Slashdot Mirror

← Back to Stories (view on slashdot.org)

Dispelling the IPv4 Address Shortage Myth

Posted by ryuzaki0 on from the put-on-your-debating-hat dept.

Zocalo writes "While looking up some WHOIS information at RIPE just now I noticed a couple of articles about the IPv4 address space allocation status. IPv4 Address Space: October 2003 is a short summary by RIPE themselves, and IPv4 - How long have we got? is from July 2003, but has lots more detail and pretty graphs! In short, the "Death of the Internet" due to lack of IP space is a myth, which doesn't bode well for getting IPv6 rolled out any time soon."

15 of 505 comments (clear)

  1. Good articles by Anml4ixoye · · Score: 4, Interesting

    I enjoyed both of the articles. The question I have is this. With the number of networks now being NATed and the such, will we ever truly need something like IPv6? It seems like whe I hear about it, the talk is always that every device will have a unique IP address. But what I see is that large deployments of devices needing IP addresses are more and more being done using 192.* or 10.* addresses. Anyone else have more insight?

    --
    Random Musings
    1. Re:Good articles by Firehawke · · Score: 5, Interesting

      NAT is a quick and dirty hack that has to be updated for newer, complex protocols-- it wasn't until fairly recently that NAT would actually deal decently with FTP, but it requires mangling the packets.

      In the end, the only truly STABLE method for addressing is just to have real IP addresses. NATs just add points of failure and complexity in diagnosis.

      It doesn't help that Microsoft's own implementation of the system is nearly impossible to configure-- since NAT is useless for servers, you're only going to see it on clients, and there's your #1 most likely NAT solution to see.

    2. Re:Good articles by talon77 · · Score: 4, Interesting

      Nonsense, I think most of us do it because it makes good sense. You don't want your local network having a public IP address, even if you do have a firewall and the best IDP system available. Why create the risk? And even if you have a public server with a public IP address, most firewall's require you to NAT the public IP address anyways if you are nat'ing anything behind the firewall. (usually you nat it to itself, but nat'ing none the less)

    3. Re:Good articles by Anonymous Coward · · Score: 1, Interesting

      The real driver in the ISP space for migrating to V6 is the potential to do business with the US federal Government. Eventaully, V6 will be a precondition for federal contracts.

    4. Re:Good articles by mjh · · Score: 4, Interesting

      The biggest problem with NAT is not for the home user. It's for corporate users. If you're a medium sized or larger business, there's usually some third party that to whom you have to make a connection. If you've got all of your internal network running on RFC 1918 address space, and they've got all of their network running on the same address space, you're almost certainly screwed. You can hack it with dual NAT but it's almost always a maintenance nightmare to get it working right.

      IPV6 is needed because RFC 1918 is a bandaid. We need to have globally unique IP addresses, whether we expose those IP addresses to the internet or not is irrelevant.

      --
      Key to financial independence: Spend less than you earn. Save and invest the difference. Do it for a long time.
    5. Re:Good articles by aminorex · · Score: 4, Interesting

      Oh, you mean like IPSEC, and DHCP?
      IPv6 offers nothing but a fat address space,
      really. Everything else can be retrofitted
      to IPv4.

      Frankly, I think we'll devolve to a system
      of discrete IPv4 address spaces with
      intelligent routers between them before
      IPv6. It doesn't matter how much mindshare
      v6 has, if the economics are wrong.

      --
      -I like my women like I like my tea: green-
    6. Re:Good articles by asdfghjklqwertyuiop · · Score: 2, Interesting

      NAT has absolutely nothing to do with security or firewalls. If you have NAT, it is still possible to get packets to machines behind it by source routing or breaking into your ISP's routers. Furthermore, source addresses can be spoofed which may have security implications.

      Things like these are prevented by a firewall. Not NAT.

      You are probably creating more of a risk by trying to rely on the obscurity of NAT for security (false sense of security).

      You want your local network to have real IP addresses because that is the way it was meant to operate. If it did you wouldn't have to screw around with port forwarding or proxying and remembering which port numbers correspond to which servers (if you have multiple services of the same type).

