Slashdot Mirror
IPv4 Address Crunch In 2 Years, IPv6 Not Ready
An anonymous reader writes "We've known for ages that IPv4 was going to run out of addresses — now, it's happening. IPv6 was going to save us — it isn't. The upcoming crisis will hit, perhaps as soon as 2010, but nobody can agree on what to do. The three options are all pretty scary. This article covers the background, and links to a presentation by Randy Bush (PDF) that shows the reality of the problem in stark detail."
It's not hard to figure out why we haven't solved this problem. It costs MORE to fix it now than it does to wait.
So just wait until it costs more to live with IPv4 than to migrate to new systems. Then EVERYONE will be working on a solution.
If IPv4 runs out and we can't use IPv6, then I guess we split the difference and use IPv5
Here is the story from a few weeks ago
And as I said before, the solution is to take back some of those huge class A blocks from companies like HP, Ford and GE, which are not using all the space. That would buy a few years.
People will move and applications will get ported to IPv6, but only when they HAVE To move to IPv6 OR when there is some benefit that outweighs the cost.
Simple.
Is this really a problem for most people? NAT really.
i'm sharing my blog ip address with a porn site dedicated to a fetish for women with moustaches, some guy's home security system in hong kong, a government bureaucrat's cell phone in helsinki, and an email server for a truck dispatching company waco texas
i think it's also a pretty good premise for a reality show or situation comedy
intellectual property law is philosophically incoherent. it is your moral duty to ignore it or sabotage it
And put China behind it. IPv4 addresses, plenty. Botnet problem, solved.
If they consider these addresses to be an asset that other people want, then there is going to be lawyers and dollars involved.
Remember, it takes 42 muscles to frown and only 4 to pull the trigger of a sniper rifle.
The shift will also depend on hardware vendors making sure that their hardware is completely ipv6 compatible. Even with quite a few vendors saying that their stuff is compatible, I know of a quite a few major bugs still lurking with those same vendors. Not many large companies are going to switch to IPv6 until they need to upgrade hardware, if their existing hardware is only IPv4 compatible.
One thing is rather clear to me: We won't run out of IPv4 addresses anytime soon, instead the price will increase more and more and thus people will end up behind ISP enforced NATs, because IPs are to expensive for the average consumer. This is after all already the case, at least in part, static IPs are a premium service, not something you get for free from most ISPs.
So how to fix this? How about some good old government regulation? If you want to provide a "Internet service", you have to provide IPv6 or you can't call it "Internet". With a little force it shouldn't take all that long till the switch to IPv6 is done. But unless that happens the rarity of IPv4 addresses will simply be seen as a nice way to make money, instead of a problem that needs to be fixed.
There are measures in place to try and aid in conservation as the migration occurs. RFC 3021 provides the ability to utilize /31 address space on point to point links instead of a /30. This will literally halve address utilization by point to point links (a significant use of space among carriers). It requires some work to renumber, but following that, space can be re-allocated for other things. Cores can also be built into v6 space before transported networks killing more space. Private space can be utilized for equipment management instead of utilizing public addresses for everything. There are many ways that at least on the carrier side, this can be pushed off a bit with a little work, while the v6 migration continues. Carriers are crafty, they will find a way to make it work.
All of that said, that just means I think we will find a way to get by until V6 is fully in place. Not that we should forgo finishing V6 migrations.
America will then become the Saudi Arabia of ip addresses. Price of oil will drop to something 200,000,000 barrels for one address. Woot!
sed -e 's/Chuck Norris/Rajnikant/g' joke > fact
The basic solution to this problem is to deploy IPv6 as soon as you can, figure out what problems remain to be solved before you can use IPv6 100% and then put pressure on your ISPs, vendors, etc. to solve these problems. That's how the Internet grew like topsy in the first place, and its not too late to get this going. Two to three years is enough time.
ARIN has published a web site which collects information about how to move to IPv6 here: http://www.getipv6.info/
It's oriented towards the things that ISPs and other service providers (hosting centers, large IT depts) need to do to get IPv6 working in production.
