Forgot your password?
typodupeerror
The Internet

China To Run Out of IPv4 Addresses In 830 Days 619

Posted by CmdrTaco
from the blame-canada dept.
JagsLive writes "China is running out of IP addresses unless it makes the switch to IPv6. According to the China Internet Network Information Center, under the current allocation speed, China's IPv4 address resources can only meet the demand of 830 more days and if no proper measures are taken by then, new Chinese netizens will not be able to gain normal access to the Internet. Li Kai, director in charge of the IP business for CNNIC's international department, says that if a netizen wants to get access to the Internet, an IP address will be necessary to analyze the domain name and view the pages. At present, most of the networks in China use IPv4 addresses. As a basic resource for the Internet, the IPv4 addresses are limited and 80% of the final allocation IP addresses have been used."
This discussion has been archived. No new comments can be posted.

China To Run Out of IPv4 Addresses In 830 Days

Comments Filter:
  • 830 days? China? (Score:5, Informative)

    by suso (153703) * on Wednesday September 24, 2008 @09:23AM (#25134769) Homepage Journal

    Try the whole world. According to this counter [entne.jp], the world will be out of IPv4 addresses in 768 days.

    • by ohxten (1248800) on Wednesday September 24, 2008 @09:26AM (#25134795) Homepage
      Really? I thought there was a separate internet in China...
    • by Van Cutter Romney (973766) <sriram.venkatara ... m minus herbivor> on Wednesday September 24, 2008 @09:29AM (#25134863)

      Try the whole world. According to this counter [entne.jp], the world will be out of IPv4 addresses in 768 days.

      So the world runs out of addresses before China runs out?

      Did the Chinese government move themselves to outer space?

      • by DrYak (748999) on Wednesday September 24, 2008 @10:02AM (#25135313) Homepage

        So the world runs out of addresses before China runs out?

        The world will run out of new blocks to allocate (as in "254.xxx.yyy.zzz"), before China gives out all addresses in the allocated blocks it has (as in "www.254.254.254").

        Nonetheless, IPv4 can only provide a little lower than 253^4 different addresses. What makes it worse is that it's allocated in chunks (some chunks are reserved like the 127.x.y.z family - other addresses may be free but land in a range which is allocated to some company and thus can't be used by your computer).

        Thus even if some providers use dynamic IP (only those machine which are connected have an IP address - thus an ISP needs a chunk only as big as the number of simultaneously connected users, not as the total number of subscriber), and lot of router use NAT (only 1 single IP address is visible on ther internet. all the machine are visible through this address and use a private address on the internal network),
        in a world where everything including your fridge is connected to teh interweb 24h a day, 7 days a week, we will quickly run into a situation where no more IPv4 address can be assigned to a new machine :
        - the ISP has ran out of addresses in its chunk because there are more simultaneous connection (because everyone stays perpetually connected) that there are free address in the chunk (china will reach this point in 2-3 years)
        - and there are no more new free chunk to allocate for the providers (all are already either reserved like the 10.*.*.* and 192.168.*.* range, or have already been allocated to others) thus now way to give more chunks with more IP to the ISPs (the world will reach that point too in about 2 years).

        • by Darth_brooks (180756) <clipper377@gm a i l . c om> on Wednesday September 24, 2008 @10:34AM (#25135831) Homepage

          in a world where everything including your fridge is connected to teh interweb 24h a day, 7 days a week, we will quickly run into a situation where no more IPv4 address can be assigned to a new machine

          And tell me again why my fridge will be on a public IP, rather than the 192.168.1.xxx address my Best Buy $49.99 Linksys router will give it?

          Even better, explain to me why I, as Joe Sixpack will *need* my fridge on a public IP where every flaw and exploit will be passed directly to it, rather than dropped at the NAT box?

          Or better still, explain why a small business with 60 users should have every last user on a public IP?

          Or why a college or university needs to put every last workstation, printer, AP, and toaster on a public IP address?

          NAT exists because NAT works. No, it is not the be all end all for any perceived IPv4 woes, but there is a metric assload of stuff out there with a public IP that either should be, or desperately NEEDS to be on a 10.xxx.xxx.xxx network.

