Slashdot Mirror

← Back to Stories (view on slashdot.org)

Microsoft Runs Out of US Address Space For Azure, Taps Its Global IPv4 Stock

Posted by timothy on from the one-on-every-desktop dept.

alphadogg (971356) writes "Microsoft has been forced to start using its global stock of IPv4 addresses to keep its Azure cloud service afloat in the U.S., highlighting the growing importance of making the shift to IP version 6. The newer version of the Internet Protocol adds an almost inexhaustible number of addresses thanks to a 128-bit long address field, compared to the 32 bits used by version 4. The IPv4 address space has been fully assigned in the U.S., meaning there are no additional addresses available, Microsoft said in a blog post earlier this week. This requires the company to use the IPv4 address space available to it globally for new services, it said."

29 of 250 comments (clear)

  1. So after years of panic... by houstonbofh · · Score: 5, Funny

    So after years of panic, someone finally ran out of IPs. No, wait a minute... They still didn't.

    1. Re:So after years of panic... by Tim+the+Gecko · · Score: 4, Insightful

      "Years of procrastination" might be a better description than "years of panic". Putting off action is my favorite strategy too, but I've heard it doesn't work forever.

    2. Re:So after years of panic... by spectrokid · · Score: 4, Funny

      but the routing tables once more become more complicated. Shit starts slowing down, there is more room for mistakes in BGP. With all the routers having to do more calculations a gazillion times a day, shit starts using more power. That is right: our refusal to move to IPV6 is increasing our emission of greenhouse gasses

      --

      10 ?"Hello World" life was simple then

    3. Re:So after years of panic... by The+New+Guy+2.0 · · Score: 2

      While one IP address is all a house needs when NAT is available... you're essentially creating a 56-bit IP+NAT address for each device in your house. The IP address indicating which wire in the city the connection goes to, and the NAT address indicating which machine on the house needs.

      But datacenter customers want their service to have an IP address that's strictly theirs... and if every person has an apartment and a server somewhere, you see where this is going.

    4. Re:So after years of panic... by tehlinux · · Score: 5, Funny

      I think the headline was meant to point out that people are actually using azure...

      --
      Most linux users don't know this, but the man pages were named after Chuck Norris. Chuck Norris fsck'ing hates noobs!
    5. Re:So after years of panic... by statemachine · · Score: 3, Informative

      Yes, having 2^128 addresses will make routing so much simpler.

      Indeed, it will. All IPv6 addresses are regional. There won't be any subnets split across continents.

    6. Re:So after years of panic... by wolrahnaes · · Score: 2

      Well 44.0.0.0/8 is entirely allocated for amateur radio use, so it's a slightly different situation. It was allocated back when IPs were given away willy-nilly and is so randomly utilized that condensing the space and recovering any of it would be an interesting proposition.

      Packet radio is so niche that that particular subnet will probably never even get close to full, so there's no harm in you still having your chunk.

      --
      I used to get high on life, but I developed a tolerance. Now I need something stronger.
    7. Re:So after years of panic... by dbIII · · Score: 3, Interesting

      Maybe not - the physical embodiment of IPv7 is really scary in fiction :)
      http://en.wikipedia.org/wiki/Serial_Experiments_Lain

    8. Re: So after years of panic... by Roger+Lindsjo · · Score: 2

      I heard that too. Will have to look into it later.

  2. OR by v1 · · Score: 4, Interesting

    there are no additional addresses available, Microsoft said in a blog post earlier this week. This requires the company to use the IPv4 address space available to it globally for new services,

    OR they could migrate those services to IPv6??

    Considering how much bashing MS gets for not being a leader, this would have made a really good opportunity for them.

    (I hate it when people say they're doing something because they were "forced" or "had no choice", when in reality, they had aa choice, they made a choice, and now don't want to take ownership of the outcome)

    --
    I work for the Department of Redundancy Department.
    1. Re:OR by petermgreen · · Score: 2

      OR they could migrate those services to IPv6??

      The last estimates I saw were that 50% of users were unable to access ipv6 only services. Many of the 50% who can will be using a fragile tunneling protocol that fights nat rather than working with it.

      So services that need to be accessible to the general public need to be accessible on IPv4.

