs to one which will let me use the Internet as it's intended.

Re:Imminent death of IPv4 predicted!!

[4of12]

I like the idea of lots of IPv6 addresses, enough to provide for ISPs to provide each subscriber with a static IP address.

Open relay? Source of spam?

Guess what? When re-connect you get that exact same address that is going to be at the receiving end of irate spam recipients!

No more evading consequences through the magic of DHCP.

And, for one-time lusers that change ISPs after each offense, the responsible ISP that has clear identifying information (I had to show a driver's license to get my account) about said spammer can post `em to a blacklist. Irresponsible ISPs can simply have themselves blacklisted wholescale.

Re:Imminent death of IPv4 predicted!!

[Hard_Code]

The Mozilla argument (B) is correct. Your argument should not be "everybody does it" (everybody does lots of shit that sucks too), but "the standard should be UPDATED to require this feature because it enhances usability".

Re:Imminent death of IPv4 predicted!!

[tez_h]

As a CS professor of mine once said, "In theory, theory and practice are the same; in practice, they are not."

Abuse! Abuse!
I mean, this could go on forever:

Poster1(p1): "The word 'theory', in practice, has more meanings than in theory."

Poster2(p2): "Yes but theory and practice are closer in theory than in practice."

p1: "I don't want to read your theory about practice; practise your theories!"

p2: "Bah! Your theory and practice only hold together in theory, not practice."

p1: "What?! Shove this practice into your theory!"

p2: "Oh yeah, theory this!"

p1: "You short, mustachioed, german, national-socialist pig!"

p2: "Godwin's law! Godwin's law!"

etc, etc, etc.

<yawn>

-Tez

Re:Imminent death of IPv4 predicted!!

[fyonn]

it's not as simple as you're indicating, not by a long way.

No, but all it takes is one "genius" to figure out he can acces the whole Internet without the restrictions his company's IT department places on him by just setting up a modem and dialing his ISP.

thats irrelevant to the discussion. the loon can do that whether the co uses public or private ip's. the network isn't suddenly more vulnerable because it's on public addresses.

I change the address ranges in my DHCP servers

definately not as easy as that. dhcp is great for workstations but you'll also have servers on static's that need to be accessed by all and sundry, routed networks that may clash, vpn's from site to site that need reconfiguring, internal DNS/WINS all needs to be redone. it's a major hassle for a medium size company and up and if you're not careful it'll become a routing nightmare. oh yeah, don't forget the fun that ensues when you have internal firewall's that need reconfiguring too

re double NAT: Hardly an issue

nowadays it's not a huge issue... usually. some older nat implementations do things slightly differently and you can get issues with double nat.

lots of protocol's work fine over NAT, web browsing, dns, irc (but not dcc) etc, but there are other protocols that are more complex, and not due to design flaws, but because they have to be. audio/video conferencing is a case in point. it's not silly at all, at my last company we had one organisation with multiple high bandwidth (ie, 4meg, 30meg, even 155's and 622 meg lines) lines connecting two dozen sites for both data and, of massive important to them, video conferencing. internet telephony is a complex protocol due to needing to coordinate mulitple callers etc, and it needs lots of seperate data streams. and it's something that is seriously growing in useage around the world.

nat makes it bloody difficult and requires you to start forking out for expensive firewall's with application level packet inspection to eke out the data it needs to nat it all properly, it's also expensive in processing time on the fw. if it were all ip6 publically address packets then alot (thought, not all) of that work would go away.

NAT is a dreadful hack and while it's working now, the direction we're moving things in is making it more and more annoying. ip6 has some good ideas in it and the massive store of addresses is very useful.

I can see a time fairly close to now when every mobile phone will have it's own ip6 address, and no, I don't think it's excessive at all. ppl will have icq (or somesuch) running on their mobiles, they'll be sync'ing their address books over bluetooth 8 (UWB edition) and their phoens will be working out who in the room is an ideal love match, and why shouldn;t they?

I seriously expect that mobile providers will start assigning ip's to phones and I reckon it'll start with ipv6 addresses (as I also expect it'll start in europe, and ripe will never allocate that many ip4 addresses).

thoughts?

dave

Jeez...

[TopShelf]

Who needs a new word to describe the number of possible addresses? It's just 1/2.9387358770557187699218413430556e+61st of a google.

Re:Jeez...

[Anonym1ty]

Isn't the number a googol? and the search engine google?

Re:Jeez...

[dbenhur]

A googol is 10E+100.

Ipv6 addresses are 128 bits, so there are 2^128 ~= 3.4E+38 addresses. Log10(2^128) ~= 38.5.

So IPv6 has a bit over the cube-root of a Googol addresses.

Imagine the uses

[zubernerd]

To quote the article "Such sensors could allow people to operate devices from anywhere there is an Internet connection." and "Now that the address space is available, the next step is figuring out how to use it."
I've got an idea, a internet connected toilet. "Using a cellphone in Los Angeles", I could flush the toilet at my home remotely and have the toilet seat drop down automatically (you know, to keep domestic tranquility). I could even call the toilet to see if anyone is using it.
I better go patent it...

Re:Imagine the uses

[General_Corto]

Fine, but I'm going to patent the Denial Of Sewage attack. Toilet blockages, here we come!

Re:Imagine the uses

[PhilHibbs]

Fine, but I'm going to patent the Denial Of Sewage attack.

Otherwise known as the Flushdot Effect

Re:Imagine the uses

[ldspartan]

Thinking about it a bit, that could actually be a problem.

Imagine the impact all the toilets in a couple square blocks of New York City flushing simultaneusly would have on the water supply.

--
Phil

Re:Imagine the uses

[moonbender]

Believe it or not, some (Japanese) toilets actually do that already. I'm not sure if more than a proof-of-concept one was built and how sophisticated the analyser is, but at some level it's been done. :O

Re:Imagine the uses

[cesspool]

hrm, i think you must be referring to the 'FlushLog Event'

Re:Imagine the uses

[dasmegabyte]

Alright, so I'll have 100 devices that require an IP. I could see that, although I fully intend to become a luddite sometime after OS 10.5 comes out. My question is this: does each device that has internet connectivity NEED its own IP?

And of course, the NAT community says NYET.

The end user's desire for privacy and security combined with the world's ISPs' need to cut down on the number of machines running active web/ftp/samba/gopher/finger servers over their lines (and essentially bypassing their commercial services, which is where the real money is), will eventually mean that all consumers will be given a single IP, or less, from their provider. And you'll have to make do or pay a huge fee.

(What, you think just because IP banks are massive with IPv6 that your ISP is just going to give you a shitload of them? No dice, kid. They'll make you pay just like everything else, and try to tell you it's a deal.)

But this is not necessarily a bad thing. Most connection sharing devices -- routers, gateways, access points, etc -- also act as a pretty good form of security. They close devices off from the rest of the internet, unless you explicitly allow internet users in. I'm pretty much unworried about the threat of hackers getting into my printer; all i have to worry about is hackers getting into the router. And a single path of entry makes it easier to cut them off as well.

Sure, you can get a personal router with IPv6. But you don't HAVE to, and a lot of people won't. So the current scheme is forcing people to use slightly better security. And while roughly 4 billion addresses isn't enough for every widget on the planet, it's far more than the number of conceptual groups on the planet. One IP per organization or per household...should be enough for a LONNNNNG while.

Re:Imagine the uses

[fermion]

The geeks want IPv6 because it is there. IP addresses for all, too plentiful and too cheap to meter!

The electronics manufacturers want IPv6 to boost sales. Everything having an IP address means everything will need hardware and software to support connectivity. No one will notice another $100 on a refrigerator or tv. Of course, these appliances will be network ready, and will cost another $500 to be network enabled.

