Slashdot Mirror
UK's 'Unallocated' IPv4 Block Actually In Use, Not For Sale
jimboh2k writes "The UK may have 16.9 million 'unused' IPv4 addresses but according to the department that owns them, they're not for sale. The Department of Work and Pensions says it would be too expensive to reallocate those addresses and, even if it did, it would not stave off IPv4 address exhaustion by much."
The addresses in question are being used for a new internal government network. Of course, why that project wasn't built using IPv6...
Changing the contract will cost them at least 20% more than the current overrun.
What's so difficult about switching to IPv6 ? I mean where the cost really is ? It is not like I have to buy all of my hardware again, it is mostly a software issue right ?
To me that means they should all be 10.x.x.x, and some IT workers are completely and totally incompetent.
Can only imagine what we would be saying if they had decided to build a new network with ipv6 only and forgo any ipv4 compatibility
Well some old dinosaur US companies or even universities own a full Class A.... do you think they need the address space more than a government ?
IBM CSC Dupont MIT Ford Apple USPS... etc.
see the list at : http://en.wikipedia.org/wiki/List_of_assigned_/8_IPv4_address_blocks
The biggest cost is that getting a sixxs tunnel is a royal pain in the ass as you not only need to set up a linkedin account but write a nice long essay about why you want it. How many people are going to go to that much trouble just to switch to ipv6?
This is how it works in the grown up real world:
1. Governments mandate the switch to IPv6.
2. There is no #2.
3. It's that easy.
Unfortunately we live in a world where the words government and regulation are automatically evil amongst a certain loud and ignorant section of humanity. Companies will also howl and complain about the expense: yes, there is an expense you will take on, in the interest of the Internet still having address space to grow into. Grow up and deal with it, just like the networks did when we went to digital and 16:9, also mandated so there wouldn't be bedlam and babylon.
Imagine that: individuals (which means corporations to some people) FORCED (I said forced, yes) by government (yes, this is ok, you free market fundamentalist freaks) to sacrifice for the benefit of society.
*GASP* Horribbble evil! WHARAGARRBBBL....
Or we can keep dragging our heels and we will be talking about horrible kludges like NAT and an inelegant, hacky Internet address space for 5-10 years. I'm really sick of these stories on Slashdot. I'm not blaming Slashdot, I am sick of the existence of these stories in a community that isn't FORCED to do the brain dead obvious. Because no authority mandates the obvious.
intellectual property law is philosophically incoherent. it is your moral duty to ignore it or sabotage it
Unless all systems attached are on the same subnet... And that plays hell with routing, causes congestion...
There are reasons the 10.x is non-routed. It was aimed at large local networks - like a node cluster.
Sucks when you have to go past a router. That requires routable numbers.
It is also very likely that the project started a long time ago and the department projected the need, then requested and obtained the network.
Well duh, they had a bunch of IPv4 addresses they could use, why not use 'em and save a bunch of hassle?
Company 1 says, "Well, I won't give back my unused addresses because it's not like a few /16s would make much of a difference." /16s would make much of a difference." /16s would make much of a difference." /16s would make much of a difference." /16s would make much of a difference."
...
... /16s would make much of a difference."
... /8s forever wasted because nobody looks beyond their own impact at the big picture. See also: Carbon emissions, littering, everyone else taking the bus, etc.
Company 2 says, "Well, I won't give back my unused addresses because it's not like a few
Company 3 says, "Well, I won't give back my unused addresses because it's not like a few
Company 4 says, "Well, I won't give back my unused addresses because it's not like a few
Company 5 says, "Well, I won't give back my unused addresses because it's not like a few
And 250 companies later
Company 255 says "Well, I won't give back my unused addresses because it's not like a few
And there you have it. A couple
The UK may have 16.9 million 'unused' IPv4 addresses but according to the department that owns them, they're not for sale.
Of course they're not for sale, no one in the department would get any benefit from selling them, and it would be more work if they did. Once the lobbyists get wind of this, someone higher up will get a campaign donation, and the block could be sold.
All ideas^H^H^H^H^Hprocesses in this post are Patent Pending. (as well as the process of patenting all postings)
In years past the problem of running out of ipv4 addresses was a real and major concern.
Nowadays it is less so.
Nobody with current ipv4 addresses NEEDS to switch (with the exception of infrastructure providers.)
If you are adding a HOME network- your equipment will need to match the ISP you use, whatever it is.
If you are adding a business/corporate network- you start OFF with IPv6 and there are few upgrade issues.
If you have old ipv4 hardware, have a block of addresses already issued and are just completing your project NOW, well, keep going- its all your stuff.
I would be more concerned by the fact that it has taken you so long to complete the project.
