Feeds

back to article Sheffield ISP: You don't need a whole IPv4 address to yourself, right?

Facing the shortage of IPv4 addresses, and glacial adoption of IPv6, UK ISP PlusNet is looking for volunteers among its customers to test out sharing the IPv4 addresses on its network. The technique being tested by PlusNet uses a NAT (Network Address Translator) to share a single internet-facing IP address between multiple …

COMMENTS

This topic is closed for new posts.

Page:

Pint

Re: I've got a bad feeling about this...

"They announced last year that they are stopping the trails due to core infrastructure upgrade. Still no word on when new trails will start up again."

The IETF doesn't understand networks, which is why calls from netheads to de-fund the ITU get amusing. The ITU develop global standards, which is why the Internet works. Buy an STM-64 or an OTU-2 pretty much anywhere in the world and you'll get the same thing, and how it works is pretty tightly defined. Netheads however like Ethernet, because Ethernet is perceived as cheap. Which it can be, if you know what you're buying.

If you're buying it for xDSL backhaul, knowing about MTU size is important if your IP traffic is turned into PPOE and carried over an L2TP tunnel over an Ethernet. Which is a bunch of extra header bytes that may not fit in the 'standard' MTU of an Ethernet link. So you get fragmentation, which can be a bad thing. You may get it earlier if your Ethernet is EoMPLS because you need bytes for the MPLS lables as well. That can be.. challenging with v4 networks, especially if they're expecting to be able to send a 1500 byte frame and set the DF bits. Add IPv6 into the mix and your overhead bloats given the address inflation.

But this is OK, because you are not allowed to fragment IPv6 packets at the router. If they're fragmented, they just get dropped and you may or may not become aware of this depending on how well (or badly) PMTUD has been implemented. The IETF workaround is to specify a minimum MTU of 1280 bytes, which may just work on Ethernet links that don't support jumbos, baby jumbos or pink elephants. 1280 is of course less than you get with IPv4, so goodput on large packet transfers will have to drop to ensure delivery. It's less efficient (by a lot with small packets), but that's progress for you.

0
1
Silver badge

Marketing? I've heard of that ...

"The days when everyone ran their own servers are long gone"

If by "most people", you mean "most people who use TCP/IP in some way, even if they don't even know what TCP/IP actually is", this is very true. Most people have no idea how TehIntraWebTubes work. Note the "most".

"and almost everything is available in the (better secured) cloud these days"

Uh ... no. Total fucking bullshit. Unless you're part of the "most", of course. So it must be true.

4
0
FAIL

It would prevent services that use UPNP or prefers/demands strictly open NAT based connections

.e.g. xbox, PS, mobile wifi, android

oh and would decrease security for VPN links!

*applauds some idiots idea* I take my hat off to you, but you didnt quite think this one through properly!?

2
0
Thumb Up

Good on them

I think it's commendable that they're dipping their toe in to this area and feeling around for what the best way forward is. Just because other ISPs aren't doing this, doesn't mean they're not considering more draconian options when the time comes. They're doing a trial and appear to be being transparent about it...

Re: Phased Change...isn't that really the same as what Plus is proposing? Where the NAT is done is a technical choice, but NAT is NAT is NAT.

2
5

Re: Good on them

No they are proposing NATing people using IPv4 inside their network. Customers would still be ipv4 to the internet. I was proposing they give almost everyone Ipv6 on their network and the internet at large.

0
0
Meh

Re: Good on them

So if they give everyone an IPv6 address only, how would these users access hosts that only have an IPv4 address without some kind of NAT, somewhere?

1
1
Silver badge

Another reason to avoid PlusNet. As if I needed more.

1
0
Bronze badge

PlusNet used to be amazing. I had them for decades and they were fabulous and the ultimate test "knowledge of the first guy to answer the phone" was passed flawlessly (changed my ADSL interleaving settings to alleviate latency in interactive connections within, about, 1 minute).

Hell, they even took over the company hosting my domain names, and I'd again looked long and hard for a good company there and ended up with a fabulous one that I was happy for PlusNet to take over because they were similarly fabulous.

