Slashdot Mirror
IPv4 Unallocated Addresses Exhausted by 2010
An anonymous reader writes "Ars Technica is reporting on how the unallocated IPv4 address pool could run out as soon as 2010. The IPv4 Address Report gives details on just how fast the available pool of IPv4 addresses is diminishing. Will ISPs be moving towards IPv6 any time soon? Or will IPv4 exhaustion become the next Y2K?"
Despite the best efforts of organizations like ARIN, the simple fact is that, compared to IPv4, IPv6 gives you access to very little content and very few users. So far, nobody has been able to get past this chicken-and-egg issue, although a The Great IPv6 Experiment proposes to change this by giving away free access to "10 gigabytes of the most popular 'adult entertainment,'" but only over IPv6.
Is IPv6 so unappealing that they've gotta bribe people with pr0n to use it?
i've been hearing about how ip4 will run out in the next 5 years for the last TEN years.
If you mod me down, I will become more powerful than you can imagine....
The death knell of IPv4 has been ringing a long time.
I bet that people will be bored of the internet by then
Y2K was a bug which was easily solved. This is an infrastructure defect which has an available, but expensive, solution.
It will be expensive to make a major shift to IPv6, which is why it's taking so long.
Until the complete exhaustion of all IPv4 addresses is an immanent threat the change will not happen, much like Y2K.
They could delay the inevitable by reallocating existing IPv4 space more efficiently. Many old/historical allocations are inefficient. Apple Computer, for example, has all of the 17.x.x.x space, comprising 256^3 = more than 16 million addresses, which is just plain absurd in this day and age.
predictions
every year there is a new nutter predicting the end of the world. Havent we heard of this argument before? Would it be a good idea to take ownership of those class A spaces that quite a few companies are hoarding??
Are they going to fix IPv6 anytime soon?
I also love my quirks.
Mr. Universe: "They can't stop the signal, Mal. They can never stop the signal."
IPv4 runs out, bamboo flowers for the first time in 150 years. Can't be a chance, can it?
668: Neighbour of the Beast
Why not just increase the address space for IPv4?
Hell call it IPv4.1
Many companies are using a fraction of the /8s and /16s that were assigned to them back when.
Well duh, why do you think people got on the Internet in the first place? Some military experiment? pffffffft. It's all about the pr0n!
Mr. Universe: "They can't stop the signal, Mal. They can never stop the signal."
Why not IP4 2.0?
:)
Reserve 256 IP addresses that will never be used by IP4
Then with these 100 addresses, add on another IP4 to it
Lets say 000.000.000.001 through 256.256.255.256 were plain IP4. Then everything is working as planned.
Then we run out of internet addresses! OH NO
Next dude's internet address is: 256.256.256.0 + 000.000.000.001
Next dude's internet address is: 256.256.256.0 + 000.000.000.002
It would ease adoption I think
God spoke to me.
Telecom companies are switching everything, including cell phones, to VoIP. Soon, damn near every cell phone will have an IP address associated with it. CDMA phones that EVDO rev-A already do. I know one carrier that has a pool of 2 million available addresses, and 20+ million customers with cellphones.
IPv4 addresses are going to be going away very quickly.
Learning HOW to think is more important than learning WHAT to think.
255.255.255.0 not 256.256.256.0 And other places where I messed up.
God spoke to me.
Is IPv6 so unappealing that they've gotta bribe people with pr0n to use it?
With one of the bigger 'features' of IPv6 being the possibility of assigning and tracking users individually with the huge number of addresses - I suspect it does not play into the current (sorta) anonymous surfing mindset folks have today. (Not that anyone is truly anonymous on the web) Once you have to slap down your address to access the content, I can see why people might not be interested.
+++ UGUCAUCGUAUUUCU
Man, am I glad I've got 192.168.0.100 through 192.168.0.105 setup on my network at home. Hmmm.....maybe I should lay claim to 106 through 110, just in case.....
-- Fugacity: Confusing chemists since 1908
There are two issues:
- Switching protocols
- Getting IPv6 addresses
You can use the IPv4 subset of the IPv6 address space, and everyone can still talk to everyone while you convert. It's only the folks that have IPV6 addresses before the IPv4 users have migrated that become unreachable by anyone.So the online businesses are going to want to be the last ones to switch, so that their customers don't become unable to reach them.
But anyway, IPV6 gives you access to all the same content.
- "History shows again and again how nature points out the folly of men" -- Blue Oyster Cult, 'Godzilla'
Look at the map and tell me we're not low on space. Yeah, you can reshuffle, but that just buys us more time; you've still got to update someday.
Ease adoption how, exactly? You still need to update the protocol, then update all the software, and all the hardware, and all the documentation and training... you can't just tack that on to existing implementations of software.
If you're going to force all that change, then change to something that isn't a silly half-arsed hackjob.
Is IPv6 so unappealing that they've gotta bribe people with pr0n to use it?
It's not unappealing, it's totally irrelevant to end-users. There's no market out there asking for IPv6 network access. ISPs and their upstream providers thus have no increase in revenue if they deploy IPv6, but that deployment will cost them real money -- v6 capable routers need much more storage and processing, for instance -- and so there's real financial incentive to avoid IPv6. Offering free pr0n might be a way to make the difference relevant to end-users and thus provide demand and revenue, but I kind of doubt that it's enough.
When end-users are getting IPv6 or private address IPv4 to the door, and a NAT exchange at the ISP, and their VOIP/game/spyware breaks, there will be financial motive at all levels. Being able to offer a full and uncrippled Internet experience will be the value-add.
But expect a period of chaos as ISPs try to barter IPv4 addresses around, and failing that, try to steal them.
Would it not help if we just better utilized NAT. it seems like a throw-back to a time when we did not have switches/routers that would be able to handle translation.
I think companies will start 'renting' addresses as IPv4 is approaching its limit, pretty much like the concept of carbon credits.
Companies may cut down unnecessary IP usage, or buy/rent addresses from other companies with plenty to spare.
This 'trade' could go on until such point it's either more costly to rent than move to IPv6, or when all available-and-necessary addresses have been fully utilized.
Virtual Betting on Facebook for non-geeks.
I doubt anyone will be making a concerted effort to switch until it actually becomes necessary. Once the IPv4 address space runs out, hacks will be done to extend it. Ranges will be "repo'd" from companies, or those companies will just start reselling those ranges. Not until there is no space left to squeeze out will people really start caring.
That's really just not true. With IPv6, you can get a lot more anonymity than you have now with IPv4. v6 has all sorts of special provisions for randomly assigning addresses, letting you reset them when you want, so that you can appear to be a new user in the middle of a browsing session. That's tough to do with IPv4; even if you try a DHCP release-and-renew from your ISP, generally they won't issue you a new address until the other one has expired.
IPv6 doesn't force you to give up any privacy, and there's no 'user serialization' unless you buy into it voluntarily.
"Ladies and gentlemen, my killbot features Lotus Notes and a machine gun. It is the finest available."