      (I hate it when people say they're doing something because they were "forced" or "had no choice", when in reality, they had aa choice, they made a choice, and now don't want to take ownership of the outcome)

      Of course sometimes there are no good choices, a growing hosting provider with an address shortage has to choose between grubbing together ipv4 addresses from whereever they can (causing routing table fragmentation, innaccurate gelocation and possiblly security problems) and watching their customers run off to someone who can give them the IPv4 addreses they require.

      Where does one draw the line on "not having a choice"? is it where the other choices would be illegal? is it where all the other choices would be commercial suicide for the buisness division in question? is it somewhere else?

      --
      note: i'm known as plugwash most places but i screwd up registering that here somehow in the past and now can't register
    2. Re:OR by petermgreen · · Score: 4, Informative

      At the top level the major transit networks support IPv6 and most of them have for years.
      At the bottom level the end devices mostly support IPv6 though XP systems (which are still scarilly common) have it disabled by default

      The problem comes in the middle, access providers and corporate network operators need to do the work to give the IPv6 capable devices they and their customers own access to the IPv6 internet. Many of them don't see doing so as a priority.

      MS implemented a protocol called teredo to work arround this but it's fragile because it fights nat rather than working with it. It's also disabled by default on networks where a domain controller is detected (presumablly because MS didn't want to be accused of subverting corporate firewalls).

      Most operating systems will preffer IPv6 when a native v6 connection is available and yet the ipv6 traffic as reported by the likes of google is in the single digit percentages.

      Unfortunately I'm struggling to find good stats on how many users can access v6 only resources even though they preffer v4. Test-ipv6 has some stats but I don't consider them representitive of normal users. I remember seeing some stats a while back that said it was about half but I don't remember where

      --
      note: i'm known as plugwash most places but i screwd up registering that here somehow in the past and now can't register
    3. Re:OR by marka63 · · Score: 2

      About 3.5% of Google's traffic is IPv6. This is more than double what it was last year at this time. If the grow continues on this curve we will be at 10% within a year and a half. This sort of traffic is more than enough for sites to enable IPv6.

      If you can enable IPv6 at home over 50% of typical home usage is IPv6 (Google and FaceBook). There is no reason for Consumer ISP's to not enable IPv6 as there is enough volume to make it worthwhile.

  3. Re:Not sure what they mean... by Enry · · Score: 5, Interesting

    It means that when I deployed a new virtual desktop in Azure and specified "East US" as the data center location, services that looked at the IP address thought I was in Brazil or Germany. Which played hell with Google when I started Chrome because it customized the language for the area it thought I was in. That explains a lot.

  4. Re:Not sure what they mean... by xfade551 · · Score: 2

    I pretty sure this just means Microsoft ran out of IPv4 addresses that they bought for the specific purpose of their Azure service, so they are now "borrowing" addresses from their other address pools. This also means their Azure services are no longer one continuous block of addresses.

  5. Re:Not sure what they mean... by The+New+Guy+2.0 · · Score: 5, Informative

    IP blocks are meant to be a drill-down system. For example, 128.230.x.x is indicates it's on the Syracuse University campus.... with the 16 bits worth of addresses being spread out so that a specific x in the third position would indicate what building to send the packet to.

    Microsoft's problem here is that their Azure service has used every one of the IP addresses allocated to it... and Microsoft doesn't have any subnets remaining in the "USA Block" of their IP addresses... so they have to move IPs that would have been used overseas back into the Azure datacenter. As IPv4 continues to be used we're going to start to see more of these "we're running out!" stories.

  6. It's never... by Virtucon · · Score: 3, Funny

    It's never to late to procrastinate.

    --
    Harrison's Postulate - "For every action there is an equal and opposite criticism"
  7. Re:Not sure what they mean... by Opportunist · · Score: 5, Funny

    If you called MS support you would have learned that you should have used Internet Explorer, not Chrome!

    --
    We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
  8. Re:will geolocation work now? by Em+Adespoton · · Score: 2

    I tried to use Azure, but all of my EU-hosted virtual machines geolocated to US, and I wanted none of that.

    Well, now you have a random chance of geolocating to the EU (or S America, or somewhere else)....

