At Current Rates, Only a Few More Years' Worth of IPv4 Addresses 460
An anonymous reader excerpts from an interesting article at Ars Technica, which begins "There are 3,706,650,624 usable IPv4 addresses. On January 1, 2000, approximately 1,615 million (44 percent) were in use and 2,092 million were still available. Today, ten years later, 2,985 million addresses (81 percent) are in use, and 722 million are still free. In that time, the number of addresses used per year increased from 79 million in 2000 to 203 million in 2009. So it's a near certainty that before Barack Obama vacates the White House, we'll be out of IPv4 address[es]. (Even if he doesn't get re-elected.)"
Re:Don't say "NAT" (Score:5, Informative)
No, not really. There's companies with whole fucking /8 [iana.org] that have no real purpose to own them, but they've just always had them:
003/8 General Electric Company 1994-05 LEGACY /8's ?)
004/8 Level 3 Communications, Inc. 1992-12 LEGACY
008/8 Level 3 Communications, Inc. 1992-12 LEGACY (two
009/8 IBM 1992-08 LEGACY
013/8 Xerox Corporation 1991-09 LEGACY
015/8 Hewlett-Packard Company 1994-07 LEGACY
016/8 Digital Equipment Corporation 1994-11 LEGACY
017/8 Apple Computer Inc. 1992-07 LEGACY
019/8 Ford Motor Company 1995-05 LEGACY
034/8 Halliburton Company 1993-03 LEGACY
044/8 Amateur Radio Digital Communications 1992-07 LEGACY
045/8 Interop Show Network 1995-01 LEGACY
047/8 Bell-Northern Research 1991-01 LEGACY
048/8 Prudential Securities Inc. 1995-05 LEGACY
052/8 E.I. duPont de Nemours and Co., Inc. 1991-12 LEGACY
053/8 Cap Debis CCS 1993-10 LEGACY
054/8 Merck and Co., Inc. 1992-03 LEGACY
056/8 US Postal Service 1994-06 LEGACY
Just get rid of the companies that are reserving such huge spaces without having a real reason to do so, other than that they were there to reserve them in start of 90's. Also US and UK army and defence and other ministers have several /8, but why really? Other countries do just fine without too.
Re:Don't say "NAT" (Score:5, Informative)
No, not really. There's companies with whole fucking /8 [iana.org] that have no real purpose to own them, but they've just always had them:
The block you listed contain a total of 301,989,888 addresses. At 2009's rate of 203 million addresses per year, returning those blocks would buy us less than 18 months. Big whoop.
Also, some of those companies actually do make significant use of the addresses they have. For example, I happen to know that IBM uses a good chunk of the 9.0.0.0 space.
Re:I'll believe it when I see it (Score:3, Informative)
It has not yet become a big enough of a problem for the large sections of unused address by universities such as MIT and Harvard to be recalled.
At over 200 million new addresses needed per year, returning all of those class As wouldn't buy more than 2-3 years.
Re:Don't say "NAT" (Score:2, Informative)
004/8 Level 3 Communications, Inc. 1992-12 LEGACY /8's ?)
008/8 Level 3 Communications, Inc. 1992-12 LEGACY (two
That's due to the acquisition of BBN who was the contractor that did a lot of initial ARPANET work. (The original defense contractor role of BBN was later spun back out and is now part of Raytheon but the network assets stayed with Genuity and then later Level 3) They also have the AS number "1", which gives them some severe old-school bragging rights.
Those assignments really aren't that bad -- they're a major ISP and would have huge chunks of IP space regardless. At least 4/8 is largely delegated to customers (I see 4.x.x.x IP addresses all the time) Not sure how much they've dipped into 8/8.
As other posters have pointed out, recycling them won't really give us much time. I'm not opposed to it personally, but it's not a fix
Re:Don't say "NAT" (Score:5, Informative)
For what? Do all their PCs have public IPs?
At present, yes. Also their phones. But the employees' PCs are a fraction of IBM's computers. Keep in mind that IBM runs large data centers all over the world.
Yes, were IBM to go through a very large and expensive network restructuring to move many of the internal networks to NAT, they could probably give a few million addresses back. Maybe as many as 15 million. And at the 2009 rate that would buy us 26 days.
Where I work has an entire class B and all of our PCs are public and we're talking now about NAT'ing them all, for security reasons.
That's silly.
There's no security value to NAT. NAT does provide a stateful firewall that disallows inbound connections, but you can do that just as well without NAT, and with a great deal more flexibility.
Re:Don't say "NAT" (Score:3, Informative)
Google run their public DNS on 8.8.8.8 and 8.8.4.4 so they are being used, this is probably because level 3 provide google with multicast on these addresses.
