RIPE Region Runs Out of IPv4 Addresses

New submitter 8-Track writes "The RIPE NCC, the Regional Internet Registry for Europe, the Middle East and parts of Central Asia, distributed the last blocks of IPv4 address space from the available pool. This means they are now distributing IPv4 address space to Local Internet Registries (LIRs) from the last /8. An ISP may receive one /22 allocation (1,024 IPv4 addresses), even if they can justify a larger allocation. This /22 allocation will only be made to LIRs if they have already received an IPv6 allocation from an upstream LIR or the RIPE NCC. Time to move to IPv6!"

The internet is full. Go away.

[plover]

Don't we already have enough people on the internet? Why do we keep encouraging more? :-)

Note: to all you humor-impaired people, the smiley face indicates this is a JOKE.

Re:The internet is full. Go away.

[daem0n1x]

I see a huge business opportunity!

1. Fuck IPv6. Let's keep the IP addresses a rare and highly desired commodity;
2. Charge an exorbitant fee every time a DHCP request is serviced;
3. Profit!

Re:The internet is full. Go away.

Wasn't Iran going to build their own Persian Intranet? Surely they have a few IPv4 addresses that can now be returned to the pool.

Re:The internet is full. Go away.

[kelemvor4]

Don't we already have enough people on the internet? Why do we keep encouraging more? :-)

Note: to all you humor-impaired people, the smiley face indicates this is a JOKE.

But the internet is serious business!

Re:The internet is full. Go away.

[icebraining]

Too late, the ISPs already got that covered with their insane prices per fixed IP address.

Re:The internet is full. Go away.

[jonadab]

> 1. Fuck IPv6. Let's keep the IP addresses a rare and highly desired commodity;
> 2. Charge an exorbitant fee every time a DHCP request is serviced;
> 3. Profit!

The problem with this is, IPv4 addresses are not rare. They're not anything like rare. There are approximately ten thousand times as many of them as are actually needed.

We only ran out because they were systematically over-allocated, handed out like free candy, based purely on requests, with no regard for actual need or common sense. My employer, for example, currently has more _unused_ global IPv4 address than we have employees. Our upstream provider did not even inquire how many addresses we needed or even wanted; they just handed us a block of the things. Something like 80% of the allocated global IPv4 addresses are not currently being used on the public internet.

More to the point, in excess of 99.9% of the public IPv4 addresses that *are* actually being used on the public internet, in the sense of packets actually traversing public networks to or from systems assigned those addresses, aren't *needed*, because they're being used strictly for the client side of client/server networking (mostly in the form of DNS, HTTP, and HTTPS) and would if anything be better off behind NAT (because it would reduce the risk of worms, and there's no downside for systems that are not servers and do not actually need peer-to-peer, i.e., most home systems and virtually all business desktops).

IPv6 is not a solution to this problem. If we allocate IPv6 addresses the way we have allocated IPv4 addresses, we'll run out of them in just a few more years. Then what? IPv8, with 1024-bit addresses, so we can start allocating entire /256 blocks and run out again?

The correct solution is to stop allocating public IP addresses that aren't needed. This can easily be done by charging a *small* amount (per month or per annum) for each address. Honestly, as many addresses as there are available, a dollar a month retail, marked up from less than half that in bulk, would be more than enough to charge. That way people can go ahead and get addresses they *might* actually need and not feel too bad about the expense, but it's enough to keep most people from grabbing ridiculously more addresses than they could ever possibly find a use for, as has been the case so far.

When people sign up for the internet at home, the ISP can ask, "For an extra dollar a month, do you want a public IPv4 address for peer-to-peer networking or to access your computer remotely from another location?" Most people will say no and can go behind NAT. Small businesses, instead of getting a /24 just because they can, can get as many addresses as they actually need for their servers plus one NAT gateway to service all the desktops. (Business desktops *need* to be behind some kind of hardware firewall or gateway anyway, for security reasons. There's no reason it can't do NAT as well -- the extra 0.002% of CPU cycles will put the electric bill up by, what, three cents a month?) Large international megacorporations, similarly, instead of nabbing a /8 for each major national subdivision of their company just because it costs almost nothing to do so, can scale down their allocation request to something more in keeping with what they might potentially actually need.

I believe this will naturally happen over the next few years (assuming IPv6 adoption goes about as far as I think it will). Nothing particular needs to be done (other than perhaps the usual anti-trust stuff in areas where competition between ISPs is artificially restricted e.g. by only one local phone company being allowed to maintain lines). The situation will sort itself out. ISPs that try to charge completely unreasonable fees for public IP addresses will go out of business, because people will just go find another ISP (assuming there's another ISP to go find -- see previous note about anti-trust issues). ISPs that charge too little (which I think would just about have to be nothing at all) will run out of addresses to allocate. Sorted.

Re:The internet is full. Go away.

[joostje]

The problem with this is, IPv4 addresses are not rare. They're not anything like rare. There are approximately ten thousand times as many of them as are actually needed.

Well, with only 32 bits of address space, that's only 4,294,967,296 possible addresses, and there are already more people on the planet. We do need more.

Re:The internet is full. Go away.

[Lennie]

Business of buying and selling of IPv4-addresses, you mean ?:

http://addrex.net/
http://tradeipv4.com/
http://www.ipaddressbroker.net/

But all it will do is slow down adoption:

http://it.slashdot.org/story/12/07/18/1852243/sale-of-ipv4-addresses-hindering-ipv6-adoption

https://ripe64.ripe.net/archives/video/28/
https://ripe64.ripe.net/presentations/24-2012-04-16-internet-futures-a.pdf

Re:The internet is full. Go away.

More to the point, in excess of 99.9% of the public IPv4 addresses that *are* actually being used on the public internet, in the sense of packets actually traversing public networks to or from systems assigned those addresses, aren't *needed*, because they're being used strictly for the client side of client/server networking (mostly in the form of DNS, HTTP, and HTTPS) and would if anything be better off behind NAT (because it would reduce the risk of worms, and there's no downside for systems that are not servers and do not actually need peer-to-peer, i.e., most home systems and virtually all business desktops).

I stopped reading right there (and continued afterwards, cause the rest of your post is quite good). Peer-to-peer is used all the time, on almost all computers these days. Run Skype? You're probably doing peer to peer. Transfer a file on MSN? Peer to peer. Update World of Warcraft? Peer to peer.

I'll leave off the bit about NAT and security because you probably simplified what you meant to write. I'm going to assume that you understand that NAT provides no actual security and that you still need a firewall.

Re:The internet is full. Go away.

[TeknoHog]

So? Most people are supposed to settle with their roles as docile consumers. Only big businesses need public IP addresses. It's the new TV, baby!

Re:The internet is full. Go away.

[shutdown+-p+now]

Fuck NAT. Don't you dare preach that ugly hack as the Right Way to solve the problem.

Re:The internet is full. Go away.

[Pseudonym+Authority]

NAT

Stopped reading right there. NATs break the internet at a fundamental level and make any peer-to-peer technologies unworkable without retardedly complicated security holes. No, no, no, this is a terrible idea and you should feel terrible for having it.

Re:The internet is full. Go away.

[kelemvor4]

Business of buying and selling of IPv4-addresses, you mean ?:

http://addrex.net/ http://tradeipv4.com/ http://www.ipaddressbroker.net/

But all it will do is slow down adoption:

http://it.slashdot.org/story/12/07/18/1852243/sale-of-ipv4-addresses-hindering-ipv6-adoption

https://ripe64.ripe.net/archives/video/28/ https://ripe64.ripe.net/presentations/24-2012-04-16-internet-futures-a.pdf

I was merely joshing. I agree with you, extending availability of ipv4 in any way will slow down ipv6 and is (in my opinion) therefore bad.

Re:The internet is full. Go away.

[Dahamma]

IPv6 is not a solution to this problem. If we allocate IPv6 addresses the way we have allocated IPv4 addresses, we'll run out of them in just a few more years.

You make some good points, but this one is just silly. I think 10^38 IP addresses will last more than a few years, even if given out excessively. That's about 2 IP addresses for each cell in the human body for the entire world population. It's a big number.

Re:The internet is full. Go away.

The problem with this is, IPv4 addresses are not rare. They're not anything like rare. There are approximately ten thousand times as many of them as are actually needed.

Then perhaps you should have said something to Microsoft before purchased a block of 600k IPv4 addresses for >$7,000,000 last year.

Re:The internet is full. Go away.

No way. 2 IP addresses per cell in everyone's body? That's one IP address per stand of DNA! What if humans suddenly evolve to having a third stand of DNA, what then?!

In all seriousness, we need to encourage those who can adopt IPv6 to do so. Some people are stuck with legacy software and legacy hardware. I don't see anything fundamentally wrong with some sticking with IPv4. The thing is, there are less businesses than individuals, so it shouldn't be an issue if some individuals use IPv4 and all businesses use IPv4 and IPv6. It's a problem when all individuals, every single person, uses IPv4, because the math won't add.

Re:The internet is full. Go away.

[Dahamma]

Oblig.

Re:The internet is full. Go away.

[Electricity+Likes+Me]

Seriously, NAT was a problem 10 years ago in the IRC age. My first exposure to it was trying to figure out why the hell I could chat to people but not send/receive files. I can only dream of how much better the general experience of using the internet might get for people if P2P would "just work".

Re:The internet is full. Go away.

[Aqualung812]

Preach on, brother.

Re:The internet is full. Go away.

[mgcarley]

In some countries (like India), it also comes down to a legal issue. ISPs are required to identify who is on the network, and if everyone is hidden behind NAT, that identification can't be made and/or if a crime is committed (whether calling one of the Gandhi family a naughty name or making fun of the chief minister of West Bengal - or something, you know, actually criminal), then there are certain requirements that have to be met for those people to be traced, otherwise you've got anything from 254 to several million potential violators to choose from and no suitably easy way to identify which person it was, so unless the ISP is prepared to block at least a couple of hundred customers from accessing the net while something was being investigated (not likely) then you need to use public IPs.

I would also point out that India (in particular) has a very very small number of IPs compared to some other countries in the region (0.03 per capita) yet some other countries (*cough* USA *cough*) has what... 5.5 IPs per capita? And some other countries have 2-3 IP addresses per capita. Why? Surely not that many are required, are they? Really?

http://www.bgpexpert.com/addressespercountry.php

Re:The internet is full. Go away.

[shentino]

It's called hoarding an artificially scarce resorce to extract a windfall.

Re:The internet is full. Go away.

There is a reason, why they hand out IP-addresses in blocks and not just as needed. Think about routing tables and fragmentation.

Re:The internet is full. Go away.

[Nitage]

IPv6 is not a solution to this problem. If we allocate IPv6 addresses the way we have allocated IPv4 addresses, we'll run out of them in just a few more years. Then what? IPv8, with 1024-bit addresses, so we can start allocating entire /256 blocks and run out again?

You don't realise how big a 128-bit address space is. As for a 1024-bit address space, why would every atom in the observable universe need over 10^200 IP addresses?

Re:The internet is full. Go away.

[jonadab]

> Well, with only 32 bits of address space, that's only 4,294,967,296 possible
> addresses, and there are already more people on the planet. We do need more.

An IP address is not your personal ID number for some kind of sci-fi dystopian society. What on earth would give you the idea that we need one for each person on the planet?

We need one IP address for every non-virtual public server (more than one for the few domains that need to have their traffic go to multiple different places), a few hundred thousand for IT professionals who need to be able to shell into their home systems from work, at least one per ISP (more for large ISPs that have divisions in diverse geographical areas) for their NAT gateways, and a few for hobbyists who want to mess around with peer-to-peer. Add that all up and pad it by a couple thousand percent for good measure (to cover things like allocating power-of-two-sized blocks to simplify routing), and you're still _well_ within the bounds of what IPv4 can handle for the forseeable future.

Re:The internet is full. Go away.

[jonadab]

> You don't realise how big a 128-bit address space is.

