Peak IP
Human ingenuity keeps finding more oil and gas but we are close to running out of IP addresses, at least in the old IPv4 system, which all of your are probably using right now. This does not mean the world will shut down - already, for example, all the computers in your home probably share a single IP address to the outside world, and for many of you that IP address is dynamically assigned by your Internet provider to further save addresses. Many web sites on the same server will share an IP address (which is actually a good reason not to used shared hosting, because if one of the other accounts on your server is a bad actor, your IP address can effectively get banned from sites and networks trying to ban that other person on your server).
However, a new system is in place, but as with many standards transitions the details are tricky. It will be interesting to see how this mostly free-market transition goes in comparison to government enforced transitions (e.g. television broadcast standards).
The following will probably just demonstrate my total ignorance of networking protocols, but I am not sure why IPv6 couldn't be written in a way that the extra bytes would just be ignored by IPv4 systems. It could be assumed that all IPv4 addresses of the form www.xxx.yyy.zzz map to www.xxx.yyy.zzz.000.000 in IPv6, but this may be wildly simplifying what is going on.
The reason I bring this us is because I have always thought the way black and white TV was transitioned to color was particularly clever. They could have broadcast color with three signals of Red, Green, and Blue levels, and then black and white TVs would have to be thrown out - they wouldn't show anything meaningful with that signal. Instead, though, they mapped color with a three part system of an absolute brightness signal for each pixel, plus two color signals. If you are familiar with Photoshop, when you choose a color, you can enter the color as three numbers R-G-B for the intensity of each color or as Hue-Saturation-Brightness. While not the same as the TV system, it is similar in that it has a pixel brightness component, plus to color components. (my memory is that in the TV system, it is brightness plus two colors and the third color -- blue, I think -- is arrived at by subtraction from the total brightness minus the two other colors.)
Here is the trick - the signal which was just the pixel brightness component is essentially identical to the old black and white TV signal -- after all, a black and white signal is just the relative brightness of each pixel. So they took a black and white signal and then added bandwidth so that there was more information if one had a color set. Both technologies, old and new, worked from the same signal.
I suppose the problem with this is that I am thinking of routers like telephones. Most folks know that if we dial more than 10 digits, the extras are just ignored. My guess is that routers are more finicky and precise than this, and they can't just ignore the fact the IP address they are getting are too long. But I still would imagine there could be a simple hardware hack to cheaply strip off the last part of a longer IP address so that older IPv4 infrastructure could still work in an IPv6 world. Or is this hopelessly misinformed and naive?
TJIC:
> Or is this hopelessly misinformed and naive?
Yes. ;-)
February 1, 2011, 10:40 amrob sama:
I thought you were going to make a comment about peak oil here...
February 1, 2011, 10:51 amTJIC:
A bit more explanation: the problem with just ignoring the bottom bits is that we're talking addresses.
Imagine that there's a postal system where there are 100 houses, each numbered 00-99.
We decide to add 900 new houses, numbered 100-999.
I suggest that we allow folks to continue mailing letters to each other, and we'll just ignore the hundreds digit in the address: anything addressed to x50 gets delivered to house 50.
This wouldn't work well!
Move it over to IP addresses: when someone in house 550 surfs to coyoteblog.com and sends a HTTP GET request for index.html, the server would send a bunch of packets containing the HTML page to house 050.
Not what we want.
February 1, 2011, 11:00 amTJIC:
See also:
http://en.wikipedia.org/wiki/IPv6_transition_mechanisms
February 1, 2011, 11:00 amDaran:
There are facilities to carry IP4 traffic across IP6 networks. But yeah, you are a bit naive here. Dropping part of the address is like trying to read Chinese while you only know the Latin alphabet; the parts that you don't understand contain valuable information. Would you be interested in hosting your company website on an IP address that cannot be handled by 99.9% of the existing PCs?
But current IP address usage is fairly inefficient and sufficient price pressure would release many addresses for reuse. To a certain extend this news is being overhyped by IT publishers who don't have anything interesting to write about, and by networking companies who would love to sell you brand new IP6 compatible equipment.