      I think most of us use NAT because ISPs charge ludicrous sums of money to get real IP addresses for broadband or dialup connections.

  2. If it isn't broken... by heironymouscoward · · Score: 3, Interesting

    The cost of moving to IPv6 is going to be so huge that it will remain a research project until the benefits are correspondingly irresistable.

    It will almost always be cheaper to hack IPv4 than to switch to IPv6, and this will be the rule for 99% of IP users.

    My prediction is that IPv6 will never come into general use, we will stick with IPv4 for at least 40-50 more years. I have absolutely no idea what will replace IPv4, something will, but it will not be IPv6.

    --
    Ceci n'est pas une signature
    1. Re:If it isn't broken... by Anonymous Coward · · Score: 1, Interesting
      IPv8, of course.

      BTW:


      Slow Down Cowboy!

      Slashdot requires you to wait 2 minutes between each successful posting of a comment to allow everyone a fair chance at posting a comment.

      It's been 40 seconds since you last successfully posted a comment

      Chances are, you're behind a firewall or proxy, or clicked the Back button to accidentally reuse a form. Please try again. If the problem persists, and all other options have been tried, contact the site administrator.


      So don't tell me everything is fine and dandy, Pollyanna.
  3. NAT firewalls a huge factor by websensei · · Score: 5, Interesting
    my brother david weekly had this to say about it, which I found interesting:

    This message was posted on a mailing list in response to a post that claimed that IPv6 would be widespread by 2005 due to an IPv4 address shortage

    NATs, unfortunately, made a need to switch over to IPv6 wholly unnecessary. Such a switchover will probably not happen for at least another ten years. Even ten years ago, we were "running out of" IPv4 space due to incredibly inefficient allocations using the "class based addressing" method - by which your network was deemed to either to likely possess 253 computers, 65,533 computers, or 16,777,213 computers. A specific network was identified by 24, 16, or 8 bits. (The more bits it takes to identify a network, the more networks can exist but at the expense of having fewer unique addresses per network.)

    This was quickly determined to be an inordinate waste of addresses and as early as the early 90's folks were predicting we'd rapidly run out of addresses. So class allocations changed a little, and instead of giving an organization with 1000 computers a class B (with 65,533 useable addresses), they'd give them four class C's (with 1012 addresses). This helped stem the tide for a bit and arguably saved the Internet's ass, but it was clear that a more elegant system for identifying networks was needed.

    After some backbone technology re-architecting, a new scheme called Classless Internet Domain Routing, or CIDR was introduced, which allowed bit-sized granularity, meaning that a network was identified by exactly as many bits as you needed. Your network could possess 13 computers, or 16,381 computers, and the system could deal with that efficiently. CIDR definitely also helped save the Internet's ass. But the addresses kept on coming; that dang Internet was getting popular very quickly! Pundits started talking about The Great IPv6 changeover, despite the fact that less than one person in 100 on the Internet had an IPv6-enabled operating system.

    Then came NATs. While Network Address Translation had been used in many environments, it hadn't really taken off tremendously. Then Linksys released a rather affordable cute little blue box. This piece of hardware let home users plug in several computers to the blue box, configure it with a web interface, jack in their cable/DSL connection and suddenly be sharing Internet access easily with everyone in the house, using one IP address and so fooling the ISP into thinking that there was only one computer using the Internet (many ISPs either don't permit or don't have the infrastructure to give out multiple addresses to a customer). These NATs had a secondary benefit, which was that by default, all incoming connections from the outside are dropped on the floor. I'm not sure Linksys had such "firewalling" in mind when originally designing the device - it's purely a practical issue. I mean, if someone says to a NAT "here's this piece of information" - to who which of the four connected computers should the NAT send it? By default, the NAT will give up and just drop the sorry packet. This means that when you're behind a NAT, you're protected from a whole class of Internet attacks. This realization further drove adoption.

    Companies with low IT budgets realized that they wouldn't have to buy extra IP addresses from their ISP (which often came at a premium) and that they could have simple firewalling without a complex configuration. Both companies and people could not see the inherent value in having each of their computers have an Internet-deliverable address, and there was real value (protection) to be had in NOT be addressable from the Internet.

