IPv4 Address Crunch In 2 Years, IPv6 Not Ready

An anonymous reader writes "We've known for ages that IPv4 was going to run out of addresses — now, it's happening. IPv6 was going to save us — it isn't. The upcoming crisis will hit, perhaps as soon as 2010, but nobody can agree on what to do. The three options are all pretty scary. This article covers the background, and links to a presentation by Randy Bush (PDF) that shows the reality of the problem in stark detail."

Well duh

[n3tcat]

It's not hard to figure out why we haven't solved this problem. It costs MORE to fix it now than it does to wait.

So just wait until it costs more to live with IPv4 than to migrate to new systems. Then EVERYONE will be working on a solution.

Re:Well duh

[John3]

It's not hard to figure out why we haven't solved this problem. It costs MORE to fix it now than it does to wait.

So just wait until it costs more to live with IPv4 than to migrate to new systems. Then EVERYONE will be working on a solution.

This is true of technology in general. Government and industry debate global warming and peak oil but do very little to actually address the issue since it costs so much to implement solutions. The IPv4 issue is daunting to be sure, so it's no surprise that IPv6 progressed so slowly. I did a quick search back to 2000 on Google News and industry and tech journals were shouting warnings even back then. So eight years later there is no solution.

The problem will be fixed when the p0rn sites can't get new IP addresses. The adult entertainment industry has driven many of the Internet and web innovations in the past (streaming video, credit card processing) and they'll likely lead us into a bright new future of unlimited Internet addresses. :)

Re:Well duh

[orzetto]

This is true of technology in general. Government and industry debate global warming and peak oil but do very little to actually address the issue since it costs so much to implement solutions.

Society is not an amorphous blob with a clear will and an appreciation of its own good. Society is made up by people, and what the decision makers think is "good" is not necessarily good for society; both because the decision makers might be wrong, and because their own interests may be different from those of society (you don't get to be president because you're Joe Average from Missouri).

In the case of Ipv4, as in the one of energy, the interest of society is to fix the problem. The interest of the decision makers, however, is not to fix it, because they are now sitting on a critical asset that is always in demand and that is getting increasingly scarce, and therefore more expensive. The near-disaster scenario is in their interest, because that way they will maximise their returns. It's like the owner of an oasis in the Sahara: rain and rivers would be bad for business, drought is more people depending on you.

I would expect China or India to come up with a solution first: they don't have many IP addresses to begin with, they have growing economies that will sooner or later require more IP addresses, and they have the means to kickstart a major project.

Re:Well duh

[A beautiful mind]

While I appreciate the point you're trying to make, but there are quantitative differences between the thinking of a country like Japan and for example the USA. In Japan, they did have the foresight to make their systems IPv6 ready, so maybe just our expectations are too low? I'd rather tell people what to do than to make excuses in the technology/politics field referring to Joe Sixpack who allegedly wouldn't understand or care.

Re:

[Anonymous Coward]

you don't get to be president because you're Joe Average from Missouri

Harry Truman.

Re:

[madsenj37]

Harry Truman was a Free Mason...

Off topic

[oyenstikker]

That you mentioned India might come up with a solution reminds me of a book I read that discusses in the context of game theory (primarily Prisoner's Dilemma) why people (Indians in particular) make poor decisions as far as society is concerned to maximize personal returns.

"Games Indians Play" by V. Raghunathan
ISBN: 9780670999408

Re:Off topic

[mikael]

I've read some of the reviews for that book. The story about everyone in a street ending up using water amplifiers (pressure boosters) to guarantee that they get their fair share of water is funny. Some things don't seem to different from other parts of the world.

Dumping garbage in the street - that happens elsewhere whenever the authorities impose apparently madhatter legislation; Example, a country in Europe creates a whole nation-wide network of recycling centers to reduce the amount of waste going into landfill - Totally sensible. Anyone could enter, and recycle their old boxes, cartons, polystyrene boxes, lawnmowers, furniture, whatever. Then the authorities decide that too many people are making too many journeys, so they decide that each family can only get a ticket to allow them to recycle once every two months. So now, everyone drives around looking for somewhere to dump their recyclables, even filling in the communal rubbish bins of neighbouring villages. Others simply burn it instead.

Re:Well duh

[Tracy Reed]

China, Korea, Japan etc. use lots of ipv6. I've been there, seen it, helped set some up. There is a whole Internet out there full of asian language websites out there that we don't even know about because our english only Internet doesn't link to it. Go to a cyber cafe in Hong Kong, Beijing, Seoul, and you'll see what I mean.

Re:

[sjames]

Actually, some of the servers ARE v6 only, and indeed, IPv4 cliants out there cannot reach them at all. No NAT is happening for those servers.

The client machines, OTOH are either running dual stacks or they are NATing v6 prefixes into v4 addresses at the edges of their v6 network.

Re:

[upside]

Never mind pr0n, how about industry leaders with deep pockets like Google, Yahoo, Sun and Microsoft? Not one has an AAAA record for their web servers. It's pretty pathetic.

Re:

[Bert64]

Altavista used to... Back when it was run by DEC.

See:
http://www.ipv6.org/v6-www.html [ipv6.org]

Microsoft research have a v6 site too...

My site (www.ev4.org) is also available on v6, just incase anyone cares.

Re:Well duh

[Bazman]

Yeah it's the pr0n sites' fault. Now, google search for the article by Randy Bush.....

Re:

[Yvanhoe]

Ok, should have RTFA. The fact that most equipment is IPv6 compatible would be a myth.

Re:Well duh

[Tony Hoyle]

Certainly on the home side... go into the average store, and it's easy to count how many home routers are ipv6 enabled. none at all.

Some can be adapted - my wifi router can route ipv6 but not talk it for example. No way all that hardware is going to be replaced within two years.

OTOH we've been hearing the doomsday scenarios from the ipv6 zealots for 10 years now, and I'm not seeing it - it's still easy to get a block of IP addresses (I asked for 8 and got given 16 'just in case' for example).. we're not seeing the beginnings of a shortage yet.

Re:

[Tony Hoyle]

Just RTFA'd myself.. That PDF sums up 100% what is wrong with ipv6 right now.

Didn't know that XP couldn't do DNS lookups over ipv6.. that's new. They did't mention that active directory doesn't work with ipv6 (important to companies, and a biggie, because as they say.. if one part of the infrastructure can't support it, it doesn't happen).

Re:Well duh

[anticypher]

There are no 10 year old backbone routers still in service on any backbone. Anywhere.

Growth of the IPv4 routing table has left all them obsolete. Big routers from 10 years ago have all been migrated towards the edge, where they no longer fulfill a backbone role. Or they've been scrapped for being too costly, slow, power hungry and un-upgradable to modern interfaces.