Soon, the stock market analysts will be asking the big ISPs and telecom companies what actions they are taking to avoid going bankrupt in two years when the crunch hits. Any company that can't get new IPv4 addresses will have to stop growing their IPv4 networks. If they have an IPv6 network to take up the slack, no problem. If not, then customers will flock to the providers that have IPv6 ready to roll.
There was a network operator meeting at NANOG recently where they showed that it is almost possible to provide full Internet access, both IPv4 and IPV6, using an IPv6 connection. Yes, I know, "almost" means there were problems, but they were not massive problems. They were the kind of things that people were working on fixing with IPv4 networks back in the early 90's. And they did that because they went ahead and built IPv4 networks and tried to make them work for everything imaginable. When things broke, they fixed the bugs and moved on, eventually becoming the global Internet that we know today.
There is a way to avoid going bust when the address crunch hits in two-to-three years and that is: Get yourself IPv6 Ready!
I think this article by Dan Bernstein is a pretty good read regarding this subject.
That is one way to do it, keep patching it up and hope it becomes somebodies elses problem.
The problem is simple, the way we want to use the internet means we are getting more and more devices which desire their own internet adress. Some people suggest solutions like NAT but these only have so many uses especially when mobile phones become internet capable. If you want your internet node to be independent then you need an ip adress.
Don't believe me? Fine, give up your internet connection with its own IP and use the NAT solution of your ISP. Good luck running a torrent.
We could easily solve the entire problem if we just used NAT for every major ISP. It would free up countless adresses and keep IP4 usuable for decades rather then years.
So who is first? Who is going to give up their IP for their home for the greater good?
Thought as much, absolutly nobody.
It is the problem with humans, we don't want new power installations, we don't want to use less power and we refuse to switch to more economical appliances. Something has to give, but goverment or business is NOT going to do it. Sooner or later it just breaks down (see the LA brownouts) and finally a decission will have to be made.
Same with a solution to IP4 limited adress space. We will keep coming up with patches and ignore the problem until finally it can no longer be ignored and then we will have to really bite down to implement it at great cost and inconvenience when we could have solved it easily right now.
Because lets be honest, it ain't all that much of a problem. In the EU we switched currencies. A hell of a job but because it became accepted that it had to be done, it just happened.
We could easily do a switch to IP6 but only when the majority just accepts that it has to be done, and bites the bullet.
Analog mobile phones no longer work in the US, holland no longer airs analog tv signals, switches happen all the time. It is nothing special, but in each case somebody just had to say "we are switching and if you are not ready, though".
So what if countless devices will no longer work, at a given point you just have to be able to say "upgrade or be left behind" or you will be forced to increasinly bend over backwards to accomadate out of date tech.
MMO Quests are like orgasms:
You may solo them, I prefer them in a group.
"... shows the reality of the problem in stark detail."
s/stark detail/comic sans/;
DJB said it best at http://cr.yp.to/djbdns/ipv6mess.html Why switch from an Internet with a billion people on it to one that has nobody on it that can't be reached by IPv4?
Everybody's a libertarian 'till their neighbour's becomes a crack house.
OK, I'm interested in technology, I know what IPv4 and IPv6 are, I know that there are many more advantages to IPv6 then to IPv4 etc. Yet I'm failing to see why I should care whether IPv4 addresses are running out or not.
But more to the point, what can I (as an individual who isn't part of the technocratic elite) do about it if I did care?
I don't code network stacks, nor kernel drivers, most of my software is written by someone else, and is automatically updated to fix problems and include new features.
I assume that by the time everyone else is using IPv6 I shall be too (simply by virtue of my software being updated).
So, why should I care? And what should I do if I did care?
I wank in the shower.
Squatter domains typically don't have unique IPs.
"Oppression and harassment is a small price to pay to live in the land of the free." -- Montgomery Burns.
1. Home routers that support IPV6 off the shelf.
2. Cable/DSL modems that support IPV6 off the shelf.
3. (The biggie) ISPs that hand out IPV6 addresses.
