After IPv4, How Will the Internet Function?

An anonymous reader writes "36 countries in the world have over 100% per-capita usage of mobile phones, and this is driving a real crunch on IPv4 addresses as more and more of these devices are data-capable. The mobile network operators are acting fast to deploy IPv6, and T-Mobile USA has had an IPv6-only trial going on for over 9 months now using NAT64 to bridge to IPv4 Internet content. It is interesting to note that the original plan for IPv6 transition, dual-stack, has failed since IPv4 addresses are effectively already exhausted for many people who want them. Dual-stack also causes many other issues and has forced the IETF to generate workarounds for end users called happy eyeballs (implying that eyeballs are not happy with dual-stack), and a big stink around DNS white-listing. How will you ensure that your network, users, and services continue to work in the address-fractured world of the future where some users have only IPv4 (AT&T ), some users have only IPv6 (mobile and machine-to-machine as well as developing countries), and other Internet nodes have both?"

Dual stack failed?

[Just+Some+Guy]

It seems ludicrous to claim that the dual stack idea has failed when more and more devices are suddenly finding themselves with IPv6 addresses and are putting them to use. My home and work LANs are dual stack and everything Just Works. For being a failed experiment, it works amazingly well in everyday usage.

Re:Dual stack failed?

Because, according to TFA, "If you are going to dual stack everything, everything needs both an IPv6 and an IPv4 address. And... um... we're out of IPv4 addresses."

Re:Dual stack failed?

[Just+Some+Guy]

Right now, today, everything has an IPv4 address that needs one. Junk technology line NAT will keep IPv4 limping along for a while until IPv6 finds its momentum. But beyond that, the root problem comes down to networks not transitioning quickly enough. If they won't rapidly adopt something as relatively simple as dual stack, what makes you think they'll willingly and quickly roll out a wholesale change that actually breaks stuff?

Re:Dual stack failed?

[Chang]

Dual stack works but is has failed in the sense that it can't be the singular solution during the transition from IPv4 to IPv6.

Re:Dual stack failed?

IPv6 is still not nearly as "polished" as IPv4. Talk at the 27th Chaos Communication Congress in Berlin: "Recent advances in IPv6 insecurities" in about 4 hours. The talk is in English, a live stream available.

Re:Dual stack failed?

[sjames]

To be fair, we were SUPPOSED to be doing this back in 2005 or so at the latest. By this point, IPv4 was supposed to be nearly irrelevant to the world except as a historical note.

Dual stack is just fine. The people who put off even trying it untinl now are the failures.

Re:Dual stack failed?

[BlueBlade]

That's remarkably ignorant. The possibility of reclaiming those class A addresses has been studied and put aside, as it would be too costly and, assuming we get every single class A back, would only give us about 1.5 more years. This is too much cost for too little gain, so the efforts were focused on migrating to IPv6 instead.

You might want to read the wikipedia article about it : http://en.wikipedia.org/wiki/IPv4_address_exhaustion

Re:Dual stack failed?

[X0563511]

I use openwrt myself, but dd-wrt was my 'gateway drug' :)

Re:Dual stack failed?

[Nurgled]

Engineering of application-layer protocols is far easier when everyone is addressable. The deployment of NAT has had a cascading effect on many application layer protocols that would have had a simple, obvious implementation were every node equally addressable. Instead, every new application protocol has to consider and work around NAT.

So sure, as we stand today that ship has sailed and NAT has created a hierarchy of nodes that is unavoidable in today's network engineering, but I wonder how much innovation has been stifled by time spent working around NAT.

Re:Dual stack failed?

[sjames]

IPv6 is not at all complicated. It does have a few more complicated OPTIONS that 90% or more of users can completely disregard without a problem.

The addresses are longer, but that simply cannot be helped. How would you vastly expand the global namespace without having a longer name?

Even without ISP support, there's 6to4. That would have been at least good enough to gain some experience with it. Now, when your ISP does get up to speed you'll have even more to catch up on.

Complicated is when you request a new /24 and they tell you "sorry, fresh out".

