IPv6 Adoption Up 300 Percent Over 2 Years

Mark.J - ISPreview writes "The Number Resource Organization, which is made up of the five Regional Internet Registries, has revealed that the rate of new entrants into the IPv6 routing system has increased by 300% over the past two years. The news is important because IPv4 addresses (e.g. 123.23.56.98), which are assigned to your computer periodically, are running out. IPv6 addressing (e.g. 2ffe:1800:3525:3:200:f8ff:fe21:67cf) was invented as a longer and more secure replacement." IPv6 is still gaining ground slowly, particularly in the US.

wow

And the rate of downloads of Ubuntu 8.10 is up infinity percent in the past two years.

up 300%?

you mean it went from 1 person to 3 people?

Re:up 300%?

No, up by 300% would means there are now 4 users.

</pedant>

Re:up 300%?

No, the rate went up by 300%, not the total number of entrants. I.e., instead of 1 person/year we're now up to 4 people/year ;)

Re:up 300%?

We get it from basic English skills. It's "up 300%" not "300% of what it was".

1 -> 3 = 300% of what it was.
1 -> 4 = up 300%.

Again:

300% x 1 = 3

1 + 3 = 4

no, your numbers are wrong

1. start with 1 throwaway silly joke

1

2. multiply that by the Humorlessness constant

1 * H

3. add 300% overhead cost of a mediocre informative rating

1 * H * 300%

4. factor by the coefficient of who gives a shit

F(1 * H * 300%)W

and you are left with 3 users of IPv6

so there

Re:up 300%?

If something increases by 0%, that means it stays the same, not disappears completely. If something increases by 100%, that means it doubles, not stays the same. Induction can take it from here.

Re:up 300%?

Son of a.... *hangs head, hands over geek card*

Re:up 300%?

wow. I mean, like.. wow

Where the heck do you guys get 4 from?

--

I can sum it all up in three words: Evolution is a lie.

I guess you worked out "Evolution is a lie" is three words using the same calculation you made above.

Obviously technologically superior

The news is important because IPv4 addresses (e.g. 123.23.56.98), which are assigned to your computer periodically, are running out. IPv6 addressing (e.g. 2ffe:1800:3525:3:200:f8ff:fe21:67cf) was invented as a longer and more secure replacement.

Look! IPv4 addresses just have numbers and dots. IPv6 addresses have numbers AND letters . . . and colons (TWO stacked dots)!

No question, which one is better, and tastes better, and lasts longer, and is less filling.

I'd like the IPv6 prefix dead:beef, please and thank, you.

IPv6 address for slashdot.org

Any chance Slashdot could get IPv6 connectivity?

Progress in this direction is "stuff that matters", after all...

I'll switch when my ISP does

First off, anybody who thinks that NAT is a long term solution to the IP address shortage is fooling themselves. NAT is a stopgap solution that has a scant handful of years left in it (some estimates say as little as 3-4 years). IPv6 is the only long term solution we have at the moment.

The biggest thing holding me back from switching is that my ISP [verizon.com] doesn't seem to care one whiff about switching. The only way I have available to get on is to set up a tunnel, which seems to defeat the entire purpose of IPv6. I don't want to run IPv6 just for the sake of saying that I run IPv6, I want to run it so I can have an address for every device and finally get rid of the annoying NAT solutions.

For everyone who says v4 isn't running out

1) the fact that NAT exists means we ran out a long time ago

2) NAT is not a proper solution. It crosses the Network and Transport layer boundary to provide a hack solution to a Network layer issue. Having something like NAT prevents anything besides UDP or TCP from being used behind a NAT, since NAT relies on port mapping between UDP and NAT

3) What makes people think uPNP is a good idea? Wouldn't it be better to just have *real end-to-end connectivity* like was actually intended and used to be the case?

4) As the world of networked devices and content providers increases as fast as it always has been or faster there will be a growing need for content providers (servers) that cannot be behind a NAT while still hoping to use well-known ports for services

5) NAT does not scale. State tracking tens of thousands of connections? Since state needs to be tracked, load balancing something like NAT is just yet another hack on top of a hack.

I would love to hear someone explain how using NAT is a feasible solution permanently. Reclaiming unused sub-allocations from legacy /8s and stuff is not a permanent solution, denying that IPv6 is needed due to the application of a growing list of band-aids is obnoxious to listen to.

Re:Fun with statistics

Why is that lying?

Re:IPV4 addresses are NOT running out

God, I'm tired of it being repeated that IPV4 addresses are running out. Everybody who's not a journalist should know that it's not true.