February 1, 2011, 11:08 amTomB:
IP is a protocol for routing packets of data across networks. Although this is a bit of a simplification, each packet has a the same, fixed length, measured in bits (a 1 or a 0). Each packet has a header, which contains routing information, and payload, which is the data being transported. The header has a number of fields, all of which are fixed length. So all routers assume that the destination IP address will be 32 bits long, and that the address will appear at a specific bit starting location. So while you see 128.192.1.1, the packet sees something like 010101010010110100111010 (I made that up).
It would not be possible to just tack additional information to the end of a destination IP address without overwriting other data that routers using IPv4 expect to be there.
In many cases, IPv4 and IPv6 systems can coexist. When packets transition from an IPv6 network to an IPv4 network, a router can translate the IPv6 header into an IPv4 header. Then it sends out an IPv4 packet. Why they have chosen not to let everyone keep the old IP addresses and just add 0's to fill in the difference, I do not know. But the systems are not totally incompatible.
It has been a few years since I studied this, so things may have changed a little or I may remember imperfectly. But I think this post is mostly correct.
February 1, 2011, 11:11 amJody:
Most folks know that if we dial more than 10 digits, the extras are just ignored.
International calling? For example, India's country code is 91 instead of the US's 1, which means at least one extra digit.
February 1, 2011, 11:22 amGary:
There is a mechanism for mapping IPv4 addresses to IPv6 addresses as you suggest but this doesn't solve the problem of running out of IPv4 addresses even though it does enable a gradual transition from an IPv4 environment to an IPv6 environment.
The problem is that this transition scheme only works as long as each system on the Internet still has an IPv4 allocation. Once the IPv4 addresses are depleted you'll start having systems that only have IPv6 addresses with no corresponding IPv4 address. Older systems that haven't transitioned to an IPv6 environment and only 'speak' IPv4 will not be able to directly communicate with these IPv6 only systems.
One of the biggest hurdles right now is that lots of commercial ISPs don't actually offer IPv6 connectivity to end users even though modern versions of Mac OS x, Windows, Linux, and so on all support IPv6.
February 1, 2011, 11:35 amDavid:
Sorry, it's the naive one. There was a transition technology proposed called 6in4 which basically did what you're describing, but it didn't work very well and generally is not used.
The place where you need to be concerned now is in public-facing websites, not so much home networking yet. There will be (in the near future) some users who have IPv6 addresses and no IPv4 addresses, and you'll still want them to see your site. Ask your hosting provider whether they can give you IPv6 as well as IPv4, and keep after them about it - they don't have an incentive to change if their customers don't ask.
The exhaustion of IPv4 space doesn't mean that anything necessarily breaks - it's just that it becomes impossible to add new {customers | websites | etc }, and in general the lack of growth possibilities will be problematic, so it's a better idea to get a bit ahead of the necessity than remain behind it.
February 1, 2011, 11:37 amDan Hewett:
It's not really an equipment cost issue. Most routers (event $49) already support IPV6. Windows supports it. Everything out there supports it and has for several years.
The problem is the switchover. New routing tables, new distibution of IP address. I suppose that last point is the difficult one. Currently, the IP address space is distributed to various people, backbone people sell subnets to smaller companies, etc. New IP addresses will be a commodity - there will be as numerous as grains of rice. It will be much harder to sell them. Routing may require larger tables, etc.
I get your desire to have a seemless transition, but I'm not sure how that can be done. You might be able to do this by running both system in parallel. DNS would hide which you are using, and silently move people to the new address space.
February 1, 2011, 11:52 amDoug G.:
The transition is not really difficult from a technical standpoint, but it requires a somewhat coordinated effort from everyone, including end users, and there just really isn't much incentive to make that effort. There is also a huge cost in terms of combined man hours of effort required to make the change.
I think the "we're out of ipv4" addresses is a bit of hype, personally. But if we really want to motivate everyone to switch to ipv6, it is going to take some widely used app, say gmail or facebook or youtube or netflix, to start making some of their functionality only available via ipv6. But their only reason to do so would be to portray themselves as a good net citizen. It's not something that will increase their profits.
February 1, 2011, 12:49 pmDon:
And there's the elephant in the room: DOCSIS3 does NOT support IPv6. This is the standard by which all current cable modems run, effecting about 40% (IIRCC) of North American users.
February 1, 2011, 1:02 pmDavid:
@Don: that's not quite correct- Comcast just announced their ipv6 over docsis trials yesterday.
