Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 


Forgot your password?
Close
typodupeerror
×
Networking The Internet

RIPE NIC: 'In Five Weeks We'll Run Out of IPv4 Internet Addresses' (ispreview.co.uk) 283

Posted by EditorDavid from the numbers-with-dots dept.
An anonymous reader quotes ISP Review: The RIPE Network Coordination Centre (RIPE NCC), which manages regional distribution of internet addresses for the UK, Europe, Middle East and parts of Central Asia, has confirmed that their final reserve pool of Internet Protocol v4 (IPv4) addresses will completely run out in November 2019. Strictly speaking the Regional Internet Registry (RIR) started running out of address space in 2012 and began rationing the little they had left. Fast forward a few years and at the start of October 2019 it was confirmed that they only had 1 million IPv4 addresses left in their available pool (out of 4 billion addresses total), "which we expect to run out in November 2019...."

Thankfully many ISPs, devices and services have now introduced "newer" IPv6 addresses, although some still have a lot of work to do (e.g. TalkTalk)... A Spokesperson for RIPE NCC told ISPreview.co.uk "... IPv4 'run-out' has long been anticipated and planned for by the technical community and no one needs to worry about the Internet suddenly breaking. But it does mean that the pressure will continue to build for many networks, necessitating the use of complex and expensive workarounds.

"Our advice to network operators is to take stock of their IP resources and to make sure their IPv6 plans are making progress."
This discussion has been archived. No new comments can be posted.

RIPE NIC: 'In Five Weeks We'll Run Out of IPv4 Internet Addresses' More

RIPE NIC: 'In Five Weeks We'll Run Out of IPv4 Internet Addresses'

Comments Filter:

  • Again? (Score:5, Interesting)

    by beheaderaswp ( 549877 ) * on Sunday October 27, 2019 @06:38PM (#59353414)

    This bell has been ringing for 10 years.

    Is this, finally, the real end?

    The last time I heard this they pulled a bunch of camped ip blocks back and started using those.

    • Re:Again? (Score:5, Funny)

      by 110010001000 ( 697113 ) on Sunday October 27, 2019 @06:41PM (#59353416) Homepage Journal

      No. This is really it. None left.
       
      Oh wait, we found some behind the couch. Never mind.

      • Reminds me of the New Yorker cartoon: "Is the flight completely full, extremely full, or very full?"

        You can click the left button on this page [newyorker.com] to see it (it's 12/12 in the series).

      • Re: (Score:2)

        by Tuidjy ( 321055 )

        Back in the 90s, when I went to MIT, it had everything from 18.0.0.0 to 18.30.255.255 (or so I remember) I also remember that the vast majority of them were unused by design. Almost everything on campus was 18.18.

        I have trouble believing that they have given any of that away. After, it's such nerd cred to have each building with its own IP block. Which of course would not have to change if they sold 90% of what they have.

        I probably should check before I hit submit, but I won't: I wonder how are they doi

        • ...Almost everything on campus was 18.18.

          I have trouble believing that they have given any of that away. After, it's such nerd cred to have each building with its own IP block...

          Nerd cred? That's about the most pointless shit I've ever heard of. In fact, it's seen as more greedy and wasteful today to be sitting on massive chunks of IPv4 space and pissing it away with an IP-block-per-building mentality when one could easily call it a "campus" and put one large private 10.x.x.x space to good use.

          I guess it's far too much to assume those at a college would be educated enough to think of this...

        • MIT sold a lot of those IPv4 to Amazon (believe it or not) a couple of years ago.

    • I believe all five RiRs have now exhausted their allocations. One *might* have a few left that are reserved for ipv6 over ipv4 use.

      The five assign IP ranges to ISPs and companies in their part of the world. Of course some ISPs have a few addresses that aren't currently assigned to a customer today - they will be able to sign up a new customer tomorrow. So the global and regional IP supplies are exhausted, your ISP may have a few unassigned.

      You mentioned how long the end has been drawn out. That's mostly b

      • Re: (Score:3, Insightful)

        by Anonymous Coward

        The one disadvantage of switching to IPv6 is that NAT, as a side-effect, gave you a crappy firewall. Which then required crappy workarounds to punch holes in this accidental firewall, since it wasn't designed as a firewall. When switching to IPv6, you'll want to turn on a real firewall, code or hardware designed to be a firewall. You know longer get a poor firewall by accident as a result of using NAT.

