Slashdot is powered by your submissions, so send in your scoop

 



Forgot your password?
typodupeerror
Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. ×
The Internet

IP Address Shortage 222

webslacker wrote in to send us a news.com story that talks about the upcoming IP Address Shortage. Talks about IPv6 and other related topics. Nothing phenomonal, but its interesting... how many class C's do we have left anyway?
This discussion has been archived. No new comments can be posted.

IP Address Shortage

Comments Filter:
  • by Anonymous Coward
    Personally I think it's stupid to restrict net machines.. there's no reason everyone in the world shouldn't be able to get at least 1000 IP addresses for their own personal use. We're in this mentality now of dialing up, getting some dynamic IP and browsing the web. That doesn't give you much of a permanent address once you (hopefully) eventually get a permanent internet connection that is up 24/7. Everyone should have high speed dedicated access to their home at an affordable ($50/month) rate. We need to wire the world! Bring on IPV6!
  • by Anonymous Coward
    t'll get even worse when more people hook refrigerators and crap up to the Net

    It shouldn't... all "internet appliances" can connect through a single gateway using NAT or IP Masquerading, meaning you're still only using 1 IP address per household...
  • From what I understand classes are a thing of the past and have been replaced by CIDR (Classless Inter-Domain Routing) which uses a longest prefix matching system. This is how people like MediaOne have their IPs in the Old Class A land and such but don't have the whole thing.

    According to the CIDR FAQ [rain.net] It has been in use since 94/95.

    We've been running out of IPs for years, this is ancient news.

    -- Britt
  • by Anonymous Coward
    This old info is from a RFC:


    The Class A portion of the number space represents
    50% of the total IP host addresses; Class B is 25%
    of the total; Class C is approximately 12% of the
    total.

    Total Allocated (1993)
    Class A 126 38%
    Class B 16383 45%
    Class C 2097151 2%



    I don't know what the current numbers are, but 50% of the total
    address spaces is still unassigned. Most in the Class A.


    Address Block Registry - Purpose Date
    --------------- --------------------------------------- ------
    000/8 IANA - Reserved Sep 81
    001/8 IANA - Reserved Sep 81
    002/8 IANA - Reserved Sep 81
    005/8 IANA - Reserved Jul 95
    007/8 IANA - Reserved Apr 95
    023/8 IANA - Reserved Jul 95
    027/8 IANA - Reserved Apr 95
    037/8 IANA - Reserved Apr 95
    039/8 IANA - Reserved Apr 95
    041/8 IANA - Reserved May 95
    042/8 IANA - Reserved Jul 95
    058/8 IANA - Reserved Sep 81
    059/8 IANA - Reserved Sep 81
    060/8 IANA - Reserved Sep 81
    064-095/8 IANA - Reserved Sep 81
    096-126/8 IANA - Reserved Sep 81
    127/8 IANA - Reserved Sep 81
    197/8 IANA - Reserved May 93
    213/8 IANA - Reserved Sep 81
    217/8 IANA - Reserved Sep 81
    218-223/8 IANA - Reserved Sep 81
    240-255/8 IANA - Reserved Sep 81




    A Dylan language hacker.
  • by Anonymous Coward
    > In fact, that is EXACTLY the problem. There are
    > really only 3 levels of address allocation --
    > class C (2**8 addresses), class B (2**16
    > addresses) and class A (2**24 addresses)

    Classed addressing was replaced in 94/95 with CIDR (Classless Inter-Domain Routing) None of this is relevant/correct now.

    -- Britt
  • by Anonymous Coward
    er, there are no class A's B's or C's anymore. Read up on CIDR.
  • by Anonymous Coward
    Everyone here seems to think that there is no shortage. Are you all at school with a full university 24-bit mask or something?

    Take a look at any local computer paper and note what ISPs are charging for static IPs. They are charging for NUMBERS folks!

    Look, dynamic IP assignment for dial-up PPP is broken. Everyone with a $20 AOL account should be given an IP address, and use that address when they dial in. Why don't ISPs do this? Because there aren't enough addresses. To this day it pisses me off that internet phone applications have to go through a server to know whether you are online because my IP address changes every time I dial up.

    Wake up and smell the IPV6.

    Ken
  • by Anonymous Coward
    Firewalls and NAT translators don't set themselves up, you know. And NAT requires you to jump through hoops to access a server on the inside from anywhere on the outside.
  • by Anonymous Coward
    NATs are bad. They break end-to-end rules, the break IPsec, they cause administrative nightmares.

    A better world will be IPv6 everywhere, with IPsec everywhere.
  • by Anonymous Coward on Wednesday May 12, 1999 @11:00AM (#1895321)
    I have about 17 million addresses available for my own personal use. 10.0.0.0-10.255.255.255, 172.16.0.0-172.31.255.255, 192.168.0.0-192.168.255.255. With things such as NAT/IP masquerading/firewalling, which everybody should be using for security's sake, there is not an IP address shortage.
  • Anonymous Coward wrote:

    IPv6 implies a level of object addressability that is, frankly, scary to anyone who has an iota of sense. You'll pry my non-routable addresses from my cold, dead hands.


    According to the IPv6 Addressing Architecture ( RFC2373 [isi.edu]) section 2.5.8, there are plenty of non-routable IPv6 addresses. They're called "link-local" and "site-local" addresses, and each group has more addresses in it than the entire IPv4 address space.
  • by Gleef ( 86 ) on Wednesday May 12, 1999 @10:00AM (#1895323) Homepage
    I remember this scare came up two or three years ago. Bob Metcalfe (of Ethernet and 3Com fame) was the one really pushing the issue then. Disaster didn't happen then, and the situation isn't critical now. There are still lots of class C's available for the near future, and if they disappear quicker than expected, there are some almost empty class A's and B's that could be subdivided. Nobody really needs a class A anyway.

    This won't last us indefinately, if we get 250 real IP addresses per household we would run out. On the other hand, the only sane way to give every gadget, appliance, outlet and lightswitch in a house its own IP address is to use the 10.0.0.0/8 network, so it's not an issue for the rest of the world. IPv6 is still the best long term solution (just like it was 2-3 years ago). What's the hold up? It works, all decent OS's support it natively, when are the backbone providers going to start swithching, and encouraging their clients to switch?
  • That may be true, but since the addresses are allocated in blocks (classes), the address space is sparse. If somebody has a class C block (256 addresses), and they only have 10 machines, the rest of the IP addresses in that block are wasted. The problem gets worse when you look at class A and B blocks. Most companies can get by using the private IP address blocks (ie, 10.x.x.x) and only assigning other IP addresses to machines that really need to have an external presence on the internet. Then just have the firewall do IP masquerading. This is IMHO a worse waste of IP addresses, as these addresses are truly unused on the internet.
  • This morning actually.

