Slashdot Mirror

← Back to Stories (view on slashdot.org)

China To Run Out of IPv4 Addresses In 830 Days

Posted by CmdrTaco on from the blame-canada dept.

JagsLive writes "China is running out of IP addresses unless it makes the switch to IPv6. According to the China Internet Network Information Center, under the current allocation speed, China's IPv4 address resources can only meet the demand of 830 more days and if no proper measures are taken by then, new Chinese netizens will not be able to gain normal access to the Internet. Li Kai, director in charge of the IP business for CNNIC's international department, says that if a netizen wants to get access to the Internet, an IP address will be necessary to analyze the domain name and view the pages. At present, most of the networks in China use IPv4 addresses. As a basic resource for the Internet, the IPv4 addresses are limited and 80% of the final allocation IP addresses have been used."

31 of 619 comments (clear)

  1. 830 days? China? by suso · · Score: 5, Informative

    Try the whole world. According to this counter, the world will be out of IPv4 addresses in 768 days.

    1. Re:830 days? China? by ohxten · · Score: 5, Funny

      Really? I thought there was a separate internet in China...

      --
      Need an automatic screenshot taker? Try here.
    2. Re:830 days? China? by morgan_greywolf · · Score: 5, Informative

      There would be a lot more available addresses if companies that were given entire /8 blocks in the 80s and 90s (Ford, IBM, AT&T, Halliburton, etc.) were to give back those blocks. Most of those companies aren't even really using their /8 blocks anymore, with most of the addresses going unadvertised.

      --
      My blog
    3. Re:830 days? China? by Anonymous Coward · · Score: 5, Funny

      Shame Lehman didn't have a /8 block.

    4. Re:830 days? China? by mollymoo · · Score: 5, Insightful

      If 25 companies (are there even that many with /8s?) gave back their entire allocation, that would still only add 10% to the pool. That might buy a little time (a year, if we're at 80% and have two years left), but it's hardly going to solve the problem.

      --
      Chernobyl 'not a wildlife haven' - BBC News
    5. Re:830 days? China? by Prof.Phreak · · Score: 5, Funny

      Did the Chinese government move themselves to outer space?

      Nop. They've enabled NAT on their national firewall.

      --

      "If anything can go wrong, it will." - Murphy

  2. Uh Oh! by Smivs · · Score: 5, Funny

    Sounds like it will be easier than ever to ring the Wong number!

    --
    Smivs on the intertubes!
  3. Normal 'net access? by i.r.id10t · · Score: 5, Interesting

    Do any Chinese citizens even have "normal" 'net access now? Thought NAT was used heavily, not to mention the GFWOC

    --
    Don't blame me, I voted for Kodos
  4. Meet With Congress by mfh · · Score: 5, Funny

    To get a quick infusion of 700 billion IP4 addresses -- NOW!

    --
    The dangers of knowledge trigger emotional distress in human beings.
  5. What is the point in having a public IP address by jeffmeden · · Score: 5, Insightful

    When your WHOLE COUNTRY is behind a firewall? NAT the hell out of that! Flatten it to a /8 network in 10.0.0.0 and put it all behind one public IP. Problem solved!

    1. Re:What is the point in having a public IP address by Artraze · · Score: 5, Informative

      > When your WHOLE COUNTRY is behind a firewall? NAT the hell out of that!

      The firewall is more figurative than literal. My understanding is that it basically bans certain IPs/domains. That can be done with a stateless system, while a true NAT/firewall would need to track all packets of all connections of all users. Not impossible, but insanely expensive. Plus it would have the unpleasant side effect of actually firewalling China (i.e. no incoming connections), whereas now they just don't let you view certain things.

      The whole point is largely moot anyway. First, as was pointed out above, the entire world is estimated to run out in about 780 days, so they've apparently got more time then the rest of use. Second, the primary usage of IPs comes from blocks assigned to institutions and businesses, with the latter _requiring_ incoming connections. Could a business have one public IP and NAT/load balance their servers and whatnot? Sure, but they could always switch to IP6, which is gonna be a lot cheaper than all these NATs

  6. Netizen? by Anonymous Coward · · Score: 5, Insightful

    Netizen is really stupid word, we really don't need more buzzwords.

    1. Re:Netizen? by jbeaupre · · Score: 5, Funny

      Worse, they are using "netizen" to describe people who aren't on the internet. Kind of like calling someone a pilot if they would someday like to fly a plane.

      --
      The world is made by those who show up for the job.
  7. Q: Why is starting in the Subject: line annoying? by DNS-and-BIND · · Score: 5, Funny

    A: Because it breaks the flow of a message.

    --
    Shutting down free speech with violence isn't fighting fascism. It IS fascism!
  8. HP by QuietLagoon · · Score: 5, Interesting
    When HP acquired Compaq, HP also got DEC's /8 block of IP4 addresses. Now HP has at least two /8 blocks of IP4 addresses.
    .

    C'mon HP, be a good netizen and give back the bulk of those IP addresses. Try using NAT instead of hoarding IP addresses that others so desperately need.

    1. Re:HP by fprintf · · Score: 5, Interesting

      Sorry, I should have previewed!

