Slashdot Mirror
IPv4 Address Crunch In 2 Years, IPv6 Not Ready
An anonymous reader writes "We've known for ages that IPv4 was going to run out of addresses — now, it's happening. IPv6 was going to save us — it isn't. The upcoming crisis will hit, perhaps as soon as 2010, but nobody can agree on what to do. The three options are all pretty scary. This article covers the background, and links to a presentation by Randy Bush (PDF) that shows the reality of the problem in stark detail."
Here is the story from a few weeks ago
And as I said before, the solution is to take back some of those huge class A blocks from companies like HP, Ford and GE, which are not using all the space. That would buy a few years.
The basic solution to this problem is to deploy IPv6 as soon as you can, figure out what problems remain to be solved before you can use IPv6 100% and then put pressure on your ISPs, vendors, etc. to solve these problems. That's how the Internet grew like topsy in the first place, and its not too late to get this going. Two to three years is enough time.
ARIN has published a web site which collects information about how to move to IPv6 here: http://www.getipv6.info/
It's oriented towards the things that ISPs and other service providers (hosting centers, large IT depts) need to do to get IPv6 working in production.
Soon, the stock market analysts will be asking the big ISPs and telecom companies what actions they are taking to avoid going bankrupt in two years when the crunch hits. Any company that can't get new IPv4 addresses will have to stop growing their IPv4 networks. If they have an IPv6 network to take up the slack, no problem. If not, then customers will flock to the providers that have IPv6 ready to roll.
There was a network operator meeting at NANOG recently where they showed that it is almost possible to provide full Internet access, both IPv4 and IPV6, using an IPv6 connection. Yes, I know, "almost" means there were problems, but they were not massive problems. They were the kind of things that people were working on fixing with IPv4 networks back in the early 90's. And they did that because they went ahead and built IPv4 networks and tried to make them work for everything imaginable. When things broke, they fixed the bugs and moved on, eventually becoming the global Internet that we know today.
There is a way to avoid going bust when the address crunch hits in two-to-three years and that is: Get yourself IPv6 Ready!
1. Home routers that support IPV6 off the shelf.
2. Cable/DSL modems that support IPV6 off the shelf.
3. (The biggie) ISPs that hand out IPV6 addresses.
In a vain attempt to forestall the inevitable followups:
Yes, I am aware that I could install new software in my WRT-54G, and convert my home network to IPV6. But as long as my upstream connection is IPV4, this gains me NOTHING except a bunch of aggravation and downtime getting the thing set up. No thanks. When my ISP supports IPV6, then and only then will it make sense for me to convert.
Pavlov. Does this name ring a bell?
Unless you have port forwarding (or how do you kids call it these days)
But you don't "own" that netblock, you were allocated it from ARIN for a single use.
Put it on eBay and ARIN will then send you a polite email about how they have now reclaimed the netblock since it obviously no is no longer being used for it's original declaration. They will then turn around and allocate it to the next demand in their queue. They have all the authority, you have none.
If your sale goes though on eBay, for selling something that did not belong to you, you have committed fraud. I hope you have put aside some of your windfall for legal fees.
the AC
Hemos is like...sci-fi fans;he thinks technology is cool, but he hasn't bothered to understand the science it's based on
There is a lot of feet dragging going on, partly because too many business plans rely on short term spending. The irony is that some of the companies which you expect to be leading the way in IPv6 migration don't even have web sites that are IPv6 enabled. This includes IBM, Apple, Microsoft, RedHat and Cisco. I make the point because they should be picking up the torch now that research sites have already done their part, and showing that it is an achievable goal, and not some sort of pipe-dream. /. readers at the same time, should probably get to know and understand the technology, since it is not a question of whether it will happen, but when. When it happens if the IT crowd doesn't understand IPv6, then we really have issues.
If you want to get an IPv6 web site running there are number of solutions, including using Apache 2 with IPv6 support activated and making sure you have an OS that supports an IPv6 stack - most modern OSs do.