And everyone who's a network admin knows that it is.

Nat+uPNP is perfectly capable and 100% backwords compatible.

Great, so I can re-write every application to support a half-assed workaround like NAT. I'd much rather have each host bugging the crap out of the router to forward a specific port, please! than to just get the migration over with and be done with it. If you think that NAT+uPNP is a replacement for IPv6, then you need to find a hobby more suited to your skill level.

The potential of IPv6 is kinda scary.

And everyone who's a network admin knows that it is.

You're right, 100%, and I fully support IPv6 adoption end to end, because I know managing port assignments is a pain in the ass for non-UPnP compatible apps, and the problems that NAT has created. Even more absurd is the solutions to those problems (e.g. Skype-style) that are more like hacks than fixes.

NAT has created a very lazy fix to the problem of network security and filtering. If you're behind NAT, you're not addressable unless UPnP or an explicit port forward does it for you, and that's extremely convenient.

In a situation where every single computer in a network is internet addressable (something not always desired in business, which is probably the reason IPv6 adoption is so slow), you have to implement a very strict firewall to block and filter unsolicited traffic to those machines. If you're NATing them, as long as your network is physically secure, you don't have a problem.

This puts a lot less stress on network security than there should be in a business environment, and much less attention to what should or shouldn't be allowed through a local firewall, let alone a site firewall.

I'll stop ranting, but the point is that NAT has created an artificial deficit of proper network security, and I fear that when IPv6 becomes ubiquitous, NAT will linger on as a replacement for real security. The skills required to secure a fully addressable network of machines simply aren't needed in the majority of current environments because making every host in a network internet addressable today is simply not an option.

Re:The potential of IPv6 is kinda scary.

Rubbish. Border security is not security. You can get exactly the same 'security' as NAT with a trivial firewall on IPv6 that blocks all inbound connections and maintains state tracking for UDP ports. You can set up NAT with a default route so one machine gets all inbound packets destined for the public address and not redirected by an outgoing connection, and you can have firewalling without NAT. The two concepts are orthogonal. What makes you think that consumer-grade IPv6 routers will not default to blocking all ports?

Re:The potential of IPv6 is kinda scary.

This puts a lot less stress on network security than there should be in a business environment, and much less attention to what should or shouldn't be allowed through a local firewall, let alone a site firewall.

I disagree. Say your current NAT setup is:

22->192.168.0.1:22
80->192.168.0.1:80
25->192.168.0.2:25
143->192.168.0.2:143

The firewall equivalent is:

block all
pass (22, 80) to 192.168.0.1
pass (25,143) to 192.168.0.2

The decision making process is identical. You've already decided which ports are which machines should be exposed, and that's the hard part! Once you're past that, the semantics of NAT and a "default deny" firewall are almost identical.

Re:IPV4 addresses are NOT running out

Most machines don't need an externally accessible IP.

Unless they want to use something as exotic and unpopular as BitTorrent, you might be right.

Re:IPV4 addresses are NOT running out

Incompatibility with bittorrent is often regarded as a feature by corporations.

Re:IPV4 addresses are NOT running out

Most machines don't need an externally accessible IP.

Which has nothing to do with the IPv4 vs IPv6 debate. Regardless of which stack you use, you are never forced to have externally accessible IP addresses. This is what firewalls, routers, and reserved, non-routable addresses are for.

Re:IPV4 addresses are NOT running out

Lots of them.

Any kind of webserver. Try running two of them on the same IP address.

Of the above, especially websites using SSL. Can't have more than one per IP address.

FTP is a horrible pain when NAT is involved.

Many video conference applications.

Programs like instant messengers with file transfer.

BitTorrent and any form of P2P in general.

IPsec in transport mode

Many games. Two players trying to play online doesn't work at all with some games, no matter how much you fiddle with NAT.

Remote desktop. When troubleshooting, I can't just ask the person I'm helping to install VNC, because then I'd have to explain to them how open the port.

I'm sure the list can get a good deal longer, but this seems enough.

Re:IPV4 addresses are NOT running out

Nat+uPNP is perfectly capable and 100% backwords compatible.

NAT is a hack, and uPNP is not universally supported -- not in the routers themselves, and not in every program you might want t ob accessible.

Besides which, there are a limited number of ports, and you're still preventing people from picking a standard port and leaving it open, to connect to it later -- for instance, if my ISP NATs me, how do I ssh or vpn back home? Let alone run a webserver out of my house..

That's not even getting into all the millions of unused IP's being held by the early internet companies.

