Slashdot Mirror
RIPE Region Runs Out of IPv4 Addresses
New submitter 8-Track writes "The RIPE NCC, the Regional Internet Registry for Europe, the Middle East and parts of Central Asia, distributed the last blocks of IPv4 address space from the available pool. This means they are now distributing IPv4 address space to Local Internet Registries (LIRs) from the last /8. An ISP may receive one /22 allocation (1,024 IPv4 addresses), even if they can justify a larger allocation. This /22 allocation will only be made to LIRs if they have already received an IPv6 allocation from an upstream LIR or the RIPE NCC. Time to move to IPv6!"
Don't we already have enough people on the internet? Why do we keep encouraging more? :-)
Note: to all you humor-impaired people, the smiley face indicates this is a JOKE.
John
I will soon run out of underwear (I have been told this since 2009). I still have not done anything about it despite holes in them. Count on my continued responsiveness to this problem.
When the foot seeks the place of the head, the line is crossed. Know your place. Keep your place. Be a shoe.
There is no such thing as IPv6. Once we run out of IPv4 addresses, the internet will implode and everything will be lost.
The rapture is here!
Time to crackdown and revoke/reclaim IP's
I hope that this will serve as another incentive to move to IPv6. Allocations by RIPE NCC have already been very conservative over the last year (only allowing you to apply for new IPv4 space for three months of growth), so by the end of the year, there will be a real squeeze at the final customer level. I am lucky in that my ISP provides both IPv4 and native IPv6, so I will not be affected, but very few people are in such a position.
I'm going to wait it out and skip straight from IPv4 to IPv8... IPv6 could be the Windows Vista of the IP world.
Wouldn't you rather wait for IPv11 ?
the preceding comment is my own and in no way reflects the opinion of the Joint Chiefs of Staff
Knocking botnets off the Internet would be annoying for those poor folks who didn't realize their systems had been compromised.
If you can't convince them, convict them.
Sigh. We've been over this countless times. Even if you managed to reclaim all IPv4 ranges that are not being completely used presently, you would buy yourself only a few more months (at current growth rates) until you ran out of addresses again.
I seriously have a hard time trying to understand why so many people on Slashdot seem to be militantly against IPv6. You'd expect more of an allegedly technologically literate audience.
Score: i, Imaginary
The sky is falling! It's the end of the world! Your children are going to suffer! Buy gold and get a bunker! If we don't start using IPv6, people are going to die of first world problems!!!!
If you can't tell, I'm sick of the mismanagement of the IPv4 address space, please start using your brains. This is just as bad as seeing posts about that scam bitcoin.
About seizing IP ranges, I meant looking for entire chunks of IPs that may have been bought by a "business" or "ISP" and then converted wholly into a spam farm. From my point of view, sometimes it feels like there are armies being deliberately built out there. I agree about compromised individuals and don't think it would be practical to go about finding each and every one them, much less enforce any kind of ban.
I doubt it'd help much.
Most spammers don't sit on a single range for a long time, it'd be easy as pie to block. Speaking with first hand experience they'll get some low end basic server/VPS, and multiple IPs across multiple ranges then spam as much as they can till they are caught by the DC or get the ranges blocked.
It's a big red flag when someone asks for a lot of IPs on a low end servers. Either they are a spammer or don't know what they are doing.
DC does not like it since you now have multiple ranges which are blocked by many ISPs and won't be usable by future clients, since there is often a good bit of red tape to get them unblocked and even then it's up to the ISPs discretion.
There are companies out there with IP allocations from the dawn of time they are not (or should not) be using since most clients don't need fully routed addresses. Time to set a market price on IPv4 addresses. At the right price we might throw one of our two class Cs in the pot - not much, but there's a lot more out there.
I'm not at all against IPv6. My perspective is just one of speculative curiosity: If IPv4 addresses were used at 100% efficiency (with inefficiency being defined as malware/botnets/spammers) how much longer would they have?
A little extra time to shake out the bugs from any infrastructure upgrade seems couldn't hurt, too.
Annoying yes, but if that's what has to be done...
