Slashdot Mirror
Vint Cerf Keeps Blaming Himself For IPv4 Limit
netbuzz writes "Everyone knows that IPv4 addresses are nearly gone and the ongoing move to IPv6 is inevitable if not exactly welcomed by all. If you've ever wondered why the IT world finds itself in this situation, Vint Cerf, known far and wide as one of the fathers of the Internet, wants you to know that it's OK to blame him. He certainly does so himself. In fact, he does so time and time and time again."
Is this a backwards opportunity taken for asserting that he is one of the Fathers of the Internet?
Cool. Now that we've assigned blame, hopefully we can move forward with FIXING the problem.
Since there is already a fix available (IPv6), if/when this DOES become a problem, THAT problem should be assigned squarely on the shoulders of the people who failed to implement the FIX in a timely enough manner.
This space for rent. All reasonable inquiries will be entertained at proprietors discretion.
... to quote that hilarious line from Idiocracy.
In Liberty, Rene
Vint Cerf should blame himself for the IPv6 mess instead.
Have you got your LWN subscription yet?
It's a good thing IPv4's address space is 32-bit. Without that limitation we'd never move to IPv6 and get all of the other benefits that it offers.
Slashdot: Failed Car Analogies. Amateur Lawyering. Anecdote Battles.
There isn't a true shortage with companies that are hording large blocks of IP addresses. Example HP has 2 class A address blocks among others which gives them over 32 million IP's. With all the mergers that have happened why isn't there a process to recover address blocks that can be reused properly.
Part of the problem is that no one thought of recovering address blocks when companies merge. You can't tell me that HP needs 32 million plus IP's?
There is also the fact that both companies and ISP's can use the Private blocks and NAT for internal and only use routable blocks for devices that need them.
It all boils down to miss management of the address system which could be changed to extend the life of IPV4 and make it more efficient.
In a speech around 2004, I remember Alan Cox said that the reason IPv6 wasn't advancing was that big software players were afraid to adopt it before it turns 20 in case there are submarine patents / patent ambush.
Anyone got links to confirm / disprove this theory?
http://en.swpat.org/wiki/Patent_ambush
Expert in software patents or patent law? Contribute to the ESP wiki!
Here's an interview where he says it:
http://www.velocityreviews.com/forums/t576610-alan-cox-on-software-patents.html
"""Alan Cox: The same has happened with IP version 6. You notice that everyone
is saying IP version 6 is this, is that, and there's all this research
software up there. No one at Cisco is releasing big IPv6 routers.
Not because there's no market demand, but because they want 20
years to have elapsed from the publication of the standard before
the product comes out -- because they know that there will be
hundreds of people who've had guesses at where the standard
would go and filed patents around it. And it's easier to let things
lapse for 20 years than fight the system."""
(More info would be good - any other prominent techs saying this?)
Expert in software patents or patent law? Contribute to the ESP wiki!
It was pre-home computer revolution and nobody thought computers would shrink to the size of everybody's pockets (cellphones). Nobody thought we'd be using machines will a billion bits (or more) or memory. Back than ~4000 was considered a lot (it was the hardcoded limit for the Atari console). Everything was smaller in scale, and Mr. Cerf is not to blame for not predicting the invention of the Web Browser (killer app) and how it would reach into every facet of our lives.
Only those with no imagination---
I can say with a great deal of confidence that plenty of us knew what was coming.
Now who do we blame for 32-bit time_t on 32-bit iron? There's a relatively new OS that lots of people use today that didn't have any ABI concerns when it was in its infancy, yet its creator didn't have the vision to see beyond doing pretty much what everyone else had done before him. (And I won't name him because then I'll just get modded a troll. But I bet you can guess who it is.)
... the lesson learned is that whenever you are planning on building something technical, be sure to go wayyyy overboard on the size and scope of the projected requirements in order to future-proof the technology.
Yeah! That's why we should be building CPUs with 1024-bit addresses!
That is all.
At the time, XNS, the Xerox protocol for Ethernet networks, was in use. It had 24 bits for the network number, and 24 bits for the device ID. Thinking at the time was that each network would be a local LAN, and "internetworking" would interconnect LANs. Xerox was thinking of this as a business system, with multiple machines on each LAN. So XNS had a 48-bit address spade. That's what we call a "MAC address" today.
The telephony people were pushing X.25 and TP4, which used phone numbers for addressing. Back then, phone numbers were very hierarchical; the area code and exchange parts of the number determined the routing to the final switch. "Number portability", where all the players have huge tables, was a long way off.