In a vain attempt to forestall the inevitable followups:
Yes, I am aware that I could install new software in my WRT-54G, and convert my home network to IPV6. But as long as my upstream connection is IPV4, this gains me NOTHING except a bunch of aggravation and downtime getting the thing set up. No thanks. When my ISP supports IPV6, then and only then will it make sense for me to convert.
Yeah, we always fall back on the government to help us out when us nerds aren't satisfied with how capitalism is driving the technological trends that need to happen.
But let's not forget those that went before us. Jun-ichiro Hagino, better known as Itojun, was one of the first researchers that was pushing for IPv6 since as long as I can remember (at least 2001). On top of that he was developing specifications for it and working through the BSD code to make it one of the first operating systems fully capable of being IPv6 compliant--starting a trend that needs to happen in more operating systems sooner. He even started documenting draft APIs to get developers thinking about how this would work inside software.
And then he died in a car accident at age 37. It's funny how you don't appreciate their work until they're dead. Almost like a painter or author.
Although many still carry on his work, the saddest part is that all his efforts to bring awareness to everyone about IPv6 may fall into the responsibilities of the government or, worse, capitalism.
My work here is dung.
As a commenter above posted, each of those companies with top-level blocks actually owns 16,777,216 IP addresses. These companies include IBM, MIT, Ford, DEC, AT&T, Apple and Xerox.
As big as IBM and MIT may be, do you really think they need almost 17 million IP addresses?
The company died and no longer needs it. Maybe I will put it up on ebay.
Undetectable Steganography? Yep, there's an app fo
Why? Your money is why.
/8s and /16s de-aggregate into 100s of thousands of individual prefixes. Is there any Cisco router right now that can handle a BGP IPv4 routing table of 2 million entries? Are you willing to scrap your entire Border Router investment in 2010 when the routing table grows from 300,000 routes to 750,000 routes? Do you know what the cost of a Cisco CRS-1 is, even if you can find one used?
If you want to continue to use an IPv4 address from your upstream ISP, you currently pay about US$10 per month for that address, more if you want a nice static address to run services on.
After 2012, or if one of the hair-brained free-market schemes to buy & sell netblocks comes into effect, the price your ISP has to pay for an IP address goes from ZERO to $10 or $20 per month per address. Currently, with a freely available pool of IP addresses, there was minimal cost associated with obtaining a netblock, just some administrative overhead to ask, and some technical cost to program the routers. ISPs discovered that they could charge US$30/month to a user, of which $10/month covers bandwidth, $10/month for the connection, and the remaining $10/month is the pure profit from renting you an individually addressable IP address.
When the crunch hits, IPv4 addresses will be accounted differently, no longer will they be seen as a free resource that earns $10/month, they'll be seen as a cost center that needs to have a margin associated with it. So if the company has to start paying even $1/month per address, they'll pass that cost on to the end users as a higher monthly fee.
In the end, those who don't have an IPv6 service with a migration strategy will see their internet connectivity increase in price. Maybe only a little in 2010, more in 2012, and if there isn't a mass migration to v6, significant costs after that. You, and every consumer, better hope that ISPs and hosting centers get a migration strategy in place soon, or your costs are going to skyrocket.
That was costs from the consumer PoV.
From the techie PoV, imagine what will happen to your router FIBs if some of those nicely aggregated
the AC
Hemos is like...sci-fi fans;he thinks technology is cool, but he hasn't bothered to understand the science it's based on
God damn, I'm tired of fighting this meme. Look, as I mentioned in another response, we allocate 10-12 /8's every year, and that rate is increasing. Reclaiming MIT & IBM's /8's would buy us at approximately 2 months at our present allocation rate. The negotiation to make that allocation possible would take far longer. Reclaiming space is not a useful activity at this time.
That you mentioned India might come up with a solution reminds me of a book I read that discusses in the context of game theory (primarily Prisoner's Dilemma) why people (Indians in particular) make poor decisions as far as society is concerned to maximize personal returns.
"Games Indians Play" by V. Raghunathan
ISBN: 9780670999408
The masses are the crack whores of religion.
One useful site I tend to look at on a regular basis is Lars Eggert's IPv6 Deployment Trends, it uses the Alexa rankings to find the top 100 sites for various countries. You could always argue that these aren't the most visited sites - but it does give you an idea.