        Better a crappy firewall than no firewall. NAT works just fine and this side-effect is more than welcome. Anything more complex is prone to misconfiguration, bugs, absence, non-updated firmware and other issues.

        And as consumer, i'd rather watch how my neighbor successfully implements an IPv6-only network before doing so myself. I'm quite happy with my IPv4 simply because i understand it, can configure it and can verify it works as intended. With IPv6 not so. Starting with automagically enabled tunnels, addr

        • Re:It's a heirarchy. But yes, the (soft) end (Score:5, Insightful)

          by sabri ( 584428 ) on Sunday October 27, 2019 @07:51PM (#59353556)

          NAT works just fine and this side-effect is more than welcome.

          Not a network engineer, are we?

          Anything more complex is prone to misconfiguration, bugs, absence, non-updated firmware and other issues.

          Like NAT?

          • Oh come on, you smug asshole.

            NAT is the perfect solution for providing security and l3 address isolation in millions of households around the world.

            Whatâ(TM)s your better idea?

            • The hard part of for the non-household uses! But even with NAT, we are still giving all households one IPv4 address and there may not be enough. The better solution is IPv6 and households are easy to upgrade. Give the router an IPv6 address. It continues to hand out IPv4 NAT addresses to the clients and nobody is any wiser!
          • NAT works great for residential internet subscribers none of whom are network engineers. However, it relies on each residential subscriber having a real IP address. Are there cases where ISPs aren't even providing a single routable IP address? I'm not sure that would work so well. But getting residential customers to upgrade ought to be easy. The ISPs can just start providing only an IPv6 address via DHCP and the vast majority of us wouldn't even notice. The network interface device (cable modem, et c

            • Are there cases where ISPs aren't even providing a single routable IP address?

              Yep. It's called carrier-grade NAT. Usually, the carrier hands out something in the 10/8 range, and then the customers' routers use some 192 address internally. It can wreak havoc with some applications, but for basic web browsing it works fine.

              IIRC, DOCSIS 3.x requires that carrier networks be IPv6 capable but does not require its actual use.

        • Sadly, I have to agree. I enabled IPv6 on my router and didn’t really realize some of the firewall complexities; the firewall ended up not being properly applied and I was exposed. Nothing bad happened (that I am aware of), but it isn’t right.

          As for understanding the finer details... good luck with that. Only about 10% of the population roughly understands IPv4 addressing, and it is likely under 1% that actually understand the public vs private ranges. IPv6 seems to be much worse, and that i

          • That's sad. I would want to enable IPv6 on my router so the ISP can give me an IPv6 address instead of a limited-supply IPv4 that I don't need. But I don't want every device in my house to have a routable IP address. I'd still want to use NAT to give all of the clients a non-routable IPv4! If end users have to configure firewalls its a non-starter. I wouldn't put routable IP addresses on my end devices even if I got paid to do so.

            • IPv6 NAT exists, but it's not well supported because no one wants to use it.

              I'm not one of those that says that NAT provides no security, but it's thin. Client systems with IPv6 rotate their addresses every hour or two (old addresses are held in use until the last session times out) instead of using EUI-64. On top of that, you're likely to get assigned either a /64 or a /56, so the ability to scan you is minimized. An attacker could trick you into connecting to a malicious server and then use that input to

        • So UPnP, IGDP and STUN? (Score:4, Insightful)

          by raymorris ( 2726007 ) on Sunday October 27, 2019 @08:56PM (#59353656) Journal

          > starting with automagically enabled tunnels

          Such as IPnP, IGDP, and STUN?
          Guess you weren't aware that your software and IoT devices have been punching huge holes in your NAT non-firewall all this time. IPv6 doesn't have any of this crap happening behind your back.

          > address ranges big enough to address half the universe

          More than large enough to address the entire universe. And scanning for live IPs takes far longer than the universe has existed, thereby making step 1 of most hacks impossible.

          • IPv6 doesn't make you more secure "by default".

            UPnP isn't enabled on anything I run.

            IGDP requires UPnP.

            STUN basically lets you do the equivalent of typing "ipaddress" into Google, terrifying.