The problem with a big address space is that memory was too expensive in those days to deal with huge address tables. A big issue was locative vs non-locative address spaces. In a locative address space, there's a hierarchy - you can take some part of the address and make a local decision about what direction to go, even if you don't have enough detailed information to get to the final destination. IP was originally organized like that - routers looked up class A, B, and C networks. A huge, flat address space implemented using multi-level caches was way beyond what you could do in a router back then. Routers used to be dinky machines, with less than one MIPS and maybe 256K of RAM.
There was a lot of worry about packet overhead. Each key press on a terminal sends 41 bytes over a TCP/IP network. That was a big deal when companies had long-haul links in the 9600 to 56Kb/s range. Adding another 24 bytes to each packet to allow for future expansion seemed grossly excessive. Especially since the X.25 people had far less overhead.
So there were good reasons not to overdesign the system. I don't blame Cerf for that.
The foot-dragging on IPv6 is excessive. The big deployment problem was getting it into everyone's Windows desktop. That's been done.
Choosing 32 bits for IPV4 was reasonable at the time when 56kbps was considered a fast link.
The real problem is that when IPV6 was designed it did not allow IPV4 to be included as a subspace.
so you cannot have an IPV4 address that is a valid IPV6 address.
That means that there is no soft migration path from IPV4 to IPV6.
The people who designed IPV6 did not consider the problems of real world users;
they designed in a vacuum. A properly designed IPV6 would be in widespread use by
now, and the problem would be under control.
Who is this Vince you speak of and why are we blaming him instead?
Vince, vint, whatever. Listen up unix beardlings because I am about to drop some real history and knowledge on you.
He is some surfer guy who was too stoned on Maui Wowie to figure out we needed more than 3.4 Billion Addresses.
His name is Vint Cerf, and actually is the REAL REASON why we call it "web surfing".
Back in the olden days before young punks like you had global village modems, ISPs and dialup access and stuff,
us oldbeards were sitting pretty on T3's, "Cerfing" the internet. Well, it wasn't long until Cerf became Surf, and
that you young whippersnappers is how the fax machine was invented.
music lover since 1969
I don't know about you, but I'm extremely satisfied that my interface's home is in a Class A network.
I mean, who wants to live in a sub-class neighborhood?
$ host -t AAAA slashdot.org
slashdot.org has no AAAA record
$
'nuff said. Our organisation (that's me) is already 96% dual-stack. We treat non-ipv6 connectivity as fatal. When are you gonna do it?
Never, or in more practical terms, less than 6 years after the expiration of the patent. Patents need not be defended like trademarks, and you can "back sue" for up to 6 years of infringement. There was a recent story on /. about a company that bought a little known patent right before it expired, then went about suing everybody and anybody for infringement *after* the expiration, but going back 6 years for damages.
Is it just my observation, or are there way too many stupid people in the world?
Sir Arthur C Clarke saw it coming in 1964. “These things will make possible a world in which we can be in instant contact with each other, wherever we may be, where we can contact our friends, anywhere on earth, even if we don't know their actual, physical location.” He had little idea what the mechanism would be. But he had perfect insight into the scale.
>>>Only those with no imagination---
Were you even alive then - 1976?
Yes, actually I was alive then, and for quite a few years before that.
I was. Remember that was a time when being able to buy a video & watch it at home was an alien concept (pre-VCR).
Not true. I was shooting video on 1" cartridges in my HS film classes in 1976, and believe it or not, there was a movie sale and rental industry then. It was small, by mail order, and expensive, but it did exist.
If you had said to someone, "Someday you'll be able to sit on a bus and watch a video from 10,000 miles away," they'd probably lock you in a loony bin. Or just say, "You're a nutty nerd - let's give you a wedgie."
I think those reactions had more to do with the goofy grin, flood pants, and the bad haircut you had than anything else. :-P
Computers in 1976 were the size of small rooms,
I think you're a little confused about the whats and whens.
I lusted over SWTP 6809s and various Z/80 systems written up in Popular Electronics throughout the 70s -- too expensive for my paper route level of income. Apple 1s were around by '76, and the first Apple ][s shipped in 1977. Circa 1976 HP donated an old mini to the HS I went to -- it was the size of a four drawer filing cabinet. Apart from that, most of those were smaller than a Selectric typewriter.
Yeah, the Burroughs mainframe at my dad's office years earlier filled up the whole room, but actually, if you knew what you were looking at, you knew most of it was tape drives, line printers, and other stuff.
and they were just beginning to be shrunk to PC size, but they were hard-to-use (no keyboards or screens; they used esoteric switches).
Esoteric? Like the switch on the wall that you turn the light on with? Actually you could get a SWTP terminal with a full QUERTY keyboard and a 40×25 CRT to go with your 6809. Apples -- 1 and ][ -- had real keyboards.
