IPv4 address rentals to mint millions of dollars for AWS AWS could rake in between $400 million and $1 billion a year from charging customers for public IPv4 addresses while migration to IPv6 remains slow. The cloud computing kingpin signaled last year that it would start charging customers for public IPv4 addresses from February 1, as covered by The Register at the time. AWS cited …
Well, they'll be waiting a long time then...
Yep. There are still a large number of currently reserved IPv4 addresses that could be released, but the IETF refuses because it wants everyone on IPv6. IPv4 addresses should be free, or part of the service because the service is pretty useless without them. Sadly though, the Internet powers that be didn't resist the commoditisation of IP addresses and allowed them to be bought & sold.
Someone has coined a word for it: enshittification: https://pluralistic.net/2024/01/30/go-nuts-meine-kerle/
I could almost live in a pure IPv6 world - indeed most of my traffic is IPv6. Except there are standouts (looking at you a certain mobile phone provider) who can't provide a universal IPv6 service. Also one of my software providers requires an IPv4 connect to activate.
Until the last IPv4 service is terminated it compels so many others to provide an IPv4 service. Reverse chicken & egg <:-(
I think consumer-land is moving more and more to IPv4 but providers are using 6to4 gateways for a seamless transition. The avoids the need for expensive and tricky carrier-grade NAT and will allow more parts of the internet to move to IPv6 without anybody noticing. And a smooth transition suits everyone.
"consumer-land is moving more and more to IPv4"
No, quite the opposite of course. I hope this was a typo.
"providers are using 6to4 gateways"
No they're not. 6to4 has been deprecated since 2015 (https://www.rfc-editor.org/rfc/rfc7526.html).
IPv4/IPv6 coexistence is much more complex than a simple gateway.
IPv4/IPv6 coexistence is much more complex than a simple gateway.
My ISP (IDNet) has been offering dual-stack IPv4/6 for nearly 20 years now. The main reason I'm not switching to FTTP with an altnet is because neither of them that are available currently support IPv6. Any ISP that doesn't at this point in time is clearly lacking technical expertise and I for one wouldn't trust them with my connectivity.
Thankfully Openreach should be coming here soon (maybe this year) at which point IDNet can upgrade me to FTTP.
It's chicken-and-egg in both directions.
1. All content is currently available on IPv4, and will be for the foreseeable future. This is because (a) there is no squeeze on IPv4 availability at the content provider side, and (b) eyeballs are money, and content providers are not going to exclude access from the significant proportion of users who have only IPv4, by creating IPv6-only content. (Bar a few cat-feeders, and loopsofzen.co.uk).
2. However, most of that content is *not* available on IPv6. Large content providers like the BBC (who used to be technical leaders, back in the 20th century) simply can't be arsed to turn on IPv6, even though it would be relatively easy. Ditto for smaller content providers like, erm, The Register. Presumably they are worried about their user tracking and advertising and monetising - they don't want to risk anything which might break - or they simply have higher business priorities.
Therefore: all ISPs must provide IPv4 access to reach all Internet content (or else users will say "your service is broken"); and all content providers must provide content over IPv4, to make it available to all end-users.
Once in this situation, IPv6 becomes irrelevant. Adding it doesn't make any significant content available to users, although it reduces the NAT load on their routers; and adding it on the content provider side doesn't add any new eyeballs, although it may improve performance for some.
Possible ways out:
- government regulation. They legislate for web content to be accessible to disabled people; why not also that content has to be accessible via IPv6?
- something massive happens. There was talk, for example, of the Chinese turning off IPv4. If they do that, and if the Great Firewall of China doesn't do NAT64, then content providers will lose 1/5th of their global audience if they don't make it reachable via IPv6.
- someone builds a bloody great NAT64 gateway from the new Internet to the old, so you can build IPv6-only client networks and still reach all content. Cloudflare or Google would be well placed to do this. Getting hold of the IPv4 resources for the NAT pools is getting harder and harder though.
You're missing what is happening increasingly at the moment - the move to IPv4 as a service, running over IPv6. That's because the large providers who have run out of IPv4 addresses are finding this much the cheapest way to provide access to legacy services that haven't yet added IPv6 support. But (as the AWS case shows) this isn't going to work for ever - eventually more and more services will decide to add native IPv6 support for their customers, to avoid the overhead of IPv4 as a service.