          • by TheRaven64 (641858) on Wednesday September 24, 2008 @10:40AM (#25135915) Journal

            So you can connect to your fridge and see if your milk has gone off from outside your home? NAT does not give security. A firewall gives security, and most NAT devices also do firewalling. If you don't want your fridge to be accessible from anywhere outside your network, or only from a set of VPN locations, then you can easily configure your firewall to block inbound connections to it (which is likely the default anyway).

            Does your small business with 60 employees want to use IP telephony? In this case, each PC (or each telephone) needs a public IP. You can get away with routing this at the application layer, but why bother when it doesn't actually gain you anything?

            • by truthsearch (249536) on Wednesday September 24, 2008 @10:55AM (#25136149) Homepage Journal

              In our small business IP telephony is handled with DHCP. All calls get routed through an asterisk server. So we only need one static IP address for the whole phone system. We need asterisk as a PBX anyway, so it's no extra fuss.

            • by Bryansix (761547) on Wednesday September 24, 2008 @11:06AM (#25136329) Homepage
              Actually NAT DOES provide some sort of security. That is because by default nobody can see which devices sit behind the NAT. They also can't directly address them. So you want to see if your milk expired at home while you are at work so you can buy more if you need to? That problem has been solved. Your fridge had NO problem making outbound connections. It CAN upload the latest stats to a website that either you host yourself or a service from your fridge manufacturer. Need a better solution? Map the Public IP of the NAT but with a high unused port number to your fridge. Then whenever you connect to your SINGLE IP address but on that specific port it will serve up the stats on the fridge.

              See there are two solutions already to your perceived problem.

              Does your small business with 60 employees want to use IP telephony? In this case, each PC (or each telephone) needs a public IP. You can get away with routing this at the application layer, but why bother when it doesn't actually gain you anything?

              Wrong! I deployed 100 Hosted VOIP phones in a NAT environment. My Router has 11 public IP addresses but the phones all use the same one. If I used SIP trunks instead it would be the same deal. Only the phone server would need a public IP for the SIP trunks; not each phone.

              • by ydrol (626558) on Wednesday September 24, 2008 @11:15AM (#25136497)

                "Actually NAT DOES provide some sort of security"

                I agree, though being pedantic it's PAT and not (just) NAT

              • by QuoteMstr (55051) <dan.colascione@gmail.com> on Wednesday September 24, 2008 @11:21AM (#25136609)

                Actually NAT DOES provide some sort of security.

                Sure, in the same sense that crushing an airliner into a cube makes it useless for terrorists. NAT breaks the internet, and when you break something, it's useless because it's broken.

                You can filter packets with a firewall without doing any NAT at all. In fact, your life would be a lot easier without NAT. There would be no need for configuring ports. There would be no need for mapping and configuring and making and unmaking.

                You'd plug things in, and they'd just work. Globally. You can allow connections to your fridge from work, or from anywhere. A firewall could do that. The fridge itself could do it. But you'd still be connecting to your fridge, and not some random port on some arbitrary gateway machine somewhere.

                Going with your fridge analogy, why should it be a bad thing for a grocery store to connect to all the fridges it knows about in order to tell them about new products? Why this artificial distinction between "inbound" and "outbound" traffic?

                • by nutrock69 (446385) on Wednesday September 24, 2008 @11:40AM (#25136923)

                  Going with your fridge analogy, why should it be a bad thing for a grocery store to connect to all the fridges it knows about in order to tell them about new products?

                  Dear Fridge,
                  You're out of SPAM!
                  - the grocery store

                • Re: (Score:3, Interesting)

                  by Bryansix (761547)
                  Inbound and Outbound traffic is an important concept to understand even if all devices were with public IP addresses but behind a firewall? Know why? Malware! It tends to infect machines and SPAM. So knowing this I can stop all outbound port 25 traffic from everything except certain IP addresses on my router. Doesn't matter if the IPs are public or not.

                  Second of all, I agree life without NAT would be easier but your analogy doesn't hold up to scrutiny. I still do business and get along just fine with NAT
              • by LanMan04 (790429) on Wednesday September 24, 2008 @01:19PM (#25138713)

                Actually NAT DOES provide some sort of security. That is because by default nobody can see which devices sit behind the NAT.

                Well, kinda-sorta. If you look at the behavior of the IPid field of outbound TCP packets coming from a NAT/PAT router, which most of the time is untouched by the router, as well as the TTL field, you can make a pretty good guess as to how many devices are behind the router, and a rough guess as to their OSes.