Then they got taken over by BT. Since then it's been downhill I think. My brother has been fighting for three months with the domain-name host that is now owned by them because all of a sudden tons of things just stopped working properly, after literally 15 years of perfect operation. The ADSL side drops in rating every time I read an ADSLGuide review. And the technical side is now abysmal if people I've recommended to them are telling me the truth (and I have no reason to doubt them).

Now they've "run out" of IPv4 addresses (telling me that BT don't have enough to go around? Honestly?), but can't be bothered to run a proper IPv6 trial. How about "If you let us issue you with only IPv6 addresses, we'll give you 50% off?" - an INCENTIVE to the technically literate on both fronts, and a way to free up IPv4 addresses for the technically-illiterate who have no idea what that service is or what it means to sign up for it. And last time I recommended someone, they were told you couldn't sign up over the phone, and given that the person in question had no Internet, they just used someone else.

No, basically, BT have killed PlusNet. Hell, I had more IPv6 connectivity through PlusNet several years ago than they even offer today. It's ridiculous.

I wouldn't sign up for it. I'd actually take it as a sign to move on to another provider.

On an pseudo-related note, my external server host (not PlusNet related) is still offering 5 IPv4 IP's (no reason or signing things required) with every virtual server they sell, from £9.99 a month. Can't be that much of a shortage of them. Hell, if it came to it, I'd rather pay the £9.99 extra and VPN all my stuff through a real external IP.

But really, the fix here is to offer IPv6 instead. But no, they don't even publish AAAA records for their main domain so that people can even GET to their website using it, let alone use it as part of one of their products.

2
0
Anonymous Coward

Still got my static IP, and a server running at home. As well as having it host my dev kit, I run automatic encrypted delta backups of every other device I have directly to it over a key-locked SSH connection.

What was this "more secure" cloud bullshit, again?

4
0
Stop

6-to-4

Simple solution is there, its been made...

This solves the issue with NAT'ing which is Directly unneccessary and hardly secured. DNAT versus SNAT

Now would someone please masquerade (oops, serenade) the 6-to-4 ... http://en.wikipedia.org/wiki/6_to_4

then they could assign us all ipv6 addresses without needing to affect anybody?

0
0
Anonymous Coward

Re: 6-to-4

6-to-4 is a way of linking two IPv6 networks over an IPv4 network, so that v6 islands can talk to each other. It doesn't let v4 and v6 hosts interwork.

1
0

NAT is now DHCP?

The NAT allocates fake IP addresses to devices on the network, often starting 192.168.x.x as those numbers are reserved for this purpose, and then maps outgoing connections so that returned data (websites and such) is sent to the requesting computer.

Actually, DHCP will assign the INTERNAL (not fake) address, or you could set it manually.

In its simplest form, NAT basically receives traffic from the public IP, and then distributes that traffic to the intended internal address based on which protocol and TCP port address the data packet has in its header.

0
0
Silver badge

Does the author know anything about TCP/IP?

"NAT makes it impossible for anyone on the internet to establish a connection to a computer behind it"

Not true. You just have to include port information in the address, and set up an inbound port redirect on the device doing the NATing. So outside, you advertise, say, port 2080 for your web server, and have the NAT device redirect inbound packets received on the 'RED' side port 2080 to port 80 on the private address of the device on your 'GREEN' or 'ORANGE' network. All of the devices that I have used that provide NAT have this functionality, so I'm sure that an ISP could deploy it.

In case anybody does not understand, a valid URL can include a port number, so you can have a URL like www.mywebsite.co.uk:2080/home.html

It works, but there are caveats, particularly on URLs that refer to other pages on the same site. But it works very well indeed for single port services such as SMTP as long as it is known to use a non-standard port.

IIRC, DNS has support for providing port information as well as IP addresses for name lookups, it's just not used.

1
0
Thumb Down

Re: Does the author know anything about TCP/IP?

How's that going to work with Plusnet's proposed double NATing?

2
0
Silver badge

Re: Does the author know anything about TCP/IP?

If Plusnet give a fixed IP and port number(s), then it is still possible to do port forwarding even in a double NAT environment. You just have port forwarding on both NAT devices.

