Slashdot Mirror

← Back to Stories (view on slashdot.org)

Free IPv4 Pool Now Down To Seven /8s

Posted by timothy on from the need-to-join-a-new-pool dept.

Zocalo writes "For those of you keeping score, ICANN just allocated another four /8 IPv4 blocks; 23/8 and 100/8 to ARIN, 5/8 and 37/8 to RIPE, leaving just seven /8s unassigned. In effect however, this means that there are now just two /8s available before the entire pool will be assigned due to an arrangement whereby the five Regional Internet Registries would each automatically receive one of the final five /8s once that threshold was met. The IPv4 Address Report counter at Potaroo.net is pending an update and still saying 96 days, but it's now starting to look doubtful that we're going to even make it to January."

38 of 460 comments (clear)

  1. The most surprising turn of events by Arancaytar · · Score: 3, Insightful

    ... since the unexpected end of the century in '99.

    (What is actually surprising is that the internet still hasn't widely adopted IP6, and ISPs are now turning to ludicrous measures - NAT - to keep avoiding what makes sense.)

    1. Re:The most surprising turn of events by timeOday · · Score: 5, Insightful

      And the best part for ISPs is, NAT turns the Internet from its inherent peer-to-peer nature into a client/server architecture where all home users can be relegated to "content consumers" under cover of IP4 address shortages. Score!

    2. Re:The most surprising turn of events by sjames · · Score: 5, Insightful

      Lets say your ISP assigns you 10.0.32.128. Now, kindly tell me how you plan to connect to your home PC from work.

    3. Re:The most surprising turn of events by DeadBeef · · Score: 5, Insightful

      What will make it even more fun is if you have two branch offices of the same company connected to the different ISPs getting 172.16.32.66 and 10.0.65.88, how do you set up a VPN between them?

      --
      I am a lawyer and this constitutes legal advice and I shall indemnify you against any losses arising from taking it.
    4. Re:The most surprising turn of events by bbn · · Score: 4, Informative

      Configure your home router to pass the port for whatever service you want to access from work to the system that can deal with it at home. Connect to that address using that port.

      This is where the trouble begins. You can do this today because it is _your_ router doing the NAT. With no more IPv4 available, you will be sharing your IPv4 with your neighbours. This means carrier NAT. How do you program your ISPs router? You don't.

    5. Re:The most surprising turn of events by Nigel+Stepp · · Score: 4, Insightful

      A lot of the rest of us get along pretty well with putting our servers behind a router/NAT that lets us define which ports get forwarded to which systems behind the router, thus adding "firewall" as a feature.

      Thing is, that's only when you have control over the NAT device. If ISPs move to multiple levels of NAT, as some people suggest, then you no longer have access to a thing on which you can forward ports. You're stuck being a content consumer.

      --
      4096R/EF7BAFA6 79E1 DF98 D09D 898F 9A11 F6F0 DDDC 23FA EF7B AFA6
    6. Re:The most surprising turn of events by HeronBlademaster · · Score: 3, Insightful

      ISPs will just charge extra for a "real" IP address. (Basically the same thing they do now if you want more than however many come with your base service.)

  2. Re:Soo... by tehniobium · · Score: 4, Informative

    http://en.wikipedia.org/wiki/IPv4_address_exhaustion

    --
    No kitty, this is my pot pie!
  3. Re:Soo... by keeboo · · Score: 3, Funny

    Dunno... The heat death of the internet?

  4. Re:Soo... by Konsalik · · Score: 4, Informative

    THE INTERWEBZ EXPLODZ!!! Ok no seriously, once ICANN allocates the final blocks the IPv4 space will be declared as "used up" but it is still up to the regional RIRs to *use* those IPs. ie if ICANN issues IPs they are not automatically used. Thus it will still be a while after that when they are really all used up. Even then we could maybe see a sharing of sub-blocks between regional RIRs (?) For example AfriNic will probably have quite a surplus if it receives another /8 range. Lastly there are (not so preferable) technologies available such as NAT to allow the internet to continue functioning as it did (more or less). In the end we will need to move to IPv6.

