Techieवार्ता (TechieVarta) Blogs

A couple of news to report on IPv4 Exhaustion.

As of September 2008, Geoff Huston of APNIC predicts with detailed simulations an exhaustion of the unallocated IANA pool in February 2011.^[1] Tony Hain of networking equipment manufacturer Cisco Systems predicts the exhaustion date to be around November 2010.^[2] These predictions are derived from current trends, and do not take into account any last chance rush to acquire the last available addresses. After the IANA pool exhaustion, during 11 months each individual regional Internet registry (RIR) will be able to supply with their last assigned addresses. These dates lie within a depreciation time of five to ten years of network equipment that is currently being acquired.

September 2008: THE RIRs have agreed to a global policy that when the IANA pool would reach a threshold of 5 remaining /8 address blocks these last /8s will be immediately allocated to each RIR. These last /8s are then anticipated to be distributed according to a different allocation policy. This simulation assumes that these /8s will be allocated under a different policy framework than that used at present.

The following are major authorities involved in IPv6 standardization effort:

• IETF is the standardization body for all IP related protocols.
  • IPv6 Operations (v6ops) working group works on IPv6 related issues.
  • Dynamic Host Configuration (dhc) working froup works on among other things DHCPv6
  • Doman Name System Operations (dnsop) working group works on DNS support for IPv6
  • Mobility for IPv6 (mip6) working group works on Mobile IPv6
  • Radius Extensions for IPv6 (radext) works on Radius Extensions for support of IPv6
• Internet Corporation for Assigned Names and Numbers among other things oversees allocation of IPv4 and IPv6 addresseses
  • American Registry for Internet Numbers (ARIN) for North America
  • RIPE Network Coordination Centre (RIPE NCC) for Europe, the Middle East and Central Asia
  • Asia-Pacific Network Information Centre (APNIC) for Asia and the Pacific region
  • Latin American and Caribbean Internet Address Registry (LACNIC) for Latin America and the Caribbean region
  • African Network Information Centre (AfriNIC) for Africa

Those of us who had not looked at IPv6 closely, thought that perhaps NAT should solve interoperability between IPv6 and IPv4. We all thought that there will just be a NAT box with minimal ALG between the two domains which will take care of any interoperability problem there may be. But it turns out to be rather simplistic assumption. Once we started looking deeper, it quickly became clear that NAT is a non-starter. It can and will still be deployed for certain specialized functions. However, this is really not a solution for a large scale ISP. Some of the issues with NAT as interoperability and transition strategy are analyzed in RFC4966.

To start with NAT has some of the same issues as discussed in IPv4 Exhaustion page of this website.  But, IPv6 has many more issues which IPv4 NAT does not. This is due to address format differences. For example, when an IPv4 host sitting behind a NAT box needs to start an IPv4 connection it knows exactly how to do it. Now if we have an IPv6 only host sitting behind a NAT trying to start a connection to IPv4 only host, the networking stack of the host does not know how to start a connection.

There is a lot of information about advantages of IPv6 across the web. This list summarizes these advantages:

• Much bigger IP address space: IPv6 addresses are 126 bits and can address a lot-lot-lot more addresses then IPv4 addresses can.
• Better IP options design: The IPv4 options were extremely inefficient to use for routers. The result was that the options were rarely ever used. IPv6 has a lot better options design making it easier for routers.
• Better Security (May be?): IP address space in IPv6 is much larger making IP address. IPv6 address can is simply not possible. IPSec was designed with IPv6 in mind. However, using IPSec in application domain is likely to have the same issues as IPSec with IPv4. It is believed that the IPSec will be limited to VPN. However, perhaps the biggest security implication of IPv6 will be on current security model. At present most home and enterprise networks use NAT as the first defense against intrusion. With IPv6, we will have enough IP addresses and will no longer need NAT. We will need something more complex then NAT for IP firewall for even home networks.
• IPv6 provides better stateless auto-configuration of IPv6 hosts connected to router. However, the hosts can also use stateful DHCPv6. The stateful auto-configuration may be better in several respects but for an end user they are not going to see any difference. They connect their hosts to the network and it has an IP address, routing information, etc. and are connected to the network.
• Mobile IPv6: The Mobile IPv6 has route optimization built-in, avoiding current triangular routing issues in the Mobile IPv4. This paper on MIPv6 provides a good details on MIPv6.