I think you underestimate people's desire to obtain larger blocks of addresses than they could ever possibly have any use for in their wildest imaginings. I'd say "wait and see", except realistically I don't think IPv6 will ever see mainstream use. If it did, the addresses would be over-allocated to the point where they would eventually run out, just like with IPv4.

> As for a 1024-bit address space, why would every atom in the
> observable universe need over 10^200 IP addresses?

Why would the English government *need* a Class-A block they aren't even using?

Need has nothing to do with anything. We mindlessly rubber stamp any application for any size of allocation without questioning whether it's needed or charging anything per address. We don't *need* 1024-bit addresses. We don't *need* 128-bit addresses.

time to do... something

[alphatel]

I will soon run out of underwear (I have been told this since 2009). I still have not done anything about it despite holes in them. Count on my continued responsiveness to this problem.

Re:time to do... something

[petermgreen]

The trouble is there has been a chicken and egg problem.

The internet is mostly a network of buisnesses (with the occasional academic network thrown in). Some of those buisnesses sell service to other buisnesses and consumers, some just use it to support their main buisness.

There is basically no benefit and significant cost to an buisness in deploying dual stack while v6 only nodes are basically unheard of.
You can't really deploy v6 only nodes while there are a significant number of v4 only nodes*

So for each individual buisness (whether ISP or user) that makes up the internet the rational thing to do was to sit and wait and hope others would take the costs of being early adoptors of IPv6.

*unless you use something like NAT64 or DS-lite but if nodes were ok with being behind those they would probablly also be ok with being behind NAT44 so the only real benefit to doing it would be if your internal network was massive.

Re:time to do... something

Peak IPv4 or Peak Underwear, That is the Question!

Re:time to do... something

Peak IPv4 or Peak Underwear, That is the Question!

Peal IPv4 or Peek Underwear. FTFY. My invoice is in the email routing on an IPv8 network.

Edit - Captcha: conjugal

Re:time to do... something

Perhaps you shouldn't try to have a serious conversation with someone posting about running out of underwear.

Re:time to do... something

[RabidReindeer]

Peak IPv4 or Peak Underwear, That is the Question!

2. ???
3. Profit!

The Gnomes strike again!

Re:time to do... something

[doshell]

Here's a hint: maybe not all problems in the world can be solved efficiently by a free market. Maybe in some cases you need some kind of external intervention to make sure the difficult decisions are made...

Re:time to do... something

[petermgreen]

Indeed they can't, OTOH i'm not sure I want the government (or worse a consortium of representives of governments) designing my networks for me either.

Re:time to do... something

[doshell]

You're right, but no solution is perfect. In this case I would be totally supportive if governments forced ISPs to deploy IPv6, but I would really like their involvement to end right there. It's complicated, I know.

Re:time to do... something

[dwye]

Indeed they can't, OTOH i'm not sure I want the government (or worse a consortium of representives of governments) designing my networks for me either.

So, who should have designed the ARPANET, instead? The ISO/OSI people? Because I haven't heard a thing about OSI addresses running out.
  [exit sarc mode]

IPv6?

There is no such thing as IPv6. Once we run out of IPv4 addresses, the internet will implode and everything will be lost.

The rapture is here!

Re:IPv6?

[Dave+Whiteside]

2112 - end of the world!

oh wait

Re:IPv6?

[dcsmith]

2112 - end of the world!

oh wait

Actually, that was Rush's best album. 2012 is the end of the world.

Re:IPv6?

Man, you were right up until the end, Rush is an impressive band that makes amazing music. But, the Beatles sucked.

Re:IPv6?

By that reasoning, it's all about popularity, and Justin Bieber and Nickleback have exorbitant amounts of talent.

Rush has only been able to last that long because their fans age with them.

Re:IPv6?

I think they meant "harpies nest".

Re:IPv6?

oooooohhh yeeeeeeaaaaaaahhhhhhhhh....
that was almost as good as a arithmetic error troll

Re:IPv6?

[dave420]

Popularity != talent. Evidence: Britney Spears.

Re:IPv6?

[omfgnosis]

The problem is you're trying to apply reasoning to taste. You and the posters above you. Talent may be measurable to some degree, but it would be an enormous waste of time to determine and measure all of the criteria, and most performers are unlikely to participate in the process; but music quality is determined by more than just talent.

As a silly example, it's debatable who has more talent in a class of guitarists which includes folks like Joe Satriani, Eddie Van Halen, Steve Vai and so on, but I personally am more inclined to listen to Steve Vai, because his style appeals to me more than the others. That doesn't make him better or worse, and other people with different taste might prefer the others, and quite a lot of people prefer none of the above.

Taste isn't a measurement of talent, and measuring talent is largely pointless except for the talented seeking to advance their craft or career.

Re:IPv6?

[timeOday]

I guess I am way behind the curve here, but what's the easiest way to tell if my computer and home router can access an IPv6 host?

And since I'm running a small webserver from home, which I presume will remain IP4 indefinitely, what's the easiest way to tell if somebody with an IP6 address can access it?

Re:IPv6?

[Blue+Stone]

>The rapture is here!

It's the IPocalypse!

Re:IPv6?

[MightyMartian]

Rush has one of the best drummers in rock history, and a bass player that is considered by many to certainly be in the top ten or twenty. It's hard to say Rush does not have musical talent, even if the music they make isn't to your liking.

Re:IPv6?

http://test-ipv6.com/

Re:IPv6?

Does your ISP provide you with an IPv6 connection or strictly IPv4? The easiest way to roll-out IPv6 is to begin at the end-user level by swapping out their existing Internet modem provided by their ISPs with devices which provide IPv6 external connection and IPv4/IPv6 internal connection so any internal routers or switches or access points can remain in use on the internal network. Then once the roll-out is completed the ISP provided IPv6 traffic to-from their customers and IPv4/IPv6 traffic from the ISP to the backbone allowing time for the "content providers" to migrate to IPv6 over a period of 2 years. By content provider I mean anyone running a website et al. The entire transition could be phased in over 3 years from start to finish if and only if it becomes mandated under "national infrastructure protection" policy. This way, large organizations can use their IPv4 blocks forever on their internal networks with only external interfaces needing to migrate to IPv6.

Re:IPv6?

[Brian+the+Bold]

Look, it's music. There's this thing known as personal taste, and another one known as tolerance of other people's opinions.

Overlay anyone's musical taste with someone else's and you won't get a match.

Re:IPv6?

Britney Spears tastes great!

Re:IPv6?

[cnastase]

No mention of Jimi Hendrix? BLASPHEMY!

Re:IPv6?

[kasperd]

And since I'm running a small webserver from home, which I presume will remain IP4 indefinitely, what's the easiest way to tell if somebody with an IP6 address can access it?

If you don't know the answer to that question, then the answer is no. You need to actually update your DNS records for the domain to include an AAAA record with your IPv6 address. Without that record an IPv6 only client will have no way of even trying to reach your domain. So, you need to get an IPv6 address, and then put that IPv6 record in DNS. If your Internet provider doesn't provide IPv6, then you have three options. Use a tunnel (tunnelbroker.net is the one I have the best experience with), switch to a better Internet provider, or wait for your current Internet provider to catch up.

Users who have both IPv4 and IPv6 will be able to reach your website, even if your website only has IPv4. The users, which will experience problems, are those who have only IPv6. There is still a couple of ways ISPs can make those users reach your site, but they involve NAT, which will reduce the reliability. Those NAT solutions come in two flavours. There are the CGN solutions, which are just doing IPv4 and work similar to the typical NAT people have at home, just at a larger scale. The other option is NAT64, where the NAT translates between IPv6 and IPv4.

Re:IPv6?

[mcgrew]

Rush is an impressive band that makes amazing music. But, the Beatles sucked.

I don't know if you're joking, stupid, ignorant, or just a twelve year old. The Beatles had a lot of songs I didn't like, but they produced art that changed music forever. I doubt anybody since Mozart has been so influential in music.

Ever heard "Old Brown Shoe"? Amazing bass riff. Not hard to play but damned original... but you wouldn't know that unless you were around before the song came out (and it was a "B" side that got no airplay).

Now, WTF does this have to do with running out of ip4 addresses? Is that Rush's fault, or the Beatles' fault?

Re:IPv6?

[mcgrew]

Dude, the guy's obviously trolling and you bit. This is a nerd site and Rush is pretty much a nerd band; 2112 was a science fiction musical, many other Rush songs are likewise nerdy.

"Bastille day... the king will kneel and let his kingdom rise"

"...and thye trees are all kept equal by hachet, axe, and storm."

Their poetic and msical abilities are unquestionable.

If this was the AARP site he would have substituted "Rush" with "Scott Joplin" for the same trollish effect. Rush is a great band, everyone knows it, and anyone who says they're no good, even if they don't like Rush, is trolling. Especially on slashdot.

Re:IPv6?

but what's the easiest way to tell if my computer and home router can access an IPv6 host?

Click here for Google's IPv6-only page.

It is now obsolete as they have discarded their previous whitelisting policy, but still useful for testing.

Re:IPv6?

[An+ominous+Cow+art]

Yeah. I have a personal policy to never set foot in a venue which is named after a damned car/phone/whatever company, but I broke that policy last Friday to see Rush start off their current tour.

Re:IPv6?

Did someone just talk shit about 2112 Overture/Temples of Syrinx? You renounce your blasphemy right now or I will see to it that you suffer.

Recyle Recyle Recyle....

Time to crackdown and revoke/reclaim IP's

Re:Recyle Recyle Recyle....

or, you know, just use ipv6.

Re:Recyle Recyle Recyle....

ISP's/corporations have to commit to that. And you know how they are, spending money is hard for them to swallow.

Re:Recyle Recyle Recyle....

[Kjella]

Time to crackdown and revoke/reclaim IP's

So there's 7 billion people and 4 billion IP addresses, how'd that work even if you could reclaim every range and achieve perfect routing and perfect efficiency meaning you couldn't be online at home or at work and on the phone at the same time. You'd just run into the same problem a little bit down the road as another billion people go online. Pretty soon there won't be any other choice.

Re:Recyle Recyle Recyle....

[firex726]

Yea, some still use apps written for IE6 and haven't moved since.

Redoing their network to accept IPv6 is not going to be high on their priority.

Re:Recyle Recyle Recyle....

[asdf7890]

ISP's/corporations have to commit to that

No they don't. Any ISP/corp that doesn't want to use IPv6 is free to sit back and watch parts of the Internet become unavailable to them and their users. Of course by choosing this path they chose to eventually die, but it is their choice to make.

Doing something other than IPv6 simply because people won't make the effort is like sticking to horse-drawn vehicles because people don't want the hassle of having to visit petrol pumps and towns/cities don't want the hassle of constructing the required infrastructure.

Re:Recyle Recyle Recyle....

You blindly assume that everyone online on the net needs a seperate IP address.
But that is clearly wrong. The place where I work has only 16 public IP addresses, yet there are about 500 PCs buzzing along with people surfing and mailing.

Re:Recyle Recyle Recyle....

[MightyMartian]

And I would, if my ISP had ipv6 addresses available.

Re:Recyle Recyle Recyle....

And it took us years to sort of work around the problems with NAT in all the protocols, so that things now mostly work behind a NAT... as long as you control the NAT, anyway. This is a stop-gap, not a solution.

Re:Recyle Recyle Recyle....

[Kjella]

You blindly assume that everyone online on the net needs a seperate IP address. But that is clearly wrong. The place where I work has only 16 public IP addresses, yet there are about 500 PCs buzzing along with people surfing and mailing.

Considering that we're about 2.3 billion people online and we're already talking about running out, we're using considerably more than 1 IP/person today. And if the entire world eventually reach North American penetration rates there's another 3 billion coming online. And most now believe the world population will peak at 10 billion so there's another 2.3 billion as well. Yes, with enough NAT you could probably make it sort of work but it'd be the end of the Internet as we know it. Only ISPs, big companies and people with way too much money would have a public IP that others could talk to. The rest could only access Facebook and YouTube and such via NAT.