You're correct that this coexistence phase has no particular end date. That was always the plan - indvidual sites can move to IPv6 when they find the need.
The commoditisation of IPv4 is a sad reflection of our collective failure to fully embrace IPv6 and imho should never have been allowed to happen but here we are.
Working in the ISP space I can tell you administrators are lazy AF. Despite official guidelines of yore stating that 'Administrative Ease' is not an excuse for poor IP planning and deployment, the practice is rife. We offer every customer IPv6 as part of their service, but it isn't baked in and I'd say there is maybe a 5% take-up rate. Really that's on the ISP and tech industry generally, more than the consumer side who just want an easy life.
We should do better and make IPv6 as defacto as possible and make it *easy* to use and choose.
Stats! https://www.google.com/intl/en/ipv6/statistics.html
The Internet "powers that be" didn't really make clear what the legal status of IP addresses was.
There's an interesting snippet here.
However, as in the domain name business, where you create artificial scarcity, someone will find a legal means to secure property rights.
We are just fiddling at the margins now with IPv4 addresses. We rjust need some big service provider to have the guts to turn them off - or at least announce a date.
The IPv4 scarcity is real, not artificial. That makes it even easier to secure apparent rights.
No, I don't think advertising agencies such as Google will be turning off IPv4 any time soon. But the question is, when will the overhead costs (in money and performance) of maintaining IPv4 service become a significant factor. Imagine that an advertising agency says: ads over IPv6, $0.01 a dozen; ads over IPv4, $0.02 a dozen. Then things might start to change.
I reckon you'll not find an ISP mad enough to do that until the commercials make sense.
Meanwhile I do think collective governance of how IPs are treated could go a long way to banishing the commercialisation. Either you have the IPs to provide a service or you don't and if you don't its recommended you implement IPv6.
Also, accessibility can be a very good reason to require all services provided over the internet in $jurisdiction must support both. A bit like installing IPv6 ramps and wider aisles all over the place, but it needs collective, global agreement and action.
I don't follow your arguments. It's not the IETF that allocated the IPv4 blocks and the suggestions to move to IPv6 are based on a lot more than just scarce IPv4 addresses. Furthermore, making IPv4 addresses free is what got us to this mess in the first place. It was national regulators, especially the US, that led to an undervaluing of the resource and the incredibly skewed distribution of addresses mainly to US institutions and companies, who are now cashing in on this largesse. There are now more devices than IPv4 addresses so a redistribution, apart from being technically potentially as challenging as moving to IPv6 wouldn't solve the problem.
The problem being that, if you want to have two servers but you only have one IPV4 address, you have to put another box in the middle to filter and direct traffic to the right one, and if you want to have twenty, that box ends up having to be a lot bigger to do work you wouldn't need if you could just give each server an address. The problem being that, when someone wants to build a point-to-point network from their own devices, they can't do it without some central server coordinating things because their ISP has multiple layers of NAT in the way. Let me guess, you don't see a problem with it because you either don't run many or any servers on the public internet or because you already have your own IP addresses? A lot of people do not have assigned IP blocks, and many countries were assigned so few that you'll virtually never get them. It's another reason that people start to use cloud providers, because there isn't much work involved getting a new instance publicly available, even though it produces a worse maintenance requirement later.
The problems you are alluding to are more about getting hold of public addresses, which for various reasons are now in short supply. Having more devices than addresses doesn’t necessarily mean addresses aren’t available.
Remember part of the problem with the Internet is the fixation on ALL devices should be able to directly talk to all other devices on the Internet without any ‘switchboards’/address translation. Ie. All devices should have a unique public IPv4 address. I disagree,, only those devices that need to be publicly accessible to connections initiated by third parties from the internet actually need public IPv4 addresses.
With the release of the private address ranges way back, the framework was set for there to be more devices than IPv4 addresses, NAT in simple terms allowed these private devices to connect the public internet in a way that was compatible with existing TCP/IP client implementations. The consideration of a .internal TLD, enhances the support for private IPv4 networks, also without requiring modification of client network stacks.
Okay, having way back integrated two corporate networks using 10.x.x.x I accept there are issues (particularly in the datacentre), which would not have arisen if they had used public addresses. However, these do not mean it is intrinsically a bad thing to have more devices than IPv4 addresses.
