At what point will you be forced to move to IPv6 because of IPv4 address depletion?

Cromulent

Cromulent

Cromulent

Soldato
Joined
1 Nov 2007
Posts
6,454
Location
England
I'm curious how people are planning/dealing with this specific issue. I mean, we've known this is going to happen for years, but there seems to be a distinct case of "I don't care" from UK ISPs.

I'm building a networking service, and there is no way I can get as many IPv4 addresses as I need. They just don't exist. On the other hand, I could get a /48 or even a /32 of IPv6 and be sorted forever. If I started as being IPv6 only, things would be easier down the road. So I was wondering what everyone was planning on doing when the day finally arrives that no matter what, you'll have to move to IPv6?
 
Cromulent said:
Using a NAT is a pretty big kludge though. Especially CGNAT.
Click to expand...

Why is it a kludge?

You have the private ranges for all your personal / internal infra needs, more than enough address space, you certainly do not need public addressing on everything, for a start it would be a huge security headache and completely unnecessary.
 
SupraWez said:
Why is it a kludge?

You have the private ranges for all your personal / internal infra needs, more than enough address space, you certainly do not need public addressing on everything, for a start it would be a huge security headache and completely unnecessary.
Click to expand...

Why would I need NAT for private addresses? You can use the 10.0.0.0 /8 IPv4 range which is reserved for private usage. I'm talking about IP addresses that are meant to be public.
 
Cromulent said:
Why would I need NAT for private addresses? You can use the 10.0.0.0 /8 IPv4 range which is reserved for private usage. I'm talking about IP addresses that are meant to be public.
Click to expand...

10 isnt your only private address space, 172.16-31.0.0, 192.168.0.0 also available for use.

NAT is perfect for allowing privates out.... You could have all your equipment privately addressed and a single public using NAT overload on outbound, this is how everyones home broadband works, then for making services available inside you PAT on the inbound to expose services, for home use there are thing like uPNP etc but I would never recommend that.

The only issue would be multiple inside boxes requiring the same inbound port but in most cases this would be for load balancing etc, in which case your load balancer would also be private and PAT to it only the required service ports.

You want to limit your exposure to the whole internet as much as possible, having boxes / devices sat directly on internet addresses is asking for trouble.
 
I think the day is decades away.

The problem is we cant move to IPv6 single stack until at the very least all major internet services and all major broadband isp's support the stack.

The reality is based on my experience, almost every datacentre will offer IPV6, but support from broadband isp's is very patchy, e.g. in the UK Virgin Media seem nowhere near deploying it right now. In addition the likes of the BBC are still IPv4 only.

There is all sorts of weirdness I see from companies.

e.g. Amazon is supposedly a tech company but their firetv sticks dont support WPA3 or even management frame protection.
Same with PS5/Xbox on WPA3. PSN also still IPv4 single stacked. I assume because they consider upnp enough to do the job.

Too many companies not acting until they pushed sadly.

Ask yourself though do you really need all those IPv4? for home user probably not. Even for something like a web or email server using TLS, now days there is support to host multiple vhosts on one ip address.
 
Never. IPv4 will be available way into the future, I will likely last until the point that TCP is replaced by something and there not needed..

Cromulent said:
I'm building a networking service, and there is no way I can get as many IPv4 addresses as I need. They just don't exist. On the other hand, I could get a /48 or even a /32 of IPv6 and be sorted forever. If I started as being IPv6 only, things would be easier down the road. So I was wondering what everyone was planning on doing when the day finally arrives that no matter what, you'll have to move to IPv6?
Click to expand...

I'm not sure what you're building, but to me sounds like you need a redesign. NAT, load balancers, server redirections, VPNs, plus many more options are available to reduce the need for IPv4 addresses,

The company I work at are fully IPv6 ready and already advertise v6 addresses externally.. No-one uses them, the ISPs are all defaulting to v4 by default. I could turn V6 off now and there would be zero impact.
 
SupraWez said:
The only issue would be multiple inside boxes requiring the same inbound port but in most cases this would be for load balancing etc, in which case your load balancer would also be private and PAT to it only the required service ports.
.
Click to expand...