                The IPid field is usually used as a packet counter for a given OS, so it will increase in value by 1 for every packet sent. So if you have a few machines, each counting, you can group the outbound packets by IPid value. Also, various OSes have different default values for the TTL field (64, 128), so you can make a guess as to what OS it is as well.

                See: "Passive Detection of NAT Routers and Client Counting," Straka, K., Manes, G., 2006 in International Federation For Information Processing, Volume 222, Advances in Digital Forensics, eds. Olivier, M., Shenoi, S., (Boston: Springer).

            • by gnick (1211984) on Wednesday September 24, 2008 @11:07AM (#25136371) Homepage

              So you can connect to your fridge and see if your milk has gone off from outside your home?

              No problem. Just forward port 6969 (the standard port for FAP or Fridge Access Protocol) to the 192.168.1.x internal IP assigned to your fridge. Then you can FAP anywhere you have Internet access.

          • More to the point (Score:3, Insightful)

            by Viol8 (599362)

            Why will white goods need to be on the internet at all?

            I mean a *good* reason , not just the usual re-hashed fridge-can-reorder-beer-for-you Jetsons style drivel that is laughably spoken about as some vital function by techno evangelists.

            • by deraj123 (1225722) on Wednesday September 24, 2008 @11:22AM (#25136627)

              I'll answer your question with another:
              Why not?

              Seriously. This whole "X doesn't NEED to be on the internet" is a ridiculous argument. It's simply saying "oh, having a PC and computer type equipment on the internet should be enough for anybody". The whole point of this internet thing is innovation. Sure, a fridge doesn't NEED to be on the internet. Unless I want it to have some functionality that requires internet connectivity. Same with my computer. It functions just fine, and doesn't NEED to be on the internet.

              And why is "fridge can reorder beer for you" drivel? Is there some reason that a fridge SHOULDN'T reorder your beer? Sure, it's not a vital function, but neither most of the stuff that our technology does. Again, this is what innovation and technology is all about - improving the standard of living, making this easier, etc.

              • Re: (Score:3, Insightful)

                by Viol8 (599362)

                "I'll answer your question with another:
                Why not?"

                Because its added complexity that will add to the price and probably reduce the reliability. Instead of the manufacturer spending money on important things like good energy efficiency they'll waste R&D on crap like this that only appeals to a tiny minority of geeks.

            • Energy costs. (Score:3, Interesting)

              by Kadin2048 (468275)

              The refrigerator is a poor example, but other appliances and home HVAC systems could realize significant energy savings by communicating with each other, and by being controlled remotely over the internet (or some other means).

              There are a lot of interesting scenarios: if you had real-time, fluctuating power pricing, you might want to have appliances change their energy consumption or other settings in response to their cost. Only run some appliances when the spot price is below $0.15/kwh, for example.

              Or ev

          • by NFN_NLN (633283) on Wednesday September 24, 2008 @10:46AM (#25136011)

            Even better, explain to me why I, as Joe Sixpack will *need* my fridge on a public IP where every flaw and exploit will be passed directly to it, rather than dropped at the NAT box?

            What you want is a firewall not a NAT. A firewall will protect you just the same and allow people to initiate communication as YOU desire.

            Or better still, explain why a small business with 60 users should have every last user on a public IP?

            There are quite a few examples why this is important but here's one. Why can't all students / businesses have a public IP with an exposed port for VoIP? Why do VoIP products have to have complicated NAT traversal software that doesn't always work and at the very least just adds useless overhead.

            It's called a firewall. Set one up and stop spreading FUD.

      • by Prof.Phreak (584152) on Wednesday September 24, 2008 @10:18AM (#25135573) Homepage

        Did the Chinese government move themselves to outer space?

        Nop. They've enabled NAT on their national firewall.

      • by philspear (1142299) on Wednesday September 24, 2008 @11:38AM (#25136873)

        So the world runs out of addresses before China runs out?

        Did the Chinese government move themselves to outer space?

        In communist china, IPv4 addresses run out of YOU.

    • Re:830 days? China? (Score:5, Informative)

      by morgan_greywolf (835522) on Wednesday September 24, 2008 @09:35AM (#25134931) Homepage Journal

      There would be a lot more available addresses if companies that were given entire /8 blocks in the 80s and 90s (Ford, IBM, AT&T, Halliburton, etc.) were to give back those blocks. Most of those companies aren't even really using their /8 blocks anymore, with most of the addresses going unadvertised.

