Tag Archive for IPocalypse

| September 15, 2012
One comment

IPv4 IPocalypse Strikes Europe

IPv6The IPocalypse has stuck Europe. RIPE NCC, the Regional Internet Registry (RIR) for Europe, the Middle East and parts of Central Asia announced on 09-14-12 that it is down to its last “/8″ worth of IPv4 addresses. ArsTechnica reports it is no longer possible to get new IPv4 addresses in Europe, the former USSR, or the Middle East, with one small exception: every network operator that is a “RIPE member” or “local Internet registry” (LIR) can get one last block of 1024 IPv4 addresses. To fulfill these requests, the RIPE NCC is keeping that last /8, which has 16.8 million addresses, in reserve.

Europe officially runs out of IPv4 addresses

IPocalypseNone of this comes as a surprise, according to the author, given that global IPv4 IPocalypse struck when the global pool of free IPv4 addresses dried up in February 2011. APNIC, which distributes IP addresses in the Asia-Pacific region, ran out of IPv4 addresses in May 2011. The remaining three Regional Internet Registries are AfriNIC (Africa), LACNIC (Latin America and the Caribbean), and ARIN (North America), which all have enough IPv4 addresses to last at least two more years.

Since the depletion of IPv4 address space in the APNIC region, little information has surfaced about how network operators in the region have managed the situation. The article states, the lack of IPv4 addresses only impacts organizations and consumers who need more addresses, or who need addresses for the first time. Existing IPv4 users remain unaffected by the global IPocalypse, and so the immediate impact is limited. Also, large network operators get large address blocks from the RIRs and they typically have a pool of unused addresses of their own, so few will be experiencing immediate problems.

Dont worryEvery year for the past five years, some 200 million new IPv4 addresses have been put into use. Ars cautions, without a steady supply of fresh addresses, many Internet-related activities are going to become problematic in the years to come. Fortunately, 20 years ago the Internet Engineering Task Force (IETF) foresaw the IPv4 IPocalypse, where the 3.7 billion 32-bit IPv4 addresses would run out, would become a problem, and started working on a replacement: IPv6. However, the IPv4 depletion didn’t happen as fast as the IETF originally predicted, and IPv6 adoption has languished.

rb-

World IPv6 launchSo IPv6 adoption got a big kick in the implementation from World IPv6 Launch. Eventually, IPv6 will replace IPv4, but the transition won’t be pretty. I have covered some of the IPv6 issues here, here and here. Give it some time, Europe and the rest of us will survive the IPv4 IPocalypse.

Related articles
Category: IPv6 | Tags: , , , ,
| July 17, 2012
3 comments

IPv6 Compromise Smartphones Users’ Privacy

IPv6Now that the IPv4 address pool is depleted and the IPocalypse is at hand, wrinkles are emerging in IPv6.  One of the wrinkles is with mobile devices. Most of the cool mobiles devices have been able to handle IPv6 for a while. Apple’s (AAPL) iPhones, iPads and iPods have been capable of handling IPv6 Since version 4 of the iOS operating system and most Google (GOOG) Android devices have been capable since version 2.1. H  Security is reporting that these mobile operating systems send information about their users to the network.

A device on an IPv6 network usually determines half of theirSmartphone risks address (the “interface identifier”) themselves, but H Security says that smartphones are sloppy with this task. According to the article, the smartphones simply add the same two bytes to their globally unique MAC address and use it as their identifier. As a result, they transfer a unique hardware ID whenever they communicate with an IPv6-enabled server.

The basic problem isn’t an IPv6 issue because there are other methods for generating the address. The article says that a device can generate a random interface identifier and replace it on a regular basis. This is called Privacy Extensions method and is the factory-set option in Windows; it can also be enabled in other operating systems. The article points out that devices running Apple’s iOS or Android offer neither the option to enable Privacy Extensions nor the option to disable IPv6, anyone who uses an affected device on an IPv6-enabled wireless network will send their ID.

IPocalypseThe only thing the smartphones are lacking is a control option in the user interface, as the Privacy Extensions do come as part of their kernel. For instance, on a (jailbroken) iOS 4 device with root access, they can be enabled with the same command that enables them on a desktop device running Mac OS X:

sysctl -w net.inet6.ip6.use_tempaddr=1

The blog claims the problem is only affecting a small number of users because IPv6 is not yet in widespread use. However, more ISPs plan to offer IPv6 in addition to the old IPv4 in the future. In addition, there are routers like the Cisco (CSCO) Linksys E3000, which will, automatically set up an IPv6 connection via a 6to4 conversion when their internet access is purely IPv4.