    It seems that the IP address situation is prompting many of the large Fortune-500 type companies to renumber their networks with 10.0.0.0 or other reserved network numbers, and employ proxies and/or NAT. That's all fine and good for them, but makes my life hell. The company I work for does, among other things, software maintentance. For our large customers, this usually means mainaining a frame relay or other semi-permanent connection into their networks. One of our customers just converted their network over to 10.0.0.0 numbers a few weeks ago, and this morning another customer notified me that they would be doing the same in a few weeks. I now get to try to manage access to two different networks with the same IP addresses.

  • I don't have any control over it. Both customers are Fortune 50 companies with huge nation-wide internal networks. The both indepently decided to renumber their networks with 10.0.0.0 addresses. The first company is using over 50% of the 10.0.0.0 network.
  • They're still teaching us in school that class A addresses go up to 129.*, class Bs go up to 198 or whatnot, and class Cs begin above that. (This is going by the first three significant bits of the bitwise notation of the IP address.)

    Things change too fast.

    - A.P.
    --


    "One World, One Web, One Program" - Microsoft Promotional Ad

  • I've been seeing alot of talk about "everyone's fridge and toaster needing an IP address".. Wouldn't it make more sense to use internal, non-routable IPs for that sort of thing?

    Aside from the thrill of being able to ping your toaster from work/school, I don't see of what use an Internet IP would be for things as worthless as household appliances. Most uses of these devices require human interaction (toaster, fridge, etc.), so remote control of them shouldn't be a big priority.

    Besides, I don't fancy the idea of my vacuum cleaner sucking in its own ethernet cable and bursting into flames.

  • It's more secure. You don't need a firewall for each machine.
  • Posted by !ErrorBookmarkNotDefined:

    64? IPv6 gets you 128 bits.

    -----------------------------
    Computers are useless. They can only give answers.
  • by gavinhall ( 33 ) on Wednesday May 12, 1999 @12:58PM (#1895331)
    Posted by TikTac:

    The main problem is that with such a distribution of IP addresses, the routers are having to keep more routes in memory. We're not really near running out of numbers, but if we have to assign two (or more) numerically unrelated blocks of IP addresses to a location, we aren't using the addresses efficiently, and the routers are going to bog down more and more with many routes going to the same place.

    To summarize: We have a sufficient quantity of IP addresses for the near future. The problem we are encountering is that routers operate more efficiently if the IP addresses are under-utilized.
    That is why we need IPv6 and it's insane number of IP addresses. If we can assign IP's without regard to efficiency of quantity, we can more easily aggregate routes efficiently, reducing maybe 12 routes into one route to a honkin huge set of IP's (which still would be less than a fraction of a percent of the available set of IP's)
  • by spacey ( 741 )
    I think ARIN doesn't hand out class C's anymore, only /19's or larger blocks after you prove you can route them and that you have the userbase to populate that /19. Otherwise you have to get a network from your upstream provider.

    -Peter
  • That's what ip masquerading and NAT's are for - however there are still problems with this approach, especially in larger organizations that have to coordinate this for themselves. Using RFC 1918 space you can do well in a centrally managed organization, but it can become confusing if you don't centralize the management of this resource internally.

    It also sucks if you use rfc1918 space for your wan interfaces - it confuses traceroutes a *lot* if they return identical numbering for interfaces on routers for 2 (or more) different ISP's!

    -Peter
  • The article gives a partial list of the class A allocation holders. The full list is available here: http://staff.elmail.co.uk/~liam/t ech/class-a.html [elmail.co.uk]. For some reason, the two lists don't quite match up -- for instance, where's IBM?

    (This link was blatantly stolen from Scripting News, but I figured it should be seen)
  • Here's an old (last summer) article that explains the whole class A fiasco: http://www.zdnet.com/intweek/daily/ 980622a.html [zdnet.com]

    Basically, we aren't really going to run out of addresses anytime soon, as long as someone forces companies like Halliburton to use the right address space for their 30k hosts.

    (link cross-polinated from Scripting News - www.scripting.com)
  • It would be soooo nice in sense of security, to have a unique phone number allocated to your house. A thing most maniacs and serial killers who are able enough to use the reverse phone lookup on www.anywho.com would love for sure.
  • What do you do when your real estate in Aspen Colorado is worth $5 million? Create more real estate like yours to lower the price? No way. I guarantee we're going to be living with IPv4 for a long long time. Academics and charities don't run the internet, suits and ISP's do, and they're going to charge you to the grave for static IP's for as long as possible.
  • Reasons like this are precisely why there isn't an immediate "IP crisis." Unless we move towards IPv6, however, global IP addresses will become scarce in the future. There still won't be much of a crisis (providers will work around it by using private addresses and NAT surely, like you say), but using "real" IP's is so much more of a "real" solution.

    For that, IPv6 is the way to go.
  • For your first idea, you assume every household will have a computer to do this "figuring out devices." That won't always be the case. In theory, you should be able to use an IP-enabled remote and an IP-enable television together (and from the Internet via an IP-enabled telephone or other network access point, for example) without having to rely on a *computer* to do the "figuring out". Once we start moving away from the PC and more towards the Internet-enabled appliances, where does this computer fit in?

    With respect to your second idea, using "TCP/IP" with a single "household" IP and using port numbers to differentiate between devices: What if someone had a really big house? (Granted, 64k of ports is probably plenty, but you never know...) What if we're talking about a company, where 64k ports might not be enough? What if some of those ports were needed for outbound connections? Do we then start assigning a second or third IP for these types of devices?

    What if a single device had several services? Use a separate port for each service? Would there be standard ports for things like TV, VCR, Pool, Telephone, etc? What if you had multiple TV's? Things could get very confusing here, but there are probably ways to classify and place these mappings in some sort of standard directory.

