China To Run Out of IPv4 Addresses In 830 Days 619
JagsLive writes "China is running out of IP addresses unless it makes the switch to IPv6. According to the China Internet Network Information Center, under the current allocation speed, China's IPv4 address resources can only meet the demand of 830 more days and if no proper measures are taken by then, new Chinese netizens will not be able to gain normal access to the Internet. Li Kai, director in charge of the IP business for CNNIC's international department, says that if a netizen wants to get access to the Internet, an IP address will be necessary to analyze the domain name and view the pages. At present, most of the networks in China use IPv4 addresses. As a basic resource for the Internet, the IPv4 addresses are limited and 80% of the final allocation IP addresses have been used."
830 days? China? (Score:5, Informative)
Try the whole world. According to this counter [entne.jp], the world will be out of IPv4 addresses in 768 days.
Re:830 days? China? (Score:5, Funny)
Re:830 days? China? (Score:5, Funny)
Try the whole world. According to this counter [entne.jp], the world will be out of IPv4 addresses in 768 days.
So the world runs out of addresses before China runs out?
Did the Chinese government move themselves to outer space?
Blocks vs. sub-blocks. (Score:5, Informative)
So the world runs out of addresses before China runs out?
The world will run out of new blocks to allocate (as in "254.xxx.yyy.zzz"), before China gives out all addresses in the allocated blocks it has (as in "www.254.254.254").
Nonetheless, IPv4 can only provide a little lower than 253^4 different addresses. What makes it worse is that it's allocated in chunks (some chunks are reserved like the 127.x.y.z family - other addresses may be free but land in a range which is allocated to some company and thus can't be used by your computer).
Thus even if some providers use dynamic IP (only those machine which are connected have an IP address - thus an ISP needs a chunk only as big as the number of simultaneously connected users, not as the total number of subscriber), and lot of router use NAT (only 1 single IP address is visible on ther internet. all the machine are visible through this address and use a private address on the internal network),
in a world where everything including your fridge is connected to teh interweb 24h a day, 7 days a week, we will quickly run into a situation where no more IPv4 address can be assigned to a new machine :
- the ISP has ran out of addresses in its chunk because there are more simultaneous connection (because everyone stays perpetually connected) that there are free address in the chunk (china will reach this point in 2-3 years)
- and there are no more new free chunk to allocate for the providers (all are already either reserved like the 10.*.*.* and 192.168.*.* range, or have already been allocated to others) thus now way to give more chunks with more IP to the ISPs (the world will reach that point too in about 2 years).
Re:Blocks vs. sub-blocks. (Score:4, Insightful)
in a world where everything including your fridge is connected to teh interweb 24h a day, 7 days a week, we will quickly run into a situation where no more IPv4 address can be assigned to a new machine
And tell me again why my fridge will be on a public IP, rather than the 192.168.1.xxx address my Best Buy $49.99 Linksys router will give it?
Even better, explain to me why I, as Joe Sixpack will *need* my fridge on a public IP where every flaw and exploit will be passed directly to it, rather than dropped at the NAT box?
Or better still, explain why a small business with 60 users should have every last user on a public IP?
Or why a college or university needs to put every last workstation, printer, AP, and toaster on a public IP address?
NAT exists because NAT works. No, it is not the be all end all for any perceived IPv4 woes, but there is a metric assload of stuff out there with a public IP that either should be, or desperately NEEDS to be on a 10.xxx.xxx.xxx network.
Re:Blocks vs. sub-blocks. (Score:4, Insightful)
So you can connect to your fridge and see if your milk has gone off from outside your home? NAT does not give security. A firewall gives security, and most NAT devices also do firewalling. If you don't want your fridge to be accessible from anywhere outside your network, or only from a set of VPN locations, then you can easily configure your firewall to block inbound connections to it (which is likely the default anyway).
Does your small business with 60 employees want to use IP telephony? In this case, each PC (or each telephone) needs a public IP. You can get away with routing this at the application layer, but why bother when it doesn't actually gain you anything?
