Sales of Unused IPv4 Addresses Gaining Steam

netbuzz writes "A growing number of U.S. carriers and enterprises are hedging their bets on IPv6 by purchasing blocks of unused IPv4 addresses through official channels or behind-the-scenes deals. There is certainly no shortage of stock, as these address brokers have blocks available that range from 65,000 to more than a million IPv4 addresses. And it's not just large companies and institutions benefiting, as one attorney who's involved in the market says he represents a woman who came into possession of a block of IPv4 address in the early '90s and now, 'She's in her 70s, and she's going to have a windfall.''"

The Year is 2021

[eldavojohn]

A bust has been made in the digital district of NYC. Agent Friedeggs and his partner, Copbot 4X, have a perp handcuffed in the backseat of their cruiser that is now being piloted by Google's driving software to take him back to the precinct where he'll be booked.

They approach the criminal's ancient Cadillac CTS and open the trunk. Inside is a briefcase packed with millions of little strips of white paper, each bearing an IPv4 address. Copbot 4X applies a small strip of multipurpose adhesive to his index finger with his mouth and reaches down to snag one of the strips. As he feeds it into his mouth and the ping trace times out he emits a satisfied Artoo Detoo whistle. "It's pure," he confirms as Friedeggs nods satisfactorily.

"You know, I think we're finally gonna catch these bastards. These addresses belong on display in the Guggenheim, not ... " He cuts himself off as a warning light goes off on Copbot's torso. "Jesus H. Tesla, they've hacked the GPS signal to our car!" Copbot morphs into a go a cart as Agent Friedeggs draws his Taser and slides across its hood. Cheesy synth horns flair up over wakka guitars as their silent electric motor spins them off down the street.

Re:The Year is 2021

Glaring errors.

You do realize that GPS signals are completely passive, yes? The whole system works by computing your location relative to the GPS transmitters whose location are well known - it's impossible to hack something through the GPS signal.

Also, no Copbot would ever sample an unknown IP4 address like that, it might link him to malware or compromise his location. There's a reason why cops have forensic kits. That is, of course, assuming he still cares and doesn't drug himself into sleep mode with a jug of WD40 every night.

Re:The Year is 2021

[The+MAZZTer]

You do realize that GPS signals are completely passive, yes?

Ah, that's where he got you, this is the FUTURE.

Re:The Year is 2021

[canajin56]

You do realize that GPS signals are completely passive, yes? The whole system works by computing your location relative to the GPS transmitters whose location are well known - it's impossible to hack something through the GPS signal.

Not if you build a GUI using Visual Basic and backtrace the signal.

Re:The Year is 2021

[localman57]

Glaring errors.

You do realize that GPS signals are completely passive, yes? The whole system works by computing your location relative to the GPS transmitters whose location are well known - it's impossible to hack something through the GPS signal.

That was really good. But can you say it again, this time maybe using the voice from the Simpson's Comic Book Guy? That would be epic.

Re:The Year is 2021

[virgnarus]

Remember that such a complex task requires at least two individuals manning a keyboard.

Re:The Year is 2021

[TheSpoom]

I imagined this whole thing as part of an episode of Futurama.

Re:The Year is 2021

[uninformedLuddite]

You do realize that GPS signals are completely passive, yes?

Ah, that's where he got you, this is the FUTURE.

How he didn't get that when they were talking about electric cars amazes me.

Exactly why we don't need IPv6

Like drilling for oil, more efficient extraction techniques can efficiently harvest the (many) remaining IPv4 blocks. And let's face it: IPv6 is not favored by the man on the Clapham omnibus. He understands the clean format of IPv4, but IPv6 is just annoying! What's the deal anyway with 2^64 devices on your personal network? This is way over-specified. Some practical geeks need to come up with a clean extension to IPv4 (48 bits should be plenty) that uses the current dot formatting.

Re:Exactly why we don't need IPv6

[TFoo]

This is written like a troll, but is actually the most sensible thing that's ever been written about IPV6

Re:Exactly why we don't need IPv6

[MetalliQaZ]

Started out strong. I like the reference to oil. That could have been modded up funny, until that bullcrap about keeping the dot formatting. Are you really afraid of colons instead of dots? Or is it the hexidecimal numbers that frighten you? IPv6 solves more issues than just IP address exhaustion... autoconfiguration, routing, etc. It's going to happen and you'll have to crack a book. Deal with it.

Re:Exactly why we don't need IPv6

[rgbrenner]

I completely agree... anyone who complains about IPv6 is a troll.. 3ffe:1900:4545:3:200:f8ff:fe21:67cf is incredibly easy to remember.

Re:Exactly why we don't need IPv6

[FranTaylor]

Maybe you should try DNS sometime

Re:Exactly why we don't need IPv6

[gstoddart]

Maybe you should try DNS sometime

Not sure if DNS solves all of the problems though.

On my home network, I've got my own machines, and I have my work laptop. Since my work laptop isn't allowed to join my "home" workgroup, there is no DNS which will work between by laptop and my machine. I can't change that part of my network config either.

The only way to do file/printer sharing is by IP address. Possibly a limitation of Windows that doesn't allow you to do any 'real' networking between machines unless you buy the Enterprise Super Happy Fun edition ... clearly my Vista Home Ultimate edition isn't capable of doing this.

I'm not convinced that in all cases we have viable DNS which makes these things work ... at least, in my experience Microsoft seems to have removed some functionality which would allow that to work. I'm not really looking to set up a domain controller.

For internal to my own network, I'm not sure what IPV6 offers *me* -- it's a handful of machines behind my firewall, and using IPV4 is far easier. I don't care what happens on the other side of my firewall, but internally I don't see what benefit IPV6 has to me as a home user.

Re:Exactly why we don't need IPv6

[Dagger2]

IPv6 is just annoying! What's the deal anyway with 2^64 devices on your personal network? This is way over-specified.

Having more addresses than you need is annoying? I'd have thought having too few (i.e. the current situation in v4) would be the more annoying situation.

Re:Exactly why we don't need IPv6

[ColdWetDog]

Maybe you should try DNS sometime

The "D" might well mean "Democratic" which means it's socialist and therefore un American.

We'll have none of that nonsense on this USA centric website, thankyouverymuch.

Re:Exactly why we don't need IPv6

[FranTaylor]

if it's you and your own little network, you don't even need DNS. That's what /etc/hosts is for.

"For internal to my own network, I'm not sure what IPV6 offers *me*"

If *YOU* happen to live in a world where everyone's telephone is on the Internet, then IPv6 means you actually get to have an IP address.

Re:Exactly why we don't need IPv6

[sulimma]

Are you aware that you can run software on windows machines that is not provided by microsoft but by other vendors?

Re:Exactly why we don't need IPv6

[Belial6]

They should just dump the entire ip4 address space into 0001::0000-FFFF:0000-FFFF and call it a day. I had originally thought that this was the plan in the beginning. It would only take minor text massaging to convert 0001::FFFF:FFFF to the current standard of 255.255.255.255 (FF.FF.FF.FF)

We could then stop having people throw hissy fits over the numbering convention. They could stick to their AOLesque corner of the internet for as long as they like.

Re:Exactly why we don't need IPv6

DNS is great, except I'm sure the bastards at ISP headquarters will still charge a monthly fee for a static ipv6 addy and more for a block.... simply because they CAN... and is there a free dynamic dns solution? Last i checked (some years back), no.

Re:Exactly why we don't need IPv6

[Hawke]

Since my work laptop isn't allowed to join my "home" workgroup, there is no DNS which will work between by laptop and my machine

Huh? Um, exactly what's the DHCP server on that network there? Does that DHCP server advertise a DNS server? Can you modify the DNS server?

Alternately, can turn of the DHCP server on that wireless router that only does caching recursive DNS, and install a DNS server and DHCP server on your other computer, and run that?

And then, why again do you need to run your own DNS server anyway? Won't the people who give you the /64 take requests to add records? Or use one of the dynamic DNS protocols that allows you to register your IP? And I think there's yet another answer that involves anycast and autoconf...

Or maybe I'm just completely not understanding what you mean by "join my 'home' network".

IPv6 has some pretty good autoconf out of the box. You use RADVD to just announce services, you don't need any software managing IP addresses because the nodes will do that themselves. And when you want to use some service that isn't a pure client-server-http thing, the fact that each computer has a unique IP on that other side of the firewall is helpful. And for the most part, the "OMG, that's hard" retoric is horribly overblown. Get a /64. Configure a route-announce daemon (things your ISP can do for you). IPv6! Free!

Setting up a game, I was trying to debug a connection problem someone had, and sent them to a site that tells you IP addresses. A different friend went there, and discovered he had an IPv6 address. His ISP had provided it for him, and he had literately never known. It wasn't relevant. That's the experience you should expect.

Re:Exactly why we don't need IPv6

Hmm, actually ::x.y.z.k is valid, as well as ::FFFF:x.y.z.k (they're used for slightly different things). You need a protocol conversion gateway to make any use of it, of course. And then there's the fact that the gateway will need actual IPv4 addresses to talk to the IPv4 address you want (or a tunnel, etc).

Re:Exactly why we don't need IPv6

[gstoddart]

Are you aware that you can run software on windows machines that is not provided by microsoft but by other vendors?

Why, no. Here I've been limiting myself to minesweeper, notepad, solitaire, and the calculator. Stupid me. I've been doing this computer thing wrong for the last 20 years.

But, seriously, what software would you suggest which will give me in-house DNS that my locked down work laptop will play nicely with? I can't change the workgroup/domain it's a member of. I've never had much luck in getting two Windows machines to handle file sharing without opening up perms fully since there's no mutual authentication that I can work out unless you have a domain controller.

As I said, some of the things I've tried to do it seems like Windows just refuses to do, so if you actually have some suggestions, I'd love to hear them.

Re:Exactly why we don't need IPv6

[FranTaylor]

is there a free dynamic dns solution?

"On my home network, I've got my own machines"

You can run YOUR VERY OWN server for free!

Re:Exactly why we don't need IPv6

[FranTaylor]

I've never had much luck in getting two Windows machines to handle file sharing without opening up perms fully since there's no mutual authentication that I can work out

What's amusing is that you started out complaining about DNS, and when we get to the bottom of your complaint, it turns out that it's all based on your ignorance of Windows authentication.

Re:Exactly why we don't need IPv6

[acoustix]

Are you really afraid of colons instead of dots?

I'm not sure about the parent, but using colons as separators was insanely stupid. For example:

fe80:0000:0000:0000:0202:b3ff:fe1e:8329
fe80:0:0:0:202:b3ff:fe1e:8329
fe80::202:b3ff:fe1e:8329

The first two examples are a complete IP address. I know that the address is complete and doesn't contain a port number at the end. HOWEVER, the third example doesn't tell me shit. Does "fe80::202:b3ff:fe1e:8329" actually stand for an IP address of "fe80:0000:0000:0000:0202:b3ff:fe1e:8329" or does it stand for "fe80:0000:0000:0000:0000:0202:b3ff:fe1e with port 8329"?

The creators of IPv6 tried too hard.

Re:Exactly why we don't need IPv6

[sulimma]

Authentication is something different, but the thread is about DNS. BIND, probably the same DNS that your IP-Hoster is running so it is likely proven that your laptop is playing nicely with it, is available for windows. The DHCP server in your router can tell all local machines that they should ask your local DNS to resolve addresses.

Or, you could add all your local devices IP numbers to the hosts file on all machines. For a small number of machines this should be feasible.

I am not an expert on authetification and file sharing, but Samba, LDAP, Kerberos, etc. are all available for windows.

Re:Exactly why we don't need IPv6

[Bengie]

You can't "extend" IPv4 without breaking it. 48 bits is not a natural amount when it comes to aligned data. Minor issue, but most CPUs work on 32/64 bits at a time, so at least 64. Also, if you knew anything about the issues of routing, the length of the IP address isn't about having more devices as much as being able to hand out HUGE blocks of IP address, not care about the waste, while benefiting from not having fragmented routing.

Fragmented routing tables is a BIG issue. Route table fragmentation is inversely related to the amount of wasted IP addresses.

Another large benefit of HUGE address ranges is you don't need to have thousands of devices requesting IP addresses from a central broker and causing massive contention. Instead you assume your chance of obtaining an already in-use IP address is almost none. This gives you optimistic IP address allocation, which scales MUCH MUCH better.

Re:Exactly why we don't need IPv6

[gstoddart]

What's amusing is that you started out complaining about DNS

I didn't start out by complaining about it ... I merely said that your oh-so-useless statement of "Maybe you should try DNS sometime" wasn't really offering much insight as to why people still use IPV4 addresses.

and when we get to the bottom of your complaint, it turns out that it's all based on your ignorance of Windows authentication.

So, did you have anything useful or constructive to add? Or are you mostly just here to snark and act like a petulant dick?

Re:Exactly why we don't need IPv6

[unixisc]

Like drilling for oil, more efficient extraction techniques can efficiently harvest the (many) remaining IPv4 blocks. And let's face it: IPv6 is not favored by the man on the Clapham omnibus. He understands the clean format of IPv4, but IPv6 is just annoying! What's the deal anyway with 2^64 devices on your personal network? This is way over-specified. Some practical geeks need to come up with a clean extension to IPv4 (48 bits should be plenty) that uses the current dot formatting.

This is an incredibly stupid post - who ever bothers remembering any IP addresses - be it v4 or v6? It's just something the devices use to communicate w/ each other - other than that, people use DNS and easy to remember names. There is a fine argument to be made about colons vs periods, but beyond a point, it's just being anal. And I agree that having 2*64 for a link is overkill, although this was probably done to enable auto-configuration. This is one thing where I think that the designers of IPv6 could have gone w/ 64:32:32 instead of 48:16:64 for their split b/w the global prefix, subnet and interface ID.

Re:Exactly why we don't need IPv6

[FranTaylor]

So, did you have anything useful or constructive to add?

You should crack a book about Windows Authentication. Try running a samba server and look at the debug output

Maybe you can realize that begging for tech support doesn't exactly confirm your credentials for passing judgement about network protocols.

Re:Exactly why we don't need IPv6

[Bengie]

Since my work laptop isn't allowed to join my "home" workgroup, there is no DNS which will work between by laptop and my machine.

At least assign a static IPv6 address to your laptop then add it to your HOSTS file. The biggest issue people have moving from IPv4 to v6 is they're not used to have many IP addresses per machine. This will be the standard for IPv6. Create static addresses.

The only way to do file/printer sharing is by IP address.

On my Win7 network, my $60 HP printer can be addressed via name because of P2P name resolution protocols. Should work if you're in the same broadcast domain and same subnet assuming your systems and devices support the protocols. Even the PS3 resolves and my router sees all the names also. Seems to be a very standard protocol.

For internal to my own network, I'm not sure what IPV6 offers *me*

Probably nothing. Most small internal networks won't benefit. I can think of a lot of benefit it will give me on the internet. tons of IP addresses to allocate to each FreeBSD jail, no NAT issues, and multicast will be f'n awesome once apps start to use it. I see P2P VoIP being very easy with asymmetrical internet connections.

Re:Exactly why we don't need IPv6

[hairyfeet]

Lets see YOU sir figure up an IP V6 address map for...lets say a 40 person small business, in your head. the problem with IP V6 is that while it is easily MACHINE readable it is sure as fuck not easily HUMAN readable. study after study have shown we humans work best with small patterns that have an easy to follow syntax. Ever notice how many people when giving you a phone number have the same cadence when reading it to you? its dot, dot dot duh, dot dot duh, dot dot duh duh. That is just how the human brain works friend.

I can tell you that when the big switch happens, at least in the flyover states, its gonna be a big fucking mess. Can you HONESTLY say that if someone showed you a pile of IP V6 addresses and said "One of these has a problem in either the address or the subnet" you could just pick it out on the fly? But I bet even your average teen wouldn't have a problem spotting the 184 address in a pile of 192 addresses because it would stick out like a sore thumb.

If they wanted more numbers they should have added more numbers. hell you want to throw in letters? Sure I'd say adding a letter to the front of each group of numbers would have been perfectly fine. but throwing in hex was a BAD move because most normal people, hell most geeks, can't just auto convert hex in their head or spot patterns easily in hex, its just not how we work.

Re:Exactly why we don't need IPv6

Does "fe80::202:b3ff:fe1e:8329" actually stand for an IP address of "fe80:0000:0000:0000:0202:b3ff:fe1e:8329" or does it stand for "fe80:0000:0000:0000:0000:0202:b3ff:fe1e with port 8329"?

The former, your ip:port example would be [fe80::202:b3ff:fe1e]:8329
RFC3986

Re:Exactly why we don't need IPv6

[unixisc]

DHCPv6 servers ought to come default on IPv6 routers and other equipment that run IPv6. Heck, if Windows 7 had the ability to configure the network according to DHCPv6, one could set up one's network w/ static, dynamic, public, private and whatever other addresses one needs. Note one thing that's very different in IPv6 - a node can have several IPv6 addresses, something that was not there in IPv4, and therefore be member of different networks @ different times and locations. Really handy for phones, tablets and laptops.

Re:Exactly why we don't need IPv6

[FranTaylor]

For internal to my own network, I'm not sure what IPV6 offers *me*

Probably nothing. Most small internal networks won't benefit.

IPv6 has private addresses, just like IPv4 except the chance of collision is vanishingly small. With IPv6 you can properly route packets to your buddy's lan without requiring one of you to change their private IP addresses.

Re:Exactly why we don't need IPv6

[unixisc]

Actually, that's one of the first things that the IETF tried - making the first 12 bytes of the address all zero, and just overlaying the last one to be what was called 'IPv4 compatible IPv6 addresses'. This was deprecated in 2004. Another set of addresses, which were ::ffff:w:x:y:z, which was called 'IPv4 mapped IPv6 addresses' also existed, but while that's not been deprecated, it's rarely used, its support is implementation dependent and its use is generally discouraged.

Unlike IPv4, where addresses were released on an ad hoc basis, in IPv6, there is a hierarchical release of addresses from IETF to IANA to the 5 RIRs. The RIRs in turn assign it to different ISPs, countries or whatever entities they deal with.

