Interesting Geoff Huston Posting on CircleID

Geoff Huston has established himself as perhaps the foremost authority on IP address markets.  A senior researcher at APNIC, Geoff has tracked this issue for over a decade.  He has recently posted a new blog entry at CircleID, to which I’ve commented.  Here’s what I wrote there:

The fundamental basis for the article above is a lack of transparency within IP address markets.  This is something that Bill Lehr, Tom Vest, and I worried about in our contribution to TPRC in 2008.

Amongst other things, transparency or its lack has the following effects:

  • Assuming it is a goal, efficiency in markets demands transparency.  When markets lack transparency, neither the buyer nor the seller know if they have gotten a good deal, because it could be that there existed either a buyer who would have paid for more, or a seller who would have sold for less, who was simply not identified.  Is $10 per address a good price?  There is at lest a tidbit of information from some of the brokers that indicates wide variance in the cost of IP address blocks.  Whether that information is accurate, who cannot say?  It is not required to be so.
  • Network administrators and owners should be making informed decisions about how and when to move to IPv6.  Absent pricing information regarding v4, there is uncertainty that is difficult to price.  In this sense, hiding pricing information may actually encourage IPv6 deployment.  Keep in mind that large institutions require years if not decades to make this sort of transition.  Were I them, given the increased number of devices (if you can believe the numbers above, and I suggest that we take them with a grain of salt), I would start now to get out of this rigamarole.  Heck, even with transparency, that only tells you today’s price, and not tomorrow’s.  Certainly it is well worth researching methods to price this risk.
  • It is important to know if there is an actor who is attempting to corner the market.  Proper registration of purchases and sales provides an overview of whether dominant players are acquiring addresses beyond the needs of their customer base.  Such acquisitions would have the impact of increasing costs for new entrants.
  • Finally, the Internet Technical Community (whoever we are) need to know if new entrants are in fact unable to access the Internet because IPv4 addresses are too high, if we want to see the safe and secure growth of the Internet everywhere.

The funny aspect of all of this is that governments may already be able to track some pricing information retrospectively through, of all things, compulsory capital asset sale reports, such as the U.S. Form 1040 Schedule D.  However, in general this information is confidential and not very fresh, and hence not sufficient to advance policy discussions.

IPv4 address shortage: Who was the first to become concerned?

My own answer is “I don’t know”.  I only know that there were a few of us thinking about the problem in 1989.  Roy Smith raised the issue on the TCP-IP mailing list on November 25th of that year with this message:

Date:      25 Nov 88 14:56:57 GMT
From:      roy@phri.UUCP (Roy Smith)
To:        comp.protocols.tcp-ip
Subject:   Running out of Internet addresses?
	Has anybody made any serious estimates of how long it will be
before we run out of 32-bit IP addresses?  (Silly question; I'm sure a very
great amount of thought has been given to it by many people.)  With the
proliferation of such things as diskless workstations, each of which has
its own IP address (not to mention terminal multiplexors which eat up one
IP address per tty line!), it seems like it won't be too long before we
just plain run out of addresses.

	Yes, I know that 2^32 is a hell of a big number, but it seems like
we won't get anywhere near that number of assigned addresses before we
effectively run out because most nets are sparsely populated.  My little
bit of wire, for example, has 256 allocated addresses yet I'm only actually
using 30 or so.
-- 
Roy Smith, System Administrator
Public Health Research Institute
{allegra,philabs,cmcl2,rutgers}!phri!roy -or- phri!roy@uunet.uu.net
"The connector is the network"

Back then we used IP addresses in a considerably sparser way than we do today.  That message kicked off a lengthy discussion in which nobody seriously was in denial about the potential for a problem.  You can find the whole archive of the exchange here.  There were two concepts that were touched upon.  The first was whether or not we could use the so-called “Class E” space (240.0.0.0/4).  I and others gave this serious thought at the time.  However, the related issue which won the day was that fixed address lengths were an important property to be maintained.  Vint Cerf raised that design consideration as a question.  He also raised the possibility of using variable-length OSI addresses.

Here comes World IPv6 Day!

As you may have read in the press some time ago, the world is running out of IP addresses.  Really the world is running out of the current version IP addresses.  An IP address is the means by which your computer and my computer can communicate with each other.  Addresses are similar to phone numbers in that if we each have a unique number we both can call each other.

How is it we’ve run out?  Quite simply the IP version 4 address size is fixed at 32 bits, which allows for at most a little over 4 billion simultaneous computers to connect.  Through the use of some sneaky tricks we are able to connect well more than 4 billion under the assumption that not device needs to be able to communicate with ever other device, but that game is getting a bit overplayed.

And so over fifteen years ago, the Internet Engineering Task Force (IETF) created IPv6, which has enough address space to stick an address on every speck of sand we have in the world.  More precisely IPv6 can handle 2128 or 340,282,366,920,938,463,463,374,607,431,768,211,456 addresses. 

NOW THAT’S A LOT OF PASTA!

Nobody wanted IPv6 way back then when we had plenty of IPv4 address space, but now that we’re out of IPv4 addresses, it’s moving day. That’s because we’ve become mobile, and computers have gotten smaller.  Not only can a cell phone access the Internet, but so can your printer,  a car, a boat, a camera, your television, washing machine, many game systems, and many other things.

Tomorrow is World IPv6 Day. Many service providers and web sites will be enabling the next generation Internet Protocol tomorrow to see what works and what breaks.  Will this inconvenience you even just a little?  Probably not.  Here’s why: your home gateway almost certainly doesn’t support IPv6, unless you’re a geek like me, in which case IPv6 day might inconvenience me.  But I had to go to quite some inconvenience already to get IPv6 into my home, so what’s just a little bit more?

Anyway, it’s all one big test to see how painful moving to IPv6 really is, and to see what breaks and what needs fixing.  As service providers and web sites kink out bugs you’ll be hearing more about IPv6.  Eventually, much like you did when you moved to high definition television, you’ll probably need a new router.  If all goes well, the only difference you’ll notice is that eventually services like Skype and iChat AV will improve.

By the way, this blog is IPv6-enabled!

For the Umpteenth Time, IPv6 doesn’t do much for Security

If you read the wrong books or the wrong articles, some will claim that IPv6 has improved security over IPv4.  While this may be true in an extremely limited sense, for practical purposes there is no difference.  The only way in which IPv6 is really more secure that IPv4 is that one cannot easily port scan a subnet.  In some other ways, IPv4 might be more secure than certain implementations of IPv6, where the EUI-64 address is used as the lower 64 bits of the IP address, and thus enabling violation of privacy (e.g., tracking).  The most absurd statement I just recently read was that NAT causes Spam.  Where do these people get this stuff???