    This, again, saved the Internet's ass. Instead of an organization of 1000 needing a class B, wasting hundreds of thousands of IPs, or even four Class Cs, this organization now only needs a single IP address to cover all of its desktops. Now instead of thinking about IP addresses as computer addresses, they have started to become network addresses, which is to say,

    --

    La via sola al paradiso incommincia nel inferno
  4. Different Problems? by Richard_at_work · · Score: 4, Interesting

    I thought the current issue with IPv4 was not the limited number of ip addresses, but the increased routing tables brought on by classless routing? These days, the central routers on the Internet have routing tables which are huge, which must cost someone somewhere to upgrade them.

    IPv6 was supposed to deal with this issue as much as it dealt with the number of ip addresses available, in that it would revert back to a semi class based routing set, with ISPs being assigned a range of addresses.

    Thats how I understood it when I asked anyhow.

    1. Re:Different Problems? by leerpm · · Score: 2, Interesting

      Yes, the size of the routing tables is one more reason for the upgrade to IPv6. But there are a few problems with IPv6 that still need to be worked out before we can say for sure that the routing tables are going to get much smaller. The biggest one so far is the issue of multi-homing (having more than one provider to your network). No one solution has come forward that isn't without some significant disadvantages over the current way it is done in IPv4.

  5. IPv6 will be adopted, just not in USA first by sdxxx · · Score: 5, Interesting

    IPv6 will eventually be adopted, because the way IPv4 addresses are allocated, many regions of the world *do* have a shortage of addresses. In particular, Asia has a serious shortage of IPv4 addresses. In fact, I know of people who run IPv6-only machines in Japan (because there are 6to4 addresses that allow you to reach IPv4 servers with approximately the same functionality as NAT).

    Moreover, as people deploy new infrastructure, they may be forced to use IPv6. For example, at some point every cell phone is going to have a routable IP address--and that is definitely going to require IPv6.

    So while North American desktop machines are unlikely to be switched to IPv6 any time soon, it will happen in other parts of the world and for other types of hardware.

  6. The myth of "better" by Anonymous Coward · · Score: 1, Interesting

    "NAT killed IPv6"

    That's because NAT is a *better* solution than IPv6.

    Now before you get your knickers in a bunch, lets take a look at the old saw of "VHS won despite Beta being better".

    I'm here to tell you that this is the biggest myth in the tech community.

    When VCR's first came out, people wanted them to timeshift, and to tape movies from TV. But a movie is 2 hours long. Beta was first and a compromise was to limit recording time to 90 minutes per tape.

    Whoa. Big problem.

    JVC sensing an opportunity made a small, but significant "improvement". They made the recording time 120 minutes. Picture quality was worse, but here the key point:

    "People didn't care about the best picture, they wanted to tape movies".

    Thus, the videophile saw beta was clearly better than VHS because the picture was noticably better. So VHS got a foothold.

    Sony finally killed off beta by making a key mistake.... they refused to license Beta except under very stringent and costly conditions. By contrast, JVC was whoring the VHS spec out to everybody.

    By this time, Sony figured out a way to get longer record times, but it was too late. The die was cast. Sony lost beta because they didn't move quickly enough on the features that people wanted, and they didn't move agressively to get licensees of their Beta technology.

    This was repeated with the 8mm debacle just a few short years later.

    What does thsi have to do with IPV4 vs IPV6. Only this:
    While IPv6 is a technically "better" solution, it isn't solving the problem that people want, and it has a fairly high price tag to boot! So IPv6 from that standpoint is the Sony Betamax of 2003. Better, but only to the elite few.

  7. ipv6 rollout held back for what? by Loconut1389 · · Score: 2, Interesting

    the original parent states that this article could spell bad news for the ipv6 rollout. Yet, i see no reason why it should have any bearing on ipv6 at all. Why should the ipv6 rollout wait until we have no ip space left in 20 years. Why not switch over and let the availability of space drive innovation for new ideas to use that address space. Theres nothing saying we can't migrate to ipv7, 8, 9, 10 whatever some day later on. ipv6 should proceed at whatever rate the industry is ready for, not by when we are almost out of time. Much the same with our fossil fuel situation, IMHO.