Various Blogs/Wikies from around the Web

• The Wikipedia Page about IPv6: You should start from here. As of Oct ‘07, some of the information here is dated.
• This Ars Technica article is an excllent information source on IPv6. It covers various aspects of the IPv6. However, the IPv4 exhaustion date on this page has some bad assumptions as discussed on IPv4 Exhaustion Analysis page of this site.
• Go6.net has a wiki styled page on IPv6 covering several IPv6 related issues. The information here is uneven.
• This PPT presentation provides good overview of MIPv6.

Summary of the Analysis

Based on number 17% available number, and 3.7 billion total IP address space number, available IP addresses in Oct ‘07 are 629M.

There are a variety of predictions, using different models, that attempt to estimate when there will be no more IPv4 addresses to allocate. The cut-off date ranges from 2009 to 2013.

It is now the widespread opinion of the technical community that for the continued and uninterrupted expansion of the Internet, it is vital that IPv6 adoption begin in earnest.

Various Papers Analyzing IPv4 Exhaustion Date

Here are some of the selected papers from around the web analyzing IPv4 exhaustion date.

• Very Detailed Information about IPv4 addresses where they are and how are they consumed.
• ICANN’s IPv6 Factsheet: Published in Oct ‘07 said that 17% of IPv4 addresses are available
• Wikipedia page on IPv4 Exhaustion analysis this page quotes various sources to come up with 2010 as date of exhaustion. Among other sources this page uses information from various RIR advisories.
• Ars Technica article predicsts that at current rate we have 7.5 years before running out of IPv4 addresses. However, givent publication from ICANN the number of left IP addresses here cannot be accurate.

Available IPv4 Addresses as of Oct '07 (From ICANN paper: Blue is Available)

What About NAT?

NAT was discovered in ’90s. NAT has served us well. Nearly all the enterises and most homes using more the one host is using NAT. The NAT in effect allows us to create several private Internets each using the same set of IP addresses. The IETF has reserved IP address space for private Internets. The hosts within the same private Internet can communicate with each other using private IP addresses. A device behind NAT only needs to use a public IP address when the host communicates with the public IP Internet. This allowed sharing of a single public IP addresses for several hosts.

Can NATs be promoted to the operators networks? If we can, we can delay the date of IP address exhausion by several years if not for ever. The NAT works well for outgoing only connections like web access, POP/SMTP based e-mail access. However, they have serious problems for incoming connections like VoIP, P2P, some game plays etc. At home the solution for incoming connection typically involves port forwarding which can be manually configured or auto-configured using UPnP.

In the current Internet, our ISPs provide us pipe and do not control what type of applications we run on our computers and how they use the pipe. Installation of NAT in the operator’s network will change this model since they will only be able to provide outgoing only connections.

It is possible for the operators to provide two types of services. Outgoing only service which is mostly used for browsing and e-mail and the second class providing access to all the services. The operator could deploy NAT for the first set of subscriber and provide public IP addresses to the second class of subscribers and have differential charging.

If this had to happen lots of newer mobile devices could use browse only IP addresses and can be sufficiently served by NAT. The operators can deploy application level proxies to deal with specific protocol needs like IMS. This will limit innovation in the Internet since several applications will not be able to run on these devices.

The impact of this design on overall IP address consumption is not clear but it should delay need to deploy IPv6 significantly.

If this has to happen, this will fundamentaly change the nature of the Internet. At present North American operators are very reluctant to deploy NAT in their networks.

Effect of IPv4 Exhaustion

Blogs have tried to compare IPv4 exhaustion to Y2K. However, the impact of IPv4 exhaustion will be a lot less dramatic. If the Internet is not ready with IPv6, several possible things can happen:

• Operators can deploy limited NAT for certain class of subscribers, devices extending life of IPv4 addresses they already have
• There is significant IPv4 address space which is allocated to different organizations. It is possible that this IP addresses can be sold back to the ISPs at a cost or can be reallocated by ICANN extending life of IPv4 address space.
• Operators can deploy limited IPv6 on devices with limited applications (e.g. Comcast recently announced that they will move management of home modems to IPv6)
• Operators will move quickly towards IPv6.

It is clear as we move closer to IPv4 address exhaustion, the cost of IPv4 will increase. The ISPs at that time will have a choice whether to move to IPv6 or live with restrictions, cost imposed by IPv4.