Dispelling the IPv4 Address Shortage Myth 505
Zocalo writes "While looking up some WHOIS information at RIPE just now I noticed a couple of articles about the IPv4 address space allocation status. IPv4 Address Space: October 2003 is a short summary by RIPE themselves, and IPv4 - How long have we got? is from July 2003, but has lots more detail and pretty graphs!
In short, the "Death of the Internet" due to lack of IP space is a myth, which doesn't bode well for getting IPv6 rolled out any time soon."
Good articles (Score:5, Interesting)
If it isn't broken... (Score:3, Interesting)
It will almost always be cheaper to hack IPv4 than to switch to IPv6, and this will be the rule for 99% of IP users.
My prediction is that IPv6 will never come into general use, we will stick with IPv4 for at least 40-50 more years. I have absolutely no idea what will replace IPv4, something will, but it will not be IPv6.
NAT firewalls a huge factor (Score:5, Interesting)
This message was posted on a mailing list in response to a post that claimed that IPv6 would be widespread by 2005 due to an IPv4 address shortage
NATs, unfortunately, made a need to switch over to IPv6 wholly unnecessary. Such a switchover will probably not happen for at least another ten years. Even ten years ago, we were "running out of" IPv4 space due to incredibly inefficient allocations using the "class based addressing" method - by which your network was deemed to either to likely possess 253 computers, 65,533 computers, or 16,777,213 computers. A specific network was identified by 24, 16, or 8 bits. (The more bits it takes to identify a network, the more networks can exist but at the expense of having fewer unique addresses per network.)
This was quickly determined to be an inordinate waste of addresses and as early as the early 90's folks were predicting we'd rapidly run out of addresses. So class allocations changed a little, and instead of giving an organization with 1000 computers a class B (with 65,533 useable addresses), they'd give them four class C's (with 1012 addresses). This helped stem the tide for a bit and arguably saved the Internet's ass, but it was clear that a more elegant system for identifying networks was needed.
After some backbone technology re-architecting, a new scheme called Classless Internet Domain Routing, or CIDR was introduced, which allowed bit-sized granularity, meaning that a network was identified by exactly as many bits as you needed. Your network could possess 13 computers, or 16,381 computers, and the system could deal with that efficiently. CIDR definitely also helped save the Internet's ass. But the addresses kept on coming; that dang Internet was getting popular very quickly! Pundits started talking about The Great IPv6 changeover, despite the fact that less than one person in 100 on the Internet had an IPv6-enabled operating system.
Then came NATs. While Network Address Translation had been used in many environments, it hadn't really taken off tremendously. Then Linksys released a rather affordable cute little blue box. This piece of hardware let home users plug in several computers to the blue box, configure it with a web interface, jack in their cable/DSL connection and suddenly be sharing Internet access easily with everyone in the house, using one IP address and so fooling the ISP into thinking that there was only one computer using the Internet (many ISPs either don't permit or don't have the infrastructure to give out multiple addresses to a customer). These NATs had a secondary benefit, which was that by default, all incoming connections from the outside are dropped on the floor. I'm not sure Linksys had such "firewalling" in mind when originally designing the device - it's purely a practical issue. I mean, if someone says to a NAT "here's this piece of information" - to who which of the four connected computers should the NAT send it? By default, the NAT will give up and just drop the sorry packet. This means that when you're behind a NAT, you're protected from a whole class of Internet attacks. This realization further drove adoption.
Companies with low IT budgets realized that they wouldn't have to buy extra IP addresses from their ISP (which often came at a premium) and that they could have simple firewalling without a complex configuration. Both companies and people could not see the inherent value in having each of their computers have an Internet-deliverable address, and there was real value (protection) to be had in NOT be addressable from the Internet.