The telcos are wondering why the hell they need to pay for IPv6 upgrades since they are making money selling IP addresses one at a time to the consumer. The ISPs are fighting NAT technology to drive these profits, and drive the myth of scarcity, thus increasing the profits.

The hackers are crackling wildly at the new opportunities to snoop, spy, and cause general mayhem. Everything addressable from anywhere. Denial of service attacks on the cable box. The meat industry will hack into refrigerators, check for sufficient quantities of dead animals, and, if it doesn't find it, plant child porn or terrorist plans on the computer.

The sane of us are sitting back chuckling knowing it will happen when it becomes necessary, just like the migration to 10 digit dialing and portable phone numbers.

Re:Imagine the uses

[ldspartan]

I'm not a civil engineer, but for some reason I'd think the sewage system would have a larger capacity (and pipe diameter) than the water system. Seeing as wastewater is more dense (generally) then clean water and all.

But hell, I'm just a CS nerd. I don't know shit :)

--
lds

What's wrong with IPv6

[wayward_son]

Sounds like a solution to me.

It's just going to be a pain in the ass to get every one switched over, though.

Re:What's wrong with IPv6

[sporty]

Not too hard.

Backbones should switch over first, proxying ipv4 over ipv6, then propogate downwards.

When it hits users, they'll have an ultimatum. Upgrade within the next 180 days, or j00 are fux0red.

As for the OS and device makers, simply make dhcp check ipv6 first, then fallback to ipv4. That'll be transparent for all the chuckleheads who would ignore the "switch" thing.

Re:What's wrong with IPv6

[deman1985]

The problem is an IPv4-based internet. If it had been designed to allow for future expansion of addresses, there would be no problem, but since every backbone and every router built prior to IPv6 standards being implimented has 4-byte addresses, then the entire world has to be transitioned before IPv6 addresses can go into commercial use.

Does it need to be done? Eventually, yes. Is it an emergency? Not at all. Not every single device out there has its own global IP address and they never will, people. There's no reason for them to work that way, and doing so would only clutter the already messy network we call the internet.

Re:What's wrong with IPv6

[garymm]

would this mean new firmware for every router/DSL modem on the earth? honest question

Re:What's wrong with IPv6

[funkman]

Damn short sighted engineers! Who would have thought we'd have more than 4 billion networked devices over 20 years ago!

Re:What's wrong with IPv6

[jaredmauch]

I don't mean to flame you, but I'd like to address the technical issues surrounding your statements.

Backbones are already upgrading to IPv6 enabled software and hardware. My employer has plans to run dual-stack IPv4 IPv6 later this year which means that any existing IPv4 customer can give us a call saying "enable v6" and we can do it that day. (assuming they have their hardware/software in place). No tunneling, no 6to4 gateways, it'll just work. I see no long-term viability of the 6to4 gateways, in the same way that we didn't see caches go mainstream for every internet user. (yeah yeah, some of you will claim bittorrent is a large distributed cache, and while that might be the case, i'm talking about for most of the general public, the AOL/IE users that don't know how to spell IP).

If you also see one of my previous comments on IPv6 here about who is supporting it (note, what you might define as a backbone isn't what the rest of the network might..) and has existing routes in the tables, you'll get an idea of who is at least prepared for the new future of impossible to read ip addresses.

If everyone runs dual-stack v4v6, you'll see the ability to access your existing services while continuing to be able to gain access to the IPv6 content. Personally, I've seen that in cases like where a RedHat release comes out, I can get faster transfer rates going to the IPv6 mirror than the IPv4 mirror. Everyone is hammering the v4, which makes the v6 available for me :). I'm just waiting for Linksys (now cisco) and the other consumer product people to realize that they need to upgrade their devices so they can do IPv6 nat for those cablemodem routers, etc..

Here's where I think that the local loop (dsl, cable) providers can go and start to seriously make money and make IPv6 viable: IPv6 enable your network, then offer VoIP services over SIP enabled devices. This way you don't run out of numbering space (ip and pstn). (Trivia: how many ips would it take to convert the existing PSTN network to VoIP, if each phone number required an IP address).

Re:What's wrong with IPv6

[riflemann]

Backbones should switch over first, proxying ipv4 over ipv6, then propogate downwards.

Please do a bit of research on the interoperability of Ipv6 and Ipv4. A large proportion of the Ipv6 effort has been on efforts to ensure amooth migration and interoperability. You dont need an ultimatum, just let both work then gradually turn off Ipv4-only services. No one will notice if its done correctly.

As for the OS and device makers, simply make dhcp check ipv6 first, then fallback to ipv4. That'll be transparent for all the chuckleheads who would ignore the "switch" thing.

Fyi...

All dual stack implementations today first attempt to use IPv6 versions of protocols, and only if that fails do they resort to Ipv4. All of my boxen for example will do the following:

1. Do DNS lookup

2. Get IPv6 address and IPv4 address for hostname.

3. Attempt to connect to IPv6 address first.

4. Otherwise try Ipv4 address

Any correctly written application will automatically use IPv4 and IPv6 without special intervention. The IPv6 bind() call binds to both v4 and v6, for example.

So, your concerns have already been addressed. :)

Not so much a crisis...

[Tom7]

Yeah, but those 100 IP addresses can be behind a household NAT and share a single IP address. With the way people use the internet today, I'm not sure the crisis is so serious...

Re:Not so much a crisis...

[HuskerDu]

Yea, but NAT really does cause more problems than its worth when you consider IPv6 an alternative. Things like IPSEC and such do not work through nat without non-standard encapuslation and such.

The world would be better without NAT.

Re:Not so much a crisis...

[binaryDigit]

That's fine but unless you're talking about incoming originating comms. With NAT, you have to rely on ports instead of ips to address specific items. This means a mod to your dns (or whatever replaces it). You can't just assume that the cell phone port is port 32768, since the household may have several different cell phones (or toasters, or tv's, or whatever). Not a huge problem, but it does require more changes than would simply assigning everything it's own unique id.

Re:Not so much a crisis...

[Jeff+DeMaagd]

I agree. For a lot of those devices, I wouldn't want the IP address to be acessable from the outside world anyway.

If I need to remotely access stupid sensors, then I'd rather remotely access a single program on a server at or behind the firewall that handles that sort of thing, and hides the particulars to boot.

Re:Not so much a crisis...

I agree, but networking devices are getting smarter and smarter. The idea of NATing only L3 (IP) information is dying -- more and more, NAT devices are becoming application aware, and they are NATing L4 ports and L7 payload (e.g. Active FTP NAT, where the port command is issued in the L7 payload itself, and needs to get NATed on L4).

I agree that this is not so much of an issue due to NAT, and as NAT gets smarter (L7), then this is even less of an issue. But its still a stop-gap... eventually IPv4 will run out of addresses regardless.

Re:Not so much a crisis...

[RevDobbs]

You can't just assume that the cell phone port is port 32768, since the household may have several different cell phones (or toasters, or tv's, or whatever).

So, how different is this from running several websites on one machine? Your home gateway (or maybe a specialized cell phone gateway) can route the packets to the appropriate device based on header values (DEVICE_NAME, MAC_ADDRESS, evil bit, etc.).

Re:Not so much a crisis...

[Cramer]

Idiot. *sigh* The only problems NAT causes are to crappy implementations that make assumptions they shouldn't be making. (i.e. putting address info within the data of the protocol.)