            Step 1 of most hacks is getting the target to connect to you, scanning is for skiddies.

            You should really be more worried about Teredo and unconfigured IPv6 enabled hosts in your network.

            • Microsoft shut down its Teredo servers four years ago, Windows 10 has it disabled by default, and I'm not sure what if anything else tried to use Teredo automatically. There are Teredo servers out there, but they have to be manually configured. Other than that, if you don't let your router hand out IPv6 addresses, you don't have much to worry about.

              Incidentally, I'd be really surprised if nothing at all on your network uses UPnP unless you explicitly disabled it on your router, since every console, phone, a

        • NAT works just fine and this side-effect is more than welcome. Anything more complex is prone to misconfiguration, bugs, absence, non-updated firmware and other issues.

          A stateful IPv6 firewall on a consumer router should look virtually identical to an IPv4 NAT configuration. All ports are closed by default. You still have to punch holes through the firewall with port forwarding rules that specify the port and the host IP. Th only difference is that you can have the same port open on multiple IPs.

          There is nothing magically more secure about an IPv4 NAT, and people who have never touched IPv6 in their lives seem to think that consumer gear just opens all ports by default

      • No reason not to use IPv6. (Score:5, Interesting)

        by AlanObject ( 3603453 ) on Sunday October 27, 2019 @07:42PM (#59353542)

        When switching to IPv6, you'll want to turn on a real firewall, code or hardware designed to be a firewall. You know longer get a poor firewall by accident as a result of using NAT.

        I have an array of servers at a co-host and they gave me a block of 16 IPv4 addresses. At first I thought I would have to buy more addresses for my operations ($1/month/address) but then I learned how to use IPv6 and now no more problem.

        At home I have Comcast residential which happens to have great IPv6 service. Many of my development servers have no IPv4 address anymore. No tunnels and no configuration hassle. Just connections on demand.

        However I noticed a side effect. On all my IPv4 addresses at the co-host they get constant probing attacks from the minute they are active. Mostly SSH dictionary attacks but not just that. Each IPv4 address exposed to the internet will get perhaps 30,000 probes per day.

        The IPv6 addresses: dead silent. There is no way for the attackers to add their addresses to their lists. You can't scan sub-domains in IPv6. You can't scan DNS so you can't find them from their DNS addresses unless you publish them somewhere and even then they are ignored.

        I don't use a firewall. All my servers are carefully locked down with regard to what ports they have open. They are also monitored for anomalous activity. Two years and I have only had two breaches and those were at an application level that a firewall would not have prevented.

        There is no excuse for the stalled adoption of IPv6. It works and it is better than IPv4 and all operating systems of any consequence now support it.

        • "There is no excuse for the stalled adoption of IPv6. It works and it is better than IPv4 and all operating systems of any consequence now support it."

          In what manner is it "better"? It's more difficult to learn, it's needlessly unwieldy, and the fact is, 90 percent of common users will never miss it if not adapted because there are plenty of IPV4 numbers at ISP's, and the vast majority of people use NAT in some form or fashion anyway. I'm tired of this constant drumbeat of EVERYONE HAS TO GET RID OF NATTED

          • Re:":No reason not to use IPv6".... yes there is.. (Score:4, Insightful)

            by rtb61 ( 674572 ) on Monday October 28, 2019 @12:14AM (#59353962) Homepage

            If you have a hoard of unused IPV4 addresses, suck it the fuck up, your capital hoard is doomed, yesterdays technology with less and less value in todays market and not that far off ZERO value, the only thing keeping it going is ISP with hoards of IPV4 addresses, nothing lasts for ever and I doubt IPV4 will make it past 2030.

            • Re: (Score:2)

              by Calydor ( 739835 )

              I suspect IPv4 will remain in use in local networks for the sake of simplicity and legacy support, but on the big web it'll go silent.

          • > That's a far greater security risk than ANY aspect of using IPV4.

            No it's not.

            Giving a v6 address to a device doesn't mean that the device is reachable from anywhere. Reachability is a policy decision that you get to make, and even if you decide to make a device reachable, v6 is so flipping huge that it's unlikely to be found by a random scan of the internet.

