Free IPv4 Pool Now Down To Seven /8s
460
Zocalo writes "For those of you keeping score, ICANN just allocated another four /8 IPv4 blocks; 23/8 and 100/8 to ARIN, 5/8 and 37/8 to RIPE, leaving just seven /8s unassigned. In effect however, this means that there are now just two /8s available before the entire pool will be assigned due to an arrangement whereby the five Regional Internet Registries would each automatically receive one of the final five /8s once that threshold was met. The IPv4 Address Report counter at Potaroo.net is pending an update and still saying 96 days, but it's now starting to look doubtful that we're going to even make it to January."
Re:Soo... (Score:5, Informative)
Meh. Allocate 240.0.0.0/4. (Score:1, Informative)
Class E? That "reserved" block, for "future expansion"? That "future expansion" would be now.
There you go, another 16 blocks to break out. Plus the 7 we already have, that makes 385,875,968 addresses left still unallocated. Still over a third of a billion to go, which should be more than enough time for everyone to replace equipment that doesn't support IPv6, and deal with applications like Teredo that leak IPv6 address space across NATs and through VPNs.
Re:Soo... (Score:4, Informative)
Re:Meh. Allocate 240.0.0.0/4. (Score:4, Informative)
Here is a good blog post on why this wouldn't work: http://packetlife.net/blog/2010/oct/14/ipv4-exhaustion-what-about-class-e-addresses/ [packetlife.net]
Re:Soo... (Score:5, Informative)
Regional Internet Registry.
Re:where is ATT and comcast with IPV6? (Score:4, Informative)
Re:Soo... (Score:3, Informative)
Re:Maybe I'm being naive... (Score:3, Informative)
They did not bother, because they thought if there was a freaking decade to roll it out, that would be plenty of time.
Re:Last IP! (Score:2, Informative)
Sure I have, /22, /23 are used all over the place.
But I doubt anyone would except your announcement if it was a /25.
Re:Maybe I'm being naive... (Score:4, Informative)
3ffe:1900:4545:3:200:f8ff:fe21:67cf
That would be 63.254.25.0.69.69.0.3.2.0.248.255.254.33.103.207 using your scheme which is horrible. Is also leaves out the most useful compression feature, so you can write 3ffe:1900::/32 instead of 63.254.25.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0/32. Just counting out the correct numbers of .0 is horrible.
Practical real life IPv6 addresses often use compression: ipv6.l.google.com has IPv6 address 2a00:1450:8005::63, ipv6.myip.dk has IPv6 address 2001:470:27:f9::2, ipv6.net has IPv6 address 2a00:1188:5:2::8. If you care about your address you can make it short, since the last 64 bits is yours to decide.
Re:Soo... (Score:4, Informative)
Re:all because MS won't put TLS on XP... (Score:4, Informative)
Actually it does support TLS, it just doesn't support SNI. Or actually IE and Safari only, because they use the windows library. Firefox and Chrome use the library first developed at Netscape and Opera uses OpenSSL.
But as SNI is the part that adds 'Namebased virtual hosts' to TLS, the result is the same as you mentioned. Everything that wants to use a certificate still needs it's own IPv4-address (and/or IPv6 address) for now.
Re:Maybe I'm being naive... (Score:2, Informative)
Re:The most surprising turn of events (Score:3, Informative)
That being the case, we as a culture have also decided that decades start a year x0, centuries start at x00, and millenniums start at x000.
No we have not. You will have a very hard time relating to historic dates if you think so. Ever wondered why we are currently in the 21st century and not the 20th? Because the first century was not the number 0 century, as you would have it. The same way, the first year was not the number 0 year, the first decade was not the number 0 decade and the first millenia was not the number 0 millenia.
Just because uneducated people have a hard time grasping this, does not make it less so. If you start calling this the 20th century just because the year is 20xx you will not be understood correctly.
That said, because the general public seems to be quite uneducated about our calendar system, the mainstream media must be careful when the exact years of the boundaries of decades, centuries and millenias is important. Books for professionals can assume the reader knows the calendar.
Re:The most surprising turn of events (Score:5, Informative)
Configure your home router to pass the port for whatever service you want to access from work to the system that can deal with it at home. Connect to that address using that port.
This is where the trouble begins. You can do this today because it is _your_ router doing the NAT. With no more IPv4 available, you will be sharing your IPv4 with your neighbours. This means carrier NAT. How do you program your ISPs router? You don't.
Re:MAC Address? (Score:4, Informative)
Privacy
Re:all because MS won't put TLS on XP... (Score:3, Informative)
Not true at all. It is possible to establish a direct peer to peer connection between two hosts which are *both* behind NAT. You do need a "rendezvous" server to bounce a few packets - that's not hard to do, and can be easily accommodated as part of any other P2P infrastructure (or even outside of it).
In fact, running P2P in that manner would significantly increase privacy of its participants because to anyone outside a given network there will no longer be a visible single mapping of IP to a "person" (or household etc).
Re:MAC Address? (Score:4, Informative)
Well, first of all, it sort of is. The typical way to get an address on an IPv6 network is stateless auto-configuration [ietf.org], which basically allows your client to combine an advertised route prefix with the EUI-64 (basically a longer version of a MAC address that can be generated from a MAC address) to determine its IP. You don't need any configuration for new clients and they always get the same IP address. Note that Windows Vista/7 use a hashing function with random data and the MAC address so that you can't track a single machine based on its IPv6 address, which solves privacy concerns.
Second, you can't just use the MAC address because it's not easy to route traffic that way. Routing works today because networks are assigned contiguous blocks of addresses, so it's easy to tell where to route traffic based on the address prefix. If we just had MAC addresses (which contain no information about which devices are connected to which networks), routing would require huge tables that would frequently change. This works OK for a small to medium sized network (e.g. switched Ethernet) but it doesn't work at all for the Internet. Even medium-large organizations need to use subnets to effectively manage traffic, which aren't possible without network prefixes.
Re:Whatever (Score:3, Informative)
FTFY
Re:a gazillion IPv6's spamming? hell no (Score:4, Informative)
What is the difference for IPv6 ?
Their currently is one IPv6-DNS-blocklist, they use something like: 5 bad IP's in one /64, block the whole /64, 5 bad /64 block the whole /48. Or some system like that.
Or do you mean their isn't enough tooling yet ?
Re:all because MS won't put TLS on XP... (Score:3, Informative)
Lots and lots of documentation on that. Google for "nat" and "rendezvous".
Here is a first random link I came up with: http://www.brynosaurus.com/pub/net/p2pnat/
Basically, rendezvous server (a host with "real" IP out there) punches a "hole" in each NAT for and on behalf of the respective counterparty. Once it made those "holes", parties communicate directly. Done.