  5. Re:where is ATT and comcast with IPV6? by the_macman · · Score: 3, Insightful

    Busy counting their profit and laughing over all the money you think they want to spend on IPV6 upgrades.

  6. Re:Meh. Allocate 240.0.0.0/4. by Trolan · · Score: 3, Insightful

    And have to push new TCP/IP stacks for most operating systems to get them to understand that that is now viable space. This would be effort better spent on just going IPv6.

  7. Re:Meh. Allocate 240.0.0.0/4. by A · · Score: 4, Informative

    Here is a good blog post on why this wouldn't work: http://packetlife.net/blog/2010/oct/14/ipv4-exhaustion-what-about-class-e-addresses/

  8. IPv6 Compatability by Konsalik · · Score: 4, Funny

    Remember before Y2k almost all computer manufacturers placed "Y2k Compliant" or "Y2k Ready" logos on everything from bare computer cases to speakers? Well I cant wait for my "IPv6 Ready" USB keyboard...

  9. Re:Oh noes! by by+(1706743) · · Score: 4, Funny

    How will I ever be able to use my twittering armchair fart detector?

    Well, you'll have to choose between a NAT twittering armchair fart detector and an IPv6 twittering armchair fart detector!

  10. ipv6 by Anonymous Coward · · Score: 3, Insightful

    Whens slashdot going to go ipv6?

  11. Re:Soo... by glwtta · · Score: 4, Informative

    it is still up to the regional RIRs to *use* those IPs

    Regional Internet Registry.

    --
    sic transit gloria mundi
  12. Re:where is ATT and comcast with IPV6? by ziggyzaggy · · Score: 4, Informative

    status of comcast ip6 http://www.comcast6.net/ at&t - lagging http://www.networkworld.com/news/2010/102710-att-ipv6.html

  13. So slashdot, when are YOU getting on ipv6 by Anonymous Coward · · Score: 3, Interesting

    Because I'm on it right now yet I see no AAAA record. Pretty much anyone on Comcast can get a 6rd address at the drop of a hat; native dual stack is coming. Other providers will have to get on the bandwagon soon I gather. Whine endless about the end of ipv4 after you've already made arrangements to join the modern age.

  14. Re:I wish we could... by blair1q · · Score: 3, Funny

    If we are to do that then the address field of the packet header should be a null-terminated string, not a fixed or limited size.

    Note that if you embed the length in the header you have to decide how wide the length field is, which then limits the string length. Though I'll accept arguments to the effect that an 18e18-character address should be enough for anyone.

  15. Re:NAT! by Xugumad · · Score: 5, Insightful

    I'm frankly terrified that the "solution" to this is not to fix the underlying issue, but instead to layer work-arounds on it.

    Not to mention, unless I'm much mistaken a NAT can support 65536 connections at maximum (number of valid ports for outgoing connections). A /8 network might be okay, but putting a larger network behind NAT isn't going to help, and you can't layer them (because you still need a port free for the connection). We're going to run out, NAT just delays the inevitable by layering a giant administrative headache on the top.

  16. Re:all because MS won't put TLS on XP... by drinkypoo · · Score: 4, Insightful

    what needs "public" IPs?

    Anything that wants to participate in the peer-to-peer internet as a peer.

    --
    "You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
  17. Re:Soo... by mmontour · · Score: 4, Insightful

    "Why not now"? Because slack-ass websites like the one you're currently browsing still haven't bothered to flip on the IPv6 switch. I have IPv6 at home (pretty much plug-and-play; just enable it on the Apple Airport base station and all of the LAN machines pick up an address) and the only site I've found to go to is "ipv6.google.com". OK, there's also a dancing turtle GIF on kame.net, but that doesn't really count.

    Interestingly there is an "ipv6.slashdot.org" DNS entry. However it has no IPv6 "AAAA" record, only an IPv4 "A". Seriously guys, WTF? If a techie "News for Nerds" site can't be bothered to make itself available to IPv6 users then there's little hope for the rest of the web.