If we do run out of IPv4 addresses for real this time, I predict ISPs will switch to 100% private IP addressing space before even thinking on IPv6.
Heck, it's already happening in other countries. In Chile for example (a reasonably high-tech country) VTR http://www.vtr.cl/, the only cable ISP, will give you ONLY RFC-1918 addresses, period.
The masses won't care. They only care about their basic apps, and ISPs will use that as leverage to control more services, especially all P2P and VoIP-related ones.
So 99.6% of addresses are 64-bit long, yet you managed to create only 2^40 addresses. What kind of design is that?
Those are MINE, you THIEF!
Kidding - I'm KIDDING
boycott slashdot February 10th - 17th check out: altSlashdot.org
I imagine there will be a conservation effort to try to mop up unused addresses to mitigate shortages before things get really bad.
Don't a number of organizations have Class A's and B's that they could never possibly use?
"Is IPv6 so unappealing that they've gotta bribe people with pr0n to use it?"
It worked with IPv4.
Although I shudder to think back to the days of downloading pr0n on a 14.4k modem!
You mean it will be correctly identified as a problem and fixed? God I hope not - that would be awful.
sic transit gloria mundi
Love these inflammatory story summaries. There couldn't possibly be a #3, like, oh, I don't know, people continue to use NAT and ignore the chickens running around with their heads cut off?
There's also significant financial incentive to keep the limited address space of IPv4. Want a static IP address or additional IP addresses? Fork over the cash, baby!
With the immense popularity of peer-to-peer communication such as bittorrent, it's a pretty hard sell to say that you have access to the same content UNLESS it's peer-to-peer. Increasingly, services such as Steam use peer-to-peer to transfer large files. There is little chance that this trend will come to an abrupt halt, so most likely the demand to be reachable by all of those IPv4 users will remain high.
Also, a business that needs to be reachable over the internet wouldn't want to sacrifice access by the majority of the internet public in order to aspire to the higher ideal of IPv6.
As much as I like the idea of IPv6 things like this are real hinderances to its adoption.
-Lee
I'd imagine any buisness would have an IPv6 address AND an IPv4 address, atleast untill the IPv4 address was dragged away from their cold dead hands.
Why not just throw all users on a sub $25 a month package behind another NAT.
Im sure that accounts for at least 50% of internet users.Its unlikely they do anything with there connection that requires port forwarding or they would be on a better package.
Routers that have been capable of supporting IPv4/IPv6 dual stack have been available for a long time now so unless you're a tiny ISP that has no budget for life-cycle upgrades it's very likely your kit is already capable of running IPv6. Now, whether or not your engineering staff is trained in supporting IPv6 is another story. Within 5-10 years though ISPs will have very little excuse to NOT support IPv6 since they will have replaced any antiquated IPv4-only equipment as it is end-of-lifed. US Federal Government agencies have a mandate to support IPv6 by June 2008 so it has been spurring a lot of vendors to get their shit in order and either upgrade their products to support IPv6 or face not being able to sell to one of their largest customers.
Sky is falling!! The sky is falling ... Women and Minorities hardest hit.
Run! Run!!
The world is coming to an end
We are running out of IP addresses (which we probably aren't) and we have a solution for it.
The World is ending Run Run
...and climb on board as an enterprise IPv6 migration consultant.
Hopefully it *is* the new Y2K.
I'm continually amazed at the number of people in the IT and Net industry who keep "wondering" when IPv6 will arrive. Its been here for a long time. I'm running a series of web servers for internal company use that have native IPv6 addresses. For public consumption, we have an IPv4 reverse proxy that allows us to run our entire web services behind one IPv4 address. Any customer who has an IPv6 address gets to talk to the individual servers.
/64 v6 address for a cheap price. You'll design your websites to be usable on v4, but for management tools, etc, you'll need to install a v6 tunnel.
The advantage comes when you consider management. In order to have 20 SSH/FTP/etc accessible Internet servers, I'd either need 20 separate IPv4 addresses (getting a decent segment of a class C here is expensive), or I'd have to play fun games with ports. All our technicians have IPv6 on their laptops, and use tunnel brokers for access to the v6 network.
Most of our clients have IPv6 connectivity, though they don't notice it. When we put in a firewall, IPv6 comes default setup with tunnel brokers.
People keep asking, when's there gonna be v6 content? There is no v6 content (ok, their is full colour ascii starwars). Any content provider would be nuts to say "you have to have v6 to see our content" at this point (with the exception of mobile phones). IT Techs brought v4 to the public, we'll bring v6 to the public. Its technicians like myself who appreciate having an Internet accessible toaster (ok, so its not yet accessible) that have already started the ball rolling.
Before long you'll see hosting providers saying, you can have one web gateway shared v4 address and a
I use to have a funny sig, but slash cut it off, and I forgot what the punchline was.
The gradual change is the IPv6! You have no *clue* what you are talking about.
IPv6 can address all IPv4s. It just doesn't work the other way around because IPv6 is a superset of IPv4.
I wonder if the bogon list space is considered?
http://www.faqs.org/rfcs/rfc1918.html
If I'm reading it correctly your ISP treats you like you are part of their corporate intranet and then pipes your traffic out. I'd expect the ISP have a similar traffic footprint and pattern to a largeish college campus that doesn't assign every PC an outside IP.
Don't forget complaining, the other half of the equation! You and the other sixty thousand _____ enthusiasts in the world coming together to bitch and moan about obscure details related to your annoyance with ______ manufacturers' refusal to implement your brilliant plan that will fix everything and raise _____ back up to its former heights of glory, when sixty-one thousand people were on the board.
"Tu fui, ego eris" - Virgil
There will be some guy in an ill fitting suit accosting you, "hey man, got extra IP4?" "I gotta plug in man, I'm jones'ng for some connectivity." "IP6? can't. My colon can't take the colons, 3 dots is all I can handle"
- a new mobile phone for each person
- a new computer
- a new [xbox|ps2|ps3|nintendo]
- a new modem
- a new ANYTHING that contains a network interface (ip4 address)
because its more economical viable to buy some new than to fix something we already have and all the old stuff (which is in perfect working order) ends up on a rubbish dump.... off course until we realize that the temperature graph is exponential, ouch!
to code or not to code, that is the question.
I work for a tiny IT company founded about 10 years ago. My boss bought an entire class C and had it until about 4 years ago when we restructured our network. At the time that would have been about 50 resolvable addresses per employee!
I swear to God...I swear to God! That is NOT how you treat your human!
Do it by halves. Use IPv5 to ease the transition.
Just move slashdot to an IPv6 only address; voilla by monday every corporate will have a functioning IPv6 setup... ;-)
I miss IPX. IPX would solve all IP addressing problems. ;)
In fact, if IPv4 truly were a subspace of IPv6, then what sources address would an IPv4-only host be seeing when it receives such a packet from an IPv6-only host?
It is perfectly possible to use both an IPv4 and an IPv6 stack simultaneously, and there are some NAT-like technologies that run on a router to give IPv4 connectivity to IPv6-only hosts, but you'll still need an IPv4 stack somewhere on your network to access IPv4 content.