Re:Exactly why we don't need IPv6

Your router could easily keep one side ipv4 and the other side ipv6

Re:Exactly why we don't need IPv6

[FranTaylor]

DHCPv6 is not the only way to do it, so mandating it is kind of silly

With zeroconf and IPv6 autoconfig, you don't actually need to run a DHCP server at all.

Re:Exactly why we don't need IPv6

[gstoddart]

Maybe you can realize that begging for tech support doesn't exactly confirm your credentials for passing judgement about network protocols.

Are you this much of a douchebag in real life? Or just on the internet?

Because if you're like this in real life, one of these days someone is going to separate you from some of your teeth.

Re:Exactly why we don't need IPv6

[unixisc]

It's not annoying, but I do think the IETF could have defined it better. Instead of only the first 12 bytes being used for the global prefix, the first 16 bytes could have been so assigned. After that, the subnet could have been assigned 4 or 8 bytes, and the interface ID the remainder. Advantage of this would have been a more hierarchical structure to it, especially at the subnet level.

I understand the auto-configuration argument that has been made - Ethernet link-layer (MAC) addresses are 48 bit, while SCSI cards have 64-bit addresses. However, thinking practically, no network is ever likely to have 4 billion users on a subnet - the collisions would just grind traffic to a standstill. Therefore, it would have been good to cap every network to 4 bytes - which would be enough to cover everything a user could conceivably need.

Re:Exactly why we don't need IPv6

[FranTaylor]

one of these days someone is going to separate you from some of your teeth.

"did you have anything useful or constructive to add?"

anger managment maybe?

Re:Exactly why we don't need IPv6

[KlomDark]

> most geeks, can't just auto convert hex in their head or spot patterns easily in hex, its just not how we work.

As it was once, so again it shall be.

You couldn't be a geek prior to 1980 without knowing how to convert hex to decimal to binary to octal.

Re:Exactly why we don't need IPv6

[ceoyoyo]

"Possibly a limitation of Windows"

There you go.

And no, if it's your home network you don't need IPv6. You don't need IP either, really. You could use something else. Nobody cares.

IPv6 is for when you want to talk to someone who isn't part of your home network.

Re:Exactly why we don't need IPv6

[FranTaylor]

Can you HONESTLY say that if someone showed you a pile of IP V6 addresses and said "One of these has a problem in either the address or the subnet" you could just pick it out on the fly?

Don't we have, like, computers, that do that kind of thing?

Re:Exactly why we don't need IPv6

[FranTaylor]

IPv6 is for when you want to talk to someone who isn't part of your home network.

With IPv6 autoconf, you can just plug your computers into your network and you don't have to configure them at all. Isn't that how a home network is supposed to work?

Re:Exactly why we don't need IPv6

[jeffmeden]

Like drilling for oil, more efficient extraction techniques can efficiently harvest the (many) remaining IPv4 blocks.

And let's face it: IPv6 is not favored by the man on the Clapham omnibus. He understands the clean format of IPv4, but IPv6 is just annoying! What's the deal anyway with 2^64 devices on your personal network? This is way over-specified.

Some practical geeks need to come up with a clean extension to IPv4 (48 bits should be plenty) that uses the current dot formatting.

Yep, already thought of that. If 128 bits isnt to your liking, certain arrangements of 0s in series effectively shortens the printable address while still maintaining integrity of the address space across all 128 bits. 192:168:0:0:0:0:0:1 becomes 192:168:1. It's even easier than IPv4! No need to remember which you set your private nat up to be; 192.168.0.0/24 or 192.168.1.0/24...

Re:Exactly why we don't need IPv6

A different friend went there, and discovered he had an IPv6 address. His ISP had provided it for him, and he had literately never known.

Actually, this could be a problem - a lot of firewall packages understand ipv4 without understanding ipv6, or are set by default to inspect v4 without even looking at v6 traffic. Let your friend know that this could be the case, and that they could be unknowingly accepting all inbound connections on that address.

Re:Exactly why we don't need IPv6

[Dog-Cow]

Huh? I've done multiple IPv4 addresses on single interfaces many, many times over the years. In what way is it "not there"?

Re:Exactly why we don't need IPv6

[Belial6]

I thought there was something about it. Perhaps they decided that trying to shim in a hack wasn't worth the trouble.

Re:Exactly why we don't need IPv6

[acoustix]

So, in other words, they changed something that didn't need to be changed.

Re:Exactly why we don't need IPv6

[unixisc]

Can you assign multiple IPv4 addresses to your network card on your PC?

Re:Exactly why we don't need IPv6

[bbn]

Can you HONESTLY say that if someone showed you a pile of IP V6 addresses and said "One of these has a problem in either the address or the subnet" you could just pick it out on the fly?

Yes. Learn about IPv6 addresses, you can pick up a ton of information just looking at the address. First subnets (called links now) are all the same size, to do something like you ask you only need to look at half of the address. My address block is 2001:1448:201::/48 - very easy to tell if an address starts with that or not! Compare that to IPv4 subnets that requires a calculator to find the first and the last address included in the subnet (192.168.102.252/21 - give me address range please, only the most hardcore can do that in their head). IPv6 subnetting are almost always done by the nibble boundary so there is no calculation.

Just because it is hex does not mean you have to treat it that way. It is very common to simply ignore it. I can name my computers 2001:1448:201::1, ::2, .., ::9, ::10, ::11 and so on. So I just skipped 6 hexdigits there, so what? There is plenty where that came from.

Re:Exactly why we don't need IPv6

[heypete]

DNS is great, except I'm sure the bastards at ISP headquarters will still charge a monthly fee for a static ipv6 addy and more for a block.... simply because they CAN... and is there a free dynamic dns solution? Last i checked (some years back), no.

Sure. They even specifically support IPv6.

I've also had good luck with CloudFlare, who includes DNS as part of their free service. That includes dynamic DNS.

Afraid.org also does free DNS, including dyanmic DNS and IPv6.

Re:Exactly why we don't need IPv6

[Angostura]

I would, but I can't recall the address of the DNS server.

Re:Exactly why we don't need IPv6

[unixisc]

Problem w/ autoconf - particularly EUI-64 - is that it uses your Link-layer ID (MAC ID for an ethernet card) to create your address. Normally, layer 2 addresses don't go out w/ a packet that leaves a network. But if the layer 2 address is embedded within the layer 3 address, which is what EUI does, it will easily get recorded by malware that scans such packets, and then once they've excavated what your MAC address is, telling your router to route traffic to your node is trivial.

The advantage of using DHCPv6 is that you can have it issue dynamic public addresses to your computer for whatever duration you want it, while some other addresses can be used statically, for things like web servers, mail servers and so on. Zeroconf and autoconf only enables you to use ONE of your 2^64 addresses.

Re:Exactly why we don't need IPv6

[Dagger2]

I agree that 2^64 hosts is a bit more than you can sanely fit on a subnet. I am not convinced that moving the boundaries over so that /48 and /64 become /64 and /80 (or /96) would have been useful though.

My justification for this is that there are 5000 /48s available per person on the planet, where each /48 is enough for an entire network. How many people do you know who manage 5000 administratively-separate networks? That would need to be everyone for the current use of /48 to be a problem.

And even if that does happen, that's only out of 2000::/3. We still have five more /3 blocks available, so we can do it all over again if we really need to.

(I take it you meant characters or nibbles in your first paragraph; a full v6 address is 128 bits = 16 bytes.)

Re:Exactly why we don't need IPv6

[NJRoadfan]

Then run an internal IPv4 network, nothing is stopping you from running dual stacks.

Re:Exactly why we don't need IPv6

[Bengie]

The point isn't to have enough IPs for every user, but to have enough IPs such that the chance of collision is low. The other thing you miss is the ability to merge large corp networks. If you have to merge two companies with two datacenters with 100,000 machines each, the chance of a colliding IP address with only 4 bytes is quite large.

Re:Exactly why we don't need IPv6

[slimjim8094]

Read up on the privacy extensions, which are essentially like ephemeral ports except they're just randomly-changing addresses. They work quite nicely.

Furthermore, why would you ever want to reuse an address, unless it's static? There's effectively no limit.

Re:Exactly why we don't need IPv6

[unixisc]

In IPv4, there were only private addresses. In IPv6, the non-routable addresses are of different types - link-local, unique-local and site-unique. Link-local (fe80::/10) is the same as any LAN addresses a computer would get once it's in a LAN. Unique local addresses (fc00::/10)are addresses that are globally unique, but not routable: they would however, probably be useful in connecting different VPNs. Site unique addresses (fd00::/10) were created w/o the global unique requirement, since it wasn't obvious that an address issued would be globally unique.

For the GP, one probably wouldn't want a printer to be on the public internet, so here, using a site unique address would probably be the way to go, after connecting to it via a VPN. In IPv6, each box can have multiple addresses, which wasn't the case w/ IPv4, so he's correct about the first point about letting someone's work computer join the home network.

Re:Exactly why we don't need IPv6

Every machine on my IPv4 network (ok, not Oracle boxes) gets its IP via DHCP (ya know, that's kinda like IPv6 autoconfiguration...). Merging with another network would be no problem.

What was your point again?

Re:Exactly why we don't need IPv6

[inasity_rules]

Yes. I have done so several times.

Re:Exactly why we don't need IPv6

[unixisc]

Easy - let's say I've gotten from my ISP, say, 2001:400:b00b::/48. I assign it a subnet number, say 2, and within the last 8 bytes, just assign numbers from 1 to 40. With a DHCPv6 server, I'd probably set it up to have certain addresses for web and ftp servers, certain addresses to be dynamic addresses to be cycled b/w those 40 guys. An IT guy should be able to lay out a map that supports any policies that he has in mind, and w/ a larger address reserve, it gives him plenty of more options.

Anyway, you miss the point about IP addresses - they are supposed to be how the machine interacts w/ other machines. If you want to check out HP's site, do you normally go to 15.240.238.51, or do you just type hp.com in your address bar? It'll be the same thing here - if you want to visit facebook, will you go to facebook.com, or type out all those characters?

And nobody is ever going to convert decimal to hex or any of that. Hex is simply being used for notation, where due to 16 bytes of address, it's the most convenient. One could have used hex even to denote IPv4 addresses, but people never thought of it that way. Bottom line is - with this protocol, the header defines the source and destination addresses as consisting of 128 bits of address. You can denote it with a 32 figure hex address, or a 50 figure decimal address or even, if you prefer, a 128 figure binary address. It was not grown by 'adding numbers' - it was grown by redefining the number of bits that are recognized as the address. How you want to read it is up to you.

And unlike in IPv4, where you had to look at the subnet masks to figure out the size of the network, everything is fixed in IPv6. The first 6 bytes are the global prefix, the next 2 bytes are the subnet address (together, these 8 bytes make up the network address) and the remaining 8 bytes are the address within the network.

Re:Exactly why we don't need IPv6

[Miamicanes]

> Lets see YOU sir figure up an IP V6 address map for...lets say a 40 person small business, in your head.

Actually, it doesn't *have* to be as bad as you think, regardless of what some of the more ardent IPv6 advocates might say (IMHO, they're their own worst enemies who manage to forge arguments & disagreement that's completely unnecessary for the sake of pedantic academic abstraction).

Let's look at how things work now... you basically have two chunks of data to remember:

1. Your public IP address: a.b.c.d

2. Your private IP addresses, all of which almost certainly fall within a block of 253 between 1 and 254 of some C-like /24 network. In most cases, every computer you deal with has the same first three values, and differs only with respect to the last. Going a step further, you probably don't randomly use the whole range... your router is probably x.y.z.1, your DHCP is probably x.y.z.200-x.y.z.250, you probably have a bunch of virtual port-forwarded servers clumped between x.y.z.10 and x.y.z.20, and the PC you personally use is probably x.y.z.100 (just to make your life easy).

Now... let's suppose you're a Comcast customer. In all likelihood, the first two chunks of your IPv6 address will be 2001:055c (or, if you prefer, 2001:55c).

As a practical matter, most IP addresses you're likely to see for the next 10 years will probably begin with 2001, or one of a half-dozen or so values common to nearly everyone in America. It doesn't have to be that way, and won't be that way forever, but for now, think of the old pre-cellphone-number-portability days when 99% of the people you called on a daily basis were in one, maybe... MAYBE two, area codes. And it never even OCCURRED to you that "1" was America's country code... it was just the digit you dialed first when making a long-distance call (and later, the digit that affirmed your understanding that the call might not be "free").

Anyway, that brings us to 055c -- Comcast's first netblock. Every IP address that begins with 2001:055c belongs to Comcast. In all likelihood, AT&T will have a similar block for DSL & U-Verse, and Verizon will have one for DSL & FIOS. In theory, they could have one for DSL and a different one for FIOS, but keep in mind the next two chunks, which will specifically define the second half of the 64-bit prefix assigned to you. Those two blocks -- 32 bits -- include more valid prefixes that can be assigned to customers than there are usable addresses in the entire IPv4 address space. So, there's plenty to go around.

Let's suppose for a moment that you get lucky, and as an early-adopter, you end up with a prefix like 2001:055c:0037:0e94. If you prefer, it can be written as 2001:55c:37:e94. Now, compare that to memorizing 64.192.87.239. The "2001" fades into the background noise (for now), because just about every address you'll see begins with it anyway. That leaves 55c:37:394. Is that really any harder to memorize than 64.192.87.239?

"But wait," you protest... what about the last 64 bits? No human can ever remember some god-awful address like 2001:55c:37:e94:8d1f:ca90:ff03:2109!"

And you're absolutely right. Which is why your desktop PC, whose internal IP address is currently 192.168.100.100, has as its fixed IP address 2001:55c:37:e94::100

"But... But... I read somewhere that the last 64 bits would be detmined by the MAC address!". And you're right... if you leave Windows up to its defaults. That's how zeroconf works. And the nice thing is, as a computer-savvy invididual, you don't have to do it that way. There's absolutely NOTHING to stop you from going into Windows' network control panel and explicitly setting your ethernet adapter's IPv6 address to 2001:055c:0037:0e94:0000:0000:0000:0100 (which can be equally represented as "2001:55c:37:e94::100").

Much nicer, no?

Of course, the trailing "100" isn't "really" a 100... it's actually 256... but neither your computer nor Comcast has to know that. You're perfectly free to limit 16-bit chun

Re:Exactly why we don't need IPv6

[unixisc]

For things like web servers, mail servers, file servers and so on, you'd need static addresses. Other than that, dynamic, but publicly routable addresses are better.

Re:Exactly why we don't need IPv6

[rs79]

"IPv6 is for when you want to talk to someone who isn't part of your home network."

Or anyone else's, really.

Re:Exactly why we don't need IPv6

[unixisc]

I do think they could have used '-' or '+' as a separator, instead of ':'

Re:Exactly why we don't need IPv6

[Hawke]

and then once they've excavated what your MAC address is, telling your router to route traffic to your node is trivial.

Could you further explain this attack vector, cause I've not really understood it so far. The bad guy has your IP address. Exactly what is the additional harm in letting him know your MAC address?

I understand the issue of "probable iphone MAC => iphone specific vulnerabilities", but that doesn't seem to be what you're talking about here. (And really, that's not a significant barrier to the attacker anyway. You did something that let him see your IP address: the odds are quite good that he already could figure out your OS more reliably than using a MAC -> OS mapping)

Re:Exactly why we don't need IPv6

[rs79]

If you need that many words to explain how simple something is, you've already lost.

Re:Exactly why we don't need IPv6

[rs79]

"This is an incredibly stupid post - who ever bothers remembering any IP addresses - be it v4 or v6?"

8.8.8.8 ? 8.8.8.4? 192.168.1.10?

So, I'll only agree with half of the quoted remark.

Re:Exactly why we don't need IPv6

[Bengie]

Can you do so without changing IP addresses? IP renumber is very expensive for network/server admins and it is a very common thing with merging corp networks.

Re:Exactly why we don't need IPv6

[amorsen]

On my home network, I've got my own machines, and I have my work laptop. Since my work laptop isn't allowed to join my "home" workgroup, there is no DNS which will work between by laptop and my machine. I can't change that part of my network config either.

There is Zeroconf, which Apple calls Bonjour. Your machines probably already speak it.

Re:Exactly why we don't need IPv6

[unixisc]

On my XP box, when I go to control panel, Network connections and then select Local Area Connection, and then go to Internet Protocol and select properties, there is only ONE address that I can tinker with. How did you get more?

This is on XP - I'm not sure whether on Vista or 7, one can have more, but there, IPv6 is the default. In Linux, if I use system-config-network, I get an option of only ONE address again..

Re:Exactly why we don't need IPv6

[amorsen]

once they've excavated what your MAC address is, telling your router to route traffic to your node is trivial.

If they can administer your router, it is trivial to discover your MAC address whether you use IPv4 or IPv6 and whether you pick static or automatic assignments. The MAC address is kept in the ARP table for IPv4 and in the neighbor table for IPv6.

Anyway, every modern OS supports privacy extensions to autoconf, so just enable that (they will likely be enabled already). It's a bitch to write firewall rules when the IP address changes daily though.

Re:Exactly why we don't need IPv6

[Hawke]

Lets see YOU sir figure up an IP V6 address map for...lets say a 40 person small business, in your head.

Ok.

Our ISP gave us the subnet fd00:cafe:babe/64. I'll put the RA daemon and router on ::1, and use autoconf for the rest

That was easy.

Re:Exactly why we don't need IPv6

[amorsen]

Can you assign multiple IPv4 addresses to your network card on your PC?

You can, and if they are in the same subnet it will even work. If they are NOT in the same network, it works until it doesn't. There are important cases where it works flawlessly, like if every other machine in the same subnet ALSO has an address in both subnets. Good luck enforcing them.

And yes, I'll likely get a hundred replies with "multiple addresses in different subnets work for fine me". Good for you. Don't touch anything, and if you do, don't complain when it breaks.

