Slashdot Mirror

← Back to Stories (view on slashdot.org)

Protect Your Pre-1997 IP Address

Posted by Soulskill on from the careful-that's-an-antique dept.

CWmike writes "With IPv4 space running out any day now, is your legacy IP address space safe? Marc Lindsey writes that if your company obtained its IP address space before 1997, you have probably received several letters from the American Registry for Internet Numbers encouraging you to enter into a contractual agreement to protect the IP address. But should you sign it? Be careful — there are several issues you should consider before signing up for this, writes Lindsey, who offers a deeper look at the issue."

13 of 275 comments (clear)

  1. Printable by Anonymous Coward · · Score: 4, Informative

    Save some time, 4 pages is silly given the content.

    Printable Version.

  2. Re:Seriously? by Anonymous Coward · · Score: 5, Insightful

    Upgrade your systems to IPv6 already, folks.

    Yeah, just like that. ISPs should replace millions of dollars worth of high end network equipment, find sensible IPv6 transit providers and re-negotiate their peering arrangements (whom may not want to peer with IPv6), then allocate and assign IPv6 addresses to every single IP endpoint on their entire network and then spend a couple of million more replacing end-user network equipment that almost certainly doesn't support IPv6, then await the massive flood of complaints from users who have additional non-IPv6 equipment behind their router which no longer works E.g. almost every consumer VoIP phone every shat out by the lowest bidder.

    That's just for a small ISP.

    The major force holding back IPv6 deployment is shitty consumer hardware that doesn't "do" IPv6, and shitty network hardware vendors who charge an arm and a leg for IPv6 capable routers etc. (coupled with the fact that people have already invested a lot of money on non-IPv6 hardware anyway). It's not like the ISPs are doing it just to piss you off.

  3. Re:the internet a fuedal domain by siride · · Score: 5, Insightful

    Yes, superficially, hierarchies look like other hierarchies.

  4. Re:Why? by isorox · · Score: 5, Insightful

    Why would it matter if you have the same IP address you've had for several years? Whats wrong with switching to a different one?

    Ask wikileaks. We're entering a world where you can't rely on DNS.

  5. Fast? by Suki+I · · Score: 4, Funny

    There are plenty of pieces of hardware that dont support IPv4. Unless you upgrade the hardware to a dual stack configuration. Routers, switches, etc arnt cheap.

    Just because the OS supports it, doesnt mean its going to be easy or cheap.

    So, fast is not out of the question? ;)

    --
    Home of The Suki Series
  6. Re:Why? by TheRaven64 · · Score: 4, Informative

    Not the same. My phone number is published, my IP address isn't. I've moved IP addresses for my server four times in the last year. I set the DNS TTL to a few seconds, wait for old caches to expire, update it to the new address, and then reset the TTL to a longer value. No on notices.

    I just moved to a new mobile phone company too. My SIM ID, which is used to uniquely identify my phone on the network, changed. My phone number was moved across. The phone number is just an entry in a database that maps to a SIM ID, just as DNS maps to IP addresses (actually, DNS can map to all sorts of other things, including geospacial coordinates and telephone numbers).

    That's why we have these layers of indirection - so the low-level ones can be changed easily.

    --
    I am TheRaven on Soylent News
  7. I got one by bbn · · Score: 4, Interesting

    I just checked. My 1994 class C is still allocated to me. I have no idea how to regain control over it though as every single contact detail, except my name, is outdated by 15 years.

    It was never used on the public internet. But back then they said you should get one for your local lan. This was before everyone started doing 192.168.x.y. So I applied for a class C and got it.

    Even if I did manage to get RIPE to correct the contact details, I do not know any ISP who would advertize it for me. So this class C is part of the dead IPv4 space that will probably never get used.

    1. Re:I got one by Spazmania · · Score: 5, Interesting

      IANAL, but here's some perspective from someone who has been in the thick of the ARIN policy process for the last few years:

      First, you're talking about RIPE (european IP addresses) while the article is about the registration services process at ARIN (north american IP addresses).

      Had you been talking about ARIN, this is frankly the kind of thing where you'll want to sign the LRSA and soon. ARIN will work with you to nail down the details and confirm the registration but they'll want to normalize their relationship with you via a signed contract first. I think they'll still update if you come to them with ironclad documentation, but if you had ironclad documentation you'd have been the kind of person who kept the registration up to date to begin with.

      For those who are still contactable via at least the email address published on the registration, now is not the time to sign the LRSA. ARIN claims you have more rights under the LRSA than under the regular RSA but on close examination the claim doesn't really hold up. It's a standard adhesion contract in which the powerful party has reserved the rights to themselves.

      That having been said, keep tabs on proposed ARIN policy every 6 months or so. ARIN probably won't seek the legal liability from trying to seize legacy registrations that are obviously in use, but the situation could change.

      If you are in the situation where your contact details are dead, I personally think you SHOULD sign the LRSA and normalize things with ARIN. A /24 is going to be worth at least $1000 within 12 months, and probably a lot more. IPv6 won't deploy fast enough, the IPv4 free pool will be gone by mid year and the only source of new IPv4 addresses will be folks who are willing to sell.

