Slashdot Mirror

← Back to Stories (view on slashdot.org)

The exhaustion of IPv4 address space

Posted by ryuzaki0 on from the the-sky-is-falling-the-sky-is-falling dept.

FireFury03 writes "Cisco has an interesting article talking about estimates for the exhaustion of the IPv4 address space, and the inevitable move to IPv6. It predicts that the IPv4 address space will be exhausted in 2 - 10 years and suggests that it isn't worth trying to reclaim old allocations. With the mainstream use of IPv6 now potentially within the ROI period of many products the manufacturers need to start including support, but will the ISPs roll out native IPv6 networks before they absolutely have to? IMHO, ISPs providing native IPv6 support would be a Good Thing since it opens up the door for peer-to-peer technologies such as SIP without needing nasty NAT traversal hacks, but a major stumbling block seems to be a complete lack of IPv6 support on current consumer-grade DSL routers (tunneling over IPv4 is an option but requires more technical know-how from the end user)." Of course, Cisco may have some vested interest in driving up the IPv6-compatible router sales *cough*, but the bottom line is that the transition will have to happen at some point in the near future.

10 of 589 comments (clear)

  1. Re:Is NAT Better? by amalcon · · Score: 4, Informative

    The one "benefit" of NAT over IPv6 is that you can't access ports which aren't forwarded to that computer. i.e. it basically acts like a firewall, but potentially a little weaker because it isn't designed to be a firewall. As IPv6 doesn't keep you from having a firewall, this is almost moot. It's not entirely moot because home users who have NAT would not always consider having firewalls. The benefits of IPv6 are numerous, however.

    --
    -Amalcon
  2. Re:Is NAT Better? by phoenix.bam! · · Score: 4, Informative

    NAT is not defense. The stateful firewall is defense. You can use stateful firewalls on IPV6 also and there is no reason that consumer grade routers would not include the firewall.

  3. Re:Already rolled... by FireFury03 · · Score: 5, Informative

    Everyone is just waiting to push the big red button and turn on the support

    Why do you need to wait to turn it on? IPv4 and v6 can run side by side. I've been running v6 for a few years using 6to4 tunnelling to provide connectivity since my ISP doesn't do native IPv6... infact I haven't seen *any* ISP (in the UK) offering IPv6 connectivity over DSL. Just providing a 6to4 anycast gateway on their core network would be a start.

    --
    http://blog.nexusuk.org
  4. transport ready, management a hassle by puzzled · · Score: 3, Informative



      I've been playing with IPv6 off and on since 2000. My current IPv6 plant incarnation is a Cisco 2610XM tunneling traffic from btexact (best tunnel broker if you want to play), a Cisco 1605 that is sometimes online, and a FreeBSD box. I don't have a site up this time, just taking it slow and playing, doing this mostly because the CCIE lab has started requiring IPv6.

      The transport works just fine, the application support is still a hassle. If its a barrier for me after five years of dinking and nothing left to do Cisco wise except complete my CCIE ... well ... Joe MCSE is probably going to get chewed up by it.

      Moving to IPv6 from IPv4 is as much a change in mindset as moving from IPX to IPv4 was ...

    --
    I am very easy to get along with, but I don't have time to waste being nice to people who are being stupid. -Theo
  5. Re:Nasty NAT hacks by nutshell42 · · Score: 4, Informative
    I'd love to know the zombienet operators' take on the conversion to IPV6.

    United Zombienet Operators issued a press release today adressing fears about increased zombie activities following a theoretical switch to "Eye P-V6". Only one line long, it reads "Please remember the codewords are 'Klaatu Verada Snugglesworth'." Asked for an official statement a spokesdead of the Army of the p0WneD just said "Urgh...MUST...EAT...BRAIN". We will continue to report this story as it develops.
    --
    Don't think of it as a flame---it's more like an argument that does 3d6 fire damage
  6. Tunneling is not good enough, no multicast! by shapr · · Score: 3, Informative

    I'm using 6to4 right now, but it's not good enough! One of the greatest benefits of IPv6, true multicast support, does not work, since the underlying IPv4 layer does not support multicast.

    Many applications could take advantage of multicast if it were available.

    Some examples:
    Bittorrent is a cheesy IPv4 emulation of multicast.
    Game servers could multicast 'common' data and save roughly 50% of the total bandwidth used.
    Mirror sites could multicast their updates. Debian, Redhat, and other mirrors would use a fraction of their current bandwidth.

    If you went the bittorrent way, files could be sent via looping multicast, no more slashdotting the Id games servers.

    Basically, any duplicate TCP/IP streams could be a single stream that gets replicated at the router. I want it now!

    Think of it, even spam could be more efficient with multicast emails!

    --

    Shae Erisson - ScannedInAvian.com
  7. Re:Is NAT Better? by FireFury03 · · Score: 3, Informative

    Weaker how? If you can't address a node, how can you attack it?

    Well, ignoring the fact that there _are_ ways to defeat NAT (although they usually require cooperation from hosts behind the NAT anyway), one notable weakness is that you're relying on your ISP to get things right, and relying on someone else's cluefulness is always bad.

    What I mean by that is, given a network like:

          PC (192.168.0.1) ------ (192.168.0.254) Router (1.2.3.4) ------- ISP

    Assuming 1.2.3.4 is a global scope address and 192.168.0.0/24 is site-local. The router is doing NAT, all well and good. However, if the ISP somehow ends up routing traffic destined to 192.168.0.1 to your router (for exacmple, a routing cockup on their end) then most consumer grade routers will just let it right through because they don't explicitly block incoming traffic.

    Admittedly it's unlikely this would happen, and only nodes reasonably close to you would be able to take advantage of the routing. However, I still maintain that trusting a third party as part of your network security is a Bad Thing.

    but I don't see how it's less secure than the complicated (and thus fallible) filtering rules in a "real" firewall.

    Firewall rules don't have to be especially complex - a firewall that does the same job as a NAT (security wise) but provides protection from the above problem is simply a connection tracker configured to drop incoming connections. Infact, since a NAT is basically a connection tracker with some more stuff shoved ontop it could be argued that the NAT is more complex and thus more fallible.

    --
    http://blog.nexusuk.org
  8. Re:Interesting by Cramer · · Score: 5, Informative

    It's "not worth it" simply because of the greedy bastards hoarding those /8's. Let's see who is hoarding all that space...
    003/8 - GE
    004/8, 008/8, 046/8 - BBN
    009/8 - IBM
    015/8 - HP
    016/8 - DEC
    017/8 - Apple
    018/8 - MIT
    019/8 - Ford ...
    045/8 - Interop Show Network !!

    And then there's the US GOVERNMENT with 8+ /8's -- more if you count the number of big contractors holding /8's.

  9. Re:Fossil fuels by dustmite · · Score: 3, Informative

    Except, they didn't say that. "They" predicted that oil production would PEAK by (twenty years from thirty years ago) - "peaking" is completely different from "running out" - "peaking" means, basically, that you're at the top point of the production curve --- it means you've used up roughly half of the oil (i.e. you are only halfway), and that you will start running out ("start" meaning to be on the downward slope of the production curve - but you still have a LOT of oil at the point when you "start running out"). You're thinking of Hubbert's estimation (which was already in 1956, actually) that global oil production would peak in 2000. It was predicted that US oil production would peak by around 1970.

    See this link for more information on peak oil theory.

  10. Re:Interesting by Cramer · · Score: 3, Informative

    BBN... currently known as Level 3 Communications.

    They were one of the first movers and shakers in the internet industry 20 odd years ago.