In IPv6 it actually works, as long as all routers are aware of it or all hosts with multiple addresses do policy routing to hit the right router. Those are workable conditions, you can build a good network like that.

Re:Exactly why we don't need IPv6

[amorsen]

multicast will be f'n awesome

Don't expect multicast to happen. No one has demonstrated a way to make multicast scale to the Internet. It only works in controlled networks.

Re:Exactly why we don't need IPv6

[amorsen]

Can you HONESTLY say that if someone showed you a pile of IP V6 addresses and said "One of these has a problem in either the address or the subnet" you could just pick it out on the fly?

Yes, definitely. It is generally much easier with IPv6, because you are likely working with either /64 or point-to-point. You are very rarely dealing with splitting stuff on non-nibble boundaries. For the most part you can just forget about the lower 64 bits unless they were manually assigned (and they are likely below 0x100 in that case, so easy as well). That leaves the upper 64 bits, where you can usually ignore the upper 32 (more likely 48) as well, they will almost always be the same for all addresses in an organization. Now you're down to handling just 32 (or even 16) bits, which is dead easy.

The additional space means room for giving sensible addresses to different parts of an organisation. Just hand them 16 subnets if they need 2, that way they won't come back and ask for more.

Re:Exactly why we don't need IPv6

[amorsen]

Every machine on my IPv4 network (ok, not Oracle boxes) gets its IP via DHCP (ya know, that's kinda like IPv6 autoconfiguration...). Merging with another network would be no problem.

Ha! Obviously said by someone who has never tried it.

Re:Exactly why we don't need IPv6

[amorsen]

You can do address shortening in IPv4 too if you want... The rules are confusing, and much equipment gets them wrong.

Re:Exactly why we don't need IPv6

[noncey]

Actually 64bit CPUs dont work with the full 64bit address space. They are typically limited to a 40bit address space for actually memory, and 48 bits for virtual memory.

Re:Exactly why we don't need IPv6

[unixisc]

You're right - I should have stated 6 bytes, 8 bytes and so on - halved those numbers, since I did mean to say bytes. Actually, I should have simplified it by just using the 'words' equivalents - first 3 being the prefix, next 1 the subnet and remaining 4 the interface ID.

However, if you hierarchically organize those segments the way it is, so that the RIR/country assigns the second word, the ISP assigns the third and the customer assigns the fourth, there is a lot less there. Also, imagine a large organization that's there in a few countries, has several campuses and within each campus, several IT department rooms where all the gear goes. If they wanted to hierarchically organize it today, they have to lease something more than a /48 - something like a /32. But had it been split as 64/32/32, then from the 5th & 6th word, they could have had the first byte represent country, second represent city, third represent campus and fourth would have gone down to each IT department. Each of those would have had enough addresses for half the world's current population.

The other argument I've seen is the utilization, as expressed by the Host Density ratio, which is defined as the log of the number of allocated addresses divided by the log of the number of allocatable addresses. Going by the current definition, the denominator would be the log of 2^32, while the numerator would be whatever the actual usage is. Reason being that 2001 for the first word is almost fixed (although numbers from 2200 to 2800 have already been allocated by IANA to the various RIRs) while the 4th word is the subnet, which the RIRs wouldn't be touching, although APNIC, and maybe RIPE as well, assign /56 rather than /48 size blocks, slightly eating into the subnet space). Once you look at it systematically laid down that way, the host density ratio would actually be quite high.

I know that there won't be a one size fits all, but once a subnet size starts varying from 2 bytes to 1 byte, it seems to suggest that the IETF might have done well to have fixed the Global prefix to 4 words, and then split the lower part of the address b/w the subnet address and the interface ID.

Re:Exactly why we don't need IPv6

I consider myself a bit of a geek. I have a MacBook, iPad, iPhone, and use The Cloud. Every new iDevice I buy. I even wear square thick-framed glasses like a geek. I can print, email and chat to my friends on my MacBook. But I just don't get hexadecimal.

Re:Exactly why we don't need IPv6

The only way to do file/printer sharing is by IP address. Possibly a limitation of Windows that doesn't allow you to do any 'real' networking between machines unless you buy the Enterprise Super Happy Fun edition ... clearly my Vista Home Ultimate edition isn't capable of doing this.

There are many ways to "real networking". You don't even need to use TCP/IP, but if you insist on it:
1) by IP address: requires static ip address and either a small network or lots of beer.
2) by hostname: requires static ip addresses, hosts file maintenance, and definitely lots of beer
3) by WINS server: requires a WINS server (*nix/samba or a windows server)
4) by WINS broadcast: this is what you are attempting. It does not span workgroups/windomains. It never has and never will
5) by dns: requires a dns server. You have one. It's on your router. You just haven't configured it properly.

You may think you are joining in the Slashdot fun by mocking Microsoft, but in this instance, MS is doing things right and you are doing things wrong.

Re:Exactly why we don't need IPv6

[Miamicanes]

2/3 the length was self-defense.

If I simply said that in my post-IPV6 network my 192.168.100.1 PC was 2001:55c:37:e94::100, somebody would have felt compelled to point out that ipv6 addresses are hexadecimal and missed the point that there's no requirement that you actually USE digits A-F.

Likewise, if I didn't include the background about zeroconf and the obligatory note about a router not being strictly needed in a purely-ipv6 network, there would have been a half-dozen replies pointing out that you don't actually *have* to do anything NAT_like with IPv6.

It's unfortunately, but you aren't allowed to make IPv6 sound human-manageable in polite company. Its supporters will shout you down and make it sound like the theory behind fractal image comppression. And if that fails, they'll beat you up and tell you to use DNS instead of raw IP addresses, totally missing the point (raw IP addresses always work, even when DNS is totally borked).

Culturally, IPv6 is very much the realm of academics who refuse to tolerate the equivalent of Cliff's notes. If you don't exhaustively document your arguments and prove that you did your homework, they'll attack and criticize you. It's a shame. Especially now that Comcast managed to rip away the shroud of academic abstraction that formerly clouded the whole topic, and has come up with a viable way to let their customers (for the next few years, at least) have their cake & eat it too... a personal /64 ipV6 network prefix to call your own, plus a real IPv4 address to fall back on until the day it becomes as moot as a fax modem (when you realize you set up the computer weeks/months ago, and never bothered to install the drivers for it). ;-)

Re:Exactly why we don't need IPv6

[swalve]

If you have to remember it, you are doing it wrong.

Re:Exactly why we don't need IPv6

[Local+ID10T]

If you need that many words to explain how simple something is, you've already lost.

Not at all.

Re:Exactly why we don't need IPv6

[swalve]

I think that makes you a third wave geek.

Re:Exactly why we don't need IPv6

[jbolden]

The comment about /etc/hosts is right. That's what I use for my home network. What IPv6 offers you for your home is the end of having an external and an internal numbering scheme. Every box has its own IP, and you can setup the scheme in a way that makes sense for total addressability. Which means you can use someone else's external DNS if you like.

Re:Exactly why we don't need IPv6

[jbolden]

I wouldn't use windows networking at all. Just file share using NFS and don't use Windows protocols. Most locked down windows machines can use an NFS mount.

If you want to be cute. Grab any piece of junk machine and set Samba as a Primary Domain Controller for your home network with the same name as the domain controller your laptop wants. You'll trick the laptop out.

Re:Exactly why we don't need IPv6

[jbolden]

What you are describing is pretty much how v4 to v6 gateways work. But that to happen locally, as part of your own subnet it can't be done globally.

1) How does a v4 device respond to a request from a v6 device with an address that isn't 0001?
2) There are no routing tables how does a 0001... get delivered everywhere in the world?

Re:Exactly why we don't need IPv6

[jbolden]

Looking at tables of meaningful IPv6 address is just as easy as IPv4. Most of the digits don't change so you treat the whole block as a big graphic and look at the few meaningful digits.

Re:Exactly why we don't need IPv6

[jbolden]

One thing that creates 4 billion users is IPv4 to IPv6 done locally. You have to throw in the entire IPv4 address space into your subnet.

But excluding that. We aren't likely to use the first 64 bytes either. The v6 space is massive.

Re:Exactly why we don't need IPv6

[bill_mcgonigle]

Can't you just program your router with a bitfield to XOR againt the MAC in both directions?

Re:Exactly why we don't need IPv6

[halltk1983]

Multiple IPs in multiple networks is standard fare in Linux. Very common. Believe it or not, not all of us are constrained by the limitations of Windows.

I work on this stuff on a daily basis as part of my job, but that is one part that Just Works (tm)

Re:Exactly why we don't need IPv6

[mibus]

I can tell you that when the big switch happens, at least in the flyover states, its gonna be a big fucking mess. Can you HONESTLY say that if someone showed you a pile of IP V6 addresses and said "One of these has a problem in either the address or the subnet" you could just pick it out on the fly? But I bet even your average teen wouldn't have a problem spotting the 184 address in a pile of 192 addresses because it would stick out like a sore thumb.

Without specifically addressing your example, I'd like to say that I (as a sysadmin, who has been running v6 servers for ~3 years) MUCH prefer v6 addresses.

Let's take 2001:44b8:8020:ff00::84. I remember that one off the top of my head, as it happens. And, actually, I remember a LOT of the v6 addresses for servers I look after, off the top of my head. Why? Because they make sense.

2001:44b8::/32 belongs to the organisation I currently work for. "80" is always in there for our Adelaide datacentres. (b0 for Sydney, c0 for Melbourne, etc). Different prefixes are allocated for customer use. "20" is because it's the second DC (Our primary DC is 8060, aka ADL6). :ff00: designates a VLAN interface - :ffxx: VLANs are all ones for Systems Infrastructure. ::84? Primary DNS resolver. ::85 is a secondary. Other system types have other common IP groupings.

The IPv4 address is 203.16.214.237. Utterly meaningless in comparison.

In other instances, I can recognise at a glance that something is part of a particular VLAN behind a particular ASA. IPs can finally actually have meaning beyond just squeezing them in. Not to mention the pain when you fill a /28, because new requirements popped up 6-12 months after the address-space was carved up...

The best part? It's not set in stone, there's plenty of address space for us to use a different scheme just by toggling a bit or two near the top of the address space.

PS. Of course this is all my opinion, not my employer's, yada yada :-)

Re:Exactly why we don't need IPv6

[Dagger2]

The first part isn't really almost fixed to 2001 -- the actual RIR allocations are listed here. The RIRs have /12 blocks assigned to them, with space to expand that to a /7. They also have older /23 blocks allocated out of 2001::/16. The first part might look like it's fixed to one of a few values, but that's because the address space is big enough that the RIRs haven't needed to use those bits yet. They'll use them when they need to.

Likewise, the minimum ISP allocation is /32, but each /32 is actually taken from a /29 reservation that the ISP can grow into. ISPs that are already large get bigger allocations -- mine has a /24, with a /21 to grow into. Allocation isn't done strictly on word boundaries.

It's perfectly fine for sufficiently large companies to get allocations in the /32 range. We have a billion /32s available. That's only one per seven people, sure, but we've just said we're talking about very large companies -- they have a lot more than seven employees each. (Of course the allocation should reflect the size of the company's network; if they're too big for a /48 but too small for a /32 then they should get something inbetween. I've seen /40 and /44 allocations to universities, for instance.)

Even taking the HD-ratio into account doesn't change things that much. If you use a HD-ratio of 0.8 (which is fairly low; IPv4 was around that number in 1998-99 or so) my "5000/person" figure from before becomes something more like 10-20 /48s per person. This is a number a person can realistically manage to hit, but I still don't see everybody on the planet managing that.

Finally, we have five more unused /3s that we can do this all over again in. We could even change the allocation strategy in those /3s, if we discover that our current strategy is bad. I don't think we'll fill 2000::/3, but there's an escape plan available if we do. We could have done it using your split, but we didn't, and from the numbers I don't believe the split we did decide on is going to be problematic.

Re:Exactly why we don't need IPv6

[inasity_rules]

I get a tab in windows labeled alternative configuration. Not sure why you don't? I use windows xp or 7 pro, though, and I do this a fair amount for work. I have never tried to use both network configs at once, since I normally put the ip addresses on separate networks. There is a way to do this under Linux too. Not sure how from the GUI though. This feature is really useful for me since I often have to connect my laptop to the clients networks in order to test/reprogram firmware.

Re:Exactly why we don't need IPv6

[unixisc]

Can't firewall rules be written to cover an entire link address i.e. a /64? So that if an incoming packet wants to visit any node in the network and the firewall deems the source as hostile, it blocks it regardless of how often the address of its destination has changed?

What exactly are the privacy extensions to autoconf - is it masking some of the bits obtained after autoconfiguration, so that the chances of figuring out other information like layer 2 addresses becomes more difficult?

Re:Exactly why we don't need IPv6

[unixisc]

Sounds like a good plan.

Alternately, within EUI-64 itself, if they just added a step where EUI gets NANDed or NORed w/ the global prefix and subnet, that too would give a masked interface ID, which cannot be used to trace back what the original layer 2 address was.

Re:Exactly why we don't need IPv6

[unixisc]

In Linux - RHEL to be specific - system-config-network is what is used to assign an IP, and here, it just offers one the option of a single IP. Of course, if one edits /etc/hosts or other config files, I guess that would be trivial, as long as one knows all the files that need to be touched up for this purpose. Dunno whether it's different in Debian and other distros, though.

Re:Exactly why we don't need IPv6

[unixisc]

I can't speak for others, but as someone who's been learning what I can about IPv6 all the time, I am certainly not against making IPv6 sound simplified enough for people. However, seeing repeated memes about IPv6 here - especially about how it is incomplete in the absense of NAT, which somehow magically implies security - is what normally has IPv6 advocates frustrated at having to beat the same dead horse. Related in this argument are the claims that end to end connectivity is broken by firewalls (it's not - end to end connectivity is only disrupted when it turns out that the destination address is NOT the final destination address, and has to go further through a LAN to reach its ultimate destination). The other big meme is the complaint about IPv6 being incompatible w/ IPv4, which is a duh, given that the moment you add even 1 bit to the source and destination addresses, you're breaking IPv4.

Other than that, most of the arguments center around the advantages of IPv6, most of which are driven by NAT. One thing about your response to Hairyfeet, you mentioned using a NAT6, but in fact, there is no such thing as NAT6, or NAT66. The only time NAT exists in IPv6 is when it needs to interact w/ IPv4, since the latter is so heavily NATed. If NAT is ever introduced in pure IPv6 networks, I hope they do it only w/ a single universal interface ID address (say a:b:c:d:ffff:ffff:ffff:ffff), so that only one address is recognized as NAT and can be used that way, while all the rest support the original end to end connectivity.

I do disagree w/ rs79: not everything is simple to explain or understand, and if one splits up the explanation into understandable descriptions of what's there, it's a job well done. I do compliment you for explaining it well. Only thing I'd have added, which is needed to understand this - the protocol itself needs 128 bits, and whether one uses binary, decimal, octal, hex or even some unicode character set is tangential to the question of whether the protocol itself needs 128 bits, 64 bits, 48 bits or 33. Reminds me of the joke some IPv6 thread back on /. that people use 999.999.999.999, and have a trillion addresses that way, but still compatible. I do think the IETF could have used a better notation - this was I think mentioned to Vint Cerf in his /. interview a while back.

On the flip side on your explanation of not using characters, if one can live w/ just the alphabet letters a-f, one can do away w/ numbers and just use characters for the addresses ;-)

Re:Exactly why we don't need IPv6

[jrumney]

Note one thing that's very different in IPv6 - a node can have several IPv6 addresses, something that was not there in IPv4

There is nothing to stop you configuring multiple IPv4 addresses. In fact it's quite normal for a node to have a 169.254.x.x address in addition to any address assigned to it by DHCP or static configuration.

Re:Exactly why we don't need IPv6

Do you run a DHCP server? Does your work system get DNS information from it? If so then you can share the DNS between them.

Re:Exactly why we don't need IPv6

[unixisc]

Any idea why these 2 addresses - IPv4-mapped addresses and IPv4-compatible addresses were deprecated? Yeah, one of them hasn't officially been deprecated, but its usage is discouraged. I've not seen a good explanation anywhere of why that happened.

Re:Exactly why we don't need IPv6

[tzot]

> 192.168.102.252/21
This is meaningless. 192.168.102.248/21 would be correct. Was that an intentional error on your part?

Re:Exactly why we don't need IPv6

[bbn]

If it was it was a good one - you are wrong :-) That is a /21 meaning the last octet in the netmask is all cleared...

Re:Exactly why we don't need IPv6

[unixisc]

How can your ISP give you fd00:: anything? That's a site unique addresses, similar to private addresses in IPv4. If you have an IPv6 network, even before you've connected it to the internet, you can assign site-unique addresses and link local addresses (fe80::/10). So within it, you can assign anything to all the 40 boxes.

Once you decided to connect to the internet, your ISP would at least have to give you the first 3 words of the address - like a 2001:55c:abcd. (In APNIC, they'd give you the first 7 bytes, and you get 'only' 256 subnet addresses.) You then do what you describe above - put the RA demon and router on ::1 and then an autoconf. Of course, if the IT admin doesn't want to assign hex digits to the thing, he'd do well to skip autoconf completely, and either manually assign them, or use DHCPv6 - whichever s/he thinks is easier.

Re:Exactly why we don't need IPv6

[unixisc]

Honestly, I think they should have invented 6 new symbols that would represent 10-15, instead of using A-F when they devised Hexadecimal. Preferably from a 7-segment display from symbols that don't represent any of the Roman alphabet characters. In other words, inverted 4, 7, horizontally flipped 6 and 9, and a couple of more ( 1- and something else). At least, there wouldn't have been that confusion w/ characters.

Actually, octal is best, and would have looked more elegant, since 8 and 9 would have dropped off, and instead of 128 bits, they could have used 96 bits, w/ the first 60 being network and subnet, and the next 36 being the interface ID. It could then have been segmented in groups of 12 - like say 1234.5670.765.4321.0123.4567.7654.3210. Only problem would be the alignments, though, since CPUs tend to work better with 32 bit, 64 bit values.