Re:Blocks vs. sub-blocks. (Score:5, Informative)
In our small business IP telephony is handled with DHCP. All calls get routed through an asterisk server. So we only need one static IP address for the whole phone system. We need asterisk as a PBX anyway, so it's no extra fuss.
Re:Blocks vs. sub-blocks. (Score:5, Informative)
See there are two solutions already to your perceived problem.
Wrong! I deployed 100 Hosted VOIP phones in a NAT environment. My Router has 11 public IP addresses but the phones all use the same one. If I used SIP trunks instead it would be the same deal. Only the phone server would need a public IP for the SIP trunks; not each phone.
Re:Blocks vs. sub-blocks. (Score:5, Informative)
"Actually NAT DOES provide some sort of security"
I agree, though being pedantic it's PAT and not (just) NAT
Re:Blocks vs. sub-blocks. (Score:5, Insightful)
Sure, in the same sense that crushing an airliner into a cube makes it useless for terrorists. NAT breaks the internet, and when you break something, it's useless because it's broken.
You can filter packets with a firewall without doing any NAT at all. In fact, your life would be a lot easier without NAT. There would be no need for configuring ports. There would be no need for mapping and configuring and making and unmaking.
You'd plug things in, and they'd just work. Globally. You can allow connections to your fridge from work, or from anywhere. A firewall could do that. The fridge itself could do it. But you'd still be connecting to your fridge, and not some random port on some arbitrary gateway machine somewhere.
Going with your fridge analogy, why should it be a bad thing for a grocery store to connect to all the fridges it knows about in order to tell them about new products? Why this artificial distinction between "inbound" and "outbound" traffic?
Re:Blocks vs. sub-blocks. (Score:5, Funny)
Dear Fridge,
You're out of SPAM!
- the grocery store
Re: (Score:3, Interesting)
Second of all, I agree life without NAT would be easier but your analogy doesn't hold up to scrutiny. I still do business and get along just fine with NAT
Re:Blocks vs. sub-blocks. (Score:5, Informative)
So why do you need NAT instead of a non-translating firewall?
Re:Blocks vs. sub-blocks. (Score:5, Interesting)
Actually NAT DOES provide some sort of security. That is because by default nobody can see which devices sit behind the NAT.
Well, kinda-sorta. If you look at the behavior of the IPid field of outbound TCP packets coming from a NAT/PAT router, which most of the time is untouched by the router, as well as the TTL field, you can make a pretty good guess as to how many devices are behind the router, and a rough guess as to their OSes.
The IPid field is usually used as a packet counter for a given OS, so it will increase in value by 1 for every packet sent. So if you have a few machines, each counting, you can group the outbound packets by IPid value. Also, various OSes have different default values for the TTL field (64, 128), so you can make a guess as to what OS it is as well.
See: "Passive Detection of NAT Routers and Client Counting," Straka, K., Manes, G., 2006 in International Federation For Information Processing, Volume 222, Advances in Digital Forensics, eds. Olivier, M., Shenoi, S., (Boston: Springer).
Re:Blocks vs. sub-blocks. (Score:5, Funny)
So you can connect to your fridge and see if your milk has gone off from outside your home?
No problem. Just forward port 6969 (the standard port for FAP or Fridge Access Protocol) to the 192.168.1.x internal IP assigned to your fridge. Then you can FAP anywhere you have Internet access.
Re: (Score:3, Funny)
but i have 2 fridge's that i want to access from the internet using FAP. how can i do that without using a nonstandard port for one of them.
Re:Blocks vs. sub-blocks. (Score:4, Funny)
Usually people as enthusiastic about needing to FAP as you seem to be don't mind the option of "nonstandard ports". But, to each his own.
More to the point (Score:3, Insightful)
Why will white goods need to be on the internet at all?
I mean a *good* reason , not just the usual re-hashed fridge-can-reorder-beer-for-you Jetsons style drivel that is laughably spoken about as some vital function by techno evangelists.
