Out of IPv4 - the RIPE recorder gave the last block
RIPE regional registrar gave the last IPv4 block. Some of the other registrars stopped the blocks a few years ago: at APNIC - in 2011, and at ARIN - in 2015. AFRINIC still has some public addresses, however, these “stocks” will come out very soon (experts predict that this will happen in 2019).
Why it happened, what are the ways to solve the problem and when experts expect the transition to IPv6, we will tell further.
/ Flickr / Susan Adams / CC
')
In the seventies, there were 4.5 billion people living on the planet, but there was no talk about the PC revolution. Therefore, at the time of the transition to TCP / IP in 1983, the choice was made in favor of 32-bit addresses. It seemed that 4.3 billion addresses were enough.
However, in the early nineties, people began to doubt this. The first document to discuss the problem of address depletion was RFC 1287 . To try to rectify the situation, regional Internet registrars were established in 1992: AFRINIC (Africa), APNIC (Asia-Pacific), ARIN (Canada, USA, Caribbean and North Atlantic Islands), LACNIC (Latin America and the Caribbean), RIPE NCC (Europe, Middle East and Central Asia). They had to manage the address space and the distribution of IP addresses. However, this did not solve the problem of the lack of the latter - the growth of network users was too great, and IPv4 gradually exhausted.
Despite the fact that almost all registrars gave available blocks, you can still buy and sell individual addresses. One of the first such deals took place back in 2011: Microsoft acquired 700,000 IPv4 addresses from the bankrupt network equipment provider Nortel Networks for $ 7.5 million.
You can also try to find the ranges of addresses issued earlier, break into smaller blocks and distribute again. However, finding them is not easy, as their registry was not kept. One example is the case at the Massachusetts Institute of Technology (MIT). In 2017, MIT found that they had 14 million “extra” IP addresses that were not used. 8 million, it was decided to sell.
However, this approach has a certain disadvantage. Uncontrolled bulk resale of IP addresses can lead to fragmentation of patterns and an increase in routing tables. This can cause problems in the work of routers with limited memory resources.
Another solution is to use NAT. The NAT method allows you to convert the IP addresses of the transit packets: replaces the local address with the public one, writes it in the packet that goes to the web server, and returns it to the device. The largest number of NAT ports is 65,000 (with a unique combination of source IP and destination IP addresses), which means that the same local addresses can be turned into one public one. In this case, only the router is visible in the network structure, and the devices themselves are hidden.
However, NAT has a number of drawbacks. For example, protocols that appeared before this method (for example, FTP) may work unstable via NAT. In addition, if all employees of the company decide to go to one site, the server can take it for a DDoS attack - because the request is made from one public address - and block access for all devices with this IP.
You can also pay attention to CG-NAT. This solution is tailored to telecom operators and corporate networks and makes more efficient use of the limited IPv4 address space. Read more about how CG-NAT works in our corporate blog.
/ Flickr / Dave Young / CC
The approaches described above slightly reduce the size of the routing tables and optimize the use of IP addresses. However, do not solve the problem of lack of 100%. Therefore , the development of the IPv6 protocol began in the mid-nineties. Official IPv6 descriptions began to be released in 1996 as part of the RFC (from RFC 1883 and onwards).
The main advantage of the protocol is the theoretical inexhaustibility of IP addresses ( more than 300 million IP addresses per inhabitant of the Earth). Another advantage of IPv6 is simplified routing : no need to fragment the packets, and the checksum was removed from the address header. The next generation protocol has an integrated IPSec component that encrypts and authenticates each individual data packet. It can complicate the work for cybercriminals, although, of course, there are vulnerabilities in IPv6.
In 2008, the sixth version of the protocol was introduced in Google, and in 2011 , International IPv6 Day took place , under which most of the major providers provided access to the network via IPv4 and IPv6. The new version of the protocol is already used in large foreign companies (AT & T, Cisco, Facebook and others). Domestic providers also transfer their clients to IPv6: VimpelCom has already successfully connected several regions, and Yandex uses a protocol in the internal networks.
And although the world community insists on a massive transition to the new protocol, full-fledged "migration" is delayed. According to Google, only 23% of users of the company's services are online via IPv6. And only 12% of sites support the new protocol. At the same time, out of a thousand of the largest sites on the Alexa list, only 27% offer access over IPv6.
There are several reasons for delay: besides the need to invest serious money in equipment, providers will have to retrain staff and re-sign agreements with users. You will also need to ensure the safe operation of the protocol and properly configure the new network equipment. It will take a lot of time, effort and investment.
However, Paul Wilson (Paul Wilson), who was the head of APNIC for 20 years, notes that the transition to IPv6 is inevitable, since the new protocol is the only worthy replacement for IPv4.
But so far, there is no consensus on the dates for the full implementation of IPv6 from the public. For example, Quora users assume that IPv4 will still “live” from a few years to eternity. The Register believes that the top 1000 sites will support IPv6 by May 2021. Researchers and RIR representatives predict that IPv4 is left to exist from a year to ten years.