    Also (and this might clarify some confusion for you, or you may have meant this and are just using wrong terminology), we're not necessarily saying devices need to be able to communicate via *TCP*.. just IP. We can build any other protocols or use existing protocols as needed for the devices themselves...
  • by Fastolfe ( 1470 )
    Both IPv4 and IPv6 will use 16-bit port numbers.
  • I don't understand the "18.*" to "0.18.*".. and yes, of course the percentage of global address space assigned to a particular entity will go down when the total number of global addresses goes up. IPv6 sucks because of that?

    Did I miss something?
  • Why do you think this is better? It simply adds a layer of complexity and the requirement for a machine or device performing the address translations.
  • I'm aware of what * is, but how is 0.18 network an IPv6 equivalent to the IPv4 18 network?

    The 18 class A represented in IPv6 would look like 0:0:0:0:0:0:18.x.y.z (or ::18.x.y.z) or 0:0:0:0:0:ffff:18.x.y.z (or ::ffff:18.x.y.z), but chances are, your school's "new" IPv6 assignment will probably be a "real" IPv6 assignment and won't start with 0.18 or look like the IPv4-embedded addresses above.

    Or were you just picking random numbers here? I'm getting the feeling that I'm taking what you said a bit more seriously than you meant it. Heh. If so, I apologize. I guess I'm just confused.

    But yah, I sympathize with you losing your 1/255 status. :)
  • It's only more secure if you're talking about each device being equivalent in flexibility and power as a PC. And while you don't necessarily need a firewall for each machine, you *will* need something doing the NAT translations between your private home network and the outside world.

    When people say refrigerators and televisions will have an IP address, they don't mean that these devices will be *capable* of being broken into. You can work up a very simple network device that simply reports temperature information or allows the user to change the TV channel without allowing a criminal to insert some sort of virus into the system or program your microwave oven to explode.

    Simple devices will have simple network services provided by simple programming.

    And in response to the idea that people can just use port forwarding or some similar technology to get around the restrictions imposed by NAT, remember that these devices are *appliances* and won't necessarily be running in the home of a computer person. Not everyone is a network administrator.
  • Good points, but you're going to have to have Magnavox software (or perhaps some generic "scheduling" software if we can abstract these devices enough) one way or the other. Either it's running on a PC or it's running as a CGI or Servlet applet on your "WWW-enabled automation server."

    However, using NAT like this precludes the possibility of me being able to easily do things like:

    * IP-based telephone calls to a specific phone in someone else's house
    * *Forwarding* IP-based telephone calls to the nearest telephone in whatever building I'm currently in
    * Reception/sending of video images from one specific camera to a specific display unit in another location
    * Easy collection of thermostat temperatures for apartment buildings with central A/C / heat.
    * Sending text-based messages to specific devices in another building

    etc.

    Granted, there can be ways of setting up proxies or the like in conjunction with your NAT setup, but we'd effectively need to build another entire layer of software to make devices work transparently.
  • To the best of my knowledge, there shouldn't be much in the way of "critical" nodes that need to be upgraded. IPv6 routers will (for now) be capable of doing both IPv4 and IPv6 (since the version number is stored in the IP packet, it's pretty trivial to decide how to handle it). Over an IPv6 Internet, your old IPv4 addresses (munged up a bit to make them IPv6-compatible) will still work over IPv6 networks. I also don't know why you can't have IPv4 hosts and IPv6 hosts talking to each other on the same ethernet segment, so long as there's a router capable of speaking both protocols.

    Maybe I'm just being naïve. *shrug* It just seems to me that once we have IPv6-capable routers, we can migrate everything else at our own individual pace. Once that's all done, we just drop our IPv4 addresses in favor of our IPv6 addresses...
  • by Fastolfe ( 1470 ) on Wednesday May 12, 1999 @10:25AM (#1895347)
    I don't think the emphasis is on putting these devices on the global Internet; it's on allowing these devices to communicate between one another via IP.

    And if it already speaks IP, why not let them communicate over the Internet as needed while we're at it?

    10.x.x.x addresses seem like a good idea (my network at home uses this), but what if you wanted to check your answering machine messages from a neighbor's house? What if you wanted to record the game that comes on in 20 minutes? I'm probably only pointing out some of the lesser reasons why these devices might need a "real" IP, but IMO they're enough. :)
  • by Fastolfe ( 1470 ) on Wednesday May 12, 1999 @10:47AM (#1895348)
    Where is IPv6 hard to implement?

    The transition from IPv4 -> IPv6 should be totally transparent. Things like TCP and UDP should work under IP with no problems at all, since they don't themselves deal with things like IP addresses or quality-of-service.

    IPv6 was designed from the drawing board to be an easy upgrade. IPv4-compatible address space was built-in, and the protocol itself is meant to allow hosts to inter-communicate between IPv4 and IPv6 hosts on mixed networks.

    A "funky" (even if simple) multi-level proxy system as you say is simply a rather nasty band-aid. While something like this may work, it introduces a tremendous amount of complexity. You'd still need to have things like web servers, e-mail gateways, etc., on globally visible IP's, and there are useful reasons to have individual PC's visible as well. Behind NAT, you lose a lot of usefulness out of Internet hosts. If such usefulness isn't a factor (such as on networks where the machines are already firewalled into next-to-nothingness), this is probably fine, and using private addresses with NAT is acceptable (and even desirable).
  • IPv6 is a nice thing to overcome this limitation, but it's a different protocol, and hard to implement at places; IPv4 and the rest of the infrastructure layered on it is almost fatally entrenched. I'm still not sure whether switching to IPv6 is easier than to come up with a funky (but simple!) multi-level proxy system. I better hurry to come up with it :)

    On the other hand, the hording of IP ranges is really enormous, I think no company of any size (well, except those who provide access for end-users) should use anything more than a handful externally visible IP addresses, 256 (a class C) at most. Not just the grandfathered class A owners mentioned in the article are grossly unused, there are many class C and even class B ranges which are unreachable except for a router. Big corporate networks don't want you to reach them, you know...

    But unless everything is at least as accessable as today, no proxy systems should be forced to the customers, IMHO.

  • Where is IPv6 hard to implement?

    Making "my" DIY Linux box speak IPv6 is easy; converting some real applications to let it use it fully is workable too, but there are so many places out there that I'm simply scared :) Lot of cable modems, lot of printers, lot of routers, leaf hosts with Win 3.1, MacOS, Amiga, and the uncountable rest with hard to upgrade software/firmware. Agreed, it's only the core what's really need to be upgraded, for example, LAN printers, and most end hosts will do fine with IPv4. I also know the measures taken to have IPv4-IPv6 networks to talk together; but it sometimes sounds hopelessly tedious to me.

