IPv4 Comes to an End
Cesar [email protected]!
Addressing in the Internet
• Devices on the Internet need to have unique addresses in order to be reachable from each other – We have long put up with NAT, which up to a point
subverts this principle • Address allocations are made hyerarchically
– IANA -> LACNIC -> [your ISP here]
IPv4
• There are 4,294,967,296 IPv4 addresses (32 bits long) but not all of them can be used!
• Looks like a lot, right? But... World population currently stands at just over 6 billion people!
• Mobile penetration 87%, Internet penetration 35%!
• We all normally use more than one IP address (possibly 4)!
• They don't seem to be that many now!!
Internet Number Resource Management
IANA
ARIN
ISP
End users
LACNIC
NIC.br
ISP br
NIC.mx
ISP mx
ISP #1
APNIC
LIRs/ISPs
RIPE NCC
LIRs/ISPs
AfriNIC
Historical Facts
• 1983 Research network for ~ 100 computers!• 1992 Internet is open to the commercial sector : !
– Exponential growth!– IETF urged to work on a IP next generation protocol!
• 1993 Exhaustion of the class B address space!– Forecast of network collapse for 1994 !!– RFC 1519 (CIDR) published!
• 1995 : RFC 1883 (IPv6 specs) published!– First RFC about IPv6!
Evolution of the IPv4 Pool
• Remember!– IANA!
• IANA assigns** /8 blocks to the RIRs!– The RIRs!
• Assign blocks of varying sizes to their member organizations!
• Members which are in turn ISPs then assign space to their customers !
Evolution of the IPv4 Pool
• Run-out dates:!– IANA ran out of free /8 blocks in January 2011!– APNIC was the first RIR to run out of IPv4 later in
2011**!– RIPE NCC ran out of IPv4 in 2012**!
• Expected run out dates:!– LACNIC is expected to run out of IPv4 between
May and July of 2014 - DONE!
Evolution of the IPv4 Pool
Some%me between May and July 2014
IPv4 Exhaustion
• IPv4 resource management is governed by policies!– These policies are created and approved by the
community through a bottom-up process!– LACNIC acts as the steward of this process and
applies the policies for managing resources!• Before runout time addresses are assigned
according to a needs-based set of criteria!• Does IPv4 exhaustion mean that the free pool
reaches zero ? NO !
IPv4 Exhaustion
• When the aggregated free pool reaches the equivalent of a /11 (~2 million addresses), new policies come into effect!
• What follows is a two-tiered phase!– Soft-landing period!– Resources for new entrants!– Final exhaustion !
• IPv4 assignment ceases to be needs-based!– Even if an organization justifies need, only a fixed
size prefix will be allocated!
Soft Landing
• The first period after exhaustion is the soft landing period!
• A /12 is available for soft landing!• New or existing organizations can get up
blocks up to /22 in size every six months if properly justified!
• This means!– Up to a single /22 (1024 addresses) every six
months!– 1024 blocks available !
New Entrants
• After the soft-landing pool is exhausted, a second /12 is made available exclusively to new market entrants!
• Every new organization will be able to request up to a /22 every six months !
THE WAY FORWARD – IPV6
So… What Next ?
• Some argue you can take a pill and keep doing business as usual!– The pill known as carrier grade NAT !
• But the rest of the world seems to be agreeing that the way forward is via IPv6!
• There is good, bad and ugly in all this!• Let’s take a look at both!
The Good: An End-to-End Network
• Every device talks freely to each other. Almost no middleboxes, except at the very edge of the network!
The Bad: A CGN-”enabled” Network
• Devices communicate via middleboxes almost always!
The Bad: Network Address Translation
• Allows sharing a single public IP address among several devices!
• Does not scale!
2801::17
CGN
Home NAT
(Some) Issues with NAT
• When handling security!– When blocking one user's “malicious” traffic, we also
risk block traffic from many “good” users.!– In order to identify which user accessed which
services logging the IP address is no longer enough, we also need to log port numbers.!
• When scaling!– NAT “boxes” are limited in the number of
simultaneous users they can handle.!– Harder generally harder for Internet Content Providers
(i.e. geolocation, sessions based on IP, etc.)!
(Some) Issues with NAT
• With service quality!– Port forwarding will become increasingly difficult
to manage for users and ISPs (big impact for gamers for example)!
– Service calls will go up!– The CGN box becomes a single point of failure!
• This means!– Service quality as perceived by users will
deteriorate!– ISPs costs will increase in the long run!
The Good: IPv6
• IPv6 with its 128 address space solves all our addressing needs for the foreseeable future!
• 2ˆ128 IP address or 3.4 x 10ˆ38!• (340,282,366,920,938,463,463,374,607,431,768,
211,456 IPs) !• Restores the end to end nature of the Internet!
– This means no single points of failure, no accidentally filtering out innocent users, etc.!
• So why hasn’t the world done it already ? !– A long story!– However, IPv6 is being deployed as we speak !
IPv6 Deployments
• Content providers:!– Google, Facebook, Yahoo! and several CDNs
have deployed IPv6!• Access providers:!
– USA: Comcast, T-Mobile!– Europe: Free.fr!– In our region: Telefónica Perú!
Global IPv6 Traffic
• As seen by Google!
Global IPv6 Traffic
• What happens if you enable IPv6 to an otherwise unsuspecting group of users ? !
• Between 15% and 40% of your traffic will be over IPv6!
• This means!– This portion of traffic will not need NAT!– This portion goes up as more and more networks
deploy IPv6!
The Ugly: We will need a bit of NAT
• Sadly, we as a community have ignored this for so long that some form of NAT will be needed!
• By the time IPv4 is completely exhausted there still will be a lot of IPv4-only content out there!
• Our users, even if on IPv6, will want to access it!
The Ugly Network of the Future
• Hopefully only for the immediate future!!
IPv4-‐only host
IPv6-‐enabled host
FINAL CONCLUSIONS
On IPv4 Exhaustion
• IPv4 will run out for our region during 2014, our estimate is between May and July!
• After exhaustion, the policies governing the remaining stock will be radically different!
• Networks will need to keep growing nevertheless, so investments will need to be made!
On Carrier Grade NAT
• No, it’s not a magic pill!• No, it’s not business as usual!• It is going to be expensive, and it will be an
investment without much return on it!
On Transition to IPv6
• It’s the only path forward with a future!• The rest of the world is deploying it!• It also will be expensive, but the costs tend to
go down as deployment progresses!
THANK YOU!