China To Run Out of IPv4 Addresses In 830 Days 619
JagsLive writes "China is running out of IP addresses unless it makes the switch to IPv6. According to the China Internet Network Information Center, under the current allocation speed, China's IPv4 address resources can only meet the demand of 830 more days and if no proper measures are taken by then, new Chinese netizens will not be able to gain normal access to the Internet. Li Kai, director in charge of the IP business for CNNIC's international department, says that if a netizen wants to get access to the Internet, an IP address will be necessary to analyze the domain name and view the pages. At present, most of the networks in China use IPv4 addresses. As a basic resource for the Internet, the IPv4 addresses are limited and 80% of the final allocation IP addresses have been used."
Normal 'net access? (Score:5, Interesting)
Do any Chinese citizens even have "normal" 'net access now? Thought NAT was used heavily, not to mention the GFWOC
So will the Interweb Gods force IPv6... (Score:5, Interesting)
NAT? (Score:2, Interesting)
HP (Score:5, Interesting)
.
C'mon HP, be a good netizen and give back the bulk of those IP addresses. Try using NAT instead of hoarding IP addresses that others so desperately need.
In other news (Score:5, Interesting)
Slashdot runs it's 15th story about IP addresses running out "real soon now". The first was something like 5 years ago :)
These stats ignore the fact that there are huge available allocations that can go behind NAT's. An ISP can NAT big chunks of its user network. Charging even a modest amount per IP would free up huge numbers of IPs. There are abandoned blocks (companies out of business) and wildly oversized blocks (MIT etc).
Plus, we've been hearing these stories for years. The idea that the internets resources are going to become ipv6 anytime soon is unlikly. So folks are going to figure out a way to manage the existing pool, where there is lots of room for improved efficiency.
Fun to keep on reading these stories... they're always written as breaking news :)
And this would be a bad thing because? (Score:0, Interesting)
If only they could run out sooner.
Re:HP (Score:1, Interesting)
If I were HP (or Ford or AT&T), I wouldn't be a good "netizen" without giving consideration to what the blocks of /8 addresses are worth. If they wait another 365 days or so, perhaps folks will start getting desperate enough to pay for them. Can you imagine the value those addresses will have to a rapidly expanding internet enabled population, like China, that also has the means to pay for it? It might also be a whole lot cheaper to buy the blocks than implementing iPv6.
On the other hand, what is being a good player in the internet enabled world anyway? Is there some intrinsic value in being good, or using the Google philosophy "Don't be evil"?
I say hold out for a while.
Dynamic address from ISP = intermittent lock-out? (Score:3, Interesting)
Why would China want to fix this? (Score:5, Interesting)
Seriously their government is hell bent on controlling what goes into and out of that nation and what better way to do that than by forcing people to use a proxy..
And what does that buy us? (Score:5, Interesting)
IP4 doesn't have enough addresses, of course a managers solution is to put of the inevitable so that it happens on someone elses watch rather then taking the time we got now to develop and implement a solution.
IF pushing IP6 doesn't work in the roughly 2 years remaining THEN we can use the buffer of under-used blocks as a last reserve. if we use the reserves now, and do nothing then we still have the same problem, just a bit further away but this time with no reserves remaining and no work chance of it being solves in time.
You should run for president, you would do well with your solutions.
Re:HP (Score:5, Interesting)
Sorry, I should have previewed!
If I were HP (or Ford or AT&T), I wouldn't be a good "netizen" before giving consideration to what the blocks of /8 addresses are worth. If they wait another 365 days or so, perhaps folks will start getting desperate enough to pay for them. Can you imagine the value those addresses will have to a rapidly expanding internet enabled population, like China, that also has the means to pay for it? It might be a whole lot cheaper for China to buy the blocks than implementing iPv6, even at an exorbitant, over-the-barrel rates HP might be able to get.
On the other hand, what is being a good player in the internet enabled worth anyway? Is there some intrinsic value in being good, or using the Google philosophy "Don't be evil"?
I say hold out for a while.
Re:HP (Score:5, Interesting)
on top of that if they would redo ssl so thatyou can support host headers that would allow allot of consolidation of webservices/sites by farm hosters..
personaly i think we are all just too lax about dealing with IP's..