For all that old kit that tosses IPv6 traffic to the CPU to be routed, it will still be usable for the next few years until IPv6 traffic starts to become more prevalent. By then, the current IPv6 backbone kit will have been migrated out from the core towards the edges. There is no problem with old kit, at least at the routing and switching level.

All the major backbone router manufacturers have included IPv6 natively for at least the last 3 to 6 years. Any internet company that has done a major upgrade to deal with ever increasing traffic levels and customer demands now have IPv6 capable hardware in service in the backbone. Some manufacturers may still charge more to turn the capability on. The ones that don't are seeing increasing sales because all their major clients don't like have a tiered system of features, where the only set with all the needed features is the most expensive one.

the AC

Re:

[anticypher]

True I've never worked for UUNET, but given their reputation I could believe they still have cisco 7500s in their core. And I wouldn't count UUNETs carrier core as an ISP.

Around here most of the core kit installed in Tier-1 and Tier-2 backbones is Juniper M and T series, Cisco 3700, 12000 and CRS-1, Nortel optical DWDM carrier components, and Foundry MLX and XMR series. There is now starting to be more Alcatel-Lucent and Huawei kit seen in lower cost areas.

I never said that core kit was entirely replaced ev

Re:

[ArsonSmith]

Yea, it's always cheaper to rip out a century old established economy and replace it with a completely new untested one.

Re:Well duh

[PrescriptionWarning]

That sounds like an "if it ain't broke, don't fix it" argument to me. Which in fine and good for simpler technologies, but can be disastrous for more modern technologies. Just think what would happen if you didn't change your car's oil until the car simply refused to run. What would happen if we all decided not to curb our oil consumption habits until we either ran completely out of oil reserves. You see its the shortsightedness that in the long run costs you WAY MORE than if you simply keep the options in mind and work towards a solution.

So in two years when they can't add any more addresses, the only ones to blame will be those who stuck they feet in the mud and wouldn't budge. Besides, they can always just start taking away all those spam sites that offer no real content and just distribute those to other who actually need them, I'm sure there's at least another 2 years worth of those.

Re:Well duh

[KiloByte]

Besides, they can always just start taking away all those spam sites that offer no real content and just distribute those to other

Actually, the spammers/phishers are already doing their utmost to stop eating new IPv4 addresses, and conserve them by using existing IPs of random Windows boxes. See, who's the bad guys now?

Re:Well duh

[SnarfQuest]

What would happen if we all decided not to curb our oil consumption habits until we either ran completely out of oil reserves.

I remember when I was younger, we were down to 10 years of oil underground. This was some twenty years ago. We did a few minor changes, slight improvement in gas mileage, but not much. We also greatly increased the number of cars on the road. Too bad for you youngsters, you now have only 10 years of oil left underground.

Re:Well duh

[samkass]

I remember when I was younger, we were down to 10 years of oil underground.

It all comes down to yours sources. 20 years ago, they were still finding more oil each year than was being consumed, so the "10 years left" folks weren't the responsible people. The opposite is true now. 20 years ago it wasn't economically feasible to pump the sludge out of Canada's shale, but now it is. It wasn't economically feasible to put a platform in the middle of the Gulf of Mexico and drill a mile down, but now it is. But all those sources are limited, as well. We have a much more accurate picture of how big the problem is now than we did 20 years ago.

Re:

[gad_zuki!]

Its also worth noting that its very easy to cherry-pick sources from the past to make a certain point of view look silly. The GP is playing the 'all predictions about this are wrong' card but if you were to make a sincere effort to look into what people and studies showed about the economics of scarcity, you'd see it wasnt so cut and dried. This is usually a dishonest rhetorical trick.

Re:

[pherthyl]

Well there's definitely something going on. Look at the OPEC oil production over the last few years: http://en.wikipedia.org/wiki/Image:GlobalCrudeOilProduction2001-mid2007.png [wikipedia.org]

Since 2005 it's been flat. And yet prices have skyrocketed in that time. In 2000, OPEC promised to adjust production to keep prices around $22-$28/barrel. Then in 2007 they said prices would stay around $50-$60/barrel until 2030. Well it's one year later and prices are at $100. All this time OPEC hasn't increased production, and

Re:Well duh

[Bert64]

Really they need to take back the large ipblocks that were allocated to companies years ago, but which aren't even being used . Ford has a /8 ipblock (16777216 addresses) that they use internally and dont route to the internet, why cant they use 10.0.0.0/8 internally like everyone else?

Re:

[jZnat]

At the rate that IPv4 addresses are being used, even if all the /8's given to companies that got on the Internet first were freed for general use, that would only buy us a few months before we ran out of IPv4 addresses again. It'd be better to just move on to IPv6 where it's impossible to run out of addresses.

Comment removed

[account_deleted]

Comment removed based on user account deletion

Re:Well duh

[eln]

The problem is that Y2K was handled so well, and as a result the consequences of it were so ridiculously minor, that most people in the general public feel that it was all overblown hype. Yes, there was a lot of hype, but the fact is a lot of programmers worked a long time to make sure things that needed to be fixed got fixed.

However, since most people feel that Y2K was overblown and the money spent on it was wasted, they're unlikely to take seriously any new "crisis" in IT, and will simply refuse to spend any money on it.

Re:Well duh

[argiedot]

Absolutely, reminds me of an old joke:

• Visitor: If there's quicksand in this part near the town why don't you put up a sign?!
• Man: We did, but nobody was falling in so we thought it was useless.

Ha ha.

Re:

[Anonymous Coward]

Why don't we send intel a bill of $1 per each of their 72,000,000 IP4s, and DEC, and IBM, ... each year, and let them lead the way to IPV6.

Re:Well duh

[SanityInAnarchy]

The problem is, the cost may not be measured in dollars.

Right now, although my ISP only gives me one IP address per subscription, I control it. I can run a private web server, mailserver, etc. I can basically run a website on $10/year (the cost of registering a domain) unless I suddenly get popular. ($30/year if I pay for an SSL cert.)

If we stick with IPv4, this will no longer be possible. IPv6 would bring plenty of improvements on the current scheme, but sticking with IPv4 till it runs out means more NAT, and at the ISP level. And that means a higher barrier of entry to being a web server. It means the Myspaces and Livejournals of the world get to control everything anyone wants to publish.

This is not a cost that we can measure in dollars, though. It's a cost to society.

Re:Well duh

[somersault]

It's time for a new breed of man. One who isn't afraid to get his hands dirty, but can also wash them when it's time to meet the management. Someone who can make time to shower and shave every morning. Someone who's novelty geek mug will be understood by even those who think that having spyware makes them a secret agent. Ladies and - oh wait, scratch that. *ahem* Gentlemen! Today I introduce a new template class - the Geexecutive! Get implementing!

