Tag Archive for IPv6

| July 21, 2015
Comments Off on Apple favors IPv6 as IPv4 Dries Up

Apple favors IPv6 as IPv4 Dries Up

Apple favors IPv6 as IPv4 Dries UpThe American Registry for Internet Numbers (ARIN) has reported that the IPv4 well is just about dry in North America. On 01 July 2015, ARIN had to refuse a request for a block of IPv4 addresses. The ARIN statement says that there are still a few IPv4 numbers available in smaller block sizes. But for all intents and purposes, there are no more unassigned public IPv4 addresses. As of July 18, 2015, the ARIN IPv4 Deletion page reports only 335 /24 IPv4 address ranges are available. It is time to start looking at IPv6.

Will have an impact on the large enterprisesThe good news, according to FierceEnterpriseCommunications, is the IPv4 drought isn’t yet affecting most of the internal networks of enterprises. But it’s just a matter of time before it starts to have a greater impact on the largest of enterprises. Microsoft (MSFT), for instance, found it was out of IPv4 addresses a few weeks ago. And for the first time in ARIN’s history, they denied a company that requested a large block of IPv4 addresses. Tom Coffeen, chief IPv6 evangelist at Infoblox, in a statement to FierceEnterpriseCommunications explained:

Though the IPv4 well has run dry and threatens service providers, the sky hasn’t yet landed on enterprise networks … Most enterprises still rely on private IPv4 for their internal networks. The small number of public, routable IPv4 addresses required to connect enterprise networks to the Internet is typically provided by the ISP, making IPv4 much more critical for Internet services providers.

IPv6One company that is reacting to IPv4 scarcity is Apple (AAPL). Apple’s latest operating systems – iOS 9 for iPhones and iPads and OS X El Capitan for Macs are designed to take advantage of IPv6. The new operating systems select the fastest connection with the lowest latency, whether IPv4 or IPv6, using the Happy Eyeballs algorithm, explained David Schinazi, the CoreOS networking engineer at Apple. Devices use the Happy Eyeballs algorithm to decide which protocol to use, as many applications use a “dual-stack” approach to networking, making available both IPv4 and IPv6 connections.

FierceMobileIT says this worked out to be a 50/50 split between IPv4 and iPv6 in iOS 8 and OS X Yosemite, but for the new OSes, IPv6 will be chosen by the algorithm around 99 percent of the time, according to Apple beta testing. Apple’s Schinazi wrote in a post on the Internet Engineering Task Force mailing list that Apple considers IPv6 mainstream.

IPv6 is now mainstream instead of being an exception, there are less broken IPv6 tunnels, IPv4 carrier-grade NATs [network address translations] are increasing in numbers, and throughput may even be better on average over IPv6

The author reports that testing performed by Apple shows that the new OSes should use IPv6 addresses around 99 percent of the time. Apple operating systems have supported IPv6 by default for Mac users as part of the OS X 10.2 Jaguar release in May 2002.

Mr, Schinazi cautioned that both OSes are in beta so things might change for the final versions. “If this behavior proves successful during the beta period, you should expect more IPv6 traffic from Apple products in the future,” he added.

Related articles

 

Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedInFacebook, and Twitter. Email the Bach Seat here.

Category: Uncategorized | Tags: , , , , , , , , , , , ,
| April 30, 2015
Comments Off on Romania Leads IPv4 Market

Romania Leads IPv4 Market

Romania Leads IPv4 MarketI first wrote about the grey market in IPv4 addresses when Microsoft (MSFT) bought Nortel‘s IPv4 IP block back in 2011. A  recent article from CircleID proves the market has caught up with Bach Seat. In the CircleID article, Doug Madory, Director of Internet Analysis at Dyn reports that the market for IPv4 addresses is heating up especially in Europe.