      • by Anonymous Coward on Wednesday September 24, 2008 @09:46AM (#25135067)

        Shame Lehman didn't have a /8 block.

      • by mollymoo (202721) on Wednesday September 24, 2008 @09:48AM (#25135095) Journal
        If 25 companies (are there even that many with /8s?) gave back their entire allocation, that would still only add 10% to the pool. That might buy a little time (a year, if we're at 80% and have two years left), but it's hardly going to solve the problem.
        • Re: (Score:3, Insightful)

          by Anonymous Coward

          A year is a lot of time. Think how much cheaper computers/routers get in a year. That's a lot of expense saved if they can delay switching over for a year.

          • by Midnight Thunder (17205) on Wednesday September 24, 2008 @11:15AM (#25136491) Homepage Journal

            A year is a lot of time. Think how much cheaper computers/routers get in a year. That's a lot of expense saved if they can delay switching over for a year.

            Its simpler if people just started accepting that IPv6 is going to happen and adjust accordingly. For me its like having to accept Y2K was going to happen and acting accordingly. Believe me its much simpler to code the applications than go through the politics, and possibly technical issues, of getting someone to give back a block they don't appear to be using.

            Get your ISP and your router manufacturer to provide you an IPv6 solution. That too is probably not easy, but if we all start making noise then they will start doing something - hopefully.

      • by SmallFurryCreature (593017) on Wednesday September 24, 2008 @09:50AM (#25135147) Journal

        IP4 doesn't have enough addresses, of course a managers solution is to put of the inevitable so that it happens on someone elses watch rather then taking the time we got now to develop and implement a solution.

        IF pushing IP6 doesn't work in the roughly 2 years remaining THEN we can use the buffer of under-used blocks as a last reserve. if we use the reserves now, and do nothing then we still have the same problem, just a bit further away but this time with no reserves remaining and no work chance of it being solves in time.

        You should run for president, you would do well with your solutions.

    • Re: (Score:3, Funny)

      by rahlquist (558509)

      Maybe if the sprinkle their routers with Melamine it will fix it for them.

  • Uh Oh! (Score:5, Funny)

    by Smivs (1197859) <smivs@smivsonline.co.uk> on Wednesday September 24, 2008 @09:24AM (#25134785) Homepage Journal

    Sounds like it will be easier than ever to ring the Wong number!

  • Normal 'net access? (Score:5, Interesting)

    by i.r.id10t (595143) on Wednesday September 24, 2008 @09:27AM (#25134819)

    Do any Chinese citizens even have "normal" 'net access now? Thought NAT was used heavily, not to mention the GFWOC

  • by mfh (56) on Wednesday September 24, 2008 @09:27AM (#25134831) Journal

    To get a quick infusion of 700 billion IP4 addresses -- NOW!

  • by jeffmeden (135043) on Wednesday September 24, 2008 @09:28AM (#25134839) Homepage Journal

    When your WHOLE COUNTRY is behind a firewall? NAT the hell out of that! Flatten it to a /8 network in 10.0.0.0 and put it all behind one public IP. Problem solved!

    • by DNS-and-BIND (461968) on Wednesday September 24, 2008 @09:31AM (#25134877) Homepage
      A: Because it breaks the flow of a message.
    • by Artraze (600366) on Wednesday September 24, 2008 @09:38AM (#25134967)

      > When your WHOLE COUNTRY is behind a firewall? NAT the hell out of that!

      The firewall is more figurative than literal. My understanding is that it basically bans certain IPs/domains. That can be done with a stateless system, while a true NAT/firewall would need to track all packets of all connections of all users. Not impossible, but insanely expensive. Plus it would have the unpleasant side effect of actually firewalling China (i.e. no incoming connections), whereas now they just don't let you view certain things.

      The whole point is largely moot anyway. First, as was pointed out above, the entire world is estimated to run out in about 780 days, so they've apparently got more time then the rest of use. Second, the primary usage of IPs comes from blocks assigned to institutions and businesses, with the latter _requiring_ incoming connections. Could a business have one public IP and NAT/load balance their servers and whatnot? Sure, but they could always switch to IP6, which is gonna be a lot cheaper than all these NATs

    • Re: (Score:3, Funny)

      That would sure make my spam filter rule set a lot shorter. :D

    • Re: (Score:3, Insightful)

      by nbert (785663)
      This solution provides 2^24 addresses which is about 16.7 million. I don't know how huge their address space currently is, but given their population size it's pretty obvious that this wouldn't work out (IIRC around 10% of the population had access to the internet in 2006).
    • Re: (Score:3, Informative)

      by steelfood (895457)

      Obligatory XKCD [xkcd.com].