Dupe

[suso]

Here is the story from a few weeks ago [slashdot.org]

And as I said before, the solution is to take back some of those huge class A blocks from companies like HP, Ford and GE, which are not using all the space. That would buy a few years.

Re:Dupe

[Silver Sloth]

RTFA - which says

... there are ideas for managing the address space more efficiently by introducing auction and other pricing mechanisms to encourage better use (people who don't need their allocation will flog them off rather than hoarding them, while new uses will be parsimonious in their approach), but the developing world sees this as unfair in the extreme. You can see their point.

There are other problems: how do you route IP addresses when the existing hierarchy breaks down due to address spaces moving through the network? Who's responsible for managing an increasingly incoherent network? Who foots the bill when your address space is sold from underneath you? In any case, it doesn't solve the basic problem - it merely makes it increasingly expensive to innovate.

so it's not quite that easy...

Re:Dupe

[Anonymous Coward]

Not dupe! That story is titled "One Step Closer to IPv6"... This one is "798 steps to go"

Re:Dupe

[IBBoard]

And we need to retrieve some from the Vatican as well!

Looking at the information here [modernlife...bish.co.uk] then the Vatican has far too many IPs per capita. Ditto for the other tiny nations of Gibralta and Monaco. I'm sure it'll buy us at least a week!

And for anyone geeky enough to care (who isn't geeky enough to have it bookmarked already) here [iana.org] is the assignment list. Each of the companies mentioned owns an entire top level block (e.g. Ford own 19.xxx.xxx.xxx) and some like the Defense Information Systems Agency (whoever they are) own multiple blocks! That's an awful lot of addresses.

Re:

[kellyb9]

2^24= 16,777,216 addresses for each of those companies seems excessive. If there was a major crisis, I would wager to bet they would begin leasing out these addresses to private consumers at a premium. Regardless, I've heard so many estimates about when this is going to happen, I find it difficult to believe any of them.

Re:Dupe

[Spad]

This [xkcd.com] is a much prettier depiction

Re:

[gclef]

We allocate 10-12 /8's [potaroo.net] every year, and that rate is increasing. Reclaiming legacy allocations is not going to help.

And?

[SmallFurryCreature]

That is one way to do it, keep patching it up and hope it becomes somebodies elses problem.

The problem is simple, the way we want to use the internet means we are getting more and more devices which desire their own internet adress. Some people suggest solutions like NAT but these only have so many uses especially when mobile phones become internet capable. If you want your internet node to be independent then you need an ip adress.

Don't believe me? Fine, give up your internet connection with its own IP and use the NAT solution of your ISP. Good luck running a torrent.

We could easily solve the entire problem if we just used NAT for every major ISP. It would free up countless adresses and keep IP4 usuable for decades rather then years.

So who is first? Who is going to give up their IP for their home for the greater good?

Thought as much, absolutly nobody.

It is the problem with humans, we don't want new power installations, we don't want to use less power and we refuse to switch to more economical appliances. Something has to give, but goverment or business is NOT going to do it. Sooner or later it just breaks down (see the LA brownouts) and finally a decission will have to be made.

Same with a solution to IP4 limited adress space. We will keep coming up with patches and ignore the problem until finally it can no longer be ignored and then we will have to really bite down to implement it at great cost and inconvenience when we could have solved it easily right now.

Because lets be honest, it ain't all that much of a problem. In the EU we switched currencies. A hell of a job but because it became accepted that it had to be done, it just happened.

We could easily do a switch to IP6 but only when the majority just accepts that it has to be done, and bites the bullet.

Analog mobile phones no longer work in the US, holland no longer airs analog tv signals, switches happen all the time. It is nothing special, but in each case somebody just had to say "we are switching and if you are not ready, though".

So what if countless devices will no longer work, at a given point you just have to be able to say "upgrade or be left behind" or you will be forced to increasinly bend over backwards to accomadate out of date tech.

Re:And?

[Frank T. Lofaro Jr.]

Anybody can use Linux for routing, or if they need something better, they use Cisco.

Both support IPv6.

When IPv4 runs critically short of addresses, give people a NAT'd IPv4 address and a real IPv6 address.

They can switch to IPv6 if they want/need to, and they won't have a leg to stand on if they don't like it.

Re:

[suso]

And you would be wrong. We burn through 2-3 /8's every few months. The effort to reclaim the legacy /8's would take longer than the time we'd gain from reclaiming them.

Where do you get this information? I'm not sure that even makes sense. A /8 is over 16 million addresses (not to insult your intelligence) and at a rate like that, I'd think we'd already be out of addresses a year ago. But if it really is being consumed that fast. Then you are right, the only solution is to switch to IPv6. And to do is ri

Re:

[gclef]

I get that info from here [potaroo.net] which is looking at the actual allocation rates from the RIRs.

Will get solved when needed to be solved

[Danathar]

People will move and applications will get ported to IPv6, but only when they HAVE To move to IPv6 OR when there is some benefit that outweighs the cost.

Simple.

simple: ip cohabitation

[circletimessquare]

i'm sharing my blog ip address with a porn site dedicated to a fetish for women with moustaches, some guy's home security system in hong kong, a government bureaucrat's cell phone in helsinki, and an email server for a truck dispatching company waco texas

i think it's also a pretty good premise for a reality show or situation comedy

Just buy a cheap SOHO router

[blake1]

And put China behind it. IPv4 addresses, plenty. Botnet problem, solved.

Time for the Government(s)?

[grumbel]

One thing is rather clear to me: We won't run out of IPv4 addresses anytime soon, instead the price will increase more and more and thus people will end up behind ISP enforced NATs, because IPs are to expensive for the average consumer. This is after all already the case, at least in part, static IPs are a premium service, not something you get for free from most ISPs.

So how to fix this? How about some good old government regulation? If you want to provide a "Internet service", you have to provide IPv6 or you can't call it "Internet". With a little force it shouldn't take all that long till the switch to IPv6 is done. But unless that happens the rarity of IPv4 addresses will simply be seen as a nice way to make money, instead of a problem that needs to be fixed.

Re:Time for the Government(s)?

[zsau]

Or just ban porn sites from using IPv4. Everyone's happy then: Think of the Children types will have porn apparently banned, techies will see IPv6 adopted widely, and civil liberties types will have porn available if they want it.

Itojun

[eldavojohn]

Yeah, we always fall back on the government to help us out when us nerds aren't satisfied with how capitalism is driving the technological trends that need to happen.

But let's not forget those that went before us. Jun-ichiro Hagino [itojun.org], better known as Itojun, was one of the first researchers that was pushing for IPv6 since as long as I can remember (at least 2001 [onlamp.com]). On top of that he was developing specifications for it and working through the BSD code to make it one of the first operating systems fully capable of being IPv6 compliant--starting a trend that needs to happen in more operating systems sooner. He even started documenting draft APIs [ietf.org] to get developers thinking about how this would work inside software.