Re:Recyle Recyle Recyle....

potato / potahto, stop-gap / solution.

What you call a problem I call "feature"; one that allows an extra layer of control between point A and B-C-D-E-....

Re:Recyle Recyle Recyle....

[petermgreen]

Any ISP/corp that doesn't want to pay for IPv4 addresses for their public services and pay for some mechanism to allow their users to access servers on the IPv4 internet is free to sit back and watch as they lose the ability to sell to many of their customers and buy from many of their suppliers over the internet. Of course by chosing this path they have a good chance of going broke (or getting overridden in a shareholder revolt) sooner rather than later but it is their choice to make.

Now personally I will offer any services i'm responsible for v6 where the provider offers it because I belive it is the right thing to do but i'm not going to pretend there is any strong reason for a buisness to do so.

Re:Recyle Recyle Recyle....

Switch to one that provides IPv6?

Re:Recyle Recyle Recyle....

You are under the delusion that every person has a choice of what ISP they use.

Re:Recyle Recyle Recyle....

[Githaron]

Why do so many people assume there is competition in the ISP market in all locations?

Re:Recyle Recyle Recyle....

[jbolden]

Those are mostly internal. Internal dual stack is easy.

Re:Recyle Recyle Recyle....

[icebraining]

There are better reasons to choose an ISP than IPv6 availability. Like the fact that I often get 11mbps while paying for a 10mbps line.

Re:Recyle Recyle Recyle....

[kasperd]

Time to crackdown and revoke/reclaim IP's

There are still people who believe, there are addresses to be reclaimed? Try to extrapolate the consumption in Asia from before IANA ran out. They'd need like 10 /8s right now. Who has been hoarding lots of addresses? According to Wikipedia it is the US department of defence. They have 11 /8s. I'm sure you think they could do with just one. So reclaiming 10 /8s from USDOD and handing them over to APNIC, would be the first step. If you don't think that would fly, then forget about reclaiming.

Besides, reclaiming is not solving the problem. The problem is that the majority of companies didn't want to spend any resources on the upgrade until it was very very urgent. Most have done nothing for the last 10 years. Even if they were able to do nothing for another 10 years, that isn't a long term solution. In retrospect, the invention of NAT is a part of the problem, even if it seemed like a good idea at the time.

Re:Recyle Recyle Recyle....

[Lennie]

Install an HTTP-proxy-server on the edge (a lot of those organisations already have one) and add IPv6 to that.

Done ?

Re:Recyle Recyle Recyle....

[kasperd]

And it took us years to sort of work around the problems with NAT in all the protocols, so that things now mostly work behind a NAT...

And it was not a complete success. Look at the large Skype outage a couple of years back. That's the sort of things that happen due to NAT. Also look at some of the IPv6 transitioning mechanisms. 6in4 through a NAT is unreliable in most cases. Even Teredo, which was designed to work through NATs, is probably the least reliable way to do IPv6 tunnels. And then there are all those people suffering from the Stockholm Syndrome and thus thinking NAT is a good idea, and IPv4 is better than IPv6 because with IPv4 you can get NAT.

If we had not had NAT available for IPv4, the transition to IPv6 would have been smoother. And the faster consumption it would have caused, would not have been a problem. It would simply have made companies start earlier and as a result it would have been less work, because the network was smaller and simpler.

Re:Recyle Recyle Recyle....

What you call a feature of NAT is actually a feature of firewalls.

Re:Recyle Recyle Recyle....

[WaffleMonster]

Time to crackdown and revoke/reclaim IP's

And do what? Disaggregate every /24 morsel you recover?

Clever... actually... once the IPv4 DFZ melts into a pile of goo the only choice left for people who want Internet access will be IPv6.

Re:Recyle Recyle Recyle....

So there's 7 billion people and 4 billion IP addresses, how'd that work even if you could reclaim every range and achieve perfect routing and perfect efficiency meaning you couldn't be online at home or at work and on the phone at the same time.

1. Work don't need public IP address except for the servers which host actual services and the gateway addresses, nothing else matters even the slightest.
2. Why do phones need public IP addresses anyway? You don't expect to run a web server on a phone do you? That would be silly.

Re:Recyle Recyle Recyle....

The problem is that your computer gets an IP, and your cable box gets its own IP too.
This is even before your toaster, fridge, game consoles and blur ray player want to get their own IP.
Thankfully most people's cell phone gets a NAT IP and not its own IP.

Re:Recyle Recyle Recyle....

[jbolden]

Sort of. You generally want more than HTTP. So you do a full v6 to v4 conversion box. That allows you to use v4 internally with v6 tunnels Then you start adding v6 to switches and routers so that you are running dual stack internally. At that point only a fraction remains on v4.

Re:Recyle Recyle Recyle....

[Electricity+Likes+Me]

And not a complicated one either. There is no reason SOHO routers couldn't default to firewall settings that mimic current NAT behaviour.

Re:Recyle Recyle Recyle....

[dkf]

Any ISP/corp that doesn't want to pay for IPv4 addresses for their public services and pay for some mechanism to allow their users to access servers on the IPv4 internet is free to sit back and watch as they lose the ability to sell to many of their customers and buy from many of their suppliers over the internet. Of course by chosing this path they have a good chance of going broke (or getting overridden in a shareholder revolt) sooner rather than later but it is their choice to make.

But you're failing to understand the scale of the problem. A large corp benefits from moving to IPv6 because it gets rid of the problem of running out of addresses allocated to them even allowing for NAT. The 10.*.*.* address space just isn't that large when you've got lots of employees and lots of virtualization. Yes, you can use NAT within NAT within NAT, but it all gets rather horrific very quickly.

Now, if only we hadn't compounded the problem by using our own hacked versions of NAT, firewalls and DNS systems (Why?! Why?!) this would have been a no-brainer...

Re:Recyle Recyle Recyle....

[dkf]

Why do so many people assume there is competition in the ISP market in all locations?

Either there is competition, or there is a market opportunity.

Just sayin'

Re:Recyle Recyle Recyle....

[Githaron]

There isn't much market opportunity when the government tends to block newcomers.

Re:Recyle Recyle Recyle....

[asdf7890]

Cockup on my part in the previous post: where I put IPv4 I meant IPv6: I was meaning that perhaps we should concentrate on those who are looking favourably on IPv6 and let the rest either join the bandwagon later or be left in the dust.

Unfortunately as much benefit as there is even internally for the larger address space, many large companies and ISPs see the upfront setup costs (reconfiguring a large infrastructure isn't cheap, and cutting corners is far too risky in the modern 24/7 business world, and some equipment will need replacing too) and ignore the longer term savings in inconvenience, man time, and other hassle. They misunderstand the scale of the problem, not I, and it is only getting worse as they now have "yeah, but you said we'd have those problems years ago, and it hasn't happened yet" in their bag of ill-conceived reasons not to upgrade.

Our own hacked versions of NAT and so forth were necessary. Without them we would have been the ones left in the dust as our code would not operate on the rest of the world's IPv4 only infrastructure well enough so other OSs and software stacks would have taken that market share instead.

Re:Recyle Recyle Recyle....

[asdf7890]

Actually, cockup in my comprehension completely. I replied to your post thinking you were replying to my post and completely confusing myself.

Note to self: don't post on a Sunday after a late drunken Saturday...

Re:Recyle Recyle Recyle....

[toddestan]

Is there dial-up providers who do IPv6? As that's about the only other option...

Re:Recyle Recyle Recyle....

[FireFury03]

2. Why do phones need public IP addresses anyway? You don't expect to run a web server on a phone do you? That would be silly.

Because trying to run peer to peer applications through a NAT is an almighty unreliable pain in the arse.

Not unexpected

[SmilingBoy]

I hope that this will serve as another incentive to move to IPv6. Allocations by RIPE NCC have already been very conservative over the last year (only allowing you to apply for new IPv4 space for three months of growth), so by the end of the year, there will be a real squeeze at the final customer level. I am lucky in that my ISP provides both IPv4 and native IPv6, so I will not be affected, but very few people are in such a position.

Re:Not unexpected

[SuricouRaven]

Or, as your IP sees it: "Crap, we're out of IP addresses. How much will it cost to retrain our network team, reconfigure our network, test every model of every device and deal with the tech support cost when it inevitably causes compatibility issues? Holy craptacular megabucks. Screw it, they're all going on NAT, only those nasty p2p users and people using VoIP to avoid paying our extortionate phone call bills will be affected."

Re:Not unexpected

[SmilingBoy]

Not sure. Carrier Grade NAT is quite expensive as well, and a big mess to administer. It is much worth than NAT at your home router as plug and play can be used by programmes to open ports dynamically. So once you go CGN, expect many support calls because of broken stuff.

I expect most ISPs to hand out native IPv6, and - once out of IPv4 - offer CGN as a stopgap for users to reach IPv4-only servers. The biggest and most popular sites are IPv6 enabled already, and I would expect the others to follow suit as well.

Re:Not unexpected

[Cimexus]

Yeah agreed. I've been on native IPv6 (dual stack, obviously) for, hmm, approaching two years now (I'm in the APNIC area so they ran out of IPv4 a while ago) and honestly I'm only reminded of the fact when someone brings IPv6 up in an article or something. The changeover was easy from the user's perspective - it just works. Indeed I suspect many users of my ISP don't even know they are on IPv6.

The resistance and heel-dragging on the changeover in many places/companies is a bit mystifying to me. It's not really that hard.

Re:Not unexpected

[Kjella]

Yeah agreed. I've been on native IPv6 (dual stack, obviously) for, hmm, approaching two years now (I'm in the APNIC area so they ran out of IPv4 a while ago) and honestly I'm only reminded of the fact when someone brings IPv6 up in an article or something. The changeover was easy from the user's perspective - it just works. Indeed I suspect many users of my ISP don't even know they are on IPv6. The resistance and heel-dragging on the changeover in many places/companies is a bit mystifying to me. It's not really that hard.

Well as long as you are on dual stack you have an IPv4 address for everything that needs an IPv4 address, but it doesn't solve anything as no more people can run that than there are IPv4 addresses. How much would cease to work if you went IPv6 only? Because that's the only Internet connection they can offer soon. And if you don't see the problem you don't know the average company's pile of legacy/custom code that will all assume it's using IPv4 and nothing else that nobody knows or the vendor will charge a ton to fix. To rip out all the IPv4 code and go IPv6 you'd need another coding frenzy like y2k, and your chances to conjure that kind of doomsday scenario is nil. IPv4 was so good that there's now decades of old code that will assume an IP is always a dotted quad and can fit in 4 bytes. Nobody wants to be the one who breaks production systems just to go IPv6 for no tangible reason.

Re:Not unexpected

[Cimexus]

Well you're right of course - when they truly run out of IPv4, those that get connected after that date will only be able to 'see' the IPv6 portions of the internet. Which is why it's important that we get at least ~most~ of the net running IPv6 before that happens. Currently let's face it, most stuff is still IPv4 only (although the major sites - Google, Facebook, anything served from Akamai etc. are all nicely dual stacked now, and I'm noticing it increasing rapidly ... my router reports approx 15% of my total traffic is now native IPv6; a year ago it was ~1%)

And yeah I know what you mean about legacy code in companies...that's a big issue that everyone will have to deal with. But I was more referring to first getting ISPs and residential/home users up and running on IPv6 - they are much easier since all modern OSes, browsers, phones etc. support it. And increasing consumer/residential connections is the main reason for IPv4 exhaustion (rapid uptake of connections in Asia particularly), so if we can deal with that side of it, it leaves companies that need to remain dual-stacked for legacy reasons with that much more time to deal with the situation.

Re:Not unexpected

[Wamoc]

Except you don't need to overhaul everything to IPv6. You can run a local IPv4 intranet for the legacy systems and only connect to the public internet on IPv6. Of course this requires every web facing server to have IPv6, which still needs a lot of work.

Re:Not unexpected

[marcosdumay]

How much would cease to work if you went IPv6 only?

Less than what ceases to work by going in a NAT.