February 1, 2011, 1:48 pmeddie:
"Or is this hopelessly misinformed and naive?"
Pretty much, yeah.
But it's good that you even knew enough to ask that question.
February 1, 2011, 3:34 pmLex Spoon:
I believe you're right, and in two different ways.
One is that it would be much easier to extend the IPv4 address space than to transition everyone to a new protocol. By far that's the part of IPv6 that is getting the most interest from potential adopters. In a word, IPv6 sure smells overengineered.
Another way you're right is that the proposal is already part of IPv6. An IPv6 address of the form ::ffff:XXXX:XXXX is the same as the IPv4 address XX.XX.XX.XX.
On the bigger question, I'm not sure it's an improvement to have a giant flat address space than to simply patch together a bunch of smaller networks using NAT. It's what we have in practice, and it has significant advantages to privacy and security. For example, when you route a packet out of your home, do you really want to expose which of your computers the packet came from? Such an architecture is a good match for an "inter-net". The more we embrace that architecture, the less a 32-bit IP address will seem like a problem.
At any rate, the immediate situation is that nobody sees a big advantage to IPv6, and IPv4 is working fine. Like other commenters have said, IPv4 addresses are still plentiful. To bring this back to economics, the price on IPv4 static IPs is still rather low. As well, as with a shortage in anything, addresses will never simply run out. They'll just get more expensive.
February 1, 2011, 4:43 pmjoshv:
The problem is that there is no real market for IP addresses. They are handed out essentially for free. If there were a real resale market, we'd never really run out, they'd just get expensive enough that only those who really need them would buy them.
February 1, 2011, 5:45 pmMike S:
By pure coincidence, this article just came out:
http://www.eweek.com/c/a/IT-Infrastructure/IPv4-Address-Exhaustion-Not-Instant-Cause-for-Concern-with-IPv6-in-Wings-287643/?kc=rss
IPv4 and IPv6 addresses are drastically different. If you're familiar with a MAC address -- it's the hardware address of your network card, the last half of an IPv6 address is that MAC address, with a bit of filler. The first half of the address designates what type of packet it is (multicast, unicast, etc), and which network it is addressed to. Different portions can designate which physical region or network the IP address resides in, which company owns it, and so forth so routers know where to send the packet.
February 1, 2011, 6:18 pmWith IPv4, the fixed-length IP address is split between the Network ID and Host ID based on the Subnet Mask, which is arbitrary and set by the network engineers. Routers need complex routing tables to keep track of where different networks are to route packets there.
Rather than just a different type of addresses, they are different versions of the IP protocol, a bit like gasoline vs diesel - fuels, but different and mostly incompatible.
Douglas2:
Like all analogies, the colour television one is imperfect. NTSC did create a compatible television system so that legacy tuners and sets would still operate with the new colour signal, but PAL was new from the ground up, and if you were an early adopter and already had a television using, say, the old UK 405 line system, you were out of luck once the old transmitters were turned off.
February 1, 2011, 6:42 pmEvil Red Scandi:
The biggest problem with IPv4 is that there was never a market for it - there were "standards of need" that were met for distribution to regional agencies, who in turn had "standards of need" for assigning them to ISPs and corporations. There is a ton of waste in the current system. For example, SDSU (not to single them out, many universities do this) assigns publicly routable IP addresses for their thousands of WiFi users. There's no good reason on earth for this - other than to allow them to say that their addresses are being used. If I recall correctly, HP has three "Class A" blocks (total of 50,331,648 addresses), and MIT has one "Class A" block (16,777,216 addresses), and there are some other bizarre allocations that I can't think of off the top of my head.
Once a market is in place, we can start figuring out what a IPv4 address block is worth. I'd guess somewhere around $100 per address. But once various organizations start cashing in their windfalls of IP address space, we'll find that there are plenty to go around.
Furthermore, ISPs can start "super-NATing" end users, which will stretch things quite a bit further.
The panic is completely overblown.
February 1, 2011, 10:12 pmJohn Moore:
I think NAT's are part of the transition solution. If it weren't for NAT's, we would have run out of IP addresses a long time ago. For example, my home network has about 10 devices on it, but to the outside world, they all have one IP address (that's part of what most people's gateway router does - convert the one IP address outside the home/business to a "bogo-net" address insite - typically 192.168.x.x or 10.x.x.x.