I'm not saying that private addresses are bad, but that public addresses shouldn't be limited unless there's a very good technical reason. Because we don't want to use IPV6 is not a good technical reason. By all means use the private address space for things that don't need public addresses. However, the mindset of many ISPs is that nobody needs public addresses and nobody will get them unless they request them and pay, usually per address, for the privilege. It should work in such a way that you can choose private or public as you like. IPV6 allows that. IPV4 would allow it, but because of address scarcity, it generally does not.
> the mindset of many ISPs is that nobody needs public addresses and nobody will get them unless they request them and pay,
This mindset isn’t restricted to IPv4; try connecting to a (consumer) mobile decice using IPv6 over 4G. The only solution/workaround I found was A&A’s L2TP-VPN offering
Obviously, if you really need a public IP address for your mobile, there are business MVNOs who will supply the SIMs etc.
ISPs deciding to issue private IP addresses is both a business decision and a way to make the shrinking pool of IPv4 addresses last longer. I think one of the problems has been that, as usual until things start to break people won’t change; we’ve known about the limitation of the public IPv4 address pool for decades (hence why work was started on IPv6), it has only really been in the last decade (or less) that the real limitations of the IPv4 address space are making themselves felt.
I don't follow your arguments. It's not the IETF that allocated the IPv4 blocks and the suggestions to move to IPv6 are based on a lot more than just scarce IPv4 addresses.
One has to go back in time to an age where the Internet had class. Specifically the good'ol days of Class A, B, C networks. Those days are long over, and a lot of people forget that Class E still exists, and is 'reserved'. So 2^28 addresses from 240.x through 255.x
There have been frequent suggestions to release this space so it can be allocated and assigned, but those have mostly fallen on deaf ears. Many lunches were consumed to come up with IPv6, so you better damn well learn to start using it. Being a bit more radical, there's also the Class D range, aka 'Multicast', which never really took off. That's another 2^28 addresses. IPv6 does mcasting better (allegedly), so migrate! That's 224.x through 249.x, which had the added advantage of being able to announce the great v4 mcast shutdown in Feb 2024. The general excuse for not doing this is..
..but many computer and router operating systems and firmware do not allow the use of these addresses.
which is an easy problem to fix. And many computer and routers do allow you to unicast using mcast addresses, or configure with 'Class E' addresses. If not, update your bogons filter, and call it good.
Furthermore, making IPv4 addresses free is what got us to this mess in the first place.
They were never really 'free', because they were never really property. It was a case of use'em or lose'em. Then Nortel went titsup.com and the address space it had used was allowed to become property rather than being returned to the RIRs for reassingment. Then speculators dove into the swamp space looking for other address blocks they could acquire and then sell or rent.
Like I said, not enough addresses left to redistribute, even it sounds like a lot. You're also being revisionist. Sure, if we could go back to the 1970s and 1980s, reassignments, at least of company blocks would have been possible. But, by the time, IPv4 addresses scarcity became a thing, the financial possibilities were becoming clear and very few companies were prepared to give adddresses back.
I'm not claiming IPv6 is perfect, but I also don't think it's as bad as many make out, and it wasn't quite the gravy train I think you're suggesting: there have been more egregious examples of that with W3C springing to mind.
It's taken a while, but I think we now have enough people pursuing a pragmatic migration that isn't going to cause obscure and poorly maintained networks in key areas (hospitals are one area with infamously outdated kit) to fail suddenly because IPv4 was switched off. And this should be the blueprint for future changes, though I suspect the lessons about ownership will be some of the first to be forgotten.
Like I said, not enough addresses left to redistribute, even it sounds like a lot.
Class E space is 268,435,456 addresses, double that if mcast is moved to IPv6. Or 2m new 'class C' networks that could be assigned. Or a lot more based on current assignment policies.
You're also being revisionist.
Nope, I'm being a network engineer who's pointing out that the IPv4 address shortage is artificial and due to policy. The result is obviously an artificial scarcity, and an opportunity to inflate prices of something that was never intended to be property in the first place.