    Although, the biggest mental obstacle was that getting IPv6 networks was quite of limited to experimental educational usage, I'm glad it's just a few days and it's more available.

    The proxy system: sounds much funkier than I imagine, but I just didn't have the time to even mentally design it correctly; I still think it could be easy, but let's drop it :)

  • 1) Do as people are doing, and splitting & scattering the various addresses all over the planet. This increases the amount you need to hold in a router, and the average search time for a path. But, if you enjoy router-induced lag, that's no big deal. :)

    2) Use IPv6 and solve every problem on the net today.

  • Proxy server.

    You have an IPv4/IPv6 dual-stack machine accepting connections for a non-existant IPv4 address. The packet is re-written in IPv6 notation and forwarded to the -real- IPv6 machine.

  • Let's change the idea of fridges and tea cosies, to something useful. Say, books. You have N books, in your house, probably scattered around. Some library books in there, too, no doubt. And some of your SO's. And some a friend dropped off for you to read, one night. And one the dog brought in, thinking it was a new, square kind of bone.

    That's a lot of books and owners to connect together, and keep track of.

    Then, there's the contents of your SO's pocket book. You expect your SO to know what's in there? Or what isn't in there? Or where those things which should be in there but aren't are?

    The ability to tag each object, ROUTABLY, and be able to traceroute those objects to establish roughly where they are and who's they are, would be a VERY valuable tool.

    Also beats the Ultra Violet marker pens for marking your brand-new, expensive electronics against thieves.

    ("Help! Help! My $300,000 video recorder, with a borrowed tape from a friend was stolen!"
    "What're their FQDN's?" "vidrec.myhouse.org" and "ripoff.localvids.com"
    "Ok, we're following them with Mobile IP. They're on the main road, going north. UGH! That one's eating a garlic sandwich! I can't believe someone would bite into that address range.")

    Being able to track things through routable addressing is a VERY powerful tool.

    1. Yes. Actually, the net will assign you the address. The prefix is the prefix for the router at that level, the remainder is the MAC address of your ethernet card. Because of this, you are guaranteed an AUTOMATIC, UNIQUE IP number, wherever you are connected. It'll also find your router, and any other service that can be located by an anycast.

    2. Yes, it will work with everybody. See above.

    3. They will work with each other, and are routable onto other subnets.

    4. An old IP-addressed machine with a dual-stack can talk directly to a next-gen machine, using IPv6. If it only has an old IPv4-only stack, you need a proxy to relabel the packets. Those exist and aren't a problem.

    5. One extra point - IPv6 supports Mobile IP and re-addressing. If your computer moves from one router to another WHILST ACTIVE, the new address will be calculated and packets forwarded to it, automatically, during the transition.
  • YOU CAN HAVE AN OFFICIALLY REGISTERED IPv6 ADDRESS, TODAY!!!

    It's called the 6Bone, and ALL you need to is contact the nearest 6Bone provider and ask for a name.

    Addresses on IPv6 are NEVER allocated by humans, they are GENERATED. THAT is why nobody can hand them out. ALL you can have is one or two bytes allocated by the person one hop up in the heirarchy.

    EVERYTHING BEFORE is pre-generated and no authority can change that. EVERYTHING AFTER is generated by your computer, according to the specs on how the number is generated.

  • You're quite right. The main reason, though, for using a proxy, rather than a dual-stack, is that IPv4 has no prioritisation (IPv6 does) and few stacks are mobile (IPv6 is). To be able to reliably sustain communication and maximise the use of the network, you need to keep the IPv4 traffic in it's own island.
  • Actually, the address space isn't the problem. It's the assumption made, by many flavous of unix, on the size of the total structure. IPv6 overflows the typical value.
  • by jd ( 1658 )
    The central archive on all things 6ish (well, other than Portmeirion) is:


    www.6bone.net [6bone.net]

  • No! NAT is USELESS when you split beyond a certain point.

    If two logically adjacent addresses do NOT belong to logically adjacent physical ports, you MUST store a router entry for each.

    I don't CARE whether people think routing is "broken" or not. If you cannot generalise where to send data, at ANY level, then you must store EACH AND EVERY addresss and where it is. This leads to HUGE, UNWEILDY search tables, a VERY HIGH probability of corruption, and UNNECESSARY LAG.

    eg: Let's take two possibilities.

    1. You're using IPv4 and NAT. No ordering on the addresses. You have to search an average of ((2^8)^4 - reserved addresses)/2 to figure out which line to send data to.
      This happens, in real life - there are plenty of companies that loan out dedicated terminals to their databases, with a company IP address, rather than an address of a machine local to where it's being sited. That address needs to be added to EVERY router between the two sites.
    2. You're using IPv6. Your router table has 16 entries in it, most of the time, and have UP TO 32 entries, allowing for router mobility. That's it.

    Tell me which is more efficient and less laggy.

  • Don't need it. IPv6 supports the notation ::(IPv4), which gives you "virtual" IPv4 addresses. Smart mapping, from there, is a doddle, and was designed that way, for that reason.

    The reverse mapping (IPv6 addresses out of IPv4 ones) is slightly trickier, but certainly possible. Multihome a gateway, then have it route out the packets over the IPv6 segment of the network, with the address according to the IPv6 mapping of the name the gateway was called by. The translation becomes invisible and transparent to all parties.

  • by jd ( 1658 ) <(imipak) (at) (yahoo.com)> on Wednesday May 12, 1999 @01:15PM (#1895361) Homepage Journal
    This is how to get the world to port to IPv6, in three days or less, all stacks tuned and humming.

    1. Pay AOL to convert their stack to IPv6-only, and convert their software to only support IPv6.
    2. Set up all AOL services and servers to use IPv6 only.
    3. Set up a gateway at AOL, to gate IPv6 packets onto and off the IPv4-based backbone.

    Result? For a competitor to get a product to work with AOL, it would HAVE to be IPv6 aware.

    AOL's users would be utterly oblivious to the change - AOL's software would work the same and look the same, and they'd have access to exactly the same off-site systems, in the same way.

    BUT, because it would be an IPv6 stack and an IPv6 service, any 3rd-party product would have to have IPv6 support. And, given the number of direct users of AOL, it would have to have IPv6 support by yesterday, or risk being squelched.

