Slashdot Mirror


Dispelling the IPv4 Address Shortage Myth

Zocalo writes "While looking up some WHOIS information at RIPE just now I noticed a couple of articles about the IPv4 address space allocation status. IPv4 Address Space: October 2003 is a short summary by RIPE themselves, and IPv4 - How long have we got? is from July 2003, but has lots more detail and pretty graphs! In short, the "Death of the Internet" due to lack of IP space is a myth, which doesn't bode well for getting IPv6 rolled out any time soon."

12 of 505 comments (clear)

  1. So.. by pirodude · · Score: 4, Insightful

    So yeah, it'll take 20 years to exhaust the space. Let's wait until 2029 to switch to IPv6.

    Or instead start switching now (after all, it'll probably take atleast 10 years to get everything switched over) and not worry about IPs until we're extinct.

    1. Re:So.. by leerpm · · Score: 5, Insightful

      According to their study, yes it will take 20 years for 100% of the address space to be used up. But there was a study done (trying to find the URL right now..) saying that once we reach a critical mass of around 85% usage, it will become nearly impossible for an organization to obtain new address space. At this point, we will essentially be in a crisis-state, where no one will be able to request more space.

  2. Re:Good articles by lemmen · · Score: 5, Insightful
    The need for IPv6 is _not_ shortage of IPv4 addresses, but you find it in the extra features in IPv6 (Build-in security, Automated addressing, etc).


    Check this presentation: mms://webcast.ripe.net/ripe46/plenary-2.wmv

  3. Re:Good articles by Branc0 · · Score: 5, Insightful
    IP addresses are more and more being done using 192.* or 10.* addresses.

    This is done because we have to, not because we want to. If IPv6 was a reality today i would put many machines with a public IP address that today are behind NAT.

    --

    rm -rf /home/leia

  4. Re:Good articles by Anonymous Coward · · Score: 5, Insightful

    For philosophical reasons, there's some opposition to the mass NAT-ing of the Internet; it tends to break the equality between computers, creating the artificial distinction between servers and clients (just imagine all the pain you have to go through to use your favorite P2P/game/whatever behind a NAT router). IPv6 will solve that, although NAT will probably continue for other reasons.

  5. Re:Good articles by Mysticalfruit · · Score: 5, Insightful

    My insight is to say that your right on the mark. NAT killed IPv6. Also, now with the focus more on security, more people are seeing isolated networks with single points of IDS monitoring as solid solutions to security. Hence people put everything on a non routable blocks of IPs and put a snort NAT box at the head end.

    --
    Yes Francis, the world has gone crazy.
  6. IPv6 more necessary than thought by mnmn · · Score: 4, Insightful

    At a certain point in the middle of the last decade, everyone thought they would run out of IP addresses. Work was then put into routers and firewalls to bring to the masses the CIDR and NAT to stem the tide. Now on cisco routers you can do fancy port forwarding to use several servers behind one IP. All this work however could have been replaced by investing in ipv6. The fact that ipv6 is not being implemented means investment is being put into a scheme in which people will eventually run out of IP addresses, while there is a complete alternative available.

    The single biggest damaging factor of ipv4 is the fact that you cant really run servers behind it. There are already ISPs in many countries that provide service from behind a NAT firewall. This kills many people's freedom of speech and the spirit of the Internet where everyone had their own servers and ran whatever they wanted.

    The second damaging factor of the ipv4 is the control that IANA has. Both ICANN and IANA have been used politically and now we have many American ISPs churning out 4 IPs per person and 64 IPs per company, mostly going to waste while ISPs in some countrys like Pakistan's PakNET have 100,000 customers behind one IP none of whom can run their own servers.

    ipv6 can fix all these problems in one fell swoop, simplify routing enormously and introduce IPSec and other security technologies.

    --
    "Give orange me give eat orange me eat orange give me eat orange give me you." -Nim Chimpsky
  7. "Fairly Recently?" by mveloso · · Score: 4, Insightful

    Fairly recently as compared to when? I remember using ftp behind NAT years ago, back in the mid-90s...and boy does that sound strange.

    Anyhow, the stuff now works and is stable (and has for years), so there's no reason to whine about stability, etc. If your software doesn't work behind NAT, it's because they hired an inexperienced network guy to write the code.

    Why not complain about something else, like the crappy X server stuff?

    1. Re:"Fairly Recently?" by Abcd1234 · · Score: 4, Insightful

      Fairly recently as compared to when? I remember using ftp behind NAT years ago, back in the mid-90s...and boy does that sound strange.

      Yeah... it took until around 6 years ago before FTP would even work through a NAT. FTP! One of the oldest protocols on the 'net! And this requires stateful management on the server, which is non-trivial. Basically, it requires a protocol-specific hack.

      Anyhow, the stuff now works and is stable (and has for years), so there's no reason to whine about stability, etc. If your software doesn't work behind NAT, it's because they hired an inexperienced network guy to write the code.

      Sorry, but you're totally wrong, here. There are many applications (IPSec being the most obvious, as well as end-user apps, like VoIP, P2P apps, etc), where the very architecture of said application means NAT fundamentally breaks things. And yes, there are ways to hack around these limitations, but they're just that, hacks. And this is unavoidable... the minute you want machines to be able to directly contact other machines, things break down in the face of NAT.