I'm not claiming IPv6 is perfect, but I also don't think it's as bad as many make out, and it wasn't quite the gravy train I think you're suggesting:
Having been involved, it was. The bigger problem though is the regulatory capture that happened in the domain name and address space. I also think v6 was the wrong approach and just extending the address field would have been a whole lot easier. Along with allowing routing based on country code. With just a single octet, every country could have the equivalent of the entire current IPv4 address space and make routing it more efficient. Just adding digits is something telcos have been doing for decades, and it works.. But the IETF just had to be different and deliver something that nobody but the mobile operators really wanted anyway. And they can route based on IMEI/IMSI, if they really wanted to.
Sure, they could have made an IPV6 that looks more like IPV4 and has longer address fields, but that would still require people to implement the new protocol, exactly like they do with IPV6. The other changes introduced when they made IPV6 have some problems, but that's not the reason it hasn't been adopted. Most places that haven't implemented it aren't saying that "If only IPV6 didn't have [insert change here], we would just use that". Either way, the change requirement would be the same and the work would only be done when it was almost too late.
Ipv6 addresses are frankly a mess, little wonder there has been next to no movement in terms of implementation in 20+ years......
We need to face facts ipv6 is a lame duck and some have to swallow their pride and realise while it worked in theory, people find it jarring to use Vs the simplicity of IPv4.
Adding extra digits to IPv4 would have made a lot more sense, ipv6 almost screams of being a pet project of someone where they think everyone else is stupid for not understanding the "genius" of their solution (like some neckbeards on various forums....)
Adding extra digits to IPv4 would have made a lot more sense, ipv6 almost screams of being a pet project of someone where they think everyone else is stupid for not understanding the "genius" of their solution (like some neckbeards on various forums....)
We tried to warn them, but the ability to expose your MAC was considered more important. Then whatever was behind your MAC. But IPv6 lead to situations like this-
https://en.wikipedia.org/wiki/IPv6
Extension headers
The IPv6 packet header has a minimum size of 40 octets (320 bits). Options are implemented as extensions. This provides the opportunity to extend the protocol in the future without affecting the core packet structure. However, RFC 7872 notes that some network operators drop IPv6 packets with extension headers when they traverse transit autonomous systems.
Sometimes for good reason..
https://en.wikipedia.org/wiki/IPv6_packet#Fragmentation
End nodes in IPv6 are expected to perform Path MTU Discovery to determine the maximum size of packets to send, and the upper-layer protocol is expected to limit the payload size. If the upper-layer protocol is unable to do so, the sending host may use the Fragment extension header instead.
See where that one is going yet? And then it got worse..
https://en.wikipedia.org/wiki/IPv6_packet#Security
Research has shown that the use of fragmentation can be leveraged to evade network security controls. As a result, in 2014 the earlier allowance for overflowing the IPv6 header chain beyond the first fragment became forbidden in order to avoid some very pathological fragmentation cases
Which was a bit of an understatement. Also one of the reasons why a lot of extension headers are just dropped at the first opportunity given they could be pretty much anything, so often have to be processed in software. This is computationally expensive and slow compared to just forwarding, or just exceptionally dangerous when every extension header is a potential attack vector. Luckily a lot of telcos can avoid this stuff by just slapping an MPLS lable on the frame or packet and firing it off down the most appropriate LSP.
> Just adding digits is something telcos have been doing for decades, and it works
It works for telcos because the phone network uses variable-length addresses. It doesn't work for IP because v4 packets have a fixed width for addresses, as does the socket API, as do important protocols like DHCP and DNS. So yes, the IETF did have to be different - because they were extending something that works differently.
When IPv6 was being developed the shortage was indeed artificial but it is very real now. Your proposed fix wouldn't even work for India… let alone the rest of Asia. No need to worry, America, you've got all the addresses you could ever need and, as it was America that invented the internet, that's all that really matters. (Let's ignore all the work done by those outside the US to make the internet actually work).
As for country codes: what have you been smoking? That is exactly the sort of thing that would allow the internet to be broken up by those countries that think not all packets should be created equal!
Your revisionism is clear: if assignments were not supposed to be permanent we'd have seen reassignment as soon as the internet took off in Asia and it was obvious the tiny pool. There may have been no intention to make ip addresses commercial property, but the effect, known also as the tragedy of the commons, in making them so, was only a matter of time. You're also ignoring the tweaks to IPv6 that have been made as it has been adopted, not least the acceptance of the need for smooth transition. This means that we'll probably still see IPv4 networks for many years to come, though they'll become increasingly isolated as the networks around them adjust to new demands, but everything will generally continue to work.