Nobody at the time thought common people (read: uneducated boobs) would have computers with self-assigned addresses. Nobody thought there'd be more than one computer per home, much less 2-3 per person. Most envisioned computers as being like Star Trek - a single unit running the whole house. The number of homes was only 900 million, so having ~4000 million addresses was plenty.
The 1970 Census put the US population at 200M. By 1980 it was 226M. I don't know what the typical household was, say family of four. I think that'd make for a lot fewer homes, but really, what does that have to do with anything?
Again, there were people -- with imagination -- who were anticipating the computer revolution. Not unsurprisingly, they were right.
IPv6 addressing is wonderfully simple. Because it is hierarchical, in one byte units, there are at most 256 upstream, 256 parallel and 256 downstream router addresses for any given router. The lowest 48 bits are taken from the MAC addresses.
The only time you need to hold more addresses than 768 is if you are supporting Mobile IP or NEMO using transitory addresses (the original IPv6 mechanism), where re-routing is handled with temporary router entries that last 30 seconds or until the computer/network moves to a new network, whichever comes first.
Typical IPv4 router tables - especially for ISPs - are huge. You don't need 8 Mb router tables unless you plan on holding upwards of a million routes. I don't know if anyone sells corporate-grade routers that small any more.
Since there are no situations where you will ever want a more specific rule for a route (other than to support transitory addresses), you don't need to search for the most specific case of a routing rule. If you have found the first case, it will be the only case. Even in the transitory address case, you're comparing the whole IPv6 address, so there will be exactly one match for it, so the worst case is looking for two matches for strings. This means that searches are much, much faster. On large routers, you can use the three bytes as indexes into the table of hierarchical addresses and then use a tree to store the transitory addresses. You can search both in less time than it takes to search an IPv4 router table.
It's a small world and it smells funny; I'd buy another if it wasn't for the money; Take back what I paid (SoM)
Speaking of economic incentives - the GP says there's no economic incentive to switch end-users to IPv6 when you can use multi-level Large Scale NAT, but I have one question:
Won't it take money to implement and convert customers to multi-level NAT? Would it really cost much more to convert them to IPv6+NAT64? That's the real question - not whether there is economic incentive to do something you don't have to, but what are the comparative costs/benefits of two alternatives, one of which you will probably *have* to do?
The other interesting thing to see here: Right now a lot of ISP's of course have IPv4 blocks. They could potentially keep using those for customers, BUT, they might also have an opportunity to sell their allocations off for big bucks to companies that are desperate for IPv4 public addresses to use for their servers. If the going rate for a block of IPv4 addresses, after the point of 'exhaustion', is high enough, many ISP's might find that they can actually *make* money by selling off their existing public IP addresses, and either switching customers to NAT or IPv6. If most of them choose "the right solution", and do IPv6, all of a sudden you have the critical mass of IPv6 users which are necessary to justify setting up new services only on IPv6.
Because, since all the hosts behind a NAT share a single routable address, that means to make inbound connections, you need to setup port forwarding. So, say I want to run Skype (which likes to have an inbound port), a game server, and a VoIP application, all of which need to be able to accept inbound connections. Well, to do that, on the NAT Gateway, I need to setup 3 ports to be forwarded to my computer. Only I can use those 3 ports, no one else can. Which means with 64k ports available on the NAT, you can probably only setup port forwarding service for maybe 10k-20k customers. You *might* be able to alleviate this a little bit by using multiple 'public' IPs - say one public IP for every 5000-10000 users on the ISP network.
There's also the issue of 'well known ports' - let's say I want to run a web server - well, almost all browsers expect a web server to respond to connections made to either port 80 or port 443 (for SSL encrypted connections). Likewise SSH, telnet, FTP, rdist, etc all typically use well-known ports. Games using iD Software engines usually accept inbound connections on a particular well-known port (27960). Only one computer per public IP may have port 80 or 443, or whatever, forwarded.
Also, perhaps even more importantly, every outbound connection also uses a port associate with the public IP address being used for NAT. Again, using one public IP for a few thousand users might give you enough ports to mostly work.
Basically, in a world where everyone is behind a NAT, no one can ever accept in-bound traffic from off the 'local' network (I put local in quotes, because in the case of Large Scale NAT, you could probably talk to all the other customers of your ISP directly, but not anyone who uses a different ISP), even when they *WANT* to. Some people like the 'comfort' of thinking that NAT somehow protects them better than a firewall, but I'd personally prefer routable addresses for all my devices, with a firewall that I control on my home router to block in-bound access. That way, I can simply open ports when I *want* inbound traffic, and leave all other closed - but when I do want to run services
In 1996, when IPv6 (back then called IPng) was declared the "fix", there were two proposals that could have extended the address space.
* Use TCP/UDP on top of IPX (RFC1791). This, IIRC was implemented in reality, for example, in Netware server 4.11.
