APNIC Chief Scientist Geoff Huston – long known as an address space tracker and one of the founders of Australia’s Internet connectivity – has warned Linux Conference Australia 2011 delegates that new address allocations are about to cease. He has told the conference that IANA [the Internet Assigned Numbers Authority] will stop …
One answer .....
One answer of course, is to stop issuing IP ranges to criminals, and pull the IP ranges currently leased to criminals (e.g. NForce Entertainment, who are solely blackhat and have somewhere in the region of 12288 IPs leased to them)
They have already run out and are on the reserve tank
They have resorted to allocating the last range of unused addresses in 18.104.22.168/8 and 22.214.171.124/8 which were formerly described by IANA as "Reserved".
Its allocation exhaustion
A huge number of address are not in use which means the allocation system is broken. The current allocation system is based on keeping the number of routes down at the expense of IP address waste. We aren't running out of address, we are running out of allocations -- based on a broken allocation system.
If Geoff and his associates had made the decisions years ago to only allocate noncontiguous /24 addresses and forced router manufactures to cope with a world of 16 million routes, this problem wouldn't exist today.
Take a look at http://xkcd.com/195 - a few years old, admittedly. Even if the unallocated space shown there has now all gone, much of the top left quarter is taken up by big organisations who are probably behind NAT by now, using a handful of addresses within their space. That accounts for nearly a billion addresses.
This point has been brought up before, with someone pointing out that these were allocated in the early days of the Internet, with no formal agreement, and there is no legal means for the allocations to be taken away or revisited. But something has to be done - and if it's a choice between a bit of work for their IT departments, or every ISP customer worldwide (home and business) having to upgrade to an IPv6 router, then I know which option I'd like to see happen.
IPv6 the answer??
So IPv6 is the answer? Really? The boffins designed a brand new IP space that does everything for everybody in a near (at present) infinite address space. The bright sparks were soooo bright they left out one thing. A migration path from IPv4 to IPv6! So hence no one wants to move over. A better solution would have been to go to IPv4+ where they extended the address range in a compatible fashion. Easy to upgrade and migrate people to. Oh no that was too easy and simple.
ps: What happened to IPv5?
Re: What happened to IPv5?
I remember back in 2000 people going all ape-poopie over IPv6 coming RSN. If we haven't switched in 11 years, 200 days just ain't gonna happen...
Re: 200 days?
...at which point it'll be September, more or less, right?
Interesting coincidence, if unintentional!
I looked into IPv6 and...
...that's when it all went so terribly wrong. Whatever solution there is, I don't think it is or will be IPv6. (Then again, my crystal ball still hasn't returned from the warranty service department.)
There's the obvious practicality problem--it's easy enough to remember an address with four octets...but an IPv6 address? I think not! Zeroconf and similar networking services work better, but they're still not perfect and sometimes you Just Need The IP Address.
After switching ISPs to one that actually might (not sure) provide IPv6 services, I thought that some experimentation with IPv6 certainly couldn't hurt. Might as well be ready. As I remembered things, my little home router/AP (running DD-WRT) supported IPv6. Only the option had disappeared at some point between when I first saw it and the present day. A little research confirmed its disappearance due to the software simply being too large to fit in the rather limited flash memory of a typical Cheap Little Router.
Hmm. Full stop.
A little more reading on IPv6 seems to suggest that the concept of NAT and the implicit (though not absolute) security it provides disappears into the wind. Who thought that was a good idea? Seemingly all IPv6 addresses are routable...there is no longer a concept of a private network on nonroutable IPs? (Not sure about this, would welcome clarification if I'm wrong.) If true, this seems like a major design gaffe.
There also seems to be some suggestion that as your IPv6 address is based on your NIC's MAC address, privacy could be a concern. I'm not sure how much of a factor that really is.
Oh...and 6to4 or 6over4 seems to be a complete shambles all by itself. With what details I've read, it seems like the interoperability between the two networks is very hokey and not at all well thought out.
That says nothing of the equipment that will not or cannot be upgraded to run IPv6...print servers, telephone systems, UPS network management cards, almost any embedded device with networking that you can think of. I don't know about you, but I'm not willing to retire perfectly functional equipment for that reason alone.
So like I said above...whatever the solution is, I don't think it's IPv6. (But as I also said, don't bet your life, the farm, or anything else of value on what I say. My comments are well-intentioned but they're projections and your mileage will vary. Furthermore, if your mileage varies at all, whether for better or worse, I don't know you, never have known you and we never had this conversation.)
You speak treason against the Ultimate Holy! The only thing that matters is that each and every device have an externally addressable IP address! The end to end model matters because, well...because the end to end model matters! If you don’t have an end to end model you will /break the internet/. Because the end to end model matters! Don’t speak out against the end to end model! It matters! NAT isn’t security! It just makes you think there’s security! Use a properly configured uber-firewall that costs $7500 (+$30,000 in consulting fees to set up) for your home and small business. Anything else (like NAPT-PT) is breaking the end-to-end model. And the end-to-end model matters!
You heathen blasphemer scum. Rot in the darkest nether hells, you witch!
The end to end model matters!
Typo & ambiguous statements
Firstly, Geoff's surname is spelled "Huston". No 'o' required.
Secondly, the statement that "that IANA will stop issuing new addresses in February" implies that the change is a voluntary decision on the part of IANA. In fact, it will be because there won't be any more /8 IPv4 blocks left to allocate to RIRs from the central pool.
that IANA is running out of blocks when organizations like Big Blue have entire Class A address spaces assigned to them that are not being fully utilized.
As many have said, there isn't a shortage of IP addresses, just a shortage of blocks of addresses that can be assigned.
Rationalize the block allocations, and force organizations to use NAT were appropriate and I wouldn't be at all surprised if there was 30 - 40% of addresses (maybe even more) still available for use.
As for IPv6, I've been involved in setting up IPv6 infrastructure and testing application support for IPv6, and the reason people aren't jumping to implement it is because it massively complicates configuration, addressing and routing over IPv4... not to mention the fact it doesn't live up to the promise of providing better network security (in fact it does nothing at all for network security except create a false sense of security).
Could somebody with better google-fu than me please post links to instructions on how to set up a typical small business network into ipv6. Every forum discussion has a bunch of posts from people who say its easy, but I've yet to find any actual instructions. Assume typical small business office with 10-100 persons and IT support done by the programmers in their spare (ha!) time.
cater to windows XP boxes
remote desktop admin of servers through firewalls and which do not (and IMHO should not) have public DNS records
remote backup services
mid-range NAT router and firewall (no way are any of the office workstations getting internet-facing ips)
Paris, coz even she's thought more about ipv6 transition than IETF