And then he died in a car accident at age 37 [icann.org]. It's funny how you don't appreciate their work until they're dead [cisco.com]. Almost like a painter or author.

Although many still carry on his work, the saddest part is that all his efforts to bring awareness to everyone about IPv6 may fall into the responsibilities of the government or, worse, capitalism.

America Will reign supreme!

[140Mandak262Jamuna]

America will then become the Saudi Arabia of ip addresses. Price of oil will drop to something 200,000,000 barrels for one address. Woot!

People are starting to work on solutions

[Anonymous Coward]

The basic solution to this problem is to deploy IPv6 as soon as you can, figure out what problems remain to be solved before you can use IPv6 100% and then put pressure on your ISPs, vendors, etc. to solve these problems. That's how the Internet grew like topsy in the first place, and its not too late to get this going. Two to three years is enough time.

ARIN has published a web site which collects information about how to move to IPv6 here: http://www.getipv6.info/ [getipv6.info]
It's oriented towards the things that ISPs and other service providers (hosting centers, large IT depts) need to do to get IPv6 working in production.

Soon, the stock market analysts will be asking the big ISPs and telecom companies what actions they are taking to avoid going bankrupt in two years when the crunch hits. Any company that can't get new IPv4 addresses will have to stop growing their IPv4 networks. If they have an IPv6 network to take up the slack, no problem. If not, then customers will flock to the providers that have IPv6 ready to roll.

There was a network operator meeting at NANOG recently where they showed that it is almost possible to provide full Internet access, both IPv4 and IPV6, using an IPv6 connection. Yes, I know, "almost" means there were problems, but they were not massive problems. They were the kind of things that people were working on fixing with IPv4 networks back in the early 90's. And they did that because they went ahead and built IPv4 networks and tried to make them work for everything imaginable. When things broke, they fixed the bugs and moved on, eventually becoming the global Internet that we know today.

There is a way to avoid going bust when the address crunch hits in two-to-three years and that is: Get yourself IPv6 Ready!

Not compatible, not happening

[fuzzy12345]

DJB said it best at http://cr.yp.to/djbdns/ipv6mess.html [cr.yp.to] Why switch from an Internet with a billion people on it to one that has nobody on it that can't be reached by IPv4?

Re:Not compatible, not happening

[powerlord]

Actually, that makes it sound lots more appealing. :)

p2p

[upside]

I foresee a - perhaps shortlived - opening for lots of filesharing.

Re:

[Just Some Guy]

Why switch from an Internet with a billion people on it to one that has nobody on it that can't be reached by IPv4?

DJB has an awful problem of confusing "I don't know how it can be done" with "it can't be done". For example, he doesn't seem to realize that you can run IPv4 in parallel with IPv6. In reality, you can access my homepage linked above through either protocol, or send me email from an IPv6-only server. In fact, all of my FreeBSD mailing list traffic comes in via IPv6, right now, today.

Re:

[IkeTo]

> ... it'll be IPv6 or nothing.

The problem is that this is simply not true. Most people can continue with IPv4 under NAT until the first IPv6 big site arrives. But, nobody's going to be that first guy.

Why should most people (including 'nerds') care?

[apathy maybe]

OK, I'm interested in technology, I know what IPv4 and IPv6 are, I know that there are many more advantages to IPv6 then to IPv4 etc. Yet I'm failing to see why I should care whether IPv4 addresses are running out or not.

But more to the point, what can I (as an individual who isn't part of the technocratic elite) do about it if I did care?

I don't code network stacks, nor kernel drivers, most of my software is written by someone else, and is automatically updated to fix problems and include new features.

I assume that by the time everyone else is using IPv6 I shall be too (simply by virtue of my software being updated).

So, why should I care? And what should I do if I did care?

Re:Why should most people (including 'nerds') care

[anticypher]

Why? Your money is why.

If you want to continue to use an IPv4 address from your upstream ISP, you currently pay about US$10 per month for that address, more if you want a nice static address to run services on.

After 2012, or if one of the hair-brained free-market schemes to buy & sell netblocks comes into effect, the price your ISP has to pay for an IP address goes from ZERO to $10 or $20 per month per address. Currently, with a freely available pool of IP addresses, there was minimal cost associated with obtaining a netblock, just some administrative overhead to ask, and some technical cost to program the routers. ISPs discovered that they could charge US$30/month to a user, of which $10/month covers bandwidth, $10/month for the connection, and the remaining $10/month is the pure profit from renting you an individually addressable IP address.

When the crunch hits, IPv4 addresses will be accounted differently, no longer will they be seen as a free resource that earns $10/month, they'll be seen as a cost center that needs to have a margin associated with it. So if the company has to start paying even $1/month per address, they'll pass that cost on to the end users as a higher monthly fee.

In the end, those who don't have an IPv6 service with a migration strategy will see their internet connectivity increase in price. Maybe only a little in 2010, more in 2012, and if there isn't a mass migration to v6, significant costs after that. You, and every consumer, better hope that ISPs and hosting centers get a migration strategy in place soon, or your costs are going to skyrocket.

That was costs from the consumer PoV.

From the techie PoV, imagine what will happen to your router FIBs if some of those nicely aggregated /8s and /16s de-aggregate into 100s of thousands of individual prefixes. Is there any Cisco router right now that can handle a BGP IPv4 routing table of 2 million entries? Are you willing to scrap your entire Border Router investment in 2010 when the routing table grows from 300,000 routes to 750,000 routes? Do you know what the cost of a Cisco CRS-1 is, even if you can find one used?

the AC

Three Things for Widespread IPV6 Acceptance:

[JoeD]

1. Home routers that support IPV6 off the shelf.

2. Cable/DSL modems that support IPV6 off the shelf.

3. (The biggie) ISPs that hand out IPV6 addresses.

In a vain attempt to forestall the inevitable followups:

Yes, I am aware that I could install new software in my WRT-54G, and convert my home network to IPV6. But as long as my upstream connection is IPV4, this gains me NOTHING except a bunch of aggravation and downtime getting the thing set up. No thanks. When my ISP supports IPV6, then and only then will it make sense for me to convert.

Re:Three Things for Widespread IPV6 Acceptance:

[anticypher]

That is true, the AEBS only does 6to4 tunneling, but that tunneling works with both Hurricane Electric and Sixxs static service. In fact, it works pretty well for home use, and if you've got Macs behind it, they pick up their IPv6 address quite nicely and it all works pretty transparently. I'd recommend it as a good (but expensive) way for geeks to get up and running on v6 with a minimum of hassle.