      If I were HP (or Ford or AT&T), I wouldn't be a good "netizen" before giving consideration to what the blocks of /8 addresses are worth. If they wait another 365 days or so, perhaps folks will start getting desperate enough to pay for them. Can you imagine the value those addresses will have to a rapidly expanding internet enabled population, like China, that also has the means to pay for it? It might be a whole lot cheaper for China to buy the blocks than implementing iPv6, even at an exorbitant, over-the-barrel rates HP might be able to get.

      On the other hand, what is being a good player in the internet enabled worth anyway? Is there some intrinsic value in being good, or using the Google philosophy "Don't be evil"?

      I say hold out for a while.

      --
      This post brought to you by your friendly neighborhood MBA.
  9. China will be first to use IPv6 by QuoteMstr · · Score: 5, Insightful

    I predict that we'll see China begin to use IPv6 addresses before most other people. Why?

    • Extreme scarcity of IPv4 addresses: China gained internet access well after the era of enourmously wasteful address assignment ended.
    • The great firewall is always set up as a traffic relay. Not only does it provide a natural point to set up an IPv6->IPv4 NAT gateway, but running IPv6 internally makes it that much more difficult for dissidents to bypass the firewall.
    • China's strong central state would allow mandating of IPv6 and near-instantaneous implementation.
    • Chinese sites are accessed by relatively few non-Chinese. Therefore, the penalty for running an IPv6-only site inside China would not be very great.

    Granted, I'm no fan of China's human rights policies. But it definitely has an advantage in terms of adopting IPv6. Hopefully, when China switches protocols, it'll catalyze the rest of the world to do so as well.

  10. In other news by augustz · · Score: 5, Interesting

    Slashdot runs it's 15th story about IP addresses running out "real soon now". The first was something like 5 years ago :)

    These stats ignore the fact that there are huge available allocations that can go behind NAT's. An ISP can NAT big chunks of its user network. Charging even a modest amount per IP would free up huge numbers of IPs. There are abandoned blocks (companies out of business) and wildly oversized blocks (MIT etc).

    Plus, we've been hearing these stories for years. The idea that the internets resources are going to become ipv6 anytime soon is unlikly. So folks are going to figure out a way to manage the existing pool, where there is lots of room for improved efficiency.

    Fun to keep on reading these stories... they're always written as breaking news :)

  11. Don't worry... by flowerp · · Score: 5, Funny

    the LHC will end it quicker than that. They estimate some 90 days until they've got their repairs done ;)

    --
    --- Eat my sig.
  12. They'll just do what they always do by Centurix · · Score: 5, Funny

    Impose a one IP address per family rule...

    --
    Task Mangler
  13. It's more annoying if subject and post don't... by clickety6 · · Score: 5, Funny

    Pease porridge hot
    Pease porride cold
    Pease porridge in the pot
    Nine days old!

    --
    ----------------------------------- My Other Sig Is Hilarious -----------------------------------
  14. NAT is not a solution by QuoteMstr · · Score: 5, Insightful

    NAT is not a solution. It's a huge, gigantic clusterfuck of a problem. Some people only started their careers after NAT was widespread, so they can't imagine how wonderful the world is without it. The internet is much simpler when you can assume that all nodes can directly address all other nodes.

    Look: this is what we've done.

    In the beginning, each endpoint of a TCP (or UDP) connection looked like this:

    [octet][octet][octet][octet][16-bit port]
    [(------- host-------------)(--service--)

    Each octet was routed hierarchically, and the port acted as an additional level of routing within a single node.

    With CIDR, the model moved to this:

    [32-bit opaque address][16-bit port]
    (-------host----------)(--service--)

    This change didn't hurt anything, aside from an increase in router complexity. Allowed the 32-bit address space to be used much more efficiently.

    Now with the IP address shortage, the situation looks like this:

    [48-bit address]
    (----?---------)

    Note how we've lost the distinction between host and service and smushed them all together into one huge opaque number. We've caused ourself lots of problems with this:

    1. One can no longer tell which service is being used based on part of an endpoint address (i.e., the port.). Firewalls, proxies, and so on become much more complicated.
    2. Only part of the endpoint address is provided by DNS. (I'm ignoring SVR records, which nobody uses.) Thus, part of the address needs to be hardcoded:
      • Every damn piece of software has to have a knob to control what port to use.
      • When software is too much trouble to configure, we use hardcoded port-parts. Consider SMTP and HTTP. When the port-portion of the big smushed address is hardcoded, Herculean efforts have to be made to route these services through NAT. Good luck if you want to run more than one SMTP server behind a given NAT gateway.
    3. 48 bits still isn't enough to satisfy growing demand. What happens when you can't address the endpoint you want even if you use all the address bits and all the port bits? Do we start piling on in-band multiplexing? Should every protocol necessitate something like HTTP 1.1's host header?
    4. Getting a publicly-routable endpoint address involves talked to one or more routers, which may or may not allocate a port for you. And this portion of the endpoint address is highly dynamic.
    5. Because of the last reason, protocols that involve callbacks are complicated. FTP, for example, made perfect sense in the days before NAT. Now, it's viewed as a problematic pain in the ass that always needs special NAT rules and connection tracking to accommodate it.