The author concludes that the issue is particularly sensitive because such devices tend to be used by one specific person. As a result, the MAC address, which is accessible to any server operator and network monitor, allows this user to be identified.

rb-

If this sounds familiar, it is I wrote about mobile apps uploading  UDID’s here.

Related articles
Category: IPv6, Security | Tags: , , , , , , , , , ,
| April 30, 2011
Comments Off

IPv4 Address Grey Market Emerges

The UK’s Register reports that depletion of the world’s IPv4 address space is spawning a new development in the Internet address space, IPv4 address trading. According to the Register,  German Phython developer Martin von Loewis launched a site called Tradipv4.com in March. The site is offering IPv4 addresses for $3 for v4 addresses located in American Registry for Internet Numbers (ARIN)  and $4 for those in the Asia Pacific Network Information Center (APNIC) region.

TradeIPv4IPv4 address trading, however, is still a grey market idea now. FireceTelecom reports that to make sure that unmanaged address transfers don’t compromise network operations or security, the Internet Society (ISOC) said that buyers and sellers should make sure any “transfers be affected per appropriate Regional Internet Registry (RIR) processes.” Citing its own estimate of prices reaching $11 per address, ISOC said, “We strongly urge that such transfers be affected per appropriate RIR processes.” Unmanaged address transfers will undermine network operations, and it could raise security issues since anonymous address spaces can be spoofed according to ISOC.

Internet Society logoOn their FAQ page, Tradeip4.com says its auctions can cover both the sale and lease of addresses, subject to RIR policies. Some of these policies, the site notes, have grey areas. For example, APNIC policy aims to discourage address transfer by applying what amounts to a 12 month embargo on the originating party receiving new addresses. However, Tradeip4.com dismisses this as irrelevant, since APNIC’s space is exhausted and no new blocks are being assigned according to FierceTelecom. Despite these concerns, Tradeip4.com, maintains that it can sell and lease IPv4 addresses and maintains that it follows RIR policies.

This is not just a SMB issue Microsoft (MSFT),  recently bought Nortel‘s IPv4 addresses (Which I wrote about here). Craig Labovitz, Chief Scientist for network security vendor Arbor Networks, told FierceTelecom that Nortel’s deal with Microsoft reflects how IPv4 depletion is becoming a more pressing issue, now that IPv4 is a scarce resource.

IPv4 addresses have not been a scarce resource and no one has had to pay more, but what really is starting to change is Microsoft spending money to buy Nortel’s IPv4 address space.  For the first time, there’s now a price associated with V4, and one you have a price you start having providers charge for it and start seeing people having a reason to care.

The Register article notes that the Canadian government, via its Industry Canada department, is also against the trade of IPv4 addresses, and it has weighed in on the sale of Nortel’s addresses to Microsoft. In a letter discussed on CircleID, Industry Canada expressed its support for the long-standing position that addresses are not property and therefore cannot be traded.

rb-

I see several problems with the  IPv4 grey market. Trading in IPv4 is just another sign of resistance to IPv6. Firms with a global view have to realize that reallocation of a handful of  IPv4 will not make a difference in an IPv6 world. Another issue could be the routability of an IPv4 address originally assigned to APIC and traded on the grey-market to RIPE. Right now there is no guarantee that these type of addresses will be recognized. There are also political issues, the Canadian government opposes the IP grey-market. Industry Canada has expressed its support for the long-standing position that addresses are not property and therefore cannot be traded.

The ISOC says IPv4 addresses are worth $11.00, MSFT paid $11.25 and ARIN addresses are currently (04-30-11) trading $7.00 per IP. on tradeipv4.com so MSFT appears to have overpaid for the Nortel address range. The bigger issue is the change in nature of an IP address.

What do you think?

Are grey market IPv4 addresses woth it?

Has your firm started its transition to IPv6?

