Hacker News

The IPv4 address swamp: The new normal

48 points by speckx ago | 19 comments

tptacek |next [-]

This post is kind of a weird promotion for NETSCOUT, written by an analyst on the Arbor ATLAS team (NETSCOUT owns Arbor now).

Borg3 |root |parent [-]

Haha yeah, seems so a bit.. There is really no problem with IP reputations at all. If prefix is often moved and traded, just DROP it at edge.. because traffic will be malice anyway.. problem solved.

The really valuable prefixes are those with are stable and have good reputation on them.. Everything else is junk these days..

AtlasBarfed |next |previous [-]

Setting aside the address scarcity issue, how is IPv6 going to simplify the routing table? If anything, it would just be an explosion of the number of addresses?

I mean a million is objectively a large number if it's all on paper, but to me, that's not a particularly large data set for talking about the entire freaking internet.

And how cheap of a SOC can handle that in memory? A better question might be to even make a system on a chip that couldn't handle that memory?

toast0 |root |parent |next [-]

The small ISP that serves my home has six IPv4 prefixes and one IPv6 prefix.

The small hosting provider I use has I think 7 v4 prefixes, but could be one v6 prefix (if they supported v6 which they sadly don't). Maybe not --- a lot of their /22s are advertised as four /24s to allow for a DDoS Mitigation provider to attract traffic when needed; but it'd probably still be fewer prefixes with v6.

Not every ASN looks the same, but many of them would advertise a lot fewer prefixes if they could get contiguous addresses, but it's not possible/reasonable to get contiguous allocations for v4.

Since the routing table is organized around prefixes, if there is complete migration, the routing table will probably be smaller.

orangeboats |root |parent |next |previous [-]

A single /32 IPv6 prefix is actually easier on the router (computational and memory wise) than a dozen /24 IPv4 prefixes.

cryptonector |root |parent |next [-]

What matters is the total number in the end. If IPv6 prefixes end up outnumbering IPv4 prefixes by a lot, then that will be a problem.

Since we don't have time machines probably the best solution is to refuse prefix portability.

486sx33 |root |parent |previous [-]

Huh A single prefix is easier on the router than a dozen.. I should hope so? Isn’t this kind of like saying the grade 1 math test is easier than the grade 12 math test ?

teraflop |root |parent [-]

The thing is that the abundance of IPv6 addresses enables fewer prefixes to be used, by allowing addresses to be allocated in much larger chunks.

For instance, Comcast (AS 7922) owns about 2^26 IPv4 addresses, distributed across 149 different prefixes. Almost all of these prefixes are non-contiguous with each other, so they each require separate routing table entries. Comcast can't consolidate those routes without swapping IP address blocks with other networks, and it can't grow its address space without acquiring new small blocks. (Since no more large blocks are available, as this article discusses.)

In contrast, Comcast owns about 2^109 IPv6 addresses, which are covered by just 5 prefixes (two big ones of 2^108 each, and three smaller ones). It can freely subdivide its own networks within those prefixes, without ever running out of addresses, and without having to announce new routes.

slyall |root |parent |next |previous [-]

There theory might be that an organisation would end up advertising a single prefix, rather than whatever they have now (say 40 networks with various prefixes).

rcxdude |root |parent |next |previous [-]

It's not just any memory. When it comes to core infrastructure routers those routes need to fit into specialized and expensive CAM (Content Addressable Memory) to do the lookups in hardware. And on every single one.

tptacek |root |parent [-]

Right but that's still not really answering his question. Sure, the constant factor is higher for router TCAM memory. Still: you can sum this post up as "in the late 1990s, tier-1 carriers filtered advertisements for all but the 'swamp' range down to /19s or smaller prefixes; now everything is the 'swamp'". Why is that?

jandrese |root |parent [-]

Because IPv4 address scarcity means small blocks get sold as they are available to people in completely different parts of the Internet. With IPv6 the address space is so large that they can easily keep the blocks in one piece.

tptacek |root |parent [-]

No, obviously, I get that (we buy a lot of IPv4 space --- and I'm actually happier with the current regime than I was with the "supplicate to ARIN" regime). I'm just wondering what technologically happened to make universal /24 advertisements fine. I assume it's just that routers got better.

colmmacc |root |parent |next [-]

The transition to 7200 VXRs as core routers really hit a tipping point around 2000. They could handle millions of entries in the FiBs and really led to a relief in pressure. Subsequent devices had to match that.

On the IPv6 side; by 2002, nobody was really experimenting with A6 records any more, and EUI64 was needless. Both were parts of IPv6 designed to facilitate "easy" renumbering, so that single prefixes could be replaced with larger ones. But the ISPs weren't complaining any more about table size.

toast0 |root |parent |previous [-]

> I'm just wondering what technologically happened to make universal /24 advertisements fine. I assume it's just that routers got better.

Routers had to get better (more tcam capacity) because there wasn't much choice. Nobody wants to run two border routers each with the table for half the /8s or something terrible like that. And you really can't aggregate /24 announcements when consecutive addresses are unrelated.

_bernd |root |parent |previous [-]

The issue is; in the default free zone, every peer which gives you a full table, gives you 1 million routes. Core infrastructure is not getting refreshed every 5 year, I have heard so...

1970-01-01 |next |previous [-]

NAT is an eternal flame.

HackerThemAll |previous [-]

It'd end when we implement a next generation IP addressing scheme. I'm not very big fan of IPv6 though. I'd prefer a 64-bit address format. IPv6 would only promote incautious distribution which would again result in address space exhaustion, more abuse and increased cybercrime.

stackghost |root |parent [-]

Interesting. What about ipv6 don't you like, and why would a 64-bit scheme remedy it?

>IPv6 would only promote incautious distribution which would again result in address space exhaustion

There are more ipv6 addresses than there are atoms in the earth. Exhaustion won't be a concern for generations.

>more abuse and increased cybercrime.

IP address-based mitigations are already not effective with v4, can you talk about why v6 makes this worse?