    These days, instead of saying "connect to mydomain.foo.cx", for example, you have to say "connect to mydomain.foo.cx at port 12345". That's out of band address information, and should never be needed. Imagine if DNS only gave you the first three octets an IP address, and every application requires you type in the last one in manually. That's what the world is like today!

  15. Blocks vs. sub-blocks. by DrYak · · Score: 5, Informative

    So the world runs out of addresses before China runs out?

    The world will run out of new blocks to allocate (as in "254.xxx.yyy.zzz"), before China gives out all addresses in the allocated blocks it has (as in "www.254.254.254").

    Nonetheless, IPv4 can only provide a little lower than 253^4 different addresses. What makes it worse is that it's allocated in chunks (some chunks are reserved like the 127.x.y.z family - other addresses may be free but land in a range which is allocated to some company and thus can't be used by your computer).

    Thus even if some providers use dynamic IP (only those machine which are connected have an IP address - thus an ISP needs a chunk only as big as the number of simultaneously connected users, not as the total number of subscriber), and lot of router use NAT (only 1 single IP address is visible on ther internet. all the machine are visible through this address and use a private address on the internal network),
    in a world where everything including your fridge is connected to teh interweb 24h a day, 7 days a week, we will quickly run into a situation where no more IPv4 address can be assigned to a new machine :
    - the ISP has ran out of addresses in its chunk because there are more simultaneous connection (because everyone stays perpetually connected) that there are free address in the chunk (china will reach this point in 2-3 years)
    - and there are no more new free chunk to allocate for the providers (all are already either reserved like the 10.*.*.* and 192.168.*.* range, or have already been allocated to others) thus now way to give more chunks with more IP to the ISPs (the world will reach that point too in about 2 years).

    --
    "Sufficiently advanced satire is indistinguishable from reality." - [Tips: 1DrYakQDKCQ6y52z6QbnkxHXAocMZJE61o ]
    1. Re:Blocks vs. sub-blocks. by truthsearch · · Score: 5, Informative

      In our small business IP telephony is handled with DHCP. All calls get routed through an asterisk server. So we only need one static IP address for the whole phone system. We need asterisk as a PBX anyway, so it's no extra fuss.

      --
      Developers: We can use your help.
    2. Re:Blocks vs. sub-blocks. by Bryansix · · Score: 5, Informative
      Actually NAT DOES provide some sort of security. That is because by default nobody can see which devices sit behind the NAT. They also can't directly address them. So you want to see if your milk expired at home while you are at work so you can buy more if you need to? That problem has been solved. Your fridge had NO problem making outbound connections. It CAN upload the latest stats to a website that either you host yourself or a service from your fridge manufacturer. Need a better solution? Map the Public IP of the NAT but with a high unused port number to your fridge. Then whenever you connect to your SINGLE IP address but on that specific port it will serve up the stats on the fridge.

      See there are two solutions already to your perceived problem.

      Does your small business with 60 employees want to use IP telephony? In this case, each PC (or each telephone) needs a public IP. You can get away with routing this at the application layer, but why bother when it doesn't actually gain you anything?

      Wrong! I deployed 100 Hosted VOIP phones in a NAT environment. My Router has 11 public IP addresses but the phones all use the same one. If I used SIP trunks instead it would be the same deal. Only the phone server would need a public IP for the SIP trunks; not each phone.

    3. Re:Blocks vs. sub-blocks. by gnick · · Score: 5, Funny

      So you can connect to your fridge and see if your milk has gone off from outside your home?

      No problem. Just forward port 6969 (the standard port for FAP or Fridge Access Protocol) to the 192.168.1.x internal IP assigned to your fridge. Then you can FAP anywhere you have Internet access.

      --
      He's getting rather old, but he's a good mouse.
    4. Re:Blocks vs. sub-blocks. by gnick · · Score: 5, Funny

      Doesn't matter - the IPv4 shortage is a myth.

      DeBeers actually has plenty, but they're being hoarded away in vaults in Antwerp to keep the price artificially high.

      --
      He's getting rather old, but he's a good mouse.
    5. Re:Blocks vs. sub-blocks. by nutrock69 · · Score: 5, Funny

      Going with your fridge analogy, why should it be a bad thing for a grocery store to connect to all the fridges it knows about in order to tell them about new products?

      Dear Fridge,
      You're out of SPAM!
      - the grocery store

  16. There's plenty of addresses left by StoatBringer · · Score: 5, Funny

    We've only used half the available numbers.
    Just start using negative numbers: -248.100.-97.-201

    --
    Cress, cress, lovely lovely cress
  17. Peak IP4 is a Myth by TimeTraveler1884 · · Score: 5, Funny

    Peak IP4 is a myth; there are still plenty of addresses buried in the Canadian tar sands. However, in the short term, the only solution is to lift the ban on coastal drilling for IP4 addresses.

  18. Re:More to the point by Mister+Whirly · · Score: 5, Funny

    "Just how lazy are you?

    As much as technology will allow.

    --
    "But this one goes to 11!"