The top 100 sites for all these countries comes to a big fat total of 0%. I'm not expecting fast adoption, but it would've been nice to see some progress being made with these sites. Even the two sites which I regularly visit that report about IPv6 stories (Slashdot and Ars Technica) don't even have IPv6 records!
I suppose I'm just as bad as none of my personal sites don't have IPv6 records either, but then again my server host doesn't provide any native addresses yet.
There is a lot of feet dragging going on, partly because too many business plans rely on short term spending. The irony is that some of the companies which you expect to be leading the way in IPv6 migration don't even have web sites that are IPv6 enabled. This includes IBM, Apple, Microsoft, RedHat and Cisco. I make the point because they should be picking up the torch now that research sites have already done their part, and showing that it is an achievable goal, and not some sort of pipe-dream. /. readers at the same time, should probably get to know and understand the technology, since it is not a question of whether it will happen, but when. When it happens if the IT crowd doesn't understand IPv6, then we really have issues.
If you want to get an IPv6 web site running there are number of solutions, including using Apache 2 with IPv6 support activated and making sure you have an OS that supports an IPv6 stack - most modern OSs do.
Migration technologies for people stuck behind IPv4 NATs include Aiccu and Teredo (Vista includes this, and for other OSs there is Miredo). If you are at home, then one of the 'consumer' routers to support IPv6 out of the box is the Airport Extreme. If others support it out of the box I am not aware of this.
When you are ready see the dancing turtle - if you don't see it you are accessing it via IPv4.
Other stuff you can do in the meantime is checking to see if some your favourite network based applications handle IPv6 and if they don't make some noise. Its best to make the noise now, when it doesn't matter so much, than waiting until it does. On the bonus side they can advertise the fact they are IPv6 ready.
Jumpstart the tartan drive.
At my company we have two main Cisco routers. One is about 7 years old and the other about 3 years old. The older one used to be able to handle full BGP routes but as the routing table grew and Cisco IOS bloat happened it's 128MB of RAM could no longer hold all that. I've had to trim it to connected routes and I can't update the IOS as all the current ones use too much RAM and wouldn't even work with what I've got it doing. So forget doing IPv6 on that one.
The other router isn't doing BGP and could probably handle IPv6. The problem then becomes all the machines on our network. Lots of legacy systems. If they can't handle IPv6 then we either have to replace them or have an IPv4/IPv6 gateway - another machine probably since I don't think the newer router could handle this.
The next issue then becomes our upstream providers. Neither of them are Tier-1 providers and neither offer IPv6 addresses yet.
Then there's the issue of network admins knowing how to use IPv6 addresses. I've been doing a bit of reading about them but until I start actually working with the systems it won't really sink in. I know my colleagues here haven't been attempting to learn anything about this and it will probably fall to me to educate them on this.
I'm not looking forward to any of this...
I foresee a - perhaps shortlived - opening for lots of filesharing.
I'm sorry if I haven't offended anyone
NAT will solve the problems, but why live with that when we can actually come up with a viable solution- IPv6? It will be expensive to implement because, like always, past engineers haven't planned for their 1970s technologies to ever go out of date, and whiny slashdotters will finally have to upgrade their windows boxes to Vista because XP has 1990s networking support (read that pdf if you don't believe me). But we'll end up with a significantly better Internet than if we just keep expanding NATs around more and more IP addresses to free up address space.. the way we're going, eventually (and keep in mind that "eventually" in computing usually turns out to be in less than a decade) you're going to have to be a multibillion-dollar conglomorate representing thousands of web hosting companies just to bid for a single 5-address block of address space... though the way inflation's going, little billy and his friends might be able to pool their allowance and come up with that kind of money :) But can you imagine how horrifying the architecture of the internet will be if the solution is NAT, NAT, NAT? Development in router design is already unable to keep up with traffic growth. How are you going to pay for a $100 million server farm just to manage the American Eastern Seaboard NAT, and can you imagine what the latency would be to go through a 10 terabyte NAT table? Might as well upgrade to IPv6, save yourself the trouble of trying to stay v4.
