 | Issue: | Asia-Pacific III 2013 |
| Article no.: | 5 | |
| Topic: | Keep the Internet stupid – and go forth with IPv6 | |
| Author: | Justin Fielder | |
| Title: | CTO | |
| Organisation: | Easynet Global Services | |
| PDF size: | 721KB |
About author
Justin is responsible for strategic direction, technical strategy and the global product portfolio at Easynet. Justin initially joined Easynet in 1997 and held a variety of management positions within the technical, pre-sales and operational areas of the business. After the acquisition of Easynet by BSkyB in 2006, Justin became Director of Sky Network Services, responsible for the launch of Sky Broadband. Justin then become Director of Research Development and Customer Technology enabling the development of a converged media platform between broadcast and broadband platforms as well as running the R&D and Central Architecture Group for BSkyB. Justin rejoined Easynet in July 2009, in the new role of Chief Technology Officer, which he holds today. Prior to his 12 years at Easynet, Justin worked at GEC-Hirst Research various companies that formed the embryonic Internet industry.
He graduated with an upper class BEng in Electrical and Electronic Engineering from Brunel University.
Article abstract
IPv4 addresses are a scarce commodity, and the price for them amounts to a considerable cost. However, what you buy is only a short term fix. Another option for ISPs is to deploy Carrier Grade NAT (CGN) system. However, this will destroy the quality that made the Internet a roaring success – it is stupid. Now CGN needs to be clever, and it bounds to be wrong. The Internet will become more opaque and unable to cope with new applications, with firewalls and roadblocks everywhere. No, the only way forward is IPv6 – and the time to go is yesterday!
Full Article
Probably one of the most important things facing our industry at the moment is the pending depletion of IPv4 addresses.
IPv4 is the version of the internet protocol that the current internet runs on. It has served us well over the past 40 years but it has a fundamental limitation, not envisaged by its designers: the address space, which holds a unique address for every routable device attached to the Internet is only 32 bits, giving about 4 trillion unique addresses. For those who have somehow missed the excitement and warnings over the past five years, the supply of these addresses is about to run out (indeed has run out in certain regions). The replacement protocol IPv6 was designed and formalised some fifteen years ago but has not, as yet, got a great deal of traction.
There are several possible workarounds for the shortage of IPv4 addresses and the most commonly suggested is the use of Carrier Grade Network address translation (CGN), which can help to spread out the available address space and make it last longer. CGN is a quick fix and may seem to provide a solution, but for one major problem, for which we need to go back to the reasons for the incredible success of the internet.
The most important thing about the internet is that it is fundamentally stupid: it does not attempt to track connections, traffic or the applications that use it. This means that when a new application is designed by teenagers in their bedroom, the internet can instantly transport their traffic. There is no need to negotiate with the internet transit providers to allow this new application to be transported over their networks. It is this network stupidity that is behind the success of the internet and it is why CGN is such a bad idea. CGN has to be clever and make assumptions about the traffic flowing through it and these assumptions may be wrong.
Good Internet Service Providers recognise this and have been building their networks to transport IPv6 for many years. They will offer both IPv4 and IPv6, and in most cases their customers, once the concept has been explained to them, will happily use both protocols.
However, let’s take a flight of fantasy and imagine a world without IPv6, or where IPv6 never achieves a significant degree of penetration. This shouldn’t be difficult, as we are already in the first stages of this scenario. Let’s see what happens.
Firstly, IPv4 addresses will start to be perceived as assets. Let’s take a closer look at this. IPv4 addresses come in two types: the first type is the kind you are probably used to dealing with, loaned to you by your ISP and returned when you change providers. If you are an ISP, then these blocks of addresses are vital resources. You cannot do business without them. The second type was handed out before the current system of Regional Internet Registries (ARIN, RIPE, APNIC, LACNIC and AfriNIC) came into being and, although still on loan to you, is much more freely yours to do with what you want.
