Vint Cerf Keeps Blaming Himself For IPv4 Limit 309
netbuzz writes "Everyone knows that IPv4 addresses are nearly gone and the ongoing move to IPv6 is inevitable if not exactly welcomed by all. If you've ever wondered why the IT world finds itself in this situation, Vint Cerf, known far and wide as one of the fathers of the Internet, wants you to know that it's OK to blame him. He certainly does so himself. In fact, he does so time and time and time again."
an alan cox interview (Score:5, Informative)
Here's an interview where he says it:
http://www.velocityreviews.com/forums/t576610-alan-cox-on-software-patents.html [velocityreviews.com]
"""Alan Cox: The same has happened with IP version 6. You notice that everyone
is saying IP version 6 is this, is that, and there's all this research
software up there. No one at Cisco is releasing big IPv6 routers.
Not because there's no market demand, but because they want 20
years to have elapsed from the publication of the standard before
the product comes out -- because they know that there will be
hundreds of people who've had guesses at where the standard
would go and filed patents around it. And it's easier to let things
lapse for 20 years than fight the system."""
(More info would be good - any other prominent techs saying this?)
How we got here. (Score:5, Informative)
At the time, XNS, the Xerox protocol for Ethernet networks, was in use. It had 24 bits for the network number, and 24 bits for the device ID. Thinking at the time was that each network would be a local LAN, and "internetworking" would interconnect LANs. Xerox was thinking of this as a business system, with multiple machines on each LAN. So XNS had a 48-bit address spade. That's what we call a "MAC address" today.
The telephony people were pushing X.25 and TP4, which used phone numbers for addressing. Back then, phone numbers were very hierarchical; the area code and exchange parts of the number determined the routing to the final switch. "Number portability", where all the players have huge tables, was a long way off.
The problem with a big address space is that memory was too expensive in those days to deal with huge address tables. A big issue was locative vs non-locative address spaces. In a locative address space, there's a hierarchy - you can take some part of the address and make a local decision about what direction to go, even if you don't have enough detailed information to get to the final destination. IP was originally organized like that - routers looked up class A, B, and C networks. A huge, flat address space implemented using multi-level caches was way beyond what you could do in a router back then. Routers used to be dinky machines, with less than one MIPS and maybe 256K of RAM.
There was a lot of worry about packet overhead. Each key press on a terminal sends 41 bytes over a TCP/IP network. That was a big deal when companies had long-haul links in the 9600 to 56Kb/s range. Adding another 24 bytes to each packet to allow for future expansion seemed grossly excessive. Especially since the X.25 people had far less overhead.
So there were good reasons not to overdesign the system. I don't blame Cerf for that.
The foot-dragging on IPv6 is excessive. The big deployment problem was getting it into everyone's Windows desktop. That's been done.
Re:Glad thats sorted out! (Score:3, Informative)
Since I actually bothered to read the article:
But Cerf, chief Internet evangelist at Google, has long known a good laugh line when he has one. In an Aug. 17 talk at NASA, he said:
This is the amount of IP version 4 address space, about 5% left -- my fault actually. In 1977 I was running the Internet program for the defense department, I had to decide how much address space this Internet thing needs. ... After a year of arguing among the engineers, no one knowing, 32 bits, 3.4 billion terminations, has to be enough for an experiment. The problem is the experiment never ended.
So, since the internet is just an experiment that never ended, can we name this "Endless October"? :)
Re:Glad thats sorted out! (Score:3, Informative)
What happened to IPv5?
It was the ST2 protocol: http://www.faqs.org/rfcs/rfc1819.html [faqs.org]
Never went anywhere.
Re:Bogus shortage (Score:3, Informative)
1. The legacy address space is a special case. They were issued directly from IANA before ARIN and the other RIRs were formed and were given out without many rules attached, so reclaiming those is legally difficult at best. Typical blocks issued today can be and are reclaimed when they're not being used and you currently have to go to significant lengths to show you need the address space, especially with RIPE's policies.
2. We've been fucking doing that. NAT is why we are running out of addresses now rather than 8 years ago. Pretty much everything that is able to be put behind NAT already is. And don't even get me started on the abomination that is "carrier grade NAT".