Re:More to the point (Score:5, Insightful)
I'll answer your question with another:
Why not?
Seriously. This whole "X doesn't NEED to be on the internet" is a ridiculous argument. It's simply saying "oh, having a PC and computer type equipment on the internet should be enough for anybody". The whole point of this internet thing is innovation. Sure, a fridge doesn't NEED to be on the internet. Unless I want it to have some functionality that requires internet connectivity. Same with my computer. It functions just fine, and doesn't NEED to be on the internet.
And why is "fridge can reorder beer for you" drivel? Is there some reason that a fridge SHOULDN'T reorder your beer? Sure, it's not a vital function, but neither most of the stuff that our technology does. Again, this is what innovation and technology is all about - improving the standard of living, making this easier, etc.
Re: (Score:3, Insightful)
"I'll answer your question with another:
Why not?"
Because its added complexity that will add to the price and probably reduce the reliability. Instead of the manufacturer spending money on important things like good energy efficiency they'll waste R&D on crap like this that only appeals to a tiny minority of geeks.
Energy costs. (Score:3, Interesting)
The refrigerator is a poor example, but other appliances and home HVAC systems could realize significant energy savings by communicating with each other, and by being controlled remotely over the internet (or some other means).
There are a lot of interesting scenarios: if you had real-time, fluctuating power pricing, you might want to have appliances change their energy consumption or other settings in response to their cost. Only run some appliances when the spot price is below $0.15/kwh, for example.
Or ev
Re:More to the point (Score:5, Funny)
As much as technology will allow.
Re:Blocks vs. sub-blocks. (Score:4, Insightful)
Even better, explain to me why I, as Joe Sixpack will *need* my fridge on a public IP where every flaw and exploit will be passed directly to it, rather than dropped at the NAT box?
What you want is a firewall not a NAT. A firewall will protect you just the same and allow people to initiate communication as YOU desire.
Or better still, explain why a small business with 60 users should have every last user on a public IP?
There are quite a few examples why this is important but here's one. Why can't all students / businesses have a public IP with an exposed port for VoIP? Why do VoIP products have to have complicated NAT traversal software that doesn't always work and at the very least just adds useless overhead.
It's called a firewall. Set one up and stop spreading FUD.
Re: (Score:3, Informative)
Your average NAT box doesn't allow traversal without explicitly forwarding ports anyway.
That's by virtue of what it is. How exactly should the NAT box know to direct port 22 to your server? It can't know unless you tell it so.
Re:Blocks vs. sub-blocks. (Score:4, Insightful)
That's a consequence of the way things have evolved, not a characteristic of the essential nature of things.
The only reason we have these NAT boxes is because ISPs didn't give each customer a whole bunch of IPs. If they had, then we'd have the same boxes, but call them firewalls.
You are trying to justify something based on its existence. That's what we call a circular argument.
From such statements does infamy arise.
How do you possibly know whether or not it might be useful to have independent addressability for orders of magnitude more devices than have it now? Have you already invented all the things that this might bring about, and pronounced them useless? What a remarkably shortsighted view.
Re:Blocks vs. sub-blocks. (Score:5, Funny)
Doesn't matter - the IPv4 shortage is a myth.
DeBeers actually has plenty, but they're being hoarded away in vaults in Antwerp to keep the price artificially high.
Re: (Score:3, Informative)
What will likely happen, especially in China, is the government will force NAT on companies.
Unless you are running a server, NAT will work for you. If you are running a server, then a NATed address is not going to work. Most of our large companies in the US only run so many servers that are externally visible. The majority of desktop computers can easily be NATed.
Where I work, our desktops are NATed.
Most servers can and should be NAT'd as well with simple port forwarding. It's only when you have multiple servers that use the same ports that you run into problems.
Re:830 days? China? (Score:5, Funny)
Did the Chinese government move themselves to outer space?
Nop. They've enabled NAT on their national firewall.
