May be a good thing. In that it might now start to force ipv6 adoption.
North America down to its last ~130,000 IPv4 addresses
The American Registry for Internet Numbers (ARIN) can no longer satisfy requests for new IPv4 addresses and has started a waitlist for those who want more. ARIN warned, in early June, that “It is very likely that we are already processing a request that we will be unable to fulfill [sic].” On Monday this week it escalated the …
-
-
-
Friday 3rd July 2015 08:30 GMT Charles 9
Re: 10 years?
But this is NO joke. We've gone from stories of IPv4 running out to stories of IPv4 HAVING RUN out, as in there actually ARE empty shelves now, with only scattered items left here and there. And not just in one major part of the world. Asia's been dry for years, but who cares about them? But now it's both Asia AND North America: TWO key world markets. The IPv4 world is basically overcrowded with only two options left: jury-rig it or move to a bigger world. Thing is, moving to IPv6 has so many growing pains few want to go while jury-rigging will only work for so long. There's already complaints about handling carrier-grade NAT; what happens when someone behind a carrier-grade NAT wants to connect to someone else behind another carrier-grade NAT?
-
Friday 3rd July 2015 18:37 GMT Anonymous Coward
Re: 10 years?
Why would anyone use carrier grade NAT, whrn it's so easy to buy large blocks of addresses on the private market?
No operator in yheir right mind would consider adding extra complexity and cost to thrir solutions without looking into buying more addresses first.
5 years sgo isp's were told by RIPE that addresses were out. Only the crappest decided that meant they coukfn't get any more...
-
-
-
Friday 3rd July 2015 08:42 GMT AndrueC
I've been ready and prepared for a while. In fact I used to be with an ISP that offered dual stack. I got everything set up - even my email server although it could only send on IPv6 due to licensing restrictions(*). Then I moved from my niche ISP (IDNet) to a bigger ISP (PlusNet). They had an IPv6 trial. It closed to new applicants shortly before I joined and over 18 months later still shows no signs of going live.
(*)I'm a tight wad and couldn't see the point of paying an extra £10 just so I could receive from Google Mail using IPv6.
-
-
Friday 3rd July 2015 08:25 GMT Anonymous Coward
I tried to give back my reserved IPv4 address to Demon several years ago - but the service I use has a mandatory reserved IPv4 address. Nowadays they only offer "business" service contracts - which always have reserved IP addresses.
They appear to have recently offloaded web hosting - and the mail "push" feature went years ago.
NAT seems to be capable of handling most people's traffic.
-
Friday 3rd July 2015 08:31 GMT Anonymous Coward
IPv6 would have been adopted 10 years ago if the whole thing hadn't become a holy war based around a couple of sticking points e.g. NAT. I don't see why they couldn't have allowed NAT for those that really wanted it and were willing to put up with the downsides. I can't help feeling IPv6 has got bogged down like a software rewrite with the problem of "it must be perfect this time". It's not going to be perfect but never "releasing" is much worse than having a few issues.
-
-
Friday 3rd July 2015 08:51 GMT AndrueC
As for the benefits of NAT, what benefits are there that a firewall can't do?
Although NAT does at least mean your computer can't be directly addressed at all whereas a firewall means that when it gets attacked it will block it. A rather silly analogy is this:
Well armoured and on a battlefield. (Firewall)
or
Invisible and several kilometres away from the battlefield (NAT)
Now granted a firewall gives added protection over and above just NAT. For instance it could trap anything - even virus infected attachments or spam email if it's well implemented. But would I rely solely on a firewall? Hmmm.
With IPv4 we can have firewall+NAT = two layers of protection.
With IPv6 we have one layer of protection.
-
Friday 3rd July 2015 08:51 GMT Anonymous Coward
"As for the benefits of NAT, what benefits are there that a firewall can't do?"
Privacy.
As originally intended IPv6 would apparently identify each PC uniquely by forming an address from its MAC address. There have been noises about ways to randomise this address so that tracking of a specific user is not possible. Not sure whether that has become the intended standard yet.