3. If you reclaimed the entirety of the legacy address space, assuming it is possible to do that in the 8 months we have left until IANA's pool runs out, it would buy about 2 years at the most, then we'd really be out, and existing evidence shows that ISPs and companies would simply use that 2 years to sit on their hands like they've been doing for the past 2 years, and the 2 years before that.
Re:Things people do... (Score:3, Informative)
No need to assert; it's common knowledge.
Re:an alan cox interview (Score:3, Informative)
This is not exactly new one, but I read a pretty reasonable article [mises.org] about the effect of James Watt's patents (steam engine) on the industrial revolution - basically how it was delayed by a few decades.
That was 18th century, things moved slower then. Now-a-days within our 5 year obsolescence cycle things completely moved out of whack of course.
Re:Glad thats sorted out! (Score:5, Informative)
Except IPv6 is hierarchical [isoc.org], for that very reason. Routing tables can be much, much smaller than they are on IPv4.
Re:Laches: the doctrine of you snooze, you lose (Score:5, Informative)
Never, or in more practical terms, less than 6 years after the expiration of the patent. Patents need not be defended like trademarks, and you can "back sue" for up to 6 years of infringement. There was a recent story on /. about a company that bought a little known patent right before it expired, then went about suing everybody and anybody for infringement *after* the expiration, but going back 6 years for damages.
Re:Bogus shortage (Score:2, Informative)
Mostly home gateways and some VoIP phones. Host OSen and business routers have had the necessary support for ages. Even most smartphones sold now probably do. But if you want an IPv6-capable Wireless N router, you're either going to have to look very carefully, or buy one that can load a custom firmware.
Re:Is it a software patents issue? (alan cox) (Score:3, Informative)
Anyone got links to confirm / disprove this theory?
Short version: Cox was just wrong. Cisco wasn't shipping big IPv6 routers in 2004 (although they were shipping other IPv6 hardware and software), but it wasn't because of patents. It was because there was no demand from the telecommunications companies, who knew they had several years before IPv4 ran out. Furthermore, Cisco's current largest routers (the carrier grade CRS series) support IPv6 (example [cisco.com]), yet 20 years from the publication of the main IPv6 RFC is December 2018. So Cox's theory is plainly invalidated.
Long version: The closest anything has come to a patent scare is Microsoft's 6,101,499 patent, but "After extensive review by our technical experts, Microsoft does not believe that the 499 patent includes any claims which cover RFC 2462 or RFC 2464 [i.e., IPv6]." (source [ietf.org]). So Microsoft, about as big a software player as there is, went out of its way to clear a patent that a third party (PUBPAT) had identified as potentially related to IPv6.
Furthermore, Apple, Google, Microsoft, Sun/Oracle, and VMware all ship IPv6-compatible software [wikipedia.org]. Lots of home routers, including Apple's, also support it. Cisco has supported it in IOS since 2001. IBM has supported it in z/OS since 2002. [wikipedia.org]
Since major companies have been shipping hardware and software that implements IPv6 for years with nary a peep from anybody, laches becomes a serious issue for any potential plaintiff. Of course, all of these large companies have legal departments that have analyzed IPv6 for patent issues, as have groups like PUBPAT. It seems unlikely that they would all miss a problematic patent of any significance.
No, the hold up seems to be entirely on the infrastructural side, which is much more a problem of cost than capability. The routers and switches that make up the Internet infrastructure are extremely expensive (tens of thousands to millions). Here's one example [networkworld.com]. ISPs and long-haul fiber operators aren't going to spend untold millions of dollars on upgrading their equipment and training their staff while the old stuff still works fine and they're still making money off of it.
Re:Glad thats sorted out! (Score:3, Informative)
That's the dumbest thing I've ever heard. Every one of those changes would require just about as much conversion energy as switching to IPv6 does now. If we're going to have to go through that, we sure aren't going to do it just to add another octet. And then do it again. And again.
I don't know where the idea comes from that a conversion to a smaller address space is less of a pain than conversion to a big address space.
NAT wasn't re-invented, it was UN-invented, which is a *good thing*. In any case it's still possible. DHCPv6 is certainly available for you to use, although you now have the option of not needing it.