PS Useful materials from the blog VAS Experts:
PPS Related articles from our blog on Habré:
Why it happened, what are the ways to solve the problem and when experts expect the transition to IPv6, we will tell further.
/ Flickr / Susan Adams / CC
')
What led to the "exhaustion" of addresses
In the seventies, there were 4.5 billion people living on the planet, but there was no talk about the PC revolution. Therefore, at the time of the transition to TCP / IP in 1983, the choice was made in favor of 32-bit addresses. It seemed that 4.3 billion addresses were enough.
However, in the early nineties, people began to doubt this. The first document to discuss the problem of address depletion was RFC 1287 . To try to rectify the situation, regional Internet registrars were established in 1992: AFRINIC (Africa), APNIC (Asia-Pacific), ARIN (Canada, USA, Caribbean and North Atlantic Islands), LACNIC (Latin America and the Caribbean), RIPE NCC (Europe, Middle East and Central Asia). They had to manage the address space and the distribution of IP addresses. However, this did not solve the problem of the lack of the latter - the growth of network users was too great, and IPv4 gradually exhausted.
Possible solutions to the problem
Despite the fact that almost all registrars gave available blocks, you can still buy and sell individual addresses. One of the first such deals took place back in 2011: Microsoft acquired 700,000 IPv4 addresses from the bankrupt network equipment provider Nortel Networks for $ 7.5 million.
You can also try to find the ranges of addresses issued earlier, break into smaller blocks and distribute again. However, finding them is not easy, as their registry was not kept. One example is the case at the Massachusetts Institute of Technology (MIT). In 2017, MIT found that they had 14 million “extra” IP addresses that were not used. 8 million, it was decided to sell.
However, this approach has a certain disadvantage. Uncontrolled bulk resale of IP addresses can lead to fragmentation of patterns and an increase in routing tables. This can cause problems in the work of routers with limited memory resources.
Another solution is to use NAT. The NAT method allows you to convert the IP addresses of the transit packets: replaces the local address with the public one, writes it in the packet that goes to the web server, and returns it to the device. The largest number of NAT ports is 65,000 (with a unique combination of source IP and destination IP addresses), which means that the same local addresses can be turned into one public one. In this case, only the router is visible in the network structure, and the devices themselves are hidden.
However, NAT has a number of drawbacks. For example, protocols that appeared before this method (for example, FTP) may work unstable via NAT. In addition, if all employees of the company decide to go to one site, the server can take it for a DDoS attack - because the request is made from one public address - and block access for all devices with this IP.
You can also pay attention to CG-NAT. This solution is tailored to telecom operators and corporate networks and makes more efficient use of the limited IPv4 address space. Read more about how CG-NAT works in our corporate blog.
/ Flickr / Dave Young / CC
IPv6 transition
The approaches described above slightly reduce the size of the routing tables and optimize the use of IP addresses. However, do not solve the problem of lack of 100%. Therefore , the development of the IPv6 protocol began in the mid-nineties. Official IPv6 descriptions began to be released in 1996 as part of the RFC (from RFC 1883 and onwards).
The main advantage of the protocol is the theoretical inexhaustibility of IP addresses ( more than 300 million IP addresses per inhabitant of the Earth). Another advantage of IPv6 is simplified routing : no need to fragment the packets, and the checksum was removed from the address header. The next generation protocol has an integrated IPSec component that encrypts and authenticates each individual data packet. It can complicate the work for cybercriminals, although, of course, there are vulnerabilities in IPv6.
In 2008, the sixth version of the protocol was introduced in Google, and in 2011 , International IPv6 Day took place , under which most of the major providers provided access to the network via IPv4 and IPv6. The new version of the protocol is already used in large foreign companies (AT & T, Cisco, Facebook and others). Domestic providers also transfer their clients to IPv6: VimpelCom has already successfully connected several regions, and Yandex uses a protocol in the internal networks.
And although the world community insists on a massive transition to the new protocol, full-fledged "migration" is delayed. According to Google, only 23% of users of the company's services are online via IPv6. And only 12% of sites support the new protocol. At the same time, out of a thousand of the largest sites on the Alexa list, only 27% offer access over IPv6.
There are several reasons for delay: besides the need to invest serious money in equipment, providers will have to retrain staff and re-sign agreements with users. You will also need to ensure the safe operation of the protocol and properly configure the new network equipment. It will take a lot of time, effort and investment.
However, Paul Wilson (Paul Wilson), who was the head of APNIC for 20 years, notes that the transition to IPv6 is inevitable, since the new protocol is the only worthy replacement for IPv4.
But so far, there is no consensus on the dates for the full implementation of IPv6 from the public. For example, Quora users assume that IPv4 will still “live” from a few years to eternity. The Register believes that the top 1000 sites will support IPv6 by May 2021. Researchers and RIR representatives predict that IPv4 is left to exist from a year to ten years.
PS Useful materials from the blog VAS Experts:
- IPv6 protocol - from theory to practice
- IPv6 - present or future technology
- The future of carrier services: what does the client need?
PPS Related articles from our blog on Habré:
Source: https://habr.com/ru/post/358932/
All Articles