Put the man who owns the internet out of business
2 0202
http://it.slashdot.org/article.pl?sid=07/05/23/22
And now to ensure this gets modded as Flamebait: there just aren't enough free-market thinkers on Slashdot.
Apart from full colour ASCII star wars, there's a free binary news server with 40+ TB data!
List of stuff.
See. She did something right for HP.
Engineering is the art of compromise.
ARS must have rushed the fact checking to get this article out. Truth is that ARIN does not, and has never, made a best effort at anything except to charge ISPs for address space and let them reap a 500 to 1000% profit reselling it. ARIN has done nothing substantive to promote IPv6, and ARIN looks the other way at hundreds of existing, unused, large IPv4 network allocations.
I've worked at Silicon Valley companies with multiple class B allocations that could have easily put them behind NAT gateways and firewalls. The University of California campuses have many class Bs and will tell you they "can't do NAT to the dormitories because it's too difficult to track". That's 65K address per class B and there are dozens of these, and several class As, that are just waiting to be reclaimed.
What these class A and B-owning organizations are doing is holding on to vacant land as long as they can, until it becomes valuable, at which point they hope to sell it at a big profit.
ARIN is doing the same thing by failing to reclaim these allocations. They're just waiting for demand to climb like California real-estate to begin cashing-in. This is exactly what Network Solutions/Verisign did with domain names when they had a government-protected monopoly. Have we forgotten so soon, one year domain registration was free (via SRI), and the mext year it was $100 per year per domain (via Verisign), despite actual costs of $7/year. This scenario should also be familiar to those who have had to change telephone area codes, sometimes more than once, until enough people complained (of course that was when the FCC was in Democratic hands. With Republicans the Telcos have once-again been cleaning up).
So believe the hype, but remember, if you fail to look a little deeper we will soon be paying the price, in increased ISP fees, for this wholly artificial IPv4 address shortage.
By 2010 we are going to see a lot of changes on the Internet
/.
The next protocol IPV6 will support secure internet acces to orphan children, to unmarried mothers, to the girls without parents, to people in the blacklists of the CIA, the FBI and Interpol, to the people wrong imprisoned, to the blind and imbeciles, to the jews, the african muslims, to the pakistanies, to the brazilian and vietnamese children, to the lebanese christians, to every GNU programmer in Vermont and of course, i will be using IPV6 from my grave on the pet cemetary.
That's what means "With liberty and *conectivity* for all"
The migration process is *not going to hurt...
?
Same thing that happened when popular domain names started running out. I'm sure IP addresses will go up for auction. Seems kind of silly though considering the space available in IPv6. But if you have people that need these addresses, someone will be willing to pay for them. I imagine some of the big names that got them free from the start will be making a lot of money, such as MIT.
The IPv4 addresses are a subset of the IPv6 space -- you can get to all of the IPv4 systems from an IPv6 network.
This is what IPv6 fanatics constantly FAIL TO UNDERSTAND. IPv4 addresses ARE NOT a subset of IPv6 addresses, because IPv4 and IPv6 are INCOMPATIBLE PROTOCOLS.
Let that sink in.
Just because there's some addresses within the IPv6 space that can map onto IPv4 addresses doesn't mean you've made the two protocols compatible.
I can't get to these embedded IPv4 addresses from my IPv4-only machine unless I go through extra hardware/software that tunnels or gateways the packets, basically converting them to IPv6.
And if there's an IPv4 address on the other end, I'll simply USE IPv4 TO REACH IT.
The *only* incentive for people to use IPv6 is if popular and useful web sites exist ONLY on IPv6. I.e., Google, Hotmail, whatever. Apparently, the IPv6 fanatics think that ISPs will happily upgrade their hardware and software just so that their IPv4 hosts can talk to IPv4 servers through some Rube Goldberg IPv6 network, waiting for the day that Google's IPv4 IP goes dark. No, that's not gonna happen.
If you can't comprehend what I've said, replace "IPv6" with "Fidonet" or some other protocol and think about it.
Ironically, IPv6 would solve this by making it possible for your IP address to be mobile, as I understand it.
But the problem with a VPN is, it means Apple needs roughly twice the bandwidth you're using, unless you were just going to connect to Apple anyway -- in which case, I don't see why they wouldn't just use 10.x.x.x and let you VPN in to that.
Part of me wants IP addresses to more closely reflect the physical layout. Which is kind of what I do with IPv4 right now -- 10.0 is my office, 10.1 is my home, 10.2 is my brother's LAN party, all tied together with VPNs -- 10.0.10 is the office VPN, 10.1.3 is mine... at the LAN party, 10.2.2 is known good machines, and 10.2.3 is the "ghetto", and they are firewalled from each other (but not from the game server).
And of course, another part of me wants the same IP to always go to my machine, whether it's at home or at the LAN party. I could use hosts, but DNS is too slow to update and hostfiles too annoying.
Maybe we need another layer between those... or maybe IPv6 solves all of this in some way that I just don't know about.
Don't thank God, thank a doctor!
Five Security Flaws In IPv6
It honestly amazes me the number of people who waste days installing a new Linux distro to get it "Just right!" (TM) and then go absolutely ape sh*t over a new network protocol. That's all it is... its no different than the new SATA or Firewire stack... which most people accept with open arms.
So... un-bunch your panties and repeat after me "change is good" and go to your local IPv6 broker... spend about hour or two setting up your systems for IPv6 and be done with it.
Was it that hard?
The answer is quite obviously no, to those in the know. Go to an IETF or NANOG meeting and ask if we're moving to IPv6 soon. The only difference in the response will be whether they think you realize that you just told a joke, thus either laughing with you or at you. We are not moving to IPv6 any time soon. Period. We will all be multicasting over the MBONE before we are using IPv6 in stead of IPv4 in any meaningful way.
they could just increase the rates for registering IP's, and start taking them away from the squatters that arent doing anything with their websites. How many bajillion crap sites without any content do we really need? start capping the number of IP's a person group or business can register depending on use and such...
Like anything else, sure it looks like we are running out, but if you look closely I bet there is a ton that are wasted.
"Jazz isn't dead, it just smells funny" ~Frank Zappa
EdelFactor
Yes, it would have the same prefix, but that's exactly the same level of anonymity that you have now with a single IPv4 address and NAT.
With v4, your router gets the address and then NATs it out to however-many devices you have. With v6, you'd get a block of addresses at the router, which it could then distribute via DHCP, or the machines could randomly assign themselves within. You're not losing anything there. Where you might gain something is in the ability to quickly switch IPs when traveling and connecting to an AP that's not yours (which is conceptually similar to performing a DHCP release-and-renew).
If you want plausible deniability, pretty much your only option is to leave your AP unsecured and hope that when the cops show up they buy it as a defense, or use some type of onion routing like Tor.