That's because nobody will go IPv6 only, they'll go IPv6 and get behind a IPv4 NAT. Well, at least the lucky ones will, others will have only the NAT.

Re:Not unexpected

[petermgreen]

Because that's the only Internet connection they can offer soon.

Bullshit, they can offer you:

v4 only with a private IP and ISP level NAT
v6+v4 dual stack with a public v6 IP a private v4 IP and ISP level v4 NAT
v6 with a public v6 IP and ds-lite
v6 with a public v6 IP with NAT64 and DNS64

They will also be able to offer public v4 as a premium service once they push their bottom tier of users onto one of the above.

Remember your ISP's existing v4 IPs won't dissapear, they will just have to reduce the average number used per customer (or buy IP addresses on the market) if they want to increase the number of customers they serve.

Re:Not unexpected

[jbolden]

That's called carrier based NAT and ISP's do not want to go to it. The regulators have made it clear that carrier based NAT won't have legal shielding (i.e. they screw up as a result they are liable) and at the same time it is just as expensive as implementing v6. There will not be carrier based NAT.

Re:Not unexpected

[jbolden]

That's fine. IPv6 equipment can support dual stack and mappings. Users can share dynamically allocated address from a pool, as it is needed less and less. The v4 internet as a low feature, legacy support system is not a problem.'

What's a problem is making it the primary system.

Re:Not unexpected

[jbolden]

No what will happen is that v4 addresses will be in a dynamically allocated pool and for communicated within your ISP's network you'll use v6. Everyone understands the v4 pool will exist. But things like: geolocation, session maintenance... will get much much worse.

And so far it has been phones then moving home / small business over.

Re:Not unexpected

[oPless]

Carrier based NAT has been done for ages on mobile (cellular) telcos. I've never had any mobile device in the UK with a reachable IP address, nor have I ever been able to directly connect to an other IP in the same subnet the telco has given me.

Now cable companies could easily do NAT at the first stop upstream (another fun fact is that many* telcos don't have public IP addresses for their infrastructure at all)

Now the ip addresses I was using about 10 years ago still haven't been reused, let's not forget about all those huge companies that were allocated (multiple) /8 space, has the *thinks* DEC space been handed back? What about IBMs? Why aren't they using private space internally?

We've still got a shed load of IP space out there, it just needs to be (forcibly) repatriated.

* I last bothered to look several years ago ago, at a couple of ADSL providers and Virgin Media (Cable).

Re:Not unexpected

[Lennie]

Here is a list of what works and does not work with CGN:

What NAT444 Breaks

We are left with a number of applications (and application types) that currently break when Large Scale NAT is introduced. To avoid the doom and gloom feeling that is sure to follow a list of just the broken stuff, let’s start with a list of what isn’t broken by NAT444/LSN:

        Web browsing
        Email
        FTP download
                Small files
        BitTorrent and Limewire
                Leeching (download)
        Skype video and voice calls
        Instant messaging
        Facebook and Twitter chat

Not too shabby really, all things considered. That is quite a bit of functionality for being behind a fairly large kludge. If that were the end of the story I wouldn’t have written this article though. So, without further adieu, here is the list you’ve been waiting for; what NAT444 breaks:

        FTP download
                Large files
        BitTorrent and Limewire
                Seeding (upload)
        On-line gaming
                Xbox
                PlayStation
                Etc.
        Video streaming
                Hulu
                Netflix
                Slingcatcher
                Etc.
        Webcam
                Remote viewing
        Tunneling
                6to4
                Teredo
                Etc.
        VPN & Encryption
                IPSec
                SSL
        VoIP
                Limited ALG/SIP support
        All custom applications with the IP embedded
                Lack of ALGs

Wow, is it just me or is that list a bit longer? There’s that doom and gloom feeling creeping up.

http://chrisgrundemann.com/index.php/2011/nat444-cgn-lsn-breaks/

Re:Not unexpected

[kasperd]

And yeah I know what you mean about legacy code in companies...that's a big issue that everyone will have to deal with.

For the past year I have been working on a solution for that. Sort of like NAT, but with a few improvements. With that I can run a network which is IPv4 only or dual stack on the LAN and dual stack or IPv6 only on the WAN side.

Re:Not unexpected

[kasperd]

You can run a local IPv4 intranet for the legacy systems and only connect to the public internet on IPv6. Of course this requires every web facing server to have IPv6, which still needs a lot of work.

I have a sort of NAT solution that could be put between the LAN and the IPv6 Internet to help during the migration.

Re:Not unexpected

[kasperd]

v6 with a public v6 IP and ds-lite

That's still going to require NAT if they want to use less than one public IPv4 address per user. There may still be use cases for it, but I am not convinced.

I think 4rd sounds more promising. The concept of moving state to the CPE device certainly eliminates a lot of the new problems the other NAT solutions would introduce. I do think the packet conversion that 4rd does is ugly, stupid, pointless, and probably going to cause compatibility problems. Using IPv4 over IPv6 would have been much simpler. But the standard is not finalized, so maybe that can still be fixed. The major problem with 4rd is whether any CPE device will actually support it, by the time it is needed.

Re:Not unexpected

[petermgreen]

That's still going to require NAT if they want to use less than one public IPv4 address per user. There may still be use cases for it, but I am not convinced.

True, you need a special NAT for the ISP end of ds-lite but you don't need to manage private v4 addresses in your acess network. This avoids the risk of address collision with your users private IP addresses and means that very large ISPS (like comcast who wrote the ds-lite spec) don't need to federate their access networks to conserve private v4 addresses. It also scales horizonally nicely (just route different users to different ds-lite AFTR units) and is easy to implient in clients (from the clients point of view it's just a tunnel providing a route to a NAT)

Can't comment on 4rd as I haven't looked through that spec myself.

Re:Not unexpected

[SuricouRaven]

It doesn't break the video streaming, or if it did then it would be easy to modify the services to compensate. It also doesn't block games, providing you aren't trying to run a server. Now look at the rest... wow, it's like a list of things some ISPs *wish* they could break! Bittorrent and limewire? Those are the programs that let a small number of user suck up huge amounts of network capacity. VoIP? Half of those ISPs run a phone service too, and VoIP is letting people make phone calls for free. Doubley so for mobile internet. Running a server, or using a VPN? Those are business things - and businesses should be paying business rates.

Remember that the ideal internet user, from the ISPs perspective, is one who pays for top-tier services and then uses it to check email and so some light browsing.

Re:Not unexpected

[kasperd]

True, you need a special NAT for the ISP end of ds-lite but you don't need to manage private v4 addresses in your acess network. This avoids the risk of address collision with your users private IP addresses

So that means larger entries in the connection table in the NAT? It would need to remember both the client's IPv4 address and the IPv6 address of the client's tunnel endpoint. And it would need to have the NAT tightly integrated with the DS-lite endpoint, as the information that needs to travel between them is more than what fits in an IPv4 header.

Everything taken into account, it still sounds better than two layers of NAT.

Re:Not unexpected

[fa2k]

The distinction for BitTorrent is incorrect: you can seed and leech behind an unpenetrable NAT, but you can't connect to other peers which are behind NAT

Re:Not unexpected

[WaffleMonster]

Well as long as you are on dual stack you have an IPv4 address for everything that needs an IPv4 address, but it doesn't solve anything as no more people can run that than there are IPv4 addresses.

More than a quarter of all my Internet traffic by volume is IPv6 today. This means my ISP can get away with purchasing cheaper CGN gear as the IPv4 traffic volume dries up.

How much would cease to work if you went IPv6 only?

slashdot would...sigh...and all of our sticky glue records...and..and... the point is we're in a transition period it will take a long time before people can safely make that leap to IPv6 only.

Because that's the only Internet connection they can offer soon

Policy for the last /8 within RIRs allows a final small allocation to an existing company or any new ISP so they at least can get enough IPv4 to wire up a CGN to provide some IPv4 connectivity for transition purposes with their production IPv6 offering. The last /8 is designed to last many years perhaps decades.

And if you don't see the problem you don't know the average company's pile of legacy/custom code that will all assume it's using IPv4 and nothing else that nobody knows or the vendor will charge a ton to fix.

Please realize internal shit never needs to change...ever it can stay on IPv4 until our sun becomes a red giant for all anyone cares. It is only an organizations external facing presence which needs the upgrade to IPv6.

To rip out all the IPv4 code and go IPv6 you'd need another coding frenzy like y2k, and your chances to conjure that kind of doomsday scenario is nil.

??? Why rip anything out? You change a few function calls and the same code works with both address families... not rocket science. People who had half a brain from the start used address family agnostic functions as a result some have not needed to make ANY changes to their code to support IPv6.

IPv4 was so good that there's now decades of old code that will assume an IP is always a dotted quad and can fit in 4 bytes. Nobody wants to be the one who breaks production systems just to go IPv6 for no tangible reason.

Keep your IPX, banyan, netbeui...whatever you want to use internally within your own organization. Nobody cares.

Only the interface between your administrative domain and others need be IPv6 enabled. If you can't figure out how to get your web site and email on IPv6 or setup a VPN over IPv6 you have bigger problems than the cost of IPv6.

Re:Not unexpected

[jbolden]

Carrier based NAT has been done for ages on mobile (cellular) telcos

No it isn't. They may be blocking unsolicited connections but it is not carrier NAT.

Now the ip addresses I was using about 10 years ago still haven't been reused, let's not forget about all those huge companies that were allocated (multiple) /8 space, has the *thinks* DEC space been handed back? What about IBMs? Why aren't they using private space internally?

We've still got a shed load of IP space out there, it just needs to be (forcibly) repatriated.

Lets assume you get those back. What does that buy another few hundred million addresses? Sure 10%, 20% extra space. So what? The internet is still growing exponentially. Look particularly at global expansion. In exchange for massively complicating the routing tables we buy extra months. Why bother?

Re:Not unexpected

Geolocation will get worse, uhm which worse is that? Google will be able to pinpoint my house all of a sudden? or worse in that Google no longer correctly identifies my city?

Re:Not unexpected

Yep - same here. I've been dual-stacking from a Cisco 877 for about 3 years.

I also have a few plug-ins that show me if my page is v4 or v6. On the whole, a fair-few sites are IPv6. Ebay isn't one of those just yet....

Just needs a few more high-importance sites to switch 6 on, and the Internet will be completely 6 for me :)

Re:Not unexpected

[jbolden]

Worse in the Google no longer can correctly identify your city based on your IP sense

Re:Not unexpected

[knorthern+knight]

Sorry about the weird quoting style. Slashdot's "lame filter" blocks the use of ">" at the beginning of every quoted line.

BEGIN QUOTE
here is the list you've been waiting for; what NAT444 breaks:

                FTP download
                                Large files
END QUOTE

Really? Are you saying that at some specified file size, the FTP protocol toggles to a different state/version? Please explain.

BEGIN QUOTE
                BitTorrent and Limewire
                                Seeding (upload)
END QUOTE

I'm sure the MAFIAA will be happy

BEGIN QUOTE
                On-line gaming
                                Xbox
                                PlayStation
                                Etc.

                Video streaming
                                Hulu
                                Netflix
                                Slingcatcher
                                Etc.
END QUOTE

What sort of braindead "design" requires a public IP address on *CLIENT* software??? BTW, some time ago, I had a situation at home where I had to put a NATing router behind a NATing router (long story). ssh and ftp and streaming audio/video on the web worked just fine, thank you. Ditto for annoying schlockwave trash ads.

> All custom applications with the IP embedded
> Lack of ALGs

See above comment re:braindead "design".

Look, there are valid reasons for switching to IPV6 rather than NAT444. Braindead applications which needlessly break under NAT444 is not one of them.

Re:Not unexpected

The internet is still growing exponentially

It's not, actually. Growth has been almost linear over the last five years, and we'd need about 10 /8s per year to continue that growth unabated. There's enough unused IPv4 address space to last us another 10 years at the current growth rate, but for various legal and technological reasons, that address space can not be made available. The owners of the huge legacy allocations will make a killing though, as nobody is ready for IPv6 and the need for IPv4 addresses will continue long after the RIR pools dry up.