The logical way to go would have been to switch to IPv6 for everything in the core of the internet, working out to the edges, so that IPv4 was routed over an IPv6 network, without requiring anyone at the end points to change... IPv4 packets would be turned into IPv6 packets in the IPv4 subset of the IPv6 address space when they left the IPv4 endpoints, and then turned back to IPv4 if the destination didn't support IPv6. To access IPv6 resources you'd need a gateway that did both DNS and NATting, so your IPv4 lookup for an A record would be handled as a lookup for an AAAA record, and then a private IPv4 address would be assigned to that IPv6 address for you, and a fake A record comes back.
For many purposes proxy gateways would work just fine, with increasingly many programs supporting HTTP proxies for connectivity.
Why didn't this happen?
The untrue, but unchangeable, folklore of Google Adsensers (people who try to make a living via free search engine traffic to web pages that display Google ads) is that it's crucial for your Google rankings that your website be hosted on a server with a "static IP" (I don't know why people can't say "IP address" anymore in that community). These are the folks that will pay more, and more, and more for the privilege of having their own IP addresses as scarcity increases. Thus, Google money will ultimately and indirectly fund the switch to IPV6, as ISPs serving the hordes of must-have-my-own-static-address Adsensers will be able to afford conversion.
The best thing that can be done to accelerate this process is to perpetuate the myth that it's crucial for your search engine rankings to host your website on a server with its own static IP address.
You do realize that a single server with a single IP can host thousands of those websites?
Really? Using your own link, there were 12 /8 blocks allocated in 2007, leaving IANA with 43 available. Assuming we continue on the present allocation path of 10-12 per year, that puts IANA out of addresses ~ 2011-2012 with no growth in allocation rate. The problem is our allocation rate is increasing, especially in ASIA (responsible for 7 of the 12 /8 blocks last year). So, even with the data in your link, IANA will be out of addresses to assign to the RIRs in 2-3 years.
Yes, the RIRs will still have addresses to allocate to end sites when that happens, but the clock will have started ticking...if they need more, they're screwed.
At work, we use IPv6 for our VPN, and IPv4 for Internet access. All the separate LANs are using private IPv4 addressing, using NAT with static IPs on the external interfaces; OpenWRT-based routers (take a $70 ASUS router and re-flash it with Linux); and tinc VPN software to link the routers together with a private (unique local address) IPv6 subnet. Furthermore, I run a SixXS tunnel at our main server farm that lets me provide IPv6 Internet access to all the sites via the VPN: hence I have both public and private IPv6 subnets running concurrently. If you want automatic routing, you can use Quagga to set interface addresses, do route advertising, and use OSPFv3 or RIPng to manage the subnets.
http://www.openwrt.org/
http://www.tinc-vpn.org/examples/ipv6-network
http://www.wolfsheep.com/index.php/Bookmarks/IPv6
http://en.wikipedia.org/wiki/Unique_local_address
http://www.quagga.net/
Life is irony, and nothing ever goes as planned.
No one wants to run a publicly available site on an IPv6 address, as that would create problems, but the client side is easy to convert, as long is there is incentive. Few customers of major consumer ISPs need real IPv4 addresses, so most ISPs can run their networks on IPv6 and require their customers to have IPv6 enabled (XP, Vista, OS X and Linux can all do this). This would free a lot of IP addresses.
Clearly the market is not embracing this solution, partly because they don't want to force their customers into a transition, but also partly because the market is based upon the cost of procurement, rather than on future availability. Procurement has been cheap up until now. It's the same reason that gas is only about $3.00 a gallon (yes, I said only), despite the anticipated future scarcity. So there are three options:
It would also be nice to see some financially independent and influential non-profit organizations make the switch, like major Ivy League universities. They're the ones who should really be leading this because they don't have the profit motive that makes businesses shy away from what appears to be a set of risky changes.
There are plenty of IPv4 addresses to go around. It's just that they're literally priceless. With no price for an IP address or the routing that goes with it, there's no market. So surprise surprise, there's a shortage!