Re:Exactly why we don't need IPv6

[unixisc]

I don't disagree w/ you much - I'm aware that the other blocks, such as 2400::, 2600::, have been allocated by the IANA downstream. I just was presuming that initially, the RIRs might exhaust their 2001:: before they go into those. Which may or may not be a valid assumption - if someone wants less than a /32, they might use those.

By sufficiently large companies, I'm guessing that you're talking about large ISPs or organizations scattered over many locations either within a country, or worldwide - I can't imagine other companies that would need that many links. Since their entire work forces could easily be captured within one link, if they happened to physically all be there. Incidentally, while you are seeing allocations larger than /48, the RIRs other than ARIN don't necessarily follow the same policies. APNIC for instance, hands out a /56, and one has to justify asking for a larger block of addresses. And usually, from what I understand, they do follow the nybble boundaries, just to be humanly readable.

One thing - the HD ratios are not going to translate the same b/w IPv4 vs IPv6 global prefixes. An HD of 0.8 in IPv4 meant that out of a total of 2^32 addresses, 2^25.6, or 50,859,008 addresses were being utilized. But the same HD ratio, applied to the IPv6 global prefix, would give you 362,703,572,709 addresses, and w/ a world population of 'just' 7 billion, there is no way you'll ever get anywhere even close to that. If we assume that everybody in the world gets 5 /48s, you'll get a total HD ratio of 0.73, as per my calculations.

And as you point out, if the current allocation strategy is unsatisfactory, it can be changed even after moving out of 2001::/16.

Re:Exactly why we don't need IPv6

[unixisc]

Actually, that was one of the goals of site unique addresses, but looks like the IETF couldn't figure out a way to create a non-routable address system in which nothing was duplicated. But had that been realized, large corporations would have been able to use those, and seamlessly form VPNs where the risk of collisions didn't happen, as w/ IPv4 w/ all the 192.168.x.x and 10.x.x.x addresses used to have.

So given that the IETF gave up on site unique addresses and went to site local, where the chances of overlap are as high as link local, how is this goal of IPv6 realized?

Re:Exactly why we don't need IPv6

[unixisc]

DHCP and autoconfiguration are different. In autoconfiguration, the client host picks its own address, and gets it known using RA, and the user doesn't have to do a thing. In DHCP, at the server end, the administrator designs the policies by which the addresses are assigned to each node, and that's how each node gets its address. In fact, DHCP and autoconfiguration are 2 of the 3 ways of assigning IP addresses - the third one being manual (which makes less sense in IPv6 than it did for IPv4).

Re:Exactly why we don't need IPv6

[unixisc]

The needs of the extra address bits come into place when one wants to do a hierarchic organization of the address space. Such as the simplification of routing, and so on.

Re:Exactly why we don't need IPv6

Like drilling for oil, more efficient extraction techniques can efficiently harvest the (many) remaining IPv4 blocks. And let's face it: IPv6 is not favored by the man on the Clapham omnibus. He understands the clean format of IPv4, but IPv6 is just annoying! What's the deal anyway with 2^64 devices on your personal network? This is way over-specified. Some practical geeks need to come up with a clean extension to IPv4 (48 bits should be plenty) that uses the current dot formatting.

2^64 ensures something downright awesome. You see, a MAC address on a interface is (roughly) unique world wide and is 48 bits. With 64 bits for the local space they can have every single device auto configure based on its own MAC and barring a mistake that puts to machines with the same MAC on the same LAN there will be no conflicts. With automatic router advertizement you can do almost everything needed to replace DHCP too! (the rest are being sorted).

Re:Exactly why we don't need IPv6

[jbolden]

I don't follow. First off your main post is written in terms of bytes when I think you mean bits. There are only 16 bytes to hand out total, I don't think you want all of them for the global prefix. Regardless, for ISPs the hierarchy is already there for routing the first 64 bits give you 64 different levels. Similarly for subnets, you can choose to route further out. The system allows for a 128 level hierarchy theoretically.

Re:Exactly why we don't need IPv6

[Bengie]

Back in 2008 there were tests by AARNet checking that multi-cast was working across the public internet and over oceanic links.

Thus each user of an IPv6 subnet automatically has available a set of globally routable source-specific multicast

Re:Exactly why we don't need IPv6

[Bengie]

addressing != processing
While your post is correct, it's off-topic.

Re:Exactly why we don't need IPv6

[ceoyoyo]

Well, IPv4 does that pretty reliably now too.

The point is, IPv6 isn't required for gstoddart on his home network. He can be a codger and stick with his IPv4 if he wants to. Unless he wants to talk to someone ELSE'S network, of course.

Re:Exactly why we don't need IPv6

[pnutjam]

See that advanced button at the bottom, click it.

On linux you can define multiple addresses using the console.

Re:Exactly why we don't need IPv6

[unixisc]

Somehow, I interpreted your earlier statement about throwing the entire IPv4 address space in the subnet as doing something similar to the IPv4-mapped and IPv4-compatible IPv6s - just take an IPv4 address, throw it in and start incrementing the numbers. I pointed out the hierarchic organization of the network portion of the address, and how having simpler routing tables wouldn't have been possible had the address space been simply increased by a few bits instead of a whopping 128 bits.

You're right - I got the bytes and bits mixed up. For simplicity, I've decided to start using words, since a word describes a single segment separated by ':'.

Anyway, what I was saying, which got lost due to the above error, was that the IETF, instead of using the first 3 words for global prefix, next 1 word for subnet and then next 4 words for interface ID, should have dedicated the complete first 4 words to global prefix, next 2 words to subnet and the remaining 2 words to the interface ID. I understand the advantages of autoconfiguration, but honestly, no subnet is ever going to have even close to 4 billion users, no matter how advanced networking technology is, simply due to the huge probability of collisions within that network. So the last 2 words would have been plenty. Dedicating 2 words to the subnet would have enabled large organizations to organize their networks in a hierarchaic layout if desired. It would also alleviate the need of organizations to want /32s or /21s from their RIR, and be self sufficient w/ their /64s.

However, as others have pointed out, when 2001::/16 gets filled, if the allocation policies are found to be unsatisfactory, this could be changed from a 3:1:4 to a 4:1:3 or a 4:2:2 split.

Re:Exactly why we don't need IPv6

[jbolden]

No... what I meant by that was that frequently the way v6 to v4 works is by mapping the space onto a subnet.

For example if my address is 1122:3344:5566:7788:9900:AABB:CCDD:EEFF my subnet is
1122:3344:5566:7788:: and so I might do something like have the entire v4 address space at 1122:3344:5566:7788::1100:0000::

Which is an example of (from the v6 perspective) having 4 billion address inside my subnet. As far as shortage the smallest possible subnet is the size of the internet squared. How can anyone have problems with a hierarchy this big?

I think you are thinking of subnetting in too much of a v4 sense. I think the definition has changed to

first 64 bits = public routing scheme (i.e. regulated)
second 64 bits = private routing scheme (unregulated)

So for the large organization the question is whether they want to use normative routing or not.

Re:Exactly why we don't need IPv6

[unixisc]

I am thinking of subnetting in the IPv6 sense only. In IPv4, the subnets could be any size from /9 up to /30, which is why subnet masks were invented. I know that in IPv6, it's fixed, and support it. My only disagreement was an implementation one i.e. where to define the subnet.

To use your example above, the subnet is (in bold) - 1122:3344:5566:7788:9900:AABB:CCDD:EEFF. Actually, some of the RIRs may reduce it to 1122:3344:5566:7788:9900:AABB:CCDD:EEFF. I was suggesting that it should have been 1122:3344:5566:7788:9900:AABB:CCDD:EEFF or 1122:3344:5566:7788:9900:AABB:CCDD:EEFF. That way, organizations wouldn't have needed to buy /32s from their RIRs, and all RIRs could have had a fixed global prefix of the first 4 words. Right now, while ARIN gives out /48s or more, other RIRs like APNIC give out /56s, so obviously it's not a one size fits all. A /64 would have given the RIRs everything they needed and would have been under a public routing scheme, while the last 4 words would have been a private routing scheme.

I somehow don't see how you define the subnet in IPv6 to be regulated, if its size is allowed to vary from 16 bits to 8 bits. Making the entire first half of the address the global prefix fixes it. For the unregulated portion, either fix the demarcation between the subnet and the interface ID (simpler) or allow customers the option of allocating either 1 word or 2 words for the subnet, and respectively, 3 words or 2 words for the interface ID (the address within the subnet).

Re:Exactly why we don't need IPv6

[amorsen]

What exactly are the privacy extensions to autoconf - is it masking some of the bits obtained after autoconfiguration, so that the chances of figuring out other information like layer 2 addresses becomes more difficult?

It is simply a different way of acquiring IP addresses automatically, with guaranteed randomness if desired, and with the provision for regularly changing addresses.

Re:Bullshit

You cannot own an address, you lease it.

From who? Come on boys and girls, the person you lease something from is called an... umm... what's that word? Help me out?

Re:Bullshit

[game+kid]

They find a way (or pretend to), in much the same way as they find how to "own" an employee Facebook or Twitter account--if the law is not on their side, the post-nasty-legal-threat settlements will be.

Sublet

[tepples]

If it's a lease, why can't you sublease the remaining months on your lease of an address range?

Re:Bullshit

In this case, ARIN, RIPE, or APNIC.

class a blocks

[sdnoob]

ford could've averted their recent financial woes by auctioning off their 16 million ip addresses http://whois.arin.net/rest/net/NET-19-0-0-0-1

Re:class a blocks

How do you think they survived without a bailout? They got loans on these addresses as collateral.

Re:class a blocks

[rgbrenner]

Ford was profitable in 09, 10, and 11.

So by "recent" I assume you mean 2008, when it lost 14.6 billion.

From TFA, each address is worth about $12.

So unless math has changed and 12 x 16million equals 14.6 billion... No, they could not have "averted their recent financial woes by auctioning off their addresses".

Re:class a blocks

That's not even the only one.
http://whois.arin.net/rest/net/NET-136-1-0-0-1

There are many more. I'm not even sure ford uses the one you listed (this one is active)

Such a waste.

Re:class a blocks

[Dog-Cow]

Ford most definitely uses 19.x.x.x.

My PC: 19.86.28.191

Some of my servers:
    19.106.162.23
    19.110.162.23

Re:class a blocks

Right but I can't even route to those addresses. What's the point of using public IP space if it's only internal?

Re:class a blocks

Ford was profitable in 09, 10, and 11.

So by "recent" I assume you mean 2008, when it lost 14.6 billion.

From TFA, each address is worth about $12.

So unless math has changed and 12 x 16million equals 14.6 billion... No, they could not have "averted their recent financial woes by auctioning off their addresses".

You clearly do not know the 101 of demand and supply ...

Scarcity drives the price up yadayda ...

They do NOT own 14.5B of $ value of ip adresses . Sorry.

Re:class a blocks

[amorsen]

Right but I can't even route to those addresses. What's the point of using public IP space if it's only internal?

Renumbering is a royal pain, and Ford probably uses 10/8 already. A /8 is too small to comfortably handle a global organisation these days. For most Fortune 500's, an extra /8 for private use would be absolutely great.

Re:class a blocks

[bill_mcgonigle]

So by "recent" I assume you mean 2008, when it lost 14.6 billion [businessweek.com].

Only $14.6B if you don't count the $16B in commercial paper The Fed bought from them. They're lucky they got a bailout.

not for sale!

I will never sell my ip address for any amount of money! It's 127.0.0.1!
It follows me where ever I go - it's very valuable, too.

Re:not for sale!

I will never sell my ip address for any amount of money! It's 127.0.0.1! It follows me where ever I go - it's very valuable, too.

I know! 127.0.0.1 is like the best pr0n site ever!

Best of all, it knows exactly what I'm into and don't show all kinds of crap (literally AND figuratively) like some other pr0n sites.

Thanks, buddy! You're the best!

Re:not for sale!

mine is 192.168.1.101. Good luck hacking into that!

Re:not for sale!

[n5vb]

I know! 127.0.0.1 is like the best pr0n site ever!

I did not know that about you..

Re:not for sale!

[damien_kane]

mine is 192.168.1.101. Good luck hacking into that!

No need to hack; I have root on that box

Re:not for sale!

[unixisc]

Keep it, but add ::1 to it as well

Re:not for sale!

You just reminded me of the sweet little old lady who calls up the ISP, wanting to know when the next CD is coming out. Seems she was under the impression that the Internet was like a magazine, and that the CD that installed our customized browser was "The Internet".

IPv4 forever?

[ACK!!]

It seems that we have been running out of addresses for 10 years or something and everyone has been talking about moving to IPv6 since the late ninteties ? I am sure there is a limited range of numbers and the issue is real but also seems like fodder for sensationalist tech journal articles.

Re:IPv4 forever?

[SJHillman]

Yes and no - we have been running out, but we also haven't been sitting idly by while that happens. Stuff like NAT has become far more common, which takes the pressure off for a little while. It's not too different from the whole oil crisis - we have a limited amount, but new technologies and recycling techniques can extend the date where it's finally completely exhausted.

Re:IPv4 forever?

[Dan+East]

That's nothing. Wait until you see what happens when the clock rolls around on midnight on Dec 31st, 1999.

Re:IPv4 forever?

[jandrese]

Yes, we've seen this iceberg coming for well over a decade now and we're only just now starting to really turn the wheel. There is a lot of inertia across the board. The good news is that there has been a lot of behind the scenes work done, including getting IPv6 in most consumer and commercial devices. Old hardware is still a problem. Worse, on the Cisco and other large router vendor side, many of the earlier devices supported IPv6 in software only, meaning that it would work fine for a lab or network without much IPv6 traffic, but if you tried to switch over everything to IPv6 you would crush the router. This problem should go away over time as older hardware is retired and replaced.

Re:IPv4 forever?

[paulpach]

It seems that we have been running out of addresses for 10 years or something and everyone has been talking about moving to IPv6 since the late ninteties ? I am sure there is a limited range of numbers and the issue is real but also seems like fodder for sensationalist tech journal articles.

You are 100% correct. It was clear then and it is clear now how it will play out. All it takes is just a little analytic thinking: We will never run out of IPv4 addresses. Yes, you read it right: NEVER.

What will happen is that as supply of IPv4 remains flat, and demand for it goes up, supply and demand laws kick in, and the price of an IPv4 address goes up. As prices go up, people sitting on unused addresses will start selling them, and people that need them will start buying them (This article is a good example). So the market will naturally redistribute IPv4 addresses from wasteful uses to more productive uses. This will also mean that there will ALWAYS be an IPv4 address for you to purchase if you want to pay the price, that is why I say we will never run out of IPv4 addresses.

There will be a point, where cost of an IPv4 address will be greater than the cost of switching to IPv6. This threshold will start happening for a few sectors first. My guess is Business to Business applications and back office services first. At some point cell phones too since there are so many. At some point, ISP will start offering an IPv6 only plan with some backward compatible proxy which would be cheaper than IPv4 plan for consumers with limitations. Web sites will want to be optimized for these consumers, and will start offering their content in both protocols. This will make IPv6 switch less and less costly as more content is available for it. Once enough consumers are in IPv6, web sites will start ignoring IPv4 altogether to save the cost of an IPv4 address.

Eventually, enough momentum will be gained by IPv6 that IPv4 will go the way of the typewriter, where it is available, but nobody cares.

This will be a smooth transition, no crisis, no armagedon, just free market pushing the change slowly and efficiently. This process will take years. No one is or should be in a rush to switch or panic, just switch when it is cost effective to do so.

Re:IPv4 forever?

[omglolbah]

Several oil rigs would have gone into shutdown had there not been an update to the timestamping of data before the change-over.

That nothing happens is not a case of 'there was no problem' it is a case of 'almost all shit got fixed'.

Re:IPv4 forever?

I don't think we were ever running out, the problem stems from early on when companies were allocated far more IP's then they would ever use. I mean really why do these companies need an entire class A block, why do they need approximately 16 million IP addresses?
3 General Electric
  4 BBN Planet
  6 Army Information Systems Center
  8 BBN (corporate)
  9 IBM
11 DoD Intel Information Systems
12 AT&T
13 Xerox PARC
14 Public Data Network
15 HP
16 DEC
17 Apple
18 MIT
19 Ford
20 Computer Sciences Corporation
21 DDN-RVN
22 Defense Information Systems Agency
25 Royal Signals and Radar Establishment
26 Defense Information Systems Agency
28 ARPA DSI JPO
29 Defense Information Systems Agency
30 Defense Information Systems Agency
32 Norsk Informasjonsteknologi
33 DLA Systems Automation Center
34 Halliburton Co.
35 Merit Network Inc.
36 Stanford
38 PSI
40 Eli Lilly and Co.
43 Japan Inet
44 Amateur Radio Digital Communications
45 Interop Show Network
47 Bell-Northern Research
48 Prudential
49 Joint Tactical Command, Control and Communications Agency
51 Department of Social Security of UK
52 Du Pont
53 cap debis ccs
54 Merck
55 Army National Guard Bureau
56 U.S. Postal Service

Re:IPv4 forever?

[raxx7]

Mostly agreed, though I have a slightly different take on the succession of events.

Cell phones are already, mostly, behind LS-NAT (without IPv6). My guess is that consumers will be next.
Many if not most consumers won't want to pay much to have a public IPv4 because, for them, sitting behind a ISP level NAT (LS-NAT) won't be too bad -- at first, at least.
Web browsing will mostly work; most P2P applications will work as long as one of the peers has a public IPv4, etc.
So, when faced with the option to pay extra for a public IPv4, I think they'll be the first to opt to have a IPv4 LS-NAT.

Eventually though, being behind a LS-NAT or having your website's users behind a LS-NAT will become troublesome though, as more and more people do. Ie, performance might be worse, P2P applications won't work between two customers which are both behind LS-NAT, etc.
At that point, ISPs will need to offer IPv6 access to their IPv4 LS-NAT customers, websites will want to support IPv6 so communication can go around the LS-NAT.