I've tried making some of my AEBSes work on a native dual-stacked network connection, with no luck. It doesn't listen to Router Advertisements, DHCPv6 service, or anything I can detect. You can manually set a local node address, but it doesn't seem to route or bridge at that point. Apple's forums have been less than enlightening, and I've never heard back from their developer tech support on the issue. There firewall is very buggy, it seems to be just a simple two line IPFW entry to block incoming connections and keep state on outgoing. Any kind of P2P activity causes the firewall to fail badly.

A Chinese company last year gave me a DSL router that speaks IPv6. It is some kind of OEM version of a popular Belkin model, but with a Chinese only firmware installed. They claimed it was the most widespread model inside of China, where many ISPs can only hand out IPv6, and there is a NAT-PT+totd translation service somewhere within the ISP. I played around with it for the few days I had, and couldn't figure out how to make it work for what I expected. Some of the configuration pages looked identical to Belkin, but in Chinese and with some obvious IPv6 entries on some pages. It certainly worked as an IPv6 only DSL modem, and dual-stack v4/v6 just like a Belkin, but I never got it to work with a NAT-PT gateway.

There was a muttered admission that by having a lot of IPv6 only services that aren't announced outside of China it makes it a lot easier to do the great firewall of china function. There is apparently a government funded push toward IPv6, but none of it is announced externally because of firewall issues.

the AC

Class 'C' address space for sale.

[arthurpaliden]

The company died and no longer needs it. Maybe I will put it up on ebay.

Re:Class 'C' address space for sale.

[anticypher]

But you don't "own" that netblock, you were allocated it from ARIN for a single use.

Put it on eBay and ARIN will then send you a polite email about how they have now reclaimed the netblock since it obviously no is no longer being used for it's original declaration. They will then turn around and allocate it to the next demand in their queue. They have all the authority, you have none.

If your sale goes though on eBay, for selling something that did not belong to you, you have committed fraud. I hope you have put aside some of your windfall for legal fees.

the AC

Re:

[arthurpaliden]

So tell me. How does it feel to go through life with out a sence of humor?

Migration to IPv6 (it's on it's way)

[Midnight Thunder]

There is a lot of feet dragging going on, partly because too many business plans rely on short term spending. The irony is that some of the companies which you expect to be leading the way in IPv6 migration don't even have web sites that are IPv6 enabled. This includes IBM, Apple, Microsoft, RedHat and Cisco. I make the point because they should be picking up the torch now that research sites have already done their part, and showing that it is an achievable goal, and not some sort of pipe-dream. /. readers at the same time, should probably get to know and understand the technology, since it is not a question of whether it will happen, but when. When it happens if the IT crowd doesn't understand IPv6, then we really have issues.

If you want to get an IPv6 web site running there are number of solutions, including using Apache 2 with IPv6 support activated and making sure you have an OS that supports an IPv6 stack - most modern OSs do.

Migration technologies for people stuck behind IPv4 NATs include Aiccu [sixxs.net] and Teredo [microsoft.com] (Vista includes this, and for other OSs there is Miredo [remlab.net]). If you are at home, then one of the 'consumer' routers to support IPv6 out of the box is the Airport Extreme. If others support it out of the box I am not aware of this.

When you are ready see the dancing turtle [kame.net] - if you don't see it you are accessing it via IPv4.

Other stuff you can do in the meantime is checking to see if some your favourite network based applications handle IPv6 and if they don't make some noise. Its best to make the noise now, when it doesn't matter so much, than waiting until it does. On the bonus side they can advertise [wikipedia.org] the fact they are IPv6 ready.

What's wrong with this plan?

[argent]

The logical way to go would have been to switch to IPv6 for everything in the core of the internet, working out to the edges, so that IPv4 was routed over an IPv6 network, without requiring anyone at the end points to change... IPv4 packets would be turned into IPv6 packets in the IPv4 subset of the IPv6 address space when they left the IPv4 endpoints, and then turned back to IPv4 if the destination didn't support IPv6. To access IPv6 resources you'd need a gateway that did both DNS and NATting, so your IPv4 lookup for an A record would be handled as a lookup for an AAAA record, and then a private IPv4 address would be assigned to that IPv6 address for you, and a fake A record comes back.

For many purposes proxy gateways would work just fine, with increasingly many programs supporting HTTP proxies for connectivity.

Why didn't this happen?

Re:

[Neil]

IPv4 packets would be turned into IPv6 packets in the IPv4 subset of the IPv6 address space when they left the IPv4 endpoints, and then turned back to IPv4 if the destination didn't support IPv6.

Unfortunately the IPv4 address space isn't embedded in the IPv6 address space in the way that you suggest. Dan Bernstein pointed out many years ago that this was a mistake [cr.yp.to].

Re:

[argent]

Unfortunately the IPv4 address space isn't embedded in the IPv6 address space in the way that you suggest.

I thought there was a chunk of IPv6 address space allocated to IPv4 addresses.

[...]

Ok, so, according to DJB this address space (RFC 2893) could be used for this purpose, but the folks responsible for implementing IPv6 have said that this shouldn't be done.

So I guess that gets back to my original question, why wasn't this done? There's technical support for it in the standard, they just say you're not su

Oddly, Google will Fund Switch to IPV6

[RonBurk]

The untrue, but unchangeable, folklore of Google Adsensers (people who try to make a living via free search engine traffic to web pages that display Google ads) is that it's crucial for your Google rankings that your website be hosted on a server with a "static IP" (I don't know why people can't say "IP address" anymore in that community). These are the folks that will pay more, and more, and more for the privilege of having their own IP addresses as scarcity increases. Thus, Google money will ultimately and indirectly fund the switch to IPV6, as ISPs serving the hordes of must-have-my-own-static-address Adsensers will be able to afford conversion.

The best thing that can be done to accelerate this process is to perpetuate the myth that it's crucial for your search engine rankings to host your website on a server with its own static IP address.

Good target: the client side

[Random BedHead Ed]

No one wants to run a publicly available site on an IPv6 address, as that would create problems, but the client side is easy to convert, as long is there is incentive. Few customers of major consumer ISPs need real IPv4 addresses, so most ISPs can run their networks on IPv6 and require their customers to have IPv6 enabled (XP, Vista, OS X and Linux can all do this). This would free a lot of IP addresses.

