Dispelling the IPv4 Address Shortage Myth 505
Zocalo writes "While looking up some WHOIS information at RIPE just now I noticed a couple of articles about the IPv4 address space allocation status. IPv4 Address Space: October 2003 is a short summary by RIPE themselves, and IPv4 - How long have we got? is from July 2003, but has lots more detail and pretty graphs!
In short, the "Death of the Internet" due to lack of IP space is a myth, which doesn't bode well for getting IPv6 rolled out any time soon."
just remember (Score:2, Informative)
Re:just remember (Score:5, Informative)
But, for those that don't know, the CCNA book says:
Class A 0.0.0.0 to 127.255.255.255
Class B 128.0.0.0 to 191.255.255.255
Class C 192.0.0.0 to 223.255.255.255
Class D 224.0.0.0 to 239.255.255.255
Class E 240.0.0.0 to 255.255.255.255
Class D are multi-cast, which I don't believe very many people use..
Class E are "Scientific Purposes" or "Research".
I was running a little personal project a while back, to try to find logical distances from various points (places I had access to machines) to other places, and try to map them, to determine if there were more advantagous places to put servers, or redirect customers on particular networks to particular servers.
A whole bunch of those first
Of course, if I was the network god of 3.0.0.0/8 (General Electric), and I was only using say 100,000 IP's, they'd be hard pressed to make me give up any part of that, especially in knowing that they've had that block since the first days of the Internet. Whois says they registered 3.0.0.0/8 in 1988. I definately wouldn't want to be the admin that had to change 50,000 IP's.
I guess it does help with the old estimates, that people are using NAT more frequently. The stories I heard years ago said we would have run out long before Y2k, but since people run NAT's at home and many offices. Nextel has assigned IP's to every phone (ahhh, the wonders of the Internet), but they're all 10.0.0.0/8
For example, on my phone, I select
Menu -> More -> My Info -> Carrier IP
And it shows me 10.154.85.xxx
Using a Nextel im1100, I also get assigned an IP in the 10.0.0.0/8 network.
For those that don't know, 10.0.0.0/8 is a private network [ohio-state.edu]. You can use it any way you'd like, but it's completely useless to you on the Internet unless there's a NAT or something between you and the rest of the Internet.
4,294,249,958th post. (Score:3, Funny)
Grab em! (Score:5, Funny)
If I get enough for free, we will have to use IPV6..
I think I want a screensaver where each pixel has an ip, and then we can replace X with a simple protocol just sending colors!!
Re:Grab em! (Score:2)
This is definitely the weirdest idea how to (ab)use IPv6 I've ever read.
IP as Memory Map (Score:2)
-kgj
Re:Grab em! (Score:3, Informative)
This point was somewhat unclear in the article. He mentions how assignment has moved away from the class licenses, but as far as I know, HP anyway, still maintains control over all of the 15 and 16 addresses. I be
Re:Grab em! (Score:4, Funny)
My super-leet replacement would not.
We are talking about replacing X, remember. This is an important aspect of the grand plan.
Should I apply for a patent?
Patenting the Grand Plan (Score:2)
Should I apply for a patent?
Of course you should apply for a patent -- how else will you sue Microsoft for hijacking the grand plan
-kgj
Good articles (Score:5, Interesting)
Re:Good articles (Score:5, Insightful)
Check this presentation: mms://webcast.ripe.net/ripe46/plenary-2.wmv [webcastrip...enary-2wmv]
Re:Good articles (Score:5, Interesting)
IPv6 offers nothing but a fat address space,
really. Everything else can be retrofitted
to IPv4.
Frankly, I think we'll devolve to a system
of discrete IPv4 address spaces with
intelligent routers between them before
IPv6. It doesn't matter how much mindshare
v6 has, if the economics are wrong.
Re:Good articles (Score:5, Insightful)
Disclaimer: First, understand, I'd like to agree with this. IPv6 is a good thing.