But, of course, you're right let's ignore the manifest problems and just insist on more and more NAT as the only way that doesn't break the existing internet, except when it does!
As for country codes: what have you been smoking? That is exactly the sort of thing that would allow the internet to be broken up by those countries that think not all packets should be created equal!
Revisionism I guess would be going back to pre ITU days and suggesting telephone numbers should be uniquely assigned, starting with 1. Instead, they figured out a way to support different sized countries, allow overlapping adddress space and have the whole thing working long before the Internet was even a dream.
You still seem to object to an easy freeing up of 500m+ new addresses saying "it's not enough". Well, it's more than we have now and it's an easy thing to do. But no. You want people to be forced to go IPv6 instead.
"I also think v6 was the wrong approach and just extending the address field would have been a whole lot easier. "
This again. The design of IPv4 is such that extending the address field by even one bit would break every host and router in the world. ALL the problems of coexistence and interworking stem from that fact. It's true that if the opportunity to redesign the whole packet header had been ignored, the code for IPng would have been much closer to the code for IPv4, but the whole superstructure of a new version number, dual stack routing, dual stack API, new RR types in the DNS, new numeric address format, NAT46 and NAT64, would have been exactly the same.
(Adding digits to telephone numbers was relatively much simpler because of the serial nature of telephone numbers.)
It's true that if the opportunity to redesign the whole packet header had been ignored, the code for IPng would have been much closer to the code for IPv4, but the whole superstructure of a new version number, dual stack routing, dual stack API, new RR types in the DNS, new numeric address format, NAT46 and NAT64, would have been exactly the same.
Yep. Or you could maybe, I dunno, look at an IPv4 packet header. You have to read 96 bits in before you even know where the packet came from, because the source adddress is more important than the destination for figuring out where to send it. But source/destination takes you 160 bits in, and then.. What lies beyond, if IHL>5? Room for expansion, maybe?
But having the space beyond the addresses intenionally left blank, it would have been relatively easy to fit an extended address space into an existing IPv4 header, or calling it IPv4.5. Well, maybe 5. I mean v4 has 4 bits for a version field, but it's will, and always be set to 4. Because reasons. Change it to 5, router knows where the extended address space offsets are and acts accordingly. It's as if when IPv4 was being developed, the designers thought about stuff like this and allowed versions, options fields etc for future expansion or services.
Then along came the IETF & Co and went 'nope, and now for something completely different'..
> It's as if when IPv4 was being developed, the designers thought about stuff like this and allowed versions, options fields etc for future expansion or services.
Yes, they allowed for some forms of expansion, remember TCP/IP were really research protocols which have been promoted to primetime...
In the case of the version field, it was assumed it would be used internally by the router to hand the packet off to the appropriate routing process.
With the IPv4-v6 co-existence dilemma, we can (now) see it would have made sense for the router to be able to forward packets with a version number different to the ones it locally supports to a remote router (via some form of tunnel) which could process the packets. However, introducing such functionality now would not be backwards compatible with existing IPv4/v6 routers...
> very few companies were prepared to give adddresses back.
The ownership of IP addresses changed (I think circa 1990) and thus a key problem is with address ranges (especially class A ranges) handed out previously which effectively the receipient owned rather than now where you can only lease IP addresses (unless your company happens to have taken over a company with one of the pre-ICANN address ranges).
The ownership of IP addresses changed (I think circa 1990) and thus a key problem is with address ranges (especially class A ranges) handed out previously which effectively the receipient owned
Yep. A lot was part of the formalisation, ie going from asking Postel for a /8 or /16 to the creation of the RIRs. So the original allocations were pretty much done on a handshake. With the RIRs, there's a contract with terms like the RIR being able to recover address space if they're not being used. I'm not sure if there's been any/much speculation attempts in RIR-space so whether or not those contracts have been tested. I guess there'd be 2 cases, ISPs assigning space from their own allocations, in which case if the user ends the contract, ISP recovers the addresses. If they're 'PI' or PA space allocated from an RIR to that user, it'd be how far the RIR goes to recovering them. So maybe an ISP goes bust, the RIR should be able to reclaim those addresses. I'm guessing sometimes purchased though by entities that claim they're going to keep using them.
Class D and E account for 12.5% of the total available address space. Even if they could be made available, it would have almost hardly any impact on the problem; within months we'd be back where we are now.