This, again, saved the Internet's ass. Instead of an organization of 1000 needing a class B, wasting hundreds of thousands of IPs, or even four Class Cs, this organization now only needs a single IP address to cover all of its desktops. Now instead of thinking about IP addresses as computer addresses, they have started to become network addresses, which is to say,
Different Problems? (Score:5, Interesting)
IPv6 was supposed to deal with this issue as much as it dealt with the number of ip addresses available, in that it would revert back to a semi class based routing set, with ISPs being assigned a range of addresses.
Thats how I understood it when I asked anyhow.
Re:Good articles (Score:5, Interesting)
In the end, the only truly STABLE method for addressing is just to have real IP addresses. NATs just add points of failure and complexity in diagnosis.
It doesn't help that Microsoft's own implementation of the system is nearly impossible to configure-- since NAT is useless for servers, you're only going to see it on clients, and there's your #1 most likely NAT solution to see.
Re:Different Problems? (Score:3, Interesting)
IPv6 will be adopted, just not in USA first (Score:5, Interesting)
Moreover, as people deploy new infrastructure, they may be forced to use IPv6. For example, at some point every cell phone is going to have a routable IP address--and that is definitely going to require IPv6.
So while North American desktop machines are unlikely to be switched to IPv6 any time soon, it will happen in other parts of the world and for other types of hardware.
Re:If it isn't broken... (Score:1, Interesting)
BTW:
So don't tell me everything is fine and dandy, Pollyanna.
Re:Good articles (Score:4, Interesting)
Re:Good articles (Score:1, Interesting)
Re:Good articles (Score:5, Interesting)
IPV6 is needed because RFC 1918 is a bandaid. We need to have globally unique IP addresses, whether we expose those IP addresses to the internet or not is irrelevant.
The myth of "better" (Score:1, Interesting)
That's because NAT is a *better* solution than IPv6.
Now before you get your knickers in a bunch, lets take a look at the old saw of "VHS won despite Beta being better".
I'm here to tell you that this is the biggest myth in the tech community.
When VCR's first came out, people wanted them to timeshift, and to tape movies from TV. But a movie is 2 hours long. Beta was first and a compromise was to limit recording time to 90 minutes per tape.
Whoa. Big problem.
JVC sensing an opportunity made a small, but significant "improvement". They made the recording time 120 minutes. Picture quality was worse, but here the key point:
"People didn't care about the best picture, they wanted to tape movies".
Thus, the videophile saw beta was clearly better than VHS because the picture was noticably better. So VHS got a foothold.
Sony finally killed off beta by making a key mistake.... they refused to license Beta except under very stringent and costly conditions. By contrast, JVC was whoring the VHS spec out to everybody.
By this time, Sony figured out a way to get longer record times, but it was too late. The die was cast. Sony lost beta because they didn't move quickly enough on the features that people wanted, and they didn't move agressively to get licensees of their Beta technology.
This was repeated with the 8mm debacle just a few short years later.
What does thsi have to do with IPV4 vs IPV6. Only this:
While IPv6 is a technically "better" solution, it isn't solving the problem that people want, and it has a fairly high price tag to boot! So IPv6 from that standpoint is the Sony Betamax of 2003. Better, but only to the elite few.
ipv6 rollout held back for what? (Score:2, Interesting)
Re:Good articles (Score:5, Interesting)
IPv6 offers nothing but a fat address space,
really. Everything else can be retrofitted
to IPv4.
Frankly, I think we'll devolve to a system
of discrete IPv4 address spaces with
intelligent routers between them before
IPv6. It doesn't matter how much mindshare
v6 has, if the economics are wrong.
Re:Good articles (Score:2, Interesting)
Things like these are prevented by a firewall. Not NAT.
You are probably creating more of a risk by trying to rely on the obscurity of NAT for security (false sense of security).
You want your local network to have real IP addresses because that is the way it was meant to operate. If it did you wouldn't have to screw around with port forwarding or proxying and remembering which port numbers correspond to which servers (if you have multiple services of the same type).
I think most of us use NAT because ISPs charge ludicrous sums of money to get real IP addresses for broadband or dialup connections.