Interop Returns 16 Million IPv4 Addresses

klapaucjusz writes "Every discussion about IPv4 address exhaustion prompts comments about whether Apple (or MIT, or UCB, or whoever) needs all of those addresses. Interop has set the example by returning 16 million IPv4 addresses to the ARIN pool, extending the IPv4 address exhaustion deadline by a whole month."

Real cause

[Anonymous Coward]

ARIN is the actual cause of this problem, if IP allocation were governed for market forces instead of some dudes that demand paperwork and some justification, then IPv6 would be the response to the rising cost of IPs

Re:Real cause

[mysidia]

if IP allocation were governed for market forces instead of some dudes that demand paperwork and some justification...

What are you talking about? IP allocat is governed by market forces.

Who do YOU think ARIN is?

Hint: ARIN is an industry organization whose members are the ISPs and resource holders in North America.

Also, without ISPs all over the world recognizing ARIN's allocations, ARIN has no power of enforcement of its wishes, it simply does what its officers elected by the broader community of ISPs agree that they want ARIN to do.

Re:Coincidently

[Anonymous Coward]

You have a 64 meg floppy disc? forget ARIN, sell it to a floppy disc manufacturer... Doh, two decades too late.

Re:Probably awhile

[GIL_Dude]

On the smaller scale (home) end of that router thing - even my recently purchased Linksys wireless access point / router doesn't do IPv6. I needed (wanted) a dual radio model so I could segregate my 802.11n devices onto 5 GHz from the 802.11g only devices (which I left on 2.4 GHz). Doing so gets better throughput for the n devices. But I was unable to find an affordable model which both had two radios AND supported IPv6. I imagine I'll have to be upgrading this device way before it is well used just to get the IPv6 support. You'd think devices you buy now would all support IPv6 out of the box - but you do still have to be careful and check into it first.

Re:Not necessiarly

[Drew M.]

Why aren't the leases on internet addresses high enough to convince people to give them back? Price them at a buck a month, and if someone truly can afford to spend $16m a month on a class A, let them. Otherwise they will give them back really fast. What's wrong with a little capitalism?

Re:Start with the cell phone industry.

[Matt_R]

search engines

www.google.com has IPv6 address 2404:6800:8004::68

map

maps.google.com has IPv6 address 2404:6800:8004::68

email

www.gmail.com has IPv6 address 2404:6800:8004::53

"social" sites.

www.v6.facebook.com has IPv6 address 2620:0:1cfe:face:b00c::3

We need a hybrid system maybe ipv6 outside ipv4 in

[Joe The Dragon]

We need a hybrid system maybe ipv6 outside ipv4 inside to make it easier to move over and less the cost of having to buy new printers, wifi AP's, home media stuff , and more.

Do you real want a printer to have a global IP? do you want buy a newer printer / copiers just for IPv6? the high end ones cost alot.

Back in April I did the same thing ...

[hedronist]

Admittedly it was only a /24 (called a C-net by us geezers), but I had had it since about 1992. That was back in the days you could get a C-net for the asking, and a B-net (a /16 to you youngsters) could be had without too much whining.

I got a nice note back from ARIN saying:

As the popular quote says, a journey of a thousand miles begins with a single step. 199.201.131.0/24 has been returned to the pool of available addresses - thanks!

Wasteful allocation is nearly as bad.

[ZorinLynx]

I have ONE static IP from Comcast Business. This is great; I don't really need more than one, right? Well the problem is they've given me a routed subnet. So for me to get my one IP, they also have to waste these additional IPs:

1. The IP on the WAN side of the router, provided to it by DHCP.
2. Internal network subnet address.
3. The router's internal network address.
4. Internal network broadcast address.

Yes, that means for my ONE static IP, Comcast is wasting four more. I can't help wondering why they built their network this way, rather than simply assigning me the WAN side IP and making sure it doesn't change. But hey, that's Comcast for you.

Who knows how many millions of IPs are wasted through inefficient allocation this way. If I have a block of six IPs it would make administrative sense to do it this way but for one? Come on. :)

Re:We need a hybrid system maybe ipv6 outside ipv4

[Sycraft-fu]

There is some stuff like that. That is the basic idea of 6to4. Allows IPv6 to be routed over IPv4.

In the case of printers what you might do is use print servers. If you have new desktops that are IPv6 only, due to lack of IPv4 addresses, you have your servers run IPv6 and IPv4 and your old printers run IPv4 only. Desktops communicate to the server, server to the printers, nobody ever notices a difference.

I suspect IPv4 will be around for a very long time, even after most things are IPv6.