Re:Dynamic address from ISP = intermittent lock-ou (Score:1, Interesting)
I have a friend that did support for an ISP that had this problem. Their answer, have the customer refresh/renew ip addresses until they get one.
Who needs 16 million IP addresses? I do (Score:2, Interesting)
My company has a quarter million employees. That means a quarter million desktop computers, a quarter million automated parking spaces, a quarter million employee badges, a quarter million IP phones, a quarter million cell phones, a quarter million ....
And that's not even counting our publicly-accessible web servers and our employee kitchens, where every microwave, coffee pot, ice machine, and vending machine is online.
All these things need network connectivity.
Re:Dynamic address from ISP = intermittent lock-ou (Score:3, Interesting)
IPV4 Addresses WASTED (Score:1, Interesting)
I work for an ISP and even our PRINTERS and desktops have publicly routeable IP addresses. All of these devices of course point to a single gateway and have no real need to communicate directly with the outside world so NAT would be a perfect solution. I'm tired of reading about "the sky is falling". When we "run out" of addresses there will be public auctions to the highest bidder. Companies will NAT what they don't need direct access into.
Everyone should have two /64 subnets in IPv6 (Score:3, Interesting)
Nobody is motivated to fix this (Score:3, Interesting)
Isn't the problem that nobody who could fix this is motivated to do so?
If we all switch to ipv6 now, then everyone on the existing internet has incurred a cost, but will see no benefit; the benefit will go to currently-unconnected Chinese who will not pay the cost because the work will already have been done by the time they join up.
The only way that the switch to ipv6 is going to happen, is if someone finds a way of making the currently-unconnected Chinese population pay for it. That could be done, for example, by waiting until ipv4 addresses become very scarce, then auctioning the remaining ipv4 addresses for large sums of money, and using that money to switch everyone else over to ipv6. But then you've got the problem of distributing the money...
oh boy (Score:1, Interesting)
So it's like this. No one says my provider has to give me a publicly routable internet access. Most people only surf the net. Most people aren't running stuff out of their house. Why is Comcast giving those people publicly routable addresses? Why not just have their own class A private network space, and when your cable modem connects, why don't they just give you a 10.x.x.x address and save the public internet address for people who actually host services from their homes? There's no reason to give joe schmo who only checks his webmail and watches video.msnbc.com a public address. Ridiculous.
Comment removed (Score:3, Interesting)
Poor Allocation (Score:2, Interesting)
In total, there are 4.2 Billion IP's available in the IPv4 Space.
Summary of wasteful allocation:
1) 10.X.X.X for internal usage,
2) 192.168.X.X for internal usage
3) 172.18.X.X for internal usage
4) 127.X.X.X reserved for localhost,
5) 169.254.X.X for "I'm not on a network" IP's
6) Everything 1.X.X.X - 10.X.X.X is reserved for IANA.
So adding this up we've wasted
1) 16,581,375
2) 65,025
3) 65.025
4) 16,581,375
5) 65.025
6) 149,232,375 Total : 182,560,200 IP's unusable.
There is no reason why private networks need three different ranges of IP's for private use. Most, if not all businesses can get away with using the 192.168 or the 172.18 ranges(Exceptions would be google, governments, and research places with over 65k machines)
Then you have residential users who think they need an IP for each computer and their xbox.
Realistically, a company with a mail server, web server, ftp server etc... only needs one IP and a NAT to do port forwarding to the inside network.
If they clamp down on IP usage and free up some of the wastefully reserved IP ranges we wouldn't be having this discussion
Energy costs. (Score:3, Interesting)
The refrigerator is a poor example, but other appliances and home HVAC systems could realize significant energy savings by communicating with each other, and by being controlled remotely over the internet (or some other means).
There are a lot of interesting scenarios: if you had real-time, fluctuating power pricing, you might want to have appliances change their energy consumption or other settings in response to their cost. Only run some appliances when the spot price is below $0.15/kwh, for example.
Or even simpler, if you have a peak-load factor as a component of your bill, devices could communicate with each other to ensure the total draw at any one time doesn't exceed some predetermined maximum. Different appliances would each have a priority, and would have to shut down to accommodate higher-priority draws. (E.g.: the clothes dryer would shut off if you turned on the electric stove or microwave, because it would have a lower priority -- unless you were really obsessive about not having wrinkled clothes, I suppose, in which case you could set it the other way around.)