There seems to be a lot of fear and paranoia going around regarding IPv6, and I just don't get it. There's nothing you can do on IPv4 today that you can't do on IPv6, if you want to. Hell, if you're that attached to NAT, you can do it with IPv6 addresses just as readily -- it's just that it's stupid, because there's no longer any reason to since there's no address shortage, and there's really no privacy or security gained from it that you don't get by just rotating your IPv6 address.
"Ladies and gentlemen, my killbot features Lotus Notes and a machine gun. It is the finest available."
Oil out of supply in 1999, Global warming killing everyone in 2005, P2P piracy ends with Napster, Limewire, Kazaa.
Seriously it's all just FUD, There's an expiration date, but 2010? What happens when we make a few Class As into Class Bs? oh that's right, more time. I think the key is to figure out how to make the best "IPv6" and a way to make it so my old commodore 64 is willing to work with it (whether that be ISP level conversion or a inexpensive hub, note INEXPENSIVE)
Do I have a commodore 64? Not any more but the point remains there's literally a million devices out there only able to communicate with IPv4. There's actually a million people out there not willing to go through the hassle of going to IPv6 (and probably about that many who are unwilling to change) and if the way they are pushing to get people to switch with FUD like this, I'm guessing it's more than a couple million who don't want IPv6, so it's time to ask ourselves, how can we make IPv6 more attractive than staying with IPv4, and implement these ideas. IPv6 will likely overtake v4 one day, but come on, let's find a way to make people switch rather then just wait for it to happen.
I'm not. I think the vast majority of people don't need a routable IP address.
I think ISPs should make non-routable IP address available at a reduced cost, and only give out routable ones to those people/geeks who want them.
There are some ISPs here in China that give out static non-routable IP addresses to their customers (bluewave is one of them) and it works just fine for the majority. The problem is if there is no choice - we could always use DSL, so it was OK. IMO, it would have been better for bluewave to have two subnets, one routable and one non-routable.
I hear that some functions of the 2008 Olympic games will use IPv6. It'll be interesting to see how it works out...
Max.
clearly the real answer here is 42. we should skip right over IPv6 and go to.... IPv42
anything else?
"Jazz isn't dead, it just smells funny" ~Frank Zappa
EdelFactor
Actually the version designator of "5" was used for the Internet Stream Protocol, which is one of the reasons why they skipped from IPv4 to v6.
ST2 is apparently a protocol for setting up QoSed streams between computers for doing video and audio. Given that I've never heard of it, I'm going to go out on a limb and bet it was a flop.
"Ladies and gentlemen, my killbot features Lotus Notes and a machine gun. It is the finest available."
What are you talking about? You have to "slap down" your address to receive content with IPv4, too - otherwise, how would a server know where to send its response? And if you're paranoid to the point that you want to break your Internet connection for the sake of not divulging internal IP addresses, then yes, you can masquerade behind a single IP address on IPv6 just as easily as you can on IPv4.
Or you could perform more complex 1:1 address masquerading, the likes of which aren't possible on consumer IPv4 connections due to said address space crisis. This could be performed at the router to obscure any autoconfigured internal addresses which might have been generated from machines' MAC addresses; or you could take Microsoft's approach, and implement such features at the operating system level.
IPv6 offers more features and a much greater address space, with no built-in cost to privacy. Fearmongering by those who are unfamiliar with the new protocol will only hurt its adoption rate, to the detriment of the entire Internet community.
What's holding IPv6 back is two things: public perception that the change will be difficult
What's holding IPv6 back is that most people don't have a Cisco 2621 sitting at the headend of their home network; they've got some piece of shit Linksys or Netgear box (running the stock firmware -- the WRT54GL with one of the upgraded firmwares is decent) that doesn't speak IPv6 and never will. As a result, even moderately technically competent users -- the usual 'early adopter' crowd, but perhaps not real network experts -- are turned off from IPv6, because you have to shell out real dough for a router that supports it. [1] It's a chicken-and-egg problem: ISPs aren't going to roll out IPv6 until their customers start to demand it, or they actually do run out of v4 addresses; customers aren't going to demand it or start caring, because their hardware wouldn't support it even if their ISP offered it; hardware manufacturers aren't going to make hardware that supports it until consumers refuse to buy IPv4 gear (because they know this way, everyone will have to re-buy new stuff later, plus it's cheaper for them).
[1] I think the Apple Airport Extreme Base Station is the only 'consumer' router that does IPv6 out of the box, aside from it, to get v6 you either need to get a router that can be flashed with nonstandard firmware, or you have to get "real" networking gear.
"Ladies and gentlemen, my killbot features Lotus Notes and a machine gun. It is the finest available."
They don't allocate IP addresses, they allocate routes entry and with route entries, you get way more addresses than most need. The solution for this is to start allocating non-contigious /24... Force everyone to fix their routing and treat the wold as a 2^24 /24 ranges and get over it. To do this right requires less than 8mb of cache tag ram in most routers that want full feeds and enough ram to process the bgp routing updates.
Going to IPv6 doesn't fix the fact that routers are running out of routes. This problem will get plenty of attention in about 2 months when the big Cisco routers start to dump routes because they are too big and adding IPv6 only makes the problem much worse.
I'm not sure where you get the $100/year figure, because my wallet says it's been no more than $35/year since at least 1996, the same year Verisign was started (and before it got into the domain business). Perhaps NetSol charged more in the early days?
Same goes for us non-businesses that have their own personal Class C address space too...
Life is complete only for brief intervals in between toys or projects -- John Dalton
Back in the day there wasn't a "net"; we were worried about what would become of USENET. And the cry was "Imminent Death Of USENET Predicted", much like "Netcraft Confirms It" threads.
Back in '89 the standard joke was "Imminent use of deathnet predicted."
One issue is all the home users inadvertantly using NAT as a "firewall".
If one were to build a proper ipv6 router, they would need to (pony up the cash to) include a proper firewall, or educate the users. Good luck with either one.
For large sets, this will be our guide even unto death, for the LORD will work for each type of data it is applied to...
Well, yeah. That's the "Strategic IP Address Reserve."
"Ladies and gentlemen, my killbot features Lotus Notes and a machine gun. It is the finest available."
But if you talked to @Home's people as individuals rather than Corporate Employees, almost all of them would say "Well, Duh! Napster is the reason that people are *buying* broadband internet connections, of *course* we like it."
And, ok, the paranoia about servers on home cable modems was partly because their early trial equipment didn't work very well and they had no way to regulate individual upstream bandwidth usage, and PacBell's dishonest "Cable Modem Web Hog" ads made them really worried about perceptions of slow performance, but they were worried that somebody would run a pr0n webserver from home, become Cool Site of the Day because doing that on cable modem would be cool, and trash their neighborhood's network performance while causing a lot of publicity. And unfortunately most of the cable companies have not only not recovered from that attitude, they've been propagating it to the DSL providers, and they've been learning other cluelessly paranoid attitudes from the Australian ex-monopoly who thinks you should cap the total monthly download of their users (since that used to be expensive in Oz), and cap it to a ridiculously low level like 1GB/month, which is like 1.5 days of continuous 56kbps usage.