My company got into the internet very early, so we had a 100 person company with a class B address (65000 addresses). We still have it, and we're only a bit more than 500 folks now. Obviously we don't need the whole thing, but there's no graceful way to slice it down.
February 1, 2011, 10:22 pmFred Z:
Oh goody, more fixed length address protocols designed by engineers.
When I was a child I dialed a 4 digit number to call in my neighborhood, 7 digits for the city and 10 for the province. Wonder of wonders, the old electro-mechanical equipment handled it.
When I was a young man the engineers decided to become constipated.
I have been a systems analyst, computer programmer, hacker, nerd and student of the art for 40 years. There is no reason whatsoever for fixed length addresses except laziness and incompetence.
But I'm old, bitter and twisted, so I shall have an adult beverage and some popcorn.
February 1, 2011, 11:27 pmZorkmid:
Your recollection of the way color TV worked is close enough for blogging purposes, except for one point: they didn't add any bandwidth for color. The bandwidth for the color signal was robbed from the b&w (luminance) signal, causing high-quality b&w TV's manufactured before color broadcasting took off to show "chroma dot" interference when displaying color signals. Later b&w TV's, of course, filtered out the color data (at the cost of picture detail).
February 2, 2011, 1:02 amBarak A. Pearlmutter:
Actually it would have been easy to do exactly that sort of proper transition. Dan Bernstein described exactly how to do it, just like it was done for MX fields and email, in http://cr.yp.to/djbdns/ipv6mess.html, where he also explains how the IPv6 people are screwing up the transition.
He was 100% correct. The IPv6 people really messed up. That's why we've run out of IPv4 addresses and still have well below 1% IPv6 use in any country.
February 2, 2011, 3:04 amIgotBupkis, President, United Anarchist Society:
Oh, come on, Fred, I've been around as long as you have, or close -- I first learned of TCP/IP in a seminar from Bell/AT&T where they were promoting the adoption of "their flavor", the "NAPLP Suite" -- "North American Presentation Level Protocol Suite". And I learned my grandparent's phone number as OV3-xxxx.
As a programmer, I'd easily agree with the notion that fixed length addresses are generally always easier to handle -- if you don't need the extra bytes, then you can ignore them, but if they are useful, then all you have to do is add handling/parsing routines to tell you what to do with the data. No, they aren't as "efficient", but in an era of terabyte hard drives and gigabyte RAM, with octocore processors running in the multiGHz range, I think efficiency is vastly overrated.
Cripes, my router runs a full Linux implementation.
The days when you could walk through a pair of double doors at NASA, see an aisle with 15 washing machines on one side, and 15 washing machines on the other (all on raised flooring for additional heat dissipation/cooling) -- total cost about 3-4 million dollars, and go, "WOW, 3 **Gigabytes** of Hard drive space!!" are long gone.
And yes, that happened to me, ya punks. :^D
That said, the primary justification for IPv6 is the important need to put your refrigerator on-line, so it can decide when to order another gallon of milk for you...
What, you didn't get the memo?
February 2, 2011, 4:26 amBob Smith:
What I find bizarre about IPv6 is that it doesn't support NAT, which means that every device on your IPv6 home network must be exposed to potential attack rather than be hidden behind a NAT-capable firewall.
February 2, 2011, 5:50 amLex Spoon:
After further reading, I stand corrected about how IPv6 actually works. The link to Dan Bernstein's article is especially good. Essentially, IPv6 is a new protocol whose only relation to IPv4 is in spirit.
However, Warren is absolutely correct in how things *could* work. Everything in IPv6 could have been made an optional extension to IPv4. It's not even too late....
February 2, 2011, 8:46 amDimitri Mariutto:
Some points:
IPv4 and IPv6 will never directly interact with each other even though they can coexist on the same equipment. For example, the IPv4 protocol and AppleTalk can use the same switch equipment to communicate with computers on it but IPv4 configured computers will not be able to 'see' AppleTalk configured computers and vice versa [one can configure a computer with both AppleTalk and IPv4 to negate having to deal with a bridge device to communicate]. In this way, the systems are 100% NOT compatible [or as compitable as AppleTalk and IPv4 are], just think of IPv6 as a totally new protocol.