I would be quite happy to be given a range of ports (say 16) for input services on a fixed IP address, as long as I knew what the external port range was, and what ports each would map to when presented to the local NAT device. This would be preferable to me than having all the ports available on an indeterminate IP address, and having to use a dynamic DNS solution to find my servers on the Internet.

A more complex setup, but I'm fairly certain that the people who want it are the ones most likely to understand how to set their side up.

Alternatively, you could run your ADSL/cable router in bridge mode, and have them map directly to your servers (only having ISP run single NAT in this case), but that is not a configuration I would want as the ISP would then have sight of your private network unless you put another firewall in.

1
0

Re: Does the author know anything about TCP/IP?

You just have port forwarding on both NAT devices.

The chances of Plusnet co-operating with customers in this way are non-existent.

0
0
Meh

I dont really understand

IPv6 the addresses are too long and have hexadecimal I can work with IPv4 addressses and have certain ones commited to memory dns servers etc. I remember studying how to work out subnet masks etc for IPv4 and that seemed complicated for my little mind how are you supposed to do all that with those addresses. Too complicated might as well just jack it all in and become a dustman.

2
6
Silver badge
Coat

Re: I dont really understand

Is yours the donkey jacket? Close the door on the way out, ta.

0
0
Silver badge

Re: I dont really understand

IPv4 or IPv6 addressing is largely irrelevant to most internet users. DNS and stateless address autoconfiguration or DHCPv6 takes the pain out of knowing IP addresses.

Let me ask you. Do you know, off the top of your head, any IP addresses of servers on the Internet?

And do you care what the address that systems have on your private network?

For most home users, the answer to both of these is no, in which case, apart from the pain of switching your router and systems over to only use IPv6, the change will be almost entirely unnoticed.

Of course, some of us (and I am in this category), do care, and I am dreading the switch, because I want fixed addresses in my network for certain systems (no uPNP for me, no sir). I have to do some learning to find out what I need to do to, and I'm not looking forward to that.

0
0
Bronze badge

What to do with the waste?

I know several IP addresses off the top of my head:

208.67.222.222

208.67.220.220

8.8.8.8

8.8.4.4

several DNS servers belonging to different ISP's.

I'm all for change to IPv6 but I haven't bothered with the IPv6 equivalents of OpenDNS and Google DNS...

0
0
Silver badge
Thumb Up

Re: I dont really understand

"Of course, some of us (and I am in this category), do care, and I am dreading the switch, because I want fixed addresses in my network for certain systems (no uPNP for me, no sir). I have to do some learning to find out what I need to do to, and I'm not looking forward to that."

Peter, you'll do fine.

There are special addresses dedicated to local networks, and special addresses dedicated to same-network configurations, and other weird and wonderful allocations (ip4 in ip6 etc.) but if you ignore all that, the configuration of ip6 is pretty much the same as ip4. You assign a subnet. A router has an ip on that subnet, as do all other hosts, which use the ip6 address of the router as their default gateway.

The ip6 address format can look a bit intimidating, but it's just a way of representing 128 bits, in the same way the ip4 a.b.c.d format is just a way of representing 32 bits.

0
0
Meh

Re: I dont really understand

>>Let me ask you. Do you know, off the top of your head, any IP addresses of servers on the Internet?<<

Pretty much just public IP addresses of my networks and dns server addresses for configuring forwarders and troubleshooting connection issues etc. I have not got my head around the ipv6 what address ranges to use for internal hosts etc try to avoid it all together if I can all I know is I once installed SBS 2007 and thought it would be a good idea to disable it which made the machine run like treacle until I put the tick back in. I have not disabled it on anything else since except for dialup vpn settings. Its all a bit here be dragons.

0
0
Anonymous Coward

National only IP ranges

How about putting whole ranges aside to be 'national only' - rather than international? The example above about 51.x.x.x being the GSi is a good instance of a network that nobody outside of the uk would need to access, so why not let every country have their own 51 networks that are not internationally routable.

This could be extended such that certain services are on 'national only' ranges - and will save having to implement geoblocking tricks. For security you could choose to be a user on an 'national only' network, etc

This could help.

0
4
Thumb Down

Re: National only IP ranges

Great way to break the Internet. China and Iran will be very interested in your proposal.