      On the other side, the unrouted dead registrations without valid contacts are very likely to evaporate in the next 24 months. The ARIN policies for this sort of reclamation aren't in place yet, but mark my words: they will be.

      --
      Moderating "-1, Disagree" is simple censorship. Have the guts to post your opinion.
  8. Re:Seriously? by franciscohs · · Score: 5, Informative

    I'm sorry to have to say this to you like this, but you have no idea what you're talking about. Did you think about the infrastructure where you connect all those PC's?. Take Cisco in the Datacenter for example, current status is:

    Routers and switches support IPv6 (excluding Nexus 1000V)
    Firewalls (ASA) support IPv6
    Firewall Service Modules (Cisco's Datacenter firewall solution) don't support IPv6 in transparent mode, don't support failover in IPv6, don't support IPv6 on hardware (which make them useless for real traffic)
    Load Balancers (ACE), no support
    WAN optimization, no support
    Ironport, no support

    etc.

    And even if this support comes, in most cases it's not just a simple software update, you have to update the hardware and you're talking 10's of thousands of dollars for each. So believe me, it's not that easy, even with the will and the money, in some cases there is no even offering from the vendors at this point, which is shameful.

  9. Re:Seriously? by Splab · · Score: 5, Informative

    We do?

    Actually no we don't, because customers (that would be you) aren't willing to pay the actual cost of equipment. Upgrades are something that happens when the old stuff is dead or 5 years has passed (the time it takes to write it off), whichever comes first.

  10. Re:Seriously? by TheCarp · · Score: 4, Interesting

    Which is fine. If I cared (I have been debating it) I could probably get my home internal network doing internal IPv6 and connected out via a tunnel this weekend (if I didn't already have some other things to do, like clean out the room that is to become the new office).

    Might be able to do it at a small business, in a few days to weeks, if things were otherwise slow.

    Try it on a large multi-site network that runs continuously. Coordinating changes between multiple groups, with varying level of skill and network clue, and varying responsibilities, all while everyone is doing their normal day job.

    Shit, its going to take you two years of meetings just to explain to mid level managers why they need to get the high level managers on board so they can make all the little fiefdoms work together on something that isn't directly of interest to any of them, but yours.

    Of course, its only two years because I figure its about that long before the high level manager hears some BS about someone else who did IpV6 and then asks the mid level managers that you have been battering for years about why they aren't doing it when these other people are.

    --
    "I opened my eyes, and everything went dark again"
  11. Re:Seriously? by Tony+Hoyle · · Score: 5, Informative

    The world is consuming a /8 - 16 million addresses - roughly every 3 weeks.

    Your piddling 65k addresses for a class B? 2 hours, tops.

  12. Ya not so much actually by Sycraft-fu · · Score: 5, Insightful

    I work at a university which is an ISP, as most universities are. We are still using Cisco 6500s from about 10 years ago, and will continue to use those 6500s for some time. They are actually upgrading a few of the core routers soon, but basically only because the central network guys want new toys to play with, the 6500s work fine. Despite the massive increase in campus bandwidth, those 6500s work just fine. We'd probably have to move to something bigger than 10gbit connections to buildings (which we are actually just moving to now) before they wouldn't.

    Now the 6500s are flexible platforms, and you can buy new supervisors to do IPv6. We actually did this a couple years ago... At a cost of about $10,000,000. That is just to serve the 50,000ish users on campus. Also that is only the big core equipment. The edge equipment didn't have to be upgraded since it is all switched at that point.

    This idea that ISPs just trash tons of high end equipment every year is stupid. High end stuff doesn't get replaced until it is necessary, and that can be a long, long time. If you want them to buy all new hardware yearly, well then be prepared for your bill to go way up.

    Also, that isn't the only problem. IPv6 support is not good at all in the home. A lot of routers don't support IPv6. I bought a Linksys router/WAP about a year ago, one of the N ones even, no IPv6 support. So if my ISP went all v6 I'd have to rebuy it and you know people would be mad about that. Even computers are problematic. There's a lot of XP systems out there and it has no IPv6 support. Sure it can be installed, you really thing a non-technical user can handle that?

    Before IPv6 is feasible we not only need more ISP upgrades, we need more upgrades at home. Also, we really aren't going to need a good 4-to-6 setup. We need some way in the home that old devices that don't support v6 and can't be upgraded can get a v4 address that can then be routed transparently through the connection's v6 address. If that exists, I've not seen it.

    It is a complex issue, and hence not something that will get solved quickly. I don't think we'll really start seeing IPv6 adoption in a big way for several more years. Once device support is far more wide spread, and more network equipment has been upgraded, it'll be more feasible. Also, when IPv4 really DOES start to deplete, and by that I mean companies start to run out of addresses not just that the top level assignments are gone, then there'll be pressure to make it happen.

    People forget that the "running out" that is spoken of isn't that all addresses will be gone. It is that all available high level blocks will be allocated to regional registrars. They will still have space to allocate, and even when they run out most ISPs will still have space to allocate. It is when the ISPs start running out, that is when we are ACTUALLY running out of IPv4 space in a meaningful way, and there'll be pressure to move to something larger.