However, the IPv6 motivations you mention are incorrect. IPv6 does provide the things you mention, but these are not sufficient to cause a migration and do not constitute a "need."
Security; Adhoc VPN is providing this in IPv4. It's messy and complex, but it works within limits. IPv4 was not designed with this in mind and the hacks that appear as a result are deeply wrong, but it works.
Autoconfig; DHCP is providing this to a large degree already. It is working "in the wild" right now in both fixed installations and more recent wireless environments. Again, it's messy and imperfect, but it's working.
NAT is being extended to multiple levels through routing domains (my phone has a RFC1918 address and I wouldn't be surprised if some cable/DSL ISPs aren't distributing them too. A major issue for corporate WANs is making sure RFC1918 subnets don't overlap.) Protocols that don't play well with public IPv4 and NAT are being implicitly deprecated (consider SOAP running an entire RPC stack through HTTP ports and TCP/IP.) Obscene hacks necessary to overcome NAT are being created (IPSEC NAT-T.) How long will it be before ISPs set up tiers where you're only cost effective choice for small enterprise is a single public IP on a NAT gateway because a classless
IPv6 will happen only when the pain of the transition approaches zero. Until then IPv4 will persist regardless of how painful it is. People will deal with figuring out how to run multiple virtual hosts through a single address to a NATed DMZ before they read page 1 about IPv6.
When every OS and device supports it out of the box and the base of administrators are finally no longer mystified, it will occur. This will take a long time. I doubt IPv6 will be ubiquitous in the next 8-10 years. IPv6 proponents must continue to focus on vendor support and educating administrators. There is no magic bullet.
Re:Good articles (Score:5, Insightful)
If every phone, mobile phone, internet appliance, whatever had a publicly available internet address, things like VoIP could be routed over the internet, be more secure, have better latency, possibility of point to point encryption, etc. It would drive down the cost of mobile internet service, and make service better on the whole. Want your home phone# to ring your cellphone or computer? Forward it.
Phone numbers of the future should be like URLs. phone.yourname.com, mobile.yourname.com, and you could have as many of these as you could want to resolve to your phone's address. Want to have your cell listed by your employeer? joesmith.bigcompany.com. Confrence calls? IPv6 has much better facility for multicasting. Video, etc etc etc. are all quite possible.
It's not that complicated. IPv6 represents a paradigm shift for future accessible technologies, that aren't possible/interoperable any other way. People want mobile internet aware devices, lots of them.
What I want is to be able to subscribe to a mobile carrier like I would an ISP. They host my connection, give me some benefits (web space, whatever, more data transfer), and charge me for the byte. It's redicliously expensive to use internet enabled phones in most places in the world--Especially concidering that voice data is so much larger, by nature..
Re:Good articles (Score:5, Insightful)
This is done because we have to, not because we want to. If IPv6 was a reality today i would put many machines with a public IP address that today are behind NAT.
Re:Good articles (Score:4, Interesting)
Couterexamples (Score:4, Informative)
Not at all.
Just because you have an assigned network doesn't mean that that network (or all parts of that network) has to be connected. You could even NAT an assigned address behind a firewall if you wanted, and never put out any routing information. It would be just as secure as a non-assigned address, but very convenient in many situations.
For example, I'm setting up an ad hoc VPN right now between several companies collaborating on a project. Naturally, we are not giving access to each others LANs, but separate segments. Howver, we can't ignore the unassigned addresss used by the other partners. If he uses 192.168.100.0/24 for his LAN, I can't use it for my VLAN segment.
Another example is when companies merge. They could just plug their LANs in and know everythign would work.
Re:Good articles (Score:5, Interesting)
IPV6 is needed because RFC 1918 is a bandaid. We need to have globally unique IP addresses, whether we expose those IP addresses to the internet or not is irrelevant.
Re:Good articles (Score:3, Informative)
Re:Good articles (Score:3, Informative)
That argument makes no sense.