People need to exercise some responsibility in securing their PC. You can be ticketed for having a dangerous vehicle that does not conform to road safety standards.
The time wouldnt be used for that though, it would be used to delay the rollout of ipv6.
Just like every excuse out there has been used... sigh
Like youtube, google, facebook and slashdot.
ok, all except slashdot.
Party-line IP addresses
Yeah, sure, sometimes you might be trying to access /., and end up at teletubbies.com, but, hey, recycling.
I'm not a lawyer, but I play one on the Internet. Blog
The problem is we have been hearing we only have a few months left for years now.
Serious question. Why aren't we all on v6?
This is something the ISPs, the upstreams, well the big guys in general have to do. As an end user I couldn't care less. I don't know my IP address (yes I can look it up if really needed). I don't care what it is. I don't care if I'm on v4 or v5 or v6 or whatever. I just want an Internet connection. That's all. Just make sure my web sites resolve - that shouldn't be too hard either, I know there are v4-to-v6 and v.v. tricks.
As a savvy end user, for my home network, I will want to continue to use NAT or something equivalent. I don't want my printer, my desktop, my laptop and my phone that connect to the WiFi to have an externally approachable address. My router is what takes all the incoming connections and then passes on the few that are allowed. Just get me that Internet connection. Preferably in the form of a simple network cable that I can plug into my router, I'll build the network from there.
I don't care much if that incoming cable is using IPv4 or v6. The router takes care of that. OK mine is old, and will need replacement, that's a one time investment and I'm good for the next decade or so.
It's in the same light of my brand new TV (this week finally switched from an old CRT to a spanking new LED) that can receive digital signals. I basically don't care much whether I get an analog or digital signal, I just want to watch TV. Digital image is better, nice. Pretty newsreader is still pretty but now I see all the imperfections on her face. Bummer. Not exactly an improvement there.
Anyway back to IPv6. Why don't ISPs just switch over? Offer the option? Give new subscribers an IPv6 modem/router instead of an IPv4 modem/router, and so slowly move the subscriber base over? They tend to replace those devices every now and then anyway, so why aren't they replacing them with the new IP? It's using the same type of copper wire, doesn't it?
I guess the reason I'm dragging my heels is my complete mystification and annoyance that the designers of IPV6 didn't do something sensible like make some small corner of the V6 address space map to the V4 address space. So instead of being simple and seamless, I have to spend some time fooling around with my equipemnt and software to work around that omission. A pox on the designer's heads.
No Canadian ISP is live or in public trial of IPv6. Contacting most of them reveals that there is no knowledge of even field tests. At least in the USA Comcast has started providing IPv6. Here in Canada we are likely to be banging rocks when it comes to ISP innovation, when everyone has made their sites IPv6 accessible only.
Jumpstart the tartan drive.
obligatory xkcd: http://xkcd.com/865/
insensitive clod overlords obligatory xkcd car analogy russian reversals whoosh pedant fanbois ftfy in 3...2...1..PROFIT
If you have money, come talk to me, we'll make a deal. If you are a non-profit-org, you may attempt to show how worthwhile your cause is and why it needs a /24 or larger.
Having 4.8×10^28 IP addresses for each person is just plain superfluous. We have about 7 billion, and IPv4 gives us some 4.3 billion IP addresses. So, the solution is obvious. We just need to double the IPs of IPv4, and we'll have everyone covered. We can do that by simply creating a second internet.
Problem solved.
The Internet King? I wonder if he could provide faster nudity.
100% efficiency is unrealistic. Once the HD-ratio reaches 80-90% the administrative overhead and routing overhead becomes problematic. I think IPv4 by now has been pushed over 90%, and the problems are showing. With 32 bit addresses an HD ratio of 90% means we can effectively use about 29 bits. In terms of addresses, IPv4 has about 3.7 billion addresses (once you take into account, that some are reserved). Now raise that to the power of 0.9 to find out how many you can use at a 90% HD ratio. 3700000000^0.9=408678275. So just over 400 million devices at 90% efficiency.