IPv6 has been a standard complete with transition mechanisms for more than 10 years now. It was made quite clear that that was it, once and for all complete with a forecast of IPv4 exhaustion that has been remarkably accurate given that it was made over a decade ago. You don't get to claim you didn't see the stop sign when there have been "stop ahead" signs with the distance indicated for the last 10 miles.

Re:Dual stack failed?

[grumbel]

Only that it would buy more time during the transition

The IPv6 transition doesn't need time, it already had tons of that. What IPv6 needs pressure to force people to actually start doing it and for that a shortage of IPv4 is actually a good thing.

Re:Dual stack failed?

[Kjella]

in reality, if someone does anything even remotely competent, it should be a 1 day process, maximum - after all, using NAT or IPv6 internally should make it even less of an issue.

I think if you were to estimate the time it takes to change the company fleet of cars from summer to winter tires, you'd budget about ten seconds per car - that's how long it takes in Formula One, right? Companies don't plan to redo their network structure, ever. They do as little as possible as rarely as possible because it's pure cost. What you're looking at is an endless amount of cruft with IPs hard coded all over PCs, routers, configuration files, scripts, scheduled jobs, firewall configurations, stored server information or URLs, documentation, the works. Sure you could blow away millions of dollars on optimizing "network reoganization" process, making the company a world leader in that until someone with the money asks "Why the f*ck are we spending all this money on THIS? What in heaven's name do we get for it?" and you'd better have a better answer "So we can give some IP addresses back to ICANN for free." Otherwise cleaning up all that cruft will be on your project time and project cost, and if you still think you can do it in a day you're a monkey on crack.

Re:Private IP ranges

[itzdandy]

Because a lot of services don't work well through NAT. VPN and voice services are good examples.

Re:IPv7

[gclef]

http://www.oreillynet.com/onlamp/blog/2003/06/what_ever_happened_to_ipv5.html

It was assigned to an interesting, but ultimately not implemented, protocol.

Re:Private IP ranges

[Chang]

Your smartphone might not need a public IP address but it certainly could benefit by having a unique IP address within the mobile operators network, right?

Do you know China Mobile has hundreds of millions of subscribers. Did you know even T-Mobile has 150 million subscribers globally? Any guess as to how large private IP space is? Hint - it isn't big enough for any of the major operators to supply a unique IP within their networks.

These large operators have had to choose between partitioning their subscribers which makes phone-to-phone applications a mess or using bogons (IPv4 space registered to other people!) which is what T-Mobile had been doing, or they can choose sanity, which for them includes IPv6 as it is large enough to handle these mobile networks address needs without breaking a sweat.

T-Mobile decided that IPv6 only with a NAT64 back to IPv4 is the right way to go for the future. It's doesn't solve all their issues but it's a pretty clean way for them to solve it with the minimum of cost and near maximum usability.

Other vendors are betting on IPv4 partitioning with IPv6 capability. If T-Mobile is successful with their approach it's likely IPv6 only on handsets will become the defacto standard. After all, why should your phone run two IP stacks when one can get the job done?

Re:Private IP ranges

[expat.iain]

IPv4 NAT can cause problems for some communications protocols. These include, but are not limited to:

• PPTP
• Bittorrent
• SIP

Things will only get worse on IPv4 when the ISPs increasingly move towards carrier NAT as a solution to avoid the perceived complexities if IPv6, when really it's just an excuse to do less work and squeeze more money out of the users.

Wrong problem

[thogard]

We aren't out of IPv4 addresses, we are out of IPv4 block allocations. This started back in 1992 when Cisco and Bay Networks decided that forcing new allocations into consolidated routes was easier than building routers that could cope with 2^24 (or even 2^32) unique routes. The original / notation wasn't about talking about /16 or 24 but /36 was a way to describe taking 4 extra bits from the source and destination port range. That system would allow most existing hardware (even from the late 80s) to work without any changes and allow things that know about the newer way to cope with more advanced addressing for things like vhosts.

Easy..

[Junta]

Thanks to finally embracing NAT64, this becomes easy.