1. The parent poster clearly DOES want to have more public IP addresses. So do I.
2. Do you block all outbound connections from your NAT'd machines? That's the only way you could be more secure than blocking all inbound connections using a firewall.
3. If you want to keep NATing, go for it. IPv6 ain't gonna stop you.
Re:Good articles (Score:2)
Re:Good articles (Score:4, Informative)
Re:Good articles (Score:5, Informative)
No. The questions of whether computers on a LAN have their own IP addresses and whether they are firewalled by a dedicated box are independent. Even if each machine has an IP address by which it is publically addressable, you can still have a system which protects it by blocking known-dangerous ports.
The advantage of a situation like that, for instance, would be that you could have the firewall block file-sharing/RPC ports, while still allowing port 80 inbound so the individual machines can run webservers. With a NAT, only one local system could have a webserver, and you'd have to configure which one got it on the firewall.
Re:Good articles (Score:4, Informative)
Re:Good articles (Score:3, Insightful)
Re:Good articles (Score:5, Insightful)
Re:Good articles (Score:5, Insightful)
Re: (Score:2)
Re:Good articles (Score:5, Interesting)
In the end, the only truly STABLE method for addressing is just to have real IP addresses. NATs just add points of failure and complexity in diagnosis.
It doesn't help that Microsoft's own implementation of the system is nearly impossible to configure-- since NAT is useless for servers, you're only going to see it on clients, and there's your #1 most likely NAT solution to see.
"Fairly Recently?" (Score:5, Insightful)
Anyhow, the stuff now works and is stable (and has for years), so there's no reason to whine about stability, etc. If your software doesn't work behind NAT, it's because they hired an inexperienced network guy to write the code.
Why not complain about something else, like the crappy X server stuff?
Re:"Fairly Recently?" (Score:5, Insightful)
Yeah... it took until around 6 years ago before FTP would even work through a NAT. FTP! One of the oldest protocols on the 'net! And this requires stateful management on the server, which is non-trivial. Basically, it requires a protocol-specific hack.
Anyhow, the stuff now works and is stable (and has for years), so there's no reason to whine about stability, etc. If your software doesn't work behind NAT, it's because they hired an inexperienced network guy to write the code.
Sorry, but you're totally wrong, here. There are many applications (IPSec being the most obvious, as well as end-user apps, like VoIP, P2P apps, etc), where the very architecture of said application means NAT fundamentally breaks things. And yes, there are ways to hack around these limitations, but they're just that, hacks. And this is unavoidable... the minute you want machines to be able to directly contact other machines, things break down in the face of NAT.
Re:"Fairly Recently?" (Score:3, Insightful)
Indeed. But firewalling without NAT is equally effective, and allows you to selectively unblock machines and/or ports.
Re:Good articles (Score:2, Insightful)
Re: (Score:3, Insightful)
Re:Good articles (Score:2)
I like the idea of NAT to hide addresses from public view, but unique internal addresses isn't a bad thing. Just NAT the internals to a block of externals.
Re:Good articles (Score:5, Informative)
There is more to IPv6 than a larger address space. The address space issue is just what is commonly pushed, since it's something that's easily grasped even by non-techies.
The true benefits of IPv6 are things like; improved routing, multicasting scope, greater flexibility in what packets contain, flow labeling, privacy and authentication.
Especially flow labeling will be important if the net is going to be a source of media. Streams could get a higher priority, so low latency and glitch free audio and video can be possible. Makes me wonder if this couldn't be abused though.
Re:Good articles (Score:2)
Also, see see here [microsoft.com]
So.. (Score:5, Insightful)
Or instead start switching now (after all, it'll probably take atleast 10 years to get everything switched over) and not worry about IPs until we're extinct.
Re:So.. (Score:5, Insightful)
Re:So.. (Score:3, Insightful)
First off--Where at, then, in the IPv4 packet header, do you suggest putting the "differentiator"? Oh, shucks, I guess there isn't much space left in the header. (I'm interpreting you literally, here.)