      As you can see, Asia has several /8 blocks allocated to it. I'll bet China has a few of those /8 blocks.

      Besides, NAT's can only handle 65536-1024 connections (number of ports minus 1024 reserved).

  • by Ortega-Starfire (930563) on Wednesday September 24, 2008 @09:29AM (#25134857) Journal
    Or will they just open up reserved addresses or something stupid like that?
  • Netizen? (Score:5, Insightful)

    by Anonymous Coward on Wednesday September 24, 2008 @09:30AM (#25134867)

    Netizen is really stupid word, we really don't need more buzzwords.

  • HP (Score:5, Interesting)

    by QuietLagoon (813062) on Wednesday September 24, 2008 @09:31AM (#25134883)
    When HP acquired Compaq, HP also got DEC's /8 block of IP4 addresses. Now HP has at least two /8 blocks of IP4 addresses.
    .

    C'mon HP, be a good netizen and give back the bulk of those IP addresses. Try using NAT instead of hoarding IP addresses that others so desperately need.

    • Re:HP (Score:5, Interesting)

      by Amouth (879122) on Wednesday September 24, 2008 @09:56AM (#25135243)

      on top of that if they would redo ssl so thatyou can support host headers that would allow allot of consolidation of webservices/sites by farm hosters..

      personaly i think we are all just too lax about dealing with IP's..

    • Carly Fiorina's ego. It's so big that it was necessary to support all of her ego's operations. If it grows any more, the IPv6 address space will be screwed as well.
  • by QuoteMstr (55051) <dan.colascione@gmail.com> on Wednesday September 24, 2008 @09:32AM (#25134887)

    I predict that we'll see China begin to use IPv6 addresses before most other people. Why?

    • Extreme scarcity of IPv4 addresses: China gained internet access well after the era of enourmously wasteful address assignment [iana.org] ended.
    • The great firewall is always set up as a traffic relay. Not only does it provide a natural point to set up an IPv6->IPv4 NAT gateway, but running IPv6 internally makes it that much more difficult for dissidents to bypass the firewall.
    • China's strong central state would allow mandating of IPv6 and near-instantaneous implementation.
    • Chinese sites are accessed by relatively few non-Chinese. Therefore, the penalty for running an IPv6-only site inside China would not be very great.

    Granted, I'm no fan of China's human rights policies. But it definitely has an advantage in terms of adopting IPv6. Hopefully, when China switches protocols, it'll catalyze the rest of the world to do so as well.

  • In other news (Score:5, Interesting)

    by augustz (18082) on Wednesday September 24, 2008 @09:34AM (#25134915) Homepage

    Slashdot runs it's 15th story about IP addresses running out "real soon now". The first was something like 5 years ago :)

    These stats ignore the fact that there are huge available allocations that can go behind NAT's. An ISP can NAT big chunks of its user network. Charging even a modest amount per IP would free up huge numbers of IPs. There are abandoned blocks (companies out of business) and wildly oversized blocks (MIT etc).

    Plus, we've been hearing these stories for years. The idea that the internets resources are going to become ipv6 anytime soon is unlikly. So folks are going to figure out a way to manage the existing pool, where there is lots of room for improved efficiency.

    Fun to keep on reading these stories... they're always written as breaking news :)

  • by straponego (521991) on Wednesday September 24, 2008 @09:35AM (#25134933)
    They're even running out of RFC 1918 addresses.
  • by flowerp (512865) on Wednesday September 24, 2008 @09:36AM (#25134947)

    the LHC will end it quicker than that. They estimate some 90 days until they've got their repairs done ;)

  • by Centurix (249778) <`moc.liamg' `ta' `xirutnec'> on Wednesday September 24, 2008 @09:38AM (#25134963) Homepage

    Impose a one IP address per family rule...