There may be people who tell you, that 90% efficiency would mean 3700000000*0.9. Those who says that, do not understand the problems they are talking about. HD ratio indicates how efficiently the bits in the addresses are used and not the number of addresses themselves. And the HD ratio turns out to be a much better measure to predict what is feasible.
Do you care about the security of your wireless mouse?
Bullshit. I have followed IPv4 exhaustion in detail for the last 5 years. The prediction was always that IPv4 will run out at the global level between 2010 and 2013 (it happened in February 2011), and run out at the regional level in the years after that (it happened in April 2011 in Asia-Pacific and today in Europe-Middle East). So no surprises at all. If you are a European ISP, and you stuck to the rules of RIPE NCC, you now have IPv4 stocks that should satisfy your growth needs for the next three months. After that, you cannot grow your network anymore without resorting to the mess that CGN is.
IPv6 is incredibly confusing. I know how to set up a subnet for 172.20.18.0/24. Subnetting DEAD:BEEF:FEED:BEAD::1/56 is nonsense.
Keep on knockin'
https://robbiecrash.me
Guess what, they did: ::FFFF:111.222.111.222 is IPv6 for 111.222.111.222. But you still need to "fool around" with equipment because there is no way that an IPv4-only device can address an IPv6 device.
How many consumer devices a few years ago would have worked properly with a full switch to IPV6?
Even now, surely some stuff consumers still have and use will break - and that's why movement has been slow, because ISP's do not want a ton of support calls.
"There is more worth loving than we have strength to love." - Brian Jay Stanley
I'm 'against' IPv6 because it's a full bloat protocol rewrite instead of simple extension of IPv4. The latter would have been accepted and implemented much quicker, on a larger scale and at much less cost. In a way you could look at NAT as such an extension, one of its existential reasons being that IPv4 addresses always have been in scarce supply to anyone but the original colonizers of the void.
Yes, I know, there are other advantages advertised for IPv6. They must be really small given the lack of interest.
Flourescent (adj): smelling like ground wheat.
An incomplete list of people who will be affected:
1: admins/moderators of interactive websites who find it harder to identify/ban users because of the inevitable rise of ISP level NAT (granted this is already a problem to some degree but is likely to get much worse).
2: users hit by bans aimed at thier shared IP either because the website owner didn't know it was shared or because they decide that the collateral damage is acceptable.
3: users who use software that needs to accept incoming connections on packages that no longer receive a public v4 IP
4: users who need public v4 IPs for services they are hosting and see the prices rise to reflect the market value of IP addresses.
note: i'm known as plugwash most places but i screwd up registering that here somehow in the past and now can't register
>About seizing IP ranges, I meant looking for entire chunks of IPs that may have been bought by a "business" or "ISP" and then converted wholly into a spam farm
Nobody buys IP ranges to open a spam farm. Ever.
> From my point of view, sometimes it feels like there are armies being deliberately built out there.
Welcome to 10 years ago.
> I agree about compromised individuals
That's what a botnet is, millions of compromised individual machines not even from the same IP range, because IP range when building your botnet means fuckall.
Command and control is typically done through IRC. Although this is changing to a distributed model via p2p where any machine in the botnet can be a c&c node.
Why buy an IP range and populate it with machines you have to buy when you can just load a trojan in with a popular software package and upload it to a bazillion torrent sites and let people install your botnet for you? Or buy adspace and propagate via driveby-install?
Your information on spam and botnets is outdated. I used to hang out on news.admin.net-abuse.email and actively fight spam until the botnets showed up. Then I gave up. Knocking them off the net one-by-one became an example of "shoveling shit against the tide" as my dad says.
--
BMO
No, it isn't. It's easy. *Everything* is a /64 unless you have a really good reason why not. You should get at least a /56 for each site, for anything remotely "business-grade" a /48. You really don't have to care about numbers of hosts at all - start thinking in terms of what *networks* you need, how many of them, what your *subnet* addressing plan should look like...
It's not just more bits, it's a mindset-shift in how you design networks.
