Slashdot Mirror
IP Address Shortage
webslacker wrote in
to send us a news.com story that talks about the upcoming
IP Address Shortage.
Talks about IPv6 and other related topics. Nothing
phenomonal, but its interesting... how many class C's do we
have left anyway?
I have about 17 million addresses available for my own personal use. 10.0.0.0-10.255.255.255, 172.16.0.0-172.31.255.255, 192.168.0.0-192.168.255.255. With things such as NAT/IP masquerading/firewalling, which everybody should be using for security's sake, there is not an IP address shortage.
I remember this scare came up two or three years ago. Bob Metcalfe (of Ethernet and 3Com fame) was the one really pushing the issue then. Disaster didn't happen then, and the situation isn't critical now. There are still lots of class C's available for the near future, and if they disappear quicker than expected, there are some almost empty class A's and B's that could be subdivided. Nobody really needs a class A anyway.
This won't last us indefinately, if we get 250 real IP addresses per household we would run out. On the other hand, the only sane way to give every gadget, appliance, outlet and lightswitch in a house its own IP address is to use the 10.0.0.0/8 network, so it's not an issue for the rest of the world. IPv6 is still the best long term solution (just like it was 2-3 years ago). What's the hold up? It works, all decent OS's support it natively, when are the backbone providers going to start swithching, and encouraging their clients to switch?
----
Open mind, insert foot.
Posted by TikTac:
The main problem is that with such a distribution of IP addresses, the routers are having to keep more routes in memory. We're not really near running out of numbers, but if we have to assign two (or more) numerically unrelated blocks of IP addresses to a location, we aren't using the addresses efficiently, and the routers are going to bog down more and more with many routes going to the same place.
To summarize: We have a sufficient quantity of IP addresses for the near future. The problem we are encountering is that routers operate more efficiently if the IP addresses are under-utilized.
That is why we need IPv6 and it's insane number of IP addresses. If we can assign IP's without regard to efficiency of quantity, we can more easily aggregate routes efficiently, reducing maybe 12 routes into one route to a honkin huge set of IP's (which still would be less than a fraction of a percent of the available set of IP's)
The article gives a partial list of the class A allocation holders. The full list is available here: http://staff.elmail.co.uk/~liam/t ech/class-a.html. For some reason, the two lists don't quite match up -- for instance, where's IBM?
(This link was blatantly stolen from Scripting News, but I figured it should be seen)
Here's an old (last summer) article that explains the whole class A fiasco: http://www.zdnet.com/intweek/daily/ 980622a.html
Basically, we aren't really going to run out of addresses anytime soon, as long as someone forces companies like Halliburton to use the right address space for their 30k hosts.
(link cross-polinated from Scripting News - www.scripting.com)
I don't think the emphasis is on putting these devices on the global Internet; it's on allowing these devices to communicate between one another via IP.
:)
And if it already speaks IP, why not let them communicate over the Internet as needed while we're at it?
10.x.x.x addresses seem like a good idea (my network at home uses this), but what if you wanted to check your answering machine messages from a neighbor's house? What if you wanted to record the game that comes on in 20 minutes? I'm probably only pointing out some of the lesser reasons why these devices might need a "real" IP, but IMO they're enough.
Where is IPv6 hard to implement?
The transition from IPv4 -> IPv6 should be totally transparent. Things like TCP and UDP should work under IP with no problems at all, since they don't themselves deal with things like IP addresses or quality-of-service.
IPv6 was designed from the drawing board to be an easy upgrade. IPv4-compatible address space was built-in, and the protocol itself is meant to allow hosts to inter-communicate between IPv4 and IPv6 hosts on mixed networks.
A "funky" (even if simple) multi-level proxy system as you say is simply a rather nasty band-aid. While something like this may work, it introduces a tremendous amount of complexity. You'd still need to have things like web servers, e-mail gateways, etc., on globally visible IP's, and there are useful reasons to have individual PC's visible as well. Behind NAT, you lose a lot of usefulness out of Internet hosts. If such usefulness isn't a factor (such as on networks where the machines are already firewalled into next-to-nothingness), this is probably fine, and using private addresses with NAT is acceptable (and even desirable).