    It would have made more sense for them to use the EU blocks they owned to host Azure EU services, but they just used their US Azure block until it was full.

    One other thing this breaks, is that before you could set up a VPN service on local Azure and the world would think you were in the US. Now it's going to be the reverse. This will break any Azure services that are pulling data only allowed to those in the US.

  9. Re:Not sure what they mean... by aix+tom · · Score: 5, Insightful

    That is one of Googles great stupidities.

    Just because I log in I via a French public hotspot, or a Dutch customers WLAN, doesn't mean I now magically speak French or Dutch, so why does Google switch everything to French and Dutch, despite all my OS and Browser settings still indicating German as primary language, with English as fallback?

  10. Re:I'm gonna assign a unique IP address to each at by stoploss · · Score: 2

    Amazingly IPv6 will be sufficient for a long time:

    2^128 IPv6 addresses * (1 atom / address) / (7*10^27 atoms/human) = 48 billion humans.

    Actually, why not solve it for all time? Given the estimate of 10^80 particles in the universe, then moving to 266 bit addressing (i.e. 80/log(2)) would allow each particle to be addressed individually. Bumping to 512 bit addressing would accommodate the typical logical addressing inefficiencies.

  11. Re:IP numbers are terrible by ledow · · Score: 2

    Because, for 90% of business, the only guy who needs to care about the IP address is the IT department.

    And they rarely deal with IP addresses and when they do it's mostly copy/paste from some spreadsheet or management program.

    Nobody cares what the IP is, nobody memorises what the IP is (maybe fleetingly to type it in somewhere else, but pretty much that's a one-time thing. DHCP takes away all internal IP management apart from the occasional fixed static which is no worse than having asset numbers (which you still have to deal with).

    As such, memorable IP numbering is not the problem. Never was. I don't know what the IP is of my external servers, I don't really care. I have them somewhere, no doubt, but who cares? You point the DNS at it once and you're done. You allocate the lease pool and you're done. About the only IP number the average IT team must know are the DNS servers and the default gateway (which is usually .1 for reasons that have everything to do with ease of remembering).

    Large corporations don't have a guy memorising the IP's. If anything, they are even more in the dark about exactly what IP's they have and they use, because they never see them except in some asset management program.

    When you go to IPv6, it's even less important. Just forget about it. Stick the IPv6 of your DNS into your DHCP servers and you NEVER have to know a single IPv6 address again. In fact, a lot of setups I've seen have this without even knowing - you can be running IPv6 without even realising until something goes wrong and you spot an IPv6 address.

    Stop the damn excuses. Deploy IPv6. You want that many IP's, you need to have unwieldy numberings. If you want to assign, say, an alphanumeric code instead of a purely numeric one, it only helps for so long (and we'd have put all our IPv4's into hexadecimal if it didn't).

    Nobody cares about SID's, MAC's, GUID's, UUID's, etc. and they are just as long. Get in the real world - where it DOES NOT MATTER how long the data is, your setup just uses technologies and protocols available today to make them memorable where they need to be.

  12. Re:Not sure what they mean... by TheRaven64 · · Score: 3, Insightful

    If only your browser sent a header telling the server what your preferred language was. Oh, wait, it does, and Google still thinks that I want to go to their Japanese page when I'm in Japan. One of the many reasons I switched to DuckDuckGo a few years ago...

    --
    I am TheRaven on Soylent News
  13. Re:I'm gonna assign a unique IP address to each at by TheRaven64 · · Score: 2

    Hopefully everyone in this thread is joking, but it's worth noting that it's not quite that clear cut. The smallest assignment that an ISP can hand out is a /64, so you can really only have 2^64 sites. IPv6 has 2^128 addresses, but a lot of the design works around having sparse routing tables. You really want each /64 to correspond to a broadcast domain, and you don't want to fragment the routing tables too much to get to the /64, so you've actually got a lot fewer addresses. A /64 per human is not enough to assign one IP per atom in the person, but it likely is enough for every device that a person may reasonably want to own and give an IP to, even if that person has a lot of injected sensor nodes.

    --
    I am TheRaven on Soylent News
  14. Global Warming and IP Address Exhaustion by statemachine · · Score: 3, Insightful

    I think the deniers are the same people, with the same arguments.