Not to mention, the Internet is about connectivity, and what you describe is balkanizing it all. What if my friend in Zimbabwe was running a web server, and me, in Ukraine, wanted to view his web site? The only possible way to view the web site would be to know the addre
Re:So.. (Score:2)
One analogy I have come up with is bathrooms. Say you have 100 bathrooms, and right now 50 of them are busy (assigned). Now you (person #51) come along and want to use one. Is it very hard to find a spare washroom out of the 100, when 50 are free? Probably not too hard. Now think about when there are 90 bathrooms full and person #91 comes along to find a bathroom. It will be a lot hard
If it isn't broken... (Score:3, Interesting)
It will almost always be cheaper to hack IPv4 than to switch to IPv6, and this will be the rule for 99% of IP users.
My prediction is that IPv6 will never come into general use, we will stick with IPv4 for at least 40-50 more years. I have absolutely no idea what will replace IPv4, something will, but it will not be IPv6.
Re:If it isn't broken... (Score:4, Informative)
NAT firewalls a huge factor (Score:5, Interesting)
This message was posted on a mailing list in response to a post that claimed that IPv6 would be widespread by 2005 due to an IPv4 address shortage
NATs, unfortunately, made a need to switch over to IPv6 wholly unnecessary. Such a switchover will probably not happen for at least another ten years. Even ten years ago, we were "running out of" IPv4 space due to incredibly inefficient allocations using the "class based addressing" method - by which your network was deemed to either to likely possess 253 computers, 65,533 computers, or 16,777,213 computers. A specific network was identified by 24, 16, or 8 bits. (The more bits it takes to identify a network, the more networks can exist but at the expense of having fewer unique addresses per network.)
This was quickly determined to be an inordinate waste of addresses and as early as the early 90's folks were predicting we'd rapidly run out of addresses. So class allocations changed a little, and instead of giving an organization with 1000 computers a class B (with 65,533 useable addresses), they'd give them four class C's (with 1012 addresses). This helped stem the tide for a bit and arguably saved the Internet's ass, but it was clear that a more elegant system for identifying networks was needed.
After some backbone technology re-architecting, a new scheme called Classless Internet Domain Routing, or CIDR was introduced, which allowed bit-sized granularity, meaning that a network was identified by exactly as many bits as you needed. Your network could possess 13 computers, or 16,381 computers, and the system could deal with that efficiently. CIDR definitely also helped save the Internet's ass. But the addresses kept on coming; that dang Internet was getting popular very quickly! Pundits started talking about The Great IPv6 changeover, despite the fact that less than one person in 100 on the Internet had an IPv6-enabled operating system.
Then came NATs. While Network Address Translation had been used in many environments, it hadn't really taken off tremendously. Then Linksys released a rather affordable cute little blue box. This piece of hardware let home users plug in several computers to the blue box, configure it with a web interface, jack in their cable/DSL connection and suddenly be sharing Internet access easily with everyone in the house, using one IP address and so fooling the ISP into thinking that there was only one computer using the Internet (many ISPs either don't permit or don't have the infrastructure to give out multiple addresses to a customer). These NATs had a secondary benefit, which was that by default, all incoming connections from the outside are dropped on the floor. I'm not sure Linksys had such "firewalling" in mind when originally designing the device - it's purely a practical issue. I mean, if someone says to a NAT "here's this piece of information" - to who which of the four connected computers should the NAT send it? By default, the NAT will give up and just drop the sorry packet. This means that when you're behind a NAT, you're protected from a whole class of Internet attacks. This realization further drove adoption.
Companies with low IT budgets realized that they wouldn't have to buy extra IP addresses from their ISP (which often came at a premium) and that they could have simple firewalling without a complex configuration. Both companies and people could not see the inherent value in having each of their computers have an Internet-deliverable address, and there was real value (protection) to be had in NOT be addressable from the Internet.