But when I had my corporate hat on, especially if I was talking to non-California customers, it was certainly much more proper to talk about the big internet usage being for music piracy than for pr0n
Bill Stewart
New Fast-Compression-only CPR http://preview.tinyurl.com/dy575ks
Nobody else makes shitty routers with WAY underpowered hardware that aren't remotely capable of performing the tasks they are sold to perform.
Many years ago, I worked at Network Appliance. For their webcache servers (which ISP's could use to cache popular pages for their users), every so often we could see what people were looking at. This was because once in a while the kernel would crash, and so we'd get a core dump back. Complete with images of what was in RAM.
For many (if not every) coredump, 90% of the web pages were porn. I kid you not. If you dont believe me, just go ask Guy Harris (yes, of Ethereal/Wireshark and other fame) as he was one of the top kernel debuggers back then.
This was truly depressing for someone who has spent much of his working life building up the Internet, from the protocols, to various UNIX OS's as well as other stuff. Yes folks, the major use of the Net is Porn. NetApp confirms it.
Sigh.
The stateful firewall you'd need on an IPv6 connection isn't inherently any more complicated than an IPv4 UPnP+NAT box. In order for NAT to work, the device performing the translation must keep track of all the individual connections; it's basically a stateful firewall already. If you can do that, then you can firewall IPv6 (provided you have the capacity for the longer addresses). You need a protocol, like UPnP, so that clients can request "holes" (so that things like FTP, Bittorrent, and VoIP work), but that's no worse than NAT right now.
Now, I think this is a completely crappy way to run a network, and I think we just need to get rid of the idea of firewalls completely (at least as a generic cureall, I'm all for retaining them for specific applications); security needs to be at the client level, not at the network-gateway level; as more and more devices become mobile, they cannot and should not ever assume that their local network is secure.
But unfortunately, people have gotten so used to the idea of firewalls that they're attached to them, particularly because it allows for a certain amount of laziness (running old, crummy operating systems on Internet-enabled systems, not patching, etc.) while giving the perception of safety. So I suspect that all IPv6 implementations will mimic the brokenness of NAT, at least initially.
"Ladies and gentlemen, my killbot features Lotus Notes and a machine gun. It is the finest available."
The IETF is most certainly not "in the know". And NANOG (sadly) has a hell of a lot more brainless corporate douchebags with agendas than legitimate experienced network admins. Those in the know are already using IPv6.
IPv6 has large address blocks - the smallest any organization (like your home DSL line) is likely to have is a
So unlike IPv4, where any machine you connect to on the net or anybody eavesdropping in between knows what IPv4 address you're using, and maybe they can find out from DNS or logfiles where that address is, with IPv6, they see your IPv6 address which tells them what machine you're connecting from. You can do things to change that (e.g. pick a different IPv6 address, or set the MAC address on your network card if it supports that), and if you control the network connection, you can set it any way you want. And these days you're probably still going to go through some firewall, there might be something NAT-like happening, or at least a proxy, or some 6to4 gateways.
But in theory, if everybody administered everything the way the IPv6 designers envisioned it, every time you plugged in your laptop to a different LAN, your MAC address would probably still be visible, which is really convenient for debugging and not so hot for privacy.
Bill Stewart
New Fast-Compression-only CPR http://preview.tinyurl.com/dy575ks
How many more times are we going to hear this?
the sky is falling.. the sky it falling!!
09 F9 11 02 9D 74 E3 5B - D8 41 56 C5 63 56 88 C0 45 5F E1 04 22 CA 29 C4 93 3F 95 05 2B 79 2A B2
Often the router can do it, but not well. We have this at work (a major university) with our stuff. It's all Layer-3 switches, which means that IPv4 is done extremely quickly via ASICs, with minimal impact on the CPU even for fairly complex sets of rules. However IPv6 is not accelerated. Thus you can turn it on, and it'll work fine so long as not many people use it, but if everyone tried, the router falls over as the CPU gets slammed. There are, of course, new supervisor modules that'll do the v6 routing on ASICs, but we don't have those and they aren't cheap (a few million dollars to upgrade all the core and edge routers that'd need it). Being that we are having our budget cut, this isn't something that's high on the list.
That's a large part of the problem with v6 is that it isn't as simple as many people think. You don't just enable it on your routers and expect everything to work well. There's a lot of high end gear in place that doesn't have hardware support for v6 and thus it all has to be done on the CPU, which is usually much less powerful than you'd think. It isn't a trivial amount of money to just replace all those, nor can they afford to turn it on in software and hope that usage is light enough that they don't get slammed.
Now as new gear gets put in to place, which happens all the time, this problem is slowly going away, however it's still a major problem right now. The routers on our campus may be about 6 years old, but they are still powerful units that do what we need, and we've no inclination to replace them. I'm sure big ISPs feel the same way.
Given that the IP situation isn't the crisis that some people keep wanting to make it out to be (I've heard this shit many times before) I imagine that the process will probably be slow, and equipment will be replaced for other reasons. However once all the equipment is IPv6 capable, organizations will probably start turning it on since why not. It isn't likely to be a big, hurried rollout, just a gradual shift.
XKCD's Map of the Internet says they've got 214.* and 215.* too.
(Really surprised no-one linked to that... plenty of green fields seemingly, though.
Claiming to be pedantic on Slashdot is asking for trouble
I'll pass on IPv6. The designers apparently have no clue, or were paid not to factor basic issues into the design like firewalls, NAT, and the fact that people don't want themselves locked to a block of ipV6 addresses for their ISP and everyone else upstream to log for data mining reasons.
Yes, people consider firewalls useless and say that clients should be where the security is at. I call BS there. Its far better as a security practice to have a single point of entry, and have it locked down, rather than wasting precious IT time and resources playing whack-a-mole with checking that every Internet-enabled device down to the toaster has a secure client.
Back then, you'd lose your stiffy by the time the next image loaded.
~Cheers~
This is especially if you don't want to be behind a NAT, and want to be able to publish web pages or serve things directly from your desktop. Limiting IP space and enforcing the use of NAT to protect its limits also keeps ISP's from having to deal with quite so many home pr0n websites and zombied servers sucking up their bandwidth.
Thats how I trained myself to use a left handed mouse after my right hand gave out from...typing.
http://michaelsmith.id.au
Look up IPv6 multihoming. Then look up IPv6 allocation policies. Add the two together. See that all the small ISPs have no incentive whatsoever to switch to IPv6.
/32, you get a /48 from a bigger ISP. But you want to be able to peer with more than just that ISP, so you talk to your other peers. They also give you a /48. And now you have to assign IP addresses from all those /48's to each server you have, or put very complex middelboxes (that NAT one /48 to another) to get connectivity on all /48's. And DNS servers with round robin AAAA records and incredibly short expiry times. See the incredible mess?
/32's to anyone, regardless of size. Too bad my company is European.