Re:Don't say "NAT" (Score:5, Informative)
Thank you for pointing that out. So many people seem to think NAT is a security tool. I think it's because just about any router capable of NAT also has a stateful firewall (since NAT requires tracking of connections) and many people don't understand the distinction.
Re:Bono should be pleased... (Score:4, Informative)
BitTorrent is already running over IPv6. Anyone running Torrent on a recent enough version of Windows automatically uses IPv6 to cross NAT boxes using a technology known as Teredo [wikipedia.org].
The Free Software world is late with IPv6 adoption. In the words of one of the Torrent developers (Greg), "platforms which are not Windows [...] need to get their collective Teredo asses in gear."
Re:Bono should be pleased... (Score:3, Informative)
one address per two world citizens (Score:4, Informative)
Agreed, look at it another way: 2**32 is four billion address, which is one address per two world citizens. OK, I could share that IP with my wife, but given the number of devices in between us, that won't really work. Now I know, that places like Africa currently don't follow the pattern of "personal" computers, but how long will that last.
More realistically, given that my phone, web-server, car, camera, email, GPS unit, home security system, etc. all should have their own IP address, we need at least 20x what a 32 bit address space can provide. And then you've to add the 'wasted space' so that we can allocate blocks of addresses in a logical fashion.
So yes, IPv6 is the only way to go, if you like it or not. Couple of /8 blocks or NAT won't help us.
Re:Don't say "NAT" (Score:3, Informative)
the ISPs can then claw back IPs from less lucrative customers and give them to more lucrative ones.
There's a term for that, it's called: Fraud. And I hope ARIN counts on that it will happen. I'm sure policies are already being considered as we speak, to provide for auditing of ISPs to validate compliance with the Registry Services agreements the ISPs signed.
It's a violation of the ARIN agreement ISPs have to sign, to give a customer more IP addresses than they have justified need for, just because you want to get a bigger PA allocation.
Allocations are provided to ISPs for re-assigning. Once re-assigned, the IPs belong to the end user, for use with services provided by the ISP.
The netblock belongs to the end user, as long as they keep services with the ISP, ARIN does not require them to return the addresses.
If the ISP retained the right to take back the IPs, then they violated the RSA by not properly recording the reassignment of the addresses, eg they never actually assigned them...
Re:Don't say "NAT" (Score:4, Informative)
Repurposing the D and E spaces won't fly. The D space is used. Think of the hell entailed if 224.0.0.5 and 224.0.0.6 get routed. Bye bye OSPF. Plus you'd have to recode every OS and firmware that understands those as multicast addresses to treat them as unicast. That's not even discussing what might be coded in for the E space in random OSes and firmwares. And after all that work, it'd buy us maybe two more years. Just go v6, it's already in the OSes, and would be in the firmwares if the end-user ISPs would just push the CPE manufacturers a little bit.
Re:On Which Planet? (Score:3, Informative)
An improperly configured NAT gateway may also allow outsiders access to the internal, private network. Improperly configured network devices are always a security risk. NAT does not help here.
Your JetDirect card would presumably be behind a firewall, so even with a public IP, it would not be accessible to those on the general internet.
Re:Don't say "NAT" (Score:3, Informative)
If I were ARIN, I would start making v4 addresses and v6 addresses cheap.
To an ISP it is actually FREE to get IPv6 Addresses initially, ant then there is a wavier until 2012.
Fee Schedule [arin.net]
IPv6 Initial Allocation and IPv6 Assignment
ARIN charges a fee for the initial IPv6 allocation from ARIN to an ISP. This fee is currently waived for IPv4 subscribers. For organizations that aren't IPv4 subscribers, the fee is lowered by current fee waivers [arin.net].
ARIN charges a fee for an IPv6 assignment (whether initial or additional) to an end-user. There are currently no fee waivers for IPv6 assignments.
Re:Great... now do I switch? (Score:3, Informative)
None of the other providers seem to be even making a peep about it.
Comcast is planning to start deploying residential IPv6 this year. They haven't said how long it will take for a full rollout to all of their customers, but if they do get there, that will be a significant chunk of the US residential market that has native IPv6.
Re:Don't say "NAT" (Score:2, Informative)
Level 3 owning two /8s makes sense, since networking is what they do. If I owned HP stock I'd be pissed if they simply gave back their /8s instead of leasing them. Same with GE, Xerox, Apple, IBM, or any other company in that list.