Re:Not unexpected

[jbolden]

First off the growth is pretty fast. Number of people is up 528% over the last dozen years. I also think you are forgetting about smartphone which are increasing the usage and more importantly increasing the number of devices per family. Also increasing IP demand.

And I agree that there will be a period fo strong demand for v4 addresses. I don't think it will be too bad though. Carriers can move consumers / small business over and that will free up tons of v4 space.

Re:Not unexpected

An overall improvement then. I always found IP2City geolocation creepy. It's hit and miss and we're still on IPv4. I'd like Google to misidentify my city more often.

Re:Not unexpected

Really? Are you saying that at some specified file size, the FTP protocol toggles to a different state/version? Please explain

If I were to guess it would have something to do with the control channels TCP session being dropped as an expired NAT touple while file download is in progress.

What sort of braindead "design" requires a public IP address on *CLIENT* software??? BTW, some time ago, I had a situation at home where I had to put a NATing router behind a NATing router (long story). ssh and ftp and streaming audio/video on the web worked just fine, thank you. Ditto for annoying schlockwave trash ads.

First problem in your thinking is the use of the word *CLIENT* when in many of the enumerated instances it is actually more like *PEER*.

The second problem is assuming "NAT" and "CLIENT" imply compatible functionality when they do not.

The third problem is not understanding the "double NAT" issue. It has nothing to do with cascading NATs.

Look, there are valid reasons for switching to IPV6 rather than NAT444. Braindead applications which needlessly break under NAT444 is not one of them.

There is a lot of cool shit you can do when you design protocols which know the address of their peers. Normally passing any lower layer details is best avoided yet sometimes necessary because there is no other way.

FTP and SIP for example allow data transmission separate from control channel which would not be possible without passing lower layer details over their control channel.

What is "braindead" is continuing to put up with unecessary compromise and crappy poorly performing protocols just so that everyones shit still works through a NAT. Fuck NAT.

Re:Not unexpected

[FireFury03]

I've never had any mobile device in the UK with a reachable IP address, nor have I ever been able to directly connect to an other IP in the same subnet the telco has given me.

Three do public IPs on certain types of account (I used to get one if I used the threeinternet APN instead of three.co.uk, although the threeinternet APN doesn't seem to work at all for me these days). AAISP do public IPs on their SIMs too.

Now cable companies could easily do NAT at the first stop upstream

If by "easily" you mean "break lots of customers' software and be innundated with support calls".

Now the ip addresses I was using about 10 years ago still haven't been reused, let's not forget about all those huge companies that were allocated (multiple) /8 space, has the *thinks* DEC space been handed back? What about IBMs? Why aren't they using private space internally?

*sigh* this gets brought up every time there is some discussion about IPv6, and anyone who brings this up is showing they don't understand the scale of the problem. If you reclaimed all the legacy /8s that were handed out back in the day, they would extend the life of IPv4 by a few months. That's it. Its more trouble than its worth, and frankly there's no benefit to anyone - everyone has had 14 years to migrate to IPv6 already, they have shown that they won't migrate until the absolute last minute (even though this will often cost more in the long run than gradually migrating over the natural equipment life-cycle). Postponing the "last minute" for a few months won't give people more time to prepare (they've had enough time already), it will just make them procrastinate a bit longer. What was actually needed was some regulatory pressure to force ISPs to prepare their infrastructure properly several years ago instead of focussing on short term profits.

* I last bothered to look several years ago ago, at a couple of ADSL providers and Virgin Media (Cable).

Virgin Cable are having to roll out IPv6 onto their network because they don't have enough RFC1918 addresses to go around their private equipment (yes, they could segregate the network and duplicate addresses, but they will need to move to IPv6 in the long term anyway so it is better for them to just do it rather than implement bodges that would make the network a pain in the arse to manage).

Re:Not unexpected

You are talking out of your ass. If you get assigned a RFC1918 ip address from the mobile carrier (which is true for many carriers in Europe) it is of course Carrier based NAT and NOT "blocking unsolicited connections"

So shut the fuck up if you don't have any clue about whats going on in other parts of the world that the shitty spot you keep posting your bullshit from.

Personally?

[kiriath]

I'm going to wait it out and skip straight from IPv4 to IPv8... IPv6 could be the Windows Vista of the IP world.

Re:Personally?

[SJHillman]

Why not just use IPv9

RFC 1606: http://tools.ietf.org/rfc/rfc1606.txt

Re:Personally?

Actually, that was IPv5... so you see, you're the guy who skipped windows xp, vista, and windows 7, jumping straight into the broken windows 8 era.

http://en.wikipedia.org/wiki/Ipv5

Re:Personally?

Which reminds me, whatever happened to IPv1, IPv2 and IPv3?

Re:Personally?

[rickb928]

Windows 8 is not broken. It will work as designed.

Re:Personally?

[rvw]

Why not just use IPv9

RFC 1606: http://tools.ietf.org/rfc/rfc1606.txt

Oh no! Is the IETF on the same updating scheme as Mozilla?

Re:Personally?

[no1nose]

I used to think they could pry XP Pro from my cold dead fingers, now it will be 7 Pro that I want to keep for the next 10 years. We are running 8 on some test machines in our Enterprise test lab and Yikes, not a good business/productivity environment!! (we are finding users lose track of what they are doing when the switch applications, and no Start Menu?) I will be holding onto my Dell 7 Pro install media for a long time.

Re:Personally?

[marcosdumay]

That's a non-sequitur.

"It works as designed" does not imply "It's not broken".

Re:Personally?

[rickb928]

Then you're applying the word 'broken' as if they intended to meet your expectations.

Windows 8 is intended to change your expectations. That's Microsoft's plan, not mine.

Re:Personally?

Windows 8 is not broken. It will work as designed.

Windows 8 is not broken. It will work as mal-designed.

FTFY

Re:Personally?

[kasperd]

Why not just use IPv9

In reality version number 9 is actually assigned to the TUBA protocol.

Re:Personally?

[kasperd]

Which reminds me, whatever happened to IPv1, IPv2 and IPv3?

They are mostly forgotten. It is possible to find the version 2 specification on the web. It does differ en some important ways. For example back then the separation between IP and TCP had not yet happened. So the specification is actually called TCP version 2. The IP and TCP fields were not as clearly separated, and the version number was not even the first field in the packet. It is a bit tricky to find out what the version number is when its location depend on the version number. That is probably also the reason it isn't officially allocated in the registry.

I predict, that if there is ever going to be a successor to IPv6, there will be a worry that the version numbers will run out. Thus it will be decided to introduce a variable length version number field to ensure that never runs out. An agreement will only be reached after a heated discussion. The problem is, that people have an aversion against variable length fields in the IP header. And that aversion people have for a good reason. It is OK to change the length of fields between version. And some people will have a hard time understanding, that this means the version field itself can be variable length without problems, because within each version it is a fixed value and thus fixed length.

Re:Personally?

[idontgno]

"Broken" can be applied by objective and self-evident standards of rightness. Hence, the phrase "broken as designed." Which appears to be canonically applicable to Windows 8.

Re:Personally?

[blind+biker]

IPv6 could be the Windows Vista of the IP world.

That was IPv5. We're safe.

Still not freaking out.

So now we start reclaiming the blocks of 16 million addresses that have gone unused, right?

Re:Still not freaking out.

[Lennie]

No, they will probably be selling them to the highest bidder.

spammers

[prisma]

If they could audit their ISPs, I wonder what fraction of their IP addresses would be found as being used by spammers and their bot nets. It'd be great if they could seize abused IP ranges back and turn them over to folks with more legitimate uses.

Re:spammers

[Cinder6]

Knocking botnets off the Internet would be annoying for those poor folks who didn't realize their systems had been compromised.

Re:spammers

[doshell]

Sigh. We've been over this countless times. Even if you managed to reclaim all IPv4 ranges that are not being completely used presently, you would buy yourself only a few more months (at current growth rates) until you ran out of addresses again.

I seriously have a hard time trying to understand why so many people on Slashdot seem to be militantly against IPv6. You'd expect more of an allegedly technologically literate audience.

Re:spammers

Approximately none of them. Spammers do not act as local internet registries; most just rent their IPs from a spam-friendly hosting provider or local ISP.
Bot net clients are infected machines and bring their own IP from their legitimate owner.

Re:spammers

[prisma]

About seizing IP ranges, I meant looking for entire chunks of IPs that may have been bought by a "business" or "ISP" and then converted wholly into a spam farm. From my point of view, sometimes it feels like there are armies being deliberately built out there. I agree about compromised individuals and don't think it would be practical to go about finding each and every one them, much less enforce any kind of ban.

Re:spammers

Too fucking bad. Why care about idiots that don't know how their equipment works?

Re:spammers

[firex726]

I doubt it'd help much.

Most spammers don't sit on a single range for a long time, it'd be easy as pie to block. Speaking with first hand experience they'll get some low end basic server/VPS, and multiple IPs across multiple ranges then spam as much as they can till they are caught by the DC or get the ranges blocked.

It's a big red flag when someone asks for a lot of IPs on a low end servers. Either they are a spammer or don't know what they are doing.

DC does not like it since you now have multiple ranges which are blocked by many ISPs and won't be usable by future clients, since there is often a good bit of red tape to get them unblocked and even then it's up to the ISPs discretion.

Re:spammers

[prisma]

I'm not at all against IPv6. My perspective is just one of speculative curiosity: If IPv4 addresses were used at 100% efficiency (with inefficiency being defined as malware/botnets/spammers) how much longer would they have?

A little extra time to shake out the bugs from any infrastructure upgrade seems couldn't hurt, too.

Re:spammers

[firex726]

Annoying yes, but if that's what has to be done...

People need to exercise some responsibility in securing their PC. You can be ticketed for having a dangerous vehicle that does not conform to road safety standards.

Re:spammers

I'm not at all against IPv6. My perspective is just one of speculative curiosity: If IPv4 addresses were used at 100% efficiency (with inefficiency being defined as malware/botnets/spammers) how much longer would they have?

The last estimate I saw: less than a year. (Don't have a citation link handy though.)

Re:spammers

[omglolbah]

The time wouldnt be used for that though, it would be used to delay the rollout of ipv6.

Just like every excuse out there has been used... sigh

Re:spammers

[JackieBrown]

The problem is we have been hearing we only have a few months left for years now.

Re:spammers

But as you approach "100% efficiency" many problems with IPv4 get worse: NATs or (ugh) double NATs tend to complicate things, and the routing gets ever more complicated when you have to direct ever smaller netblocks to different points in the network.

Re:spammers

[Nofsck+Ingcloo]

I guess the reason I'm dragging my heels is my complete mystification and annoyance that the designers of IPV6 didn't do something sensible like make some small corner of the V6 address space map to the V4 address space. So instead of being simple and seamless, I have to spend some time fooling around with my equipemnt and software to work around that omission. A pox on the designer's heads.

Re:spammers

[kasperd]

If IPv4 addresses were used at 100% efficiency

100% efficiency is unrealistic. Once the HD-ratio reaches 80-90% the administrative overhead and routing overhead becomes problematic. I think IPv4 by now has been pushed over 90%, and the problems are showing. With 32 bit addresses an HD ratio of 90% means we can effectively use about 29 bits. In terms of addresses, IPv4 has about 3.7 billion addresses (once you take into account, that some are reserved). Now raise that to the power of 0.9 to find out how many you can use at a 90% HD ratio. 3700000000^0.9=408678275. So just over 400 million devices at 90% efficiency.

There may be people who tell you, that 90% efficiency would mean 3700000000*0.9. Those who says that, do not understand the problems they are talking about. HD ratio indicates how efficiently the bits in the addresses are used and not the number of addresses themselves. And the HD ratio turns out to be a much better measure to predict what is feasible.