IPSEC works perfectly fine through NAT -- I do so all the time without "non-standard encapuslation and such". The only part of IPSEC that will not work through NAT is header authentication and the various non-standard implementations that cryptographicly sign the entire packet. If the crypto integrity covers the packet header, then altering the address(es) within the header invalidates the packet.

Re:Not so much a crisis...

[Suidae]

NAT really does cause more problems than its worth

If my cable modem provider would give me access without charging extra for every computer I attach, I would be happy to do without NAT. I don't see that happening, even if they have 50 bazillion addresses available, not when they can make another 5 bux a month per machine.

Bigger numbers.

IPv6 will increase the supply of addresses from 4 billion today to a number in excess of 35 trillion that is "so big that there's not a word for the number,"

how about "thirty six trillion" ?

Re:Bigger numbers.

[leshert]

You forgot to put your pinky up to your lips.

Re:Bigger numbers.

[Surak]

IPv6 will increase the supply of addresses from 4 billion today to a number in excess of 35 trillion that is "so big that there's not a word for the number,"

how about "thirty six trillion" ?

I know. The whole statement is pointless. He may as well have said that IPv6 will increase the supply of addresses from 4 billion to a number in excess of 10 (...yada yada.) There are LOTS of numbers between 35 trillion and numbers that have no name.

Re:Bigger numbers.

[I.A.N.A.T.]

IPv6 will increase the supply of addresses from 4 billion today to a number in excess of 35 trillion that is "so big that there's not a word for the number,"

how about "thirty six trillion" ?

Uhh...that's *three* words. RTFA.

Re:Bigger numbers.

[frankthechicken]

That K1 kid just gave up too easily, I'm pretty sure the usual arguments ran until the expected final twist of the sword,

"Oh yeah, well my dad is as strong as INFINITY neanderthals!" And the reply of

"That's nothing, my dad is as strong as INFINTY PLUS ONE neanderthals"

Which is where I tended to get beaten up as I tried to explain the general stupidity of the concept expressed, usually compounded by my rection to their statement of

"I'm a gonna give you an INFINITY PLUS ONE amount of beatings boy"

Re:Bigger numbers.

[stuuf]

2^128=3.4028236692093846346337460743177e38

According to the chart, thats 340 undecillion

Re:Bigger numbers.

[Detritus]

You should have said:

"That's nothing, my dad is as strong as Aleph One Neanderthals"

I read too many math books when I was a child.

Money talks

[Kombat]

As with everything like this, the powers-that-be (i.e., the telcos and ISPs) will drag their heels until they are either forced to change, or they are convinced it will increase profits. Expect the changeover to go extremely slowly. Expect providers to try every trick in the book to milk their existing network for every last day they can possibly profit from it. The fact that the economy is in the toilet doesn't help either.

Re:Money talks

[stonecypher]

As with everything like this, the powers-that-be (i.e., the telcos and ISPs) will drag their heels until they are either forced to change,

Except that there's been v6 connectivity for sale in almost every major city for years, now. Notably, Pair Networks has offered it since 1999. IIRC, and this might be wrong, Internet2 has been v6 since early on, maybe since day one.

or they are convinced it will increase profits

It will, as soon as the number of v4-only software and devices stops rising. Integration of IPv6 support into the RADs that all these software weenies use will help, though it's sort of a chicken-and-egg problem: nobody's gonna provide v6 connectivity until there's something to do with it, and nobody's gonna support it due to the hassle and the fact that they don't know anyone that has it.

It would be nice if Internet2 would open some of its resources to the real, messy internet; that'd be the sort of kickstart that'd get the whole goddamn thing underway.

Expect the changeover to go extremely slowly.

That's why we're making another IP, instead of replacing it altogether with something new. In theory, it shouldn't much matter; NAT and some dedicated hackery should make the two sort of kind of interoperate a little bit.

Kinda. (grins)

Expect providers to try every trick in the book to milk their existing network for every last day they can possibly profit from it

Yeah. That's called "good business." Besides, the fiber and wire don't need to be replaced; just the routers, and in some cases the end connection equipment (DSL modems that only do PPPoE, for example.)

By the way, I hate alcatel.

The fact that the economy is in the toilet doesn't help either.

Um, yes it does. Labor costs are down. Material costs are down. Land costs are down. Telcos aren't hurting so badly that they can't keep up the constant hardware upgrades they're doing. The economy actually helps quite a bit. They do the work for cheap, make estimations based on current market usage, then the money comes back (like it always does,) usage goes through the roof when people have enough money to try to change the way we buy dog food ("the net is the future, man pass the bong, I'm gonna be rich",) telcos overearn predictions, foolish investors think they're a good investment, they get money, the ceos do something horrible and amoral, everyone gets horrified and starts asking for inquiries, all the money goes away, and so it goes.

Re:Money talks

[djmitche]

Has anyone looked at the major carriers? Most mid- to large-scale ISPs will now provide IPv6 transit to those who ask. If you ask and the answer is no, there are other ISPs out there that will say yes. The backbones are ready, and the effects are reaching into ever-smaller ISPs. Clients are just waiting for the need.

Duplicate story...

[brooks_talley]

I'm sure I saw this exact same post on /. in 1998. Except then it said we'd run out of addresses by 2000.

Hello? There's this thing called NAT, you see, and in many ways it's preferable to not have every one of your 100 IP-enabled devices sitting there on the real internet just waiting to get hacked.

Cheers
-b

Re:Duplicate story...

[inertia187]

The things we think of as futuristic always changes by the time that date gets here. "Where's my flying car?" I asked my grandmother what she thought was "futuristic" when she was a kid. She told me that everything would be attached to those scissors things that extend. She and I didn't know what they were called. Back then, some phones would be attached to the wall with this invention, and it was super high tech for the day. Her idea of futuristic was to have everything in the kitchen on this rig. Coffee maker, spice rack, everything.

Now, had they actually made a kitchen with this device, she would have seen how ridiculous it was.

Just because Bill Gates thought the idea of IP addresses assigned to everyone and everything doesn't mean it was a good idea.

Re:Duplicate story...

[Merk]

Say you have 5 servers behind a NAT box, all running SSHD. How are you going to set them all up so that they can have incoming connections? Sure, if your NAT box is a good one you can manually set up port forwarding, but that's a pain.

What about strange services like FTP that require 2 different connections? They're always a pain when using NAT, so you need to find some means of dealing with them.

What about games? Say 3 people behind one NAT box want to play the same online game at the same time? What about filesharing applications that want to allow incoming connections?

NAT != firewall. If you're using it like it is, expect to get hacked anyhow. Besides, if you don't want a particular device to be exposed to the IPV6 world, you are free to put it behind a NAT box or a firewall, it just means that the machines that you want to have routable addresses can have them.

I already want more IP addresses. I have a server which hosts websites for various domains, but only uses 1 IP address. That works for HTTP because it sends the hostname as part of the request, but nearly every other protocol doesn't. That means that I can't deal with HTTPS easily, and makes configuration of things like mail much harder. If each host could have its own IP then it would make management and configuration much easier. It would also make it possible to have much more fine-grained control over services and access to various IPs.

I can just picture you when they finally start selling flying cars: "Hello? I already have transportation, it's called a car. In many ways it's better to move slowly in gridlock. At least that way if you have an accident you're only moving 4 miles per hour!"

New security implications...

[southpolesammy]

I wonder how long it will be before we have a washing machine buffer overflow...

Apartment dwellers below the afflicted system should take precautions now....

i'm missing what here is 'news'...