Re: (Score:3, Insightful)
I imagine they could have more than one outward-facing IP. Two would mean they have two 16-bit port numbers to choose from. That would actually be enough, given that it's doubtful they're using more than a /8 network.
Of course, I'm assuming GP wasn't joking. I don't know -- never heard of China NAT-ing.
Re:830 days? China? (Score:4, Funny)
So the world runs out of addresses before China runs out?
Did the Chinese government move themselves to outer space?
In communist china, IPv4 addresses run out of YOU.
Re:830 days? China? (Score:5, Informative)
There would be a lot more available addresses if companies that were given entire /8 blocks in the 80s and 90s (Ford, IBM, AT&T, Halliburton, etc.) were to give back those blocks. Most of those companies aren't even really using their /8 blocks anymore, with most of the addresses going unadvertised.
Re:830 days? China? (Score:5, Funny)
Shame Lehman didn't have a /8 block.
Re:830 days? China? (Score:5, Insightful)
Re: (Score:3, Insightful)
A year is a lot of time. Think how much cheaper computers/routers get in a year. That's a lot of expense saved if they can delay switching over for a year.
Re:830 days? China? (Score:5, Insightful)
A year is a lot of time. Think how much cheaper computers/routers get in a year. That's a lot of expense saved if they can delay switching over for a year.
Its simpler if people just started accepting that IPv6 is going to happen and adjust accordingly. For me its like having to accept Y2K was going to happen and acting accordingly. Believe me its much simpler to code the applications than go through the politics, and possibly technical issues, of getting someone to give back a block they don't appear to be using.
Get your ISP and your router manufacturer to provide you an IPv6 solution. That too is probably not easy, but if we all start making noise then they will start doing something - hopefully.
And what does that buy us? (Score:5, Interesting)
IP4 doesn't have enough addresses, of course a managers solution is to put of the inevitable so that it happens on someone elses watch rather then taking the time we got now to develop and implement a solution.
IF pushing IP6 doesn't work in the roughly 2 years remaining THEN we can use the buffer of under-used blocks as a last reserve. if we use the reserves now, and do nothing then we still have the same problem, just a bit further away but this time with no reserves remaining and no work chance of it being solves in time.
You should run for president, you would do well with your solutions.
Re: (Score:3, Insightful)
Re: (Score:3, Insightful)
Seems to me like nobody wants IPv6.
They will - in about 831 days. It's like the idea behind Peak Oil, where instead of an instant failure one day, there will be a shift toward exponentially increasing prices. I don't know if Peak Oil will happen, but in about two years Peak IPs certainly will.
IPv6 is the working technology that we have available. There aren't any viable alternatives in the pipeline that I'm aware of, and certainly none far enough along that they'll be well-tested and ready for use in that short of a time period.
Re: (Score:3, Funny)
Maybe if the sprinkle their routers with Melamine it will fix it for them.
Re: (Score:3, Funny)
On a separate note, didn't anyone ever teach you that just because your calculator displays all those digits, it doesn't mean they're significant?
Re: (Score:3, Interesting)
Re: (Score:3, Insightful)
NAT is not ugly. It is actually an elegant solution. Take into the effect that most Computers are not servers, and don't need a Real IP Address. Many servers can host multiple domains with one Outside IP Address. The world population is about 6 Billion with 4 billion address available. With a proper network we can have clean Natted network for years to come on one Outside IP address for 6 people taking 1/4 of the of the addresses leaving an average of 3 servers per person which can also be natted down at a
Uh Oh! (Score:5, Funny)
Sounds like it will be easier than ever to ring the Wong number!
Normal 'net access? (Score:5, Interesting)
Do any Chinese citizens even have "normal" 'net access now? Thought NAT was used heavily, not to mention the GFWOC
Meet With Congress (Score:5, Funny)
To get a quick infusion of 700 billion IP4 addresses -- NOW!