But in practice, they wouldn't work anyway, because you can't update the whole Internet to accept them in a reasonable time - it's not much different to updating the whole Internet to accept IPv6.
As a user, if you were assigned a class D or E address, you'd be a second-class citizen unable to access much of the Internet. For a real-world example of this, see my previous post here.
Even if they could be made available, it would have almost hardly any impact on the problem; within months we'd be back where we are now.
Probably more like years, depending on how generours RIRs are with their assignments.
As a user, if you were assigned a class D or E address, you'd be a second-class citizen unable to access much of the Internet. For a real-world example of this, see my previous post here.
Much as you are as an exclusively IPv6 user. Even after all these years. Problem you described is a problem of relying on a vendor's default instead of doing it properly. Plus probably some poor communications, ie from RIR to neteng with the hostmaster not passing it on. Hostmasters are often sysadmins, who do that kind of thing.
Please put the IPv6-only strawman away. No one's suggesting that. This was a flaw in IPv6 and one of the things that held greater IPv6 adoption back. Networks still have work to do but many places are now moving to islands of IPv4 in a sea of IPv6. My ISP has been IPv6 for years but it also provides the 6to4 gateway for me and everyone else so that we don't have to care much.
Please put the IPv6-only strawman away. No one's suggesting that.
It is not a strawman, it is a reality. If you have no more IPv4 addresses to assign.. what do you do? I've shown a way we could add more, just as was done when a smaller block (128.x) was released previously. D & E are much larger address blocks that could buy more time. If you have no v4, the only space is v6. To get from v6 to v4 requires some translation gateway like 6to4, which still needs IPv4 adddresses to translate to.
It's another one of those strange situations with v4/v6 overlap when you can have IPv6 /32s trying to translate to a IPv4 /32. RIRs could maybe decide that legacy E-space is only assigned to 6to4 gateways, but that kind of goes against policy, ie encouraging IPv6 migration.. But that's never likely to happen without something drastic forcing migration from IPv4 to IPv6. This was also discussed waay back in the IPNG process, ie why migrate? and whether a new, and pretty much entirely incompatible protocol was a good idea vs just extending IPv4.
All these downvotes because people don't like to hear the truth. I've been downvoted here every time I've said something like this about IP address hoarding.
They must be American or something.
The truth is that nobody wants to replace all their equipment, work with more machine readable than human numbers, work with much more complex subnetting etc. and beta test new infrastructure. Companies are hoarding IP addresses and not using entire networks. That shouldn't be.
No, all these downvotes because the ones they're talking about are reserved addresses for other types of networking. In hindsight, lots of those reserved addresses are not doing much of use being reserved and could have been used as normal addresses, but it's too late to change that now. If we could retroactively change the protocol to remove those blocks, and maybe while we're at it take back most of 127.0.0.0/8 and 0.0.0.0/8, we could gain maybe 600 million addresses if we're lucky. That would help push the problem back a bit more, but it would not fix any of the other reasons why IPV6 was adopted, nor would it prevent IPV4 from running out of addresses.
We could go to more lengths to take addresses away from organizations that don't need them. Lots of addresses are stuck there, but at the end, we will still have a cap near 4B addresses, and the internet is growing to the extent that it is not enough addresses. The truth is that your equipment can already handle this unless it's really ancient, that the addresses may be harder to read, but they're not really that difficult, and that you sometimes have to do something moderately tricky when tech changes. Trying to reclaim multicast will require as much work on your part to implement as adopting IPV6, but it also requires a bunch of code changes which have already been completed for most IPV6 systems. We should not have to go to the effort of forcing every internet user in Asia , Africa, and South America through multi-layer CGNAT and an annoying process where we try to convince the US military to give up some of their /8s because they always take suggestions from the public so you don't have to beta test a new network.
All these downvotes because people don't like to hear the truth. I've been downvoted here every time I've said something like this about IP address hoarding.
Don't worry about it. Certain subjects get political, and then people remove their thumbs from their.. storage points and apply them to the keyboard. Often without comment, so you have no idea what they're objecting to. If you're really lucky, you'll start attracting stalkers who'll downvote every one of your posts. I have a few of those.