            Compare that to v4. In v4, you can usually make something reachable (although v4 exhaustion means that CGNAT is becoming common, at which point you

          • It's more difficult to learn, it's needlessly unwieldy

            No, it's just different. In several ways, it's simpler. IPv4 has 12 mandatory header sections compared to eight for IPv6. Optional headers provide flexibility of use without using network space or processing that's not necessary. Below that header, everything else is the same.

            the fact is, 90 percent of common users will never miss it if not adapted because there are plenty of IPV4 numbers at ISP's, and the vast majority of people use NAT in some form or

    • Re: (Score:2)

      by guruevi ( 827432 )

      If you've ever dealt with people in Asia, you know that non-IPv4 networks already exist, luckily mostly consumer-level low-cost mobile networks in rural Asia but it's coming.

      • If you log into your cell phone and run ifconfig, you'll see that IP v6 is a thing here too. (Might have to jailbreak your iPhone, or better yet, throw it away and get a real phone that lets you log into it).

        • If you log into your cell phone and run ifconfig, you'll see that IP v6 is a thing here too. (Might have to jailbreak your iPhone, or better yet, throw it away and get a real phone that lets you log into it).

          You can probably see your current IP address under Settings. On my Kyocera HydroVibe, running Android KitKat, it's under "Settings->About Phone->4G Settings" and, yes, it's using an IPv6 address.

        • Re: (Score:2, Informative)

          by Anonymous Coward
          You can also just direct the web browser to test-ipv6.com [test-ipv6.com] or a similar site.
          • Nice page! Looks like I already have 10/10 support for IPv6 here in California (ymmv).

        • Re: (Score:2)

          by guruevi ( 827432 )

          Your ISP probably runs a 6-to-4 service somewhere. I was talking about cheap networks without. It seems KPN in the Netherlands has floated the same idea about having the 6-to-4 service a "premium" service that isn't included in the low cost tier.

      • Asia, or ... North America [google.com] where Comcast, T-Mobile, Verizon Wireless, and others provide IPv6 eyeballs that can access Facebook, Google, Wikipedia, etc. on the content side.

    • Re:Again? (Score:5, Informative)

      by ras ( 84108 ) <russell+slashdot ... rt DOT id DOT au> on Sunday October 27, 2019 @07:27PM (#59353496) Homepage

      The end isn't signalled by RIPE running out of IPv4 addresses, as you can buy them from lots of places. One vendor running out of stock does not a crisis make.

      The end in a market like this is signalled by the price. IPv4 addresses were never free to start with, so it's not having a price but rather whether the price is staying the same, or increasing. The price of an IPv4 address is currently around $24, and is going up quadratically [retevia.net].

      So we aren't at the end merely because RIPE has run out of addresses, but we can see the light in the tunnel and we know it is the train.

      When it happens, it will happen very quickly. The price of IPv4 addresses will increase faster and faster, right up until the point they are too expensive and everybody will give up and swap to IPv6. At that point the price of an IPv4 address with plummet very, very quickly. When you see that happen, then you can say you've seen the end.

      • Re: (Score:3)

        by Jeremi ( 14640 )

        The price of an IPv4 address is currently around $24, and is going up quadratically.

        IPv4 is the new Bitcoin! HODL!

    • Re: (Score:2, Informative)

      by Knitall ( 6338570 )

      Yes, this is the end: https://ipv4.potaroo.net/plote... [potaroo.net]

      From the same website, the remaining IPv4 addresses in the RIR pools (in units of /8s, i.e. times 16.7 million):

      APNIC 0.1852 (3.1 million)
      RIPE NCC: 0.0380 (0.6 million)
      LACNIC: 0.0159 (0.3 million)
      ARIN: 0.0002 (0.0 million)
      AFRINIC: 0.2348 (3.9 million)

      The regional internet registries (RIRs) are where the ISPs and hosters get their addresses. The RIRs got their addresses from ICANN, which ran out in 2011. There was a ceremony: https://www.youtube.com [youtube.com]

    • Is this, finally, the real end?

      Not until Netcraft confirms it...

    • Re: (Score:2)

      by e3m4n ( 947977 )

      the first big time this happened was in the late 90s. At the time 0 and 255 was reserved for network and broadcast.... which mean that something like 8.0.0.1 was not possible because those other octets also had zeros and 255s in their range. So by simply allowing zero based subnetting we practically doubled our range of IPs.

      reserving 127.0.0.0/8 for loopback was damn stupid. We could release everything outside of 127.0.0.0/24 and get a big chunk of numbers back. Another place to free up space is the 10.0.0.