Peak IP4 is a Myth (Score:5, Funny)
What is the point in having a public IP address (Score:5, Insightful)
When your WHOLE COUNTRY is behind a firewall? NAT the hell out of that! Flatten it to a /8 network in 10.0.0.0 and put it all behind one public IP. Problem solved!
Q: Why is starting in the Subject: line annoying? (Score:5, Funny)
It's more annoying if subject and post don't... (Score:5, Funny)
Pease porridge hot
Pease porride cold
Pease porridge in the pot
Nine days old!
Re:What is the point in having a public IP address (Score:5, Informative)
> When your WHOLE COUNTRY is behind a firewall? NAT the hell out of that!
The firewall is more figurative than literal. My understanding is that it basically bans certain IPs/domains. That can be done with a stateless system, while a true NAT/firewall would need to track all packets of all connections of all users. Not impossible, but insanely expensive. Plus it would have the unpleasant side effect of actually firewalling China (i.e. no incoming connections), whereas now they just don't let you view certain things.
The whole point is largely moot anyway. First, as was pointed out above, the entire world is estimated to run out in about 780 days, so they've apparently got more time then the rest of use. Second, the primary usage of IPs comes from blocks assigned to institutions and businesses, with the latter _requiring_ incoming connections. Could a business have one public IP and NAT/load balance their servers and whatnot? Sure, but they could always switch to IP6, which is gonna be a lot cheaper than all these NATs
Re: (Score:3, Funny)
That would sure make my spam filter rule set a lot shorter. :D
Re: (Score:3, Insightful)
Re: (Score:3, Informative)
Obligatory XKCD [xkcd.com].
As you can see, Asia has several /8 blocks allocated to it. I'll bet China has a few of those /8 blocks.
Besides, NAT's can only handle 65536-1024 connections (number of ports minus 1024 reserved).
So will the Interweb Gods force IPv6... (Score:5, Interesting)
Netizen? (Score:5, Insightful)
Netizen is really stupid word, we really don't need more buzzwords.
Re:Netizen? (Score:5, Funny)
Re:Netizen? (Score:5, Funny)
One World, Two Internets.
It's got a nice ring to it. LOL
Re:Netizen? (Score:5, Funny)
Kind of like calling someone a pilot if they would someday like to fly a plane.
Come now, this is Slashdot. It's actually more like calling someone a car mechanic, when they would some day like to work on cars.
-G
HP (Score:5, Interesting)
.
C'mon HP, be a good netizen and give back the bulk of those IP addresses. Try using NAT instead of hoarding IP addresses that others so desperately need.
Re:HP (Score:5, Interesting)
on top of that if they would redo ssl so thatyou can support host headers that would allow allot of consolidation of webservices/sites by farm hosters..
personaly i think we are all just too lax about dealing with IP's..
DEC's /8 block was assigned to ... (Score:3, Funny)
Re: (Score:3, Funny)
Each dollar given to her as part of her ridiculous severance package was given it's own unique IP address.
Re:HP (Score:5, Interesting)
Sorry, I should have previewed!
If I were HP (or Ford or AT&T), I wouldn't be a good "netizen" before giving consideration to what the blocks of /8 addresses are worth. If they wait another 365 days or so, perhaps folks will start getting desperate enough to pay for them. Can you imagine the value those addresses will have to a rapidly expanding internet enabled population, like China, that also has the means to pay for it? It might be a whole lot cheaper for China to buy the blocks than implementing iPv6, even at an exorbitant, over-the-barrel rates HP might be able to get.
On the other hand, what is being a good player in the internet enabled worth anyway? Is there some intrinsic value in being good, or using the Google philosophy "Don't be evil"?
I say hold out for a while.
China will be first to use IPv6 (Score:5, Insightful)
I predict that we'll see China begin to use IPv6 addresses before most other people. Why?
Granted, I'm no fan of China's human rights policies. But it definitely has an advantage in terms of adopting IPv6. Hopefully, when China switches protocols, it'll catalyze the rest of the world to do so as well.