4
0

fc00::2

Just give us IP6, the addresses are totally shorter.

5
0
Silver badge
Thumb Up

Re: fc00::2

indeed!

as is ::1 as opposed to 127.1 :-)

0
0
Boffin

VPN and VOIP

Both VPN and voip sessions require that a NAT router do some fairly sophisticated connection tracking on connectionless protocols. Voip is easier, as at least it uses UDP, which has port numbers as part of the protocol header, which means that the NAT process is free to tweak the source and destination addresses and port numbers to achieve a reasonably reliable pseudo-connection.

VPN, particularly IPSEC and PPTP are very hard to run over NAT, particularly if there are multiple VPN clients in the local LAN. The protocol (GRE) does not have port numbers, and the payload data is opaque. This means that the NAT router needs to make some guesses to route the packets correctly, and so bad NAT algorithms are bound in a CDNAT situation to cause VPN connection issues.

1
0

This is how I see it going

The final block will finally be sliced up and exhausted and then we will be on to the exciting game of highest bidder wins. Like carbon credits, the price will go up as the availability decreases and especially ISP's and hosting companies will have to acquire ranges any way they can. I have already been involved in a project where a company had an entire migration to a managed datacentre for their web-servers (some major clients) which was pretty involved, for the princely sum of a /20 range that they owned.

I also know Universities that have so many public IPs that they use public ranges internally so don't be surprised if they suddenly make a quick buck by selling some of those ranges.

The tipping point is when the price of these ranges changing hands becomes more expensive than just upgrading the infrastructure/using 6to4/etc. The question in my mind is just how quickly these prices go up. If it is reasonably gradual, then the majority will have time to get themselves sorted. If if goes into the stratosphere very quickly, then get out the popcorn because it is going to get interesting.

2
0

Can they still call this The Internet?

It sounds to me like they are providing access to the World Wide Web, and little else. ISPs calling this service 'The Internet' would be like calling a broadband connection with a download cap 'unlimited', and they would never get away with that. Oh, wait ... they did, and they probably will.

3
0
Silver badge

Re: Can they still call this The Internet?

Why? For normal users who do not provide internet visible services, but only use client services, the change will be almost completely invisible. Outbound connection requests will still be given ephemeral port numbers, just like they are at the moment, and these will be recorded by the NAT server to allow packets to be routed back correctly.

In fact, if you have a cable or ADSL router/modem, you are almost certainly running NAT already.

It is only if you offer inbound services to your network that you are likely to notice anything at all, and if you are, you probably already know how to get around any problems. And it's not like they are not telling you what is happening.

2
0
Silver badge

Re: Can they still call this The Internet?

Any ISP which signed the "code of practice" recently touted as the alternative to Ofcom stepping in (Which is all the biggies and phone companues except O2 and Tmobile) has legal restrictions on what they can call "Internet"

Blocking GRE/VOIP or being in a walled garden would stop them being called "internet services" (which is why O2 and Tmobile won't sign the agreement - they both block VOIP)

0
0

If this service were offered at a discounted rate to the standard public IP service and explained the limitations of the stuff that won't work i can see a good percentage of their customers that just do web browsing, iplayer, youbube and facebook being happy with that. And if they do want to run something that requires a public IP address then they can pay the extra to upgrade to the next service.

I seem to remember way back in the early 2000s that NTL did a similar thing on their low end 128meg cable broadband service where you got a NATed IP address but then they stopped and started issuing public IP addresses.

1
0
WTF?

WTF

I thought +net we more clued up than this!!!

When I get back to UK the only ISP I will consider will be andrews & arnold

4
0
Flame

Another small step...

Another small step towards the internet becoming a pay-TV service. NAT'd connections are great for consumers, not so great for creators. No, I don't count uploading your life to Facebook as being creative.

Now watch these nice adverts then you can see some cat pictures.

1
1
Z80

I don't know if it's a historical thing due to being with PlusNet née Force9 for years and years but in the member centre I'm seeing 4 public IPv4 addresses for my account. They're described as:

Gateway Address

address for router

spare address

Broadcast Address

Why would they have done this?

0
0
Silver badge
WTF?