For the first type, some of the RIRs have policies allowing you to transfer addresses to another user (effectively moving blocks of IP from one ISP to another), and a “transfer fee” can usually be negotiated. For large blocks of addresses these fees can be eye watering: a typical “price” is $10 per address. For a decent sized block of addresses, say a /16, this comes out at a bit over $600,000. A reasonable sized ISP will churn through this in six months or less. If you have one of these blocks available and free, then your CFO might suddenly sit up and take interest (as might the taxman). If you need one of these blocks, then your CFO will certainly take interest, because what used to be a zero cost resource is suddenly going to cost a lot more. This price isn’t going to go down; addresses are a scarce resource and we can’t make any more of them. Indeed there are already companies being set up to help match up those with address space spare and those who desperately need it… and they take a fee for acting as the broker.
What will happen next? You need to connect a new customer and you don’t have an IPv4 address for them. Well, let’s roll out carrier grade NAT and start putting customers onto private address space. Of course you can only do this until private address space runs out for you and after that each block of private addresses won’t be able to exchange traffic with the others. This looks like it might be able to buy us a little time but it’s a dangerous path to tread. As you roll it out, you are making the internet less and less stupid, but more and more opaque. It starts trying to guess what your customers are trying to do and although it is likely to guess right when they are just browsing the web, it is likely to get it wrong if they try and do anything more complicated. It is particularly likely to get it wrong when a new application comes along that it hasn’t heard of. Your customers will eventually notice that you are intercepting their packets and readdressing them and just like those “opened by customs” stickers on parcels from abroad, they won’t be sure that the contents haven’t been tampered with, or stolen. Every time the packet is held back for inspection it will be delayed. Eventually, there will come along an application that your CGN doesn’t understand, and then your customers won’t be able to use it. You’ve already started to lose customers because you can’t give them a proper IP address and now they are starting to see poor service, and the latest internet craze doesn’t work.
So let’s back off and try something else. How about a walled garden? Restrict your customers to only the things you want them to see. In effect you are building a firewall around your network and also possibly putting application gateways in as well. This used to work for mobile phones and some early ISPs, but your customers have got used to going everywhere in the world and suddenly they find barriers and locked gates everywhere. How long will your market share survive?
What else can we try? We can’t buy addresses for long. We can’t manufacture more of them. The rate of consumption of addresses is such that even if all the addresses not visible on the internet were to become available suddenly (and don’t forget that even if we can’t see them in the global routing table, they may well still be in use), we would still run out of IPv4 addresses in the next five years or so.
Perhaps we can stop using the Internet altogether? No, that probably isn’t an option at this stage, since the global economy is completely dependent on the Internet, and it gives instant access to, literally, a world of information. Our stock markets and banking systems depend on it. Our children use Wikipedia and Google to do their homework. We order our groceries using a supermarket web site or a smartphone app. Our businesses depend on it to deliver orders and invoices, quotes and contracts. Commerce is lubricated by the grease of the internet, without it the wheels will start to squeak and the axles will run red-hot, and what was a Formula One racing car will become a horse and cart. Do you remember teleprinters and telex machines and the cost of a transatlantic call at £5 a minute? All of that is a distant memory, thanks to the Internet. No, I don’t think we’ll get rid of it, at least not until there is something bigger and better.
It looks like the only viable solution is IPv6. Most of your PCs and servers already work with it, given the chance. Your IT staff will complain, but don’t they always complain? They will learn about it in the same way that they learn about the latest bug in Windows 7. They’ll find that their firewall configurations will be simpler and more bug free without the need to do the gymnastics necessary to get things like VOIP working through NAT. Your ISP may claim that they can’t support it. So move to one who can (there are plenty of them out there). Your staff won’t even notice.
The IPv4 address brokers reckon they have about four years of business, after which IPv4 addresses will have no value and the world will have moved to IPv6. The IPv4-only web site will have gone the way of the dinosaur, the teleprinter and the ticker tape machine.
Aren’t you glad that you planned to start rolling out IPv6 all those years ago? You didn’t? Now stuff doesn’t work? Hindsight is a wonderful thing.