[*weasel]

unless a new prognostication that 'the end is nigh, in 2005' passes as news. everyone knows it's gonna happen. just as we all know that with NAT and proxies, most of it can be safely delayed by tech companies until they have an outside fiscal force to upgrade.

and i doubt my fridge will have an IP address anytime -before- ipv6 starts to be rolled out en masse.

as with all pure tech - it needs that killer app. something needs to come out that is so fantastically great that everyone has to have it - and it needs to require ipv6. until then - at best we'll be going dual-mode.

good luck finding that app, and educating users what it is, and what it does.

overdramatic

[sstory]

Isn't this a little overdramatic? Crisis? Having to switch to an updated protocol is a crisis?

IP assignment

[deman1985]

Or perhaps there should be just one IP address assigned to every person and then you can have a device ID for everything they own. Why does each device need a globally recognizable unique ID? It would seem to make much more sense to go the device ID route, since then if you know a person's individual IP, you can say that I want to send a message to "so and so's pager" or "so and so's home computer".

Making an allocation of 35 trillion addresses is all great and good, but the underlying question is... why?

Not again...

[Delphix]

Why does every human need 100 IP addresses? Home routers seem to solve a lot of the problems. A simple IP Masq fix...

As for the days of every appliance in our homes having an IP... I think that dream of the late 90s has been shelved for a while. It'll probably be decades, if ever, before our fridges are calling up to get food delivered...

The average home generally has a couple PCs / laptops...maybe an XBox or PS2 connected to net.

Oh Puleeeze!

[hoggoth]

> "we're going to need something like 100 IP addresses for each human being."

We already have 65534 IP address for each human being. They are 192.168.0.0 to 192.168.255.255.

Use NAT. Problem solved.
Enjoy the IPs. You can thank me later.

Re:Oh Puleeeze!

[lfourrier]

rfc1918 says we have:
10.0.0.0 - 10.255.255.255 (10/8 prefix)
172.16.0.0 - 172.31.255.255 (172.16/12 prefix)
192.168.0.0 - 192.168.255.255 (192.168/16 prefix)

so you are very pessimistic

IPv6: A Protocol of Failure

While IPv6 fixes many problems in IPv4, the developed world will not embrace IPv6 until many shortcomings in the protocol are addressed.

1. Cisco routers suck at IPv6. Many of cisco's routers use the router's CPU to process IPv6 packets instead of the fast-path. The reasons for this are explained in the next few points. While Juniper's routers are substantially better at IPv6 than cisco's, IT managers are often restrained by insane corporate policy that dictactes the use of cisco.

2. There are too many addresses. There are 16.7 million addresses per square metre of the earth's surface, including the oceans. This is overkill. The world does not need more than the 4 billion addresses available with IPv4, and I challenge you to come up with an application that requires that many. Assuming that you can actually come up with one, it could easily be solved with Network Address
Translation, or NAT as it is commonly known.

3. IPv6 addresses are too large. An IPv6 address is 128 bits in size - 64 bits of which are reserved for addressing hosts, and 64 bits of which are reserved for routing. One thing that is cool with IPv6 is address autoconfiguration. Take your 56-bit MAC address on your ethernet card, ask for 64-bits of network prefix, bang it together with EUI-64 and you are set. The problem with a 64-bit network prefix is that routing tables become massive. Just do the math and you'll see that extreme amounts of memory are required to hold routing tables.

4. The IPv6 header is too large. An IPv4 header compact at 20 bytes in length, while the IPv6 is bloated at 40 bytes. That's right people, each one of your IP packets has twice as much overhead as before.
While this may not sound much, IP networks have a requirement that the minimum MTU supported must be 576 bytes. That means that where you might have got 556 bytes of data in your IP packets, you now get 536 bytes. This means that downloading stuff will take 3.4% longer.

Sure, IPv6 allows for nice hacks, but is it really ready for prime time?

Re:IPv6: A Protocol of Failure

[riflemann]

1. Cisco routers suck at IPv6.

Cisco is working on hardware support for IPv6 for most platforms. As it becomes more widespread, they will develop full hardware routing for all devices. It's a chicken and egg problem, but a lot of people have decided to start somewhere.From what I've seen, there has been more interest in getting IPv6 running in the last 6 months than there ever has been.

2. There are too many addresses.

NAT doesnt work when you have devices that need to be addresses externally. What NAT-Portfw port is your device 'X' listening on? Hmm?? IPv6 is designed such that address space is _not_ a resource, but a method of being able to access _any_ device attached to the net. I dont _want_ to have to explain to someone why I want an address. I just want the thing to work.
Another benefit is address management. With Ipv6, the days of deciding how big your subnets are will be numbered. Every subnet has trillions of addresses. Nowadays you have to wonder whether your subnet needs a /24, /25, /26, etc. Yuck! With Ipv6, you never have to worry - there's enough space in _one_ subnet to scale indefintely. No more subnet-resizing games.

3. IPv6 addresses are too large.

Ipv6 is designed to be very hierarchial. The top organisations get /32s, the next one down get smaller subnets (/48), etc. The routing table will no longer be populate with tiny piddly subnets (eg /24s today). Go into an aggregate and things will behave.
And as for the routing table size, modern routers have oodles of memory, on average 512Mb RAM. A full BGP table of 130k routes takes up around 64Mb of that at most. IPv6 will have better aggregation, so smaller numbers of routes, and my the time it gets large, standard memory on routers will not have a problem storing the table.

4. The IPv6 header is too large.

3.4% longer if you use a 576 MTU. Use a sensible 1500 byte MTU and your downloads will not be much slower at all. Anyway, the elimination of fragmenting, the simplification of subnetting, and the many other benefits will far outweigh your 20-byte concerns. See my other post on security too (no more network host scans).

IPv6 is not ready to fully replace IPv4 overnight now, sure. But it's gaining a heck of a lot of momentum and by the time your concerns will actually become enough to be worried about, they will have been either solved or rendered moot.

Another nice thing about IPv6 (at least now), is that it's a return to the good ol' days of the net when everyone was friendly with each other. 15 years ago you askes someone for addresses or transit and you were quite likely to get it for next to nothing. Ask for addresses or transit/peering with IPv6 today - you're likely to get it, with a friendly response. it's a great community.

Re:IPv6: A Protocol of Failure

[bigpat]

"There are too many addresses. There are 16.7 million addresses per square metre of the earth's surface, including the oceans. This is overkill. The world does not need more than the 4 billion addresses available with IPv4, and I challenge you to come up with an application that requires that many."

How about the PC? Since there are around 6,306,837,471 people on the planet right now, so already there aren't enough addresses even theoretically possible for everyone to connect to the internet, forgeting all the servers and network routers. But the most limiting factor to giving out IP addresses is the fact that you can't just get an IP address from some guy in Egypt, because part of the address indicates what network you are on, so to imply that there are 4 billion globally available addresses is just dumb math and disregards the nature of IP routing. The only potential way for the wired Internet to remain as it was intended, an end-to-end international communication network, is for IPv6 to be deployed globally so that to say that you are connected to the real internet means an IPv6 internet.

Re:IPv6: A Protocol of Failure

[Brandon+Hume]

I'm not sure you know what you're talking about.

1. Cisco routers suck at IPv6 because Cisco has been dragging its ass getting a production release of IOS which supports v6 out. That will be fixed this summer, I'm told. And considering the problems Cisco has been displaying in IOS, are you sure it handles IPv4 that much better?

Your points 2, 3, and 4 are just the same thing repeated: "IPv6 addresses are big".

2. IPv6 has ROOM TO GROW. It takes the /64 link-local address, and pastes on a 64 bit length for routing, and gives you an IP. You get your autoconfiguration, and your routing, and it's nice and neat. 64 bits is a perfectly reasonable size of data to expect to deal with at any particular time; we're already moving into a 64-bit computing world.