  • by shani ( 1674 )
    ARIN's policy is now to assign /20 or larger blocks.
  • Network Solutions no longer allocates IP space. This function has been handled in Europe by RIPE-NCC for something like 8 years, and in America by ARIN for the last 18 months. Both companies are not-for-profit, as is APNIC, the Asian-Pacific flavor.

    NSI never charged for IP allocation. Actually, the IP allocation was funded by the domain registration fees, which prevented them from paying much attention to it.
  • by shani ( 1674 )
    There is no requirement to be dual-homed (actually dual-homed networks are a sticky widget that hose up routing tables, and haven't been addressed at all in IPv6) to receive address space. There are different guidelines for ISP's and other organizations (or individuals). The intent it to allocate space to organizations that will actually use it.
  • As I understand it, Jon Postel came to Kim Hubbard (president of ARIN) last summer, and told her that ARIN needs to be ready to allocate IPv6 addresses ASAP.

    When I started working at ARIN on 1998-11-23, there were no software requirements, no specs, nothing. Nada. Since then, one other engineer and myself have put together the software to process templates and update our database, provide IPv6 WHOIS functionality, and tools for the IP analysts to interact with the database directly.

    As far as I know, no hard dates were ever given out. The biggest hold-up has always been, and continues to be, the IPv6 initial allocation policy. If you notice the complaints about the Class A's having been given out in the early days of IPv4, you may understand that getting allocation policy right actually is important!

    Nevertheless, the message from the community has come through loud and clear at the RIPE meeting last week, for instance: "We don't care! Give me address space NOW!!!" So that's what's happening. Ready or not, here it comes.

    Oh, a final FYI. There does need to be agreement on routing somewhere. Whether that's through a commercial entity, a government, or an entity like ARIN doesn't matter I suppose. But consider the implications of those three options, and maybe you'll see that we don't do such a bad job after all.

    Shane Kerr
    Software Engineer
    ARIN
  • What th'!?!? Maybe Al Gore went to IANA with a Secret Service agent and assured the IANA that either two /8's or their brains would be entered in the WHOIS database.

    Seriously though, if you look at the curves of IP usage and routing table growth from 1993 or 1994, you'll see that the exponential growth was curbed, even though the Internet has grown significantly since then. That's not an accident.

    From my personal point of view, I do get aggrevated that I can't get a static IP from my provider, though. IPv6, take me away!
  • Addresses in Europe are allocated by RIPE-NCC, not ARIN. If anything, RIPE's policies are less restrictive than ARIN's. Addresses in the Pacific Rim are allocated by APNIC. APNIC's policies are actually fairly close to ARIN's.

    All of these regional registries are open membership organizations, with public forums for comments and input. If you don't like it - join up! It's certainly not America using all the IP space by itself!

    I suspect the problem in most cases is with the policies of the communication infrastructure (government and private) of the countries involved. Check it out before looking for the easy conspiracy theory.
  • For those who suggest that using private addresses with NAT will handle the IPv4 number shortage, I would remind them that numerous IP features depend on end-to-end addresses. These include congestion control, and more importantly, IPSEC. Please see the following draft-RFC:

    Internet Transparency [ietf.org]

    It's a pretty good read. Anyway, ARIN should be offering IPv6 addresses the 17th (next Monday) unless politics and policy get in the way. The registration folks are testing my code today. :)

    Make sure your ISP is ready! And don't settle for a /128!

    Shane Kerr
    Software Engineer
    ARIN

  • by shani ( 1674 ) <shane@time-travellers.org> on Wednesday May 12, 1999 @10:56AM (#1895369) Homepage
    This is a plea, from me personally, and also from me as an employee of ARIN.

    Please stop using classful naming. Class A, B, and C really don't have much meaning these days. Use CIDR - it's more specific and just all-around better.

    $0.10 Tutorial:

    Class A is a /8 (e.g. 10.0.0.0/8)
    Class B is a /16 (e.g. 192.168.0.0/16)
    Class C is a /24 (e.g. 192.149.252.0/24)
    Single IP is a /32 (e.g. 206.170.14.74/32)

    There you go. I'm sure you can figure out how other networks are specified. For instance, the network slashdot is on is a /23:

    206.170.14.0/23

    Isn't that better than saying "two class C's"?
  • Why would I want my TV, toaster, or fridge on the Internet?

    Perhaps the next thing that needs to be done is to install a firewall in each house. That way each house can have 10.x.x.x for their IP numbers. 16 million should be enough IP's for any house :)

  • There's no straight answer, because different schemes to divide up the namespace cause waste. (Just like giving someone a class A in the old days caused waste.) But there's a lot more to go around -- the addresses are four times longer (not bigger, longer). I calculated once -- using a conservative estimate of the namespace -- that you could divide the earth into 1-meter squares and assign each square an IP address, and then travelling back in time reassign each square every second 'till you reached the formation of the earth several billion years ago, and still not run out. So it's a lot. We're not making the same mistake twice.

    --

  • Actually, IP doesn't have port numbers. Port numbers are at the TCP and UDP level.
  • You'd have to explain to me why you can't telnet into your masquerade box. If you can't telnet in, your machine is down; if your machine is down, you probably wouldn't have been able to ping the fridge anyway.

    But one of the nice things about IPv6 is it has scopes. No longer are there just "the Internet" and private networks, but there is a hierarchy of networks. I should reread the specs so I can remember what I'm talking about, but I thought it was a pretty good idea.
  • by mikpos ( 2397 )
    How many people have cable modem or *DSL lines now? All you're doing is getting a unique IP address for your house. I haven't heard any great uproar about this so far, though.
  • Well if it's just going to a non-existant IPv4 address, then it's effectively like having an IPv4 address. In which case what you're talking about is useless, since you could just have an interface having both an IPv4 and IPv6 address.

    Once all it becomes impractical to route to new IPv4 addresses (or we run out of them), then you'll have IPv6 machines with no legitimate IPv4 addresses, and people stuck on IPv4 clients or backbones will have some problems.
  • Perhaps this is why they're taking so long testing it. Theoretically, routers, servers, clients, hosts, whatever, that are running on 100% Satanic IPv4 should never have to switch over to IPv6. There have been provisions put into IPv6 to allow IPv6 routers to route to IPv4 routers, and for IPv6 clients to connect to IPv4 servers.