Most load balancers can cope with using the same port for multiple destinations quite easily at Layer 7, and even lower layers with the right hardware/software.
 
Hmm. Thank you all for the replies. First of all, if you have any must-read computer networking books that you can recommend, then I'd be happy to pick them up.

Right, now, that is out of the way. I'll explain what I have in mind. Without giving too much away, it is basically a multilayered caching service for certain data types. If the central server goes down, it will have been automatically cached by previous visitors to the data. So it will basically work like an anycast network mixed in with a more dynamic approach to DNS that allows switching IP addresses for certain resources to change extremely quickly when a certain error or warning state is active.

So if you visited the data in question, you'd become both a client and a server for that data, and other people can access your cached version of the data if the main data goes away. Anyone visiting the data on your machine then caches it, and then they are a client and server as well. In effect, governments and other hostile threats would become impossible to take that data offline as the more popular something gets, the more it spreads and the more people serving the data increases.
 
That sounds just like a torrent service to me. Good luck with it, but sorry to say that’s a service I would avoid at all costs, I don’t want my local computer and internet service being used to host websites for others.
 
Si. said:
That sounds just like a torrent service to me. Good luck with it, but sorry to say that’s a service I would avoid at all costs, I don’t want my local computer and internet service being used to host websites for others.
Click to expand...

Somewhat like a torrent, I guess. At the moment it doesn't really matter what people think as I haven't started doing any programming yet :D.
 
If not a torrent, then there are peer-to-peer backup solutions that have taken similar approaches (not sure I'm allowed to name them, so I won't). Most of them fail because people put in far more of their own data than they're willing to store for others (my own data hoard is pretty big, so i can understand that temptation). Also, most internet connections (except for the big corporate pipes) are asymmetric, so they're easy to overwhelm.

As for me, I'm fully IPv6 enabled at home (for the devices that support it, anyway) thanks to being on one of the few UK ISPs that support it, though I still primarily use IPv4 internally as its so much easier to manage. I agree with others who say that IPv4 won't be going away soon, if ever. When you hear ISPs saying "we have no plans to support IPv6" (looking at you, PlusNet), you pretty much know the score.
 
Peer-to-peer and distributed systems already exist in various forms, even Windows Update has this functionality, although you can and should turn it off.

Caching already happens at large scales across the internet as well at various layers, most of the data you see will be from a cache / cdn and not the actual server that hosted it originally, things would crumble pretty quickly without it, in fact one of the large CDN did have an issue not that long ago with joe blogs getting an error message with the CDN name which they previously never heard of.
 
Cromulent said:
Hmm. Thank you all for the replies. First of all, if you have any must-read computer networking books that you can recommend, then I'd be happy to pick them up.

Right, now, that is out of the way. I'll explain what I have in mind. Without giving too much away, it is basically a multilayered caching service for certain data types. If the central server goes down, it will have been automatically cached by previous visitors to the data. So it will basically work like an anycast network mixed in with a more dynamic approach to DNS that allows switching IP addresses for certain resources to change extremely quickly when a certain error or warning state is active.

So if you visited the data in question, you'd become both a client and a server for that data, and other people can access your cached version of the data if the main data goes away. Anyone visiting the data on your machine then caches it, and then they are a client and server as well. In effect, governments and other hostile threats would become impossible to take that data offline as the more popular something gets, the more it spreads and the more people serving the data increases.
Click to expand...

I don’t think that’s a good thing. That means something will never be able to be taken offline without shutting every single host down.

Think about it - in the hands of a criminal. How would you find all the hosts to take them offline in the criminal world?
 
Bouton Aide said:
I don’t think that’s a good thing. That means something will never be able to be taken offline without shutting every single host down.

Think about it - in the hands of a criminal. How would you find all the hosts to take them offline in the criminal world?
Click to expand...

End game is probably a walled garden internet, if governments could do it today they would. When it happens, could be years, could be decades.
 
You must log in or register to reply here.
Back
Top Bottom