In other news (Score:5, Interesting)
Slashdot runs it's 15th story about IP addresses running out "real soon now". The first was something like 5 years ago :)
These stats ignore the fact that there are huge available allocations that can go behind NAT's. An ISP can NAT big chunks of its user network. Charging even a modest amount per IP would free up huge numbers of IPs. There are abandoned blocks (companies out of business) and wildly oversized blocks (MIT etc).
Plus, we've been hearing these stories for years. The idea that the internets resources are going to become ipv6 anytime soon is unlikly. So folks are going to figure out a way to manage the existing pool, where there is lots of room for improved efficiency.
Fun to keep on reading these stories... they're always written as breaking news :)
Re:In other news (Score:4, Insightful)
*sigh*
Yeah, it is an old problem. (Score:3, Informative)
The exhaustion of IPv4 address space - dated 17th October, 2005 [slashdot.org]
You are right, there's a whole lot of articles talking about this problem. And there have been people touting the NAT silver bullet for as long as the shortage has been known about. The interesting thing is that the rate of IPv4 consumption has kept increasing regardless.
TOS already restricts "running a server" (Score:3, Informative)
An ISP can NAT big chunks of its user network
And in so doing break any application that needs to receive incoming connections.
This behavior is by design. The standard terms for residential service plans already restrict "running a server". FTP clients can use passive mode.
Re: (Score:3, Funny)
The worst part is-- (Score:5, Funny)
Don't worry... (Score:5, Funny)
the LHC will end it quicker than that. They estimate some 90 days until they've got their repairs done ;)
Re: (Score:3, Funny)
Do they take PayPal? Would a donation speed things up?
They'll just do what they always do (Score:5, Funny)
Impose a one IP address per family rule...
Dynamic address from ISP = intermittent lock-out? (Score:3, Interesting)
Re: (Score:3, Interesting)
Why would China want to fix this? (Score:5, Interesting)
Seriously their government is hell bent on controlling what goes into and out of that nation and what better way to do that than by forcing people to use a proxy..
NAT is not a solution (Score:5, Insightful)
NAT is not a solution. It's a huge, gigantic clusterfuck of a problem. Some people only started their careers after NAT was widespread, so they can't imagine how wonderful the world is without it. The internet is much simpler when you can assume that all nodes can directly address all other nodes.
Look: this is what we've done.
In the beginning, each endpoint of a TCP (or UDP) connection looked like this:
[octet][octet][octet][octet][16-bit port]
[(------- host-------------)(--service--)
Each octet was routed hierarchically, and the port acted as an additional level of routing within a single node.
With CIDR, the model moved to this:
[32-bit opaque address][16-bit port]
(-------host----------)(--service--)
This change didn't hurt anything, aside from an increase in router complexity. Allowed the 32-bit address space to be used much more efficiently.
Now with the IP address shortage, the situation looks like this:
[48-bit address]
(----?---------)
Note how we've lost the distinction between host and service and smushed them all together into one huge opaque number. We've caused ourself lots of problems with this:
These days, instead of saying "connect to mydomain.foo.cx", for example, you have to say "connect to mydomain.foo.cx at port 12345". That's out of band address information, and should never be needed. Imagine if DNS only gave you the first three octets an IP address, and every application requires you type in the last one in manually. That's what the world is like today!
Re: (Score:3, Funny)
NAT is not a solution. It's a huge, gigantic clusterfuck of a problem.
Can't it be both? Like so many things.
Re:NAT is not a solution (Score:5, Insightful)
Let's ignore in-band multiplexing being messy a hack. Let's ignore the lack of consistency between multiplexing schemes. Let's ignore the immense complexity of making routers understand every stupid little application-level protocol. Let's ignore the latency introduced by waiting for a connection to open before knowing where the next hop goes.
Even after all that ignoring, your proposal won't work. Not with anything resembling today's equipment anyway.
I'm Bob, you're Alice. (We can switch; I'm flexible.) You want to initiate a call to me. Let's say we've registered with a central directory, and the directory tells you that I'm at address A.B.C.D:12345.