This particular debate has been going on for a couple of decades since people realised that if the Internet keeps growing, we're going to run out of space soon. Plus it's variations on the age old bellhead vs nethead debate where the netheads discover challenges the bellheads encountered and solved decades, sometimes a century ago. Like national and international numbering plans. This is pretty much a holy war, so technical merits often don't get a look-in.
You've been soundly downvoted for a reason. There actually aren't any "Internet powers that be" that could have resisted people pricing IPv4 addresses. Laissez-faire capitalism is rampant. This won't happen with IPv6 because addresses will never be scarce; and IPv6 deployment by the recalcitrant user sites and ISPs will occur when the OPEX cost of supporting IPv4 grows enough, which it will. The biggest operators are already finding the costs of service based on CGNAT painful, which is why they're moving to IPv4-as-a-service solutions.
A lot of stuff comes with 6 turned on. Remember guys, this is just another attack surface.
For some of us, one is enough so we stay on 4 until we have to go to 6
We can do both but it is twice the effort.
For the guys that have more that a /21, ARIN charges a yearly fee. For those that are using /24 we just pass on the cost. Nothing like the big guys.
Might be the reason we have had so many move from the cloudy skies.
So whilst a valuable asset that didn’t cost Amazon that much to acquire, it is a really good investment. Based on the math presented in the article, a $400m~$1b Pa income is a really good return on investment.
I suggest the day Amazon, starts disposing of its IPv4 address blocks, is the day IPv4 starts to become history.
My ISP doesn't support IPv6 and seemingly has no plans to. Hurricane Electric provide a free "tunnel broker" service to you can use IPv6 while waiting for your ISP to either get their act together or for contract renewal to come around.
For the last several weeks it appears AWS, Google and a few others have taken to blackholing the entire /32 address range HE use. Not just a simple deny that would allow browsers and applications to fall back to IPv4, but instead causes them to lock up until eventually timing out, leaving the only option to disable IPv6 completely. And this affects any site who use services provided by this group so the knock-on effects are widespread.
As an end user you cannot even get a response (Google policy is to not discuss this, others likewise) let alone ask for your own subnet to be exempted, so a spectacular own goal in driving adoption.
For the last several weeks it appears AWS, Google and a few others have taken to blackholing the entire /32 address range HE use.
This is one of the reasons I hate v6. On first parse, I read /32 range and went huh? Maybe too much CIDR over the weekend. But curious what excuse they'd have for doing this given HE's been around almost as long as the Internet, and are generally regarded as one of the good guys.
It's politics.
* Hurricane Electric does not announce its IPv6 blocks to transit providers, because it considers itself to be a tier 1, and wants to force all other tier 1's to peer with it. But Cogent refuses to. As a result, if you buy your Internet connection from Cogent, you cannot reach IPv6 addresses belonging to Hurricane Electric (and vice versa).
* Google does not announce its IPv6 blocks to its transit providers (i.e. its upstream ISPs) AT ALL. Google want to force all operators to peer with them, so that in the long run, they don't have to pay any transit costs. But tier 1's like Cogent don't want to, as it breaks their business model.
I would have thought HE and Google would be happy to peer, but maybe that relationship has broken down recently too.
In any case, the situation we are in is that the IPv6 Internet is not fully connected - but nobody notices or cares, because IPv4 is what matters, and that works. Dual-stack and happy-eyeballs plaster over the cracks. It's only when you run an IPv6-only network that you find out what things are really broken.
You're right. HE and Google happily peer.
Despite the original posters claims, and Jellied Eels glee, there are no issues with HE and google/AWS connectivity. (Just tested now from UK/FR/US) - maybe something wrong with the original posters setup, or HE gateway?
> My ISP doesn't support IPv6 and seemingly has no plans to.
That's what I thought about Spectrum Home, v4 forever; but a year+ ago I realized I silently had a v6. WhatsMyIP brings up the v6 number faster than the v4 address so v6 may be primary?
The part that is bullsh*t is that for operations that serve public facing sites, not all clients have IPv6 connectivity -- so we're FORCED to pay for the IPv4 space if clients we have can't support IPv6 (including anonymous users/visitors) or lose their traffic.
It's like when we had to support IE 6-8 for YEARS because of client requirements or lose their traffic.
The part that is bullsh*t is that for operations that serve public facing sites, not all clients have IPv6 connectivity -- so we're FORCED to pay for the IPv4 space if clients we have can't support IPv6 (including anonymous users/visitors) or lose their traffic.