This, again, saved the Internet's ass. Instead of an organization of 1000 needing a class B, wasting hundreds of thousands of IPs, or even four Class Cs, this organization now only needs a single IP address to cover all of its desktops. Now instead of thinking about IP addresses as computer addresses, they have started to become network addresses, which is to say,
Re:NAT firewalls a huge factor (Score:2)
IPv6 would remove the practice of ISPs selling
IP address at a premium. For that alone its worth it. Would make for more grassroots servers.
Re:NAT firewalls a huge factor (Score:3, Insightful)
But you can set up your own grassroots server now, even with NAT. At worst, if you want to set up more than one server providing the same service, you run some on non-standard ports and have your gateway/NAT box forward the connections based on port. True, then people have to remember to use the port as well - but you could set the "standard" one to list all available services.
Alternatively, if you host each on a seperate domain name, you could set up some sort of c
Re:NAT firewalls a huge factor (Score:2, Insightful)
IP address at a premium. For that alone its worth it. Would make for more grassroots servers."
Or they could just keep selling IPs at premium and make even MORE money.
You have to think like a corporation, not like a hopeful user.
Re:NAT firewalls a huge factor (Score:2, Insightful)
NAT doesn't stifle innovation (Score:2)
That's not to say it'll stay this way, or that I think NAT is a great thing, but as it stands NAT is optional for most people.
I for one would love to have public addresses
IPv6 isn't just for bigger addresses (Score:4, Insightful)
Imagine a world where you can trust the "from" IP address in a packet.
Different Problems? (Score:5, Interesting)
IPv6 was supposed to deal with this issue as much as it dealt with the number of ip addresses available, in that it would revert back to a semi class based routing set, with ISPs being assigned a range of addresses.
Thats how I understood it when I asked anyhow.
Re:Different Problems? (Score:3, Interesting)
"Uncertainties" (Score:3, Insightful)
Of course such projections are based on the underlying assumption that tomorrow will be much like today, and the visible changes that have occurred in the past will smoothly translate to continued change in the future. There are some obvious weaknesses in this assumption, and many events could disrupt this prediction.
The argument that we're going to run out of space is based on the assumption that in the (near) future MANY MANY household appliances and objects which don't currently have anything to do with the internet are going to become attached to it.
~Berj
Re:"Uncertainties" (Score:2)
I think we are much more likely to see the first widescale commercial IPv6 deployments in the fields of VoIP, mobile Internet devices and household devices, communicating via a gateway to the IPv4 Internet. Hopefully this will then provide the catalyst n
Re:"Uncertainties" (Score:2)
~Berj
Re:"Uncertainties" (Score:3, Insightful)
Mobile Internet and Internet appliances are largely a green field technology; what be
Re:"Uncertainties" (Score:2)
~Berj
IPv6 = loss of privacy (Score:2)
Whatever it's other advantages, IPv6 will greatly reduce privacy. One partion of the 128 bit source will be your MAC, there for all to see and log.
Dialup and DHCP give some piercable measure of anonymity. Somebody has to approach your ISP and get the logs manually.
Re:IPv6 = loss of privacy (Score:2)
In IPv6, the MAC is included in the IP address - as you said, on that higher layer.
Re:IPv6 = loss of privacy (Score:2)
have if you can't be bothered with the 70,000 links confirming that your interface address (MAC) is part of and IPV6 Address, here is just one...
http://www.ipv6forum.com/navbar/events/birmingham0 0/presentations/YanickPouffary/sld014.htm [ipv6forum.com]
Re:IPv6 = loss of privacy (Score:3, Informative)
Re:IPv6 = loss of privacy (Score:2)
After all, we wouldnt want the people at slashdot to know you run a cheapo Realtek card would we?