    Unfortunately, the reverse isn't quite true. i.e. if you're a server without an IPv4 address (you only have an IPv6 address), then IPv4 hosts will not be able to contact you AFAIK.

    People should probably not count on never upgrading, though. I don't want to think about all the tech support calls coming in from people complaining about only being able to access a small chunk of Internet hosts, just because some unnamed operating system hasn't put IPv6 support in yet.
  • I work at a reasonably sized ISP in .dk, and I'm in charge of allocating IP's for our customers
    Every now and then people whine about, how they could get more than the 4 or 8 IP's I'm willing to assign for them, and they explain, how they, if they went to a larger ISP could get an entire C-class, even though they'll only be using IP's for a router and a firewall.
    People don't know, and don't want to know the possibilities of NAT.
    How sad!
  • We might not use classes, but it's haelluva lot easier to say a C or B class than a /24 or a /16
  • I still use the classfulnaming, specifically because there's no good way to say /24 in Danish For those interested the's a complete guide to subnets at http://www.ripe.net/lir/services/subnet s.html [ripe.net]
  • Okay, so we're running low on class C addresses. The moment it comes to a crunch, people will assign private addresses and NAT them.

    But something that's always amazed me is that the address space from 240 to 247 is UNASSIGNED! They're reserved for future use... now people want to go to IPv6 instead of ever using those addresses. Why? Do they have cooties?
  • Admittedly I'm not an expert, but you can use FreeS/WAN to tunnel through a firewall and connect two NATted subnets. The tunnel exists between the two public addresses of the firewall, but I don't see any reason you couldn't repeat the process host-to-host inside the NATted region.

    http://www.xs4all.nl/~freeswan/freeswan_trees/fr eeswan-1.00/doc/index.html
  • The problem with port forwarders as I've experienced them is that they will only forward to one machine. Meaning that if you have one machine behind an ip-masq gateway it will work fine, but if you have two or more computers, all the inbound packets will go to the IP address specified by the gateway.

    It would be great to be able to have dynamic port forwarding (dunno how you'd distinguish which IP to forward to -- base it on the sequence number?) so that you could have two inbound streams to the same gateway, and have those streams demuxed to the appropriate IPs.
  • Actually, exactly that situation has been spelled out in Britain, where privacy advocates asked the Yellow Pages not to give out their database on the web because people could look up an address from a phone number.

    The really scary part is not the psychos. It's the direct mailing people. If they can doing reverse lookups, any time you phone someone up they can find your phone number from call return, get your address, and start compiling information on what you buy. Yes, and junk mail you. And link it to your credit rating. And .


  • ...are those companies who have hundreds of IP addresses with Web servers that just redirect to a central Web server, so the companies can spam search engines with porn site links.

    By "restricting new Net machines," I hope you mean providing incentives for conservation measures like IP masquerading, private subnets, etc., or disincentives for wasteful usage (see above).

    If you think getting a dedicated IP address for a cable modem is excessive... I just signed up for a new DSL line, and I was given the option of having up to eight IP addresses for it. (I took just one.)

  • No, masquerading is a quick fix, not a true solution. Sure, it'll be fine for some things, but you'll regret it when you remember that you've forgotten to set the video, and have no way of telnetting to it through the masquerade box.

    The difficulty is in getting anyone to make the first move towards IPv6

  • Can't you read? Those addresses are reserved! That means you can't use them no matter what, unless it's for the purpose they're reserved for. What purpose is that, you say? Well if we knew, we'd've told you. But since people might need those addresses in the future, we can't let people who need them now use them. That would be reckless and wasteful.
  • My proposal for area codes...

    Although I like the idea of breaking down the allocation blocks to a more useful size, here's what I was thinking. Add area codes based on the use of the number. Sometimes this is fairly clear, like for celphones and pagers. Other times it's quite tricky, like for modems and faxes (offer a slight discount for registered data numbers). Then just overlay them; landline voice would probably remain on the old AC, secondary services would get relegated out. (In the beginning you'd probably dump all non-landline voice together, and split it up later if necessary). Will the telcos do this? No, they're stupid.
  • I don't mean provider by provider. I mean service.

    That is ALL cellphones, no matter who the provider is, get a particular area code. They can squabble over exchanges all they want, but they're all (123) xxx-xxxx or whatever. Datalines would be much the same (if you told them that it was a dataline, for they're unlikely to know otherwise). All data goes through area (256) for some given area, and exchanges or whatever get given out to everyone, including the primary telco. The 'default' code for the region (like 617 in Boston) is mixed-use, but with pressure to be voice landline only)

    Dump non voice landline services all together, regardless of provider, into alternate codes.
  • Connections are limited by distinct quads of
    remaddr,remport,locaddr,locport, so this will be 2^96 simultaneous connections...
  • by db ( 3944 )
    Gee, I didnt see this coming 15 miles away. Okay, everyone get ready to NAT!


    --
    :wq
  • Well, these days, 'class A' means /8, 'class B' means /16, and 'class C' means /24. It's a lot more convenient, IMO, to still refer to those common denominations as such.
    ---
    "'Is not a quine' is not a quine" is a quine.
  • Keep in mind that anytime you create a subnet, you lose 2 IPs for the broadcast and network addresses. For example, in a /28 (16 IP addresses) this would work out to a broadcast address of $XX XX XX XF and a network address of $XX XX XX X0.

    Your point is _very_ well taken for the larger subnets though. For example, the IP address of this machine is 155.1.x.x, but it's completely firewalled. As far as I know, our company's network would be just as happy if this box had a 10.x.x.x address. There's a lot of other companies in a similar boat. Unfortunatly, now that there's a perceived value to IP addresses, no one wants to give them up.

    I too would be interested to know just how many IP addresses are currently un-assigned.
  • I always found it silly that the loopback set of IP addresses take up an entire class A block (127.0.0.0 to 127.255.255.255).

    The problem is plain simply that people did not see the internet growing the way it has when they released IP in the early 80s. Waste 16 million IP addresses for loopback? Sure, why not.

    - Sam

  • they don't need to be the same ... your customers don't have 16 million hosts, do they?

    I mean one customer can take 10.0.1-2.x, the other 10.0.3-4.x and so on ...
  • .. was to do the geographical split. I've been in Maryland, where they are overlaid. The geographical split is significantly better, because you and all your neighbors have the same area code. People you're more likely to call are still 7 digit dialling, while those across the river require 10. I've gotten myself in the habit of dialling 10 digits for all my calls just because the MNPUC is going to do it again. Twice. Now, if only they can strip 612 from Minneapolis...