If you want an application that requires loads of addresses: cellphones. Pagers. PDAs. You can NOT use NAT for millions of remote communications devices trying to talk to *other* remote communication devices. NAT *breaks* things. Anyone who has tried to connect a machine behind a NAT to a remote machine which is also behind a NAT knows what this is about. (And if you have to manually configure a port forwarding, or designate a DMZ, then something is broken!)

I'm getting tired of the "IP-enabled fridge" remarks. Someone suggested something like that a long time ago as a "you possibly could", and people who don't understand the technology and don't want to understand the technology jumped on it as an example of pointless waste, as if such things were the driving force behind v6. It isn't.

3. You don't understand how IPv6 routing works. IPv6 does NOT take the IPv4 world of "a.b.0.0/16 is reachable via c.d.e.0/24 which is reachable via z.y.0.0/16 AND x.w.u.0/24 and..." IPv6 routing is a strict tree to explicitly combat that problem. How do you get to abcd::/32? You go through abc::/24.

*Reducing* the size of the core routing tables is an EXPLICIT DESIGN GOAL of IPv6.

4. Again, you haven't done any research. IPv4 networks have a minimum MTU of 576 octets. The minimum MTU for IPv6 is *1280* octets. Yes, the header is larger. But the payload capacity has risen to match it. Your transport efficiency has not decreased.

I think you need to do some more reading on this protocol. And try, if you can, to not fixate yourself on the size of the address. If that was all that mattered, we'd all be using Appletalk.

valuable IPv4 numbers?

[MacBrave]

I wonder if once the world goes to IPv6 the old IPv4 numbers would become more valuable, sort of like a low numbered /. account.......

Re:Is no one using NAT?

Well yes and no.

NAT works fine for most things, ie. web browsing and the likes. Running services on machines behind NAT isn't difficult either. But wow does it ever become a nightmare if you try to play games behind NAT. Let's face it, the average user does not have the desire to play around with udp port forwards and transparent proxies and dum dum dum just to get starcraft to work.

And let's not forget broadband ISPs wanting you to pay for extra machines even when you're using NAT (and threatning you, too). So if they're going to make you pay for an extra IP or two, what's the point of doing NAT?

100 addresses per human being?

[pstreck]

Why on earth would you need 100 addresses per human being? I can for see needing two at most, one for your home and one for your "mobile communication device". Your home would have a router and use private addresses for all your home devices. Your "mobile communication device" would have a router and use private address for all your other devices via bluetooth or whatever comes next. Does this not make sense, or I am being short sighted?

Re:100 addresses per human being?

[JanneM]

Because your other devices will want to keep their identity even when not at home. Imagine having an IP-based telephone as a (slightly contrived) example. You want to be able to route to it no matter what network it resides on at the moment.

I use my laptop in a number of places; home and at the department is the most common places but also others. Moving from place to place is a bit of a pain, though - I need to get a new IP address, change the SMTP server and so on, and setting up other stuff so I am allowed to access it no matter where I am is painful and error prone. If my laptop could keep its identity irrepsectively of where it is physically located on the net it would simplify life a whole lot for me.

NAT works pretty well for the stuff we do today, but it precludes a lot of interesting uses, and is actually quite painful compared to the possible alternative.

Re:100 addresses per human being?

[Telex4]

I think when they say we need 100 addresses per human being, they may be referring to the total number (so about 650bn?), not the number that each human uses. Not all IPs are tied to individuals... Slashdot, Google, games servers, FTP servers, DNS servers, all kinds of services require IPs, and so I suppose they're saying that if we dished all of these out to individuals, we'd each get 100. Sounds a little excessive to me, but what do I know? :-)

more info on IPv6

[H0NGK0NGPH00EY]

...simple info on IPv6: http:// www.internet2.edu/resources/infosheetIPv6.pdf

Yes its such a crisis

[pacman+on+prozac]

...that IANA decided to hold onto 80 or so class A's. I doubt they could even allocate all that space by 2005.

Dont believe me? get it straight from the horses mouth

Perhaps if the organizations bemoaning the lack of IP space stopped hogging so much of it there wouldn't be such a shortage.

more than 35 trillion per square meter of Earth

[asmithmd1]

The number of IP addresses IP6 will allow is truely astronomical, 6.65x10^23 addresses for every square meter of the Earth's surface. More than enough for everyone to have an internet controlled Etch-A-Sketch

Re:more than 35 trillion per square meter of Earth

[Surak]

The number of IP addresses IP6 will allow is truely astronomical, 6.65x10^23 addresses for every square

Heh. Reminds of a REALLY old joke: For a good time call Avogadro 6.022*10^23!

Ha! I kill me! I'll be here all week.

Re:more than 35 trillion per square meter of Earth

[Vindicator9000]

yeah, and no one will ever need more than 640K of RAM, either.

Re:more than 35 trillion per square meter of Earth

[PKFC]

Pardon me. The ACTUAL number is:
Three hundred forty undecillion two hundred eight-two decillion three hundred sixty-six nonillion nine hundred twenty octillion nine hundred thirty-eight septillion four hundred sixty-three sextillion four hundred sixty-three quintillion three hundred seventy-four quadrillion six hundred seven trillion four hundred thirty-one billion seven hundred sixty-eight million two hundred eleven thousand four hundred fifty-six.

Or just: 340 282 366 920 938 463 463 374 607 431 768 211 456

To those who say we have enough IPv4 space

[riflemann]

There are people who have stated that we've only used up around 60% of the IPv4 space and we have plenty more to last for a long time yet.

I want to see IP as more of a general resource like electricity or water. You just plug anything into your wires/pipes, and it gets full access to the resource. Want more things getting water such as a washing machine? Then just run another pipe to it and it's got access. The current hacks of NAT are equivalent to only being allowed to install one tap in your house, and "proxying" the rest with buckets. Why cant it be like a water or electricity supply?

Those saying 'we have plenty of space left' obviously dont realise that the reason for this is that the current allocation policies for IPv4 make it impossible to get space for arbitrary devices. Yes, if you only allocate one IP address per gateway, of course you wont run out for a while. But that then mandates the use of ugly hacks such as NAT. A single tap per house/organisation.

To make full use of the potential of the net, one must be able to freely allocate IP addresses to any devices that want them, no matter how trivial it may seem today. Back when IP was invented, it was never in anyones wildest dreams that there would be an address shortage. There were barely a hundred hosts yet 32 bits of space. Look at what's happened in 20-odd years!

Lets not make the same mistake today.

Are We or Aren't We?

[davemac30]

Could it be that people who have a vested interest in the adoption of ipv6 are more likely to try and alarm us about the impending IP crisis?

Here's an alternative view from Paul Wilson, director general of APNIC, which suggests that we have 20 years left at the current growth rate.

when did /. become a Rupert Murdoch company?

[deviator]

These articles remind me of FOX news... total sensationalism to drive advertising & page views.

Whether you "approve" of NAT or not, the truth is that it is a very effective band-aid that has hindered the progress of IPv6 because it works so well. We'll be on IPv4 for at least another ten years.

Re:100 IP addresses per human being??

[Santos+L.+Halper]

Maybe your brain is going to start identifying body parts by IP address. If you get a serious neck injury, your brain will start frantically pinging your feet to see if they still respond, stuff like that.

Another advantage of IPv6

[riflemann]

IPv6 has a nice advantage over IPv4 that I havent seen mentioned many places before. This is one on security.

One of the major contributing factors to problems such as spammers and crackers is that it's so darn easy to scan subnets in IPv4 for open hosts. It can take under a minute to scan a complete /24 for hosts with open ports.

