Slashdot Mirror
Sales of Unused IPv4 Addresses Gaining Steam
netbuzz writes "A growing number of U.S. carriers and enterprises are hedging their bets on IPv6 by purchasing blocks of unused IPv4 addresses through official channels or behind-the-scenes deals. There is certainly no shortage of stock, as these address brokers have blocks available that range from 65,000 to more than a million IPv4 addresses. And it's not just large companies and institutions benefiting, as one attorney who's involved in the market says he represents a woman who came into possession of a block of IPv4 address in the early '90s and now, 'She's in her 70s, and she's going to have a windfall.''"
A bust has been made in the digital district of NYC. Agent Friedeggs and his partner, Copbot 4X, have a perp handcuffed in the backseat of their cruiser that is now being piloted by Google's driving software to take him back to the precinct where he'll be booked.
... " He cuts himself off as a warning light goes off on Copbot's torso. "Jesus H. Tesla, they've hacked the GPS signal to our car!" Copbot morphs into a go a cart as Agent Friedeggs draws his Taser and slides across its hood. Cheesy synth horns flair up over wakka guitars as their silent electric motor spins them off down the street.
They approach the criminal's ancient Cadillac CTS and open the trunk. Inside is a briefcase packed with millions of little strips of white paper, each bearing an IPv4 address. Copbot 4X applies a small strip of multipurpose adhesive to his index finger with his mouth and reaches down to snag one of the strips. As he feeds it into his mouth and the ping trace times out he emits a satisfied Artoo Detoo whistle. "It's pure," he confirms as Friedeggs nods satisfactorily.
"You know, I think we're finally gonna catch these bastards. These addresses belong on display in the Guggenheim, not
My work here is dung.
You cannot own an address, you lease it.
From who? Come on boys and girls, the person you lease something from is called an... umm... what's that word? Help me out?
If it's a lease, why can't you sublease the remaining months on your lease of an address range?
In this case, ARIN, RIPE, or APNIC.
ford could've averted their recent financial woes by auctioning off their 16 million ip addresses http://whois.arin.net/rest/net/NET-19-0-0-0-1
I will never sell my ip address for any amount of money! It's 127.0.0.1!
It follows me where ever I go - it's very valuable, too.
It seems that we have been running out of addresses for 10 years or something and everyone has been talking about moving to IPv6 since the late ninteties ? I am sure there is a limited range of numbers and the issue is real but also seems like fodder for sensationalist tech journal articles.
ACK
Started out strong. I like the reference to oil. That could have been modded up funny, until that bullcrap about keeping the dot formatting. Are you really afraid of colons instead of dots? Or is it the hexidecimal numbers that frighten you? IPv6 solves more issues than just IP address exhaustion... autoconfiguration, routing, etc. It's going to happen and you'll have to crack a book. Deal with it.
"Here Lies Philip J. Fry, named for his uncle, to carry on his spirit"
You do realize that GPS signals are completely passive, yes? The whole system works by computing your location relative to the GPS transmitters whose location are well known - it's impossible to hack something through the GPS signal.
So what happens when someone spams your GPS device with incorrect signals that lead you to believe that you're heading back to point A when in reality you're heading back to point B? Perhaps I should have used the word 'spoof' instead of 'hack' but the post itself is a joke.
Also, no Copbot would ever sample an unknown IP4 address like that, it might link him to malware or compromise his location.
I'm not aware of anyone being able to exploit the ping command in such a way today -- perhaps so in this future universe that will never exist ...
My work here is dung.
Sure, windfall now, but next month when IPv6 day comes and all the IPv6 sites stay lit, they'll be worth a rapidly diminishing amount.
ArsTechnica has a nice piece about IPv6 and why it's not going to be such a disaster thing after all, add to that the IPv6-capable home routers that are actually being made (at last!) and the ISPs who are rolling out IPv6 networking to their customers... and it's all looking rosy.
I completely agree... anyone who complains about IPv6 is a troll.. 3ffe:1900:4545:3:200:f8ff:fe21:67cf is incredibly easy to remember.