Sell the block for a billion or whatever it's worth, and use the money to build an IPv6 backbone for UK government services. That in turn would free up more blocks which they could continue to sell and continue to fund the transition with. Or they could sit on them and do nothing until the world switches to IPv6 and there is a glut of IPv4 addresses that nobody is interested in buying.
If you want a free v6 tunnel there are less elitist providers than sixxs. gogo6 (aka freenet6) even offer unauthenticated tunnels for individual machines* so you can just install their software and go.
Still I consider such tunnels as a tool for those who are interested in developing/testing IPv6 and maybe as a stopgap measure for a subset of end users who really need to reach v6 servers. If you are serious about v6 then you should be using a v6 capable ISP.
*If you want a prefix you have to create an account and authenticate to it but afaict creating an account with them is no big deal.
note: i'm known as plugwash most places but i screwd up registering that here somehow in the past and now can't register
I called that one, right here! :p
Why are they using public IPs for an internal network. Thats kinda retarded.
2**24 = 16777216 so where did the extra ~130k IP addresses come from?
Something is escaping me...why do they need a whole /16 with IPv4 public addresses, when nowadays everyone uses RFC 1812 addresses in internal networks?
sixxs dont require a linkedin account (or something changed since i created mine and several friends accounts)
all you need is to say you want to test ipv6 on your home computer (or home network) and put your real info (name, email, etc)... that isnt much different from registering on any website.
Requiring real info is normal, as you will access the internet with their connections, its normal they want real info to contact you or to redirect any police request if you want to use their network for illegal activities
Higuita
It's not difficult any more. Nearly anything worth running has IPv6 support built in.
Nope. It's a man-hours issue. Time is money; if you have people doing things (like reconfiguring networks that run fine on RFC1918 IPv4 address blocks) you have to pay them. Businesses that spend money on IPv6 conversions that aren't necessary are wasting money that could be better spent increasing profitability. There is no ROI on IPv6 for most businesses, only telcos and ISPs can get any return out of it. So nobody else cares.
If you're a startup building out a new network from scratch, you might bother with IPv6. But probably not even then, since you'll have to pay more for techs who are capable of doing it as fast and reliably as IPv4.
Large enterprises rarely permit change for change's sake. There has to be a compelling business advantage or the resources will be better used elsewhere. For example, if your ISP offered IPv6 at a discount over IPv4, then you'd light it up at your edge routers.
I'll take care of re-addressing into a /16 and we'll spit the proceeds of the /8 50/50, OK?
My God, it's Full of Source!
OUTSIDE_IP=$(dig +short my.ip @outsideip.net)
If you're going to grab networks that aren't BGP Advertised, take them all:
7/8 (ARIN)
9/8 (IBM)
11/8 (US Defense)
19/8 (Ford Motor Company)
21/8 (US Defense)
22/8 (US Defense)
25/8 (UK Defense)
26/8 (US Defense)
28/8 (US Defense)
29/8 (US Defense)
30/8 (US Defense)
31/8 (RIPE)
45/8 (Prudential Securities)
102/8 (AFINIC)
104/8 (ARIN)
179/8 (LACNIC)
191/8 (LACNIC)
and when are we going to do someting with 240/4? How many proposals have to be unfulfilled to use this resource when the resource is scarce? (I know, it'll take a while for some vendors to support this)
For those that remember the days before NAT was prevalent, this is what way IP addresses were supposed to be used.
Competition Good, Monopoly Bad.
You know, like the EVERY OTHER FRIGGING NETWORK using IPv4?
jifrjioejrogjeojgeojogthghwtgng;erng;orjhg;hgehrtghewgerhgthiwghgthg;wrtg
I think what people have forgotten here is quite how old the internet is, for how long the British have been involved in it, and how tightly integrated into British government it has been for a long, long time.
I'm sure Slashdotters don't need a history lesson on the origins on the internet; as a cold war military network designed to re-route traffic in the event of a nuclear strike on what would otherwise be single points of failure. What readers might need a reminder on, is the UK aspect of this early history.
Whilst the internet began as a US-only operation, within only a handful of years this had spread to the US' closest NATO ally, the British. Given that even us Brits cheerfully admit that, from a NATO perspective, our island is essentially a 700-mile long aircraft carrier in the North Atlantic that can never be sunk, the involvement of the UK in the early days of the internet should come as no surprise. It's also well known that both American and British universities got in on the act fairly quickly, initially from the perspective of military research; most British universities were either directly addressable or a short hop through a gateway from the internet by the early 1980s. Other close NATO allies, notably the Canadians, ditto.