Re:Demand IPv6 and it will come (Score:4, Informative)
Or you could get a router which supports IPv6 *today* and use 6to4 to use a single public v4 address to address multiple IPv6 hosts on your network, and to talk to other IPv6 capable hosts. If you want a router that's ready out of the box, my understanding is that Apple's Airport routers support IPv6. If you don't mind a little bit of tinkering, you can get a router which is compatible with a third-party firmware replacement (such as OpenWRT [openwrt.org], load OpenWRT on it, and use IPv6 (I just got a Linksys WRT54GL for $70 at Microcenter - it's a bit more expensive than some of the other 802.11g routers, but still not too bad - and I'm going to flash it sometime in the next week or two, as I get time).
Re:Don't say "NAT" (Score:4, Informative)
That's already been thought of. As an ISP, you don't get to just make up whatever rules you want to determine how many IPs you can assign, beyond a certain point, you have to apply RFC 2050, per the name resource policies:
Because it is.
In actuality, need is defined as the minimum number of IP addresses that will be required within a certain period of time in the future, according to Network Engineering plans [ietf.org] that get submitted to ISPs (LIRs and RIRs) in order to apply for IPs; efficient utilization means utilizing 80% of the IPs to address internet hosts. IPs that will be required in the near future are needed and part of the justification.
Currently 25% immediate utilization is required after 6 months, 50% required after 1 year.
All existing IP allocations must be 80% utilized.
ARIN NRPM [arin.net], 4.2.3.1. Efficient utilization ISPs are required to apply a utilization efficiency criterion in providing address space to their customers.
ARIN NRPM, 4.2.3.6 Reassignment to multihomed downstream customers: Under normal circumstances an ISP is required to determine the prefix size of their reassignment to a downstream customer according to the guidelines set forth in RFC 2050.
Specifically, a downstream customer justifies their reassignment by demonstrating they have an immediate requirement for 25% of the IP addresses being assigned, and that they have a plan to utilize 50% of their assignment within one year of its receipt.
4.2.3.3. Contiguous blocks: if a customer moves to another service provider or otherwise terminates a contract with an ISP, it is recommended that the customer return the network addresses to the ISP and renumber into the new provider's address space. The original ISP should allow sufficient time for the renumbering process to be completed before requiring the address space to be returned.
RFC 2050 [ietf.org].
Re:Don't say "NAT" (Score:5, Informative)
Why have a legal battle? Just let the current holders auction off sub-blocks.
You're assuming that the holders of these /8's have been using some sane way in which to assign the IPs within their blocks such that large, contiguous regions are still readily available that make the unused addresses readily routeable. Which, from my experience, they don't. And as the Internet would become nearly unroutable if millions of /31's and /32's suddenly appeared, the only way you could make this work is by having each and every one of those organizations effectively defragment their address use to make large, routable blocks that could be reassigned (e.g., /24s or /16s) -- and for organizations of the size that we're discussing, the cost of that is going to be way more than they'll be able to charge for those address blocks, and they aren't going to do it, fight or no fight.
You can't take an entity the size of (for example) IBM and have them compress their address use into a /12 to free up 240 new /24's without it being a very significant cost in terms of effort and downtime -- particularly when they have absolutely no incentive to do so. Nobody in their right mind would spend the necessary amount of money to make it worth their time and effort, when they can get millions of addresses in IPv6 for next to nothing.
Yaz.
Re:Don't say "NAT" (Score:5, Informative)
I'm still waiting for ISP:s to offer IPv6.
As soon as the ISP:s starts to offer IPv6 it will be easier in general to use and develop for IPv6
alphanumeric means errors (Score:3, Informative)
Why recreate the wheel if they already got ipv6 for that?
By using that approach of alphanumeric [a-z] you'll also get a lot more errors in spelling, O & 0, I & 1, ..
HEX solves that entirely by only allowing [0-F].
Re:Don't say "NAT" (Score:3, Informative)
IPv6 is considered a to be a broken ill-designed protocol that screws up more than it fixes.
If this were wikipedia, that would be tagged with 'weasel words' and 'citation needed'. As it's Slashdot, can you point to someone who actually argues this rationally?
Its basically unusable with mobile networks (WiMax, WiFi, etc).
Absolute nonsense. Mobile IPv6 uses the fact that IPv6 requires IPSec support to allow the routing tables to be updated dynamically by the device (once you've been assigned an IP address, you can push routing table updates for that IP when you hop to a different network) which eliminates the triangle routing that Mobile IPv4 needs.
It significantly increases the cost of routers, switches, etc--the exceptions being those hardware that treat IPv6 in the slow-path. i.e., by trapping to the control CPU.
Again, nonsense. The sparse nature of IPv6 allocation means that it you need to inspect fewer bits in each packet to route it than with IPv4. Mobile IPv6 is an exception to this in some cases, but only if a host has moved a long way away from where it started without dropping connections (e.g. if you move from China to the UK overland keeping connections active).