In case you're wondering what I'm talking about, it's the totally stupid IPv6 hierarchical prefix space. If you are not big enough, you don't get a globally peerable
And all because the IPv6 committee thinks that prefix growth is bigger than Moore's growth, so routers cannot cope with the whole prefix space. Which is ridiculous of course...
And the only RIR that gets it is ARIN, since they started allocating
--Blerik
Or downloading the Linux source code.
IPv6 doesn't force you to give up any privacy, and there's no 'user serialization' unless you buy into it voluntarily. Sorry, but that is just not true. There's some fuss in the air about IPv6 privacy extensions, which is basically bullshit. As an IPv6 customer, you'll typically get a
BUT: The whole
To illustrate my example, there's a IPv6 ISP in Germany that gives out even a
If we're not counting accountability, but just usage tracking on websites etc, easy: just don't treat every Ip address as unique (like in IPv4), but instead every
Continuous positive slashdot karma since... uh, maybe next year.
but that's no worse than NAT right now.
But it isn't any better either!!!
That is why IPv6 is failing. It provides no visible advantage to 99.9% of the community, and it has the disadvantage of requiring a lot of work to implement it network-wide.
It is like telling to consumers that they should have their car re-wired with a modern CAN network because that saves copper, makes the wiring simpler and is the modern way of doing things. And copper will be scarce in some future.
Nobody is going to do that because their car works fine and with the new network they find it more difficult to connect an old radio or old foglights. So why bother.
Using (P)NAT, it's possible to map each one of those (potentially) 65536 services on a single real IP address to a unique machine on a reserved IP address (in the 10.x.x.x, 172.16.x.x, 192.168.x.x ranges). Since the reserved addresses are not routable, they can be used an infinite number of times provided that they connect to the Internet via a single real IP address.
The point I'm trying to make is that only an Internet server needs to be identified by a unique port on a unique IP address, everyone else can get away with using NAT-ed reserved IP addresses. Therefore, the exhaustion of the IPv4 address space really isn't that critical in the short term.
Gentoo Linux - another day, another USE flag.
While ISP routers do supporto IPv6, this is not the case for the little router you have at home! ADSL, Cable, WiFi boxes... none that I know supports IPv6 ...
Can you imagine the nightmare of switching all those little boxes?!?!
Where is this magical place you all speak of?
In january 2038, regular 32-bit signed ints will no longer be able to store the number of seconds passed since 1970.
I take it you haven't been following IPv6 closely, since that hasn't been the case for about six years (see RFC3041). The MAC address part of the IPv6 address was never used as a substitute for ARP; doing so would have broken addresses assigned in different ways (e.g. stateful autoconfiguration, manual configuration), which were always allowed. The low bits are a hash of your MAC address, and so only a mapping from MAC to IP is possible, not the other way around. If privacy is a concern for you, then you can easily pick a different IP at pseudo-random.
I am TheRaven on Soylent News
is routers.
I thought about moving to IPv6, and then looked into routers and discovered that there are no cheap home routers that support it.
Which leaves me wondering how I'm supposed to move to it...
My Journal
Eeek, I remember doing such once. I left the computer on for about a week.
I am when im on my laptop in a parking lot of some coffee house.
Hold on, someone is at my window, 'yes officer?' * click *
---- Booth was a patriot ----
Nothing stopping you from using NAT, Mr. Paranoid.
Heck if you wanted to you could use NAT and change ips in your block once a hour if you wanted to.
Thats increased anonymity.
Why don't they make companies like HP & IBM release some of the huge ip space they have and don't use. They have very old MULTI CLASS A assignments but they go out and get new assignments even though they have plenty of unused space in the older ones.
Like Vista, Windows Server Longhorn will use IPv6 out of the box and IIS will be running it out of the box.
Microsoft will bring the transition to IPv6 to the masses- start date, this fall. Linux users will be fine, and Apple users will frantically try and download the OSX patch for a working IPv6 stack. Slashdotters, well they will scream MS sucks and who needed IPv6 anyways....
resort to NAT
What are you finding difficult about using NAT? Maybe one of the newbs here can volunteer to help you.
"Beware of he who would deny you access to information, for in his heart, he dreams himself your master."
One of the problems we're seeing with Virtualization is the increase of address space...
Hosting providers can now offer increasingly competitive rates on VPS plans that compete with standard shared hosting accounts. This means that the advantages we gained with HTTP 1.1 will be lost, and as VPS accounts grow in popularity, the address space will be consumed at alarming rates.
Personally, I'm allocating at least one new IPv4 address every day.
> Now, I think this is a completely crappy way to run a network, and I think we just need to get rid of the
> idea of firewalls completely (at least as a generic cureall, I'm all for retaining them for specific
> applications); security needs to be at the client level, not at the network-gateway level; as more and
> more devices become mobile, they cannot and should not ever assume that their local network is secure.
Firewalls are not a generic cureall, of course. They really only stop worms, for the most part (and make certain other kinds of much less common attacks rather harder). You still need other measures to deal with other kinds of threats. Nonetheless, the notion of doing away with them is completely unrealistic. Quite the opposite, we need to get to the point where everybody has one, including home users.
And yes, it is certainly true that the client device should not assume that the local network is secure. That has always been true, and assuming otherwise has always been a problem. (The now thoroughly aged book "Takedown" discusses an instance where trusting other systems on the local network allowed an attacker in from outside, and that was way before NAT became popular.) This does not in any way diminish the value of firewalls, however. You want to have multiple layers of security -- defense in depth, if you will -- because any one layer is likely to fail.
This is why if you have Windows XP systems on a network that's behind an IP Tables firewall, you still want to have SP2 and turn on the software firewall included with the OS. But doing so does not negate the value of the IP Tables firewall. That firewall that's built into Windows XP can fail and let something in that it shouldn't -- but it will have *different* failure properties from the IP Tables firewall, and a worm that wants to get at your workstations will need to get through *both*. The two measures strengthen one another. There are various other measures you can take as well, not least of which is avoiding client software with a very bad security record, e.g., Outlook.
Cut that out, or I will ship you to Norilsk in a box.
You want IPv6 adoption? Tell people it will deliver porn faster!
*tongue loll* More porn!
I don't know the meaning of the word 'don't' - J
NAT is here to stay, at least for home networks, even if IPV6 gains widespread use. The reasons as I see it are as follows:
1. Most home users are completely clueless when it comes to computers, networks, and security. NAT is a simple way to give them the benefits of at least a minimal firewall. Giving each device on their network its own unique IP address, making it visible to the world, without the benefit of even something as brain-dead as NAT would put these devices at risk. In fact, more than half of the people I've been asked to help with computer problems shouldn't be using a computer at all. They seem to think it's some sort of television set (i.e. check your brain at the door) or typewriter.
2. The vast majority of home users do not need to access the devices on their network from outside the home. They might need to tie into a private network *from* home, but those who need to go the other way are few and far between. So, this added functionality of IPV6 serves no useful purpose for most home users. Keeping the home network separate from the world won't make a difference to this majority.