I don't know where you get that IPv6 is a "full protocol rewrite" of IPv4. For the most part it does exactly the same as IPv4 except with more address bits, and in some cases it even simplifies its predecessor (e.g. no IP header checksum). Any person able to understand or implement IPv4 ought to be able to understand or implement IPv6, because there are no fundamentally new concepts. (I would venture that most people who criticise IPv6 don't even understand fully what IPv4 does, so they don't really know what they're talking about.)
I am also interested in hearing what a "simple extension of IPv4" would be, in your opinion. Odds are you will propose something to the tune of keeping the original IPv4 header and semantics, and tacking some extra address bits at the end. Except in that case you'd still have to teach every fucking router and end system in the world how to decode the new-fangled packets, which is not any different from IPv6 from a cost perspective. You might as well do it right and fix some of IPv4's warts (header checksum, autoconfiguration, node mobility, etc) instead of applying a band-aid solution.
NAT is hardly an acceptable extension of the IPv4 addressing space because NATted clients do not have the same capabilities of non-NATted clients. (Yes, I know about hole-punching techniques; they do not solve the problem fully, and in respect to what they do, they are defeated by many real-world NAT implementations.) If you don't understand the importance of this, I encourage you to read about the end-to-end principle. Finally, it is ludicrous to suggest that implementing NAT at the scale that will be required by the ever-growing Internet would be any cheaper than IPv6. Carrier-grade NAT doesn't exactly come for free.
Score: i, Imaginary
"This IP goes to 11 - you know - when you just need those few extra bits." -- Nigel Tufnel
Just about every statistic you might want to know about IPv4 allocations is at http://www.potaroo.net/tools/ipv4/
Yes, that first graph predicts that ARIN (North America) will be down to the last /8 sometime during the first quarter of 2013 (like RIPE is now and APNIC has been since April 2011).
Reserved, unadvertised and pool addresses total 101 times 2^24 addresses. The last five years have seen the number of allocated addresses grow roughly by 10 times 2^24 addresses per year. Reclaiming unused address space and using all previously reserved address space could prolong the suffering another 10 years, but most of the unadvertised addresses are in legacy allocations with unclear legal status (these addresses may well be unreclaimable) and using the reserved addresses as unicast addresses would cause clashes with hard coded expectations. 2013 will either be the year the big networks start to put their users behind NAT or it will be the year of IPv6 entering the mainstream. I expect the former.
On (1) I think you mean pools. Carriers don't generally use NAT.
On (3) the service can accept a v6 address. That will likely get better. If not generally v6's have the entire v4 space mapped inside a subnet.
On (4) . Yes. Good.
how much longer would they have?
We currently use around 12 class A networks per year of which there are only 255 in total (many of which are unrelocatable due to being reserved for localhost, multicast and so on) . Whenever you hear people complaining about IBM or whoever holding a large chunk of IP addresses, that refers to a single class A network. So getting IBM, HP or Xerox to restructure their network and give back their IPs would buy you one month each time. There aren't a whole lot of companies holding class A networks, so you could at maximum get probably 2 years or so, realistically much less.
A little extra time to shake out the bugs from any infrastructure upgrade seems couldn't hurt, too.
We already had 14 years to do that, another one or two won't make a difference. IPv6 doesn't need time, it needs something that forces people to make the switch, running out of IPv4 seems to slowly building up to be that force.
It is exponential growth. Drastic measures that would make routing a huge mess (well beyond what today's routers can handle in terms of table complexity without latency skyrocketing) but you a few months extra worth of IPv4 addresses.
Actually they did. You setup a v4 anywhere in your v6 subnet and map to it. It is a local mapping though so that routing remains v6 only.
I understand why people are against IPv6.
Imagine I am an Internet Provider Owner. If there are not enough IP addresses, I can sell them for a high price. I can tell people :Look at the /. article that says there are no more IP addresses, so if you want a fixed IP address, you need to pay 50EUR/USD per month.
Obviously smart people, like ourselves, know that this is bullshit, because any used IP address is one used, regardless if it is fixed or not.
So what happens if they are really all used? They will put people on local networks. People will get a 10.x IP address. and are forced to pay for IP addresses and more then just 50EUR per month.
That means a lot more extra income and all this because they did nothing and did not invest anything.