But wait -- back up. What right do I have to use A.B.C.D:P? As far as I'm concerned, I'm at 192.168.1.1. So I connect to the directory and tell it I'm at 192.168.1.1, listening on port 12345.
The directory replies "what the hell are you talking about? That's not a public IP. Your public IP is A.B.C.D.". If you, Alice, try to connect to me at 192.168.1.1, the connection will fail, or go to your annoying friend Carol, whom you really don't want to talk to. OTOH, if the directory replies with A.B.C.D, how are you supposed to connect to me? Remember, I'm listening at 192.168.1.1 at port 12345.
Either I have to talk to my ISP and tell it "give me an external port and forward traffic on that port to 192.168.1.1 port 12345", or the directory server has to talk to A.B.C.D and tell it "Oh yeah. Your client 192.168.1.1. He's listening on port 12345. He told me so. Give me a port I can connect to you on that will have traffic go there."
The second scheme is clearly a security problem. The first requires cooperation from ISPs. UPNP sort-of addresses the issue, but not really very well at all.
Basically, you're reinventing an entire routing protocol. Poorly.
You need to upgrade ISP equipment to allow this sort of chit-chat to go on whenever somebody wants to listen for a connection.
What happens if your ISP is itself behind a NAT? What happens when you run out of ports?
The way you propose, it's turtles all the way down. It'd still be cheaper to just adopt IPv6 in the first place.
Re: (Score:3, Insightful)
*sigh* With people like you, who needs strawmen? Did you read my post?
Dividing the internet between "public, static" servers and "public, transient" ones results in a whole host of problems that I've mentioned. Even if you could make UPnP work reliable, and even if you could avoid running out of port numbers as well as IP numbers, you'd still be left with the problems I mentioned.
FTP is only legacy because it dates from a better, vanished time when simple, direct, bidirectional connection is possible. There
Escuse MEEEEE (Score:3, Funny)
Am I the only one that noticed Hey, they can only have one baby, but we'll give them 3 IP addresses? Sounds like the Chinese government is getting liberal or something
Please (Score:3, Insightful)
Re: (Score:3, Funny)
Yes, be a good netizen and stop saying netizen.
Re:Please (Score:5, Funny)
Why is everyone talking about pushing back IPv6? (Score:5, Insightful)
Why is everyone in the comments talking about various steps (reallocating large blocks, more widespread NAT, etc.) that would allow us to push back IPv6?
It seems that we very close to the point where every device supports IPv6 (Vista adoption is helping this) but just isn't using it. Let's start turning it on. What better way to help the adoption than by having users who are IPv6 only complaining?
Even if it wasn't hex codes, it would be a PITA (Score:4, Interesting)
What is IPv6, 128-bit address space? That is what, 16 bytes?
Worse case in decimal (I added the dashes so *I* could make sure I typed it right :-)
216:126:59:03-58:95:58:32-126:43:55:129-59:59:59:1
Worse case in hex (same deal).
FA:FA:FA:FA-12:55:43:BA-55:DA:CC:DB-89:A1:C1:01
Basically, you are boned :-) Maybe we need a different number system that is like Base64 instead of Base16? Heck... why not just base64 encode the IP address. Base64 is what, A-Z, a-z, 0-9,+,=? A Base64 encoded IPv6 address is just:
Az.
Or make it Base32 instead so you can be case insensitive (A-Z, 0-9 and only drop a couple easy to mix up characters like i, l and o to get to 32 chars). A Base32 IPv6 is:
A1Y2.
You could even break out subnets with Base32:
A1Y:2/96 (subnet mask ZZZ0)
So yeah... why didn't they go Base64 or Base32 instead of Base16?
Re:Wow, I suck (Score:4, Informative)
your examples are wrong.
HEX: 4 bits per byte, takes 32 chars to encode IPv6 Address
Base32: 5 bits per byte, takes 26 char to encode an IPv6 address
Base64: 6 bits per byte, takes 22 chars to encode an IPv6 address
You can see the return on investment is pretty small for base32 and base64, since it costs you the transparency of the output.
try again.