The two could be combined, as well: once you have the infrastructure in place, you could set up whatever rules you wanted, balancing preferences for certain services against costs, and prioritizing certain services at various times. It wouldn't be hard to produce detailed reports of what each appliance/service was costing to operate, and how new rules would affect costs based on past usage patterns. (There's the potential for a lot of complexity in the control system, but to a user it might seem very simple on the surface.)
Also, there's a wide range of appliances that really only need to run when people are in the house (or just before they enter the house) but tend to run continuously because it's a PITA to run them based on inflexible timers: HVAC, lighting, water heaters, possibly even water pressure-pumps. Devices would only be turned on when necessary for another device, or a user need was anticipated. I could easily imagine a system that was plugged into an online calendar and controlled this in a way that hid it from the user as much as possible. Heck, if you had a PDA with GPS, you wouldn't have to do anything.
The driving force behind "home automation" up until now has mostly been the geek factor of controlling all your lights/appliances/whatevers from a single point, but I think in the future, energy savings and integration will be the selling point. Since it seems unlikely that we'll really make significant inroads on alternative sources of energy before we start to run low on petroleum, there's a non-trivial chance that energy may become staggeringly expensive. I could easily see a future where the running costs of energy-intensive appliances greatly exceed -- even to the point of triviality -- their purchase price.
Dialing for dollars (and ham radio) (Score:3, Interesting)
The reason organizations don't "give back" their IP assignments is that there is not much incentive to do so. Why not a market based solution?
One example: I am puzzled that radio amateurs (AMPRNET) own 44.00.00.00/8 and do not make significant use of it. As a ham myself, I'd be happy to convert that to, say, $10M for the betterment of the hobby.
Even if it wasn't hex codes, it would be a PITA (Score:4, Interesting)
What is IPv6, 128-bit address space? That is what, 16 bytes?
Worse case in decimal (I added the dashes so *I* could make sure I typed it right :-)
216:126:59:03-58:95:58:32-126:43:55:129-59:59:59:1
Worse case in hex (same deal).
FA:FA:FA:FA-12:55:43:BA-55:DA:CC:DB-89:A1:C1:01
Basically, you are boned :-) Maybe we need a different number system that is like Base64 instead of Base16? Heck... why not just base64 encode the IP address. Base64 is what, A-Z, a-z, 0-9,+,=? A Base64 encoded IPv6 address is just:
Az.
Or make it Base32 instead so you can be case insensitive (A-Z, 0-9 and only drop a couple easy to mix up characters like i, l and o to get to 32 chars). A Base32 IPv6 is:
A1Y2.
You could even break out subnets with Base32:
A1Y:2/96 (subnet mask ZZZ0)
So yeah... why didn't they go Base64 or Base32 instead of Base16?
Holders of /8 IP addresses... not using them? (Score:1, Interesting)
Does it bother anybody else that many of the holders of the /8 IP addresses don't even use them for their web sites?
http://en.wikipedia.org/wiki/List_of_assigned_/8_IP_address_blocks
Example:
GE.. 3.0.0.0 â" 3.255.255.255... nslookup www.ge.com = 216.74.131.56
IBM.. 9.0.0.0 â" 9.255.255.255... nslookup www.ibm.com = 129.42.60.216
Ford.. 19.0.0.0 â" 19.255.255.255... nslookup www.ford.com = 63.147.175.36
I guess it's not that strange that they're not hosting their own websites... but that's a helluva lot of IP addresses that they hold to be "pilfering" from the limited supply that the rest of us have to play with.
Re:Blocks vs. sub-blocks. (Score:3, Interesting)
Second of all, I agree life without NAT would be easier but your analogy doesn't hold up to scrutiny. I still do business and get along just fine with NAT. Life goes on. It doesn't break anything. It just adds some hurdles I have to jump over.
Re:Blocks vs. sub-blocks. (Score:5, Interesting)
Actually NAT DOES provide some sort of security. That is because by default nobody can see which devices sit behind the NAT.
