NETWORKING

  • 09/24/2015
    3:00 PM
  • Rating: 
    0 votes
    +
    Vote up!
    -
    Vote down!

ARIN IPv4 Address Supply Runs Out

Pressure to deploy IPv6 heats up with the depletion of ARIN's IPv4 free pool.

It's official: The American Registry for Internet Numbers (ARIN) has run out of IPv4 addresses. ARIN, one of five Regional Internet Registries that doles out IPv4 and IPv6 addresses, announced today that it has issued the final IPv4 addresses in its free pool.

“The exhaustion of the free IPv4 pool was inevitable given the Internet’s exponential growth,” John Curran, ARIN’s President and CEO, said in a prepared statement.

“Luckily, we prepared for this eventuality with IPv6, which contains enough address space to sustain the Internet for generations," he said, adding that "organizations should be prepared to help usher in the next phase of the Internet by deploying IPv6 as soon as possible.”

ARIN warned in May that it was nearing IPv4 depletion. With that depletion a reality, Vint Cerf, Internet pioneer and ARIN's board chairman, said the experimental phase of the Internet has ended.

“When we designed the Internet 40 years ago, we did some calculations and estimated that 4.3 billion terminations ought to be enough for an experiment. Well, the experiment escaped the lab,” Cerf said in a prepared statement. “The Internet is no longer an experiment; it is the lifeblood of commerce, communication and innovation. It needs room to grow and that can only be achieved through the deployment of IPv6 address space.”

ARIN said it will continue to process requests for IPv4 address blocks through its waiting list or through the IPv4 transfer market. The depletion of ARIN's IPv4 lifts the restriction in how often organizations may request transfers to specified recipients.

ARIN released an interesting infographic today that shows milestones in the Internet's growth and IPv4 address space exhaustion.

Figure 1:

Comments

7 Billion vs. 4.3 Billion

The price of an IPv4 address will always rise in the Ipv4 transfer market if IPv6 is not adopted because a population of 7 billion (with the majority requiring multiple addresses) will drive up demand. Relying on the transfer market will also kill long term innovation as deploying an IP address requiring device will become more expensive.

On a lighter note, if I had to guess whether Facebook or Youtube was the older sibling of the internet family, the selection would have been Youtube. The error might be due to the different user growth rates of the two sites from the perspective of the user. 

Re: 7 Billion vs. 4.3 Billion

Perhaps the rising prices in the IPv4 transfer market will finally help drive IPv6 adoption. The IPv6 migration has been excruciatingly long. 

And it does seem like YouTube has been around a long time!

Re: 7 Billion vs. 4.3 Billion

I agree that financial incentives are what's going to push people.  Client/endpoint devices seem to be IPv6 ready, and a good deal of the infrastructure(i.e. ISPs) seems to be getting ready.

 

I'm somewhat interested in the security implications of v6. Technically, it's capable of delivering just as much security, if not more than what we have, but as with any transitions, things are likely to fall through the cracks until it's fixed.  Stuff like v6/v4 tunnels may be a dangerous thing and I'd like to study that more..

Re: 7 Billion vs. 4.3 Billion

That's a great point to raise Dan. I've heard different things about IPv6 security over the years. As you say, with any new transition, there are bound to be issues. What have you heard so far about v6/v4 tunnels?

Re: 7 Billion vs. 4.3 Billion

What I've read so far about V6 in V4 tunnel security problems is about automatic tunnels,  If you have to configure the V4 addresses for each V6 end-point if they travel over old V4, it's going to be lots of work, so there are automatic tunnels to make things easier.  

But people can exploit that.  If the V4 routing state and the V6 routing state's aren'y consistent, things can go bad and people can launch DoS attacks.   Basically, it's not like we magically mode to a new address range, and things go fine. There are lots of infrastructure that needs to be updated, and this is is one example.

Details are in the IETF draft: Search for "draft-ietf-v6ops-tunnel-loops-07" and can search for this paper from USENIX paper from 2009 "Routing Loop Attacks using IPv6 Tunnels"

So this has been known for a few years!

Here's another one:

There can also be problems with unfiltered V6 traffic.  How does one make sure your security systemm identify potentially bad IPv6 packets, if they were designed to inspect V4 traffic. This kind of thing just takes time to mature.

 

 

Re: 7 Billion vs. 4.3 Billion

Thanks for those details Dan and for the IETF and USENIX links. Since the issue has been known for years, it seems like there would be progress on mitigations, but it sounds very complex.

As for the security systems and IPv6 filtering, would that apply to mainly legacy systems? I would think/hope most current/new ones would be built to filter IPv6 traffic.

Re: 7 Billion vs. 4.3 Billion

I think that legay systems will suffer the most, but unless there's lots of real-world deployments, even the new or current ones will not get enough exposure to fine-tune their capabilities.

The buildnng blocks are there, so it's now the time to make things refined and putting things together.

 

Re: 7 Billion vs. 4.3 Billion

@don_conde, great point about security, I feel that network security products and services have two basic functions i.e. identify suspicious packets and apply controls when a threat has been discovered. These functions were not carried out in the best possible fashion in an IPv4 environment and hence, the ripple effect will be amplified into the IPv6 environment if it is not monitored. 

Compounding the issues is that newer adopters of IPv6 find their businesses in an environment where IPv6 support is not universal (vendors and ISPs, etc.) creating a greater number of tunnels and unknown packets.

Nevertheless, if human capital exists and IPv6 security training is at an acceptable level then, an organization will be on the secure path and it will manage the challenges of a new environment. 

 

Re: 7 Billion vs. 4.3 Billion

I guess its not new we all can see serious consideration to deploy and integrate IPv6 support into their environments. Also it is now manadatory for ISP and Data Center owners to migrate, as IPv4 and IPv6 networks are entirely separate. Traffic can't travel from one network to the other without intervening technology.

ARIN Infographic

Can you please provide a link to the ARIN infographic? I would like to print it out but I cannot find a source and the posted version is low quality.

Re: ARIN Infographic

Sure thing, here it is: http://teamarin.net/wp-content/uploads/2015/08/ARIN-Infographic-Internet...

Hope that helps. Thanks for your interest!

hoarding

Of course, many companies/organizations have been hoarding IPv4 addresses for years.  It remains to be seen what they'll do with them in the years to come.

Re: hoarding

IPv6 will soon be mandatory for most of us, but if you talk about IPv4 it is like revolving market. Remember Nortel sold 650k+ addresses to Microsoft. But it was purely sale and purchase, not part of any merger or acquisition. So this is something which shows that market still revolves around different acquisitions and mergers.

Re: hoarding

I think you're probably right virsingh, the IPv4 transfer market has been hot and I don't see it going away anytime soon. This report looks at some of the problems with IPv4 transfers.

Re: hoarding

Thank You for the report, this is pretty impressive summary report of some big and critical issues due to IPv4 block transfers.

Apart from this, these guys shared a perdiction where as per them, Affected countries/networks are likely to suffer again ,this will begin occurring broadly, with consensus 512K emerging by mid-November. I would like to study what parameters companies adopt to avoid or minimize the impact. Do they plan to migrate on IPv6?

Re: hoarding

That's a good question virsingh. I looked around for a report that might provide some insight into enterprise IPv6 transition planning, but didn't find much. ISPs have talked about it, including Comcast. Facebook also has talked about it.

Re: hoarding

True.  It only makes economic sense.  Scarcity and demand are closely related, after all.    Whatever happens IPv6-wise, I think we'll continue to see strong IPv4 demand for decades to come.