There's plenty of addresses left (Score:5, Funny)
We've only used half the available numbers.
Just start using negative numbers: -248.100.-97.-201
Return more /8 addresses? (Score:4, Insightful)
Why can't some of the owners of /8 address spaces return them back to be re-allocated?
For example, HP owns 15.0.0.0 through 16.0.0.0 (~33m ip addresses) can't they get by on just ONE class A network?
Apple owns 17/8
MIT own 18/8
US Postal Service 56/8.
http://www.iana.org/assignments/ipv4-address-space/ [iana.org]
Do all these companies need to have ALL of their devices on publicly routable IP addresses? From a security standpoint, I would hope not. Odd since IBM, a company much larger than MIT and Apple can get by on just one /8, and I'm having trouble believing that HP requires 2 /8 networks.
We talk about making our datacenters "green" by consuming less power, there's got to be an equivalent for consuming fewer public IP addresses.
I've just finished re-IPing our datacenter (~5000 servers), not to 'release IP addresses back, but to undo the damage done by years of seemingly randomly assigning IP addresses to servers in our datacenter. Yes it's a pain, but so is any form of cleaning up your datacenter (cabling for example).
Dialing for dollars (and ham radio) (Score:3, Interesting)
The reason organizations don't "give back" their IP assignments is that there is not much incentive to do so. Why not a market based solution?
One example: I am puzzled that radio amateurs (AMPRNET) own 44.00.00.00/8 and do not make significant use of it. As a ham myself, I'd be happy to convert that to, say, $10M for the betterment of the hobby.
Everyone should have two /64 subnets in IPv6 (Score:3, Interesting)
Whew (Score:3, Funny)
Has anybody noticed... (Score:3, Funny)
I wonder if anybody noticed the summary was repeated twice.
Nobody is motivated to fix this (Score:3, Interesting)
Isn't the problem that nobody who could fix this is motivated to do so?
If we all switch to ipv6 now, then everyone on the existing internet has incurred a cost, but will see no benefit; the benefit will go to currently-unconnected Chinese who will not pay the cost because the work will already have been done by the time they join up.
The only way that the switch to ipv6 is going to happen, is if someone finds a way of making the currently-unconnected Chinese population pay for it. That could be done, for example, by waiting until ipv4 addresses become very scarce, then auctioning the remaining ipv4 addresses for large sums of money, and using that money to switch everyone else over to ipv6. But then you've got the problem of distributing the money...
Duh (Score:3, Insightful)
Had every router shipped since 3 or so years ago been required to have a) IPv6 support w/ stateful firewall on by default for internal hosts and b) a "turn on 6to4" button, we would have been near done already. That simple. You can do it with current routers with firmware mods and a lot of work.
Can't they just share? (Score:3, Funny)
Re:NAT? (Score:5, Informative)
Heck, they already firewall everybody -- why not just break IPs up into NATted subnets? The 10.x.x.x range should give them enough room for awhile, right?
Hmm.... 16,777,216 IP addresses divided by 1,300,000,000 citizens.....
Re: (Score:3, Funny)
Re:Counting the wrong things (Score:4, Informative)
IPv6 allows addresses to be assigned very sparsely, which simplifies routing tables a lot. Back in the early days of IPv4, you could look at the first octet of an address and make a routing decision. The next router would look at the next octet, and so on, and so you only needed 256 routing table entries in each one. The network was conducted as a tree. You'd send a packet to the local router, which would say 'this isn't in my local network, send it up a tier' until it got to one that could start sending it down again.
With CIDR, you stopped being able to do this. Addresses were allocated in blocks of 256, so you had to look at the first three octets to make a routing decision. This meant you need up to 16,777,216 routing table entries. With IPv6, this is no longer required, and you can go back to having the IP addresses roughly corresponding to the network topology.
Re: (Score:3, Insightful)