    It's easy to spot the people who don't know what they're talking about. Over the last few days:

    1) Just re-assign multicast!
    2) Hey, they don't appear to be using those addresses, let's take those!
    3) Double/Triple-NAT is good enough for me and everyone else!
    4) Let's give out one IP address to everyone and we'll be set for awhile!
    5) Let's make a new protocol!
    6) IPv6 addresses are too big to remember!
    7) You just need to sell it better!

    All of those show fundamental misunderstandings about networking. And that part is OK. The problem is that people think they know about flying a plane because they've flown a paper airplane.

    Calm down people. Stop trying to barge into the cockpit.

  15. That's going to screw up the map. by saccade.com · · Score: 4, Funny

    Leave it to Microsoft to screw up the map.

  16. Re:"almost inexhaustible number" by Dagger2 · · Score: 2

    No we won't. Anybody who thinks this doesn't understand how large 2^128 is.

    (If you disagree with me, try to back it up with actual numbers.)

  17. My grand conspiracy theory by rabtech · · Score: 3, Insightful

    Many end users have IPv6 support. Many servers are capable of it. The issue is mostly the US ISPs and middle-tier transit providers dragging their feet. My systems all support IPv6, my m0n0wall box supports it, but neither of the two ISPs I can buy service from support it. In fact they won't sell it to me even if I offer to pay extra money for it!

    My pet theory is that Verizon et al wants to convert IPv4 address space into a "resource" they can buy/sell/trade. A bunch of lawyers and MBAs are rubbing their greedy fingers together, hoping we stay in a "resource shortage" for as long as possible.

    We could switch over, probably within a year or two, but it would take a government-imposed mandate to force people to stop screwing around and make the change.

    --
    Natural != (nontoxic || beneficial)
  18. Don't Panic! by jbgeek · · Score: 4, Informative

    Don't Panic, or be afraid of IPv6.

    People often talk of "switching" to IPv6. One does not "switch". You simply deploy it alongside IPv4. Right now my home network is happily running IPv4 and IPv6 at the same time, called a "dual-stack" environment. This sort of set up will be common for decades until IPv4 use dwindles to nothing, and people start turning it off.

    Nearly all operating systems and devices supporting IPv6 have it turned on by default, so you're already running IPv6. You just don't have globally routable addresses assigned (most likely). You could actually use ping (windows) and ping6 (*nix) to ping other hosts on your LAN using link local addresses, which have automatically been assigned (see those addresses starting with fe80 on all of your interfaces?), if you knew how, right now. :-)

    If you know IPv4 routing and subnetting, you already know most of what you need to know about IPv6. Except that IPv6 is simpler since there's no need to NAT. Just set up your firewall exactly as you would under IPv4 (same security policy), minus the NAT. Subnetting is also simpler, with no need to fret over "right sizing" your subnets so they're "just big enough" and don't use too much of your precious IPv4 space. Just assign a /64 out of your /48 (businesses will be easily be able to request multiple /48s) and you're done. Never run out of host numbers, or subnets.

    Some folks are frightened by the use of hexadecimal for IPv6 addresses. No need to fret. It makes sense, and would have made sense for IPv4 also. Hex for IPv6 not only makes the IPv6 addresses more compact., it's also far easier to translate hex into binary, and work with prefix-lengths than decimal IPv4 address are. I can do it in my head all day with no issue. All you have to do is memorize 16 bin patterns from 0000 to 1111, each represents a hex digit from 0 - F. Piece of cake. No more annoying math and base conversion to try to figure out which subnet some IPv6 address belongs to like with IPv4. No more subnet masks either (which are also decimal), instead, just prefix lengths (although this is also true of IPv4 with CIDR, adopted long ago, many user interfaces still require a netmask for IPv4 instead of just a /prefix-length, sigh).

    Anyway. Go play with IPv6. It will be an essential skill to add to your Resume/CV, and will only take a short time to figure out. Go set up an tunnel with Hurricane Electric or some other tunnel broker to get some globally routable IPv6s. It's simple and you'll learn a lot and quickly! And best of all, you'll stop being afraid of IPv6! :-)

    (apologies to those who already have adopted IPv6 and know all this already ... this isn't addressed to you!)