The reverse mapping (IPv6 addresses out of IPv4 ones) is slightly trickier, but certainly possible. Multihome a gateway, then have it route out the packets over the IPv6 segment of the network, with the address according to the IPv6 mapping of the name the gateway was called by. The translation becomes invisible and transparent to all parties.
It's a small world and it smells funny; I'd buy another if it wasn't for the money; Take back what I paid (SoM)
Result? For a competitor to get a product to work with AOL, it would HAVE to be IPv6 aware.
AOL's users would be utterly oblivious to the change - AOL's software would work the same and look the same, and they'd have access to exactly the same off-site systems, in the same way.
BUT, because it would be an IPv6 stack and an IPv6 service, any 3rd-party product would have to have IPv6 support. And, given the number of direct users of AOL, it would have to have IPv6 support by yesterday, or risk being squelched.
It's a small world and it smells funny; I'd buy another if it wasn't for the money; Take back what I paid (SoM)
Internet Transparency
It's a pretty good read. Anyway, ARIN should be offering IPv6 addresses the 17th (next Monday) unless politics and policy get in the way. The registration folks are testing my code today. :)
Make sure your ISP is ready! And don't settle for a /128!
Shane Kerr
Software Engineer
ARIN
This is a plea, from me personally, and also from me as an employee of ARIN.
/8 (e.g. 10.0.0.0/8) /16 (e.g. 192.168.0.0/16) /24 (e.g. 192.149.252.0/24) /32 (e.g. 206.170.14.74/32)
/23:
Please stop using classful naming. Class A, B, and C really don't have much meaning these days. Use CIDR - it's more specific and just all-around better.
$0.10 Tutorial:
Class A is a
Class B is a
Class C is a
Single IP is a
There you go. I'm sure you can figure out how other networks are specified. For instance, the network slashdot is on is a
206.170.14.0/23
Isn't that better than saying "two class C's"?
Perhaps this is why they're taking so long testing it. Theoretically, routers, servers, clients, hosts, whatever, that are running on 100% Satanic IPv4 should never have to switch over to IPv6. There have been provisions put into IPv6 to allow IPv6 routers to route to IPv4 routers, and for IPv6 clients to connect to IPv4 servers.
Unfortunately, the reverse isn't quite true. i.e. if you're a server without an IPv4 address (you only have an IPv6 address), then IPv4 hosts will not be able to contact you AFAIK.
People should probably not count on never upgrading, though. I don't want to think about all the tech support calls coming in from people complaining about only being able to access a small chunk of Internet hosts, just because some unnamed operating system hasn't put IPv6 support in yet.
The problem is plain simply that people did not see the internet growing the way it has when they released IP in the early 80s. Waste 16 million IP addresses for loopback? Sure, why not.
- Sam
The secret to enjoying Slashdot is to realize that it should not be taken too seriously.
When I tried to get IP addresses here in Norway, the answer was: No, sorry, there is none for you, because there is a shortage.
I can't possibly understand how all you people can manage to get C-class subnets, without having a _very_ good reason for it. Much less how you can possibly be disappointed with it!
Somebody up on the list wished there was an IPv6 initiative, and waited for somebody to "take the first step". I would just like to say: Wake up! The 6bone (a world-wide IPv6 network, using mainly IPv6-over-IPv4) has been running steady for quite a while now, and many equipment manufactorers (of them Cisco) do have close to production standard implementations. IPv6 will have enough addresses for everybody (a 128-bit address space... You usually get 64 or more bits, and usually use your Ethernet MAC address as the last 64 bits, to get autoconfiguration), and some extra neaties as well. I encourage everybody to join the 6bone (read the IPv6-HOWTO first, probably available at the LDP). It's free, and Linux has the support you need.
/* Steinar */
(This comment is of course GPLed.)
I would hazard the guess that there are lots of places where a whole block of IP address are assigned when there really only need to be a couple IP addresses assigned.
For example, FooBar Corp. grabs a class B so each of their computers can have an IP address. However, they only have a small handful of external servers and gateways. What they really should have done is gotten individual IP addresses from their ISP and used IP masquerading for all the internal computers. That way, computers that are behind their firewall aren't using "real" IP addresses.
--Rob
These indecent prices for a stupid DNS name by internic.net and others (national domains are often even more expensive), could have been (somehow) justified if they were charging for an actual IP allocation. In this case they could have collected some real money and fund IPv6 initiative, which IMO could have made it more realistic in our the timeframe allocated to our lifes. Actually they are making money on IP allocations (selling them to ISPs), but they want to charge for domains too.