Now with IPv6 this situation is different. Each subnet has 64 bits of address space. That is, 18446744073709551616 IP addresses per subnet. Now, if someone could portscan at the rate of 100 addresses per second (pretty impressive), then each subnet would take 5.8 billion years[0] to scan for hosts. For one subnet! And to put this in a wider context, each site in ipv6 has 65,000 subnets. Effectively making network scans a thing of the past, and massively increasing security of the 'net.

Of course, one can still scan known hosts (eg from web server logs), but doing that is a heck of a lot harder - you'd need to get them in the first place.

[0] Said with appropriate finger quotes.

Bullshit!

[Fefe]

IPv6 is bad because Cisco routers suck. No, wait, "Many of Cisco's routers" suck. You can' be serious! Once IPv6 gets off the ground, IPv6 will become fast path and eventually IPv4 will be dropped to legacy mode.

About your point 2: IPv6 does not actually give out all those 2^128 IPs. The first half is for the network part, the second 64 bits are for the host part. This is necessary because autoconfiguration (which is really great, by the way!) uses a 64-bit part. The IPv6 autoconfiguration is stateless, by the way, which means it will also work without a DHCP server and it won't need reboot if the routers were down when the autoconfiguration process started.

The point about having this many addresses is that you never ever want to have to come into the remote possibility to have to switch to IPv8 because IPv6 is too small. And when you rant about the IPv6 header being 20 bytes larger than the IPv4 header, consider that the overhead of the TCP header (20+ bytes), the HTTP header (300 bytes), the Email header (500 bytes?), ... most of the internet protocols are very wasteful. On the other hand, they are easily debuggable with relatively simple tools. This is a trade-off, obviously, and IPv6's choice is not per se good or bad, it's just different. We will see whether it will have a significant overhead. I say getting rid of spam is a better way to reduce bandwidth requirements on the internet than talking about header sizes.

IPv6 is ready for prime time. People are using it (I, for example). You can buy access to IPv6-native backbones. All the major OSses support it. There is really no excuse not to be already using it.

Re:Bullshit!

[Florian+Weimer]

IPv6 is bad because Cisco routers suck. No, wait, "Many of Cisco's routers" suck. You can' be serious! Once IPv6 gets off the ground, IPv6 will become fast path and eventually IPv4 will be dropped to legacy mode.

On most Cisco high-end routers, upgrading to larger IP addresses requires soldering (or replacement of fundamental router components, which amounts to the same thing). At the moment, only one or two linecards for the GSR series support IPv6 routing at wire speed (and the multi-purpose CPUs on the others are far too slow to route anything of importance). The 65xx/76xx series requires hardware upgrades which are not yet available AFAIK (several TCAMs have a word width which is too small for IPv6).

IPv6 is ready for prime time.

Not at a global level. The current approach to global routing is so discouraging that many people plan to continue using NAT (and IPv4) to gain the routing flexibility they need.

All the major OSses support it.

Only with a very reduced feature set, and most currently deployed embedded systems don't support IPv6 at all. For example, IPsec for IPv4 is much more widely available than for IPv6.

Re:Bullshit!

[NilsK]

IPv6 is ready for prime time. People are using it (I, for example). You can buy access to IPv6-native backbones. All the major OSses support it. There is really no excuse not to be already using it.

Privately, you can use it, correct. In an commercial environment you can not really setup an IPv6-network, because there are many devices not supporting ist. At least printers are a show stopper. All those other devices (barcode-scanners, IP-Phones, cameras .. whatever speaks IP today) is part of the infrastrucure and has to be IPv6-capable to start using it.
So at first we have to get the vendors to make the devices capable of IPv6, then wait for about 5 years and then we can use it in a commercial area.

Impending?!

[mekkab]

As a networking engineer, I am very concerned about the impending doom of IPv4 addresses running out.

But I am even more-so concerened about the sun burning out, because that would mean catastrophe for the human race! (not to mention it would mess up our nift wi-fi stuff!)

Seriously- with stop-gaps like NAT and ISP's recycling IPs from a pool for all users, its not gonna kill us.

Let cell phones work out this ipv6 thing, then tunnel, then upgrade piece by piece.

Re: Not again... (average?)

[driftingAimfully]

The average home generally has a couple PCs

That'll be the average home out of the thin slice of humanity that can afford two PCs. I suspect, although have absolutely no evidence to support it, that the average is nearer 0.05 PCs per home.

Sorry, I didn't mean to be so annoyingly righteous :) You're right about the IP stuff.

NAT fixes everything is tired

[ughhgu6]

NAT for your car?
NAT for your PAN?
NAT on a plane?

How many protocols have been kludged up because of having to get around NAT?

Easier VPN's and Voice/Video are two things I can think of.

On a slightly different note, anyone who says NAT's good for security...wow.

NAT, not.

[saintjab]

I see a lot of individuals saying, oh we can just NAT. Well thats not the point here. For many environments NAT is not a functioning option. Not to mention, until the ISP and providers are running IPv6, we are still forced to route at the gateway. It's not NAT, but it's also not truly IPv6 either (read: 6to4 host). This is all great planning for the future but right now IPv6 is simply something to play with and get used to for the future. I'm running it at home, have been for some time (using 6to4 unfortunately) and I've not really seen any great benefits. There will be great benefits in the future, but we are not really able to enjoy them yet. At least until the infrastructure that delivers my connectivity is upgraded I won't. Until then I'll have to enjoy the dancing turtles (kame) and hope it catches on soon.;p

Re-claim unused address space

[packethead]

It's probably been mentioned, but what about companies that have a single or multiple CLass "A"s that could just NAT? I was at a Ford dealership recently and noticed that they had a printer on a public address. Now it was probably NAT'd behind a router, but 5h1t! NAT an RFC 1918 address, not a public one!

IPv6 is coming, but for other reasons

[McMuffin+Man]

The shortage of IP addresses has been a "crisis" for over a decade now. CIDR and NAT have pretty much kept it under control, and could continue to do so for a while yet. As people have been pointing out, we only need a unique address for each personal accessory if we need end-to-end connectivity from my left shoe's inflation co-processor to every networked nipple ring in Norway.

Nonetheless, IPv6 is moving forward, and for a much simpler reason: money. The US military recently placed a deadline on IPv6 deployment, and they will no longer buy anything unless it's ready for IPv6 or its vendor promises it will be soon. Many of the key companies in the networking market need to sell to one part or another of the US DoD.

This requirement is putting IPv6 support on the development schedules of many companies that had been perpetually putting it off. Expect the US military and government to push ISPs for stronger IPv6 support so they can interoperate with their suppliers in their preferred fashion.

In other words, if you don't have a killer ap, get a killer user.

The killer app

[Jeedo]

The killer app that you're looking for are 3G cell phones,
Every 3G cell phone has to have a IP address, and thats quite alot if you're talking about IPv4 addresses.. So a solution must be found, which people will find in IPv6.
I expect IPv6's rise to be concurrent with 3G's adoption.

Contrasting Opinions

[waffle+zero]

IP Shortage In Asia Just Myth, Says APNIC

There is a word for the number

[adenied]

2^128 is: 340,282,366,920,938,463,463,374,607,431,768,211,45 6

Which is: 340 undecillion, 282 decillion, 366 nonillion, 920 octillion, 938 septillion, 463 sextillion, 463 quintillion, 374 quadrillion, 607 trillion, 431 billion, 768 million, 211 thousand, 456.

A far cry from "35 trillion". To give you an order to this magnitude, some Australian scientists recently announced that there are 70 sextillion stars (give or take) in the known universe.