Re:Have to say it... (Score:2)
Myth? (Score:2)
NAT sucks (Score:2)
NAT sucks. I want to be able to reach any computer on my LAN from the outside by its own IP address. So I hope IPv6 is implemented sooner rather than later.
But of course that won't come out of the US. The US has 70% of the IP addresses, there won't be a shortage there any time soon. Asia doesn't really have another option though. This will soon be yet another area in which the US lags behind the world.
Re:NAT sucks (Score:2)
It does suck and it's pushing the technology in a strange direction.
If you want to get access to inside your LAN and you don't have some official VPN client, etc., you have to set up your internal machine to actively poke out on ports 80 or 443 to some relay point for "further instructions" on how to establish a VPN. That's assuming the relay point is writable.
As others have noted, the "protections" and IP multiplication benefits of NAT have had a side effect of choking information flow and flexibility.
Are there no other reasons to switch? (Score:2)
well, guess we'll have to wait (Score:2)
Necessity is the mother of invention, and we don't need it.
IPv6 here we come! (Score:2)
Re:IPv6 here we come! (Score:2)
ps. I am Canadian
Whats the chance? (Score:2)
Anyone care to comment on their perceived pros and cons to this idea?
Re:Whats the chance? (Score:2)
Re:Whats the chance? (Score:2)
Anyone care to comment on their perceived pros and cons to this idea?
Why would I need an IP tied to my webspace, anyway? Most people don't care enough to justify it, and it's more complicated than just running some shared servers with blogs, etc.
The question is wrong... (Score:2, Funny)
About then we should be discussing whether housebricks should have IP addresses to report being dug through, or whether being able to detect movement means it
biggest problem (Score:2)
Imagine a world where everyone did have a homepage on a unique machine w/ no redirecting depending on the ip or hostname or other network tricks.
Nat will never solve that. It'd solve really silly things like, tracking who connects to what and how. And we wouldn't have silly kludges of solutions, like HTTP 1.1's Host: thing.
Put up a new website? Just give it another ip! And do an ip mask in apache.
IPv6 will be adopted, just not in USA first (Score:5, Interesting)
Moreover, as people deploy new infrastructure, they may be forced to use IPv6. For example, at some point every cell phone is going to have a routable IP address--and that is definitely going to require IPv6.
So while North American desktop machines are unlikely to be switched to IPv6 any time soon, it will happen in other parts of the world and for other types of hardware.
Re:Mac OS 10.3 has IPv6 Support Built in... (Score:3, Informative)
There's a long list of important transition mechanism protocols that need to be deployed to smooth the transition to IPv6, e.g. 6to4, Teredo, NAPT, etc. And they just aren't there yet.
Another thing that has to be fixed before IPv6 will start showing
imho (Score:2, Funny)
04 (Score:3, Funny)
IPv6 more necessary than thought (Score:5, Insightful)
The single biggest damaging factor of ipv4 is the fact that you cant really run servers behind it. There are already ISPs in many countries that provide service from behind a NAT firewall. This kills many people's freedom of speech and the spirit of the Internet where everyone had their own servers and ran whatever they wanted.
The second damaging factor of the ipv4 is the control that IANA has. Both ICANN and IANA have been used politically and now we have many American ISPs churning out 4 IPs per person and 64 IPs per company, mostly going to waste while ISPs in some countrys like Pakistan's PakNET have 100,000 customers behind one IP none of whom can run their own servers.
ipv6 can fix all these problems in one fell swoop, simplify routing enormously and introduce IPSec and other security technologies.
Not a myth (Score:2)
Efficiency... (Score:2)
Usage vs. allocations (Score:3, Insightful)
The author is looking at the rate of IPv4 address allocation, and extrapolating future growth based on the current rate. This is a severely flawed methodology, because it does not take into account efficiency of utilization.
Ten years ago, as the author notes, most networks used around 1% of their allocated IP addresses. Now, networks are expected to use over 50% of their addresses before they can receive a larger allocation. As a result, while the number of *allocated* addresses has not been growing rapidly, the number of *used* addresses certainly has.