The 70-year-old lady "owns" the lease. She is (apparently) selling her rights to those addresses. So, yes, a person can't "own an address", but you can own the rights to use it.
Maybe you should try DNS sometime
What utter and serious bullshit.
What else do you propose?
IPv4 address for regular allocation* have run out at the IANA and APNIC and will soon run out at RIPE and ARIN too.
Meanwhile IPv6 is still in it's infancy with the majority of end users not having access to the IPv6 internet. So if you want to run a public server it needs to have a v4 address.
Under these circumstances a market means that IPv4 address gradually rise in value and as that happens people will re-evalute what applications really need a public V4 address. Lack of a market means that addresses stay where they are even if they could be more lucrative elsewhere stifiling choice.
You cannot own an address, you lease it.
That is true for modern allocations, with older allocations the status is less clear.
But even for modern allocations the RIRs are coming round to the realisation that allowing some form of sales** is a good idea as part of managing the twilight years of IPv4. The alternative is that you will only be able to buy usable hosting services from providers who happen to have a pool of addresses already (most likely hosting providers who are also end-luser ISPs and so have addresses they can recover using ISP level NAT).
* There are still a few held back for special allocations.
** IIRC arin and ripe are requiring the recipiants of such sales to justify their address use to reduce hoarding.
note: i'm known as plugwash most places but i screwd up registering that here somehow in the past and now can't register
When all the IP v4 addresses are gone they can raise the price to several hundred dollars per address. Not too bad on a $5 investment and I bet will save the company and boast the share price as a result.
IBM has MANY IP addresses too. However, they bought them in the 1990s when they were much much bigger than today and had a half million employees.
http://saveie6.com/
Not sure if DNS solves all of the problems though.
On my home network, I've got my own machines, and I have my work laptop. Since my work laptop isn't allowed to join my "home" workgroup, there is no DNS which will work between by laptop and my machine. I can't change that part of my network config either.
The only way to do file/printer sharing is by IP address. Possibly a limitation of Windows that doesn't allow you to do any 'real' networking between machines unless you buy the Enterprise Super Happy Fun edition ... clearly my Vista Home Ultimate edition isn't capable of doing this.
I'm not convinced that in all cases we have viable DNS which makes these things work ... at least, in my experience Microsoft seems to have removed some functionality which would allow that to work. I'm not really looking to set up a domain controller.
For internal to my own network, I'm not sure what IPV6 offers *me* -- it's a handful of machines behind my firewall, and using IPV4 is far easier. I don't care what happens on the other side of my firewall, but internally I don't see what benefit IPV6 has to me as a home user.
Lost at C:>. Found at C.
IPv6 is just annoying! What's the deal anyway with 2^64 devices on your personal network? This is way over-specified.
Having more addresses than you need is annoying? I'd have thought having too few (i.e. the current situation in v4) would be the more annoying situation.
You cannot own an address, you lease it.
I can. But that's because I'm not a penniless hippie. Wait... that's something else.
I don't normally support regulation and I am not sure I'd vote for this idea if asked to myself but I want to put it out there anyway.
What if we ban, that is right ban, the use ipv4 on publicly accessible networks after say 2018. Make it illegal to route ip4v addressed packet for a third party. This would force the move to ipv6. Which I think is good for freedom and the little guy. Yes that is right a forced migration is good for the little guy.
Its big business that has interests in keeping everyone on IPv4 and its actually big business who have the bigger investment in ipv4 only gear. The little guy can afford migrate.
What this is really about is ipv4 implies NAT. NAT implies third party brokers, which imply track ability, and opportunities to create digital toll booths. You can't just send files directly to each other; oh no they have be posted to some file sharing site so they can show you adds and the NSA has a good opportunity to data mine.
Repeal the 17th Amendment TODAY! Also Please Read http://www.gnu.org/philosophy/right-to-read.html
This is the key to transitioning to IPv6. People will transition to IPv6 as costs increase for IPv4. When transitioning to IPv6 is cheaper than buying IPv4 addresses, the change will come quickly.