As an Internet Provider Owner, I could invest in IPv6 hardware and give away my excuse why I charge extra for a fixed IP.
What would you think I am interested in? IPv4 or IPv6.
Oh and the 50EUR per month is not something I just made up. I looked a while back at price differences between end user subscriptions and business ones, I factored in speed, amount of extra services and such, until the only difference left was the fixed IP address. That was around 65EUR, so I rounded it down a bit, even though the end user had higher speed (8Mb vs 3Mb)
Don't fight for your country, if your country does not fight for you.
Okay, I apologise if my post came out as harsh (since you are not against IPv6, it wasn't really directed to you).
In regard to your question, I propose the following thought experiment: it seems at the point of IPv4 address exhaustion, IANA had been burning through about twenty /8's per year (source). Now, I know that addresses allocated by IANA are not immediately used by the RIRs, but I think we can safely assume that it's only a lag effect, since RIRs are not allowed to request more addresses from IANA unless they have used past allocations to a certain degree. So suppose that all 256 /8's in the IPv4 addressing space were usable (some are not, for various reasons) and that, due to address squatting, spammers or whatnot, half of the currently used addresses could reasonably be reclaimed. There are rougly 221 /8's usable for general-purpose addressing, so we are talking about roughly 110 /8's worth to be reclaimed. At an allocation rate of 20 /8's per year, you would be buying little more than 5 years. And, obviously, the fraction of reclaimable space is likely much smaller.
I should note that the crux of the above argument is that the allocation rate never slows down. (In fact, it has been increasing along the years.) We all should know that exponential growth processes cannot last forever in a finite world. However, considering that the world's population almost doubles the size of the IPv4 addressing space, and that in some regions of the globe there is already more than a single device per inhabitant connected to the Internet, I seriously doubt we are anywhere near the point where the growth curve flattens. There is a real need for a much larger address space.
One final thought: an Internet where every single IPv4 address does not go to waste is probably difficult to achieve for technical reasons. IP addresses do not serve only to identify particular machines; they are used to route packets to them, and the way we do that is by having the addresses of "nearby" machines share a common prefix. That way, routers on the Internet only have to store a handful (some thousands, perhaps) of prefixes in their routing tables, instead of a dedicated entry for every machine connected to the Internet. So there is also a case for a larger addressing space in that it allows you to keep the Internet routing table size small by making sure that you can still assign "nearby" addresses to "nearby" machines throughout the future.
Score: i, Imaginary
I'd be happy if I got an IPv6 address with 81:68:00:81:35 somewhere in it.
They did do that (as one of the other replies points out). What I think you fail to grasp is that, no matter how "backwards-compliant" your extension is, you still have to teach everyone how to talk to the new-fangled addressed outside the original space, not just the machines that happen to be assigned the new-fangled addresses.
Score: i, Imaginary
No, they will probably be selling them to the highest bidder.
New things are always on the horizon
That's what the HD-ratio is all about. The HD-ratio is a measurement of what percentage of the bits in the address you can efficiently use. It turns out in practice that things tend to go well if the HD-ratio is less than 80%, between 80% and 90% is where you plan how to extent the address space, and if you go above 90% it means your plan failed.
Do you care about the security of your wireless mouse?
APNIC was there first. You got to test things in China.
That might actually be a mistake in the graph. Compare the graph of actual consumption and the extrapolation (the fat curve, and the thin line of same colour). I find the extrapolation to match fairly well with data between 2008 and 2011, but not matching all that well in 2012. And the date predicted at the top of the page doesn't say first quarter, rather it says 24th of August 2013.
Unadvertised does not even have to mean unused. It can be in use on internal networks with computers that need access to both the internal addresses and the Internet. Thus you cannot reclaim them without introducing conflicts. And you cannot expect those networks to renumber into RFC1918 addresses, as that can introduce other conflicts. There is a reason why IPv6 did not blindly copy the principles from RFC1918. If you look at RFC 4193 you'll find it actually takes measures to avoid collisions. Achieving the same with IPv4 is just not feasible. Even if you wanted to use some of the reclaimed addresses to introduce new RFC1918-like addresses, you'd increase the consumption while the renumbering is in progress. But that's not going to work either, because you'd have to have such renumbering completed before IANA ran out.