Related articles
Category: IPv6, Networking | Tags: , , , , , , , , , , , ,
| April 17, 2011
Comments Off

Asia out of IPv4 addresses

IPv6The Asia Pacific Network Information Center (APNIC) has run out of all but a handful of IPv4 addresses that it is holding in reserve for start-up network operators. APNIC is the first of the Internet’s five regional Internet registries to deplete its free pool of IPv4 address space according to reports from Networks Asia. (I wrote about China’s IPv4 struggles here.)

ChinaAPNIC’s news is another sign that CIOs and other IT executives need to begin migrating to IPv6.”For anybody who hasn’t figured out that it’s time to do IPv6, this is another wake-up call for them,”  Owen DeLong, an IPv6 evangelist at Hurricane Electric and a member of the board of ARIN told Networks Asia. Any CIO who isn’t planning for IPv6 is “driving toward a brick wall and closing your eyes and hoping that it’s going to disappear before you get there,” Mr. DeLong says ignoring IPv6 “is not the best strategy.”

Paul Wilson, Director General of APNIC tells Networks Asia that , if a business is thinking of doing on the Internet, they need to have a plan to transition to IPv6 in place. “If you want to do business with China in the future for example, you will be to be on IPv6 or you won’t be able to reach your customers,” Mr. Wilson said.

Scott and Spock work on IPv6

The router is here Spock

The Asia-Pacific region has been gobbling up the most IPv4 address space in recent years; APNIC has apparently distributed more than 32 million IPv4 addresses to network operators in this region in the last two months alone. APNIC has depleted its IPv4 address space “dramatically faster than people expected,” Mr. DeLong says. “My guess is that a lot of operators in the Asia-Pacific region realized the time of IPv4 depletion was drawing near and they rushed to get their applications in.” But countries in the region are doing well with their IPv6 transition plans Mr. Wilson said.

But counties with developing markets also had the advantage where they could leapfrog any potential problems and move straight to greenfield IPv6 infrastructure Wilson said. APNIC is holding 16.7 million IPv4 addresses (a /8 in network engineering terms) in reserve to distribute in tiny allotments of around 1,000 addresses each to new and emerging IPv6-based networks so they can continue to communicate with the largely IPv4-based Internet infrastructure.

RIPE [the European Internet registry] is going to be the next one to run out. I wouldn’t count on them making it until July[2011],” DeLong says. “I think ARIN (which doles out IPv4 and IPv6 address space to companies operating in North America,)  will make it to the end of this year; maybe we’ll run out in October or November[2011].”

According to Mr. Wilson the move to IPv6 should be the last we will experience. “We should be afraid of a situation where we exhaust IPv6. If the move from Ipv4 was difficult, the next will be a disaster,” he said.

rb-

The regional Internet registries will have handed out most IPv4 address space by the end of 2011. Lots of organizations need to get on their transition plan. I have noted the need for IPv6 planning here, here and here.

What do you think?

Is IPv6 a real topic in your organization?

Has your organization even formed a team to discuss IPv6 addresses?

Related articles, courtesy of Zemanta:
Category: China, IPv6 | Tags: , , , , , , , , , ,
| April 4, 2011
Comments Off

IPv4 Address Worth $11.25

IPv6Now that the last IPv4 addresses are gone, the Internet numbers are increasing in value. Microsoft is spending $7.5 million for 666,625 IPv4 addresses from Nortel (NRTLQ). As Google (GOOG) and Apple (AAPL) fight over Nortel’s 4G bones (which I noted earlier), DownloadSquad reports that Microsoft (MSFT) jumped all over Nortel’s stash of IPv4 addresses when they became available for purchase through bankruptcy proceedings.

NortelMicrosoft ponied up $7.5 million for the Nortel pool, which works out to $11.25 per IP address. There were 13 other interested buyers, but only Microsoft and three others actually submitted bids according to DownloadSquad. With the last block of IPv4 addresses already issued (which I wrote about when it happened), snatching up over 666,000 IPv4 addresses in one fell swoop is a smart move by Microsoft.

rb-

Steve BallmerCould Ballmer‘s boys be planning a cloud based IPv6 <–> IPv4 transition service?

Are they trying jump-start an IPv4 address space underground economy?

Like the authors say, we’ll just have to wait and see.

What do you think?

What is Redmond up to?

Related articles
Category: IPv6 | Tags: , , , , , , , ,
« Older Entries  

Switch to our mobile site