@Z80

It sounds likes you have been/were assigned a /30 network rather than a single IP address....

That would be a waste, because only one of the addreses is available to use (the other three taken up by net address/gateway address/broadcast address)

0
0

Is this a business account?

They have assigned you a network range (sometimes called a block), albeit the smallest range you can get.

Gateway address is actually called the Network address - This cannot be used by a computer

Address for router is as it says, the Public IP assigned to your router (this will be static)

A spare address, simply because you cannot have a range lower than 4 addresses.

Broadcast address - once again this cannot be used by a computer.

If this isn't a business account, I would ring them up and ask them to remove the range, and simply provide you with a static address if you need one, or dynamic if you don't need it. This would free up a further 3 IP addresses for them to assign later (they would probably thank you aswell :D )

0
0

IPv6: not enough incentive to move

There is just not incentive to move to IPv6. Companies which already have sufficient IPv4 allocation (i.e. most companies) don't need to move to IPV6, they also know that a migration would cost them money and that it would carry risks that some of all of their services might not be universally available following a migration to IPv6. The ISPs won't move as they don't want to be in a situation where some of their customers have trouble accessing specific services or using particular applications under IPv6. That some other startup company is having trouble getting online due to a lack of IPv4 address space is not going to encourage any company to take the plunge.

The only way to get people and companies to move is to have some substantial incentives - some things that are available under IPv6 but not under IPv4. I know there are some usenet servers offering free access to binaries newsgroups but that is not enough. If governments offered a limited period tax break for companies or individuals demonstrating that they had completed migrations to IPv6, that might generate some interest.

1
0
Bronze badge
Alert

Re: IPv6: not enough incentive to move

The internet tends to move fast in bursts and break old stuff. It's a disruptive technology. That's what has made it so phenomenally popular. The only way to survive in the presence of a disruptive technology is to change and adapt and keep up. Or else you risk getting broken by the next stage in its development.

The incentive to move is history. Keep up or get broken by the next thing. Unless ISPs have IPv6 ready, debugged and waiting for the press of (a big red) button then some day soon their CEOs are going to wake up and discover they're 18 months behind curve and the masses are plunging head first into some IPv6-only thing which is exploding like Farcebook did. And the masses won't be able to do it on their networks. So they'll go somewhere else.

Consumer devices, OSes, etc. are all IPv6 ready. They can all access IPv6 resources. The only things that are not ready are the mainstream ISPs. They're sitting on a ticking time bomb. There's your incentive. Perhaps they need to do some risk analysis on their business models?

2
2
Gold badge

Re: IPv6: not enough incentive to move

"Consumer devices, OSes, etc. are all IPv6 ready."

All of them? Games consoles, ADSL routers, TVs and PVRs, particularly any of those that are more than six months old? On the other hand, most of them can work behind a NAT (whether it be domestic or ISP) without noticing. The device that really needs to be IPv6-ready and typically isn't (in the UK at least) is the ADSL router.

"They can all access IPv6 resources."

Yes, but (as noted earlier in this forum) the majority of online resources are only available through IPv4 addresses, so even where the customer and the ISP have both got their act together, you still end up using a IPv4 connection for most things.

0
0
Silver badge

Re: IPv6: not enough incentive to move

"There is just not incentive to move to IPv6. Companies which already have sufficient IPv4 allocation (i.e. most companies) don't need to move to IPV6, they also know that a migration would cost them money and that it would carry risks that some of all of their services might not be universally available following a migration to IPv6"

IMO: If there are a number of IPv6-only services and IPv4-only ISPs can't reach them then they won't be able to advertise themselves as "Internet" providers.

I raised this with Ofcom late last year. They agree in principle and are keeping an eye on the situation - the question is at which point the number of IPv6-only hosts becomes enough to warrant mandating that ISPs provide IPv6.

0
0
Bronze badge
Facepalm

Re: IPv6: not enough incentive to move

In reply to Ken Hagan (15/1/13 17:52)

Ah ... good point. I may have indulged a little too heavily in hyperbole there.

The point I was trying to make is that smartphones, tablets, and the OSes that run on desktop systems are all IPv6-capable. They can all, given the right kind of network connection, access IPv6 resources.