I'm actually a bit optimistic about this.
Major "fixed" (DSL/Cable/Fiber) ISPs seem to have plans to deploy (IPv4+) IPv6 before to their customers before they have to start deploying LS-NAT.

Re:IPv4 forever?

[compro01]

And after we go through the kicking, screaming, hair pulling, and chair throwing to reclaim those blocks, it would push back exhaustion by about 15 months at best and then we're out again.

Re:IPv4 forever?

[JSBiff]

The real issue isn't "running out", it's more like "running tight" - there will always be some limited number of "available" IPv4 addresses out there, available to the highest bidder.

But, we have a situation of "artificial scarcity" *for numbers*. The nice thing about integers, is that there's an infinite number of them available. Why should we suffer the pain of scarcity for something which is unlimited?

For now, the answer seems to be that upgrading to IPv6 will, it is thought, cause more pain, but I think that when people actually see how ridiculous things get in a world where IPv4 addresses are scarce, that they'll see the benefit of ending artificial scarcity.

Re:IPv4 forever?

[GreyFish]

Look at the dates on this page:

http://www.makenaoceanfrontcottage.com/availability/12months.php?pid=1&year=19112

May 19112? April 19112?

That's a y2k bug, still going strong 12 years later...

They are real, there are still a few out there, and a lot of effort went into finding and fixing the ones you *don't* see.

Re:IPv4 forever?

[Bengie]

"Hey guys, we have a new toy, here's some numbers you can have". 25 years later.. "shiat"

It may have been /., but some site had an interview with the creator of IPv4 and he said it was just a proof-of-concept, but it took off before IPv6 was finalized. Once IPv4 become too popular, IPv6 went to the back-burner for a bit.

Re:IPv4 forever?

[rs79]

Nobody has asked the question "do we actually want the rest of those yobbos on the net in the first place" ?

Are you sure (y/n) ?

Re:IPv4 forever?

You are 100% correct. It was clear then and it is clear now how it will play out. All it takes is just a little analytic thinking: We will never run out of IPv4 addresses. Yes, you read it right: NEVER.

What will happen is that as supply of IPv4 remains flat, and demand for it goes up, supply and demand laws kick in, and the price of an IPv4 address goes up. As prices go up, people sitting on unused addresses will start selling them, and people that need them will start buying them (This article is a good example). So the market will naturally redistribute IPv4 addresses from wasteful uses to more productive uses. This will also mean that there will ALWAYS be an IPv4 address for you to purchase if you want to pay the price, that is why I say we will never run out of IPv4 addresses.

IPv4 addresses are not fungible.

The routing tables are already fucked up, this is going to make the whole IPv4 Internet slower over time.

Re:IPv4 forever?

[swalve]

Who is using 57-126?

Re:IPv4 forever?

[jbolden]

You are forgetting that you can split IPv4 that finely. Router table fragmentation is already a serious problem. There are also problems of partial transitioning. Things like geo location fail if your customers are using v6 to v4 gateways. Things like session maintenance also fail if v4 addresses are expensive and carriers pool them more tightly. Public facing websites are already starting to fail that will get worse.

The next area is security. v4 security equipment doesn't understand v6 tunnelled traffic. As resources are available on v6 and carriers will move v4 traffic you'll start seeing lots of tunnels.

So no, this will be very messy. v4 will have substantial functional problems by 2015 with companies that aren't ready for the transition.

Re:IPv4 forever?

[jbolden]

Yes they are going to do that. The carriers don't want carrier based NAT. The regulators don't want carrier based NAT. Consumers will be the easiest to switch and will free up tons of v4 addresses for business users.

Re:IPv4 forever?

Indeed. Because nothing bad and newsworthy happened everyone thinks "what a fuss about nothing, a waste of all that money 'fixing' it".
Actually it shows it was money well spent because the problems were indeed fixed.

It'd be wrong to say there were *no* problems. There were. http://en.wikipedia.org/wiki/Year_2000_problem#Documented_errors
And they're just the major newsworthy ones. Probably many companies in-house software had issues to, but of limited impact.

On 28 December 1999, 10,000 card swipe machines issued by HSBC and manufactured by Racal stopped processing credit and debit card transactions. The stores relied on paper transactions until the machines started working again on 1 January.
When 1 January 2000 arrived, there were problems generally regarded as minor. Problems did not always have to occur precisely at midnight. Some programs were not active at that moment and would only show up when they were invoked. Not all problems recorded were directly linked to Y2K programming in a causality; minor technological glitches occur on a regular basis. Some caused erroneous results, some caused machines to stop working, some caused date errors, and two caused malfunctions.
In Sheffield, United Kingdom, incorrect Down syndrome test results were sent to 154 pregnant women and two abortions were carried out as a direct result of a Y2K bug. Four Down's syndrome babies were also born to mothers who had been told they were in the low-risk group.
In Ishikawa, Japan, radiation-monitoring equipment failed at midnight; however, officials stated there was no risk to the public.
In Onagawa, Japan, an alarm sounded at a nuclear power plant at two minutes after midnight.
In Japan, at two minutes past midnight, Osaka Media Port, a telecommunications carrier, found errors in the date management part of the company's network. The problem was fixed by 02:43 and no services were disrupted.
In Japan, NTT Mobile Communications Network (NTT DoCoMo), Japan's largest cellular operator, reported on 1 January 2000, that some models of mobile telephones were deleting new messages received, rather than the older messages, as the memory filled up.
In Australia, bus-ticket-validation machines in two states failed to operate.
In the United States, 150 slot machines at race tracks in Delaware stopped working.
In the United States, the U.S. Naval Observatory, which runs the master clock that keeps the country's official time, gave the date on its website as 1 Jan., 19100.
In France, the national weather forecasting service, Meteo France, said a Y2K bug made the date on a webpage show a map with Saturday's weather forecast as "01/01/19100". This also occurred on other websites, including att.net, at the time a general-purpose portal site primarily for AT&T Worldnet customers in the United States.

Now most of those are pretty minor. The nuclear power plant monitoring that failed is slightly spine-chilling though.

Re:IPv4 forever?

[unixisc]

They went to the RIRs and were allocated accordingly. Actually, even from the above list, some of the legacy addresses were turned back to the IANA and allocated to the RIRs. Problem is that even if all of them went back to the RIRs, it still wouldn't be enough to sustain the growth of the internet.

Re:IPv4 forever?

[AdrianKemp]

That might be the first sensible thing said about IPv6 that I've seen come out of anyone but myself.

I don't need to look any further than the local university which has several blocks worth of IPs and could (should!) only have a handful.

Another prime example is my VPS service; an IPv4 costs a couple bucks a month and you have to justify a use for it, but a full IPv6 block is free, you just click a couple buttons. Over time as you say that couple bucks will become 10, 20 (I imagine v6 will come in not long after that)

Re:IPv4 forever?

[AdrianKemp]

I think you missed the whole point -- those are the costs of remaining on IPv4. Yes, the IPs get more expensive, but so do the issues of staying on IPv4 in general.

The GP is absolutely right, IPv4 will phase out reasonably slowly as the costs of using it increase.

Re:IPv4 forever?

[Kjella]

That nothing happens is not a case of 'there was no problem' it is a case of 'almost all shit got fixed'.

Yeah, I remember the journalists trying to find examples of stuff that didn't work on 1.1.2000 and they found peanuts. In retrospect I think we could have fixed just the critical systems and delivered a "good enough" solution for considerably less, but I guess it was better to err on the safe side.

Re:IPv4 forever?

[jbolden]

I don't think so.
The GP was saying that nothing much happen. Instead costs would rise. Similar to how people in the North East are being transitioned from home heating oil to Natural Gas. So he had a situation where

(a) IPv4 works well for a long time
(b) IPv6 works well but their are transitioning costs for individuals
(c) The costs for staying on IPv4 gradually increase which leads to people smoothly transitioning over to IPv6 on the basis of cost.

What I was saying was

(a') IPv4 is already starting to fail a little and that will get much worse in many ways over the next 5 years.
(b') IPv6 will be a difficult transition and lots of stuff will break.
(c') There will be no smooth transition at this point. We've waited too long. It will be blocky with non gradual sudden shifts as carriers move huge blocks of people over and change policies.

The cost of the addresses are going to be a minor factor except at the carrier, ISP level where the desire free them up will lead them to shift over homes and small businesses.

Re:IPv4 forever?

It's an approached that's always worked pretty well for houses.

Re:IPv4 forever?

[petermgreen]

It seems that we have been running out of addresses for 10 years or something and everyone has been talking about moving to IPv6 since the late ninteties ?

When the internet was initially developed it used a simple but horriblly wasteful system known of as classfull routing. Addresses were divided into classes and from each of three classes* blocks of a particular size were allocated. This system meant that many organisations ended up with a block far bigger than they really needed (many of which are being sold now) and it meant that a particular size of block could run out before all addresses did.

In the early ninties it became clear that if this system was continued addresses would quickly run-out and it was replaced in the ninties (afaict the actual replacement was somewhat gradual) by the more efficient classless system we have today where blocks of any power of two size can be allocated anywhere in the unicast address space. This improved efficiency and combined with many institutions choosing to use NAT rather than public IPs for most of their systems it bought us some time.

Unfortunately rather than spending that time ensuring that all new network equipment was suitable for** IPv6 and pushing IPv6 to customers as soon as the infrastructure was ready most providers sat on their hands waiting for everyone else to move first. CPE vendors also formed a blockage to getting IPv6 to end users natively.

So here we are, it's 2012, the IANA and APNIC have run out of v4 addresses for regular allocation. RIPE and ARIN still have some supply but will be running out within the next couple of years if current trends continue [1]. AFRINIC and LACNIC have longer projections but once RIPE and ARIN run out i'd expect to see some "RIR shopping" action deplete their pools as well . Meanwhile a large proportion of end users either lack access to the IPv6 internet or have it through the fragile nat poking automatic tunnelling system known as teredo.

Worse due to microsofts refusal to backport SNI support to XP and google inexplicablly not including it in andriod 2.x SSL websites still require dedicated IPs (which as mentioned above need to be IPv4).

Given the current levels of IPv6 penatration and the time it takes to push major changes through there will still be a real need for V4 addresses in hosting when RIPE and ARIN run out of addresses. At that point the only real option for hosting will be to buy IPs on the open market at gradually increasing prices (I wonder just what price it will take to make it worthwhile for the end-luser ISPs to deploy ISP level NAT to free up addresses for sale)

I am sure there is a limited range of numbers and the issue is real but also seems like fodder for sensationalist tech journal articles.

Well yeah that is what journalists do, the sky isn't going to fall tomorrrow but if you are planning a new network deployment or an extention to an existing one you should be thinking about this stuff and in particular you should be thinking that if your plans require new V4 IPs that you may find them difficult and costly to obtain.

* There were two other classes, one for multicast and one reserved (which can't be used because a lot of software will reject such addresses).
** As comcast found out [2] a vendor claim of IPv6 support was not sufficient to make the equipment suitable for IPv6, actual acceptance testing was (and probablly still is) required.
*** Note: because of the way IP allocation works it's not in an ISP's interest to start doing this until AFTER the pool of addresses at their RIR runs out. If they do it today they will just end up with a smaller slice of the pie in the end.

[1] http://www.potaroo.net/tools/ipv4/index.html
[2] http://www.nanog.org/meetings/nanog37/presentations/alain-durand.pdf

Re:IPv4 forever?

[AdrianKemp]

I just think you're exaggerating how bad the problem is:

a') IPv4 isn't really "failing" at all, there are some issues that NAT introduces, as well as additional workload and routing fragmentation. For the most part the solutions are new/more equipment (which conveniently will support IPv6) and sensible deployment strategies (which conveniently will support IPv6 upgrade paths)

b') isn't a valid premise, because it's your conclusion based on premises... So treating it as a forgone conclusion is a bit arrogant. Behind the scenes, the work being done to transition to IPv6 is very non-trivial, but the transition has already begun and nothing serious has broken yet.

c') There is a smooth transition happening right now My servers are available over IPv6 without any trouble at all, and my ISP has already done wide-scale testing to ensure that they're ready to flip the switch when it makes sense.

I'm sorry, but you've just bought into the fear-mongering from sysadmins that want more money or think they need to scare management into keeping them around. There are some people who have a lot of work to do to make the transition happen, but they've been on the case for several years now and generally speaking everything is going quite well.

Re:IPv4 forever?

[jbolden]

a') I'm not saying how bad the problem is. Right now the problems are still fairly minor the only thing really breaking is geo location on websites with respect to cell phones. What I was saying is how bad the problem will be.

b') No actually all those people behind the scenes doing the work are reporting it has been difficult. It hasn't gone well for them at all. All the people who have started that are not carriers are reporting it very complex. Generally 5-7 years of focused attention.

c') I'm glad your carrier has given you an v6 subnet. But in terms of transitioning difficulties that doesn't prove anything. It isn't complex to throw a server on v6 there have been some servers on v6 nets for 20 years. The fact that you are unaware of v6 problems most likely means your servers don't have the sorts of issues that create transitioning difficulties.

I think maybe you should actually hear from people engaged in v6 transitioning before blithely talking about how smoothly it is going for all of them and how easy it was.

Re:IPv4 forever?

[AdrianKemp]

I think maybe you should take your own advice.

End-users prepared: pretty much (all major operating systems, and all non-shit routers for the last several years)

ISPs prepared: yep, more so than most.

Servers available on IPv6: if not, they certainly can be

Backbon infrastructure: Getting there, it'll be ready by the time it's actually needed.

So, pray tell specifically where you think the shit-storm is lurking? I'd love for you to provide some of doomsday talk from the "people engaged in v6".

Re:IPv4 forever?

That's easily fixed, just get a bunch of white hats together and hack the Gibson, problem solved.

Re:IPv4 forever?

Not really, I'm sure in an idealized world that's correct, but the fact of the matter is that it's not just a matter of flipping a switch, there's tons of work that's involved with adding IPv6 as an option. All those switches, routers and various other network goobins don't automatically become compatible with IPv6 just because it's become expensive to get a new IPv5 IP.

What's more, why bother when you can just throw yet another layer of NAT on top of the however many layers are already there and call it good.

Re:IPv4 forever?

[jbolden]

End-users prepared: pretty much (all major operating systems, and all non-shit routers for the last several years)

And their applications?

ISPs prepared: yep, more so than most.

No they aren't, they don't even claim to be. Most ISPs haven't done the work and will find that quite a lot of equipment needs to change. More importantly they don't have the support services in place for various configurations of dual stacks on their side that they are going to be needed to support customers who have transitioning difficulties. That's why even the most foreword thinking ISPs are mainly biting off experiments with consumer and small business.

Your ISP has v6, terrific. Ask them what sorts of QoS services they get when intermixing v6 and v4 traffic both having SIP or video on an MPLS.

Right now the most foreword thinking ISPs are able to handle the simplest clients with the simplest needs.

Backbon infrastructure: Getting there, it'll be ready by the time it's actually needed.

I'd agree.

I'd love for you to provide some of doomsday talk from the "people engaged in v6".

Sure. Listen to any of Comcast's talks. They were floored how many of their management applications used IPv4 related ideas in their logic. How much different routing strategies for IPv4 vs IPv6 were built into their failover plans. They also are transitioning to v6 internally and are finding that many of their administrative applications and hardware don't support v4 nor have obvious v4 replacement.

You want someone further out. Federal agencies. They found most of the equipment they use doesn't support IPv6. So to be compliant they often would have to buy something that is uncompliant in other ways.

A10 which specialized in dual stack work. They've found that most applications including things like server management systems are unable to cope with dual stack transitions.

Re:IPv4 forever?

Some oil rigs might have shut down? That's a big letdown from the planes-falling-out-of-the-sky scenarios we were sold.

Re:IPv4 forever?

[AdrianKemp]

Yes, instead of actual evidence of what you say in the form of print/video/interpretive dance I'll just accept some hand wavy "they can't do it cause it breaks stuff :(" that has been spouted around so much it feels like Y2K all over again.

Some actual facts:

Comcast is proceeding with nation wide rollout of ipv6, there've been hiccups, but they have an ipv6 blog where they continue to provide updates about the issues they're facing and the progress of their network. [http://www.comcast6.net/]

All US departments are required to be ipv6 on all public facing resources by september. I can't tell you how close they are because the data provided by ANTD isn't wonderfully clear on targets, merely status. What I can tell you is that the number of USG domains on v6 has more than doubled since 2011. [fedv6-deployment.antd.nist.gov]

A10 is specifically working with something that is hard and prone to issues, it's no great shock that they're finding it hard and prone to issues.

Re:IPv4 forever?

[jbolden]

Yes, exactly after 5 years they are still rolling it out and there have been hiccups. That's what it means for a project to be hard. And that rollout is for home and small business the easiest.

And yes A10 is working with something hard. That's what it is going to be like for enterprise.

___

If you want evidence I gave you evidence to try on your own ISP.

Re:IPv4 forever?

[AdrianKemp]

But you're contradicting yourself.

They have been rolling it out for 5 years. As I said, the rollout is happening now and it is going quite smoothly.

What you're saying is that because a replacement server has a few setup hiccups before ever going into service as a production machine, that the transition went badly. There's always glitches in any transition behind the scenes, the simple fact is that the rollout is going quite nicely.

Re:IPv4 forever?

[jbolden]

No what I'm saying is that this project took Comcast 5 years... it cost them a lot and caused a major shift in focus. I didn't say it went badly it was expensive and complex which Comcast admits. Moreover, Comcast of all the major carriers has it the easiest because they don't have complex enterprise services.

Spoof Is a Better Word

[eldavojohn]

You do realize that GPS signals are completely passive, yes? The whole system works by computing your location relative to the GPS transmitters whose location are well known - it's impossible to hack something through the GPS signal.

So what happens when someone spams your GPS device with incorrect signals that lead you to believe that you're heading back to point A when in reality you're heading back to point B? Perhaps I should have used the word 'spoof' instead of 'hack' but the post itself is a joke.

Also, no Copbot would ever sample an unknown IP4 address like that, it might link him to malware or compromise his location.