Clearly the market is not embracing this solution, partly because they don't want to force their customers into a transition, but also partly because the market is based upon the cost of procurement, rather than on future availability. Procurement has been cheap up until now. It's the same reason that gas is only about $3.00 a gallon (yes, I said only), despite the anticipated future scarcity. So there are three options:

• Regulate by incentive. Give tax breaks for ISPs that meet a goal (for example, roll out 100% IPv6 networks in urban areas).
• Regulate by disincentive. Set a mid-2009 deadline for the above and penalties for failure to meet the goals.
• Let the market decide. ISPs will willingly shift address space for IPv4 away from consumers who don't need IPv4 addresses, if there's a crisis. So we wait for a crisis to present itself, and IPv6 will start to appear. This is risky though, as TFA points out that (1) this will hit the developing world first, and (2) the crisis will seriously affect innovation in the short term, even if we solve it in the longer term.

It would also be nice to see some financially independent and influential non-profit organizations make the switch, like major Ivy League universities. They're the ones who should really be leading this because they don't have the profit motive that makes businesses shy away from what appears to be a set of risky changes.

Forgive me if I don't seem alarmed

[merreborn]

The IPv4 crunch has been 2 years away for at least 10 years.

By the way, the idea of reallocating parts of Class-A blocks has been technically feasible for over a decade. Say hi to CIDR [wikipedia.org]

Myth in the article about test equipment wrong

[AaronW]

The article claims that there is no good IPv6 test equipment. I know this to be false. The old test equipment we have in our lab at work (Adtech) handles IPv6 performance testing just fine, just as well as IPv4. Granted, we only have OC-48 adapters, but higher speeds are available. This will test for speed, dropped packets, out of order, etc. I would be very surprised if any modern test equipment did not natively support IPv6 since supporting IPv6 is basically required for any decent router, especially if you plan to sell to the enterprise or government market.

The biggest problem I see at this point in terms of equipment is that few home firewall routers support IPv6, plus it sounds like Windows XP is missing some needed functionality if it doesn't properly handle IPv6 DNS or AD. I have a small Linux network at home running dual IPv4/IPv6 and have had no issues with IPv6.

Most of the Internet backbones no longer do IP routing, instead using MPLS for making forwarding decisions. MPLS doesn't really care what protocol runs on top of it, only the routing protocols do (i.e. BGP) which do support IPv6.

Is this REALLY a problem?

[wild_quinine]

Is this really a problem for most people? NAT really.

Re:Is this REALLY a problem?

[johannesg]

NAT is a really, really bad solution. It creates two classes of internet user: those that may run servers, and those that may not; a second-rank type of internet citizen, so to speak.

Do you really want to live in world where you can only connect to the servers of your corporate overlords? Wasn't the internet supposed to be offering equal opportunity for everyone?

Re:

[canuck57]

NAT is a really, really bad solution. It creates two classes of internet user: those that may run servers, and those that may not; a second-rank type of internet citizen, so to speak.

This already exists, I have to pay $20 extra for my 2 statics. And looking at my firewall logs, NAT for your average user is not a bad idea. Don't worry, P2P will find a way to deal with it. But does offer the ISP ways of cutting down abuse from careless PC Internet users.

But do also agree with the flip side, I am sure ISP

Re:Is this REALLY a problem?

[Rich0]

I must then be imagining the public web server that I run over my NAT'd DSL connection.

You probably are if you are really behind an ISP-run NAT. We're not talking about the Linksys router that you can tell to forward port 80. We're talking about the ISP handing you a non-routable 192.168.x.x address and not forwarding anything to it. Outward-ONLY connections...

Re:

[Rich0]

Sure, I work for one of those companies - my laptop right now is connected to the VPN and is on one of those class-A networks. It is fairly well segmented across the company although obviously not all the address space is strictly necessary.

However, as others have pointed out if you actually got all those companies to give up all their address space it would buy you 6-12 months max. There aren't really that many of them. The problem is that address space demand is increasing exponentially.

And in some sen

Re:

[vidarh]

You could, but in that case you'd need your ISP to run application level proxies for the protocols for which it'd be doable. For HTTP it is (starting with HTTP/1.1, since their proxy could use the Host: header to decided where to forward) but it'd require them to run extra hardware and you to tell them which domain names you'll be serving).

That said, an alternative that is definitively possible is for ISP's to start NAT'ing everyone by default and handing out public addresses only to customers who ask. Mo

Re:Is this REALLY a problem?

[ModMeFlamebait]

Except you can't NAT a NATted connection.

Sure you can.

Re:Is this REALLY a problem?

[Tranzistors]

Last I heard, two NATted clients can't talk to each other.

Unless you have port forwarding (or how do you kids call it these days)

Re:

[Bryansix]

But what if I want to run TWO web servers? What then? I can't port forward port 80 to two places. IPv6 is the real answer and the telecoms and ISP's need to get their heads out of their asses and support it already. The DNS records already exist.

Re:

[r_cerq]

Who modded this "Insightful"? You CAN forward ports to multiple servers, easily. There's plenty of equipment to do that.

Any half-decent load-balancer is minimally L7-aware, to the point of being able to send specific hostnames in HTTP requests to specific servers (or server groups). The ones I primarily use go to the point of allowing me to distribute traffic based on arbitrary headers, cookies, URIs, you name it. Plenty of sites and distinct server farms behind a single public IP address.

Re:Is this REALLY a problem?

[$pace6host]

Really, I bet there are huge tracts of IP real estate that would function just as well on NATted private networks. I work at a place that owns lots of IP networks, and 1) we're not allowed to run our own web servers, or any other kind of servers for that matter, and 2) all our outbound traffic is through corporate control points and filtered anyway. Still, the PC on my desk at the office has a public IP address. Do I NEED a public IP address? No. Not really. Most of my traffic is to internal company data anyway (share drives, internal sharepoint intraet collaboration site, outlook servers, inward facing development servers, etc.) The rest is already going through proxy servers. You couldn't get any packets direct to me, either, the routers on the edge of our network filter practically all inbound traffic out. I, and most of my collegues, are wasting our public addresses. I'd bet it's the same in a lot of places. Corporate security policies essentially ensure that the majority of cubicle workers can't possibly make use of any of the "benefits" a publicly routable IP address would actually have, but every PC (and telephone and printer) has one.

I'm not saying NAT is the best solution, or even the right long term solution, just that I think it could be used (fairly successfully) in many more places while we get our collective asses in gear and go IPv6.

Re:Is this REALLY a problem?

[gnuman99]

NAT is *the* *wrong* solution.

Public IP addresses make it simple to have *proper* routing tables.

There is also the ability to track users easily. Imagine you have one of your computers compromised. The computer is then used to control another box that controls another one that drives some botnet. If you have a NAT, the 3rd party that discovered their box compromised will trace it back to ... your NAT! And the NAT is not tracked 99% of the time. So, the compromised box on your site cannot be easily discovered without packet sniffing.

Or an employee is involved in something illegal. The 3rd party produces their logs that list your NAT as the source of the problem. Which computer was used in that activity? You are stuck with tracing the stuff though screen loggers and other invasive BS just because NAT has to exist.

