Slashdot Mirror
North America Runs Out of IPv4 Addresses
DW100 writes: The American Registry for Internet Numbers (ARIN) has been forced to reject a request for more IPv4 addresses for the first time as its stock of remaining address reaches exhaustion. The lack of IPv4 addresses has led to renewed calls for the take-up of IPv6 addresses in order to start embracing the next era of the internet.
Comcast Business, which only got me dynamic ipv6 a couple months ago, and still haven't gotten around to static allocations to match my static v4 allocation. Also, a lot of people's home routers. But mostly apathy.
Watch for Penguins, they eat Apples and throw rocks at Windows.
these companies (which I'd love to name) missed the boat when IPv4 address costs (for sale) was highest and are actually waiting for this next "crisis" in hopes that they can get billions for Class A nets (these companies date back to "the beginning" and the use their Class A addresses for non-Internet facing internal addressing (that is they are wasting the addresses) simply because they lack the skills to change).
IBM has the technical know-how to stop using routable addresses internally, but their class A is part of their culture. I imagine the same is true for other class A holders.
"You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
Problem is that IPv6 stack security still isn't that proven:
First, an attacker can easily find your network topology (i.e. which segment is what) with IPv6. IPv4, NAT is not in itself security, but it at least places a curtain in the front window, so someone can't just run a nmap and know what insecure devices are where.
Second, IPv6 doesn't do well with VPN software.
Third, the bugs like teardrop/land/smurf/etc. have yet to be found. Who knows... a malformed packet might be able to take out a good chunk of fabric, and with IoT devices that are likely not updatable, they would easily be a target.
My cell phone has been on IPv6 for years. Everything I have is ready for the conversion. What is holding it up?
There is a small interesting detail about IPv6 that is almost never mentioned. An IPv6 address counts 128 bits. Typically the "top" 64 bits are provided by your ISP and will be used to route the packets through the Internet. The 64 remaining LSb have to be unique within the subnet (typically a LAN), and usually these 64 bits are made from the MAC address of the interface linked to this IPv6 address (padded if 48 bits). That means for instance that knowing your IPv6 address, someone is likely to know also your MAC address (of the device used), that is usually the maker/configurator of the NIC (eg Apple, MS ...). And if the shop where you bought the device keep track of your MAC address - like Apple for instance - they may be able to identify you precisely, based on your IPv6 address (eg when you access their web site).
Slashdot, fix the reply notifications... You won't get away with it...
My cell phone has been on IPv6 for years. Everything I have is ready for the conversion. What is holding it up?
Suckage.
I recently disabled IPv6 on my router because too many sites were slow loading. It was particularly bad with Wikipedia, which usually just timed out after a few minutes. OTOH, IPv4 works fine for the same sites.
I don't know where the trouble is, Wikipedia or my ISP (U-Verse) or somewhere in between or some problem with my computer... but in its current state, I can't endorse switching.
All my liberal friends think I'm a conservative, all my conservative friends think I'm a liberal.
Because they can't sell it. As the current ruler of Microsoft, John Thompson, admitted, they broke the rules intentionally when they bought a block of addresses from Nortel in 2011. ICANN talked about taking action, but backed down after Gates picked a dishonest and untrustworthy moron like Thompson that has political connections to the White House. Obama said Thompson was on the short list for Commerce Secretary, and has admitted that Microsoft has unlimited access to the Oval Office. Thompson is very well connected. That is why Gates appointed him to run Microsoft despite the fact he isn't that bright and has recently shown very bad signs of Alzheimer's wrt his confused and contradictory statements on how much Microsoft plans to charge for Windows 10 subscriptions for the "free" upgrade. We still don't know how badly those of us who take the "free" upgrade are going to be screwed in the long run.
Also, the "Class D" (multicast) address space (224/4) is extremely under-utilized (IIRC, only 3 of the 16 /8s are even used), and IPv4 multicast is mostly a failure anyhow.
And the "Class E" space (240/4) is unusable because the TCP/IP stack in Windows NT and later was explicitly coded to consider those as bad addresses and not even attempt to communicate with them. Thanks a lot, anal-retentive programmer-guy.
Those two together account for 32 "Class A" equivalent addresses, or one eighth of the IPv4 address space.
#naabhaprzrag, #sverubfr-000, #agi-fcbafberq, negvpyr[pynff*=' negvpyr-ary-'] { qvfcynl: abar !vzcbegnag; }
Every couple of weeks or so, I turn off V4 to see what happens. /. is one of the sites that I can't reach when I do.
-jcr
The only title of honor that a tyrant can grant is "Enemy of the State."
So every address at IBM is in a routable block? That's not only extravagant, it's blindingly insecure.
Yes, I'm sure that there are firewalls and routing tables that ignore attempts to address the internal 9.x.x.x addresses from the outside, but still, it would be so easy to screw that up. At least with private addressing, you have an entire extra layer of difficulty for people who want to get at your internal networks remotely and more importantly, it defaults to not being routable, even if accidentally exposed somehow.
Oh well. I'm sure IBM has it all under control. (Sells all IBM stock immediately). :)