It may be pedantic, but someone who is so blinded by their work that they make hysterical claims that there's no word for the number they're pushing doesn't make me want to buy into their idea so quickly.

There *is* a word for this number

IPv6 will increase the supply of addresses from 4 billion today to a number in excess of 35 trillion that is "so big that there's not a word for the number," says Cody Christman, director of product engineering for Verio, which offers IPv6 in San Francisco, Washington and elsewhere.

How about 1.1 mole

Cody Christman's high school science teacher must be very disappointed. :=)

My company has a ton of IPs...

[smkndrkn]

...that they do not use. This is because they were one of the first companies on the scene when the Internet started. But we have TONS and TONS of IPs that are not in use. I bet that if companies like mine gave all the un-needed IP space back we'd be better off for a while.

"so big that there's not a word for the number"

[swillden]

Is that right? Lessee:

2^128 = 340,282,366,920,938,463,463,374,607,431,768,211,45 6

A number which everyone knows should be verbally expressed in English as:

Three hundred forty undecillion two hundred eighty two decillion three hundred sixty six nonillion nine hundred twenty octillion nine hundred thirty eight septillion four hundred sixty three sextillion four hundred sixty three quintillion three hundred seventy four quadrillion six hundred seven trillion four hundred thirty one billion seven hundred sixy eight million two hundred eleven thousand four hundred fifty six.

That's in the American naming system, of course. In the British system, it would be:

Three hundred forty sexillion two hundred eight two thousand three hundred sixty six quintillion nine hundred twenty thousand nine hundred thirty eight quadrillion four hundred sixty three thousand four hundred sixty three trillion three hundred seventy four thousand six hundred seven billion four hundred thirty one thousand seven hundred sixty eight million two hundred eleven thousand four hundred fifty six.

(Interesting to note that the British version is nine characters shorter, plus has the capability to scale much higher without extension).

In the interest of brevity, I shall forgo the Spanish, Italian and French versions, and I regret to say that I can't count that high in any other languages, though I'm certain it's possible.

So, I think the number is *quite* adequately named, thank you. Now there's not a single word for it, but few numbers have single-word names, simply because there are too many numbers, too few phonemes and no real need. If you want a single-word approximation, "undecillion" should do nicely, or "340 undecillion", since Mr. Christman seems to find that form acceptable. The ideal expression is, of course, "two to the hundred twenty eighth", which is short, completely accurate and gives a strong hint as to the origin of the value (a string of 128 bits).

Yes, I *am* the guy everyone avoids at parties.

A new form of the 'remote control' syndrome

[stuuf]

A similar revolution to what you are describing has already happenned in the audio/video/home theater industry. Remember when your VCR had that little door on the front that covered that huge array of tiny buttons for things like tracking, timers, tuning? Remember when you used a vcr? Now they have power, eject, channel, and transport controls. Everything else is on the remote that your universal unit can't emulate. Eventually the control panel on the washing machine will disappear in evolution, and you will have to run over to your pc, log into your washer, ener a password, start the cycle, etc. Or grab your cellphone and dial into your network's internet gateway (maybe dozens of routers away in timbuktu), connect to your home computer...

Some devices weren't meant to be remote-controlled. And by some, I mean most. And even if they need to be, they don't need separate global IP's. People seem to forget that each of these 4 billion ipv4's have 65535 TCP ports.

NAT will keep IPv4 alive past 2005

[blueworm]

I don't think IPv4 addresses will run out by 2005, especially as more and more people/organizations implement more NAT. I work for a statewide ISP, and we've found that the new IP addresses we just got from ARIN a year ago are being returned to us in large numbers (thousands) by customers who are now persuing NAT solutions and using smaller subnets of 16 addresses or less.

IPv6: The Coming Address Shortage

[handy_vandal]

Of course we'll run out of IPv6 addresses.

Not right away ... but surely something will be invented that calls for more addresses.

For example, teleportation might require separate addressing for all possible energy states of all elementary particles in the teleported object.

Don't say it can't happen. Remember when 64k was all the memory anyone would ever need? and a megabyte hard drive was out of your price range?

Re:IPv6: The Coming Address Shortage

[ivanmarsh]

>For example, teleportation might require separate addressing for all possible energy states of all elementary particles in the teleported object.

Doesn't the Heisenberg compensator eleminate the need for particle addressing?

35 trillion?

[Rev.+DeFiLEZ]

try:

three hundred forty undecillion, two hundred eighty-two decillion, three hundred sixty-six nonillion, nine hundred twenty octillion, nine hundred thirty-eight septillion, four hundred sixty-three sextillion, four hundred sixty-three quintillion, three hundred seventy-four quadrillion, six hundred seven trillion, four hundred thirty-one billion, seven hundred sixty-eight million, two hundred eleven thousand, four hundred fifty-five.

I like my buggy whip just fine!

[Merk]

I can't believe how many people have commented that there is no need for IPV6 because of NAT. Are you really willing to put up with the limits of NAT when you could give every computer its own routable address?

NAT does a decent job of allowing you to surf the web using a non-routable IP address. For anything more advanced it starts working less and less well.

I, personally have had many troubles with NAT:. Games which don't work properly unless they have huge ranges of ports exposed to the net. Instant messenger apps which fail in subtle ways. Brain-dead DHCP servers which don't properly pass on DNS settings, etc. Add to that the fact that the DHCP/NAT combination in most consumer boxes (like Liksys routers) is awful. You can port-forward from the router to a fixed IP address, but if you're using DHCP, you never know what machine will get that IP address! Even when it does work, there are far too many programs that don't work right when something is on a non-standard port.

In fact, I don't just want each of my machines to have its own routable IP address, I want some machines to have multiple addresses. That way I can host multiple domains on a single machine and truly administer them differently. Right now HTTP sends a host neader so that you can have multiple domains on a single IP and things just work. On the other hand, HTTPS doesn't work like this, so you need a work-around if you want to use HTTPS. The simple truth is that today if you want to have multiple domains using anything other than straight HTTP on a single machine you really do need multiple IPs.

For many people, NAT is a comfort thing. They think they don't have to worry about patching their systems because they're behind a dinky broadband router. Hint: that's security through obscurity. The devices you're buying aren't meant as firewalls, they're meant to let joe-consumer connect two computers to the Internet easily.

The main reason I want IPV6 now is so that my damn Internet provider can't get away with charging extra for extra IP addresses. At the moment they can because they're relatively scarce, but I can't see them getting away with that with IPV6.

If you're content with your buggy whip, that's great. But I personally have a use for at least 20 IPs that NAT won't solve. So don't make a blanket statement that IPV6 isn't necessary. Maybe not for you, but some of us can't wait to have it.

Aren't IPv6 addresses a bit long?

[sabNetwork]

I'm not an expert on IPv6 (nor IPv4 for that matter), but there is some practicality in question here.

Can you memorize 204.172.4.36? Maybe not at first glance, but after you type it in a few times, you probably will.

Can you memorize FEDC:BA98:7654:3210:FEDC:BA98:7654:3210? Definitely not at first glance, and very unlikely unless it is something which you must type every day.

Some people's jobs depend on entering IP addresses, and IPv6 addresses are just so unnecessarily long that typing them is a total drag.

---

Here's my RFC. 40-bit addresses. That gives you roughly a trillion addresses (a bit more actually), which is more than we should ever need. And you can write them in dotted-decimal format.
Can you memorize 430.168.957.249? Probably.

Re:Aren't IPv6 addresses a bit long?