* Use TCP/UDP on top of CLNS/CLNP (RFC1347).
Now think about it for a second. Both IPX and CLNP are closer to IPv4 than IPv6 will ever be. Both were already proven, well understood, and the implementations were solid...
In 1996 EVERY router on the planet had the algorithms necesary to route IPX AND CLNP (for different reasons, at the time IPX was VERY popular and CLNP was govt and Telco mandated) so the relevant patents and IP were already licensed. You also saved most of the training and implementation (meaning algorithm programming and testing) costs.
Same for the hosts. Most workstations (desktops) had an IPX client, from MS-DOS 5.0 onwards (but also in the *NIX and MAC worlds), while on servers it got better, you had your choice betwen IPX or CLNP (sometimes native, sometimes as an ad-on). So again you saved the training costs for your admins, the implementation (programming/testing) costs.
But nooooo, the guys of the IETF at the time had an acute case of NIH (or, as Eric Cartman would say, "Sand in Their Vaginas"), and came up with IPv6. Sure, it has al lot of advantages other than a larger address space, but was unproven, unimplemented, subjected to Intelectual property problems (the fact that intellectual property in its current form is flawed [I agree with that idea] is not relevant to this discussion), and had mistakes of it's own.
(my favorite pet peeve about IPv6, they removed the header checksum... come on!, I agree that recalculating the checksum in every router because of the TTL is stupid, but it was rather easy to keep the checksum, not include the hop count field in it, and make the Hop Count field a hamming code instead of a direct integer value!. And no, a half assed check on TCP of the Pseudoheader with a weaklish algorithm will not do. BTW, the guys doing realtime multimedia using UDP must also be jumping of joy that the checksum in UDP/IPv6 is mandatory now.. :-P I discussed this with my students last tuesday, but is not going to be in the exam).
At the time (1996), I was an undergrad student, in a backwater country, and had high hopes that ATM would solve everything (I did my thesis in ATM flow control)... Silly me... I did not speak...
Let's not blame Cerf, nor Khan of our current woes. Let's blame the people who gave us a crappy solution out of pride, and pitty those of us who have to implement it....
Salud!
*** Suerte a todos y Feliz dia!
Just divide 20% of the total number of IPv6 Addresses (this is both to account for wasted addresses, as well as to point how silly the notion of running out of IPv6 Addresses is), and divide it by the number of Sq metes (or foots, as you preffer) of the surface of the earth (dry, humid, wet, or iced) and tell me how many devices for each tile of surface can have a unique address.
Pro Tip: Use a scientific calculator, a normal one, or the one on a cellphone will not do.
For the lazy: 1,33*1023 addresses per square meter, if my calculations are correct. This is more than the Avogadro #... just in case, check my calculation.
*** Suerte a todos y Feliz dia!
I could explain this to you, but I would have to write a science fiction novel to do it. Well ok, I'll summarize the novel. Just remember this is a selective summary; pretend that all sorts of really cool things are happening and my characters are totally interesting and the plot is fucking fantastic. Can you do that for me, Wowbagger? Ok.
In an alternate universe, the IP4 designers did just as you suggest, and the loopback network was Class C. In this alternate universe, other things went in a different direction too. By 2010 we all have CPUs with thousands of cores, but they all run at 1 MHz and programmers discuss ways to improve the linearization of their code.
And we all have a weird crippled piece of shit operating system, which got popular despite all its limitations. (This may seem hard to believe to us, but remember I'm talking about an alternate reality.) One of its limitations, is that its networking code doesn't deal with port numbers, because the designers thought that was a waste of 16 bits. (Computers in this reality have about as much memory as what we're used to, but there are more addresses and the words are 4 bits wide, so working with 16 bit data is kind of a pain in the ass.) Another of its limitations is that is has no IPC as we currently know it. Fortunately in the 1990s some programmers "invented" IPC by having each process use the loopback network, but since there are no port numbers, each process has to have its own address on the loopback network so that the OS can sort out what process gets what message. This inevitably led to mocking jokes:
There were terrible hacks for running hundreds of processes and having them all be able to talk to one another, where a proxy process would emulate a sub-loopback network for 254 other processes and present a single loopback address to the OS. It was such a broken, terrible system, that it delayed the popularization of personal computer networking, so there was no "mainstream" use of the internet and the supply of IP4 addresses lasted much longer. In 2010, there was no non-loopback address shortage; it wasn't expected for another decade.
Then one day a poster named whoasacker got on Hyphencolon and asked, "Why didn't they just use a Class A network for the loopback?" And a poster named Slippery answered, explaining, "In an alternate universe, they did..."
As copyright owner of this comment, I authorize everyone to defeat any technological measure which limits access to it.