  • by Chief Camel Breeder (1015017) on Wednesday September 24, 2008 @09:47AM (#25135075)
    What actually happens for domestic users when the addresses run out? I get my one, dynamic address at home from the ISP and I guess tomorrow they give that to some other subscriber (DHCP lease seems to be 24 hrs). If there are too few addresses, then what? No more new subscribers; or do they, the ISPs, allow over-subscription and not all customers can get an IP address every day?
    • Re: (Score:3, Interesting)

      by ServerIrv (840609)
      ISPs will not be able to oversell their DHCP pool. Back in the days of dial-up, yes, but now that every broadband ISP installs a router/modem that is on 24 hours a day not a chance. Most people will turn off or suspend a computer when it's not in use, but will never do the same for their router.
  • by FireStormZ (1315639) on Wednesday September 24, 2008 @09:48AM (#25135091)

    Seriously their government is hell bent on controlling what goes into and out of that nation and what better way to do that than by forcing people to use a proxy..

  • by QuoteMstr (55051) <dan.colascione@gmail.com> on Wednesday September 24, 2008 @09:54AM (#25135211)

    NAT is not a solution. It's a huge, gigantic clusterfuck of a problem. Some people only started their careers after NAT was widespread, so they can't imagine how wonderful the world is without it. The internet is much simpler when you can assume that all nodes can directly address all other nodes.

    Look: this is what we've done.

    In the beginning, each endpoint of a TCP (or UDP) connection looked like this:

    [octet][octet][octet][octet][16-bit port]
    [(------- host-------------)(--service--)

    Each octet was routed hierarchically, and the port acted as an additional level of routing within a single node.

    With CIDR, the model moved to this:

    [32-bit opaque address][16-bit port]
    (-------host----------)(--service--)

    This change didn't hurt anything, aside from an increase in router complexity. Allowed the 32-bit address space to be used much more efficiently.

    Now with the IP address shortage, the situation looks like this:

    [48-bit address]
    (----?---------)

    Note how we've lost the distinction between host and service and smushed them all together into one huge opaque number. We've caused ourself lots of problems with this:

    1. One can no longer tell which service is being used based on part of an endpoint address (i.e., the port.). Firewalls, proxies, and so on become much more complicated.
    2. Only part of the endpoint address is provided by DNS. (I'm ignoring SVR records, which nobody uses.) Thus, part of the address needs to be hardcoded:
      • Every damn piece of software has to have a knob to control what port to use.
      • When software is too much trouble to configure, we use hardcoded port-parts. Consider SMTP and HTTP. When the port-portion of the big smushed address is hardcoded, Herculean efforts have to be made to route these services through NAT. Good luck if you want to run more than one SMTP server behind a given NAT gateway.
    3. 48 bits still isn't enough to satisfy growing demand. What happens when you can't address the endpoint you want even if you use all the address bits and all the port bits? Do we start piling on in-band multiplexing? Should every protocol necessitate something like HTTP 1.1's host header?
    4. Getting a publicly-routable endpoint address involves talked to one or more routers, which may or may not allocate a port for you. And this portion of the endpoint address is highly dynamic.
    5. Because of the last reason, protocols that involve callbacks are complicated. FTP, for example, made perfect sense in the days before NAT. Now, it's viewed as a problematic pain in the ass that always needs special NAT rules and connection tracking to accommodate it.

    These days, instead of saying "connect to mydomain.foo.cx", for example, you have to say "connect to mydomain.foo.cx at port 12345". That's out of band address information, and should never be needed. Imagine if DNS only gave you the first three octets an IP address, and every application requires you type in the last one in manually. That's what the world is like today!

    • Re: (Score:3, Funny)

      by StrawberryFrog (67065)

      NAT is not a solution. It's a huge, gigantic clusterfuck of a problem.

      Can't it be both? Like so many things.

  • by zappepcs (820751) on Wednesday September 24, 2008 @09:55AM (#25135221) Journal

    Am I the only one that noticed Hey, they can only have one baby, but we'll give them 3 IP addresses? Sounds like the Chinese government is getting liberal or something

  • Please (Score:3, Insightful)

    by fahrbot-bot (874524) on Wednesday September 24, 2008 @10:06AM (#25135391)
    stop saying "netizens".
  • by bugg (65930) * on Wednesday September 24, 2008 @10:17AM (#25135541) Homepage

    Why is everyone in the comments talking about various steps (reallocating large blocks, more widespread NAT, etc.) that would allow us to push back IPv6?