      • Re: (Score:2)

        by Bengie ( 1121981 )
        Congrats on your breaking changes, you just suggested IPv10. They'll get right on it after IPv6 is done rolling out.

  • They''ve been sitting on two class-A allocations since the dawn of the internet, seems a bit greedy given they are a fraction of the size now than they were back in the day.

    • HP had one block of their own. The other was originally owned by Digital Equipment Corporation; HP got it when they acquired Compaq.

      HP has already given up both of its class-A allocations.

  • Sigh... (Score:3)

    by 93 Escort Wagon ( 326346 ) on Sunday October 27, 2019 @06:54PM (#59353442)

    I wish my university would quit putting so much time and effort into prolonging its IPv4 infrastructure (such as moving more and more things to 10.x.x.x address space) and would start working to getting IPv6 at least functional. It just seems so backwards for a school that likes to tout itself as a premier research institution.

    • I went to DeVry too!

    • Re: (Score:2)

      by godrik ( 1287354 )

      I wish my university would quit putting so much time and effort into prolonging its IPv4 infrastructure (such as moving more and more things to 10.x.x.x address space) and would start working to getting IPv6 at least functional. It just seems so backwards for a school that likes to tout itself as a premier research institution.

      Well, the CS department is probably on top of these things. But the people who operate the IT infrastructure are usually trying to minimize immediate cost and purchase whatever solution the industry sells them.

      • I'm pretty sure their goal is to burn 100% of their budget every year, and not any of the other things you said.

        • Re: (Score:2)

          by godrik ( 1287354 )

          That does not make sense. In a public university, decisions like that don't get made by the IT staff. They are made at the Vice-Chancellor-for-IT level. Naturally the Vice Chancellor only takes the final decision which is made based on recommendation of an external contractor because VC level positions are more often political than technical. Usually whatever solution the contractor says is the cheapest is the one that happens, or occasionally the one that aligns with the policy agenda of the VC when it is

    • Re: (Score:3)

      by ledow ( 319597 )

      Internally, it makes no difference whatsoever. Their 10.x work isn't ever going to hurt you.

      They just need to make sure they have IPv6 transit from the gateway and local-equivalent IPv6 addresses.

      The biggest obstacle to IPv6 transition is people believing shit they've been told about IPv6 - ranging from having to renumber their internal network, letting every device have a world-addressable IP, abandoning NAT entirely or - like you - that you have to have IPv6 internally at all.

      • If you don't have v6 internally then how is anybody on the network ever going to talk v6 to anybody off of the network?

        I guess proxy servers would work, but does anybody really want to run a network that only gets internet access via proxies these days? People's fetish for NAT suggests that they want routing, not proxies.

        • Re: (Score:2)

          by ledow ( 319597 )

          "People's fetish for NAT suggests that they want routing, not proxies."

          A NAT basically is a packet-proxy, so I don't know what you're getting at there - people generally don't want routing, which is why NAT works... they want out, but not necessarily in. Universities may have a greater demand, but that's a single niche usage and they have the expertise to implement it if it's required - 99.9% of most online businesses, customers, etc. do not need or want it.

          Even if you run a local instance, you only need p

          • NAT's not a packet proxy. The only thing NAT does is rewrite the apparent source address of outbound connections. Without routing, those outbound connections will never make it off your network. The only reason you run it is because you want routing, but can't get the address space to do it without NAT. That shouldn't be an issue in v6, so nobody should need to NAT in v6.

            NAT doesn't even block connections, so it's not useful for security. If you want to stop inbound connections, what you're looking for is a

        • The *servers* you talk to will be IPv6. The network infrastructure on the client side should have no trouble connecting your IPv4 clients.
    • I found it funny that you get an external ip and then IT locks it down for internal use only, kinda glad they moved it to 10 space.
  • In (arbitrary amount of time), We'll Run Out of IPv4 Internet Addresses. It's like saying we're out of 2017 model year cars just because they're not being produced anymore.