Hopefully people will observe this and learn how change happens. It doesn't happen because you wish it would. It doesn't happen because you know The Right Way for everyone to manage their lives or their businesses or their operations. It is driven by tangible benefits, not ideology.
(Magically, this results in people seeing tangible benefits from their decisions rather than absorbing "unexpected" costs related to idealistic or mandatory early adoption.)
Huh? Um, exactly what's the DHCP server on that network there? Does that DHCP server advertise a DNS server? Can you modify the DNS server?
Alternately, can turn of the DHCP server on that wireless router that only does caching recursive DNS, and install a DNS server and DHCP server on your other computer, and run that?
And then, why again do you need to run your own DNS server anyway? Won't the people who give you the /64 take requests to add records? Or use one of the dynamic DNS protocols that allows you to register your IP? And I think there's yet another answer that involves anycast and autoconf...
Or maybe I'm just completely not understanding what you mean by "join my 'home' network".
IPv6 has some pretty good autoconf out of the box. You use RADVD to just announce services, you don't need any software managing IP addresses because the nodes will do that themselves. And when you want to use some service that isn't a pure client-server-http thing, the fact that each computer has a unique IP on that other side of the firewall is helpful. And for the most part, the "OMG, that's hard" retoric is horribly overblown. Get a /64. Configure a route-announce daemon (things your ISP can do for you). IPv6! Free!
Setting up a game, I was trying to debug a connection problem someone had, and sent them to a site that tells you IP addresses. A different friend went there, and discovered he had an IPv6 address. His ISP had provided it for him, and he had literately never known. It wasn't relevant. That's the experience you should expect.
Why, no. Here I've been limiting myself to minesweeper, notepad, solitaire, and the calculator. Stupid me. I've been doing this computer thing wrong for the last 20 years.
But, seriously, what software would you suggest which will give me in-house DNS that my locked down work laptop will play nicely with? I can't change the workgroup/domain it's a member of. I've never had much luck in getting two Windows machines to handle file sharing without opening up perms fully since there's no mutual authentication that I can work out unless you have a domain controller.
As I said, some of the things I've tried to do it seems like Windows just refuses to do, so if you actually have some suggestions, I'd love to hear them.
Lost at C:>. Found at C.
How, in any tangible way is she anything more than a cybersquatter? Also: 'came into possession'? What, they 'fell off the back of a truck'? Sounds as sketchy as the legal profession.
Are you really afraid of colons instead of dots?
I'm not sure about the parent, but using colons as separators was insanely stupid. For example:
fe80:0000:0000:0000:0202:b3ff:fe1e:8329
fe80:0:0:0:202:b3ff:fe1e:8329
fe80::202:b3ff:fe1e:8329
The first two examples are a complete IP address. I know that the address is complete and doesn't contain a port number at the end. HOWEVER, the third example doesn't tell me shit. Does "fe80::202:b3ff:fe1e:8329" actually stand for an IP address of "fe80:0000:0000:0000:0202:b3ff:fe1e:8329" or does it stand for "fe80:0000:0000:0000:0000:0202:b3ff:fe1e with port 8329"?
The creators of IPv6 tried too hard.
"A plan fiendishly clever in its intricacies"- Homer Simpson
For all intents and purposes the addresses that my company registered in the early 90's are ours. If we want to sell them, there's nothing within ARIN's Number Resource Policy Manual that says that cannot sell all or any part of our address space to anybody else. The transfer has to be done through ARIN and it has to be a group within ARIN's zone, but if we charge for it, ARIN doesn't care.
Since my work laptop isn't allowed to join my "home" workgroup, there is no DNS which will work between by laptop and my machine.
At least assign a static IPv6 address to your laptop then add it to your HOSTS file. The biggest issue people have moving from IPv4 to v6 is they're not used to have many IP addresses per machine. This will be the standard for IPv6. Create static addresses.
The only way to do file/printer sharing is by IP address.