Re:spammers

[SmilingBoy]

Bullshit. I have followed IPv4 exhaustion in detail for the last 5 years. The prediction was always that IPv4 will run out at the global level between 2010 and 2013 (it happened in February 2011), and run out at the regional level in the years after that (it happened in April 2011 in Asia-Pacific and today in Europe-Middle East). So no surprises at all. If you are a European ISP, and you stuck to the rules of RIPE NCC, you now have IPv4 stocks that should satisfy your growth needs for the next three months. After that, you cannot grow your network anymore without resorting to the mess that CGN is.

Re:spammers

[RobbieCrash]

IPv6 is incredibly confusing. I know how to set up a subnet for 172.20.18.0/24. Subnetting DEAD:BEEF:FEED:BEAD::1/56 is nonsense.

Re:spammers

[SmilingBoy]

Guess what, they did: ::FFFF:111.222.111.222 is IPv6 for 111.222.111.222. But you still need to "fool around" with equipment because there is no way that an IPv4-only device can address an IPv6 device.

Re:spammers

[ballpoint]

I'm 'against' IPv6 because it's a full bloat protocol rewrite instead of simple extension of IPv4. The latter would have been accepted and implemented much quicker, on a larger scale and at much less cost. In a way you could look at NAT as such an extension, one of its existential reasons being that IPv4 addresses always have been in scarce supply to anyone but the original colonizers of the void.

Yes, I know, there are other advantages advertised for IPv6. They must be really small given the lack of interest.

Re:spammers

[bmo]

>About seizing IP ranges, I meant looking for entire chunks of IPs that may have been bought by a "business" or "ISP" and then converted wholly into a spam farm

Nobody buys IP ranges to open a spam farm. Ever.

> From my point of view, sometimes it feels like there are armies being deliberately built out there.

Welcome to 10 years ago.

> I agree about compromised individuals

That's what a botnet is, millions of compromised individual machines not even from the same IP range, because IP range when building your botnet means fuckall.

Command and control is typically done through IRC. Although this is changing to a distributed model via p2p where any machine in the botnet can be a c&c node.

Why buy an IP range and populate it with machines you have to buy when you can just load a trojan in with a popular software package and upload it to a bazillion torrent sites and let people install your botnet for you? Or buy adspace and propagate via driveby-install?

Your information on spam and botnets is outdated. I used to hang out on news.admin.net-abuse.email and actively fight spam until the botnets showed up. Then I gave up. Knocking them off the net one-by-one became an example of "shoveling shit against the tide" as my dad says.

--
BMO

Re:spammers

Forgot to hit the "Post Anonymously" button again?

For the benefit of others.

Try visiting http://[::ffff:216.34.181.45]/ - didn't link it as slashdot fucks up IPv6 literals.

Re:spammers

[timftbf]

No, it isn't. It's easy. *Everything* is a /64 unless you have a really good reason why not. You should get at least a /56 for each site, for anything remotely "business-grade" a /48. You really don't have to care about numbers of hosts at all - start thinking in terms of what *networks* you need, how many of them, what your *subnet* addressing plan should look like...

It's not just more bits, it's a mindset-shift in how you design networks.

Re:spammers

It's easy. Every subnet should now be a /64.

Re:spammers

[doshell]

I don't know where you get that IPv6 is a "full protocol rewrite" of IPv4. For the most part it does exactly the same as IPv4 except with more address bits, and in some cases it even simplifies its predecessor (e.g. no IP header checksum). Any person able to understand or implement IPv4 ought to be able to understand or implement IPv6, because there are no fundamentally new concepts. (I would venture that most people who criticise IPv6 don't even understand fully what IPv4 does, so they don't really know what they're talking about.)

I am also interested in hearing what a "simple extension of IPv4" would be, in your opinion. Odds are you will propose something to the tune of keeping the original IPv4 header and semantics, and tacking some extra address bits at the end. Except in that case you'd still have to teach every fucking router and end system in the world how to decode the new-fangled packets, which is not any different from IPv6 from a cost perspective. You might as well do it right and fix some of IPv4's warts (header checksum, autoconfiguration, node mobility, etc) instead of applying a band-aid solution.

NAT is hardly an acceptable extension of the IPv4 addressing space because NATted clients do not have the same capabilities of non-NATted clients. (Yes, I know about hole-punching techniques; they do not solve the problem fully, and in respect to what they do, they are defeated by many real-world NAT implementations.) If you don't understand the importance of this, I encourage you to read about the end-to-end principle. Finally, it is ludicrous to suggest that implementing NAT at the scale that will be required by the ever-growing Internet would be any cheaper than IPv6. Carrier-grade NAT doesn't exactly come for free.

Re:spammers

Just about every statistic you might want to know about IPv4 allocations is at http://www.potaroo.net/tools/ipv4/

Yes, that first graph predicts that ARIN (North America) will be down to the last /8 sometime during the first quarter of 2013 (like RIPE is now and APNIC has been since April 2011).

Reserved, unadvertised and pool addresses total 101 times 2^24 addresses. The last five years have seen the number of allocated addresses grow roughly by 10 times 2^24 addresses per year. Reclaiming unused address space and using all previously reserved address space could prolong the suffering another 10 years, but most of the unadvertised addresses are in legacy allocations with unclear legal status (these addresses may well be unreclaimable) and using the reserved addresses as unicast addresses would cause clashes with hard coded expectations. 2013 will either be the year the big networks start to put their users behind NAT or it will be the year of IPv6 entering the mainstream. I expect the former.

Re:spammers

[grumbel]

how much longer would they have?

We currently use around 12 class A networks per year of which there are only 255 in total (many of which are unrelocatable due to being reserved for localhost, multicast and so on) . Whenever you hear people complaining about IBM or whoever holding a large chunk of IP addresses, that refers to a single class A network. So getting IBM, HP or Xerox to restructure their network and give back their IPs would buy you one month each time. There aren't a whole lot of companies holding class A networks, so you could at maximum get probably 2 years or so, realistically much less.

A little extra time to shake out the bugs from any infrastructure upgrade seems couldn't hurt, too.

We already had 14 years to do that, another one or two won't make a difference. IPv6 doesn't need time, it needs something that forces people to make the switch, running out of IPv4 seems to slowly building up to be that force.

Re:spammers

[jbolden]

It is exponential growth. Drastic measures that would make routing a huge mess (well beyond what today's routers can handle in terms of table complexity without latency skyrocketing) but you a few months extra worth of IPv4 addresses.

Re:spammers

[jbolden]

Actually they did. You setup a v4 anywhere in your v6 subnet and map to it. It is a local mapping though so that routing remains v6 only.

Re:spammers

[houghi]

I understand why people are against IPv6.

Imagine I am an Internet Provider Owner. If there are not enough IP addresses, I can sell them for a high price. I can tell people :Look at the /. article that says there are no more IP addresses, so if you want a fixed IP address, you need to pay 50EUR/USD per month.
Obviously smart people, like ourselves, know that this is bullshit, because any used IP address is one used, regardless if it is fixed or not.

So what happens if they are really all used? They will put people on local networks. People will get a 10.x IP address. and are forced to pay for IP addresses and more then just 50EUR per month.

That means a lot more extra income and all this because they did nothing and did not invest anything.

As an Internet Provider Owner, I could invest in IPv6 hardware and give away my excuse why I charge extra for a fixed IP.

What would you think I am interested in? IPv4 or IPv6.

Oh and the 50EUR per month is not something I just made up. I looked a while back at price differences between end user subscriptions and business ones, I factored in speed, amount of extra services and such, until the only difference left was the fixed IP address. That was around 65EUR, so I rounded it down a bit, even though the end user had higher speed (8Mb vs 3Mb)

Re:spammers

[doshell]

I'm not at all against IPv6. My perspective is just one of speculative curiosity: If IPv4 addresses were used at 100% efficiency (with inefficiency being defined as malware/botnets/spammers) how much longer would they have?

Okay, I apologise if my post came out as harsh (since you are not against IPv6, it wasn't really directed to you).

In regard to your question, I propose the following thought experiment: it seems at the point of IPv4 address exhaustion, IANA had been burning through about twenty /8's per year (source). Now, I know that addresses allocated by IANA are not immediately used by the RIRs, but I think we can safely assume that it's only a lag effect, since RIRs are not allowed to request more addresses from IANA unless they have used past allocations to a certain degree. So suppose that all 256 /8's in the IPv4 addressing space were usable (some are not, for various reasons) and that, due to address squatting, spammers or whatnot, half of the currently used addresses could reasonably be reclaimed. There are rougly 221 /8's usable for general-purpose addressing, so we are talking about roughly 110 /8's worth to be reclaimed. At an allocation rate of 20 /8's per year, you would be buying little more than 5 years. And, obviously, the fraction of reclaimable space is likely much smaller.

I should note that the crux of the above argument is that the allocation rate never slows down. (In fact, it has been increasing along the years.) We all should know that exponential growth processes cannot last forever in a finite world. However, considering that the world's population almost doubles the size of the IPv4 addressing space, and that in some regions of the globe there is already more than a single device per inhabitant connected to the Internet, I seriously doubt we are anywhere near the point where the growth curve flattens. There is a real need for a much larger address space.

One final thought: an Internet where every single IPv4 address does not go to waste is probably difficult to achieve for technical reasons. IP addresses do not serve only to identify particular machines; they are used to route packets to them, and the way we do that is by having the addresses of "nearby" machines share a common prefix. That way, routers on the Internet only have to store a handful (some thousands, perhaps) of prefixes in their routing tables, instead of a dedicated entry for every machine connected to the Internet. So there is also a case for a larger addressing space in that it allows you to keep the Internet routing table size small by making sure that you can still assign "nearby" addresses to "nearby" machines throughout the future.

Re:spammers

[jmerlin]

I'd be happy if I got an IPv6 address with 81:68:00:81:35 somewhere in it.

Re:spammers

[doshell]

They did do that (as one of the other replies points out). What I think you fail to grasp is that, no matter how "backwards-compliant" your extension is, you still have to teach everyone how to talk to the new-fangled addressed outside the original space, not just the machines that happen to be assigned the new-fangled addresses.

Re:spammers

To be fair, you're right: it is nonsense. Subnetting DEAD:BEEF:FEED:BEAD::1/56 is nonsense in the same way that subnetting, say, 172.20.18.37/24 is nonsense: it's an IP, not a network.

If you don't get what I mean by that, then you probably don't get subnetting in v4 either.

Re:spammers

[kasperd]

One final thought: an Internet where every single IPv4 address does not go to waste is probably difficult to achieve for technical reasons.

That's what the HD-ratio is all about. The HD-ratio is a measurement of what percentage of the bits in the address you can efficiently use. It turns out in practice that things tend to go well if the HD-ratio is less than 80%, between 80% and 90% is where you plan how to extent the address space, and if you go above 90% it means your plan failed.

Re:spammers

[kasperd]

Yes, that first graph predicts that ARIN (North America) will be down to the last /8 sometime during the first quarter of 2013

That might actually be a mistake in the graph. Compare the graph of actual consumption and the extrapolation (the fat curve, and the thin line of same colour). I find the extrapolation to match fairly well with data between 2008 and 2011, but not matching all that well in 2012. And the date predicted at the top of the page doesn't say first quarter, rather it says 24th of August 2013.

most of the unadvertised addresses are in legacy allocations with unclear legal status

Unadvertised does not even have to mean unused. It can be in use on internal networks with computers that need access to both the internal addresses and the Internet. Thus you cannot reclaim them without introducing conflicts. And you cannot expect those networks to renumber into RFC1918 addresses, as that can introduce other conflicts. There is a reason why IPv6 did not blindly copy the principles from RFC1918. If you look at RFC 4193 you'll find it actually takes measures to avoid collisions. Achieving the same with IPv4 is just not feasible. Even if you wanted to use some of the reclaimed addresses to introduce new RFC1918-like addresses, you'd increase the consumption while the renumbering is in progress. But that's not going to work either, because you'd have to have such renumbering completed before IANA ran out.

2013 will either be the year the big networks start to put their users behind NAT or it will be the year of IPv6 entering the mainstream.