True, but consider that IPv6 would prevent anything like that from happening again.

Start with $1 per year per ip to EVERYONE who owns an IP's and you'll see the "IP Shortage" vanish overnight.

I'd also very likely see my own public-facing IP go away, and more and more ISPs NAT-ing all their customers -- who are then doubly-NATed behind their routers -- which is then a gigantic pain in the ass to deal with, versus simply upgrading to ipv6.

I'd also likely see my hosting costs go up a bit.

All to manage this artificial scarcity, and push it back for awhile -- which could be so easily dealt with by simply upgrading to ipv6, and giving an IP address to every device on the planet -- and, as a nice side effect, making it possible for me to assign a public-facing IP address and DNS entry for every toaster in my house.

Re:IPV4 addresses are NOT running out

God, I'm tired of it being repeated that IPV4 addresses are running out. Everybody who's not a journalist should know that it's not true.

There's no reason every person on earth needs an IP. Nat+uPNP is perfectly capable and 100% backwords compatible.

That really isn't entirely true.

NAT and uPnP may work well for your average home user... But it causes some headaches in larger networks. And if you've got a pile of servers that need to be globally accessible - like webservers - you don't really have an alternative to multiple IP addresses.

That's not even getting into all the millions of unused IP's being held by the early internet companies.

This is certainly true. There are several huge blocks of IP addresses sitting unused. Freeing these up would go a long way towards keeping IPv4 alive. At least for a while...

IP's just need to be charged for on a early basis. Start with $1 per year per ip to EVERYONE who owns an IP's and you'll see the "IP Shortage" vanish overnight.

It might very well vanish overnight... But it'll return eventually. The fact of the matter is that we keep coming up with new reasons to route information over the Internet. And all these new devices and gadgets require an IP address.

One of the cities that we support recently bought a new chiller for their ice rink. Their old one was just managed in-house. You had to be standing in front of the device to do much of anything. And if it was malfunctioning they had to send someone out to eyeball the machine. Their new one has a network jack and can be monitored remotely through a web interface. So we had to get them bandwidth and a static IP address so they could keep an eye on things even when nobody was physically at the civic center.

Sure, there are some absolutely stupid and frivolous things we're doing these days. Folks don't need to be able to surf the Internet from their microwave oven. But it is getting to the point where we expect to be able to gather information from just about everything, and view it just about everywhere. Folks expect to be able to hit Google or Wikipedia from their cell phones. Lots of industrial equipment can be managed remotely. I know I routinely troubleshoot issues remotely.

To a certain degree we can hide these devices behind NAT... I can have a dozen web-enabled appliances in my house and just use different ports forwarded through a single NAT'ed IP address to access them. But what about devices that don't necessarily sit behind a router? What about my web-enabled phone?

And what happens when the ISPs start running out of addresses? Are they going to install giant NAT routers themselves? Are we going to wind up with several layers of NAT?

Re:IPV4 addresses are NOT running out

There's no reason every person on earth needs an IP. Nat+uPNP is perfectly capable and 100% backwords compatible.

1. We're talking about network devices, not people.
2. NAT+uPNP is not "100% backwards compatible". Older applications that need incoming connections certainly can't use NAT and uPNP. It's arguably slightly better on backwards compatibility than IPv6, but not greatly so.
3. NAT and uPNP are hacks that do not solve most of the problems that IPv6 is designed to fix.
4. If an OS supports IPv6 (and which popular operating systems do not? Mac OS X, Windows XP, Vista, and all desktop and server distributions of GNU/Linux I've seen lately support it out of the box, no special configuration required), then adding IPv6 support to your network is just a matter of adding a gateway/router that falls back to 6to4 if it can't get a valid IPv6 netblock. How is uPNP or NAT easier than that?

In the end, we want peer to peer connectivity. That's what the Internet was designed for. We currently use a clumsy group of non-transparent hacks that "mostly work" to work around the fact that we can't give every device a predictable IP when it leaves the factory. IPv6 is a clean architecture that scales, that works predictably, that works now, and that allows peer to peer connectivity between IPv6 nodes transparently.

The only reason why people aren't switching to it now is because everyone's still hung up on hacks to get IPv4 to work acceptably. If the router manufacturers followed Apple's lead and incorporated IPv6, including 6to4, into all new routers, most people would switch to v6 without even knowing it. We'd suddenly have an ecosystem where everything would "just work" - buy an Internet-enabled widget from the shop, plug it into any Ethernet port on your network, and it'd work, no configuration required, regardless of what it's supposed to do.

To get there, we have to stop doing what we're doing.