A gradual transition may not be the best thing for newly assigned IPv6 entities who have no IPv4 addresses. Since they can only produce an IPv6 website to the world, almost no one currently will be able to view it. Not too great for business. Entities who have IPv4 and IPv6 connectivity can create websites for both protocols, called 'dual-stacking'. That way, anyone on either protocol can see their website [like AppleTalk/IPv4 example].
IPv4 NATing does not provide real security protection, in fact the only way to assure complete security is to disconnect your computer from all networks [there is even a way around that!]. It is fine for security theater but spoofing NATs is an old attack vector. A properly configured security device will protect what is behind it be it NATed or IP routable addresses. And NATing, from a service provider perspective, creates a bit of havoc as multiple customers might have an internal network of, say, 172.16.0.0/24. This creates routing problems which have to be solved with....more NATing! IPv6 will allow each device to have unique IP's and simplify networking.
Finally, IPv4 will be us for a while I think. In theory, until the last device leaves the IPv4 space, no one can turn out the lights completely on their IPv4 infrastructure. Yuck.
February 2, 2011, 9:14 amBob Smith:
"IPv4 NATing does not provide real security protection"
No, but the firewall most NAT routers have does. The problem is that since IPv6 doesn't support NAT, your firewall goes away, exposing all your devices. My TiVos, for example, need Internet access but aren't really hardened against attack. Same for my Blu-ray player. Most consumer devices are like that.
February 2, 2011, 12:04 pmDimitri Mariutto:
Disable NAT and use transparent/bridge mode. I would guess not all SOHO type devices have this capability though. As Daran mentioned previously, it is an opportunity for a company to sell you something new. ;)
February 2, 2011, 12:30 pmBob Smith:
"Disable NAT and use transparent/bridge mode"
How does that solve my security problem?
February 2, 2011, 12:54 pmDimitri Mariutto:
In transparent/bridge mode, devices on the trusted/internal side of the firewall have Internet routable IP addresses, instead of NATed IP's. The firewall will still be able to filter traffic [in both directions] based on the policy ruleset.
February 2, 2011, 1:21 pmEarlW:
The original UPC codes have the same problem. In the beginning, manufacturer prefixes were given out for a token amount in perpetuity. Each prefix was good for 100,000 products. Now there is a market for fractional UPCs for companies that only need a few numbers.
February 2, 2011, 6:57 pmperlhaqr:
Ok, totally unrelated to any of this, just a sign of how goddamn weird the internet is sometimes. Barak Pearlmutter is one of my former CS profs. (And by "former", I mean, "1999".) I haven't seen nor spoken to him in that entire 11 - 12 years, I don't think. Today, I blow the dust off an old quotes file, quote Professor Pearlmutter, and in reading my blogroll, discover him here. Coincidence?!?!?! Well, yes, but still kinda funky.
*headshake*
February 3, 2011, 3:31 pmLoneSnark:
You are not naive, many of us have argued for years that it should have been done exactly how you suggest. But the networking people refuse to listen to us engineers. They want to start from scratch so they can get rid of DHCP and NAT. These two protocols do cause real trouble, but primarily because everyone uses them. Network managers want to control who is on their system, DHCP lets them do that. People want to create private networks, NAT lets them do that. Well, now people are finding ways to hack IPv6 to restore these highly demanded behaviors, so the IPv6 people didn't even get their way.
If we had simply done as you said, IPv4 addresses are IPv6 addresses with a bunch of leading zeros, then it would have been trivial to build network hardware capable of converting IPv6 packets into IPv4 packets and vise-versa. By now, the network backbone would be IPv6, with services such as Google careful to put their servers in the IPv4 address space and end-users would be capable of using just an IPv6 compatible address even if their house was filled with incompatible hardware, as their home would have a router running a NAT anyway, taking the IPv6 incoming packets and converting them to the IPv4 packets the local hardware supports.
February 4, 2011, 9:00 amepobirs:
Yes, the transition from B&W to Color was a neat hack but it resulted in the horrible NTSC standard. People who work in video have been paying the price for decades. And it isn't going away. Much of the weirdness of NTSC is being carried forward into the HD modes to simplify that transition. They figured we already live with this crap, we'll just keep living with it on the newer, better stuff.
February 7, 2011, 2:09 am