Migration technologies for people stuck behind IPv4 NATs include Aiccu and Teredo (Vista includes this, and for other OSs there is Miredo). If you are at home, then one of the 'consumer' routers to support IPv6 out of the box is the Airport Extreme. If others support it out of the box I am not aware of this.
When you are ready see the dancing turtle - if you don't see it you are accessing it via IPv4.
Other stuff you can do in the meantime is checking to see if some your favourite network based applications handle IPv6 and if they don't make some noise. Its best to make the noise now, when it doesn't matter so much, than waiting until it does. On the bonus side they can advertise the fact they are IPv6 ready.
Jumpstart the tartan drive.
I'm so glad someone else is aware of this problem, NAT can't be infinite, or even large.
/24 (251 usable addresses) into a single external IP address. For an office with about 120 active machines, the NAT box (biggest, beefiest box they made at the time) completely fell over. With only light internet use, the NAT tables filled to take over all of the outgoing 65k ports in short time. That was in 1998, when most internet use was web pages, some email and simple IM. At the time, they recommended no more than a /26 (59 usable addresses) per external address.
;-), there will be between 200 and 300 embedded elements or links to affiliate sites and advertising partners. So every pr0n page view going through NAT takes 200 new external ports, with associated timeouts and state tables. A typical pr0n user (I'm guessing here, you the /. reader can supply your own values), can open a dozen or more pages in tabs in a relatively short period of time, leading to 10s of thousands of entries in the NAT state table. Remember, you have 65,533 maximum entries in the state table for a single external IP, or for a typical saturday night in basement-dweller-land, about 4 machines.
I saw a Cisco presentation years ago on their experiences from rolling out NAT internally. They started with an address overload of a
Move forward to 2007, and I made an updated presentation (for Cisco and non-Cisco NAT kit) that took into account all the new kinds of traffic we see, office workers who listen to internet radio, streaming video, youtube, multimedia conferences with H.323, peer-to-peer apps like Skype, other internet telephony apps, etc. Turns out that more than 15 to 20 active office users stuck behind a single overloaded external address would be the limit, even with a tight policy to prevent non-work traffic.
It is much worse for ISPs with home users, who are not limited by workplace rules against peer-2-peer for popular TV shows or looking at pr0n pages. If you look at the typical pr0n page (it was a tough job, but I did it in the spirit of improving my understanding of the industry
Don't get me started about how many NAT states a typical 3Mbyte facebook page can open, and leave open for quite a while.
If you think you can hide many ISP customers behind NAT, there are limits if you don't want a ton of calls to the support lines when your users can't effectively use the net. For modern home connections, that already have a NAT box with a handful of machines behind the NAT (Mom keeping 20 eBay pages open and doing Skype, Dad doing gaming, teenage son looking at pr0n and daughter with 20 different IM chats going while she P2Ps the latest TV episode and looks at 50 different bebo and facebook pages), you just can't NAT much more than that.
That post was the voice of experience, if you want the nice real-world figures in a printed report and a keynote or powerpoint presentation to your CTO, you have to give me money.
the AC
Hemos is like...sci-fi fans;he thinks technology is cool, but he hasn't bothered to understand the science it's based on
I must then be imagining the public web server that I run over my NAT'd DSL connection.
You probably are if you are really behind an ISP-run NAT. We're not talking about the Linksys router that you can tell to forward port 80. We're talking about the ISP handing you a non-routable 192.168.x.x address and not forwarding anything to it. Outward-ONLY connections...
The IPv4 crunch has been 2 years away for at least 10 years.
By the way, the idea of reallocating parts of Class-A blocks has been technically feasible for over a decade. Say hi to CIDR
China, Korea, Japan etc. use lots of ipv6. I've been there, seen it, helped set some up. There is a whole Internet out there full of asian language websites out there that we don't even know about because our english only Internet doesn't link to it. Go to a cyber cafe in Hong Kong, Beijing, Seoul, and you'll see what I mean.