If you are providing 'server' access, you pretty much *have* to get an IPv4 address, and preferably an IPv6, but not absolutely required for now. Short term, don't sweat it, medium term go dual stack at first opportunity that presents itself, long term you may take down the IPv4 network one day, but don't explicitly plan when that day will come. The common strategy may continue to be ignore v6 entirely, however moving dual stack at your pace ensures that in the slim, but real possibility that your next-hop provider stops IPv4 routing or starts penalizing IPv4 use via unreasonable fees won't put you in a tight spot. The scenario of next-hop penalizing/dropping v4 is the only scenario I see as sufficient motivation to get servers to bother with v6 at all. I think even brand new servers will do what it takes to secure IPv4 space, which may free up some given the next point...

If you are setting up a network as 'clients', you can get by with either IPv6 or IPv4 for a while. Giving dual stack when available is nice, but whatever you have would be sufficient. ISPs without IPv4 addresses available for new clients should rapidly pursue IPv6 for residential customers and give them most internet via NAT64 on their end. Doing IPv4 private addresses would doom them to crappy service indefinitely, whilst IPv6 would only be semi-crappy for a more temporary interval. If you *really* want v6 to catch on, then start allowing v4 addresses to be carved up more free-market style. All technical experts agree that this would completely fubar the v4 network performance in aggregate, but you would entice adoption of v6+NAT64 with the profitable opportunity to reclaim addresses and sell them to places that *really* need them. The v6 network would be nice and cleanly routed, and getting on the v6 network just becomes that much more important.

Some would argue that any sort of NAT at the carrier plays right into the hands of those who hate P2P networks, including NAT64 as those behind NAT64 are unreachable by peers who are v4 only. However, the reality is there are two possible outcomes, residences getting 10/8, 172.16/12, or 192.168/16 which *completely* breaks P2P (and probably many wireless routers presuming those prefixes won't come from the WAN), or NAT64 where the P2P graph may not be as connected, but all v6 peers can reach each other. Since P2P designs are inherently tolerant of unreliable ability to reach peers, this should suffice for a while.

Major architects in v6 world advocated the dual-stack method as the way to theoretically move on with no thought to the practical motivations to move forward. They hated NAT in every way as it breaks the peering model they hold dear. They hated accepting the practical view that most of the internet are clients and few are servers. If they had embraced it from the beginning, then I suspect most residences would be v6 by now.

Re:Easy..

[Chuck_McDevitt]

Giving people a private IPv4 isn't so bad if they also have a real public IPv6 block.

Sure, it will break all the P2P traffic that relies on IPv4-only, but that will quickly force those services to support IPv6.

Re:IPv7

[Straterra]

Just because 'most news sites' report it, doesn't make it true. IPv5 didn't become mainstream because of what it was designed for, NOT because it had an odd number.

Maybe you should Google what IPv5 was for. Here, I'll help. Read this.

This almost out nonsense needs to stop

[Sycraft-fu]

Geeks should know better. The way it is talked about, you'd think in a couple days someone will plug in a device and there'll be no more IPs. Not hardly. We are approaching the first milestone in an eventual crunch. That is that there will be no more addresses not assigned to a registrar. The remaining class-As will be handed out to the regional registrars. While that means at the highest level we are "out" that doesn't mean we are out on a user level.

I'm not saying that we don't need to move to IPv6 but people on /. keep talking like we are going to be out of every single IP address real soon. No, rather we will be starting a process of scarcity. So far there's been no real scarcity of IP addresses. That will change. However all that means is that costs will change.

That will actually probably be a good thing for IPv6 adoption. If you are a company and want some static IPs and your ISP says "Sure, you can have IPv4 addresses at $30/month each, or as many IPv6 addresses as you want for free," well maybe you decide there's good reason to go with IPv6 and upgrade your stuff.

Re:This almost out nonsense needs to stop

If you are a company and want some static IPs and your ISP says "Sure, you can have IPv4 addresses at $30/month each, or as many IPv6 addresses as you want for free,"

That won't work. Problem is, if you are a company without an IPv4 address, you are not reachable by 99% of Internet users, i.e. you don't exist.

Companies will pay whatever price, though. They have to. But to suggest that the company can solve this by migrating to IPv6 is short-sighted. The company can only solve this by migrating all of its intended customers to IPv6, in other words: they can't.