So, as I see it, once IPV6 becomes widespread, it will pick up a version of NAT. Not only will this happen in the home, but in small to medium businesses as well. It's much too useful a tool to be abandoned.
"My country, right or wrong; if right, to be kept right; and if wrong, to be set right." --Senator Carl Schurz (1872)
At the same time, I agree that gateway firewall isn't designed to be and shouldn't be used for a complete solution. There must be other policies in place like the client level firewall, antivirus solutions, etc. But unfortunately, people have gotten so used to the idea of firewalls that they're attached to them, particularly because it allows for a certain amount of laziness (running old, crummy operating systems on Internet-enabled systems, not patching, etc.) while giving the perception of safety. So I suspect that all IPv6 implementations will mimic the brokenness of NAT, at least initially. I also agree that probably most networks that use a gateway level firewall (at least most that I have seen) have used it to hide less secure systems, and those systems should be secured rather than using the firewall to hide them, but this does not negate the usefulness of a gateway level firewall... people just need to use the tool for its proper purpose and stop relying on it for too much.
I disagree, though, that it should be gotten rid of in favor of purely client-level firewalls. Maybe there IS a better solution out there, but just getting rid of gateway-level firewalls for client-level ones without some sort of gateway-level protection will lead to many more problems than you will solve.
Mainly, I say that because of mobile devices... the parent made the case that mobile devices shouldn't automatically assume the network they connect to is secure. The same also works the other direction -- a network shouldn't automatically assume a mobile device connected to it is secure. The network cannot assume that a mobile device has the proper client-level firewall rules and security policy, and so a gateway-level firewall helps with that. Not that you should be allowing any random mobile device on your network, but unpredictable things can happen with all the mobile devices available today.
I have a better idea: Let's kick China off the net and reap their IP blocks, since they don't want our rampant free-thinking to infect their people anyway, and I certainly have never seen anything good come from those IP ranges. Then we can go after other bad neighbors. Sometimes when you run out of space (be it online or IRL), you don't have to go buy more space, you just have to do some cleaning and sorting.
-Billco, Fnarg.com
[100% ISO 646 Compliant]
SVM, ERGO MONSTRO.
Well, it worked for BitTorrent (http://www.wired.com/wired/archive/13.01/bittorre nt.html)!
I remember reading in a textboox years ago that Oxford had roughly the same number of addresses. This was the late ninentees so things might have changed. Regardless, I think there are many institutions that have WAY more addresses than needed.
Or what that be problematic?
("Dum dum dum... it's problematic!") 2 points for getting that quote.
Vote monkeys into Congress. They are cheaper and more trustworthy.
This sounds like a good mid-term investment opportunity. How can one profit from this upcoming need for infrastructure change? I'm guessing router manufacturers, who else?
Screw you guys, I got my IPv4!
--I'm so big, my sig has its own sig.
-- See?
Even the dept of energy knew this. Didn't they find some servers at Los Alamos a few years back being used as pr0n servers?
It is by the juice of the coffee bean that thoughts acquire speed, the teeth acquire stains. The stains become a warning
Is that why they keep saying "faster! FASTER!" in adult movies?
It is by the juice of the coffee bean that thoughts acquire speed, the teeth acquire stains. The stains become a warning
That's why is was all ASCII text pr0n back then. Nothing beat nudie pictures slowly appearing on a teletype terminal.
It is by the juice of the coffee bean that thoughts acquire speed, the teeth acquire stains. The stains become a warning
Bingo! As the number of available address shrinks let the squatting and bidding begin.
It is by the juice of the coffee bean that thoughts acquire speed, the teeth acquire stains. The stains become a warning
I wonder if Duke Nukem Forever will solely rely on IPv6 for networking...
NextDoorNikki is half my reason to get online alone. Mmmmmmmmmmmmmmmmmmmmmmm......
ought to be enough for anybody.
Someone had to say it. Besides, does anyone care to calculate the real amount of theoretically available public IP addresses, subtracting all the unrouted/multicast IP addresses?
Also, does anyone know how many addresses are still left beeing available?
1. Post articles predicting the end of world due to IPv4 exhaustion to scare the drones in management
2. Start an ISP focused on IPv6
3. ???
4. Profit!
If girls liked guys that were interested in them for their brains, they'd date zombies.
32 bits of IP address space + 16 bits of port space provided by NAT = 2^48 active connections
The Great IPv6 Experiment says:
o Start reclaiming now.
.edu's and such.
--We can still defer this "lack" of available IPV4 addresses for YEARS by de-allocating extra addys that people just plain **don't need to have** 24x7.
--Big example: Cable and DSL modems. Start incorporating a 1-hour Inactivity timeout on DHCP addresses that are being used by home users. 95% of the gen pop will not even notice, as long as we still have no-ip, dyndns, etc available for when we need it. You could even have an "opt-out" program.
--Reclaim the 4/5 STATIC IP addys that were stupidly given to ppl who didn't need them, when they signed up for some plan.
--Reclaim part of the HUGE Internet-addressable space that has been given to
--With decent management, starting NOW, we can prolly keep IPV4 going for the next 10-15 years, at LEAST.
.
== WolfriderV6 == I'm willing to admit that *I just might* be wrong... Are you??
Vista will only contact Active Directory DC over IPv6, and although Samba3 works over IPv6, it won't work as a DC [Dan Shearer]
David Holder has a more detailed presentation of this at http://www.ipv6consultancy.com/ipv6blog/wp-content /uploads/2007/05/samba-and-vista-with-ipv6v2.pdf
but to oversimplify, MS tried to prevent Samba from being an
AD Domain Controller by making IPV6 a prerequisite, with
strictly limited and temporary success (;-))
--dave
davecb@spamcop.net
So right now we have a flat address space of 32bits or so. Why not
create multiple internets, one per country lets say. Everyone
gets to keep their existing internet address. Its just encapsulated
within a country network.
In order to get to country A address B.B.B.B you have to use
a route. Each ISP would have a special router address that would
send packets to that country accross a "dedidcated" connection. Your
computer would know that when DNS assigns a "zip" for a particular
connection, it locks the routing for those packets to go out via
the local ISP dedicated router address.
Your computer knows what router to use because it got the "zip code"
for that route when it did the DNS lookup.
Yes, I realize there would be problems. But perhaps less problems then
with IPv6 adoption?
This is moving to a hierarchial model. And the extra address space
comes from the routing tables.
Its just an idea. Please be kind.
I keep everything updated quite well, thank you, and I still believe that you should have a firewall. However, I'd love to do away with NAT, and just use a bridging firewall, which is far less vulnerable to attack in that it doesn't have an accessible address (in fact I might just interface to it via serial console, with no IP interface.)
"You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
http://www.ipv6experiment.com/
Alvaro
What's the ugliest part of your body? Some say your nose, some say your toes, but I think it's your mind. -Zappa
640Kb ought to be enough for anybody.
factor 966971: 966971
Nope, what's holding back IPv6 is the fact that it is NOT backward compatible with IPv4, and there is no proper transition plan other than "everyone pretty please get IPv6 addresses". The IPv6 designers created a design that was bad for the public. Either they were stupid or they were evil.