I'm not aware of anyone being able to exploit the ping command in such a way today -- perhaps so in this future universe that will never exist ...

Re:Spoof Is a Better Word

It was a joke, based on this exchange from the satire movie Showtime about real-cops vs movie-cops:

William Shatner: [advising Trey on how TV cops taste drugs] You spear the knife into the bag... then pick some of the drugs up with the knife... then lightly press it on your tongue. And that is how TV cops taste drugs!
Detective Mitch Preston (played by Robert Deniro): What if it's cyanide? There's a reason real cops don't taste drugs.

Re:Spoof Is a Better Word

[jeffmeden]

Also, no Copbot would ever sample an unknown IP4 address like that, it might link him to malware or compromise his location.

I'm not aware of anyone being able to exploit the ping command in such a way today -- perhaps so in this future universe that will never exist ...

The fact that you pinged and got a response means the host on the other end knows you did it too, kind of like hearing a sonar ping in the ocean... But then his "errors" post was a joke too soo....

Re:Spoof Is a Better Word

The correct word for this situation is meaconing.

Re:Bullshit

What utter and serious bullshit. You cannot own an address, you lease it.

Just like beer! Amirite?

sounds a bit facebooky

[gbjbaanb]

Sure, windfall now, but next month when IPv6 day comes and all the IPv6 sites stay lit, they'll be worth a rapidly diminishing amount.

ArsTechnica has a nice piece about IPv6 and why it's not going to be such a disaster thing after all, add to that the IPv6-capable home routers that are actually being made (at last!) and the ISPs who are rolling out IPv6 networking to their customers... and it's all looking rosy.

Re:sounds a bit facebooky

[alen]

IPv6 means unique IP's for everyone of your devices
that means no need for NAT and your "real" IP will be visible on the internets
marketers will love it since there will be no more need for cookies

Re:sounds a bit facebooky

[Dagger2]

Until they discover that Windows has privacy addresses turned on by default, which basically means that their address-based cookies are cleared every day.

Re:sounds a bit facebooky

[FranTaylor]

You don't even need cookies at all if you just track their IP address

Re:sounds a bit facebooky

[Dagger2]

Yes, as I was saying, privacy addresses. What good does tracking the IP address do when they switch to a new IP every 24 hours?

Re:sounds a bit facebooky

[FranTaylor]

Who is switching IP addresses? With IPv6, your ISP has no shortage, so they will just give you a permanent one.

Re:sounds a bit facebooky

[unixisc]

Sure, windfall now, but next month when IPv6 day comes and all the IPv6 sites stay lit, they'll be worth a rapidly diminishing amount.

ArsTechnica has a nice piece about IPv6 and why it's not going to be such a disaster thing after all, add to that the IPv6-capable home routers that are actually being made (at last!) and the ISPs who are rolling out IPv6 networking to their customers... and it's all looking rosy.

The good thing about World IPv6 day this time is that it won't be turned off after a day.

It's about time that IPv6 became widely available. This should start w/ ISPs, who can provide DS or DS-lite to customers still needing IPv4 access. Other than that, since they'll ultimately have to convert anyway, they should get the ball rolling.

Other customers should do it whenever they plan equipment upgrades, so that this conversion accompanies such changes.

Re:sounds a bit facebooky

[unixisc]

How is it different w/ NAT, where the 'marketeers' would know the public IPv4 address and the private IPv4 address? Everytime a connection is initiated, the site being visited knows your address, or how else could it serve up its page on your node?

Re:sounds a bit facebooky

[Ultra64]

ah, so you have no clue how ipv6 works

Re:sounds a bit facebooky

[gbjbaanb]

you mistake what he's saying - IPv6 has a feature called "Privacy Extensions for Stateless Address Autoconfiguration in IPv6".

This means that your IPv6 address can be randomly generated within your address range handed out by the ISP so that it (to practical purposes) changes all the time. Here's a quick blog entry about it.

Re:sounds a bit facebooky

[FranTaylor]

within your address range handed out by the ISP

And you don't think this can be tracked?

Re:sounds a bit facebooky

[bbn]

Fran - Windows uses a system called privacy extension which changes your address at regular intervals. This is done exactly to prevent tracking you by your address. You still have the option to use a static address but it is not the default.

Re:sounds a bit facebooky

A new IP address on a tiny little block.

Re:sounds a bit facebooky

[JImbob0i0]

ISP doesn't give an IP address... they give a network prefix... your systems will autogenerate an address with that network prefix - and with the privacy extensions that means a new address every 24hours be default.

Re:sounds a bit facebooky

[bbn]

It can be tracked to the same level that using NAT to hide the identity of multiple computers. Which means trivially because device profiling or simply cookies is so easy nobody is going to bother doing anything else.

Re:sounds a bit facebooky

[TheLink]

Sure, windfall now, but next month when IPv6 day comes and all the IPv6 sites stay lit, they'll be worth a rapidly diminishing amount.

Really? There are still tons of IPv4 only sites in the world. Tell me how is a client going to access those IPv4 only sites without an IPv4 address being involved?

Those sites may want to support IPv6, but they can't do this if:
a) their ISP or hosting provider (EC2, Azure) does not provide them with publicly accessible IPv6 addresses
b) their DNS registrar does not have servers listening on publicly accessible IPv6 (so users cannot look up the IPv6 address of your server if nobody has an IPv4 address to talk to your registrar).

IPv4 addresses will be valuable as long as an IPv4 address is involved in any of the many steps it takes for a user to connect to a server (getting an IP, gateway, getting a resolving DNS server, using that DNS resolver, DNS resolver doing all the lookups over the internet, etc).

Re:sounds a bit facebooky

[Bengie]

no more than a NAT can be tracked.

Re:sounds a bit facebooky

[gbjbaanb]

6to4 translation - so your legacy server that requires a IPv4 (which, of course, will begin to fade away as people upgrade) can be accessed from your IPv6 client. You don't need dual stack network, what happens is the IPv4 address gets a IPv6 one at the router that begins with the special 2002: prefix.

The big win is that you won't need to purchase an IPv4 address in the future - none of us want that.

Re:sounds a bit facebooky

While IPv4 is still around, ISPs can offer NAT64 gateways to make the IPv4 servers look like IPv6 servers to the client. T-Mobile already does this, although they say the Galaxy Nexus is the only phone with full IPv6 support at moment. IPv4 is by no means dying any time soon, but IP pressure should decrease as clients transition to IPv6-only.

Re:sounds a bit facebooky

And the ridiculous part is that while the "private" part of the address changes, the /48 (or /56) subnet doesn't. And that subnet identifies your home.

Re:sounds a bit facebooky

People haven't thought through this privacy thing very well. It only works because it's changing the local part of the IPv6 address. The global part is what gets packets routed to your LAN, and that part doesn't change since it would thrash the routing tables.

So internet data miners will just ignore the local bits that keep changing, and recognize you by the large static prefix. So it may help anonymize several computers on your LAN, but the LAN's address prefix will be a more reliable "subscriber ID" than the current IPv4 addresses which are often dynamically assigned. This might be good enough for large enterprise networks, but won't do much for small consumer networks.

You need something like Tor randomly bounding your connections off a few layers of repeaters to really anonymize a population.

Re:sounds a bit facebooky

[jbolden]

No your ISP gives you an entire /64 subnet. You don't get an entire v4 internet of v4 internets worth of addresses.

Re:sounds a bit facebooky

So internet data miners will just ignore the local bits that keep changing, and recognize you by the large static prefix. So it may help anonymize several computers on your LAN, but the LAN's address prefix will be a more reliable "subscriber ID" than the current IPv4 addresses which are often dynamically assigned. This might be good enough for large enterprise networks, but won't do much for small consumer networks.

Since the issue being discussed was being able to detect the devices inside the network, that isn't relevant.

You are overstating the problem of static IPs as well. I've got a static IP and torrent, I am yet to receive hate mail from the RIAA/MPAA. In any case, the IPv6 addresses don't have to be static any more than IPv4 addresses "had" to be static. The ISP can just dynamically assign a different /48 /56 every time you disconnect and reconnect the modem, if you're using IPv6 autoconfig then this will be completely transparent (if you're using static internal addresses then a) you're an idiot [use link-local addresses instead of the global IPs] or b) You should be on an explicitly static plan if you want to host a web server or whatever for stability of the DNS)

If you're worried about the gubmint, you're way late to the party if you think a dynamic IP is any protection. ISPs keep records and larger ISPs with special "secret" rooms can upload the subscriber data constantly.

Re:sounds a bit facebooky

[jrumney]

That should be: Your ISP has no shortage, so they will just give you a permanent block of addresses. Your PC can then use the privacy extension to choose a random address from that block at whatever interval it is configured to.

Re:sounds a bit facebooky

[fnj]

How is it different w/ NAT, where the 'marketeers' would know the public IPv4 address and the private IPv4 address? Everytime a connection is initiated, the site being visited knows your address, or how else could it serve up its page on your node?

Not sure if you are serious, but no, the whole point of NAT is that the outside server has no clue whatsoever what the private IP of the ultimate client is. All he sees is a bunch of ports on the public IP of the NAT translator. The latter maintains a dynamic translation table so it is able to redirect port A on the public IP to port B on the private IP C, for all single-public-IP/port-A to private-IP-C/port-B pairs in the translation table.

To the outside server, no client on that NAT is distinguishable from any other client on the same NAT except by using cookies in the case of HTTP. Every one of those clients could be on the same machine as far as he knows.

Re:sounds a bit facebooky

[TheLink]

That sounds more like tunneling IPv6 over IPv4.

How does that help if one side _only_ has IPv4 (no IPv6 at all) and the other side only has IPv6 (no IPv4 at all).

To talk to IPv4 only hosts you need IPv4 at two ends.

One end is the IPv4 only host, the other end is the client or proxy or translation device.

Re:sounds a bit facebooky

[TheLink]

How many ISPs would use NAT64s instead of IPv4 NATs? IPv4 NATs are proven tech (with known limitations).

I believe Big Media and some ISPs will be happy with a proliferation of NATs, since that will cut down on pesky P2P.

Re:sounds a bit facebooky

He might be confused with how an IPv6 address works as opposed to a v4 address. The first 64 bits (prefix) won't change for each user but the last 64 bits will and Windows XP by default will use Privacy Extension for both the generated addresses. XP on the other hand uses 1 Privacy Extension and EUI-64. This is also the default for Linux unless you change it in sysctl.

Re:sounds a bit facebooky

[ibwolf]

How is it different w/ NAT, where the 'marketeers' would know the public IPv4 address and the private IPv4 address? Everytime a connection is initiated, the site being visited knows your address, or how else could it serve up its page on your node?

This is incorrect. The 'marketeers' only know your public IP address. Your NAT is responsible for figuring about the translation between the public and private IP addresses. Basically, it forwards your request, waits for the response, and when the response comes in, redirects it to the correct internal IP address. That is why NAT stands for Network Address Translation.

Re:Bullshit

The 70-year-old lady "owns" the lease. She is (apparently) selling her rights to those addresses. So, yes, a person can't "own an address", but you can own the rights to use it.

Tons of IPv4s are wasted

I'm well aware of at least one organization which owns a /8 network, and they don't need it. Within this organization, extremely few nodes are globally-routable, everything is firewalled up-stream, and all outbound internet traffic goes through proxies which actually mask the original class A so it's not obvious which organization the traffic is coming from.

Lab devices all get real, global IP addresses, even on small subnets. The whole thing is an insane waste when I'm quite quite sure that everything could easily be on a 10.x.x.x internal network.

I suspect they're just hoarding until the value is too high to not sell.

Re:Tons of IPv4s are wasted

[unixisc]

They may not be hoarding. Imagine that they got this Class A block a long while ago, when addresses were being distributed like confetti. So they took the main gateway router that they had at the time, and gave it the network address of x.0.0.0, and had all nodes in the network connected to it.

Over time, for security reasons, they may well have set up the system you describe, so that the original Class A addresses get masked. But that just involved incremental work in securing their network w/o breaking what already works. Yeah, they could have put everything behind a NAT server, and had a 10.x.x.x or a 172.24.x,x network, and they'd have been fine. However, it would have involved re-configuring everything, and depending on when the original equipment was procured and whether they still had the expertize to re-configure that, it may not have been a trivial job.

That company,for the same effort, could go IPv6, give everybody within the network a link-local or a site-local address, and only issue public addresses to those who need them. They'll probably just need one /64 link for that.

Another lost opportutity

[nurb432]

I almost picked up a class b in the early days but i knew i didn't 'need' it, so never did.

Of course never thought this 'internet' thing would ever be of the slightest interest to the average guy..

Doh/2

Re:Another lost opportutity

make that Doh/16

Re:Another lost opportutity

[Python]

Thats because you're a good person. You didnt need it, so you didnt take it. I'd like to see some pressure put Apple, HP, CSC, Halliburton and the others that hold /8's down in the 1-50.0.0.0 ranges to give back those blocks they arent using.

Do the right thing, give it back so some one can use it.

What are the chances

[Billly+Gates]

That ISPs are buying all of them so they can monopolize the market. The small guys who little funds didn't do the several hundred milion dollar buying binges. Now if you want 4g for your next phone purchase it must be AT&T!

I could see companies like Cisco buying all of them too so they can force you to upgrade to newer routers with IPv6 support etc.

It's Big Business

[stereoroid]

I'm of the opinion that Class A addresses were behind some of the large IT mergers. For example, DEC (16.0.0.0/8) was taken over by Compaq, who were later taken over by HP (15.0.0.0/8). So HP owns two adjacent Class A address spaces. That's got to be worth a pretty packet, and they don't really need 32 million addresses, do they?

Re:It's Big Business

[Billly+Gates]

When all the IP v4 addresses are gone they can raise the price to several hundred dollars per address. Not too bad on a $5 investment and I bet will save the company and boast the share price as a result.

IBM has MANY IP addresses too. However, they bought them in the 1990s when they were much much bigger than today and had a half million employees.

Re:It's Big Business

[greed]

15/8 and 16/8 may be adjacent, but you can't make a /7 out of them. You're stuck with two /8s. You'd need 14/8 and 15/8 or 16/8 and 17/8 to make 14/7 or 16/7, respectively.

So the value is only in the number of addresses, not in the "adjacency".

Especially since 15 is all-bits-clear in the high nybble and 16 has the lowest bit set in the high nybble; you can't combine them into anything smaller than a /3. (If I'm counting on my fingers right.)

It's all about the bitmask.

Re:It's Big Business

[amorsen]

However, 17 is Apple... They could handily buy HP these days.

Re:It's Big Business

HP? LMAO. Apple could, but why would they want to?

I have a Class C block I acquired for the asking back in 1994. What to do with it? I can't get Comcast or Verizon to route for me. Even for a T1 from a real ISP I couldn't get the ISP to route to me – they couldn't be bothered to jump through the hoops necessary.

Seriously, how much would I have to spend to make it worth some ISPs while to set up the routing?

Re:It's Big Business

[unixisc]

I thought that most US ISPs are still IPv4, and that Comcast and HE are the exceptions (not sure about Verizon). In which case, why do they find it a problem? I thought that the problem was if one had an IPv6 link - whether he would be able to use it w/ any ISP, or whether he'd be stuck w/ Comcast or HE.

Re:Bullshit

[petermgreen]

What utter and serious bullshit.

What else do you propose?

IPv4 address for regular allocation* have run out at the IANA and APNIC and will soon run out at RIPE and ARIN too.

Meanwhile IPv6 is still in it's infancy with the majority of end users not having access to the IPv6 internet. So if you want to run a public server it needs to have a v4 address.

Under these circumstances a market means that IPv4 address gradually rise in value and as that happens people will re-evalute what applications really need a public V4 address. Lack of a market means that addresses stay where they are even if they could be more lucrative elsewhere stifiling choice.

You cannot own an address, you lease it.

That is true for modern allocations, with older allocations the status is less clear.

But even for modern allocations the RIRs are coming round to the realisation that allowing some form of sales** is a good idea as part of managing the twilight years of IPv4. The alternative is that you will only be able to buy usable hosting services from providers who happen to have a pool of addresses already (most likely hosting providers who are also end-luser ISPs and so have addresses they can recover using ISP level NAT).

* There are still a few held back for special allocations.
** IIRC arin and ripe are requiring the recipiants of such sales to justify their address use to reduce hoarding.

Hoarding?

[Larry_Dillon]

Sure we should all move to IPv6, but does anyone else think that hoarding a scarce resource just makes it scarcer?

Some of the early players were granted large swaths of IP space and they should return them if they are no longer needed.

Once again, a few greedy players screw things up for everybody else.

Re:Hoarding?

Exactly. They were issued these blocks in good faith. They are hoarding them, and they dont own them - they need to return them so they can actually be used. They dont own them and they are acting in bad faith holding onto them. Of course now that there is money to be made selling IP addresses, the scum is going to rise to the top and try to take as much of a bite as they can. Kind of like the domain squatters of old, snatching up whatever they could to try and sell it to someone that would actually want to use it.

This of course is worse, its a finite resource, it doesnt belong to the people that got the allocations and as they clearly arent using them (why they are selling them) that should be a pretty indicator that they need to taken away from them.

Re:Hoarding?

[unixisc]

The proper way to deal w/ this will be the market. When the price of an IPv4 address increases to the point that it makes more sense for a company to bite the bullet and convert to IPv6, all the 'value' of those IPv4 addresses will be pissed away. Once a company discovers that for just a single link, they can get all the addresses that all of their past, present and future employees have and will require, forget about them spending an arm and a leg on IPv4.

Re:Hoarding?

[Larry_Dillon]

I think the market would be the proper way to deal with this if IP addresses had been allocated by the market in the first place. As it was, they were pretty much lent out for nothing or next to nothing.

Now, taxing IP addresses at a nominal rate might prevent hoarding and encourage those with extra addresses to return them.

If companies can sell IP addresses, they have value. If it has value it's an asset. If it's an asset, it can be taxed.

Re:Hoarding?