You have made me realize an interesting point, though: as long as ISPs do not migrate their users to IPv6, they can charge extortionary prices for the remaining IPv4 addresses; ISPs have an incentive to create this artificial scarcity. Time to call for government regulation? ;)

Re:This almost out nonsense needs to stop

[m50d]

Sure, there's never going to be a "last address" assigned. But the price is going to be going up, fast. So it is time to be making a fuss; we do need to be thinking about it right now.

Re:Private IP ranges

[am+2k]

Skype relies on other people running Skype with a public IP address acting as a proxy. When everybody goes NAT, Skype breaks down as well.

It will prety much suck for quite some time.

[FlyingGuy]

The problem is the asshats that came up with IPV6. It should be scrapped here and now. IPV6 is just plain and simple flat out stupid.

Using a hexadecimal address was pure stupidity. All you needed to do was turn each segment of an IP address into a word sized ( 64 bit addressing ) or a long sized ( the magic 128 bit ) value instead of a byte sized value since:

2600000.35.1254.1785

Is one hell of a lot easier to remember then

2001:0db8:85a3:0000:0000:8a2e:0370:7334.

And using the colon for address separation is equally as stupid since that is how we designate port numbers. Ohh wait I know don't forget to surround the unrememberable POS with square brackets!

To make IPV6 useful it requires anything and everything to have a DNS entry since it is pretty much unrememberable and quite frankly I have devices that I never want in the DNS system yet I will be pretyy much forced to since trying to remember an IPV6 address will give me a fucking stroke.

And lets not forget you omit parts of the address eg: 2001:0db8:85a3::0000:8a2e:0370:7334 but ONLY once! I mean why did they even bother with this crap, is that supposed to make it easier?

IPV6 was written by a bunch of head up their ass academics, and even if the members of the committee were not academics their head was still firmly planted in their ass.

The guys who came up with IPV4 new they would have to work with it and made it pretty damn simple in most respects, but these clowns have turned something that should have just made the address space bigger into to something that will require massive kludges to transition since it will pretty much cause a mandatory replacement of pretty much 90% of the hardware out there.

Never ever let an academic design anything. They will fuck it up every time.

Re:It will prety much suck for quite some time.

[vlm]

All you needed to do was turn each segment of an IP address into a word sized ( 64 bit addressing ) or a long sized ( the magic 128 bit ) value instead of a byte sized value since:

2600000.35.1254.1785

Is one hell of a lot easier to remember then

2001:0db8:85a3:0000:0000:8a2e:0370:7334.

Whats your plan for delegated reverse DNS for a /48 allocation? (This should be interesting)

Re:It will prety much suck for quite some time.

[paul248]

Using a hexadecimal address was pure stupidity.

Hexadecimal is used because a network is designated by an N-bit prefix, and it's *much* harder to manipulate bits in decimal, especially when each number is 16 or 32 bits long.

And using the colon for address separation is equally as stupid since that is how we designate port numbers.

Once you've gone to hexadecimal, using dots to separate the address leads to ambiguity. Is a.b.c.d.e.f.beef.de an IP address or a hostname?

it is pretty much unrememberable

With IPv6, your network will have its own 48 to 64-bit prefix. Once you remember that prefix, you can choose your suffixes to be as simple as you'd like.

you omit parts of the address ... but ONLY once!

You can only omit one run of zeros, because otherwise the length of each run would be ambiguous.

Re:It will prety much suck for quite some time.

[paul248]

It's difficult to manipulate binary digits in hexadecimal, too. I don't see any advantage to this.

Every hex digit represents exactly 4 binary digits. If you flip a bit in a hexadecimal number, then exactly one hex digit will change. To know how it will change, you only need to remember the binary values of 0-F.

With decimal, you could flip a bit and change every digit in the number.

Re:It will prety much suck for quite some time.

[phantomfive]

All you needed to do was turn each segment of an IP address into a word sized ( 64 bit addressing ) or a long sized ( the magic 128 bit ) value instead of a byte sized value since: 2600000.35.1254.1785 Is one hell of a lot easier to remember then 2001:0db8:85a3:0000:0000:8a2e:0370:7334.