One does not rule out the other. If any ISP was to deploy CGN without native IPv6, they deserve to go out of business as users migrate to a serious Internet provider.
Do you care about the security of your wireless mouse?
You can get one today. Just get a /48 through a tunnel provider. Then if your tunnel prefix was for example 2001:db8:dead::/48, then you can use 2001:db8:dead:81:68:00:81:35 however you like.
Do you care about the security of your wireless mouse?
It could end up being more than one year. Two years or more sounds unlikely, unless the IPv6 transition is speeding up a lot. RIPE running out of IPv4 addresses does have the potential to speed up the transition, also in other parts of the world. It doesn't matter if people in Canada can still get IPv4 addresses, if they need to communicate with people in Europe, who cannot.
I am still guessing that ARIN will run out. But three out of five RIRs running out might just be enough to get IPv6 going fast enough that IPv4 usage peaks before LACNIC runs out.
Do you care about the security of your wireless mouse?
A bit late in the discussion, but still. I have it you never implemented a TCP/IP stack on a barely capable embedded device, or you would understand why I call v6 a full bloat protocol rewrite.
As to NAT, that was just an example to demonstrate how a way to deal with IP address shortage cut short the long-in-the-teeth v6, partly because of its zero rewrite costs and partly because it was timely. I'm fully aware of its shortcomings.
I blame IPv6 for being late and more different than strictly necessary which has further delayed its acceptance. Meanwhile NAT and v4 only devices have festered.
Had the committee KISSed, this discussion would have been over 10 years ago at a much lower total cost.
Flourescent (adj): smelling like ground wheat.
It's been discussed here several times on this topic of IPv4 -> IPv6: there is no 'simple extension' of IPv4. Let's say they had decided to go from a 32-bit address to a 40-bit address, and kept the format the same, as 255.255.255.255.255, there would still have been the same problems - all networking equipment worldwide would have needed upgrades to support this 'simple extension'. It would have been every bit as costly as it is now.
It was in recognition of this reality that the IETF decided to pack in all possible improvements to the IP protocol that they figured, starting w/ expanding the address field such that networking gear would never again need to be replaced due to protocol changes. I agree that some of the definitions were not well thought out, or not implemented properly, but the IETF did take a bold step in that direction. Once this transition is done, getting public IP addresses for anything would be a piece of cake.
Indeed, I haven't. I take it you have. Could you elaborate? Is the bloat due to having to support a dual stack on a tiny device, or are there concrete features/quirks in IPv6 that are difficult to implement in a constrained device? Pointers would be okay; I searched the web but nothing terribly relevant turned up.
Score: i, Imaginary
Actually, it isn't just a few thousand, there are /17's used primarily for spamming.. And I don't think anyone is against the idea of IPv6 in general, but we do have to point out that so many people don't even know how to deal with IPv4 space correctly. IPv6 is great for 'clients' however there is lots of justification to keep server to server communications using IPv4. Just take a loot at the complexity and size of dealing with things like IPTables or RBL's needed to hold lists of attackers.. IPv6 opens up the potential attackers by the same number of scale as compared to IPv4. Thats why this time around a lot of technologies will have to be rethought before they can be effectively used in an IPv6 environment.
We currently use around 12 class A networks per year of which there are only 255 in total
Before APNIC ran out of addresses, they were using 1 /8 per month *on their own*.
There aren't a whole lot of companies holding class A networks, so you could at maximum get probably 2 years or so, realistically much less.
I'd support the idea of reclaiming networks to buy more time if I thought it'd work. But ISPs have had *14 years* to get their finger out and implement this stuff, so I can't see why buying an extra year or 2 will do anything but cause them to procrastinate a bit longer. The sad thing is that the only reason why no one has implemented this stuff earlier is because they are mostly interested in short term profits; even though, at the end of the day, the long-term cost would've been lower if everyone had rolled out IPv6 over the natural replacement cycle of equipment instead of having to replace everything in one go.
http://blog.nexusuk.org