[Bengie]

Exactly. They were issued these blocks in good faith. They are hoarding them, and they dont own them - they need to return them so they can actually be used

You make it sound like they are doing something they shouldn't. In reality, IPv4 was a proof of concept and anyone was allowed to join the "beta" network. "Here have some IP addresses, free of charge, they're yours until we make the "real" protocol.

IPv4 takes off and now these companies who got these large /8 blocks have no restrictions because that was the contract at the time. We can't just change the contract on them because we don't like it anymore.

Re:Hoarding?

[jbolden]

The scarcity is what is finally getting carriers and ISPs to do the billions of dollars worth of work to make v6 possible. The scarcity is what is going to move consumers off v4 to v6. I wish they would be more scarce.

Re:Hoarding?

[jbolden]

Why would we want even more fragmented routing tables? What's the upside of doing all this work to hunt down addresses for the v4 space?

Re:Bullshit

[FlopEJoe]

You cannot own an address, you lease it.

I can. But that's because I'm not a penniless hippie. Wait... that's something else.

Here come the bottom feeders

And here come the bottom feeders. For example, Addrex. I cant believe anyone would want to do business with Addrex, the CEO Peter Thimmesch is a notorious conman thats destroyed more lives and ripped off more investors than I can count. Just look at the littered wrecks of companies hes been involved with.

Well, I guess if clueless people want to part with their money...

ARIN needs to just take back the address space if someone isnt using it. And this nonsense about needing a million IPs is absurd. Come on, no one is rolling out a data center with a million new boxes. And all of them internet facing? Really? No multi-tier architectures?

Nevertheless, ARIN needs to take back these allocations. No one should be allowed "own" these address spaces. If every home user can't own the IP they are allocated, then neither should anyone else. Its a finite resource and if you arent using it anymore, then give it back so it can be allocated fairly through the same process everyone else has to follow (and yes, I know its a block, but come on whos actually using a /8?! Give it back!). Otherwise this is just more gaming of the system by corrupt big moneyed interests.

Re:Here come the bottom feeders

[FranTaylor]

Come on, no one is rolling out a data center with a million new boxes. And all of them internet facing? Really? No multi-tier architectures?

Apple sells 13 millon iPhones in a quarter. They're ALL internet facing, no multi-tier architectures, and they ALL need IP addresses!

Re:Here come the bottom feeders

Now thats just silly, the carriers already have the net space to do that. You dont see them howling for more. And even if they did, despite the cries to the contrary, typically most clients dont need end to end routable address spaces. They get by just fine with NAT, so even if you did run low on address you could either NAT or hell just use IPv6 for them. Most phone companies NAT their mobile phones now because their customers dont want routable IP addresses for their phones to do all the things people do, and guess what no one cares!

And besides, IPv6 is here now. If a company wants a 1 million IPs, they can get them now with IPv6. Do you really think they are going to spend tens of millions of dollars on IPv4 space? Thats just terrible engineering. And if you are are worried they wont be able to reach IPv4 just setup a 6 to 4 NAT bridge.

Really, this isnt a real problem. Its a fake market created by opportunistic con men. When was the last time you couldnt get an IP address, a routable one on the Internet?

Re:Here come the bottom feeders

[FranTaylor]

You dont see them howling for more.

Why not google for:

www.nokiasiemensnetworks.com

"Nokia Siemens Networks Moving to Ipv6: An urgent priority"

Re:Here come the bottom feeders

[unixisc]

iOS, which is FreeBSD based, supports IPv6. So if they don't use that, the fault lies w/ the AT&Ts of the world who have yet to convert to that. If anything, the mobile space should be on IPv6 already, since NAT is the biggest impediment to Mobile IP than it is to normal communications.

Re:Here come the bottom feeders

Come on, no one is rolling out a data center with a million new boxes. And all of them internet facing? Really? No multi-tier architectures?

Apple sells 13 millon iPhones in a quarter. They're ALL internet facing, no multi-tier architectures, and they ALL need IP addresses!

You obviously have no clue what you are talking about or how cell phone networks work.

Re:Here come the bottom feeders

[amorsen]

Apple sells 13 millon iPhones in a quarter. They're ALL internet facing, no multi-tier architectures, and they ALL need IP addresses!

They don't get them. Asia has been doing 10/8 for mobile use practically from the beginning of mobile internet access there and Europe has done it for perhaps 10 years now. US is drowning in addresses, so you probably get a real IP address there, but that is not the case almost everywhere else.

Re:Here come the bottom feeders

[soundguy]

ARIN needs to just take back the address space if someone isnt using it.

Arin had a booth at Interop a couple of years ago. We were discussing the impending IPV4 address shortage and I asked them why they didn't take back Haliburton's /8? They said "because we don't want to get shot"

Re:Here come the bottom feeders

iOS is NOT FreeBSD based. It's NeXTStep merged with NetBSD parts of userland to create Darwin which has parts of FreeBSD userland merged into it in 10.2.

The kernel (XNU) is a Mach / NetBSD hybrid.

Re:Here come the bottom feeders

[Melkman]

Not yet in North America. However in the Asia Pacific region you're out of luck. If an ISP there runs out of addresses, and in China they do, they have to NAT and/or provide IPv6. Now I grant you that the west doesn't use many Chinese webservices. But Australia is in the same boat. So in the not so distant future you will find yourself unable to use some Australian webservices if you don support IPv6.
Also the BGP tables will reach 512k entries within two years. As this is the maximum for hardware forwarding tables in many (older) routers be prepared for an IPv4 slowdown as these routers will forward IPv4 traffic over the slow path. Or unreachable sites as ISP's will start to filter all prefixes longer than /24 to prevent supervisors from overloading.

The nice status of IPv4 can be found at http://www.potaroo.net/tools/ipv4/index.html
 

Regulation

[DarkOx]

I don't normally support regulation and I am not sure I'd vote for this idea if asked to myself but I want to put it out there anyway.

What if we ban, that is right ban, the use ipv4 on publicly accessible networks after say 2018. Make it illegal to route ip4v addressed packet for a third party. This would force the move to ipv6. Which I think is good for freedom and the little guy. Yes that is right a forced migration is good for the little guy.

Its big business that has interests in keeping everyone on IPv4 and its actually big business who have the bigger investment in ipv4 only gear. The little guy can afford migrate.

What this is really about is ipv4 implies NAT. NAT implies third party brokers, which imply track ability, and opportunities to create digital toll booths. You can't just send files directly to each other; oh no they have be posted to some file sharing site so they can show you adds and the NSA has a good opportunity to data mine.

Re:Regulation

[gman003]

That's a bit draconian. And probably unenforceable. And probably unconstitutional, come to think of it.

A more tolerable way would be "lead by example": pass a law saying all government networks must be IPv6 (both internally, and externally) by 2018, and that any networking and computing equipment purchased with taxpayer dollars after 2014 must be fully IPv6-capable (possibly with an exception for NSA et al. to buy completely non-TCP/IP stuff, if that's a thing they do). I know they already have some requirements like this, although I believe it's just for operating systems right now.

With the size of our current government, this means anyone not supporting IPv6 automatically loses out on a huge market. Remember, this isn't just Obama's Blackberry, this means every IRS website, every Senator's secretary's assistant's netbook, every Toughbook shipped off to ___istan, every security camera watching the grass grow next to some half-forgotten FEMA warehouse. It's a big market, that's all I'm saying.

Re:Regulation

[DigiShaman]

More simple than that. There's profit in scarcity. Eventually home accounts will be NATed by default. If you currently have a public IP, you may wake up one morning to find out otherwise (while troubleshooting your home router in frustration). If you want a public dynamic IP, you will have to pay extra for that. If you want a static public IP, that's an additional cost on top of that. The day of double NAT or being stuck with using your ISPs router/switch will be the "new normal". Get used to it.

And don't try and use the argument that you need to establish a VPN for work. They will tell you first to fuck off, and secondly, that's what a business account is for. So so sorry that our NAT breaks the GRE protocol.

Re:Regulation

So you advocate the use of force against people who don't adopt your brave new world (but HEY, you might not vote for it). Got it.

Yes, let's absolutely force the little guy to spend $100 he doesn't have because he's been unemployed for 18 months. That'll be great for him. We are such good people for making him do this!

No, big business would NEVER benefit from people being forced to buy things. This is all about the little guy.

Re:Regulation

[JoshuaZ]

It is hard for me to see why it would be unconstitutional. Fits within the Commerce Clause. Remember, as far as laws are concerned, stupid doesn't mean unconstitutional.

Re:Regulation

By 2018 everyone will have switched to IPv6 anyway. At this point, the ISPs are going to either buy expensive hardware to do extra NATting, or they are going to buy expensive hardware to handle IPv6. Handling IPv6 is the obvious choice, since they won't have to switch again later. And that's the choice most (if not all) are making. So no worries.

Re:Regulation

[unixisc]

I'm fully w/ you on this. I think the US government has started the right way by specifying that all government equipment must support IPv6, and short of a ban, they're at least doing this the right way.

I however don't think it's big business that's obstructing such a move, but rather, the fact that all businesses - small, medium and large don't want to spend the money needed to upgrade to access pretty much the same internet. Not to mention all the chicken-egg problems - the customers haven't gone there b'cos the ISPs don't support it, the ISPs don't support it b'cos the customers don't want it... Add to that the fact that even now, IPv6 support on a wide variety of products is very questionable - like those routers that support IPv6 in software, but internally only do IPv4.

Oh, not to mention the widespread perception that NAT is the equivalent of security.

Re:Regulation

[Panaflex]

Well, everyone can get an IPv6 address now through Hurricane Electric. If the kids start using it then everyone else will follow. You don't need to legislate restrictions on technology - only provide the better alternative. Once the pressures of using old tech become higher than switching it will naturally occur.

Charging for IP addresses is a fantastic idea in this regard. So is draconian state wire-tapping. Better to have people walk away in disgust than to feel romantic about the "good old days."

Re:Regulation

[Bengie]

Sorry, our version of the internet no longer works. Sounds like a great beginning to a class-action suit after many software/consoles/etc break. I'm sure Ipv6 will take off before it becomes much of an issue. Anyway, many network engineers have talked about how ISP level NAT for broadband connections is more expensive and more of a head-ache than just switching to IPv6.

Re:Regulation

If things like Eminent Domain could become law, I see no reason why this one can't.

Re:Regulation

[noncey]

The feds tried leading by example, they required all federal agencies to be IPv6 several years ago. When that was revealed to be impossible for the sluggish feds to do, then it was about proving an agency could do it, then that got kinda scaled back to just lab testing (a few agencies did some bigger tests, but most just did lab tests). So its a great idea, but the feds aren't known for being quick or early adopters. In their defense, I think it was a bit premature for them to try this. The support for IPv6 was still lacking in a lot of products, even "new" ones at the time. Plus they have a lot of legacy stuff that in some cases barely supports IPv4, and definitely didnt support IPv6. What might work better would be offer tax incentivies if you want to get businesses moving to IPv6. Right now, there doesnt seem to be much of a rush for the average consume or business.

Re:Regulation

[jbolden]

We don't need to be that extreme. There is going to be tons of legacy code that only supports v4. We are going to want that to keep working for many years.

At the same time we are going to want to move the bulk of the world to v6. The shortage is creating the right mix of incentives and no chaos. We don't need to criminalize routing.

Re:Regulation

[jbolden]

The consumers are being moved over to gateways. That will break geolocation on publicly facing websites.
The next thing is v6 resources and security via. tunneling.

Re:Regulation

[bill_mcgonigle]

SIP will break too. I suspect IPv6 will be here before that's an actual problem.

Re:Regulation

[fnj]

It is hard for me to see why it would be unconstitutional. Fits within the Commerce Clause. Remember, as far as laws are concerned, stupid doesn't mean unconstitutional.

IMHO, this goes to show how moronic the modern day absurdly loose interpretation of the Commerce Clause is. Everyone knows what interstate and foreign commerce was understood to mean in 1787 - somebody in state A buying something from state B or foreign power C, the good being therefore transported between the states or internationally. Nowadays the feds have encroached ravenously in all kinds of areas they should have no business invading.

If they wanted things the way they have made them, the correct way to do it would have been to amend the Constitution to put in a new clause to encompass all the stuff they are messing with which is not really commerce. Of course, they would have known they would not have gotten such an amendment passed without brainwashing everyone in the states.

Why does Valve care about IPv4 so much?

[InvisibleClergy]

I mean, why is Valve giving IPv4 so much more steam? Is this a sale thing or something like that?

Re:Why does Valve care about IPv4 so much?

Terrible joke, hang yourself.

captcha: rectum

IP addresses != oil

[Alwin+Henseler]

Maybe things (more or less) work that way, but personally I think IP addresses shouldn't be treated as something that can be saved / 'extracted' / bought & sold for profit.

It's not an asset, but an address space, a shared resource, a set of numbers used to manage a world spanning network. Have a share of it assigned to your organization, as necessary to run your piece of that network. When 64K numbers were assigned, other organizations have a need for IP addresses & your organization only needs a couple of hundred IP addresses, the remainder should be re-assigned to those other organizations needing them. The only money involved should be costs that originate directly from bookkeeping of what IP addresses are assigned to whom.

And if IPv4 addresses run out, move to IPv6 to leave IPv4 address space limitations behind in history / LANs / legacy stuff / niche applications.

Re:IP addresses != oil

[unixisc]

Actually, the ad hoc way in which IPv4 address blocks were first assigned is primarily responsible for the situation we are in today. The way it's being done now by the IETF, IANA and the RIRs is the right way of doing it.

Imagine you were a company in those days - the 70s - you'd typically get even an entire Class A block, even though you would probably never have 16 million employees at any given time. Your admins set up your network so that nothing is subnetted, you have a beautiful, flat address space that supports all those 16 million potential employees. Now say, you've read about the IPv4 shortage and wish to release some of the addresses you're not using. Guess what - your admins would have to reconfigure the network from a /8 to a /16 or whatever to support this. And if this is very old equipment, don't count on it supporting CIDR, in which case the network size would shrink from 16 million to 64k. Which just might accomodate what the company needs, but not necessarily.

Best thing to do - start a migration strategy to IPv6, and don't bother about having to change networks ever again!

The key to IPv6

[Kohath]

This is the key to transitioning to IPv6. People will transition to IPv6 as costs increase for IPv4. When transitioning to IPv6 is cheaper than buying IPv4 addresses, the change will come quickly.

Hopefully people will observe this and learn how change happens. It doesn't happen because you wish it would. It doesn't happen because you know The Right Way for everyone to manage their lives or their businesses or their operations. It is driven by tangible benefits, not ideology.

(Magically, this results in people seeing tangible benefits from their decisions rather than absorbing "unexpected" costs related to idealistic or mandatory early adoption.)

Pray, tell

[ThatsNotPudding]

Mr. Attorney:

as one attorney who's involved in the market says he represents a woman who came into possession of a block of IPv4 address in the early '90s and now, 'She's in her 70s, and she's going to have a windfall

How, in any tangible way is she anything more than a cybersquatter? Also: 'came into possession'? What, they 'fell off the back of a truck'? Sounds as sketchy as the legal profession.

Re:Pray, tell

[Virtucon]

Well it's the same as somebody parked on "sex.com" right? I mean if a .com can cybersquat why can't an old granny?

Re:Pray, tell

[mwvdlee]

If I buy a few million numbers out of a range of several billions when only a few thousand numbers of the entire range are ever going to be used, am I cybersquatting?
What about if two decades later it turns out everybody was wrong and we ARE using most of the range?

Maybe she knew somebody who got assigned 123.x.x.x and he gave her 123.123.x.x as a birthday present because he was broke so he couldn't give her a real present?

Those IP numbers were considered pretty much worthless when the internet started, with ranges of millions being handed out to anybody that needed a few dozen numbers. Heck, 127.x.x.x is 99.99999% wasted.

Re:Pray, tell

[RabidReindeer]

Mr. Attorney:

as one attorney who's involved in the market says he represents a woman who came into possession of a block of IPv4 address in the early '90s and now, 'She's in her 70s, and she's going to have a windfall

How, in any tangible way is she anything more than a cybersquatter? Also: 'came into possession'? What, they 'fell off the back of a truck'? Sounds as sketchy as the legal profession.

I represent the state of the late Honorable Mr. Finklestein Marklar, who while Deputy Minister of Information of Nigeria came into possession of 6 million IP addresses and I need your help to transfer them out of the country...

Re:Pray, tell

[noncey]

> If I buy a few million numbers out of a range of several billions when only a few thousand numbers of the entire range are ever going to be used, am I cybersquatting? Yes. > What about if two decades later it turns out everybody was wrong and we ARE using most of the range? Whos we? If you meant, what if your hypothetical is using that entire /8? No, youre not squatting, thats called using. But if you aren't using a /8 then yes, thats about the most obvious case of squatting I can think of. Give it back. But I think like the domain squatting slime, which required laws to prevent squatting, I think netblock squatting might be the next thing requiring regulation. Its a finite space, and if /8s are going to go for a billion dollars something has gone horribly wrong with the Internet.

Re:Pray, tell

She got the addresses in the early 1990s, a time in which the internet - or NSFnet, or whatever it was called back then - was a tiny fraction of the size it is today. How is it different to any other investment?

Also, grandmas aren't known for the technological prowess, did she even know what she had?

Re:Bullshit

[unixisc]

It's called an RIR (Regional Internet Registry)

the only way ipV6 will become common

[RobertLTux]

1 by federal law require that all routers (even the rockbottom cheapo ones) be able to deal with IPv6 when sold after %date%
2 require that all ISP provided equipment be IPv6 capable by %date%+15 days WITH NO CUSTOMER COST
3 require that the ISP backend stuff route IPv6 by %date%+45 days

at 60 days pull the FCC license for any ISP not in complience

set %date% at a fixed point no extensions no cutout deals

(oh and ISPs should be required to at no cost give a reasonable block of IP addresses to all customers)

Re:the only way ipV6 will become common

[Vairon]

> 1 by federal law require that all routers (even the rockbottom cheapo ones) be able to deal with IPv6 when sold after %date%
What in the US Constitution gives the US federal government authority to regulate the protocols supported by routers?