Re:Glad thats sorted out! (Score:3, Informative)
Why did they do this? I mean When we ran out phone numbers the first time we just added an exchange number, when we ran out again we just added a area code, then a country code and so on.
And how would you propose to tell all the IPv4-only apps out there to "just add an exchange number"? Oh, right, you have to modify and recompile them all to so that they will know how to do that.
Why didn't they just add an extra octet? or even just double the address space from 32 to 64?
Because breaking compatibility with all twenty gazillion existing IPv4 apps will cause the same amount of pain whether your add 1 bit or 96. Either way, all the legacy software and hardware has to be upgraded, or interfaced to.
Given that we are going to have to break compatibility once, our next goal is to not have to break it two times. Which is why IPv6 is designed to be as future-proof as possible -- so we won't have to go through this hassle again 10 years from now.
Re:Glad thats sorted out! (Score:2, Informative)
Wrong. RA provides only a prefix (which MUST be /64 for SLAAC) and gateway (i.e. the thing sending the RA.) That is "all you need" today because IPv4 is filling in the rest of the equation... hostname, domain name, nameservers, etc. Turn off IPv4 and you quickly see how much is left out. Modern systems depend on a lot more than just an address to function productively.
Re:Kinda silly. (Score:2, Informative)
>>>Only those with no imagination---
Were you even alive then - 1976?
Yes, actually I was alive then, and for quite a few years before that.
I was. Remember that was a time when being able to buy a video & watch it at home was an alien concept (pre-VCR).
Not true. I was shooting video on 1" cartridges in my HS film classes in 1976, and believe it or not, there was a movie sale and rental industry then. It was small, by mail order, and expensive, but it did exist.
If you had said to someone, "Someday you'll be able to sit on a bus and watch a video from 10,000 miles away," they'd probably lock you in a loony bin. Or just say, "You're a nutty nerd - let's give you a wedgie."
I think those reactions had more to do with the goofy grin, flood pants, and the bad haircut you had than anything else. :-P
Computers in 1976 were the size of small rooms,
I think you're a little confused about the whats and whens.
I lusted over SWTP 6809s and various Z/80 systems written up in Popular Electronics throughout the 70s -- too expensive for my paper route level of income. Apple 1s were around by '76, and the first Apple ][s shipped in 1977. Circa 1976 HP donated an old mini to the HS I went to -- it was the size of a four drawer filing cabinet. Apart from that, most of those were smaller than a Selectric typewriter.
Yeah, the Burroughs mainframe at my dad's office years earlier filled up the whole room, but actually, if you knew what you were looking at, you knew most of it was tape drives, line printers, and other stuff.
and they were just beginning to be shrunk to PC size, but they were hard-to-use (no keyboards or screens; they used esoteric switches).
Esoteric? Like the switch on the wall that you turn the light on with? Actually you could get a SWTP terminal with a full QUERTY keyboard and a 40×25 CRT to go with your 6809. Apples -- 1 and ][ -- had real keyboards.
Nobody at the time thought common people (read: uneducated boobs) would have computers with self-assigned addresses. Nobody thought there'd be more than one computer per home, much less 2-3 per person. Most envisioned computers as being like Star Trek - a single unit running the whole house. The number of homes was only 900 million, so having ~4000 million addresses was plenty.
The 1970 Census put the US population at 200M. By 1980 it was 226M. I don't know what the typical household was, say family of four. I think that'd make for a lot fewer homes, but really, what does that have to do with anything?
Again, there were people -- with imagination -- who were anticipating the computer revolution. Not unsurprisingly, they were right.
Re:Glad thats sorted out! (Score:3, Informative)
It was targeted to be hierarchical as of 1999 (when that presentation was made). That has since been abandoned, and it's now somewhat more free-form the way IPv4 is. To my understanding, there are no restrictions on region or organization as to where IPv6 can be announced, and the criteria for IPv6 Provider-Independent IP space are identical to the ones for IPv4 space.
Re:Glad thats sorted out! (Score:2, Informative)
That is "new here" to me.
Excellent point (Score:3, Informative)
IPv6 addressing is wonderfully simple. Because it is hierarchical, in one byte units, there are at most 256 upstream, 256 parallel and 256 downstream router addresses for any given router. The lowest 48 bits are taken from the MAC addresses.