[pe1chl]

Actually it doesn't.
Even with IPv4 there is clearly a deficiency in the naming system, or at least in the way it has been implemented and managed.
It was supposed to be multi-level, and it has been abused until it had only one-and-a-half level.
The result is that all the usable names are taken, and there are by far not enough names to assign a name to every IPv6 address.

Re:Aren't IPv6 addresses a bit long?

[Nurgled]

You are allowed to omit parts of IPv6 addresses when connecting to hosts in the same subnet as you.

Re:Is no one using NAT?

[ivanmarsh]

We're going to switch the entire world to an unproven, currently widely unsupported IP stack based on the idea that gamers are too stupid to forward a udp packet?

If you've got your machine running with a public address and your not behind a firewall you're an idiot and your input into the future of the internet shouldn't hold much weight.

If you are running a firewall it's one more minor step to forward a packet. ...or go spend $70 on an internet gateway router that you can fill in two boxes on (IP Address and port) to do port forwarding.

I run a home private network and a corporate network with 600+ nodes on it and I'm using 5 IP addresses.

Most ISP's that charge per machine are actually charging per routeable IP. I've had that conversation with Charter. They don't care how many machines you're running on your private network as long as they aren't nabbing IP's from the DHCP.

Perhaps it's time to find a new ISP?

35 trillions won't be enough!

[christophe]

Fast forward 50 or 100 years... Everyone has Internet-enabled tools, chairs, glasses... whatever, because everything has a RFID inside, because the TPAA (Things producers Ass. of A.) wants to track everything, because some geeks have found a use to a connection between my pen and my fridge, because it is so easy and cheap...
1) BUT this tendency to Internet-enable everything will expand to any file on my computer. A CD has a RFID/IP to connect it to the desk, why not every of my MP3? Why a book and not on e-book ? A computer will needs millions of IP addresses.
2) Worse: we'll finish as virtual beings in the in virtual words (think Ultima Online in 2100). And we'll want everything in this world to have Internet addresses too. I'll ask my little desktop computer to create my own little Matrix, for me alone... and everything there has an address of the IPv6 space (to help me interconnect the real and the virtual world).

And if it's not enough:

3) Cyber beings (a few billions humans, much much much virtual intelligent creatures) find the world rather small for so many entities. Not enough computers on this small planet to compute all the worlds that each entity wants created for itself (and to run the compilation of the 10^15 lines of the brand new Linux 2.80.0). So the Metamegamatrix expands to Jupiter, Saturn and creates a Dyson sphere aroud the Sun, converting every joule of energy into computational power for the simulation.

And in 2203, Slashdot makes headlines on IPv9 with 2048 bits addresses.

Remote toilet interrogation

[marnanel]

I could even call the toilet to see if anyone is using it.

MIT got there first: http, finger.

Apologies to the artist formerly known as Prince..

[freeze128]

I'm gonna subnet like it's 255.255.255.254.

even big numbers are named, duh

[LuxFX]

IPv6 will increase the supply of addresses from 4 billion today to a number in excess of 35 trillion that is "so big that there's not a word for the number," says Cody Christman

Well let's take a look. IPv6 looks like this:

2001:0418:000C:0003:0000:CF00:C0A8:2E2E

So the highest number is 16^32, right? Which is roughly 3.4028 x 10^38.

Which is a little over 340 undecillion. Want it exact? It's 340 undecillion, 282 decillion, 366 nonillion, 920 octillion, 938 septillion, 463 sextillion, 463 quintillion, 374 quadrillion, 607 trillion, 431 billion, 768 million, 211 thousand, 456.

Plenty for everybody!

Check out more names of big numbers.
.

Come and get it

And EDU's too. There are many universities with many tens of thousands of IP addresses, most of which are unused. One I know of has at least one class A...

That would be us here at MIT. And you can pry it out of our cold dead hands.

only time will tell on usage needs

[amigabill]

>IPv6 will increase the supply of addresses from 4 billion today to a number in excess of 35 trillion
>that is "so big that there's not a word for the number,"

Said with the same confidence that Gates used when announcing that 640KB memory should be enough for anyone... :)

There is a word for the number...

[ikewillis]

The number, 2^128, or 340,282,366,920,938,463,463,374,607,431,768,211,45 6, can be read as:

Three hundred forty undecillion,
two hundred eighty-two decillion,
three hundred sixty-six nonillion,
nine hundred twenty octillion,
nine hundred thirty-eight septillion,
four hundred sixty-three sextillion,
four hundred sixty-three quintillion,
three hundred seventy-four quadrillion,
six hundred seven trillion,
four hundred thirty-one billion,
seven hundred sixty-eight million,
two hundred eleven thousand,
four hundred fifty-six.

That's a lot of IP addresses.

"We're not even close", says the market.

[mactari]

How much does it cost me to get an IP address for a year? About $150 including server space.

Where I used to work (on-site gov't contractor) each machine had a "real IP". That's nothing 192.168.1.* can't fix. The issue is with the way people purchase huge blocks of IPs at once. If we'd stop selling 134.*.*.* to one entity, we'd be fine for a while longer.

From one of the linked articles:
In one solution, a single IP address is assigned to an entire network, which then gives out its own addresses to the devices attached to it.

But such approaches are not long-term solutions, said Alex Lightman, chairman of a conference... to discuss the next generation of IP addressing, known as Internet Protocol version 6, or IPv6.

I think Mr. Lightman is being a bit alarmist. There's no reason any ISP needs more than one IP.

At any rate, as long as any schmoe can go and purchase an IP at an ISP/web host for nuttin', I can't imagine we're even close to out and that there aren't millions of IPs that we can consolidate before we get so alarmist.

Will my grand-mother learn to firewall?

[christophe]

When people are connected to the Internet, they usually obtain one public IP, usually not static. If the fridge, the DVD player, the printer, gets its own IP, it will be a private one, NAT-ed, and somewhat protected from the outside.

The IPv6 world won't know NAT, as its goal is somewhat to destroy it. Someone from Australia could connect to my fridge if everything in house becomes connected. It all becomes wireless, you'll even forget that your camera is on the net. Even with a much greater address space, we'll all need to firewall our connections.
I suppose that easy-to-use firewalls will be in every home in a few years. Still, any failure in programming them, any exploit in a well-known brand, could lead to a disaster for people much greater than having its computer hacked: fridge at 20C, heating at 40C, camera becoming a public webcam, TV and DVD giving back what you've seen yesterday, palm giving your agenda to the world...

What about the DOT.BOMB's?

[Lester67]

A few years ago I worked for a business oriented web hosting company (which also disappeared a little later in the dot.bomb crisis.)

At the time, we were trying to buy up a considerable chunk of IP addresses from another company that had already gone tits-up. Due to bankruptcy courts, etc, the sale never went through.

My question is, how many IP ranges are still out there that were purchased up, but never accounted for, or added back to the available population?

If a company did fold, but held a chunk of IP addresses, how long can they sit in limbo before they are re-released back into "the wild"?

I guess my bottom line question is: Are we really running out in 2005 due to a lack of availability, or mismanagement?

Killer App

[stephenbooth]

How about an IP address for the RFID chips in your clothing?

That way your socks can tell your washing machine to ask the fridge to remind you to wash them whilst also emailing the NSA about you attending a meeting of [insert-fringe-organisation-currently-in-policial- disfavour-here] and your partner about the visit to the strip club afterwards. And obviously every CD (and CDplayer) will need it's own IP address so the embedded device (running WinCE) can connect back to the RIAA over the secret pervasive wireless network to tell them who's playing what as an antipiracy measure (the customer profiling use to allow them to send you even more junk mail is purely a side effect).

Anything I missed?

Stephen