NAT is the wrong solution because of liability. NAT is wrong solution from routing point of view. NAT is wrong solution from technical point of view. IPv4 would have been replaced years ago if it wasn't or stupid NAT gateways everyone has now. Yeah, these will be obsolete with IPv6.

When I left school I thought NAT was the greatest thing in the world aside from sliced bread. Then real world experience forces you to realize that maybe the university usage of public IP on its internal network wasn't such a stupid thing after all. Public IP should be assigned to ALL devices, and then you can use a statefull firewall to protect these assets. Private IP networks should NEVER be connected to public IP networks - let's hope that dies with IPv4. The sooner the better.

Re:Is this REALLY a problem?

[suggsjc]

Except you can't NAT a NATted connection.

Sure you can. All NAT does is take one IP address, monitor connections and spread/translate the unique connections across different ports. The device doing the NAT doesn't care "where" it gets its source IP from, it just knows that it has an IP and it splits the connections to that IP. The only potential issue is that if the first NAT runs out of available ports. However, at that point its routing table would be huge and it would probably begin to degrade in performance (depending on the hardware).

Re:Is this REALLY a problem?

[anticypher]

I'm so glad someone else is aware of this problem, NAT can't be infinite, or even large.

I saw a Cisco presentation years ago on their experiences from rolling out NAT internally. They started with an address overload of a /24 (251 usable addresses) into a single external IP address. For an office with about 120 active machines, the NAT box (biggest, beefiest box they made at the time) completely fell over. With only light internet use, the NAT tables filled to take over all of the outgoing 65k ports in short time. That was in 1998, when most internet use was web pages, some email and simple IM. At the time, they recommended no more than a /26 (59 usable addresses) per external address.

Move forward to 2007, and I made an updated presentation (for Cisco and non-Cisco NAT kit) that took into account all the new kinds of traffic we see, office workers who listen to internet radio, streaming video, youtube, multimedia conferences with H.323, peer-to-peer apps like Skype, other internet telephony apps, etc. Turns out that more than 15 to 20 active office users stuck behind a single overloaded external address would be the limit, even with a tight policy to prevent non-work traffic.

It is much worse for ISPs with home users, who are not limited by workplace rules against peer-2-peer for popular TV shows or looking at pr0n pages. If you look at the typical pr0n page (it was a tough job, but I did it in the spirit of improving my understanding of the industry ;-), there will be between 200 and 300 embedded elements or links to affiliate sites and advertising partners. So every pr0n page view going through NAT takes 200 new external ports, with associated timeouts and state tables. A typical pr0n user (I'm guessing here, you the /. reader can supply your own values), can open a dozen or more pages in tabs in a relatively short period of time, leading to 10s of thousands of entries in the NAT state table. Remember, you have 65,533 maximum entries in the state table for a single external IP, or for a typical saturday night in basement-dweller-land, about 4 machines.

Don't get me started about how many NAT states a typical 3Mbyte facebook page can open, and leave open for quite a while.

If you think you can hide many ISP customers behind NAT, there are limits if you don't want a ton of calls to the support lines when your users can't effectively use the net. For modern home connections, that already have a NAT box with a handful of machines behind the NAT (Mom keeping 20 eBay pages open and doing Skype, Dad doing gaming, teenage son looking at pr0n and daughter with 20 different IM chats going while she P2Ps the latest TV episode and looks at 50 different bebo and facebook pages), you just can't NAT much more than that.

That post was the voice of experience, if you want the nice real-world figures in a printed report and a keynote or powerpoint presentation to your CTO, you have to give me money.

the AC

Re:Is this REALLY a problem?

[misleb]

I saw a Cisco presentation years ago on their experiences from rolling out NAT internally. They started with an address overload of a /24 (251 usable addresses) into a single external IP address. For an office with about 120 active machines, the NAT box (biggest, beefiest box they made at the time) completely fell over. With only light internet use, the NAT tables filled to take over all of the outgoing 65k ports in short time. That was in 1998, when most internet use was web pages, some email and simple IM. At the time, they recommended no more than a /26 (59 usable addresses) per external address.

Really? We currently NAT well over 160 machines to a single external IP address and have had 0 problems in years. Users have unrestricted internet access (and they use it).

If 160 machines are filling up 64k of ports, something is seriously wrong with the translation algorithm. Perhaps old connections aren't being reaped properly?

t is much worse for ISPs with home users, who are not limited by workplace rules against peer-2-peer for popular TV shows or looking at pr0n pages.

Is it worse for ISPs? I used to work for an ISP that would NAT whole high rise condominium/apartments of home users with no problems other than pure bandwidth.

If you look at the typical pr0n page (it was a tough job, but I did it in the spirit of improving my understanding of the industry ;-), there will be between 200 and 300 embedded elements or links to affiliate sites and advertising partners. So every pr0n page view going through NAT takes 200 new external ports, with associated timeouts and state tables.

It is a good thing browsers limit themselves to the number of simutaneous requests, isn't it? What is it, like 6? An intelligent NAT gateway will close a translation when the client does. A pr0n page will NOT take up 200 external ports.

Remember, you have 65,533 maximum entries in the state table for a single external IP, or for a typical saturday night in basement-dweller-land, about 4 machines.

Bullshit.

Don't get me started about how many NAT states a typical 3Mbyte facebook page can open, and leave open for quite a while.

How many? I'd really like to know how braindead your router is that it doesn't know how to close translations when the TCP connection is terminated.

If you think you can hide many ISP customers behind NAT, there are limits if you don't want a ton of calls to the support lines when your users can't effectively use the net.

Again, bandwidth was our only limitation.

For modern home connections, that already have a NAT box with a handful of machines behind the NAT (Mom keeping 20 eBay pages open and doing Skype, Dad doing gaming, teenage son looking at pr0n and daughter with 20 different IM chats going while she P2Ps the latest TV episode and looks at 50 different bebo and facebook pages), you just can't NAT much more than that.

You can. You're full of shit. (Or is it FUD?)

That post was the voice of experience,

No, it was the voice of someone who just pulled a bunch of numbers out of his ass. 4 user limit behind a residential gateway? Come on, you can't possibly believe that.

-matthew

Re:

[misleb]

300 people means an average of 218 TCP connections per person at peak. That sounds reasonable, actually.

No, it is totally unreasonable. It just doesn't happen. I just checked the translation table of our firewall with in excess of 100 users and there's only 216 translations open. This includes connections to our web server in the DMZ. You're telling me that it is reasonable for that number to increase 2 orders of magnitude?

You just also need a router than can support this. Cisco's original presentation wa

Re:Is this REALLY a problem?