On my Win7 network, my $60 HP printer can be addressed via name because of P2P name resolution protocols. Should work if you're in the same broadcast domain and same subnet assuming your systems and devices support the protocols. Even the PS3 resolves and my router sees all the names also. Seems to be a very standard protocol.
For internal to my own network, I'm not sure what IPV6 offers *me*
Probably nothing. Most small internal networks won't benefit. I can think of a lot of benefit it will give me on the internet. tons of IP addresses to allocate to each FreeBSD jail, no NAT issues, and multicast will be f'n awesome once apps start to use it. I see P2P VoIP being very easy with asymmetrical internet connections.
Lets see YOU sir figure up an IP V6 address map for...lets say a 40 person small business, in your head. the problem with IP V6 is that while it is easily MACHINE readable it is sure as fuck not easily HUMAN readable. study after study have shown we humans work best with small patterns that have an easy to follow syntax. Ever notice how many people when giving you a phone number have the same cadence when reading it to you? its dot, dot dot duh, dot dot duh, dot dot duh duh. That is just how the human brain works friend.
I can tell you that when the big switch happens, at least in the flyover states, its gonna be a big fucking mess. Can you HONESTLY say that if someone showed you a pile of IP V6 addresses and said "One of these has a problem in either the address or the subnet" you could just pick it out on the fly? But I bet even your average teen wouldn't have a problem spotting the 184 address in a pile of 192 addresses because it would stick out like a sore thumb.
If they wanted more numbers they should have added more numbers. hell you want to throw in letters? Sure I'd say adding a letter to the front of each group of numbers would have been perfectly fine. but throwing in hex was a BAD move because most normal people, hell most geeks, can't just auto convert hex in their head or spot patterns easily in hex, its just not how we work.
ACs don't waste your time replying, your posts are never seen by me.
Does "fe80::202:b3ff:fe1e:8329" actually stand for an IP address of "fe80:0000:0000:0000:0202:b3ff:fe1e:8329" or does it stand for "fe80:0000:0000:0000:0000:0202:b3ff:fe1e with port 8329"?
The former, your ip:port example would be [fe80::202:b3ff:fe1e]:8329
RFC3986
DHCPv6 servers ought to come default on IPv6 routers and other equipment that run IPv6. Heck, if Windows 7 had the ability to configure the network according to DHCPv6, one could set up one's network w/ static, dynamic, public, private and whatever other addresses one needs. Note one thing that's very different in IPv6 - a node can have several IPv6 addresses, something that was not there in IPv4, and therefore be member of different networks @ different times and locations. Really handy for phones, tablets and laptops.
Actually, that's one of the first things that the IETF tried - making the first 12 bytes of the address all zero, and just overlaying the last one to be what was called 'IPv4 compatible IPv6 addresses'. This was deprecated in 2004. Another set of addresses, which were ::ffff:w:x:y:z, which was called 'IPv4 mapped IPv6 addresses' also existed, but while that's not been deprecated, it's rarely used, its support is implementation dependent and its use is generally discouraged.
Unlike IPv4, where addresses were released on an ad hoc basis, in IPv6, there is a hierarchical release of addresses from IETF to IANA to the 5 RIRs. The RIRs in turn assign it to different ISPs, countries or whatever entities they deal with.
DHCPv6 is not the only way to do it, so mandating it is kind of silly
With zeroconf and IPv6 autoconfig, you don't actually need to run a DHCP server at all.
> 1 by federal law require that all routers (even the rockbottom cheapo ones) be able to deal with IPv6 when sold after %date%
What in the US Constitution gives the US federal government authority to regulate the protocols supported by routers?
> 2 require that all ISP provided equipment be IPv6 capable by %date%+15 days WITH NO CUSTOMER COST
What in the US Constitution gives the US federal government authority to regulate ISP provided equipment with regard to network protocols?
> 3 require that the ISP backend stuff route IPv6 by %date%+45 days
What in the US Constitution gives the US federal government authority to regulate ISP backbone protocols?
Furthermore, ISP's don't have FCC licenses so there's no license to be pulled.