You don't know what you are talking about. Of course '2600000.35.1254.1785' is easier to remember, you aren't using all the bits. If you used the full 64 bits, it's going to be longer no matter what base you are using. Your hex example, if you converted it to decimal, would look just as bad: 536939960.2242052096.35374.57701172. It's not actually easier to remember.

There is also a shortcut built in for IPv6 addresses. For example, if you had an IPv4 LAN with addresses in the 192.168.0.1 range, you could represent them in IPv6 with ::FFFF:192.168.0.1. Not particularly harder to remember than an IPv4 address now. IPv4 was designed by people who thought before talking. Unlike you, apparently. Work on that: try to figure stuff out before blathering.

Re:It will prety much suck for quite some time.

[Bengie]

2600000.35.1254.1785

Here's a subnet mask for that. FFFF:FFFF. Now, in your head, quickly apply that to your base10 IP.

Who uses IPs anymore anyway except in a few corner cases for debugging? Use DNS or add an address to your fav list. Post its also work great for doing general network work where you need to know an IP.

Re:It will prety much suck for quite some time.

[higuita]

The problem is the asshats that came up with IPV6. It should be scrapped here and now. IPV6 is just plain and simple flat out stupid.

Nope, the problem is you and people that think like you...

ipv4 is reaching the limit, the only way to fix this is to extend the protocol and that required that EVERY PLACE to be updated or else cant reach the new addresses (or even worst, crash)
so the energy to extend ipv4 is the same as implementing ipv6.

ipv6 is not ipv4?! sure, its a lot better than ipv4 in almost everything, so its the way to go... you dont like it? fine, stay in ipv4.

2600000.35.1254.1785
Is one hell of a lot easier to remember then
2001:0db8:85a3:0000:0000:8a2e:0370:7334.

1- yah right, my mother cant remember a phone number, it will remember the IP (ipv4, ipv6, whatever)
2- DNS solve this problem... again... dont want to memorize that?! use DNS... repeat until you memorize this or the ipv6
3- if you knew a little about ipv6, you would know that the first 64 bits are the network segment and using ipv6 you easily remember that part, because its yours!! its just like the "192.168.5.x" of a LAN network
      the local part, the last 64bits is the MAC address, or if you dont like, put anything you want, easy for you to remember... like ::1 or ::31337
4- again, how many times do you really uses IP in ipv4? really? internet ones are copy&paste, almost no one memorize ever want to memorize then
      local IPs are sometimes used, because they are easy to remember (after memorize the local network part) and fast to type... but ipv6 can also have those, the local part and the "host" part, both you can memorize and tune with time
    hey, if its too much work... see topic 2... or use some post-it
    you also have bounjour/avahi/zeroconf/etc to help you resolving local networks, all modern OS support it

yep, ipv6 its bigger and might be harder to memorize than ipv4, like its usually easier to memorize a phone number than ipv4... or to the extreme, memorize a ATM pin... when you increase the bits of information, you require more work to memorize it, but that is a price to pay for more bits of info

for the ::, i agree that multiple :: should have been allowed, but hey, DNS is there to hide all that

Re:It will prety much suck for quite some time.

[John+Hasler]

> IPv6 is a potential privacy nightmare.

You have a loony definition of "privacy". I'm sure you will be able hide your IPv6 address behind a proxy, just you now conceal your street address by having all your snail-mail delivered to a PO box (after all, you wouln't want anyone to know where you live) and never give out your unlisted phone number.

Re:IPv6 of course

[vlm]

it is standing in the way of a real and workable solution to the problem.

So no, IPv6 is not the solution. IPv6 has simply become part of the problem.

So let me guess the solution ... "AOL keywords"?

Re:Huh?

[PhotoJim]

Foreigners sometimes have service, too. I've got prepaid AT&T and T-Mobile accounts for my US trips (each has different advantages), so I count toward 2 Americans having service, even though I'm not American and don't live in the country. 100% saturation merely means there are as many active lines as there are people, but it says nothing of how those lines are distributed.

Re:Mobile, home and small office equipment?

[davew]

Explain to me why all that stuff needs to be upgraded, but other stuff - your stuff and my stuff - doesn't?