What you are doing is not switching to IPv6, you're running IPv6 in parallel. That's _trivial_ when you still have IPv4 addresses available to use. Heck you can add Novell IPX to your networks, as long as your users still have a public IPv4 address to use everything is fine. Tunnel IPX to ipxbone.org or whatever, nobody cares.
BUT tell me, assuming you only have IPv6 addresses (and do NOT have any public IPv4 addresses on ALL your machines AND devices) how would you go about accessing IPv4 only sites? There are lots of IPv4 only sites, and they won't care about YOUR problem (that's how they will see it).
Option #1: someone will need to provide special NAT-like devices which allow tons of poor IPv6-only users behind them to share a very few IPv4 addresses on the devices in order to access IPv4 only sites. These special NAT-like devices or something else will also have to mangle DNS replies to convert DNS answers with IPv4-only addresses to DNS answers with special IPv6 addresses, this is BECAUSE the people who "designed" IPv6 decided to not make it easy for IPv6 and IPv4 to interoperate, there is NO IPv6 stack that will attempt to connect to an IPv4 address. There WILL be problems doing such NATing and dns mangling. So, ISPs will have to either give discounts for such IPv6-only services, or start increasing the costs for IPv4 services.
Option #2: give IPv6 users chunks of RFC1918 IPv4 addresses, to use to access the IPv4 world.
BUT doh, Option #2 is what's already happening now (seems one entire mideast country is practically behind a single IPv4 address or at least just a few). Gradually lots of users will have RFC1918 IPv4 addresses that come out via NAT at the ISP. And why should the ISP care about IPv6 at this point? They can have hundreds of millions of subscribers - just reuse RFC1918 addresses behind a few hundred real IPv4 addresses.
By this time the users would have been used to not being able to run servers (most don't anyway), they start to expect to have to pay BIG money to ISPs to be able to run servers - and that's how the ISPs will like it.
Anyway, if you are an IPv6-only _site_, you will NOT be able to serve all those customers/users who haven't got around to getting IPv6. So the reality is most sites WILL have to get IPv4 addresses, and pay to do so.
And the ISPs will be happy to charge big bucks for the increasingly scarce commodity called "public IPv4 addresses".
So why should ISPs and big companies even bother about moving to IPv6? It's all going their way - more control over their users. Users can only do P2P with each other, and they won't be able to do that over the "precious" links to networks owned by other ISPs. They only get to talk if the ISP "says so".
I think most of the problems of the Internet stem from it being designed by scientists who really have no clue about how to make things work for business and individuals. Reading the article you linked to, this is the message that comes across loud and clear.
He talks about how the IPv6 task force is concerning themselves with setting up NAT for IPv6 when 1) NAT isn't necessary with IPv6 and 2) No sites use IPv6 anyway! This is what they're doing instead of making a realistic transition plan that has any hope of actually happening.
Comment of the year
Much like the early days of IPv4... IPv6 is a classful system. This simply will never work. Even with the network part of your address being asigned by Magic(tm), it's still a pain in the ass. Does your DNS records also update by the same Magic(tm)? (NO) By forcing IPv6 into a classful world, they've actually significantly reduced the address space. This, btw, is the exact same mistake from the first days of IPv4.
Long ago I was thinking like most of slashdotters - why don't implement
IPv6 everywhere and problem will disappear. I thought that configuring
everything for IPv6 is not that a big deal. Now after years of working
at big ISP I see what are big obstacles.
In my case there are only two. But major.
1) My upstream providers don't want to implement IPv6, so in my case
i would have to use some tunnels to the outside. Tunnels are not
optimal solution, because you get tunnels to the places you can
and not those you want.
Upstream providers don't want to implement IPv6, because
- they have some big iron (see my second point, you will understant
what is all about)
- they don't want to spend time on doing that, because it always cost
money and there is no real benefit that you can count i $$$
- they don't want to spend even more time debugging, mantaining, etc.
of their IPv6-enabled infrastructure, once again because this doesn't
get them any additional money (sorry, but buissnes is buissnes)
2) I have a big iron, in my case it is old Catalyst 8540. It is old (not
yet rusty!), but it does it job perfectly. There was no new IOS
(switch operating system) for quite a long time. So there is no IPv6
support for it and there will never be. It is in backbone of my network
so everything depends on it. So if there is no IPv6 for my 8540, there
will be no IPv6 for my network.
Surely I can replace that hardware, but it will cost at least 20k USD
for refurbihsed Catalyst 6500. But how will convince my boss to spend
that money. Because of innovation, because of running out of public
IPv4 space?
If I even convince him, there is still problem of my upstream provides
which is quite serious. They have lots of big old hardware, which is
working fine and they will be not willing to replace that. Mainly because
of huge costs of hardware itself and of great amount of work doing
upgrades, reconfiguring, debugging and so on.
So I could have with some hassle IPv6 enabled infrastructure, but it will
end at my edge router. And it will be for years.
Most of what I've worried about is that there still doesn't appear to be a good solution for routing and address assignment for multiply-homed users, so there isn't really a good way to avoid routing table expansion as more and more businesses want to be at least dual-homed. Shim6 is an ugly hack even if they do get it to work.
Bill Stewart
New Fast-Compression-only CPR http://preview.tinyurl.com/dy575ks
Actually, the low bits ARE your MAC address, with FF:FE stuck in the middle. Look up EUI-64.
Lars T.
To the guy who modded me down from perfect to terrible Karma - Apple haters still suck
...I am telling you that 95% of end-users don't have a bleeping clue about how to administer a server. And if you can come up with a *USABLE* zero-admin server that *NEVER* requires patching, you have more brains than the rest of the human race put together. In the real world, real servers require constant monitoring and frequent patching. Joe lunchbox simply doesn't have the necessary skills. As for me, I could run a reasonably secure MTA *IF I ABSOLUTELY HAD TO*. Considering my hourly rate at work, I prefer to outsource that task to my ISP.
And *NO BLEEPING WAY* do I want my fridge/stove/TV/toaster/etc to be accessable to Russian gangsters to use for sending spam or mounting DOS attacks against the root servers.
I'm not repeating myself
I'm an X window user; I'm an ex-Windows user
ARIN, at least, lets ISPs register residential users in WHOIS without any personally-identifiable information. Of course, the details still must be provided to the cops when a subpeona is presented, but the same is true with IPv4. If you think you can hide from the cops (at home) with either, you're an idiot. If you want to hide from your neighbors, well, that's the default with both.
And they don't use their allocation!!!
$ host www.halliburton.com
www.halliburton.com has address 64.154.26.229
Your conclusion is made from insufficient data.
That's a Level 3 block - maybe they have a colo'ed webserver for the moveon script kiddies to attack, so their corporate pipe can be used for planning geopolicial masterpieces of puppy torture and cafeteria services.
My God, it's Full of Source!
OUTSIDE_IP=$(dig +short my.ip @outsideip.net)