Can you HONESTLY say that if someone showed you a pile of IP V6 addresses and said "One of these has a problem in either the address or the subnet" you could just pick it out on the fly?
Don't we have, like, computers, that do that kind of thing?
Free Waterfall Junior: "You can't own property, man."
Farnsworth: "I can. But that's because I'm not a penniless hippie."
The Christian Right is Neither (Christian nor right). See: Matthew 23, Matthew 25, Ezekiel 16:48-50
Can you HONESTLY say that if someone showed you a pile of IP V6 addresses and said "One of these has a problem in either the address or the subnet" you could just pick it out on the fly?
Yes. Learn about IPv6 addresses, you can pick up a ton of information just looking at the address. First subnets (called links now) are all the same size, to do something like you ask you only need to look at half of the address. My address block is 2001:1448:201::/48 - very easy to tell if an address starts with that or not! Compare that to IPv4 subnets that requires a calculator to find the first and the last address included in the subnet (192.168.102.252/21 - give me address range please, only the most hardcore can do that in their head). IPv6 subnetting are almost always done by the nibble boundary so there is no calculation.
Just because it is hex does not mean you have to treat it that way. It is very common to simply ignore it. I can name my computers 2001:1448:201::1, ::2, .., ::9, ::10, ::11 and so on. So I just skipped 6 hexdigits there, so what? There is plenty where that came from.
The point isn't to have enough IPs for every user, but to have enough IPs such that the chance of collision is low. The other thing you miss is the ability to merge large corp networks. If you have to merge two companies with two datacenters with 100,000 machines each, the chance of a colliding IP address with only 4 bytes is quite large.
Read up on the privacy extensions, which are essentially like ephemeral ports except they're just randomly-changing addresses. They work quite nicely.
Furthermore, why would you ever want to reuse an address, unless it's static? There's effectively no limit.
I have developed a truly marvelous proof of this comment, which this signature is too narrow to contain.
Do you have no idea how property works?
You don't actually own your own land in most cases/countries, you lease it from the government (or something to that same effect).
Troll is not a replacement for I disagree.
Could you further explain this attack vector, cause I've not really understood it so far. The bad guy has your IP address. Exactly what is the additional harm in letting him know your MAC address?
I understand the issue of "probable iphone MAC => iphone specific vulnerabilities", but that doesn't seem to be what you're talking about here. (And really, that's not a significant barrier to the attacker anyway. You did something that let him see your IP address: the odds are quite good that he already could figure out your OS more reliably than using a MAC -> OS mapping)
If you need that many words to explain how simple something is, you've already lost.
Need Mercedes parts ?
On my home network, I've got my own machines, and I have my work laptop. Since my work laptop isn't allowed to join my "home" workgroup, there is no DNS which will work between by laptop and my machine. I can't change that part of my network config either.
There is Zeroconf, which Apple calls Bonjour. Your machines probably already speak it.
Finally! A year of moderation! Ready for 2019?
once they've excavated what your MAC address is, telling your router to route traffic to your node is trivial.
If they can administer your router, it is trivial to discover your MAC address whether you use IPv4 or IPv6 and whether you pick static or automatic assignments. The MAC address is kept in the ARP table for IPv4 and in the neighbor table for IPv6.
Anyway, every modern OS supports privacy extensions to autoconf, so just enable that (they will likely be enabled already). It's a bitch to write firewall rules when the IP address changes daily though.
Finally! A year of moderation! Ready for 2019?
Can you assign multiple IPv4 addresses to your network card on your PC?
You can, and if they are in the same subnet it will even work. If they are NOT in the same network, it works until it doesn't. There are important cases where it works flawlessly, like if every other machine in the same subnet ALSO has an address in both subnets. Good luck enforcing them.
And yes, I'll likely get a hundred replies with "multiple addresses in different subnets work for fine me". Good for you. Don't touch anything, and if you do, don't complain when it breaks.
In IPv6 it actually works, as long as all routers are aware of it or all hosts with multiple addresses do policy routing to hit the right router. Those are workable conditions, you can build a good network like that.
Finally! A year of moderation! Ready for 2019?