  18. Re:Last IP! by Nethead · · Score: 3, Interesting

    I can announce and route down to a /32. It's up to my peers to accept that announcement. Some may and some may not. It depends upon politics, payment, router memory and BOFH whim.

    A /24 is commonly the longest network accepted for re-announcement, but that is not a hard rule.

    --
    -- I have a private email server in my basement.
  19. Re:Maybe I'm being naive... by bbn · · Score: 3, Informative

    3ffe:1900:4545:3:200:f8ff:fe21:67cf

    That would be 63.254.25.0.69.69.0.3.2.0.248.255.254.33.103.207 using your scheme which is horrible. Is also leaves out the most useful compression feature, so you can write 3ffe:1900::/32 instead of 63.254.25.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0/32. Just counting out the correct numbers of .0 is horrible.

    Practical real life IPv6 addresses often use compression: ipv6.l.google.com has IPv6 address 2a00:1450:8005::63, ipv6.myip.dk has IPv6 address 2001:470:27:f9::2, ipv6.net has IPv6 address 2a00:1188:5:2::8. If you care about your address you can make it short, since the last 64 bits is yours to decide.

  20. Re:Soo... by Straterra · · Score: 4, Informative

    Any iOS device with 4.0 or later supports IPv6, including your iPhone.

  21. Re:all because MS won't put TLS on XP... by Lennie · · Score: 3, Informative

    Actually it does support TLS, it just doesn't support SNI. Or actually IE and Safari only, because they use the windows library. Firefox and Chrome use the library first developed at Netscape and Opera uses OpenSSL.

    But as SNI is the part that adds 'Namebased virtual hosts' to TLS, the result is the same as you mentioned. Everything that wants to use a certificate still needs it's own IPv4-address (and/or IPv6 address) for now.

    --
    New things are always on the horizon
  22. Re:NAT! by Nethead · · Score: 3, Interesting

    IP address reclamation will get us back at least 40% of the address space.

    But not necessaries usable addresses on routable boundaries.

    --
    -- I have a private email server in my basement.
  23. Dibs!!! by MobileTatsu-NJG · · Score: 4, Funny

    How long before I can get the address 255.255.255.255? I wanna set up a website called 'endoftheinternet.com'!

    --

    "I like to lick butts!" by MobileTatsu-NJG (#32700246) (Score:5, Informative)

  24. Re:all because MS won't put TLS on XP... by shentino · · Score: 4, Insightful

    Sounds like something ISPs actually wouldn't mind obstructing.

  25. MAC Address? by itamblyn · · Score: 3, Interesting

    Why is IPv6 not based on MAC adresses? I've never understood this. Every piece of electronics capable of connecting to a network has at least one unique hardware id already. Why do we need a new one? Is there are reason not to just use this number? Or have I misunderstood, and this actually IS the plan.

    1. Re:MAC Address? by CyprusBlue113 · · Score: 3, Informative

      Privacy

      --
      a handful of selfish greedy people are no match for millions of selfish, greedy people -u4ya
    2. Re:MAC Address? by RzUpAnmsCwrds · · Score: 3, Informative

      Why is IPv6 not based on MAC adresses? I've never understood this.

      Well, first of all, it sort of is. The typical way to get an address on an IPv6 network is stateless auto-configuration, which basically allows your client to combine an advertised route prefix with the EUI-64 (basically a longer version of a MAC address that can be generated from a MAC address) to determine its IP. You don't need any configuration for new clients and they always get the same IP address. Note that Windows Vista/7 use a hashing function with random data and the MAC address so that you can't track a single machine based on its IPv6 address, which solves privacy concerns.