Why don't people listen to us economists when we tell you how to solve your problems? There's plenty of evidence for what happens when you DON'T listen to us.
Don't piss off The Angry Economist
The IPv4 crunch has been 2 years away for at least 10 years.
By the way, the idea of reallocating parts of Class-A blocks has been technically feasible for over a decade. Say hi to CIDR
Here's a completely random example: slashdt.org (obviously getting typo hits from slashdot...
According to This web site, that domain shares an IP with over 14,000 other domains!
W..w..W - Willy Waterloo washes Warren Wiggins who is washing Waldo Woo.
I do not know why since every IP4 address has exactly 1 IP6 address, the backbones could be made to run IP6, and at the edges, there would be a transparent 6 to 4 and 4 to 6 for those set of addresses. Big companies who converted to IP6 would directly continue to use their IP4 address in its IP6 format so IP4 users could communicate with them. Associated with each IP4 address is 2^16 IP6 sub addresses with the sub address 0 being the natural mapping for IP6 to IP4. If users were initially restricted only to the IP4 sub set of IP6, it still allocates each IP4 address 2^16 new IP6 address, so there would be no shortage for users with at least 1 IP address. An IP6 user (using this subset) setting up an connection would attempt to use IP6, but if the connection failed then the router would NAT the none zero sub address to IP4 subset address and try again.
The article claims that there is no good IPv6 test equipment. I know this to be false. The old test equipment we have in our lab at work (Adtech) handles IPv6 performance testing just fine, just as well as IPv4. Granted, we only have OC-48 adapters, but higher speeds are available. This will test for speed, dropped packets, out of order, etc. I would be very surprised if any modern test equipment did not natively support IPv6 since supporting IPv6 is basically required for any decent router, especially if you plan to sell to the enterprise or government market.
The biggest problem I see at this point in terms of equipment is that few home firewall routers support IPv6, plus it sounds like Windows XP is missing some needed functionality if it doesn't properly handle IPv6 DNS or AD. I have a small Linux network at home running dual IPv4/IPv6 and have had no issues with IPv6.
Most of the Internet backbones no longer do IP routing, instead using MPLS for making forwarding decisions. MPLS doesn't really care what protocol runs on top of it, only the routing protocols do (i.e. BGP) which do support IPv6.
This post is encrypted twice with ROT-13. Documenting or attempting to crack this encryption is illegal.
"At least NAT forces organizations to manage their internal address space and keeps some of the routing burden off our backbone. It also provides some extra security by keeping all those soft targets (client workstations) off the big bad Internet, even when people make a mess of their firewall."
NAT is a causes more headaches than it solves. For corporate clients that you don't want on the internet, firewalls which are no less complicated to configure than any NAT setup, can be used. It would takes less configuration and less processing power to do plain SPI with public addresses than do NAT + SPI.
Now think about that fact that IPV6 bumps up the address space 2^96 times. Imagine the burden that will place on routing tables.
Current routing hardware can handle it just fine.
Without very careful consideration IPV6 could knock the Internet back a decade
You speak as if that would be a bad thing. A decade ago, the internet was made up of peers. Today it's come to the point where a select few actually participate and the rest are only allowed to consume. Everyone being able to participate in the internet again would indeed set the internet back a decade.
I don't always use unix-like operating systems; but when I do, I prefer FreeBSD.
First of all, break up the "LEGACY" Class-A allocations. http://www.iana.org/assignments/ipv4-address-space. That'll free up a bunch.
All of the following companies have a full 16.7 Million addresses assigned to them. Level 3 might use theirs, (they actually have 2 blocks), but Halliburton? DEC? Amateur Radio Digital Communications? Do they all really need more than 16 million IP addresses?
This short list accounts for 654 million IP addresses -- over 15% of the address space.
"With sufficient thrust, pigs fly just fine. However, this is not necessarily a good idea...."
RFC 1925
Actually, some of the servers ARE v6 only, and indeed, IPv4 cliants out there cannot reach them at all. No NAT is happening for those servers.
The client machines, OTOH are either running dual stacks or they are NATing v6 prefixes into v4 addresses at the edges of their v6 network.