-
Friday 3rd July 2015 09:10 GMT Bronek Kozicki
@AC Privacy
Honestly, you could have researched a bit before posting here. There is Privacy Extensions for Stateless Address Autoconfiguration in IPv6 proposed standard (from 2001) which next evolved to draft standard (from 2007). These are widely implemented and available both on Windows and Linux (didn't BSD because I'm not your researcher)
-
-
Friday 3rd July 2015 13:15 GMT Preston Munchensonton
yes the randomness is in place but it's optional, who's to say its not possible to decrypt the obfuscated address?
We need IPv7 with IPv6's issues resolved before we see mass adoption of IPv6.
Having recently had my ISP formally enable IPv6 on their network, I was genuinely impressed that all my Windows 7 and Ubuntu systems supported RFC 4941 out of the box. The randomness may be optional from the RFC perspective, but it looks like OS vendors have enabled it by default.
There won't be an IPv7. At this stage, the only thing really preventing widespread adoption is enterprise upgrades, as I know firsthand how many organizations are not prepared for the handling of IPv6 via routers, firewalls, load balancers and VPNs. I would add DNS to that mix, but I think that's more of an issue training the admins than an infrastructure upgrade for most.
-
Friday 3rd July 2015 13:46 GMT chris 17
@ Preston Munchensonton
its your router dishing out IP addresses not your OS.
no there won't be an ipv7, it'll likely be called ipv10 but we need something beyond ipv6.
enterprise upgrades are not stopping ipv6, they are the ones for whom moving to IPv6 would be easiest as they control more readily ingress/egress and can easily put in ipv4 to ipv6 gateways at their borders. Many enterprises are running dual stack internally right now.
NAT is great for enterprises as they get to hide all their hosts behind a handful of public IP's, IPV6 can expose all their hosts addresses to the net.
There are many many issues with IPv6 that enterprises don't like but they are not holding up adoption.
-
-
-
-
-
-
This post has been deleted by its author
-
-
-
Friday 3rd July 2015 08:54 GMT Bronek Kozicki
There is nothing wrong with IPv6 and it has been "released" many years ago. Yes it had some improvements over the years, but that's steady evolution which happens to any Internet protocol, not just IPv6.
The problem is with applications/appliances which do not properly support IPv6 (thus forcing users to IPv4), because their respective vendors do not have a clue. For example, finding good SIP phone with IPv6 support is tricky etc.
Hopefully when American ISPs are forced to join 21st century and give IPv6 to users, that will in turn prompt software/hardware vendors to give this protocol more consideration. But I won't hold breath, probably a whole generation of software/hardware/network engineers has to die out first. Still, there is a good chance this will happen before end of 21st century ...
-
-
Friday 3rd July 2015 18:43 GMT Anonymous Coward
The only fundamental issue with IPv6 is that humans are scared of it. They are used to easy to say and remember 4 octet addresses. And they dont like change.
ipv6 configures the same way in routers as ipv4, easier in places thanks to link-locals, and has far better rsnges predefined. I haven't seen anything wrong with ipv6 yet. Only with application layers and humans that haven't adapted to it.
-
-
Friday 3rd July 2015 08:39 GMT Crisp
We need to invent a new version of IP
We could crank the version number up by a couple of notches to make it sound really new, and we could fix it so that instead of using 32 bit addresses, we could use 64 bit addresses. No wait...! How about 128 bit addresses? That ought to keep us going for the next thousand years or so...
-
Friday 3rd July 2015 08:45 GMT Anonymous Coward
Multiplexing
"That's almost as long as the stories about IPv4 addresses running out."
The press reports often seem to concentrate on the raw IPv4 addresses - rather than how they are being used to support a much larger population of users.
The designated "local" address blocks and Network Address Translation (NAT) are used at several stages in the path between a device and the internet. That allows users and ISPs to multiplex many users' devices onto their available IPv4 addresses.