One does not rule out the other. If any ISP was to deploy CGN without native IPv6, they deserve to go out of business as users migrate to a serious Internet provider.

Re:spammers

Parent is an incredibly enlightened post - listen to this guy!

IPv6 is traumatic until you do a mindset shift, then it's easy.

Re:spammers

[kasperd]

I'd be happy if I got an IPv6 address with 81:68:00:81:35 somewhere in it.

You can get one today. Just get a /48 through a tunnel provider. Then if your tunnel prefix was for example 2001:db8:dead::/48, then you can use 2001:db8:dead:81:68:00:81:35 however you like.

Re:spammers

Compare the graph of actual consumption and the extrapolation (the fat curve, and the thin line of same colour). I find the extrapolation to match fairly well with data between 2008 and 2011, but not matching all that well in 2012.

Yes, but on the other hand there might be some last minute rush to get the remaining addresses. Either way, it's a matter of months, not years, until ARIN is down to the last /8.

Unadvertised does not even have to mean unused.

Of course not. A lot of unadvertised space is also in recent allocations, which will be advertised soon. But the big blocks of unallocated space are in the /8-per-company allocations of yore. It is quite likely that those address spaces are mostly unused. I have no doubt that about half the total unadvertised but allocated space is unused (mostly the parts with orange from top to bottom in figure 5). Anyway, those addresses will not be reclaimed and the reserved space will not be used either, so the RIR pools are what's left and then it's IPv6 or NAT.

Re:spammers

[kasperd]

Either way, it's a matter of months, not years, until ARIN is down to the last /8.

It could end up being more than one year. Two years or more sounds unlikely, unless the IPv6 transition is speeding up a lot. RIPE running out of IPv4 addresses does have the potential to speed up the transition, also in other parts of the world. It doesn't matter if people in Canada can still get IPv4 addresses, if they need to communicate with people in Europe, who cannot.

I am still guessing that ARIN will run out. But three out of five RIRs running out might just be enough to get IPv6 going fast enough that IPv4 usage peaks before LACNIC runs out.

Re:spammers

[ballpoint]

A bit late in the discussion, but still. I have it you never implemented a TCP/IP stack on a barely capable embedded device, or you would understand why I call v6 a full bloat protocol rewrite.

As to NAT, that was just an example to demonstrate how a way to deal with IP address shortage cut short the long-in-the-teeth v6, partly because of its zero rewrite costs and partly because it was timely. I'm fully aware of its shortcomings.

I blame IPv6 for being late and more different than strictly necessary which has further delayed its acceptance. Meanwhile NAT and v4 only devices have festered.

Had the committee KISSed, this discussion would have been over 10 years ago at a much lower total cost.

Re:spammers

[unixisc]

It's been discussed here several times on this topic of IPv4 -> IPv6: there is no 'simple extension' of IPv4. Let's say they had decided to go from a 32-bit address to a 40-bit address, and kept the format the same, as 255.255.255.255.255, there would still have been the same problems - all networking equipment worldwide would have needed upgrades to support this 'simple extension'. It would have been every bit as costly as it is now.

It was in recognition of this reality that the IETF decided to pack in all possible improvements to the IP protocol that they figured, starting w/ expanding the address field such that networking gear would never again need to be replaced due to protocol changes. I agree that some of the definitions were not well thought out, or not implemented properly, but the IETF did take a bold step in that direction. Once this transition is done, getting public IP addresses for anything would be a piece of cake.

Re:spammers

[doshell]

A bit late in the discussion, but still. I have it you never implemented a TCP/IP stack on a barely capable embedded device, or you would understand why I call v6 a full bloat protocol rewrite.

Indeed, I haven't. I take it you have. Could you elaborate? Is the bloat due to having to support a dual stack on a tiny device, or are there concrete features/quirks in IPv6 that are difficult to implement in a constrained device? Pointers would be okay; I searched the web but nothing terribly relevant turned up.

Re:spammers

[Linuxmagic]

Actually, it isn't just a few thousand, there are /17's used primarily for spamming.. And I don't think anyone is against the idea of IPv6 in general, but we do have to point out that so many people don't even know how to deal with IPv4 space correctly. IPv6 is great for 'clients' however there is lots of justification to keep server to server communications using IPv4. Just take a loot at the complexity and size of dealing with things like IPTables or RBL's needed to hold lists of attackers.. IPv6 opens up the potential attackers by the same number of scale as compared to IPv4. Thats why this time around a lot of technologies will have to be rethought before they can be effectively used in an IPv6 environment.

Re:spammers

Nothing new in IPv6? How is this insightful?
Try stateless autoconfiguration and mobile IP!

Re:spammers

A bit late in the discussion, but still. I have it you never implemented a TCP/IP stack on a barely capable embedded device, or you would understand why I call v6 a full bloat protocol rewrite.

Even if you implemented the embedded processor, memory, operating system and IP stack in minecraft it would be awesome yet still irrelevant.

I blame IPv6 for being late and more different than strictly necessary which has further delayed its acceptance. Meanwhile NAT and v4 only devices have festered.

Had the committee KISSed, this discussion would have been over 10 years ago at a much lower total cost

Windows and linux had working IPv6 stacks a decade ago and there was working code when the RFCs were published so I don't understand this excuse.

As far as rest of the stack is concerned IPv6 is IPv4 in every way that matters. For everyone who did not implement an IP stack cost centers are almost exclusivly in dealing with consequences of different and expanded address space.

It was not until much later after people began to see the light at the end of the IPv4 tunnel they started getting serious about deploying IPv6. Classic human nature more than anything else lead to the delay.

Re:spammers

[FireFury03]

We currently use around 12 class A networks per year of which there are only 255 in total

Before APNIC ran out of addresses, they were using 1 /8 per month *on their own*.

There aren't a whole lot of companies holding class A networks, so you could at maximum get probably 2 years or so, realistically much less.

I'd support the idea of reclaiming networks to buy more time if I thought it'd work. But ISPs have had *14 years* to get their finger out and implement this stuff, so I can't see why buying an extra year or 2 will do anything but cause them to procrastinate a bit longer. The sad thing is that the only reason why no one has implemented this stuff earlier is because they are mostly interested in short term profits; even though, at the end of the day, the long-term cost would've been lower if everyone had rolled out IPv6 over the natural replacement cycle of equipment instead of having to replace everything in one go.

that's like five better

[Thud457]

Wouldn't you rather wait for IPv11 ?

R.I.P. RIPE

[Idou]

Sorry if you thought there would be something more substantial in the body of this post . . .

Re:ipv6

It's already out there everywhere, and you won't have to do a thing. There are transitional technologies built into several layers to ensure this. You won't be affected unless you're in a position that you're needing to configure a transitional technology to use.

Faggot

OOHHH NOOOOEEESSS!!!11!!!

The sky is falling! It's the end of the world! Your children are going to suffer! Buy gold and get a bunker! If we don't start using IPv6, people are going to die of first world problems!!!!

If you can't tell, I'm sick of the mismanagement of the IPv4 address space, please start using your brains. This is just as bad as seeing posts about that scam bitcoin.

Re:OOHHH NOOOOEEESSS!!!11!!!

[WaffleMonster]

If you can't tell, I'm sick of the mismanagement of the IPv4 address space, please start using your brains. The sky is falling! It's the end of the world! Your children are going to suffer!

Hell no.. I'm saving my brains for the z0mb1e apocalypse!!1!

Once the supply of brraaaiiinnnssss dries up IPv4 should be more than sufficient well into the next millenium.

Make an offer

[markdowling]

There are companies out there with IP allocations from the dawn of time they are not (or should not) be using since most clients don't need fully routed addresses. Time to set a market price on IPv4 addresses. At the right price we might throw one of our two class Cs in the pot - not much, but there's a lot more out there.

Re:Make an offer

[jbolden]

The internet is still growing exponentially better efficiency for the used addresses doesn't buy you much time. Not worth the hassle.

Re:Make an offer

[markdowling]

If that's the case the market price will reflect that. But if you're wrong then the IPv4 crash is staved off a while and some ageing tech companies get a nice shot in the arm cash wise.

Re:Make an offer

[jbolden]

And who pays to replace all the routers that now need much longer routing tables as the address space is even more fragmented?

Re:Make an offer

[doshell]

Geez, why would you set up a market over such a resource as Internet addresses, which are scarce only by accident (i.e., the fact that someone chose the number 32 sometime in the past) and not by sheer necessity? I can understand a market as a way to efficiently allocate resources in the face of scarcity, but artificial scarcity is just evil.

All cool sites are already running IPv6.

[Mikaelk]

Like youtube, google, facebook and slashdot.
ok, all except slashdot.

I have the solution

[Compaqt]

Party-line IP addresses

Yeah, sure, sometimes you might be trying to access /., and end up at teletubbies.com, but, hey, recycling.

Re:I have the solution

We have that.

It is indeed possible to wind up in the wrong place because of it too - especially if you try to access a site by its IP instead of its domain.

Why aren't we on IPv6 yet?

[wvmarle]

Serious question. Why aren't we all on v6?

This is something the ISPs, the upstreams, well the big guys in general have to do. As an end user I couldn't care less. I don't know my IP address (yes I can look it up if really needed). I don't care what it is. I don't care if I'm on v4 or v5 or v6 or whatever. I just want an Internet connection. That's all. Just make sure my web sites resolve - that shouldn't be too hard either, I know there are v4-to-v6 and v.v. tricks.

As a savvy end user, for my home network, I will want to continue to use NAT or something equivalent. I don't want my printer, my desktop, my laptop and my phone that connect to the WiFi to have an externally approachable address. My router is what takes all the incoming connections and then passes on the few that are allowed. Just get me that Internet connection. Preferably in the form of a simple network cable that I can plug into my router, I'll build the network from there.

I don't care much if that incoming cable is using IPv4 or v6. The router takes care of that. OK mine is old, and will need replacement, that's a one time investment and I'm good for the next decade or so.

It's in the same light of my brand new TV (this week finally switched from an old CRT to a spanking new LED) that can receive digital signals. I basically don't care much whether I get an analog or digital signal, I just want to watch TV. Digital image is better, nice. Pretty newsreader is still pretty but now I see all the imperfections on her face. Bummer. Not exactly an improvement there.

Anyway back to IPv6. Why don't ISPs just switch over? Offer the option? Give new subscribers an IPv6 modem/router instead of an IPv4 modem/router, and so slowly move the subscriber base over? They tend to replace those devices every now and then anyway, so why aren't they replacing them with the new IP? It's using the same type of copper wire, doesn't it?

Re:Why aren't we on IPv6 yet?

[Midnight+Thunder]

This is something the ISPs, the upstreams, well the big guys in general have to do. As an end user I couldn't care less.

As an end user you shouldn't have to care, but when the upstream guys haven't done their work and you can't access newpopularsoscialsite.com, which is IPv6 only, then you start getting annoyed and start trawling the net to see why things are broken. The problem is many of up the stream guys, at least in North America, have dropped the ball and aren't even offering options for techs who do care and are interested in being early adopters of native IPv6. Just don't get me started on some of the incompetent replies I have got from some ISPs.

As a savvy end user, for my home network, I will want to continue to use NAT or something equivalent. I don't want my printer, my desktop, my laptop and my phone that connect to the WiFi to have an externally approachable address.

If you configure your devices to only use link-local IPv6 addresses, then there is no reason they will be seen by the outside world. Even then, with a routable IPv6 address you can configure you firewall rules to only expose certain devices to the internet. In the IPv6 world the firewall will be your friend and I believe as it becomes a more important component people will work out ways of making it simpler to configure.

Re:Why aren't we on IPv6 yet?

[Cimexus]

My ISP's done all the above (been using native IPv6 for >2 years), and you're right ... done properly it's transparent to the end user and everything just works as it always has. It was done as an opt-in trial for the first year or so (you just changed your PPP login details from user@isp.net to user@ipv6.isp.net). Then after ironing out any issues, they just turned it on for all new customers by default. The sky hasn't fallen in.