What's not so well understood is that, as absolutely certain first exchange targets, the British had an extremely highly developed government continuity strategy for nuclear war. Some parts of this have come to minor public attention in the form of amusingly retro nuclear bunkers that have been re-purposed as museums, archives or modern telecoms junction points (look up the codenames Guardian, Anchor and Kingsway) with varying degrees of practicality. There are some very chilling bits like the "Protect and Survive" videos (now on Youtube) that frankly still scare me silly and we'd all rather forget. Further, there other parts such as the RSG Regional Seats of Government which remains partially, or perhaps even largely, obscured by national secrecy (and probably rightly so).
This stuff was set-and-forget, it's original design brief was that you wouldn't be able to call the IT department if the IT department had been killed in the first strike, it had to work and remain working without significant intervention.
Understand that concept - understand that the internet has been at the heart of the most serious British government infrastructure for around 40 years - and you begin to understand why /8 IPV4 address blocks have been, often literally, hard-wired in to the British government. This network was the network we would rely on, to survive. It was the one thing the British government could depend upon. It was the one thing which, when planning IT infrastructure, the government could be absolutely certain about.
Having that level of certainty allowed us to build other infrastructure around it, such as the PSN Public Services Network,
To those arguing that it's just a bunch of router reconfigurations... this is not your piddling little /24 home office network. Nor is it simply a bunch of VPNs linking regional offices over a few leased lines. This is not even one IT-savvy megacorporation like IBM. This is a nuclear-war-proof combined civilian and military network which over 40 years has been integrated into every government department and every local government office in a country of 70 million people. It's in the job centres, the benefits offices, the local tax offices, the post offices, the village doctors' offices. It's throughout public service departments which are staffed by people who, on the whole, are pretty good civil servants but who don't actually have a reason to need to know how it all hangs together, and in the vast majority weren't around when it was plumbed in.
Would this cost more than the value of the address space to reconfigure to 10.x.x.x or IPV6? Crikey, yes, Ten times yes. Magnitudes of scale yes.
Andrew Oakley - www.aoakley.com
... They do not need top end internet addresses.
And 17 million of them?
Why does the government even have that many computers, and why does it sound like this is just one small subnetwork?
Troll is not a replacement for I disagree.
IPv6 will prevail when running v4 becomes more expensive than deploying v6.
The underlying message should come across as: 'These extra ipv4 addresses are going to be used in a government project to spy on all the internet users of the UK.' Get real.
This is slashdot, everybody already knows to use Hurricate Electric.
Hey you UK bastards, ever heard of NAT'ing?
We have more than 200 machines exposed through ONE ipv4 ip# and it works like a charm! Not once have we had a problem with externally initiated traffic going to the wrong place. (external machines can't ping our internal machines and you can't initiate access from an external machine through an ip# but we don't want people doing that anyway and would prevent it if it was possible)
OH, and VPN solves any needs to permanently connect p2p to external machines. Works GREAT with the same old ip# as the rest.
ipv6 is tech for the sake of tech....
sixxs dont require a linkedin account (or something changed since i created mine and several friends accounts)
Indeed SixXS never required a LinkedIn/XING/etc account.
Those links where only requested at the time so that one would get extra credits (ISK) donated to the person when they signed up, they got the credits because they proved a little bit more that they where real (as we, that is SixXS, could check the trust-graph in those websites) and more importantly as the people who did that actually read the signup page, which is something a lot of people clearly do not do even with colorful indicators.
This solved a small catch-22 with people who got flashy new IPv6 enabled routers (read: AVM Fritz!Box at the time) and thus for whom a tunnel alone was not enough. As since the beginning of 2012 the new sixxsd v4 software was deployed, this was not needed anymore as one then automatically has a routed /64 next to the tunnel space.
http://unfix.org
There are actually only few out of the 30.000+ people who signed up with a proper essay, and the ones that did always earn quite a few extra credits for when they actually do write something more than just "I need IPv6".
If you where not able to get a SixXS account you likely just did not read the text on the signup page, most likely then proceeded by providing garbage details which is definitely not accepted and any such request simply gets rejected.
But if you are unable or willing to read the signup page, most likely you won't get IPv6 working either as you'll be doing all kinds of things that will break the configuration, thus reading is essential.
We (SixXS) have tried to make it as easy as possible by bringing AICCU into the world and working together with various vendors though so that they support IPv6 tunnels out of the box, but even then some problems need reading for a bit to get them resolved. Thus if you can't read at signup you likely won't pass for the rest either.
http://unfix.org
Documented verifiable sources you couldn't disprove http://linux.slashdot.org/comments.pl?sid=3110069&cid=41346029 which you ran from, troll.
"Run, Forrest: RUN!!!" (lol) -> http://slashdot.org/comments.pl?sid=3128819&cid=41403489