  8. Re:Good articles by Anonymous Coward · · Score: 5, Insightful

    Ok, this is idocy. Yes, the net can survive with NAT. The thing is, IPv6 is about looking forward.

    If every phone, mobile phone, internet appliance, whatever had a publicly available internet address, things like VoIP could be routed over the internet, be more secure, have better latency, possibility of point to point encryption, etc. It would drive down the cost of mobile internet service, and make service better on the whole. Want your home phone# to ring your cellphone or computer? Forward it.

    Phone numbers of the future should be like URLs. phone.yourname.com, mobile.yourname.com, and you could have as many of these as you could want to resolve to your phone's address. Want to have your cell listed by your employeer? joesmith.bigcompany.com. Confrence calls? IPv6 has much better facility for multicasting. Video, etc etc etc. are all quite possible.

    It's not that complicated. IPv6 represents a paradigm shift for future accessible technologies, that aren't possible/interoperable any other way. People want mobile internet aware devices, lots of them.

    What I want is to be able to subscribe to a mobile carrier like I would an ISP. They host my connection, give me some benefits (web space, whatever, more data transfer), and charge me for the byte. It's redicliously expensive to use internet enabled phones in most places in the world--Especially concidering that voice data is so much larger, by nature..

  9. Re:Good articles by Tailhook · · Score: 4, Insightful

    The need for IPv6 is _not_ shortage of IPv4 addresses, but you find it in the extra features in IPv6 (Build-in security, Automated addressing, etc).

    Disclaimer: First, understand, I'd like to agree with this. IPv6 is a good thing.

    However, the IPv6 motivations you mention are incorrect. IPv6 does provide the things you mention, but these are not sufficient to cause a migration and do not constitute a "need."

    Security; Adhoc VPN is providing this in IPv4. It's messy and complex, but it works within limits. IPv4 was not designed with this in mind and the hacks that appear as a result are deeply wrong, but it works.

    Autoconfig; DHCP is providing this to a large degree already. It is working "in the wild" right now in both fixed installations and more recent wireless environments. Again, it's messy and imperfect, but it's working.

    NAT is being extended to multiple levels through routing domains (my phone has a RFC1918 address and I wouldn't be surprised if some cable/DSL ISPs aren't distributing them too. A major issue for corporate WANs is making sure RFC1918 subnets don't overlap.) Protocols that don't play well with public IPv4 and NAT are being implicitly deprecated (consider SOAP running an entire RPC stack through HTTP ports and TCP/IP.) Obscene hacks necessary to overcome NAT are being created (IPSEC NAT-T.) How long will it be before ISPs set up tiers where you're only cost effective choice for small enterprise is a single public IP on a NAT gateway because a classless /28 public subnet is 5x more money?

    IPv6 will happen only when the pain of the transition approaches zero. Until then IPv4 will persist regardless of how painful it is. People will deal with figuring out how to run multiple virtual hosts through a single address to a NATed DMZ before they read page 1 about IPv6.

    When every OS and device supports it out of the box and the base of administrators are finally no longer mystified, it will occur. This will take a long time. I doubt IPv6 will be ubiquitous in the next 8-10 years. IPv6 proponents must continue to focus on vendor support and educating administrators. There is no magic bullet.

    --
    Maw! Fire up the karma burner!
  10. What about the NAT myth? by Merk · · Score: 4, Insightful

    You know the one. It says that "We don't nee IPV6 because we have NAT". It's the same kind of thinking that says that The Internet == The Web. Just because NAT solves a certain subclass of problems that are more naturally solved by extra addresses, doesn't mean that there is no need for IPV6 because there's NAT.

    NAT works great for things like the web, which are initiated behind the NAT machine, and don't make any connections back through the NAT machine. But The Web != The Internet. Even FTP has problems with NAT, but at least those problems are well understood by now. When the original connection is made from the outside world, trying to contact something behind the NAT box, that's when problems start.

    Some people see this difficulty in reaching the machines behind the NAT box as security. It isn't. If you have no other forms of security, it helps a little bit, but it's more like a side effect. Saying that this is security is like saying that a rusty lock is more secure than a new one because it is harder to get the key into it. A stopped analog clock isn't right twice a day, it just appears to be right twice a day, but that doesn't mean it is ever working.

    If a NAT machine were replaced with a simple firewall machine with a closed-down firewall, you'd have the exact same kind of security. No packets get routed to the machines on the other side of the firewall unless the rules permit it. The only difference is that it avoids a lot of hacks. Rather than having to do "ssh -p 10322 mynatbox.mydomain.com" and having to remember that 10322 corresponds to your mail server, you can simply say "ssh mailserver.mydomain.com"

    Doing away with NAT also makes true peer-to-peer networking possible. Currently it doesn't work, you need some kind of a server because you can't initiate connections from the outside world to the NATted boxes. P2P doesn't just mean swapping songs, but also networked gaming.

    This is all just about routable addresses so far, but IPV6 is so much more than that. There are features of IPV6 like security that IPV4 simply doesn't offer.

    So remember kids, The Web != The Internet, and NAT != IPV6, nor can NAT do everything you can do with routable addresses.