Well, kinda-sorta. If you look at the behavior of the IPid field of outbound TCP packets coming from a NAT/PAT router, which most of the time is untouched by the router, as well as the TTL field, you can make a pretty good guess as to how many devices are behind the router, and a rough guess as to their OSes.
The IPid field is usually used as a packet counter for a given OS, so it will increase in value by 1 for every packet sent. So if you have a few machines, each counting, you can group the outbound packets by IPid value. Also, various OSes have different default values for the TTL field (64, 128), so you can make a guess as to what OS it is as well.
See: "Passive Detection of NAT Routers and Client Counting," Straka, K., Manes, G., 2006 in International Federation For Information Processing, Volume 222, Advances in Digital Forensics, eds. Olivier, M., Shenoi, S., (Boston: Springer).
Re:IPv6 also temporary (Score:3, Interesting)
Most of which is wasted, btw.
My ISP gave me a /48. I use 6 addresses.. that's a lot of wastage. Also the bottom 64 bits of an IPV6 address are basically mapped to the MAC address of the network card, so they're predefined.
The /48 is big but it's only 65k times as big as a /32 - the numbers aren't as huge as some would suggest.. still big, but not *huge* big - I could see scenarios where it could run out.
Re:Blocks vs. sub-blocks. (Score:2, Interesting)
Yes, but this is pretty ugly.
It shouldn't have to be this way. If every device had a globally-unique, routable address, you wouldn't have to have nasty NAT-traversal hacks, or use SIP/IAX trunking nearly as often. It would still be possible to set up a single "front office" line that then redirected to various extensions, but it wouldn't always have to be that way.
And really, I doubt that many people -- if they had the choice -- would choose to have one phone number plus an extension, if they could have unique direct-dial phone numbers for everyone in the office plus a front-office line. (Sure, there are exceptions, like callcenters, but they're not really the rule.) But with NAT you get stuck setting up SIP proxies and trunks, and giving users extensions, far more often than is really necessary in order to accomplish what the users want in the optimal case.
As an aside: most users don't really even understand what an end-to-end VoIP system might look like, because they're still thinking about it in terms of POTS. If you have SIP everywhere, you don't even have "phone numbers", much less extensions. You have email-style user@domain.tld addresses, and the call magically routes to wherever that user happens to be at that particular moment in time. Calling a phone, as opposed to a person, will one day seem pretty antiquated and strange, I think. (And before anyone says that users will never accept this or that it'll never happen -- how many people have contacts in their cell phones' addressbook that they don't know the numbers for? I thought so. We're already most of the way there.)
More generally: It's always a bit strange to argue about IPv6, because people always claim that it's unnecessary because nothing we do right now requires it. Well, of course nothing we do right now requires it -- if it did, we wouldn't be using it, because IPv6 isn't widespread. Everything we do right now we can do over IPv4, because IPv4 is basically all there is. But that doesn't mean that IPv4 is good, or there isn't a whole lot of really neat stuff that we could do (stuff like VoIP mobile roaming) if we weren't stuck making everything work in the IPv4 framework.
Re:DNS doesn't fix anything (Score:3, Interesting)
Dammit, slashdot ate my comment.
IPv6 has so many addresses that the IP address becomes opaque and meaningless (pretty much like we dont care what our MAC address is). The problem then becomes, how do you give every single device a unique, human readable name? Sure DNS will scale on the technical end find, but DNS as it exists today will fail in the human factors end. When your shoes have dozens of devices like moisture sensors in every part of them, "moisturesensor.shoelace.left.favorite-shoes.cust29534.seattle.wa.comcast.com" is not exactly an easy to remember name.
What will happen, I suspect, is your home router will start doing your DNS. You'll get your own private top level domain (say, .local). Then your kitchen sink will be "kitchensink.local", your dryer will be "dryer.local", etc. Your car and laptop will use your netgear DNS server instead of somebody elses.
The problem will then become how to two homes talk to each other when they both have a device named "xbox.local"? Will both have to get a "real" hostname from their ISP? Sounds a bit like NAT to me, only now it is NAT'ing DNS addresses instead of IP addresses.
The internet fridge problem (Score:3, Interesting)
in a world where everything including your fridge is connected to teh interweb 24h a day, 7 days a week
And tell me again why my fridge will be on a public IP, rather than the 192.168.1.xxx address my Best Buy $49.99 Linksys router will give it?