Unfortunately, utilization efficiency is bounded -- it's hard to use more than 100% of your allocated IP addresses. As a result, the rate at which IP addresses are allocated is likely to take a sharp turn upwards, as organizations which until now have been making efficiency improvements, find that they really do need a larger address allocation.
NAT (Score:4, Insightful)
To be clear IP shortave wasn't a myth. There was a time where even conservative projections were pointing towards a dearth of IPs. A solution needed to be implemented. IPv6 was one option, NATs and subnetting was another. The market seems to have chosen this last .
Re:NAT (Score:2, Insightful)
The fact remains that NAT is a kludge of a solution. We here in the US see NAT like you see in Linksys routers. There are many implementations of NAT that have hundreds -- sometimes thousands -- of users hiding behind various layers of NAT. It's an administrative nightmare to say the least and is not a permanent solution to
No need for global IPs (Score:2, Insightful)
I like the idea of a good NAT firewall with private addresses inside. This way you only use 1 IP on the outside.
Sssssssh.... (Score:2)
hostip.info (Score:3, Informative)
The url is hostip.info [hostip.info]. The idea is to provide a free geolocation service that you can download the DB from. All the other ones I've found are either pay-for, limited in what you can do, or only to country-resolution. At the moment, this is just to country-resolution as well, but who knows how far it'll go
Simon.
Why we haven't run out (Score:2)
172.16.0.0
172.16.1.0
172.16.2.0
I later explained to him tha
US Military (Score:2)
http://slashdot.org/article.pl?sid=03/10/22/175
Given their size, this will get IP6 into many parts of the USA.
Why the status quo will stay as is (Score:2, Insightful)
Comcast wants something like 20 bucks extra a month for each extra IP. Folks who don't understand firewalls and routers and NATs think they need one for their Xbox, PS2, laptop, etc.. Of course, they can only claim they need to charge because of the shortage within the IPv4 addressing space.
IPv6 makes this means of income obsolete. We all know that phone, cable, and media companies absolutely HATE when an improved technology comes along
Shortage of area codes teaches a lesson (Score:3, Informative)
IPv4 won't run out for a while because.. (Score:3, Insightful)
Unfortunately, this just means that the ugly hack known as NAT will continue to be used, breaking many applications and protocols, not to mention external reachability of many devices. If there was reachability to all devices, the net would be a lot more useful for controlling embedded devices, but then we'd quickly use up a lot of space more quickly.
Address space is only a part of the reason to move to IPv6. There are plenty of other features which should be reason enough to move over:
- Auto address configuration
- No more LAN renumbering/resizing games
- Built in tunnelling functions for portable devices
- Simpler address hierarchy
- Address renumbering is much simpler, and will soon be do-able automatically
- Standardised IPSec functionality in all devices
IPv4 will not run out with the current allocation guidelines - but it will continue to have incredibly restricted functionality due to NAT.
We've already run out (Score:3, Insightful)
That's just one example. Another is sending a file or playing a game or whatever between two computer each behind a different NAT. You have to do ugly port forwarding rules that might be more or less huge ranges. People have to learn how tcp/ip works on a level completely unnecessary unless you're a techie. And god forbid you want to run two public game servers behind the same nat (many games don't let you specify port to connect to).
NAT is a necessity, not a feature. Things would be so much easier if it wasn't needed.
Not in favor of IPv6 yet (Score:3, Insightful)
I can appreciate the improved security and anti-spoofing provisions but the cons outweigh the pros. Most of what people are expecting to see with IPv6 will likely not be available to them. It's unlikely that broadband ISPs will give their customers more address space in order to avoid using NAT.
NATs and VPNs serve very valuable uses within a safe and secure-computing model. If more address space means less people will be using VPNs, that's a bad thing. It will result in more vulnerability of more machines and more headaches for everyone.