At the web host farm several customer's web sites can share an internet facing IPv4 address. Each site's requests are differentiated by information other than the external dedicated IPv4 address on which it arrives.
-
Friday 3rd July 2015 08:50 GMT Charles 9
Re: Multiplexing
"At the web host farm several customer's web sites can share an internet facing IPv4 address. Each site's requests are differentiated by information other than the external dedicated IPv4 address on which it arrives."
Which then kinda falls apart when they get a request that contains ONLY an IPv4 address. Some protocols are like that.
-
Friday 3rd July 2015 18:30 GMT Orv
Re: Multiplexing
"At the web host farm several customer's web sites can share an internet facing IPv4 address. Each site's requests are differentiated by information other than the external dedicated IPv4 address on which it arrives."
Sadly this stops working if you want to use HTTPS. Which is increasingly required for new web technologies.
-
Sunday 5th July 2015 13:16 GMT Anonymous Coward
Re: Multiplexing
>Sadly this stops working if you want to use HTTPS. Which is increasingly required for new web technologies.
Works just fine (server side) if you're using F5 Big-IP to front the websites and certificates based on domains... However, there are some issues client side as when they do a lookup for a certificate based on IP address...
-
-
-
-
Friday 3rd July 2015 09:45 GMT Bronek Kozicki
Re: The market in operation
That's too optimistic.
There is (almost) no market for IPv4 addresses and these cannot be freely traded (yes, there is some trade in IPv4 addresses but it is very limited). Also, once a vendor owns a range of IPv4 addresses, there is no ongoing cost of using it and there is no serious proposal to change it (although I would support such a change - after all, I pay to my ISP monthly).
What needs to (and will) happen is increased deployment cost of IPv4, due to increasing network complexity forced by handling of various (static or dynamic) NATs at network stages where previously they were not used. But it will be very slow process.
-
Friday 3rd July 2015 12:57 GMT chris 17
Re: The market in operation
where do you get your facts from?
http://www.bbc.co.uk/news/technology-32826353
ISP Networks are layered by design with loads of expensive kit already balancing, proxying, billing, inspecting and securing traffic flows, if they needed to NAT its likely they have the kit and expertise already. I doubt so called carrier grade NAT will ever be deployed as its not needed especially with companies handing back addresses they don't need.
-
Friday 3rd July 2015 14:13 GMT chivo243
Re: The market in operation
"companies handing back addresses they don't need."
Exactly. I heard a while back that some of the bigger corps and uni's have ipv4 blocks reserved that are never used. Stanford was on the list, MIT, Apple and of course M$... I may have even read here on El Reg.
-
Friday 3rd July 2015 14:17 GMT Anonymous Coward
Re: The market in operation
Ever been to Asia? You have a large population combined with a comparatively small IPv4 allocation. Carrier-grade NAT is already deployed there, creating instances of double-NATting (a NAT on top of a NAT). Let's just say double-NATting can make using various protocols pretty ugly.
-
-
-
-
Friday 3rd July 2015 09:05 GMT Ross 12
I can't help but wonder if one of the big reasons people have been avoiding adopting IPv6 is because it's such a big jump from IPv4 and 'looks scary'. IPv6 addresses for example look alien to people who are familiar with (but don't really *understand*) IPv4 addresses (think PHBs). Perhaps if there'd been an IPv4-XTRA as a stepping stone with addresses like FFF.FFF.FFF.FFF it would have been less of a culture shock and easier to swallow.
Maybe that would never have been workable, and maybe looking too different isn't really a factor at all.
-
Friday 3rd July 2015 09:22 GMT Charles 9
I don't see how letters would make too much of a difference, as we're using to seeing letters on our license plates and some places use letters in their postal codes. They even try to be accommodating by creating shortcuts when the quartet is 0000 (the :: shortcut). I personally see a max of eight quartets easier than trying to memorize up to 16 different numbers.
-
Biting the hand that feeds IT