    However, imagine you've got a business over in say Malaysia. You need only a few 20 extension groups for interfacing to your central PBX somewhere in America. Guess what, you not only get your 60 extensions, but you've got the entire block of 10000 numbers allocated to you. Why? Because that's the way the phone company does things. And we think the handing out of the original A's was ridiculous.
  • When I tried to get IP addresses here in Norway, the answer was: No, sorry, there is none for you, because there is a shortage.

    I can't possibly understand how all you people can manage to get C-class subnets, without having a _very_ good reason for it. Much less how you can possibly be disappointed with it!

    Somebody up on the list wished there was an IPv6 initiative, and waited for somebody to "take the first step". I would just like to say: Wake up! The 6bone (a world-wide IPv6 network, using mainly IPv6-over-IPv4) has been running steady for quite a while now, and many equipment manufactorers (of them Cisco) do have close to production standard implementations. IPv6 will have enough addresses for everybody (a 128-bit address space... You usually get 64 or more bits, and usually use your Ethernet MAC address as the last 64 bits, to get autoconfiguration), and some extra neaties as well. I encourage everybody to join the 6bone (read the IPv6-HOWTO first, probably available at the LDP). It's free, and Linux has the support you need.

    /* Steinar */
  • I would hazard the guess that there are lots of places where a whole block of IP address are assigned when there really only need to be a couple IP addresses assigned.

    For example, FooBar Corp. grabs a class B so each of their computers can have an IP address. However, they only have a small handful of external servers and gateways. What they really should have done is gotten individual IP addresses from their ISP and used IP masquerading for all the internal computers. That way, computers that are behind their firewall aren't using "real" IP addresses.

  • These indecent prices for a stupid DNS name by internic.net and others (national domains are often even more expensive), could have been (somehow) justified if they were charging for an actual IP allocation. In this case they could have collected some real money and fund IPv6 initiative, which IMO could have made it more realistic in our the timeframe allocated to our lifes. Actually they are making money on IP allocations (selling them to ISPs), but they want to charge for domains too.

    AtW,
    http://www.investigatio.com [investigatio.com]
  • by xyzzy ( 10685 ) on Wednesday May 12, 1999 @10:17AM (#1895407) Homepage
    In fact, that is EXACTLY the problem. There are really only 3 levels of address allocation -- class C (2**8 addresses), class B (2**16 addresses) and class A (2**24 addresses) (or so).

    Way back when, most companies would just grab a class B, thinking "gee, I'll probably have more than 256 machines, the class B will give me room to grow". Of course, they only have maybe 1024 machines, so most of their address space ends up empty.

    This has GOT to be the case with Ford, Eli Lilly, Merck, Mercedes Benz, and Prudential. I say we revoke their class As!
  • Remember the thread is about home networking. To me, it seems that setting up the numerous services (NAT, DHCP, DNS, etc) to support a simple home network is way overkill. When you look at the Netwinder (which automates all of this), you're getting a full blown computer with full blown unix, which is a pretty complex system for your toaster.

    I hesitate to suggest this, but NetBEUI seems to be a better fit for home networking. Fast (for 1Mbps lines), auto-configuring (no unix box in the corner) and non-routable (more secure). A simple box could connect with the Internet and transmit messages from TOASTER0123 to tracking.wonderbread.com or wherever. This box of course would need some intelligence to know how to handle messages, but I'm sure it could be worked out.
    --
  • Maybe I'm stuck in the past or something...but I really don't want my toaster setting anything off. Do we REALLY need to have everything in our households done for us so we become mindless idiots who surf the Go network and watch network television all day. Giving an IP address to everything is just stupid in my opinion. No one's life should revolve around their PC to where it needs to tell them when their toast is ready. I'm on my computer many hours of the day, but I tell if my toast is ready the old fashioned way, I smell for smoke.
  • by Skinka ( 15767 ) on Wednesday May 12, 1999 @01:10PM (#1895421)
    only 10% of all available ip addresses are used

    The problem isn't the amount of IP addresses, what it really comes down to is efficient routing. Lets say for example that IP 2.2.2.2 belongs to some dude in Norway. So route all packets that have 2.2.2.2 as destination to Norway. How about IP 2.2.2.3 then? Let's give it a university in Malaysia. Now routers have to know exatly where the holder of each IP lives. They have to scan every packet and compare its IP to a BIG database of locations. Needles to say, this would be very slow.

    So how do 128bit-addresses help? Well, we can make a deal that the first 8 bits mark the country. Now the router needs to scan only the first 8 bits and compare it to small database to determine where to send the packet. When the packet reaches the right country, next 8 bits are checked. These 8 bits could mean the state/province/whatever. Then scan 16 bits to determine the correct city. This way you can narrow down the search step by step until the packet has been delivered. Simple and fast.
  • There can't be much of a shortage here. I just signed up with demon internet and got a static IP without even asking for one!

    James
  • by gawk ( 23512 ) on Wednesday May 12, 1999 @02:32PM (#1895435) Homepage
    Ummmm ... aren't you forgetting port-forwarding?
    let's see; I can telnet to my masqueraded machine
    like this:
    redir --lport=97 --caddr=192.168.1.2 --cport=23 &
    telnet mydomain 97 #forwards connections to port 97
    #to the masq'd box's port 23
    I can do the same with a web server or any other
    kind of service. Set up right, you can open up
    all sorts of holes to inbound services. I'm logged
    into a masq'ed machine at home from work right now.
  • Everyone seems to be thinking small.... Any scheme that does not provide an individual IP address to a particular computer is going against the basic design of the Internet. A device/ entity /computer/home/remote/fridge with an IP address can do anything you want it to (in regards to Internet activities). The other schemes all have limitations, whether it be outside accesibility or whatever. THINK BIG and don't settle for any solutions that do not provide IP's for anything and everything you want them for. Otherwise, you are starting to mess up the Internet's basic structure. Sure you can point to individual activity and say "That can be done without individual IP allocations, heres how.....", but anything can be done if you have an individual IP allocation.

    anyway, my 2c, I'll go have another cup of coffee now.
  • It's both more specific and less specific. Your own example 192.168.0.0/16 is a /16 but not a class B. There is still no lack of firmware out there that can't either can't think in classless terms or that default to classful thinking. Fortunately the latest releases are almost all OK and have been for some time.