AtW,
http://www.investigatio.com
alexc
Join Majestic-12 Distributed Search Engine
In fact, that is EXACTLY the problem. There are really only 3 levels of address allocation -- class C (2**8 addresses), class B (2**16 addresses) and class A (2**24 addresses) (or so).
Way back when, most companies would just grab a class B, thinking "gee, I'll probably have more than 256 machines, the class B will give me room to grow". Of course, they only have maybe 1024 machines, so most of their address space ends up empty.
This has GOT to be the case with Ford, Eli Lilly, Merck, Mercedes Benz, and Prudential. I say we revoke their class As!
Remember the thread is about home networking. To me, it seems that setting up the numerous services (NAT, DHCP, DNS, etc) to support a simple home network is way overkill. When you look at the Netwinder (which automates all of this), you're getting a full blown computer with full blown unix, which is a pretty complex system for your toaster.
I hesitate to suggest this, but NetBEUI seems to be a better fit for home networking. Fast (for 1Mbps lines), auto-configuring (no unix box in the corner) and non-routable (more secure). A simple box could connect with the Internet and transmit messages from TOASTER0123 to tracking.wonderbread.com or wherever. This box of course would need some intelligence to know how to handle messages, but I'm sure it could be worked out.
--
Business. Numbers. Money. People. Computer World.
Maybe I'm stuck in the past or something...but I really don't want my toaster setting anything off. Do we REALLY need to have everything in our households done for us so we become mindless idiots who surf the Go network and watch network television all day. Giving an IP address to everything is just stupid in my opinion. No one's life should revolve around their PC to where it needs to tell them when their toast is ready. I'm on my computer many hours of the day, but I tell if my toast is ready the old fashioned way, I smell for smoke.
I'm a loner Dottie, a Rebel.
only 10% of all available ip addresses are used
The problem isn't the amount of IP addresses, what it really comes down to is efficient routing. Lets say for example that IP 2.2.2.2 belongs to some dude in Norway. So route all packets that have 2.2.2.2 as destination to Norway. How about IP 2.2.2.3 then? Let's give it a university in Malaysia. Now routers have to know exatly where the holder of each IP lives. They have to scan every packet and compare its IP to a BIG database of locations. Needles to say, this would be very slow.
So how do 128bit-addresses help? Well, we can make a deal that the first 8 bits mark the country. Now the router needs to scan only the first 8 bits and compare it to small database to determine where to send the packet. When the packet reaches the right country, next 8 bits are checked. These 8 bits could mean the state/province/whatever. Then scan 16 bits to determine the correct city. This way you can narrow down the search step by step until the packet has been delivered. Simple and fast.
There can't be much of a shortage here. I just signed up with demon internet and got a static IP without even asking for one!
James
Ummmm ... aren't you forgetting port-forwarding?
let's see; I can telnet to my masqueraded machine
like this:
redir --lport=97 --caddr=192.168.1.2 --cport=23 &
telnet mydomain 97 #forwards connections to port 97
#to the masq'd box's port 23
I can do the same with a web server or any other
kind of service. Set up right, you can open up
all sorts of holes to inbound services. I'm logged
into a masq'ed machine at home from work right now.
Everyone seems to be thinking small.... Any scheme that does not provide an individual IP address to a particular computer is going against the basic design of the Internet. A device/ entity /computer/home/remote/fridge with an IP address can do anything you want it to (in regards to Internet activities). The other schemes all have limitations, whether it be outside accesibility or whatever. THINK BIG and don't settle for any solutions that do not provide IP's for anything and everything you want them for. Otherwise, you are starting to mess up the Internet's basic structure. Sure you can point to individual activity and say "That can be done without individual IP allocations, heres how.....", but anything can be done if you have an individual IP allocation.
anyway, my 2c, I'll go have another cup of coffee now.
/*---------------------------*/
Man? What is man?
But a collection of chemicals with delusions of granduer.
First, it is impossible for every IP address out there to be used. Routing is the evil here. Every little network has to have some contiguous IP block. For a small office it could be a /28 up to a /24. There will always be some IP addresses extra for future growth and because things come in powers of two. If you are very good, 50% coverage is possible. A group of offices becomes a corporation which needs a contiguous (if possible) block under which all of the offices live. Of course we need to have room for future addition of offices. Here, using 50% of our sub-blocks again would be good. Now we are to a total of 25% of the IP's used.