There are more organizations that should

[Technomancer]

return their 16M IPv4 addresses, just look at the map
http://xkcd.com/195/
HP, DEC, Ford, Xerox, Bell Labs, Apple, MIT, USPS, DuPont, IBM, General Electric, Boeing, Prudential, Eli Lily, Halliburton.
Why does plane, car, drug or chemical manufacturer or an insurance company need 16M publicly routable IP addresses?
I guess HP has now all the DEC IPs, so they have 32M, WTF!

The IPv6 Working Group is the real root cause.

[Lanboy]

Stupid fuckers could have made the protocols interactive, but no, they had to try to be clever and redesign the whole thing, so we will need to run dual stack for 5-10 years. No bugs gonna be there. They were just pissy because no one liked OSI CLNS . Which would be just as easy to switch over to, by the way. How many addressable addresses does IPX/SPX have? Lets Dual stack that instead, just to fuck them.

My only bitter pleasure will be watching microsoft networking melt down. Dynamic DNS? No way bitch, ip6 addresses handed out by the router. Of course they will just continue to cheat and use NetBui with a local global catolauge server, like they do now.

I plan to skip IPV6

[snsh]

IPV6 never caught on, like Windows Vista caught on. Better to wait for IPV7.

Re:There are more organizations that should

[Nelson]

So if you're a large business, what's the best way to make sure any two devices on your network can easily talk to each other if they need to? Keep in mind that companies like HP and IBM buy other companies on a very regular basis and there are constant collisions with private space when that happens. What's the solution?

The very best solution is to give all the machines unique public IPs that are routable and do your own routing inside your network. A lot more companies than those use that practice.

Re:We need a hybrid system maybe ipv6 outside ipv4

[Hylandr]

We had security problems with Macs and IPv6. Part of our PCI-DSS compliance scanning services ran over the apple airport acting as the firewall ( yea don't go there ) and found every single ipv6 enabled device on the internal network.

We had to disable all IPv6 in the building and I 'accidentally' dropped the airport when reaching up to 'reconfigure' it.

My lack of adoption is my lack of confidence in an ipv6 firewall do a good job of blocking malicious attempts at access if everything has a publicly accessible IP. Have they designated private network ip blocks yet? Call me old school, but I like my NAT.

- Dan.

Re:Wasn't set up that way

[boombaard]

Extremely good is a bit of an overstatement [ipv6hawaii.org]:

After the University Of Hawaii began getting Google Over IPv6 in March of 2010, we began noticing problems with user devices on our wireless sending router advertisements and “black-holing” traffic. This problem is, of course made more apparent by initiating Google Over IPv6, which causes significantly more content to be requested by clients over IPv6. Despite first appearances, this is a good thing, since it is a problem that must be faced and dealt with in order to operate a IPv6 network for the near term.
In a nutshell, a “rogue RA” scenario occurs when some device besides an “official” router identifies itself as a router using “router advertisement” ICMP6 messages. Once client hosts see the “rogue” as a router, they may prefer it as their next hop to send traffic out to the Internet.
This can result in one of two problems:

• the rogue router can use its position as a router to intercept and eavesdrop upon or otherwise mess with traffic
• the rogue router can neglect to forward traffic such that the client cannot reach things by IPv6

These issues are not IPv6 specific problems. There are numerous similar problems that occur in IPv4 networks, on 802.11 “WiFi” networks, and on Layer 2 switched wired networks.
The best-known cause of rogue RAs on an IPv6 network comes from Windows Vista hosts with Internet Connection Sharing (ICS) enabled. Other causes are probably common, since the “personalities” of rogue RAs seem to differ widely.

And there also appears to be a problem with enabled 6to4 tunnels advertising to the network that they are willing to act as virtual gateways.. Not exactly my idea of 'extremely good'

Re:Wasteful allocation is nearly as bad.

[Anonymous Coward]

If that is really how they have you set up, you can probably use all four addresses for servers without waste. I am no networking expert -- though I'm sure one will post a reply to ream me for this -- but I have exploited a non-standard config to squeeze eight addresses from my company's "five IP" routed account (this is a non-critical internet connection that they allow me to fuck with).

As long as all of the /30 are routed to you by the ISP, the trick is to assign a subnet mask of 255.255.255.255 (works for Linux/OS X, no-go on Windows) to the router and all servers. The gateway address configured on the servers automatically gets a host entry in their routing tables, so the servers will know how to send packets to the router even though it is outside their subnets. You will, though, have to "route add -host" on the router for it to know how to talk back. In fact, the router's internal address can even be a private one like 10.0.0.1 so it doesn't burn up one of your available addresses.