[totally bogus dude]

Sure, but that's because you control the NAT and can forward ports, so you can still accept incoming connections. If your public IP address (i.e. what other torrent clients will try to connect to) is controlled by your ISP, you're going to have a hard time getting them to forward the ports you need to you. In fact, they would have a hard time providing this service in a usable and cost-effective manner, even if they wanted to.

Also, there's a good chance OpenBSD + PF is more accommodating of various protocols than an ISP's oversubscribed NAT gateway is likely to be. Even if they do their best, it can still get in the way. For example most gateways can handle FTP by watching for "PORT" or "PASV" messages and dynamically opening/forwarding the requested port (or rewriting it to use the port it wants), but this doesn't work if your FTP session is encrypted.

Finally, a lot of the ISPs seem to be actively discouraging P2P, and will simply use "no more IP addresses" as an excuse to slap in NAT gateways that restrict people to web and email. If you want "raw internet", then you'll have to pay.

With any luck there'll still be enough competition in the ISP space in 2010 to push the rollout of IPv6 onwards. A lot of the big ISPs will probably resist it, as a) it would cost a lot to upgrade and re-engineer their infrastructure to support it and b) they can make lots of money by charging a massive premium for routeable IPs. Not to mention that the media cartels will probably have convinced most people and politicians that the only reason one would want "raw internet access" is for piracy, child porn, and terrorism.

Yes, FUD

[Russ Nelson]

There are plenty of IPv4 addresses to go around. It's just that they're literally priceless. With no price for an IP address or the routing that goes with it, there's no market. So surprise surprise, there's a shortage!

Why don't people listen to us economists when we tell you how to solve your problems? There's plenty of evidence for what happens when you DON'T listen to us.

Re:FUD

[Brian Gordon]

NAT will solve the problems, but why live with that when we can actually come up with a viable solution- IPv6? It will be expensive to implement because, like always, past engineers haven't planned for their 1970s technologies to ever go out of date, and whiny slashdotters will finally have to upgrade their windows boxes to Vista because XP has 1990s networking support (read that pdf if you don't believe me). But we'll end up with a significantly better Internet than if we just keep expanding NATs around more and more IP addresses to free up address space.. the way we're going, eventually (and keep in mind that "eventually" in computing usually turns out to be in less than a decade) you're going to have to be a multibillion-dollar conglomorate representing thousands of web hosting companies just to bid for a single 5-address block of address space... though the way inflation's going, little billy and his friends might be able to pool their allowance and come up with that kind of money :) But can you imagine how horrifying the architecture of the internet will be if the solution is NAT, NAT, NAT? Development in router design is already unable to keep up with traffic growth. How are you going to pay for a $100 million server farm just to manage the American Eastern Seaboard NAT, and can you imagine what the latency would be to go through a 10 terabyte NAT table? Might as well upgrade to IPv6, save yourself the trouble of trying to stay v4.

Re:FUD

[tyler_larson]

That'll free up a bunch.

First of all, break up the "LEGACY" Class-A allocations. http://www.iana.org/assignments/ipv4-address-space [iana.org]. That'll free up a bunch.

All of the following companies have a full 16.7 Million addresses assigned to them. Level 3 might use theirs, (they actually have 2 blocks), but Halliburton? DEC? Amateur Radio Digital Communications? Do they all really need more than 16 million IP addresses?

This short list accounts for 654 million IP addresses -- over 15% of the address space.

003/8 General Electric Company
004/8 Level 3 Communications, Inc.
006/8 Army Information Systems Center
008/8 Level 3 Communications, Inc.
009/8 IBM
011/8 DoD Intel Information Systems
012/8 AT&T Bell Laboratories
013/8 Xerox Corporation
015/8 Hewlett-Packard Company
016/8 Digital Equipment Corporation
017/8 Apple Computer Inc.
018/8 MIT
019/8 Ford Motor Company
020/8 Computer Sciences Corporation
021/8 DDN-RVN
022/8 Defense Information Systems Agency
025/8 UK Ministry of Defence
026/8 Defense Information Systems Agency
028/8 DSI-North
029/8 Defense Information Systems Agency
030/8 Defense Information Systems Agency
032/8 AT&T Global Network Services
033/8 DLA Systems Automation Center
034/8 Halliburton Company
035/8 MERIT Computer Network
038/8 Performance Systems International
040/8 Eli Lily & Company
043/8 Japan Inet
044/8 Amateur Radio Digital Communications
045/8 Interop Show Network
047/8 Bell-Northern Research
048/8 Prudential Securities Inc.
051/8 Deparment of Social Security of UK
052/8 E.I. duPont de Nemours and Co., Inc.
053/8 Cap Debis CCS
054/8 Merck and Co., Inc.
055/8 DoD Network Information Center
056/8 US Postal Service
057/8 SITA

Re:FUD

[MightyYar]

Yes, but do they actually?

Oh, yeah.

Here's a completely random example: slashdt.org [slashdt.org] (obviously getting typo hits from slashdot...

According to This web site [webhosting.info], that domain shares an IP with over 14,000 other domains!

Re:

[account_deleted]

Comment removed based on user account deletion

Re:

[hool5400]

If they consider these addresses to be an asset that other people want, then there is going to be lawyers and dollars involved.

Re:Tell MIT and IBM

[gclef]

God damn, I'm tired of fighting this meme. Look, as I mentioned in another response, we allocate 10-12 /8's [potaroo.net] every year, and that rate is increasing. Reclaiming MIT & IBM's /8's would buy us at approximately 2 months at our present allocation rate. The negotiation to make that allocation possible would take far longer. Reclaiming space is not a useful activity at this time.

Re:

[gclef]

Really? Using your own link, there were 12 /8 blocks allocated in 2007, leaving IANA with 43 available. Assuming we continue on the present allocation path of 10-12 per year, that puts IANA out of addresses ~ 2011-2012 with no growth in allocation rate. The problem is our allocation rate is increasing, especially in ASIA (responsible for 7 of the 12 /8 blocks last year). So, even with the data in your link, IANA will be out of addresses to assign to the RIRs in 2-3 years.

Yes, the RIRs will still have ad

Re:Tell MIT and IBM

[beuges]

As a commenter above posted, each of those companies with top-level blocks actually owns 16,777,216 IP addresses. These companies include IBM, MIT, Ford, DEC, AT&T, Apple and Xerox.

As big as IBM and MIT may be, do you really think they need almost 17 million IP addresses?

SSL

[mother_reincarnated]

would it be feasible to host, for example, 100 different websites on one ip using header information? or does that have traffic spike issues/ latency issues/ wasted cycles involved?

The real problem is https not http - you don't get the host header until well after you had to present a certificate to the browser. For http 100 'virtual host-by-name' sites on one IP wouldn't even break a sweat for a good setup.

Re:

[RPoet]

Squatter domains typically don't have unique IPs.