Yep. It's also the problem for the newer RIRs like APNIC, AFRINIC etc. Back in the early days, if you were on good speaking terms with Jon Postel, you could score some Class As or Bs easily. Way back, I found the original fax assigning some /8s that way. And then one being given to BT and ruining a perfectly good aggregation possibility. But that meant a lot of space wasn't assigned or allocated very fairly or efficiently, so as the Internet blew up, resources weren't really available to allocate fairly. So if say, you're an Indonesian business wanting to reach a global market, you can have all the IPv6 space you want, but you might have to pay Amazon if you want an IPv4 website or servers to address that market.
Amazon is of course fine with this. Any bets on how long it'll be before they start charging per IPv6 address? Maybe time to think about subnetting carefully for that future.
So they bought up 132 million IP addresses but are estimated to actually have 12 million, or 9%, of those actually in use? No wonder there's a shortage of addresses. Amazon and probably others are hoarding. Even if you consider inefficiencies due to subnetting, and quadruple the number in-use but not pingable, that's an awful fucking lot of addresses that are just being held by greedy corporations for no reason. Either just trying to drive up the price so they can sell them off in a trickle, or planning this rental cost the whole time using "shortage" as an excuse, or just trying to artificially push the world into using IPv6 by manufacturing a need.
That estimate is just wrong. I don't know how many addresses are in use, but there are three categories to consider:
1. Machines that are online now and respond to pings. About 6 million, evidently.
2. Machines that are online and do not respond to pings. This is the default for most machine images and firewalls. You have to take two manual steps to change your configuration to allow pings. I'm not sure why this guy assumed that 50% of users would have done that.
3. Machines that allowlist IPs and won't respond to your script no matter what their ICMP settings are. There are a lot of these out there for private networks that use the public internet to connect them.
I don't know how many are in use, but it's a lot more than 12 million.
On average each of our customers will have 2 or 4 internet facing machines for support and interfacing purposes. For one purpose we allow two specific ICMP sub-types from 1 specific IP address and a couple of other ports. All other access is blocked.
For the others we block all inbound access unless it's a reply to a previously established outbound connection.
Still got to have the public IPv4 addresses to make it work, but as far as the rest of the internet is concerned they're unused.
So yeah, treat the stats with suspicion. And massive over-provisioning in the only way cloudy providers can operate. When we can spawn, use and kill of fleets of VMs within the hour they need to have a goodly supply of addresses to keep us happy.
The fee isn't that high, but high enough it will cause many of their customers to re-evaluate how many services they need exposed to IPv4 addresses versus those that can share the same IP address or only need to contact over AWS resources and can use IPv6 or an internal 10.x address for that.
That will keep them from running out before they otherwise would.
Incorrect. They should only charge a fee if there is an alternative. Specifically they do not offer load balancers as IPv6 only. You can get Dual Stack or IPv4 only but if you want a load balancer you must pay for an address. That's a simple increase in price, not a new charge for an avoidable commodity.
"Anyone desiring a new public IPv4 address since then has had to rely on address ranges being recovered from organizations shutting down or surrendering them as they migrate to IPv6."
1) migrating to IPv6 is a not solution for IPv4 shortage. Unless you introduce NAT64. But then ... :
2) organizations like ISPs are introducing NAT444 aka CGNAT for eligible customers. And then selling those freed-up IPv4 addresses to ... AWS and startup ISPs.
About NAT444 aka CGNAT: Works for 95% of consumer customers aka eligible customers: normal mom and pop customers, like my neighbours and my sister. Of course not for us very special hacker customers with servers at home that must reachable from IPv4 Internet.
Let the downvotes come in!
240m IPv4 addresses could have been moved from reserved to unicast status since 2008. Support is commonly available in every OS except windows, and multiple big companies are squatting on them.
https://www.ietf.org/archive/id/draft-schoen-intarea-unicast-240-00.html
It's a shame.
Cheers for that, and I suggest people have a look at it.
I know releasing 240/4 has been floated a few times, and that paper is a good example of the current situation, and how easy it would be to JFDI. I also note it references Geoff Huston a couple of times and I know this is a drum he beats regularly. It's something that would help out the RIRs that came late to the party, but represent much of the world's population.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2025