Assigned IP block: 200.100.0.64/30
Router LAN address: 10.0.0.1/24 (doesn't matter)
        sudo route add -host 200.100.0.64 -interface en1
        sudo route add -host 200.100.0.65 -interface en1
        sudo route add -host 200.100.0.66 -interface en1
        sudo route add -host 200.100.0.67 -interface en1

Server 1: 200.100.0.64/32, gateway 10.0.0.1
Server 2: 200.100.0.65/32, gateway 10.0.0.1
Server 3: 200.100.0.66/32, gateway 10.0.0.1
Server 4: 200.100.0.67/32, gateway 10.0.0.1

Alternatively, you can just fudge your /30 mask to a /28 on your router and all servers. You won't be able to talk to the 12 adjacent (legitimate) internet hosts that you just overlaid -- your servers will falsely assume that they are on your side of the router -- but it is a small price to pay for the freebies.

Re:Wasteful allocation is nearly as bad.

[Agent Green]

There are actually reasons behind this. I've got a /29 from Charter Business myself, but this is why it is the way it is, based on my experience as a former Charter engineer.

In the days of old, customers were assigned their statics in WAN-side way as you describe. My parents used to have a static assigned to them from a WAN block on their CMTS. This was great because whatever allocation assigned was very efficiently used. Granted, this was back when nodes were combined 4:1 or greater on the small CMTS that was being used. A uBR7246 with 1x6 cards in the day could easily route traffic for over 48 cable nodes, at 2:1 combining on the upstreams, and 12:1 on the downstreams. (A whopping 150mbps for 48 nodes ... laugable today).

It wasn't all that long ago I remember some towns sharing a single downstream port. Now, enter node splits, and combining gets down to 1:1 in many cases. Even with a much larger CMTS (uBR10012 vs. uBR7246), it can't handle the same number of nodes. With redundancy failover switchboxes, there are only 35 downstreams per box (assuming 5x20 cards).

Now a problem exists as soon as the box's capacity is reached. If I need to split your node and move it to another CMTS to increase your available bandwidth, I need to coordinate with everyone who is moving who has a WAN side IP and tell them that their IP address is going to change on whatever date. This turns into an incredible shitstorm when one person stammers their feet and cries up the escalation chain and then delays necessary work because they bitch. Then capacity continues to be in hell until the move is finally approved. Then, there are the customers who ignore your voicemail and phone calls and then cry for a credit because they didn't pay attention until the move date.

So now what everyone is doing in order to make this easier is to assign you a /30 or /29 or whatever which you get from your modem. The modem sends that assignemnt up via RIP and it gets redistributed into the network. Now, it doesn't matter what town you're in or what CMTS you're on. Note splits and changes can essentially happen without you ever having to renumber your side. With the growing demands on bandwidth, it's not unheard of that you could move a couple of times per year, depending on the scope of the engineering changes.

Seems wasteful, but that's the sense behind it.

Re:The IPv6 Working Group is the real root cause.

[rdebath]

Because an "interactive protocol" would not work. The core idea of IP is to allow global communications using only local decisions, for any machine connected to the internet you can route any packet with just a small list of "routes" which tell you which port to send the packet and the values in the packet header itself.

Adding some sort of negotiation phase would mean that this information would have to be saved, you have to record the fact that a successful "connection" had been made and what sort of connection it was and probably broadcast the fact that you've made a successful connection to anyone who's interested. But IP doesn't have connections ... so it wouldn't be IP any more. You'd lose the massive advantages of IP, the local decisions and the tremendous speed that this allows.

This has been tried before, there are lots of connection oriented protocols around, they are very good for working out how much to charge people and once a connection is established you can easily do things like guaranteed bandwidth allocations. But it takes a long time to setup a connection, every node along the route has to agree to and record the connection (and possibly even talk to an authentication database to decide if the connection is allowed) which takes time, memory and other resources.

In fact it gets so complicated and expensive that most systems end up dumbing down the nodes in the middle so they're fast and light, so they just send packets without worrying where they come from, just pointing them to the next hop on their journey ... IP gets reinvented and eventually the inner nodes actually run IP because the hardware for a given guaranteed bandwidth is cheaper; even if there's a need for "over provision".

Quite simply, many people skip all that hassle nowadays and just use IP from the start.

Re:Delaying the inevitable

[delinear]

I assume it reflects their confidence in a successful migration to IPv6 in the near future. Think about it this way, if they predict a future where we're stuck on IPv4 and go down the route of addresses being sold off to the highest bidder, they're giving away a massive asset for some goodwill return. If they believe that IPv6 will come in and render IPv4 redundant in the very near future, they're giving away effectively a resource that's soon to become useless for some goodwill return. The second sounds like a much better deal.

Re:Delaying the inevitable

[swordgeek]

Nice for you. We are.

I work for a major telecom company. We are scant months away from all of our TV customer's STBs exclusively talking ipV6. Internet cable modems will be following next year.

Some of us - many, in fact - _are_ very near to that.