If you’ve been reading the news recently you may have heard about the impending shortage of IP addresses.”What’s an IP address?” I hear you ask… well, they are the dotted quads that are like “phone numbers” for every machine connected to an IP network (such as the Internet – hence Internet Protocol address).

If you haven’t heard of this shortage — basically, these addresses are needed for a computer to connect to the Internet. An IP address is four numbers, in the range 0-255, however some ranges are unavailable for technical reasons, but these addresses only account for about 2% of all available addresses.

Each of these numbers is 8 bits (binary digits) long, because any combination of 8 bits can represent all the numbers from 0-255. Four times 8 is 32 bits. So 32 bits can hold 2³² (2 because of binary) addresses — 4,294,967,296 to be exact.

But there’s a problem.

There are 6,730,168,710 people on the planet at the time I’m writing this*.

Take into account that more people are being born every day, and much of the Western world (especially companies) have more than one publically accessible device on the Internet, and the problem becomes clear.

We are fast running out of IPv4 addresses. So fast in fact:

• ICANN – the Internet Commission for Names and Numbers – will exhaust its IPv4 pool by the end of 2009.
• Regional Internet Registries like RIPE (Réseaux IP Européens) and APNIC (Asia-Pacific Network Information Center) will exhaust their allocations by mid-2011**.

Now I know what you’re thinking.

Why should I be concerned or what the f**k is this guy getting at?

The reason you should be concerned is because of something called Carrier Grade Network Address Translation, or CGN/CG-NAT (as outlined here in an IETF draft). What this does is make your ISP’s network one big LAN, so your ISP has a smaller pool of externally-routed public addresses, freeing up potentially millions of IP addresses and holding off depletion for another decade or so. My own ISP (H3G) already does this.

Thing is, the downsides of CG-NAT far, far outweigh the benefits.

• Online gaming and VoIP (internet telephony) won’t work, because they expect your router to have a public address. With CG-NAT, your router will have a private address, and you won’t have the option of port forwarding as you do now. This allows the carrier to charge you more on telephony and even more if you require a public IP for gaming.
• Peer-to-peer file sharing won’t work. Bittorrent, Gnutella, Edonkey/Emule, Winny/Share all require an external IP unless you want your downloads to crawl along. Without the option of port forwarding, again, the carrier can charge you more for a public IP or deny you service entirely.
• You’re completely open to everything on your carrier’s network. If a worm is making its way round your ISP’s network there will be almost nothing to stop it.
  
• Staying on IPv4 will mean that ISP’s start allocating smaller and smaller address blocks. This will cause the Internet’s core routing tables (like a “phone book” for addresses) to explode in size until current generation routers are no longer able to handle them. The Internet will essentially collapse under its own weight.
• CG-NAT is a hack. It’s a temporary solution to a permanent problem.

There is, though, a permanent solution.

Enter IPv6. With v6, every grain of sand on the planet can have its own IP address. Carriers are very reluctant to switch to IPv6 because:

• It costs money to upgrade 10+ year old equipment at IXPs***, ISP PoPs, and local loops.
• End-to-end connectivity becomes ubiquitous, allowing far easier p2p file transfers and other services. Being the BPI/RIAA lackeys they are, this can’t happen from their point of view.
• In IPv6, IPsec encryption over public routes is mandatory, making Deep Packet Inspection and traffic shaping outside of your network impossible.

So what can you do to help the effort?

1. Get an IPv6 tunnel broker. If you need ease of use try Hexago, or if you’re technical and have experience with network operations try SixXS.
2. If you can, get an ISP with native IPv6 connectivity. Here’s a list of IPv6-native providers in the UK:
   • Bogons.net
   • Claranet
   • Goscomb
   • Entanet
   • A&A
3. If you’re a network operator, peer with BT – they provide IPv6 routes to much of the Internet.
4. Bug your ISP for consumer IPv6 support. They will only implement IPv6 when enough customers demand it. Don’t email – emails can be deleted, but phone calls put a voice to an ‘anonymous’ request.
5. If you run your own Internet-facing services such as Web or mail servers, make them IPv6 enabled. If they run Linux this is a matter of just doing modprobe ipv6 and ensuring your router can route IPv6 and supports router advertisement.
6. If you use third party services & web sites you use often (such as WordPress), ask them to enable IPv6 on their service, if they aren’t in the process of doing so already. If they express interest, point them to the IPv6 migration measures outlined in RFC 5211 “An Internet Transition Plan”.

The main argument against end-to-end IPv6 connectivity is “NAT makes my network secure, since you can’t directly address machines on my network”. This is tosh. NAT is not a firewall. CGNAT puts IPv4 depletion off for a few years, but IPv6 puts you in control of your own machines. Your own Internet connection.

It makes the Internet what it was meant to be.

Ciao,
cmn

*Source: www.gefringraphics.co.uk/Nemesis/population/population.htm

**Source: IPv6Style: IPv4 adoresuno kokatsu jiki yosou nitsuite(“About the expectation of the depletion of IPv4 addresses over time”) and Potaroo.net’s IPv4 Counter

*** With the notable exceptions of AMSIX and LINX (“IPv6 addresses are assigned on request from the range 2001:7F8:4::/48. Again there is one network for the Foundry switched LAN and one for the Extreme switched LAN.”).