  • While I can understand why they do it, it still seems incredibly wasteful that people who ask for a static IP through their ISP are usually allocated a slash 30 block. This means that one consumer IP address ties up four IP v4 addresses. The first is the network address and can not be used, the second is usually assigned to the ISPs router, the third is assigned to the customer and the fourth is the broadcast address, which also can not be used.

    Whilst it may be seen as providing a small amount of additional

    • Itâ(TM)s either that or all routers need too know the routing table for 4 billion random ips

  • is it you?

    • British Henny Penny seems better prepared:

      hennypenny.com has address 74.4.31.118

      hennypenny.org has address 74.4.31.21

      hennypenny.co.uk has address 52.58.78.16

      hennypenny.co.uk has IPv6 address 2a05:d014:9da:8c10:306e:3e07:a16f:a552

  • Linux Mint is still IPv4 only (Score:3, Insightful)

    by Knitall ( 6338570 ) on Sunday October 27, 2019 @08:12PM (#59353596)

    The web site and the main package repository are not available through IPv6.

    Slashdot is IPv4 only. The web site with the article reporting the IPv4 address exhaustion is IPv4 only.

    More than any IPv4 exhaustion statistic, looking at how much content isn't accessible from an IPv6-only host tells you that the IPv4 internet is far from obsolete: https://ipv6.watch/ [ipv6.watch]

    Amazon, DuckDuckGo, Ebay, Github, PayPal, Reddit, Slack, Ubuntu and Wordpress are all not reachable vie IPv6. Everyone will be behind 10 layers of NAT. The switch to IPv6 will never happen.

    • Re: (Score:3)

      by mlyle ( 148697 )

      About 27% of users get to Google over IPV6. This is up from about 22% a year ago. It's slow, but it's plodding along.

      • About 27% of users get to Google over IPV6. This is up from about 22% a year ago. It's slow, but it's plodding along.

        That number would be much higher if the consumer router manufacturers would start enabling v6 by default. The last three that I've set up all had to have v6 enabled manually.

    • Two years ago, I spent a few days setting up IPv6 once Uverse made it available.

      I ended up disabling it about a few months later, because I got tired of having 80% of the websites I tried to load just hang for 10-20 seconds due to the stupid way IPv6 DNS lookups are handled (and fail, after several seconds of delay waiting for a timeout, if the host doesn't HAVE an IPv6 record).

      • That's not how v6 DNS lookups are handled:

        $ time host slashdot.org 8.8.8.8
        slashdot.org has address 216.105.38.15
        slashdot.org mail is handled by 10 mx.sourceforge.net.

        real 0m0.134s
        user 0m0.004s
        sys 0m0.000s

        See? That's the exact same response time I get for any domain that has v6. There's no seconds of delay.

        Don't blame IPv6 for your broken DNS.

    • And yet I write this message to you from a v6-only machine, so I'm not sure what you're on about.

      v4-only websites don't stop you from deploying v6. They don't stop you from benefiting from v6. They don't even stop you from removing v4. Of course it'd be better for those sites to have v6 (if only for the improvements to page load time), but it's not a prerequisite.

    • My ISP is IPv4 only right now - I could get a tunnel, but what's the point? Everything works fine on IPv4-only.

      If my ISP supported IPv6, I'd start to use it (but only because I'm a geek). Right now, though there's no use-case that IPv6 solves that IPv4 can't do. That will change as the price and scarcity of IPv4 addresses rises the eventual need to buy from third parties (rather than RIPE etc), then we may see some things appearing that are IPv6 only. Until then, there's no "demand" from the hoards of norma

  • IPv6: bad choises have deterred rollout (Score:4, Interesting)

    by webnut77 ( 1326189 ) on Sunday October 27, 2019 @08:21PM (#59353616)

    There would be many more devices using IPv6 if Android would support DHCPv6. But thanks to Lorenzo Colitti's refusal to implement a DHCPv6 client, most Android devices don't support DHCPv6. His argument that if DHCPv6 were implemented, devices would only get one address is nonsensical. I want to know the device name so I can trouble-shoot if there's a problem. If you're on one of my networks, do DHCP or you don't get any address. Plus, I don't want you to tether devices behind your phone on the network I'm responsible for.</rant>

    Another problem along this line: As far as I know, only Windows sends hostname in a DHCP request. I need to know the hostname so I can update DNS. This is a good starting point when trouble-shooting a misbehaving device.

