I see the rate of grow is logarithmically linear since 2007 (well a bit better than that).
And doing guess-o-matic extrapolation, it will take another 3 years before we reach 10,000 ASN advertising IPv6 networks. That will be 33% of ASN. With the impending running out of IPv4 starting next year, seems to me we are not going to make it in an orderly fashion?
Anybody has better projections? What's the plan?
And doing guess-o-matic extrapolation, it will take another 3 years
before we reach 10,000 ASN advertising IPv6 networks. That will be 33%
of ASN. With the impending running out of IPv4 starting next year,
seems to me we are not going to make it in an orderly fashion?
hint: those asns have ipv4
Sure the internet will not die...
But by the time we run out of IPv4 to allocate, the IPv6 network will not have completed to dual stack the current IPv4 network. So what will happen?
And... contrary to Chicken Little, the sky is not falling.
Hi Franck,
Zero-sum game. Deploying a new IPv4 address will require removing one
from some other function.
Regards,
Bill Herrin
But by the time we run out of IPv4 to allocate, the IPv6 network will
not have completed to dual stack the current IPv4 network. So what
will happen?
as dual-stack requires as many ipv4 addresses as there are ipv6
interfaces, this question is rubbish
hint: those asns have ipv4
And... contrary to Chicken Little, the sky is not falling.
then what are these diamonds on the soles of my shoes?
Franck Martin wrote:
Sure the internet will not die...
But by the time we run out of IPv4 to allocate, the IPv6 network will not have completed to dual stack the current IPv4 network. So what will happen?
Reality is that as soon as SSL web servers and SSL-capable web browsers
have support for name-based virtual hosts, the number of IPv4 addresses
required will drop. Right now, you need 1 IP address for 1 SSL site;
SNI spec of SSL gets rid of that.
--Patrick
Franck Martin wrote:
Sure the internet will not die...
But by the time we run out of IPv4 to allocate, the IPv6 network will not have completed to dual stack the current IPv4 network. So what will happen?
Reality is that as soon as SSL web servers and SSL-capable web browsers
have support for name-based virtual hosts, the number of IPv4 addresses
required will drop. Right now, you need 1 IP address for 1 SSL site;
SNI spec of SSL gets rid of that.
Agreed.
When do you expect Windows XP & earlier versions to be a small enough segment of the userbase that businesses will consider DoS'ing those customers? My guess is when the cost of additional v4 addresses is higher than the profit generated by those customers.
Put another way: Not until it is too late.
And we still have the "way less than 4 billion possible addresses, but way more than 4 billion hosts" problem.
In a message written on Mon, Apr 19, 2010 at 12:08:23PM +1200, Franck Martin wrote:
And doing guess-o-matic extrapolation, it will take another 3 years before we reach 10,000 ASN advertising IPv6 networks. That will be 33% of ASN. With the impending running out of IPv4 starting next year, seems to me we are not going to make it in an orderly fashion?
Which impending run out? IANA exhaustion occurs before RIR exhaustion;
RIR exhaustion occurs before ISP exhaustion. ISP exhaustion occurs
before end user exhaustion. [Ok peanut gallery, yes, there are 100
exceptions, work with me here.]
So if you're looking at the data of IANA exhaustion and thinking
an end user won't be able to turn on a new laptop and get an address,
well no, that's wrong. Also note that some RIR's have an extremely
slow burn rate, and their regions may have addresses for years to
come.
There has also been no real effort by ISP's or end users to squeeze
internal allocations. ISP's who did "buy a T1 and get a /24" years
ago may revisit that business model and in fact find many of those
customers are using 3 IP's, an external mail server, a web server,
and a NAT box. Right sizing those returns a lot of space to the useful
pool.
Anybody has better projections? What's the plan?
While I don't think the we're as far ahead as we would like, I
caution against taking the last few years of IPv6 numbers and
"guestimating". We've had an unusually long period of early adopter
time which dominates all current data. Also, plain linear and
exponential models don't fit well as adoption curves are in fact S
curves. While you can get linear and exponential models that look
similar to the first curve on the S, it's no the same thing
statistically.