      Second, you can't just use the MAC address because it's not easy to route traffic that way. Routing works today because networks are assigned contiguous blocks of addresses, so it's easy to tell where to route traffic based on the address prefix. If we just had MAC addresses (which contain no information about which devices are connected to which networks), routing would require huge tables that would frequently change. This works OK for a small to medium sized network (e.g. switched Ethernet) but it doesn't work at all for the Internet. Even medium-large organizations need to use subnets to effectively manage traffic, which aren't possible without network prefixes.

  26. Re:Maybe I'm being naive... by zippthorne · · Score: 3, Funny

    The colons and hex are for typing it in. It stored in 16 bytes on disk, just like ipv4 addresses are stored in 4 bytes currently. There are lots of ways of representing a v6 address, though, just like there are lots of ways of representing a v4 address (hex, being among them, iirc, and for a while firefox would let you type in the unsigned integer that the 4 bytes represent and would translate that directly.)

    The rest of us will just use a lookup service to map an easily remembered string to the v6 numerical address. At the moment, though, I'm not sure I cann think of an analogous service for ipv4, but I'm sure someone's doing it.

    --
    Can you be Even More Awesome?!
  27. Re:Maybe I'm being naive... by geekpowa · · Score: 4, Insightful

    A curious key thing I fail to understand about this issue is why the ip4/ip6 issue encourages people to act so rudely towards other professionals who demonstrate at least some grasp of the underlying issue.

    I think you ask a reasonable question, the question in my mind similar to yours: the transition from ip4/ip6 appears to be hard and this is a factor in it's slow adoption so what prevented the design a more gentler protocol that provided a smoother/simpler transition; particularly given our heavy reliance on this network in so many facets of our civilization?

    As a programmer that does alot of network type stuff close to the metal, frequently designing my own OSI 7 protocols, I understand ip4 and higher layers very well, better than most IT professionals; but certainly not as well as a carrier network engineer. I know little about IP6 other than than regular reports about it's high barrier to entry and the inherent complexity associated with the change over. Maybe I need to make time and learn more about it now; but life is busy and other things compete for my time.

    But to such questions can always be counted on being treated rudely by ip6 zealots. Just like the ruby programming language, I am keen to learn more when I get the spare time, and I dabble when I can, but in some ways disinclined given how rude and obnoxious the community advocating it can be.

  28. Re:a gazillion IPv6's spamming? hell no by Lennie · · Score: 3, Informative

    What is the difference for IPv6 ?

    Their currently is one IPv6-DNS-blocklist, they use something like: 5 bad IP's in one /64, block the whole /64, 5 bad /64 block the whole /48. Or some system like that.

    Or do you mean their isn't enough tooling yet ?

    --
    New things are always on the horizon
  29. Re:Crazy.... by DavidTC · · Score: 3, Insightful

    It would probably on buy a few more years to reclaim these addresses and chop them up, but surely the problem is just poor usage as opposed to exhaustion.

    *SLAP*

    Seriously, we've already done this. Repeatedly. At no point has the actual transition started happening, even with all the 'extra time' given it.

    Attempting to figure out a way to get more time will not actually solve the problem at all.

    At the very least, we need IPv4 to blow up first, so the transition actually starts. After that point, if need be, we can start looking for more IPs to use during the transition.

    But first, we actually have to start.

    I got new ISP service in August. I got a router with it. This router does not do IPv6. In August. 2010.

    The problem isn't 'lack of time', the problem is LACK OF STARTING.

    --
    If corporations are people, aren't stockholders guilty of slavery?
  30. Re:Whatever by knorthern+knight · · Score: 3, Interesting

    > I agree that the MAC address based network address is
    > scary but I wonder how much of a signature they already
    > have from other properties of my computer.. I wonder
    > how long before the IPv6 address is used to try and
    > prove that it was a specific computer that generated
    > some traffic.

    Here's a computer-user IQ test. Question "what is your MAC address?"

    * Typical user... I don't got a Mac, I got a Winders PC.

    * Competent user... checks his network config and supplies answer.

    * l33t h@x0r d00d... what do you want it to be?

    --

    I'm not repeating myself
    I'm an X window user; I'm an ex-Windows user