Your's will probably be on a private address. But as it has 100% uptime, it will be constantly connected to the web, which will cause your router to stay connect almost 24h (except, when the ISP forcefully reset the connection and forces a DHCP renewal), which in turn makes that your router will constantly hold and never let go its public IP adress (except for an occasional DHCP renewal). Netword connected appliances that periodically phone home already aren't unheard of (gaming console checking for firmware upgrades, media player checking DRM licenses, multimedia systems downloading various data such as news, meteo and/or TV guides, etc.).
And they dangerously bring the "amount of simultaneously connected users" close to the "total amount of subscribers".
Even better, explain to me why I, as Joe Sixpack will *need* my fridge on a public IP where every flaw and exploit will be passed directly to it, rather than dropped at the NAT box?
It's not about the need. It's about the fact that it's going to be anyway, and thousands of "shiny" features are going to be added afterwards. (And will inevitably end up exploited in every possible way as you are justly afraid).
People are currently already enjoying the ability to connect to their home tivo-like setup to remotely program recording, to be able to share data from their home computer (not as in "I'm geek and I have a nice home built Linux file server", but as in "I have a Mac and leave it on 100% of time, because thank iAirSomething, I can access my home photo at work to show them to my colleagues"). The imaginary future internet enabled fridge will probably be able to automatically generate a list of groceries. And Joe-6-pack will love to be able to log to his fridge (using some secure password as "joe" "beer" or "123456") to check how much six-packs he needs to buy on the way home.
Or why a college or university needs to put every last workstation, printer, AP, and toaster on a public IP address?
Lots of tools used in academia are old and date back before the age when NATs became pervasive. Internet was never designed with NATs in mind in the first place. At that time, it was just about a few academia linked together on the same network as some military. Back then it simply made sense to put everyone (of the few thousands of computers) on the same net because that was the way it was designed. Nobody was thinking that 20 years down the line not only everyone would have an internet connected computer, but everyone would even have 20-something online appliances at home AND AT THE SAME TIME still use a deprecated addressing scheme designed at a time when the net was just about a thousand of computers spread over twenty faculties all talking together.
What happened is that the same designs remained in the same place, simply more computers were appended to the same old network. Every decade maybe cables were upgraded, but nobody bothered changing the topology of the network.
Also, lots of (old and not so old) networked application require both ends to be visible to each other and sitting on the same net (lots of old-school unix phone apps, or even recent VoIP systems simply start listening on local ports and assume that, wherever the user is).
People are still using them and still need to be able to quickly setup a connection between the relevant computers. Which may now be in separated buildings and/or departments.
NAT exists because NAT works. No, it is not the be all end all for any perceived IPv4 woes, but there is a metric assload of stuff out there with a public IP that either should be, or desperately NEEDS to be on a 10.xxx.xxx.xxx netwo
How smart of your biz! (Score:3, Interesting)
Seriously, that's not the point. Everybody does that, because that's what you have to do; but trust me, for having dealt with the low level stuff of VoIP, this is a major pain in the ass. And that DHCP server is a major spof. Pof pof.
Re:Hurry! (Score:3, Interesting)
The Chinese are using NAT very extensively already. Residential customers don't get a public IP address. If China is running out, that means that businesses can't get addresses either.
The US hasn't started feeling the pain even for residential yet, AFAIK. Europe is seeing deployment of NAT in some mobile broadband networks, but so far not much in regular broadband.
Take some back from the email marketing companies (Score:1, Interesting)
Why is that email marketing companies get so many ipv4 addresses? ISP's have a hard time getting a /22 while some email marketing companies use up /18's and more. They only need a single IP Address, they just like lots to help get past blacklists.
Re:Confiscate IPs from spammers (Score:2, Interesting)
It's not his network. He's just the ISP.
My first post was at least half tongue-in-cheek, but to say the ISP (if we are talking ISP) is not responsible for activity happening on its network is just plain wrong-headed. ISPs have AUPs. Nations have laws. These ISPs are on notice that bad things are happening on their networks and are being provided evidence of exactly what sort of bad behavior is going on. They choose to look the other way or be actively complicit. I'm just suggesting revoking access to those who can't behave.