> 2 require that all ISP provided equipment be IPv6 capable by %date%+15 days WITH NO CUSTOMER COST
What in the US Constitution gives the US federal government authority to regulate ISP provided equipment with regard to network protocols?

> 3 require that the ISP backend stuff route IPv6 by %date%+45 days
What in the US Constitution gives the US federal government authority to regulate ISP backbone protocols?

Furthermore, ISP's don't have FCC licenses so there's no license to be pulled.

Re:the only way ipV6 will become common

[FranTaylor]

What in the US Constitution gives the US federal government authority to regulate the protocols supported by routers?

If those routers are crossing state lines then it's well established that the federal government can require that they are all painted green.

Re:the only way ipV6 will become common

A couple of things:

The FCC doesn't license ISPs to my knowledge so there isn't any license that the FCC can pull. Also, if the government mandates that any networking equipment it purchases after a given date must support IPv6, that'll go pretty far in making sure most networking gear supports IPv6. None of the large networking companies will want to be shutout of government contracts because their gear doesn't support IPv6.

Re:the only way ipV6 will become common

The Commerce Clause in the Constitution to answer all 3 of your questions.

Re:the only way ipV6 will become common

I refuse to believe you've never heard of the blank check known as the commerce clause.

Re:the only way ipV6 will become common

[RobertLTux]

"Furthermore, ISP's don't have FCC licenses so there's no license to be pulled."

so the Federal Communications Commission does not have any say as to the operation of a Communications Company?? I know that some TLA has a ticket that could be pulled to lockdown an ISP. It of course is Double Bizarre if the ISP is also a "Phone Company" that they don't have any kind of FCC license.

This one quote shows how dumb this whole thing is.

[Virtucon]

"It will be a slow, natural progression forward, with a lot of legacy IPv4 content and assets lying around,"

IPv4 content? Seriously? Assets? You mean old routers that don't support IPv6? if businesses have been buying enterprise network gear that only supports IPv4 then they deserve to have stacks of them sitting around, but there's no reason that an enterprise still can't use a LANA scheme and use NAT-PT at the edge. I swear people make the whole IPv6 thing seem like it will change the whole world, it won't. The content will be the same folks, you can still go to youtube and facebook . Although Facebook isn't quite there as yet.

it's just an evolution and yes the ISPs and large enterprises need to support it. You can even get your ISP to support NAT-PT or use tunneling, it will just take time. There are many transition standards such as NAT64, SIIT and DNS64 that also help in all this "confusion" but honestly folks if we can just get the ISPs to adopt it widely most of this confusion will go away and while we have IPv6 Days this is more an evolution not a revolution for your favorite Web apps. If you're worried that you're stuck with obsolete software or hardware that locks you into IPv4, don't worry you can still use it. Yes it will take a little change but it won't be like having to set the time on your VCR. Wait, er uhm, DVD player. Er Blu-Ray player, yeah that's it.

Re:Bullshit

[OldeTimeGeek]

For all intents and purposes the addresses that my company registered in the early 90's are ours. If we want to sell them, there's nothing within ARIN's Number Resource Policy Manual that says that cannot sell all or any part of our address space to anybody else. The transfer has to be done through ARIN and it has to be a group within ARIN's zone, but if we charge for it, ARIN doesn't care.

Re:Bullshit

[ceoyoyo]

Strange. Most people who own a house are pretty sure they own that property, and the address is a description of its location.

Did you mean "you cannot own an IP address?"

Re:Bullshit

[firex726]

And... ARIN or whoever can also revoke/reclaim them if they are not being used appropriately.

Working for a hosting provider we have to make sure and catch spammers and abusers or we might not get another allocation when we need them.

Re:take the names of individuals and organizations

[unixisc]

Just the opposite - impound all their IPv4 addresses, give them a handful of IPv6 links, and tell them to manage.

what a joke

So ip6 is slow coming and now we know why, because there is tons of money to be made selling and buying ip4. Who's idea was it to create artificial hedge fund like for IP addressing.

+1 Insightful

[mccrew]

Wish I had mod points for you today.

Watch the routing tables explode...

[John+Hasler]

n/t

Re:Bullshit

[kimvette]

You cannot own an address, you lease it.

Free Waterfall Junior: "You can't own property, man."
Farnsworth: "I can. But that's because I'm not a penniless hippie."

early blocks were allocated under different rules

[Chirs]

In the early days the blocks were allocated with different expectations. It would be legally problematic for ARIN to try and take them back.

Which book?

[tepples]

You should crack a book about Windows Authentication

Which book do you recommend that is affordable (no three-figure-USD extortionate college textbooks please) and will ship with time to spare before this Slashdot discussion is archived?

Re:Which book?

[FranTaylor]

You can download the samba source package in a few seconds for free, it's jam-packed with all the info you could ever need.

If you want better than that, you'd better have a checkbook and some money in your account.

Re:Which book?

[halltk1983]

Nothing quite like setting up samba to understand windows auth. http://www.gentoo.org/doc/en/quick-samba-howto.xml

Alternatively, you could pick up one of the official MCSA/MCSE books. These do an alright job of covering it. Maybe it's just because I'm a linux admin, but I learned more from installing samba than I ever did from windows books.

Re:Which book?

[pnutjam]

I run Samba. He's still going to have problems where he tries to ping mycomputer and his computer is mycomputer.corp but his home computers are looking form mycomputer.homenetwork

Re:Bullshit

Most internet users to do not even have a regular IP address anymore. It is rather sad. A lot of the DSL and cable modems have built-in routers and have NATed private IPs.

I know, users don't know and don't care. But then all P2P internet is broken. Skype can't even exist anymore without the supernodes routing everything. It is a rather sad state of affairs.

ARIN not handing out addresses

Word on the street is ARIN is not allowing people to simply buy large blocks of IPv4 addresses. You now need to justify your need for the addresses before you can get them. So if you're fearing that IPv6 is coming soon I wouldn't hold my breath. ARIN will start taking unused IPv4 addresses back before any serious movement happens to IPv6, I think.

It is much more difficult to get a /24 from ARIN now than it was even a few months ago.

Re:Bullshit

[wisnoskij]

Do you have no idea how property works?
You don't actually own your own land in most cases/countries, you lease it from the government (or something to that same effect).

WINS and netbios

[dutchwhizzman]

WINS and netbios broadcasts are used to transmit windows hostnames over your home network. DNS has nothing to do with it. Maybe you should start learning about how networking works, before you start bitching about IPv6

Re:WINS and netbios

[swalve]

The right way to do it is for your DNS and DHCP server to talk to one another so that when the machine gets a DHCP address it is automagically registered in the internal DNS. That's way simpler than waiting 12 minutes for netbios to sync up, or installing some kind of WINS server.

Re:take the names of individuals and organizations

[rs79]

Just think of the revenue opportunities for selling V6 addresses.

Do you really wonder why those who are pushing it so hard do that?

Follow the money. Keep an eye on those I-99s.

Not this guy again

Did Peter Thimmesch crawl back out from under his rock again? His a con man. Hes not going to sell a /8 for a billion dollars. Just google the guy, hes a con man. Anyone that buys address space from this guy needs to take a look at a bridge I have for sale. Seriously, do not do business with this guy. Hes a con man.

Nothing but squatters

[noncey]

ARIN needs to just take these blocks back. If someone has a /8 that they arent using, then they dont need it and that should be screamingly obvious. IP address spaces are not property, and hording them is douche baggery.

Basement dwellers PROFIT!

[dave562]

"a woman who came into possession of a block of IPv4 address in the early '90s and now, 'She's in her 70s, and she's going to have a windfall."

Whoever said that lurking in your parent's basement and dorking around with computers all day and night would never amount to anything is going to be eating humble pie now!!

How else would a 50 year old woman come into a block of IPv4 addresses if not for a basement dwelling son who was trading IPs for groceries and rent?

Why 128bit?

[Bengie]

The goal with IPv6 allocations is to give more than enough IPv6 address space. They want to prevent an organization from needing to come back to request more and also to avoid fragmented route prefix advertising in the core Internet routing tables.

Here your answer why 128bit addresses are used. You don't hand out address based on need, you give something so large that no one could use it all.

Wow, a billion for a /8 block?

[Python]

If you pay a billion, or even $10 million for a /8 block you are an idiot. There are so many ways you can solve addressing problems besides spending that kind of money, and on a protocol that is on its way out WOW! Who would want to pay that kind of money? And if they are publicly traded their shareholders should be up in arms. Are they in the market for a bridge? I've got one right over here...

Re:Wow, a billion for a /8 block?

[EnsilZah]

It's not about solving problems, it's about betting that you can find a bigger sucker than you appear to be.

Re:Wow, a billion for a /8 block?

[Python]

LOL, good point. I smell another Internet bubble! This one in IPv4 addresses! Come one, come all, buy my tulip, one of a kind and rarest tulip on the planet only 1 billion dollars!

Re:Bullshit

[noncey]

I'm puzzled as to why ARIN doesnt take these allocations back. Especially something as big as a /8.

Re:Bullshit

[noncey]

Internet IP address are a commons, they are not property. If you arent using the address, then it should be given to someone who will. The reason we are "running out" (and yes we will eventually run out) at the rate we are is a combination of both growth and waste. Growth is something we are trying to address with IPv6, waste is something we need to address now because the transition is taking longer than expected. And waste is addressed by reallocating netspace from squatters. And I just love the lawyers "little old lady" line, seriously?! As in "This car only had one owner, a little old lady from pasadena".

I have 192.168.1.1 to 192.168.1.254 for sale

The range 192.168.1.1 to 192.168.1.254 is a nice block of addresses and it can be yours for a price.

I'm starting bids for my block of IP addresses starting at $10,000

Re:I have 192.168.1.1 to 192.168.1.254 for sale

[unixisc]

I have more. I have 10.0.0.0 to 10.255.255.255. I'll offer a better deal - $1,000,000 for the entire block i.e. fewer cents per address.

Still only 1% of top million websites are IPv6 rdy

[hackertarget]

Recent analysis of the Top 1 Million websites: http://hackertarget.com/ipv6-in-top-sites-infographic/

The analysis will be repeated after world ipv6 day (http://www.worldipv6day.org/) to determine if there is any significant increase. I am not hopeful.

No SNI

[tepples]

The alternative is that you will only be able to buy usable hosting services from providers who happen to have a pool of addresses already (most likely hosting providers who are also end-luser ISPs and so have addresses they can recover using ISP level NAT).

I was under the impression that an HTTPS server connected to the IPv4 Internet still needed a dedicated IPv4 address, at least until the second quarter of 2014 when the last non-SNI browsers (Internet Explorer on Windows XP and Android Browser on Android 2.x) are expected to reach their end of life.

Re:No SNI

[petermgreen]

Exactly

So in a world without IP sales a hosting provider that is also an end-luser* ISP would be able to recover IPs from those end lusers and rent them to more lucrative hosting customers while a hosting provider that is not an end-luser ISP would be unable to supply v4 IPs to customers once their (likely pretty limited except in the case of some of the really old ones) stock ran out.

While in a world with IP sales hosting providers can buy IPs from those who either have them spare or can free them up from less lucrative uses to help carry them over the transition period.

As you say after the next couple of years things will get a easier because the decline of XP and older andriod (though I bet a lot of older android phones will be passed down to kids etc and used with pay as you go sims even after they are EOL) will allow low-end SSL hosting to do away with the dedicated V4 IP but VPS customers will still be demanding dedicated IPs.

IIRC win7 also does teredo tunneling by default so increases in win7 penentration should also increase v6 penatration.

* and yes I mean end-luser, an ISP that sells primarily to techies is likely to have far more difficulty recovering IPs.

Re:Bullshit

[jbolden]

First off because all the tricks other than carrier level NAT will only buy a few extra months.

But also, because ARIN wants to encourage the switch to IPv6. They worked hard in the 1990s to buy extra years and the carriers the ISPs and the corporations wasted those extra years doing nothing. No one is going to do anything until there is a serious shortage.

What do to with my Class C ?

[nocloo]

I own a class C block, registered in 1995. Haven't touched it for years and don't really need it now, it's still being unused. How do I claim it to give it to my friend who own a a small ISP ?
My POC in Arin is outdated and the IP records still point to me. Can't find the information in arin on how to reclaim it.
Thanks !

Re:What do to with my Class C ?

[GeneralChat]

I am in the same situation myself and the timeframe is about the same. It was back when Internic was handing them out like candy. They would first deny you and then if you asked again then granted you one. So who what's to but my Class C? I should talk to the company that has all the address around it, AT&T.

Go Daddy, battery, slamming, business class

[tepples]

a hosting provider that is not an end-luser ISP

You mean like Go Daddy or Dreamhost?

I bet a lot of older android phones will be passed down to kids etc

And that's probably easier than passing an old iPhone down because at least many Android phones have a replaceable battery. But these older Android devices will probably have vulnerabilities that make TLS unsafe on them anyway. And even if not, Android's intent system allows third-party browsers implementing their own TLS client stack (hopefully one supporting SNI) to replace Android Browser.

and used with pay as you go sims

Unless they're for networks that don't use SIMs (Verizon or Sprint). And even a device designed for AT&T might be subject to "slamming" or "cramming", which refers to unrequested conversion of a SIM from a cheap plan to a more expensive plan just because it's inserted into a smartphone.

an ISP that sells primarily to techies is likely to have far more difficulty recovering IPs

You could always do what Comcast does: call the techie offering "business class", jack up the price, and put that toward recovering IPs.

Re:Go Daddy, battery, slamming, business class

[petermgreen]

You mean like Go Daddy or Dreamhost?

And many many others.

Unless they're for networks that don't use SIMs (Verizon or Sprint). And even a device designed for AT&T might be subject to "slamming" or "cramming", which refers to unrequested conversion of a SIM from a cheap plan to a more expensive plan just because it's inserted into a smartphone.

Yeah, I was thinking about this from a british perspective, afaict it's pretty common here for phones to be handed down from contract users to PAYG users and the slamming process you describe is unheard of here.

You could always do what Comcast does: call the techie offering "business class", jack up the price, and put that toward recovering IPs.

Yeah, i'm just saying that a hosting provider with a techie ISP buisness on the side (e.g. bytemark) or an ISP that specialises in techie and buisness services (e.g. zen) is going to have a lot more trouble finding users that currently have a public IP but could be convinced to live without it than a big ISP that mostly serves end lusers (comcast*, virgin media, BT etc).

Would you like to live in a world where the only place you could buy usable hosting was companies like comcast? I know I wouldn't and therefore I think IP sales are a nessacery thing at this stage.

* though comcast has their own problems, their network is SO big that they have run out of private v4 addresses.

Re:Bullshit

[Askmum]

What else do you propose?

IPv4 address for regular allocation* have run out at the IANA and APNIC and will soon run out at RIPE and ARIN too.

Meanwhile IPv6 is still in it's infancy with the majority of end users not having access to the IPv6 internet. So if you want to run a public server it needs to have a v4 address.

I'm maybe one of the lucky guys who has an ISP who is actively supporting world IPv6-day. With no cost on my side I am running on IPv6 now. All of my devices at home and therefore also my webserver are IPv6 enabled. I have a AAAA record assigned to the hostname I own.

So it's a bit difficult to put myself in the position of the people who still do not have IPv6, but in my opinion IPv6 is not in its infancy, nor is it difficult to transition to IPv6 (provided the upstream provider does IPv6, but the ease of transition follows recursion).

Just pester your ISP.

Re:take the names of individuals and organizations

[unixisc]

With IPv4, one would have needed several IPs, even if one was PATed, in order to prevent NAT overloading. With IPv6, regardless of how many toys one has, one would need only ONE link, and that's it. How is selling IPv6 more lucrative? Getting an IPv6 address is like collecting sand.

Re:Bullshit

[petermgreen]

What ISP do you use and what router? And did you need to do any special configuration to get IPv6 or was it automatic?

The biggest problem I see for IPv6 at the moment is home routers. Afaict most of the deployed base of home routers does not support IPv6 and (with a few exceptoins) users are unlikely to replace them until they die or until they upgrade to a service that needs something faster. So even where ISPs offer IPv6 it is likely a significant proporition of their users will remain without IPv6 access.

Re:Bullshit

[ceoyoyo]

Better than you do, apparently. A lease is:

lease
  (ls) n. 1.
a. A contract granting use or occupation of property during a specified period in exchange for a specified rent.
b. The term or duration of such a contract.
2. Property used or occupied under the terms of such a contract.

But sure, if you redefine lease as a transfer of title for an indefinite period in exchange for no rent, with no restrictions on transfer or use except by the laws of the land, then yes, you're right. But then what was your point again?

Re:Bullshit

[wisnoskij]

Well most places have property tax. Can that be considered rent, might depend on the country.
"with no restrictions on transfer or use except by the laws of the land", exactly and there are a lot of those laws.
And the government can take back that land if it needs it, and will pay you for it of course.

All in all I do not see were you are coming from, that definition fits land "ownership" perfectly.

Re:Bullshit

[ceoyoyo]

"Well most places have property tax."
There are places that have no property tax. You also don't get any services.

"there are a lot of those laws."
There are more laws regarding what you as an individual can do in general. Does that mean you're only leasing your body?

"And the government can take back that land if it needs it, and will pay you for it of course."
Thus not a lease. If it were a lease, they could just dissolve the lease or wait for it to expire. But they can't, so they have to buy it from you.

You're just being silly, or pushing some silly anti-government philosophy when you try to redefine property ownership as a lease. It violates every part of the definition of a lease.

Re:Bullshit

[wisnoskij]

You are just being silly. They cannot wait for the lease to expire, it is a infinite length lease. And they cannot just dissolve the lease without recompense, there is no reason they would want to make people angry or do something that illegal.

"There are more laws regarding what you as an individual can do in general. Does that mean you're only leasing your body?": No, as proven by you no longer having to follow those laws when you leave your country.

And my argument did not stand on property tax, a rent of 0 does not make it not a lease.