We also have the spamming/DOS issue, which is completely out of hand. There are measures that could be taken with the existing system which would dramatically reduce these problems. Moving to IPv6 will only make things worse until we adopt more regulation of the existing network systems.
Nowhere is this more obvious than in the area of RBLs. A move to IPv6 would largely wipe out all smtp-based anti-spam blacklisting.
What about the NAT myth? (Score:5, Insightful)
You know the one. It says that "We don't nee IPV6 because we have NAT". It's the same kind of thinking that says that The Internet == The Web. Just because NAT solves a certain subclass of problems that are more naturally solved by extra addresses, doesn't mean that there is no need for IPV6 because there's NAT.
NAT works great for things like the web, which are initiated behind the NAT machine, and don't make any connections back through the NAT machine. But The Web != The Internet. Even FTP has problems with NAT, but at least those problems are well understood by now. When the original connection is made from the outside world, trying to contact something behind the NAT box, that's when problems start.
Some people see this difficulty in reaching the machines behind the NAT box as security. It isn't. If you have no other forms of security, it helps a little bit, but it's more like a side effect. Saying that this is security is like saying that a rusty lock is more secure than a new one because it is harder to get the key into it. A stopped analog clock isn't right twice a day, it just appears to be right twice a day, but that doesn't mean it is ever working.
If a NAT machine were replaced with a simple firewall machine with a closed-down firewall, you'd have the exact same kind of security. No packets get routed to the machines on the other side of the firewall unless the rules permit it. The only difference is that it avoids a lot of hacks. Rather than having to do "ssh -p 10322 mynatbox.mydomain.com" and having to remember that 10322 corresponds to your mail server, you can simply say "ssh mailserver.mydomain.com"
Doing away with NAT also makes true peer-to-peer networking possible. Currently it doesn't work, you need some kind of a server because you can't initiate connections from the outside world to the NATted boxes. P2P doesn't just mean swapping songs, but also networked gaming.
This is all just about routable addresses so far, but IPV6 is so much more than that. There are features of IPV6 like security that IPV4 simply doesn't offer.
So remember kids, The Web != The Internet, and NAT != IPV6, nor can NAT do everything you can do with routable addresses.
Rubbish article. We need IPv6 (Score:4, Insightful)
Even on its own terms, it predicts we run out of IPv4 addresses in about 20 years. That seems like the age of the universe to the 20-something kid who wrote the article. To those of us with a little more experience, it is not a long time at all to do something as major as converting the Internet to a different addressing scheme.
But the basic assumption of the article, that the present situation is OK and the only reason to migrate is to avoid it worsening, is wrong. In many countries, the IPv4 address shortage is very severe today, not in 20 years from now. IP addresses are expensive in the countries where most people live.
Finally, NAT is not a solution, it's a workaround. Many peer-to-peer applications simply do not work behind a NAT. Sure it lets machines surf the web, send email, and use clients like ftp, telnet, and ssh, but the Internet is much more than a handful of client/server apps. NAT is strangling it.
This is FUD. We are already out of IP addresses. (Score:3, Insightful)
RCN provides me with a connection, X bandwidth, and 1 IP.
My incremental cost of more IPs on the same connection and bandwidth is prohibitively high. (I would consider a penny or two per month per IP to be "reasonable" since each IP should have trivial overhead for the ISP)
Ergo, we are out of IPs already.
DJB Said It Best (Score:3, Insightful)
And it's never, ever going to work without it...
http://cr.yp.to/djbdns/ipv6mess.html [cr.yp.to]
(and he really does have the best host/domain/tld combo in existence)
Re:IPv6 will NEVER HAPPEN (Score:3, Insightful)
You can already get the IPv6 layer for Windows XP. There's even a basic version for it included in XP, although an improved version with more features are available free to download from Microsoft. I recall it wasn't included for the simple reason it wasn't ready.
I'd be really surprised if there wasn't decent IPv6 support in Windows Longhorn.
Now