The sky is not falling, but a lot of people need to step it up if we're
going to have any safety margin.
And if Internet history teaches us one thing, it's that end users replace
outdated browsers at the drop of a hat, right?
And at what percentage of deployment of IPv6 will we see people decide
that they no longer need to support IPv4 access
to their web site? (Oh, sorry you were talking about SNI. My bad. 
Personally, I think it is basically the same question and should have
similar answers. Some people seemed to think that the number is
100%. From what I can tell about SNI, WIndows XP clients not using
Firefox or Opera are never going to get it. I think Windows XP is
down to just over 50% which is way more then IPv6 deployment numbers
at this point. We may find that the same people who don't have IPv6
will also be running Windows XP and Internet Explorer. So the choice
will be to either switch to SNI or switch to IPv6 and lose access to
the same customers in either case.
Franck Martin wrote:
Sure the internet will not die...
But by the time we run out of IPv4 to allocate, the IPv6 network will not have completed to dual stack the current IPv4 network. So what will happen?
Reality is that as soon as SSL web servers and SSL-capable web browsers
have support for name-based virtual hosts, the number of IPv4 addresses
required will drop. Right now, you need 1 IP address for 1 SSL site;
SNI spec of SSL gets rid of that.
my load balancer needs 16 ips for every million simultaneous connections, so does yours.
Only because it hasn't broken the spec further.
adrian
joel jaeggli wrote:
Reality is that as soon as SSL web servers and SSL-capable web browsers
have support for name-based virtual hosts, the number of IPv4 addresses
required will drop. Right now, you need 1 IP address for 1 SSL site;
SNI spec of SSL gets rid of that.my load balancer needs 16 ips for every million simultaneous
connections, so does yours.
That is an accurate statement but sort of a side issue.
I would hazard a guess that ~95% of publicly reachable (i.e.
non-SSL-VPN) SSL certificate using servers would never see that amount
of traffic.
I am talking about the 5 or 10 IPv4 IPs you get with a $99/month
dedicated server, so that you can setup 5 or 10 different clients with a
shopping cart - Amazon and other large e-tailers have the ability to
buy/work around any shortage or bottleneck.
Cordially
--Patrick
My guess is that end user access will be more and more NAT444:ed (CGN) while at the same time end users will get more and more IPv6 access (of all types), and over a period of time more and more of the p2p traffic (VoIP, file transfers etc) will move to IPv6 because it'll stop working over IPv4. When enough users have IPv6 access the server-based content will be made reachable over v6 as well.
The transition will take at least 5 years, I guess in 2015 we'll be perhaps halfway there.
Just because the curve doesn't look steep enough now doesn't mean it won't in two years. Human behavior is hard to model and panic hasn't set in yet.
The nutjobs are for example not headed for the hills yet.
http://www.time.com/time/magazine/article/0,9171,990020-1,00.html
I'm pretty sure that's not the case for inbound connections...
* William Herrin:
* Patrick W. Gilmore:
Reality is that as soon as SSL web servers and SSL-capable web
browsers have support for name-based virtual hosts, the number of
IPv4 addresses required will drop. Right now, you need 1 IP
address for 1 SSL site; SNI spec of SSL gets rid of that.Agreed.
When do you expect Windows XP & earlier versions to be a small enough
segment of the userbase that businesses will consider DoS'ing those
customers? My guess is when the cost of additional v4 addresses is
higher than the profit generated by those customers.Put another way: Not until it is too late.
I'm not so sure. Name-based virtual hosting for plain HTTP was
introduced when Windows NT 4.0 was still in wide use. It originally
came with Internet Explorer 2.0, which did not send the Host: header
in HTTP requests.
Anyway, I think the TLS thing is a bit of a red herring. It might be
a popular justification for IP space at the formal level, but
real-world requirements are a bit more nuanced. FTP and SSH/SFTP do
not support name-based virtual hosting, so if you're a web hoster and
structured things around "one IPv4 address per customer", then there
might be another obstacle to collapsing everything on a single IPv4
address. It's also difficult to attribute DoS attackers at sub-HTTP
layers to a customer if everything is on a single IPv4 address, making
mitigation a bit harder.