    With IPv4 and NAT, I can decide on the server whether to forward traffic to ISP#A or ISP#B. Now with, IPv6 the device decides which public address to use, ISP#A or ISP#B. Linux has enough tools to NAT the ISP#A public address to a ISP#B address for out-going traffic, but now we have NAT again.

    • Re: (Score:2)

      by Bert64 ( 520050 )

      You can use prefix translation, so the first half of your ipv6 address depends on the isp provided prefix, but the second half remains the same irrespective of which isp the traffic is routed through.
      Or you peer with BGP so that the same address space is announced via multiple providers.

      IPv6 addresses should be static, and based on the mac address of the physical device - at least you will always have the static address plus any additional addresses if using ipv6 privacy. With DHCP it's first come first ser

    • There would be many more devices using IPv6 if Android would support DHCPv6. But thanks to Lorenzo Colitti's refusal to implement a DHCPv6 client, most Android devices don't support DHCPv6.

      For those who may not have understand these issues, it should be pointed out that this isn't laziness or incompetence on the part of the Android network team, it's a principled stand that DHCP is the wrong way to allocate IPv6 addresses. See RFC 7934.

      His argument that if DHCPv6 were implemented, devices would only get one address is nonsensical.

      Is it? Your other arguments as for why you want to provide specific addresses are so that you can map and control traffic based on the addresses you assign... which means that you actively don't want them to have more than one address.

      There are very good rea

      • it's a principled stand that DHCP is the wrong way to allocate IPv6 addresses

        Oh, really? So how do you pass out the other 78 pieces of information that a device might need?

        There are very good reasons for IPv6 devices to have multiple addresses, and for them to be able to generate addresses the network operator doesn't know about, for privacy.

        Note, I didn't say there weren't good reasons. There is a way to request multiple IP addresses built right into the DHCP request protocol. There's also IPv6 prefix delegation where you can request a block of IP addresses.
        If you don't trust me with your privacy, you shouldn't be on my network.

        that's what 802.11x authentication is for

        There you go making assumptions about my network. 802.11x doesn't work for wired connections.

  • My ISP has resorted to CGNAT, fine for 90% of customers, but if you need VPN, runs servers, etc etc etc it breaks because you no longer have a public facing IP.

    • Re: (Score:3)

      by Bert64 ( 520050 )

      It breaks other things too...

      P2p apps don't work as effectively - you can only make outbound connections, which means you cannot peer with other users who are also restricted to only outbound connections.
      Some online games make direct p2p connections between clients for improved latency, because you can no longer do this all your traffic must now go via central servers making your gameplay slower.

      Because you now share an address with many other users, you are beholden to their actions - if any other customer

  • Doesnâ(TM)t seem to be a shortage when i can lease a block of IPs for less than 25c/month. Seems like they have sold or the IPs to on-sellers.

  • In the meantime there are still ISP like Bell Canada where getting an IPv6 address is pretty much impossible, especially in the home. Last time I tried for business they asked me to bring my own IPv6 block, and that’s only because I had access to the right people.

    When will some ISPs wake up and realise the we are getting to a point where not providing ISP is a dumb move. Maybe if everyone started contacting their ISPs for this they may wake up?

  • Most ISPs refuse to implement ipv6. Call them, and they don't even know what it is. Ask for it, and they act like its some weird request, and that you dont need it, and there couldn't possibly be any reason why you would need it. Its astonishing these people run networks.

  • RIPE failure (Score:4, Insightful)

    by Bert64 ( 520050 ) <bert@[ ]shdot.fi ... m ['sla' in gap]> on Monday October 28, 2019 @03:14AM (#59354158) Homepage

    RIPE has been providing ipv6 for years, but they do nothing to make their members actually implement it - consequently many of them don't.

    They should have instituted a policy of only providing ipv4 alongside ipv6 for use in a dual stack implementation, and require that any services provided are dual stack or ipv6-only.

  • Comment removed based on user account deletion
  • The first to be affected will be Virgin Media, TalkTalk, Vodafone, and Plusnet [ispreview.co.uk], who still don't offer Ipv6 apart from a small pilot.

Slashdot Top Deals

He has not acquired a fortune; the fortune has acquired him. -- Bion

Close