The routers (or whatever connects the devices to the wider internet (e.g. mobile 3G/LTE/whatever)) will be supplied by the ISP. And if the ISP is selling its service as proper internet (ie. IPv6 capable) then the router will be too.

As for games consoles and TVs and PVRs, that's not really relevant to the point as, provided the connection is dual stack, they will not be affected.

It seems at this stage the consensus is to move from IPv4-only to dual stack IPv4 & IPv6, and then more gradually still to IPv6-only. The problem that many El Reg readers appear to have is that mainstream UK ISPs are moving to dual stack at the speed of a very slow snail. And my point was that that puts them in a vulnerable position.

While I apologise for the gratuitous hyperbole, I think my point still stands.

1
0

Bad news for gamers

If you play any kind of P2P multiplayer game, this will not be welcome news. I had any number of NAT failures when trying to play Company of Heroes and god help you if you want to play something like Civilization.

0
0
Bronze badge

ISPs get toenail clippers from Dr. Gatling

When last I checked...

1: My ISP had no plans for the transition. Given the likely life for their network hardware, that seems foolish.

2: Nothing on sale in the fabled "High Street" was marked as having IPv6 compatibility. I was having a look at ADSL boxes at the time, with the aim of upgrading my WiFi.

3: Windows XP has an IPv6 stack included.

4: My NAS drive won't work with Windows 7 but it does have a USB connection. It isn't so big anyway, but what is it about my set-up that has my hardware working well for so many years more than anyone expects? Maybe it's the Spontoonie Gods who are the real ones.

0
0
Gold badge

Re: ISPs get toenail clippers from Dr. Gatling

On (2), I can't claim to have performed any market research myself but Andrews and Arnold are offering a Technicolor 582 router as part of the IPv6-capable package. They searched long and hard to find it. Chances are its the only reasonably priced ADSL box they could find.

On (3), yes even XP has an IPv6 stack, but the end-user has to do "difficult scary stuff" to actually switch it on so I imagine it is "off" on 99% of XP systems. I wonder if Microsoft would consider a Windows Update or "FixIT" to change that default, or would that count as "maintaining XP" and therefore violate someone's religion.

0
0
Silver badge

Already Here

It is possible to be in the UK and use an ISP with native IPv6, I've got it here. It's also possible to set up your home system to use a tunnel broker and have IPv6 that way. It wasn't that hard to set up a Linux router with a tunnel, although I appreciate it's not quite plug-and-play.

Two things are needed:

1. Router/modem manufacturers to include ipv6 in their products by default so that if connected to an ipv6-enabled ISP, it'll just work as easily as ipv4. I can see that it might be necessary to include an entry field for an ipv6 prefix address, but that's no worse than having to enter the DSL modem details. Most modern PCs (Windows, Linux, Mac) will trivially fire up ipv6 with minimal prodding, and even Android phones will use it if on a suitable network.

2. ISPs to bite the bullet and offer ipv6 as a default option so that it will just work, and most people won't even know it's happening.

0
0
Anonymous Coward

Software compatibility?

It is one thing for networks to move to IPv6. However users' routers, clients, and servers also need to support IPv6.

On top of those compatible platforms there are then applications which might be IPv4 address aware - and now need to handle IPv6 format.

2
0
Silver badge

Re: Software compatibility?

"On top of those compatible platforms there are then applications which might be IPv4 address aware - and now need to handle IPv6 format."

This is a real problem, but thankfully most enduser apps will just work happily no matter which IP stack they're talking to.

A lot of P-t-P apps are going to break though. The entire Ed2k/Kad system for starters.

0
0
Bronze badge
Thumb Down

And another ISP that doesn't get it

If they had just spend the time and effort of setting up CGN in setting up a dual stack system, they would be ready for the future. The more ISPs that do that, the more people who will add IPv6 to their servers.

If I look at my company's accesslogs, I can see that about 1 in every 200 requests comes over IPv6. Thankfully, some more ISPs have announced IPv6 availability for new connections recently, so this should rise soon.

1
0
Anonymous Coward

Maybe

"The solution is for everyone to switch to IP version 6"

What if it isn't?

0
0

Page:

This topic is closed for new posts.