    It seems that we very close to the point where every device supports IPv6 (Vista adoption is helping this) but just isn't using it. Let's start turning it on. What better way to help the adoption than by having users who are IPv6 only complaining?

  • by StoatBringer (552938) on Wednesday September 24, 2008 @10:22AM (#25135621)

    We've only used half the available numbers.
    Just start using negative numbers: -248.100.-97.-201

  • by HockeyPuck (141947) on Wednesday September 24, 2008 @10:26AM (#25135707)

    Why can't some of the owners of /8 address spaces return them back to be re-allocated?

    For example, HP owns 15.0.0.0 through 16.0.0.0 (~33m ip addresses) can't they get by on just ONE class A network?
    Apple owns 17/8
    MIT own 18/8
    US Postal Service 56/8.
    http://www.iana.org/assignments/ipv4-address-space/ [iana.org]

    Do all these companies need to have ALL of their devices on publicly routable IP addresses? From a security standpoint, I would hope not. Odd since IBM, a company much larger than MIT and Apple can get by on just one /8, and I'm having trouble believing that HP requires 2 /8 networks.

    We talk about making our datacenters "green" by consuming less power, there's got to be an equivalent for consuming fewer public IP addresses.

    I've just finished re-IPing our datacenter (~5000 servers), not to 'release IP addresses back, but to undo the damage done by years of seemingly randomly assigning IP addresses to servers in our datacenter. Yes it's a pain, but so is any form of cleaning up your datacenter (cabling for example).

    • The reason organizations don't "give back" their IP assignments is that there is not much incentive to do so. Why not a market based solution?

      One example: I am puzzled that radio amateurs (AMPRNET) own 44.00.00.00/8 and do not make significant use of it. As a ham myself, I'd be happy to convert that to, say, $10M for the betterment of the hobby.

  • by gambolputty3 (1247532) on Wednesday September 24, 2008 @10:44AM (#25135977)
    Ordinary users of the IPv6 Internet should be allocated as a minimum two /64 subnets. One /64 subnet would be for a private LAN network and the other /64 subnet would be for a public facing DMZ network. The DMZ network would be useful for any kind of reachability which only selected people can access content. IPv6 capable VoIP PBXs would be especially useful here like Asterisk and Freeswitch. Imagine the possibilities of assigning every phone call or user its own IPv6. This should elimiate VoIP spam. Other notes: Point to point links should be a /126, not a /64. Businesses of differing sizes don't need a full /48. This would be like giving out blocks of IPv4 Class A addresses all over again. The size of the allocated IPv6 for a business should match their real size and needs. Applications and operating systems need to be more IPv6 aware.
  • Whew (Score:3, Funny)

    by PalmKiller (174161) on Wednesday September 24, 2008 @10:45AM (#25136001) Homepage
    Thank goodness, maybe they will take away the Chinese spam houses IPs and use them for something less irritating.
  • by gparent (1242548) on Wednesday September 24, 2008 @10:52AM (#25136099)
    Has anybody noticed that the summary is basically repeated twice?

    I wonder if anybody noticed the summary was repeated twice.
  • by badfish99 (826052) on Wednesday September 24, 2008 @11:03AM (#25136279)

    Isn't the problem that nobody who could fix this is motivated to do so?

    If we all switch to ipv6 now, then everyone on the existing internet has incurred a cost, but will see no benefit; the benefit will go to currently-unconnected Chinese who will not pay the cost because the work will already have been done by the time they join up.

    The only way that the switch to ipv6 is going to happen, is if someone finds a way of making the currently-unconnected Chinese population pay for it. That could be done, for example, by waiting until ipv4 addresses become very scarce, then auctioning the remaining ipv4 addresses for large sums of money, and using that money to switch everyone else over to ipv6. But then you've got the problem of distributing the money...

  • Duh (Score:3, Insightful)

    by lord_sarpedon (917201) on Wednesday September 24, 2008 @11:05AM (#25136313)

    Had every router shipped since 3 or so years ago been required to have a) IPv6 support w/ stateful firewall on by default for internal hosts and b) a "turn on 6to4" button, we would have been near done already. That simple. You can do it with current routers with firmware mods and a lot of work.

  • by joetheappleguy (865543) on Wednesday September 24, 2008 @12:27PM (#25137833) Homepage
    Can't they just all use the same IP address just like they all shared the same license key of Windows XP?

"The only way for a reporter to look at a politician is down." -- H.L. Mencken

Working...