    The remaining class C space could run out around the end of the year and it will be a problem. I would, if I were dictator of ARIN, cut the 'they're not fees' line and charge triple for netblocks from the remaining class C space versus class A space. Modern equipment will be fine and older equipment moving into new addresses can still get real class C networks.

    That and figure this: in a few years we will have routers many times as powerful as those we have today but the same final limit on IPV4 addresses. If we could approach 100% efficient usage of the IPV4 address space we could buy a valuble year in IPV6 deployment. Fantasy-benevolent-dictator-rhdwdg would shift policies in that direction. But this is the wrong thread for that thought.
  • by garver ( 30881 ) on Wednesday May 12, 1999 @04:50PM (#1895450)

    First, it is impossible for every IP address out there to be used. Routing is the evil here. Every little network has to have some contiguous IP block. For a small office it could be a /28 up to a /24. There will always be some IP addresses extra for future growth and because things come in powers of two. If you are very good, 50% coverage is possible. A group of offices becomes a corporation which needs a contiguous (if possible) block under which all of the offices live. Of course we need to have room for future addition of offices. Here, using 50% of our sub-blocks again would be good. Now we are to a total of 25% of the IP's used.

    This process goes all the way up to the backbone providers.

    We could get greater than a 50% coverage, but at the cost of a management nightmare and larger routing tables. You want to keep an office in the same IP block so that it is one router entry. The same with a corporation. Otherwise, by the time you get a few hops from the end-user toward the backbone you will have router tables too large to handle.

    That being said. There are some /8's out there that I think could be broken up. Some of the major players in the Internet's early days got /8's (Class A's) because no one ever dreamed that whole world would be trying to get IP addresses.

    Second, I think NAT is only a temporary and mostly an unsatisfactory solution. NAT uses one IP address for a bunch of IP devices. A proxy server has the one IP address and all traffic goes through it. I say it is unsatisfactory, because you cannot run servers multiple servers listening on the same port behind a proxy. You can get away with one mail or one web server by telling the proxy anything for port 25 goes to the mail server or for port 80 goes to the web server, but a second web server would have to run on another port. In short, only clients can go behind a NAT proxy. Eventually we will run out of IP addresses for servers also.

    Third, yes your toaster will need to have an IP address. Any device in your house will want to communicate to other devices in your house. Your toaster could set off the fire alarm (which has its own IP) when toasting gets out of hand or blink an icon on your desktop when your toast is done. If a device communicates, it needs an address. If IP is the protocol used, it needs an IP address.

    Finally, I'm not sure IPv6 is a good solution. It just gives us a new ceiling in the total number of IP addresses. Granted the ceiling is really damned high, but try telling an ARPAnet boy in the 70's that 32-bits is not enough. I would rather see a variable length address. Give my house a prefix (1.2.3.4.5) and let me assign after that. Everyone else just needs to know that something beginning with my house prefix comes to me. ISP would have their own prefix and their customers would be underneath that. This is a rough, but it might work.

    Also, IPv6 is missing other features that I would like to see if we are going to upgrade the 'net. Realtime transmission is top on that list.

  • I personally have 16 ip addresses, and I'm planning to upgrade to a full class C in the near future, but I do a lot of serving, so its somewhat justified.

    One of my IP addresses is allocated for my household appliances (yes, I'm not making this up). Currently it only has control of my doorbell, a lamp, the roter on my webcam, and my RC car. However, just this one computer has no problem controlling multiple devices.

    Even if each appliance had a separate computer with its own IP address, there's no reason that those IP addresses would NEED to be internet IP addresses. They could just as easily use masquarading or some other internal network scheme and full control of those appliances could still be controlled from anywhere in the world with only a single dedicated IP address.

    As for upgrading to IPv6, parts of the upgrade will be easy, parts will be difficult. The easy part will involve any type of generic operating system. Linux, any unix system, win95, win 3.1, all those types can be upgraded relatively painlessly. There will still be a lot of confusion, but it could probably be gradually upgraded so the new IPv6 network could temporarily mirror the IPv4 network so for a year or so, it would work both ways as if all computers still used IPv4.

    The hard part will be the embedded systems that have IPv4 hard coded and would require a flash upgrade or worse, couldn't be upgraded without a hardware swap. However, for many of those systems, they could still be utilized to some extent, at least until people have a chance to upgrade. Things like X stations, port servers, and the like don't need physical internet addresses and could function equally well as an internal masquaraded network on IPv6 with a router or bouncer taking care of things in the middle.
    Its not as clean as we would like, but if we really have 25 years to work on it, it should be possible to have a smooth transition, without the Y2K variety of panic that comes with an imminent forced deadline.

    -Restil
    restil@alignment.net
  • I know that Linux / Unix has IPv6 support in the BSD4.x socket stuff but I'm wondering if the boys from Redmond have it together with the whole winsock mess.

    I think "the boys from Redmond" :) are working on it... you can download an alpha IPv6 stack for Windows NT 4.0 from their research site [microsoft.com].

    Cheers
    Alastair
  • I think that the likely scenario for the wried house will be that you have a central access point for all such services - acting like a firewall and also providing a common entry point for controlling all of these services. After all, if I want to program my Magnavox VCR when I'm at the neighbors house why should I have to go out and download the magnavox specific software and install in on their PC first. Instead, I'm going to connect to my house's WWW enabled automation server (which only needs a single routable address) and do everything thru there. This is what's going to be actually controlling everything anyway... Why waste the money to build an interface and such into every single light switch - they're all just going to run SSMP (simple switc managemt protocol) and let the centreal controller handle the schduling and nasy stuff like interfacing with us humans.
  • Routing is only a problem because the stupid way modern routers work. A routers job is to take packets from one interface and dump them on another with a bit of smarts of best routes/failures etc. But what happens in the real big routers? They lookup the route table for every packet in huge table. If a big router has 16 interfaces, treating everything in the world as a /24 (aka class C) then there needs to be a table of exactly 8 megabytes. One could build a mega-switch that uses a second box to do the fancy routing bits. This crud about needing the router to instantly dynamicly reroute is a sham, let another computer generate the best routes and update the mega-switch and lose a few packets when things go down -after all TCP will recover anyway.

We can found no scientific discipline, nor a healthy profession on the technical mistakes of the Department of Defense and IBM. -- Edsger Dijkstra

Working...