In fact I forget all about IPv6 most of the time, only to be occasionally reminded when I ping/tracert stuff:

C:\>ping www.google.com

Pinging www.google.com [2404:6800:4006:801::1012] with 32 bytes of data:
Reply from 2404:6800:4006:801::1012: time=11ms
Reply from 2404:6800:4006:801::1012: time=11ms
Reply from 2404:6800:4006:801::1012: time=10ms
Reply from 2404:6800:4006:801::1012: time=10ms

Ping statistics for 2404:6800:4006:801::1012:
        Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
        Minimum = 10ms, Maximum = 11ms, Average = 10ms

But yeah, my ISP is in the minority and like you I wonder - why is this the case?

Re:Why aren't we on IPv6 yet?

I would definitely want my printer, desktop, laptop and toaster to have a global IPv6 address!
A correctly configured firewall protects devices on your internal network from intrusion.

Re:Why aren't we on IPv6 yet?

Serious answer. Money.

  No one wants to spend it unless forced, since it will not produce more revenue.

Re:Why aren't we on IPv6 yet?

> As a savvy end user, for my home network, I will want to continue to use NAT or something equivalent. I don't want my printer, my desktop, my laptop and my phone that connect to the WiFi to have an externally approachable address. My router is what takes all the incoming connections and then passes on the few that are allowed.

Just buy a router with actual firewall capabilities. Problem solved, even with IPv6.

Re:Why aren't we on IPv6 yet?

[jbolden]

They are switching over. It takes the ISP years to do a full end to end switch and support it. The first step was phones and that's working. The next is home / small business and almost all the major ISPs have pilot projects running.

Re:Why aren't we on IPv6 yet?

[Chris+Mattern]

Serious question. Why aren't we all on v6?

Serious answer. Are you paying for it? Equipment costs, installation costs, staff costs for design and configuration, and all of it with the boss standing behind you asking, "Why are we spending all this money, again?"

This is something the ISPs, the upstreams, well the big guys in general have to do

It's not something they've had to do so far. If they have to do it in the future, well, they'll do it then.

Re:Why aren't we on IPv6 yet?

[unixisc]

The issue is that a lot of equipment still is not available in native IPv6 mode, such as hardware accelaration for IPv6 in network cards, support for EDGE routers and so on. What's worse - the standard has been in a state of flux, and all the new paradigms in IPv6 are not well understood. As an example, in IPv4, your local addresses serve several purposes - NAT, LAN, and VPNs. When you move to IPv6, there are so many more equivalents to that - which one do you use & when? When do you use link local addresses, as opposed to Site unique addresses? When do you use other scopes such as Organization-local, Admin-local or Site-local addresses?

It's tough to build products around a standard that's still in flux. So while organizations would like to move, the fact that the standards are still not understood well enough doesn't help at all.

Re:Why aren't we on IPv6 yet?

[blind+biker]

As an end user you shouldn't have to care, but when the upstream guys haven't done their work and you can't access newpopularsoscialsite.com, which is IPv6 only, then you start getting annoyed

Hey, you misspelled "newpopularsocialsite.com"!.

Re:Why aren't we on IPv6 yet?

This is something the ISPs, the upstreams, well the big guys in general have to do. As an end user I couldn't care less.

As an end user you shouldn't have to care, but when the upstream guys haven't done their work and you can't access newpopularsoscialsite.com, which is IPv6 only, then you start getting annoyed and start trawling the net to see why things are broken. The problem is many of up the stream guys, at least in North America, have dropped the ball and aren't even offering options for techs who do care and are interested in being early adopters of native IPv6. Just don't get me started on some of the incompetent replies I have got from some ISPs.

As a savvy end user, for my home network, I will want to continue to use NAT or something equivalent. I don't want my printer, my desktop, my laptop and my phone that connect to the WiFi to have an externally approachable address.

If you configure your devices to only use link-local IPv6 addresses, then there is no reason they will be seen by the outside world. Even then, with a routable IPv6 address you can configure you firewall rules to only expose certain devices to the internet. In the IPv6 world the firewall will be your friend and I believe as it becomes a more important component people will work out ways of making it simpler to configure.

Right - you know that using link-local addresses isn't the best idea in the world. It's there only as a stop-gap and some implementations (all implementations) of Linux and MacOS won't natively allow use of it if you have a 2010 address?

NAT is **NOT** a firewall - with end-to-end connectivity, you'll need a FIREWALL that is correctly configured - just like IPv4 prior to this NAT bullshit ever happened.

Re:Why aren't we on IPv6 yet?

[knorthern+knight]

> As an end user you shouldn't have to care, but when the upstream guys haven't done
> their work and you can't access newpopularsoscialsite.com, which is IPv6 only, then you
> start getting annoyed and start trawling the net to see why things are broken.

If it's IPV6-only, it'll be newUNpopularsoscialsite.com. This is a classic chicken+egg problem. ISPs which go IPV6-only first will go broke. Commercial sites which go IPV6-only first will go broke. Sadly, I think it'll take a multi-lateral government-mandated "flag day" to force the switchover. At which point, all the "New World Order" conspiracy nuts will start preaching their theories.

Re:Why aren't we on IPv6 yet?

[Midnight+Thunder]

> As an end user you shouldn't have to care, but when the upstream guys haven't done
> their work and you can't access newpopularsoscialsite.com, which is IPv6 only, then you
> start getting annoyed and start trawling the net to see why things are broken.

If it's IPV6-only, it'll be newUNpopularsoscialsite.com. This is a classic chicken+egg problem. ISPs which go IPV6-only first will go broke. Commercial sites which go IPV6-only first will go broke. Sadly, I think it'll take a multi-lateral government-mandated "flag day" to force the switchover. At which point, all the "New World Order" conspiracy nuts will start preaching their theories.

When there are no IPv4 addressees to allocate then it will become a business decision. Today ISPs should be focusing on providing customers a dual stack solution, that is IPv4 and IPv6 addresses. We will get to a point where a new site simply can't ask for an IPv4 address, because there aren't any to allocate. Sure there will be stop gap solutions, like moving to a hosting provider that does, NAT hacks or pushing http virtual hosting to solve solutions it wasn't intended.

If you consider the chicken IPv4 and the egg IPv6, then take advantage that the chicken is still around to incubate the egg, otherwise you will need to invest in more costly solutions for not having been forward thinking.

Re:Why aren't we on IPv6 yet?

[Midnight+Thunder]

This is something the ISPs, the upstreams, well the big guys in general have to do. As an end user I couldn't care less.

As an end user you shouldn't have to care, but when the upstream guys haven't done their work and you can't access newpopularsoscialsite.com, which is IPv6 only, then you start getting annoyed and start trawling the net to see why things are broken. The problem is many of up the stream guys, at least in North America, have dropped the ball and aren't even offering options for techs who do care and are interested in being early adopters of native IPv6. Just don't get me started on some of the incompetent replies I have got from some ISPs.

Right - you know that using link-local addresses isn't the best idea in the world. It's there only as a stop-gap and some implementations (all implementations) of Linux and MacOS won't natively allow use of it if you have a 2010 address?

NAT is **NOT** a firewall - with end-to-end connectivity, you'll need a FIREWALL that is correctly configured - just like IPv4 prior to this NAT bullshit ever happened.

I never said NAT was a solution - actually I never even mentioned it at all. fe80::/64 type addresses are supported by default on all interfaces and are self assigned. Certainly they won't be accessible by hosts on other subnets, but that is the point - this is not a NAT solution, it is a non-routable IPv6 address range, which not the same thing.

If what you are saying is true, with regard to link local addresses, then this is news to me and I would like some document that backs this up.

Canada will soon be on its own

[Midnight+Thunder]

No Canadian ISP is live or in public trial of IPv6. Contacting most of them reveals that there is no knowledge of even field tests. At least in the USA Comcast has started providing IPv6. Here in Canada we are likely to be banging rocks when it comes to ISP innovation, when everyone has made their sites IPv6 accessible only.

Re:Canada will soon be on its own

rubbish. teksavvy has rolled out full native IPv6 /48 to ALL users of its DSL network on world IPv6 day months ago.
teksavvy.com - probably available in your area if you care to support clueful ISPs.

Re:Canada will soon be on its own

[yabos]

No major ISP has IPv6 here. Teksavvy's is a beta still, you can request to join.

what do you mean, "run out of addresses?"

[Eponymous+Hero]

obligatory xkcd: http://xkcd.com/865/

Re:what do you mean, "run out of addresses?"

[marcosdumay]

That one must be more in-topic.

Re:what do you mean, "run out of addresses?"

[Eponymous+Hero]

maybe if it were 2006. and if it had a better punchline. i like mine better.

I have IPv4 space to spare.

[drwho]

If you have money, come talk to me, we'll make a deal. If you are a non-profit-org, you may attempt to show how worthwhile your cause is and why it needs a /24 or larger.

Re:I have IPv4 space to spare.

[TeknoHog]

Easy for you to say, Mr. Doctor, when you can just policebox back to when 4294967296 addresses was enough for everyone.

IPv6 September

Look Out.

We don't need IPv6!

[Andrio]

Having 4.8×10^28 IP addresses for each person is just plain superfluous. We have about 7 billion, and IPv4 gives us some 4.3 billion IP addresses. So, the solution is obvious. We just need to double the IPs of IPv4, and we'll have everyone covered. We can do that by simply creating a second internet.

Problem solved.

Re:We don't need IPv6!

[Andrio]

4.8x10^28

Re:We don't need IPv6!

Except that the internets then have no way of talking to each other. So hope everybody you want to talk to is your internet. Moreover, you didn't factor in business and multiple computers per person. Also, the reason there are so many addresses in IPv6 is to make routing easy and less CPU/space hungry. Your solution would be the worst case in terms of routing.

TL;DR: Your solution sucks and with a moments thought you should have realized that.

Re:We don't need IPv6!

[jbolden]

And what about phones and other mobile devices? It is not just homes.

And how do these internets talk to one another?

Re:We don't need IPv6!

You're happy having only one IP address per person? I know I'm using about 15, myself, 20 if you count my whole family. Oh, and that's not counting the one(s) I use in the office.

Re:We don't need IPv6!

[MrLizardo]

Bravo sir. I totally fell for it until the last sentence.

Re:We don't need IPv6!

[Beerdood]

Preferably with blackjack and hookers?

Device/OS issues

[SuperKendall]

How many consumer devices a few years ago would have worked properly with a full switch to IPV6?

Even now, surely some stuff consumers still have and use will break - and that's why movement has been slow, because ISP's do not want a ton of support calls.

Re:Device/OS issues

[jbolden]

Most consumer devices still don't support v6. But that's not a problem. Inside the house you run dual stack. Your v4 devices happily live on 192.168.1.x just like they always have. And when they call out they go out a dynamically allocated v4 address which is fine since they use DHCP (at the house level) today.

Re:ipv6

[petermgreen]

An incomplete list of people who will be affected:

1: admins/moderators of interactive websites who find it harder to identify/ban users because of the inevitable rise of ISP level NAT (granted this is already a problem to some degree but is likely to get much worse).
2: users hit by bans aimed at thier shared IP either because the website owner didn't know it was shared or because they decide that the collateral damage is acceptable.
3: users who use software that needs to accept incoming connections on packages that no longer receive a public v4 IP
4: users who need public v4 IPs for services they are hosting and see the prices rise to reflect the market value of IP addresses.

Spinal Tap

[ThatsNotPudding]

"This IP goes to 11 - you know - when you just need those few extra bits." -- Nigel Tufnel

Re:ipv6

[jbolden]

On (1) I think you mean pools. Carriers don't generally use NAT.

On (3) the service can accept a v6 address. That will likely get better. If not generally v6's have the entire v4 space mapped inside a subnet.

On (4) . Yes. Good.

Go Europe

Europe should switch whole-hog to IPv6 and be the canaries in the mine for the rest of us.

Re:Go Europe

[unixisc]

APNIC was there first. You got to test things in China.