The only time you need to hold more addresses than 768 is if you are supporting Mobile IP or NEMO using transitory addresses (the original IPv6 mechanism), where re-routing is handled with temporary router entries that last 30 seconds or until the computer/network moves to a new network, whichever comes first.
Typical IPv4 router tables - especially for ISPs - are huge. You don't need 8 Mb router tables unless you plan on holding upwards of a million routes. I don't know if anyone sells corporate-grade routers that small any more.
Since there are no situations where you will ever want a more specific rule for a route (other than to support transitory addresses), you don't need to search for the most specific case of a routing rule. If you have found the first case, it will be the only case. Even in the transitory address case, you're comparing the whole IPv6 address, so there will be exactly one match for it, so the worst case is looking for two matches for strings. This means that searches are much, much faster. On large routers, you can use the three bytes as indexes into the table of hierarchical addresses and then use a tree to store the transitory addresses. You can search both in less time than it takes to search an IPv4 router table.
Re:Glad thats sorted out! (Score:3, Informative)
It was targeted to be hierarchical as of 1999 (when that presentation was made). That has since been abandoned, and it's now somewhat more free-form the way IPv4 is.
Somewhat, yes. But the v6 space is still very much aggregable, which simplifies routing considerably. This is specifically mentioned in RFC 3513:
Furthermore, in the description of the structure of an IPv6 address.
Re:Bogus shortage (Score:2, Informative)
I know my current one is, but then I have a fancy dual-radio gigabit version. Only 1 is advertised to be compatible, showing that it's not enough of a selling feature to list.
Re:No need for IPv6 (Score:4, Informative)
Because, since all the hosts behind a NAT share a single routable address, that means to make inbound connections, you need to setup port forwarding. So, say I want to run Skype (which likes to have an inbound port), a game server, and a VoIP application, all of which need to be able to accept inbound connections. Well, to do that, on the NAT Gateway, I need to setup 3 ports to be forwarded to my computer. Only I can use those 3 ports, no one else can. Which means with 64k ports available on the NAT, you can probably only setup port forwarding service for maybe 10k-20k customers. You *might* be able to alleviate this a little bit by using multiple 'public' IPs - say one public IP for every 5000-10000 users on the ISP network.
There's also the issue of 'well known ports' - let's say I want to run a web server - well, almost all browsers expect a web server to respond to connections made to either port 80 or port 443 (for SSL encrypted connections). Likewise SSH, telnet, FTP, rdist, etc all typically use well-known ports. Games using iD Software engines usually accept inbound connections on a particular well-known port (27960). Only one computer per public IP may have port 80 or 443, or whatever, forwarded.
Also, perhaps even more importantly, every outbound connection also uses a port associate with the public IP address being used for NAT. Again, using one public IP for a few thousand users might give you enough ports to mostly work.
Basically, in a world where everyone is behind a NAT, no one can ever accept in-bound traffic from off the 'local' network (I put local in quotes, because in the case of Large Scale NAT, you could probably talk to all the other customers of your ISP directly, but not anyone who uses a different ISP), even when they *WANT* to. Some people like the 'comfort' of thinking that NAT somehow protects them better than a firewall, but I'd personally prefer routable addresses for all my devices, with a firewall that I control on my home router to block in-bound access. That way, I can simply open ports when I *want* inbound traffic, and leave all other closed - but when I do want to run services
Re:Excellent point (Score:3, Informative)
>> The lowest 48 bits are taken from the MAC addresses.
Not quite true. The lowest 64 bits are a host address, each host can have multiple addresses, and one of those addresses can be derived from the 48-bit MAC address.
Assigning an IPv6 Address to everything is possibl (Score:2, Informative)
Just divide 20% of the total number of IPv6 Addresses (this is both to account for wasted addresses, as well as to point how silly the notion of running out of IPv6 Addresses is), and divide it by the number of Sq metes (or foots, as you preffer) of the surface of the earth (dry, humid, wet, or iced) and tell me how many devices for each tile of surface can have a unique address.
Pro Tip: Use a scientific calculator, a normal one, or the one on a cellphone will not do.
For the lazy: 1,33*1023 addresses per square meter, if my calculations are correct. This is more than the Avogadro #... just in case, check my calculation.