This process goes all the way up to the backbone providers.
We could get greater than a 50% coverage, but at the cost of a management nightmare and larger routing tables. You want to keep an office in the same IP block so that it is one router entry. The same with a corporation. Otherwise, by the time you get a few hops from the end-user toward the backbone you will have router tables too large to handle.
That being said. There are some /8's out there that I think could be broken up. Some of the major players in the Internet's early days got /8's (Class A's) because no one ever dreamed that whole world would be trying to get IP addresses.
Second, I think NAT is only a temporary and mostly an unsatisfactory solution. NAT uses one IP address for a bunch of IP devices. A proxy server has the one IP address and all traffic goes through it. I say it is unsatisfactory, because you cannot run servers multiple servers listening on the same port behind a proxy. You can get away with one mail or one web server by telling the proxy anything for port 25 goes to the mail server or for port 80 goes to the web server, but a second web server would have to run on another port. In short, only clients can go behind a NAT proxy. Eventually we will run out of IP addresses for servers also.
Third, yes your toaster will need to have an IP address. Any device in your house will want to communicate to other devices in your house. Your toaster could set off the fire alarm (which has its own IP) when toasting gets out of hand or blink an icon on your desktop when your toast is done. If a device communicates, it needs an address. If IP is the protocol used, it needs an IP address.
Finally, I'm not sure IPv6 is a good solution. It just gives us a new ceiling in the total number of IP addresses. Granted the ceiling is really damned high, but try telling an ARPAnet boy in the 70's that 32-bits is not enough. I would rather see a variable length address. Give my house a prefix (1.2.3.4.5) and let me assign after that. Everyone else just needs to know that something beginning with my house prefix comes to me. ISP would have their own prefix and their customers would be underneath that. This is a rough, but it might work.
Also, IPv6 is missing other features that I would like to see if we are going to upgrade the 'net. Realtime transmission is top on that list.
I personally have 16 ip addresses, and I'm planning to upgrade to a full class C in the near future, but I do a lot of serving, so its somewhat justified.
One of my IP addresses is allocated for my household appliances (yes, I'm not making this up). Currently it only has control of my doorbell, a lamp, the roter on my webcam, and my RC car. However, just this one computer has no problem controlling multiple devices.
Even if each appliance had a separate computer with its own IP address, there's no reason that those IP addresses would NEED to be internet IP addresses. They could just as easily use masquarading or some other internal network scheme and full control of those appliances could still be controlled from anywhere in the world with only a single dedicated IP address.
As for upgrading to IPv6, parts of the upgrade will be easy, parts will be difficult. The easy part will involve any type of generic operating system. Linux, any unix system, win95, win 3.1, all those types can be upgraded relatively painlessly. There will still be a lot of confusion, but it could probably be gradually upgraded so the new IPv6 network could temporarily mirror the IPv4 network so for a year or so, it would work both ways as if all computers still used IPv4.
The hard part will be the embedded systems that have IPv4 hard coded and would require a flash upgrade or worse, couldn't be upgraded without a hardware swap. However, for many of those systems, they could still be utilized to some extent, at least until people have a chance to upgrade. Things like X stations, port servers, and the like don't need physical internet addresses and could function equally well as an internal masquaraded network on IPv6 with a router or bouncer taking care of things in the middle.
Its not as clean as we would like, but if we really have 25 years to work on it, it should be possible to have a smooth transition, without the Y2K variety of panic that comes with an imminent forced deadline.
-Restil
restil@alignment.net
Play with my webcams and lights here
I think that the likely scenario for the wried house will be that you have a central access point for all such services - acting like a firewall and also providing a common entry point for controlling all of these services. After all, if I want to program my Magnavox VCR when I'm at the neighbors house why should I have to go out and download the magnavox specific software and install in on their PC first. Instead, I'm going to connect to my house's WWW enabled automation server (which only needs a single routable address) and do everything thru there. This is what's going to be actually controlling everything anyway... Why waste the money to build an interface and such into every single light switch - they're all just going to run SSMP (simple switc managemt protocol) and let the centreal controller handle the schduling and nasy stuff like interfacing with us humans.