RIPE’s IPv4 transfers

According to Dyn, statistics from RIPE, the European registrar, show that the IPv4 market has heated up. RIPE’s table of transfers of provider aggregatable (PA) IPv4 address clearly shows a rapidly increasing rate of transfers of IPv4 address blocks and unique IPv4 addresses.  In fact:

  • increasing rate of transfers of IPv4 address blocksFebruary 2015 saw the most organizational transfers (373).
  • November 2014 saw the most unique address transfers (nearly 2 million).
  • The number of transfers in the RIPE region far outpaces any other region.

Romania is a key player in IPv4

An analysis of the RIPE data by the author finds that Romania is a key player in the IPv4 market.

  • Romania Leads IPv4 MarketDuring 2014/15 1,069 (58%) transfers came from Romanian organizations.
  • 947 (51%) of all the blocks transferred in the RIPE region were from a single Romanian organization, namely, Jump.ro.
  • Jump is willing to sell large blocks of IPv4 address space (around $10/address) or lease smaller blocks for $0.50/address/year.
  • Of the 4,656 routed prefixes that make up the Saudi Arabia part of the Internet, 1,498 or almost a third of them were Romanian just a few months ago.
  • The Syrian state telecom got 5.155.0.0/16 from Romania’s Nav Telecom last August and Iranian telecoms bought over 1 million unique IP addresses in 85 transfers over the past year (80% from Jump.ro).
  • Saudi Telecom received 17 IPv4 transfers since September last year representing over 1.5 million IP addresses: 14 were from Romanian sources and the other 3 were from
  • Ukraine.  At $10/address, those addresses would have cost Saudi Telecom $15 million.

A side-effect of the IPv4 gray market is abetting the growth of global routing tables to dangerous levels. The first effects of this were seen in August 2014 when BGP routing tables grew to over 512,000 routes when many older routers could no longer properly track the routes. ZDNet explains that routes are typically kept in a specialized kind of memory called Tertiary Content Addressable Memory (TCAM) which has a limited capacity which fails when it is full.

The author asks what are the implications of all this? Now that the Romanians have demonstrated that there is a lucrative business to be had in selling off IPv4 address space, will we see ISPs in developing countries rush to sell off their address space for some quick cash?  If such sales result in the IPv4 space getting sliced more and more thinly, we can surely expect the global routing table to increase in size, perhaps dramatically, as a result.

Will this cause more router meltdowns?

 

Related articles

 

Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedInFacebook, and Twitter. Email the Bach Seat here.

Category: Uncategorized | Tags: , , , , , , , , , , , , , , , ,
| April 14, 2015
Comments Off on IPv6 is 20 Years Old

IPv6 is 20 Years Old

IPv6 is 20 Years OldNetworking’s little brother is growing up. IPv6 turned 20 is years old this month. The IETF IPv6 Operations groups’ mailing list noted that the first independent IPv6 connection was established between sipper.pa-x.dec.com and ottawa.inria.fr in 1995.

Related articles

 

Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedInFacebook, and Twitter. Email the Bach Seat here.

Category: Uncategorized | Tags: , , , , ,
| May 8, 2014
Comments Off on IPv4 Final Countdown Begins

IPv4 Final Countdown Begins

IPv4 Final Countdown BeginsThe number of U.S.  IPv4 addresses is critically low. This means that you may no longer be able to get new IPv4 addresses. Jason Verge at Data Center Knowledge cites reports from the American Registry for Internet Numbers (ARIN). The keeper of U.S. IPv4 addresses is down to the final /8 (around 16 million addresses) and has moved into the final phase of its IPv4 countdown plan.

American Registry for Internet Numbers (ARIN)DCK explains that in Phase Four, ARIN will process all IPv4 requests on a “first-in-first-out” basis. Every request will undergo team review. Requests for /15 or larger will require department director approval, which may mean a longer turn-around.

Strategies delayed theIPv6 IPocalypse

Those in the know, recognized IPv4 had issues in the early 1990s. However new strategies delayed the IPocalypse. Owen DeLong, ARIN advisory council member, and director at Hurricane Electric explained. “Network Address Translation (NAT) was developed and Classless Inter-Domain Routing (CIDR) and some other technologies that allowed us to conserve addresses.

IPocalypseWhile those changes slowed address consumption down, DKC reports they did not stop the need for IPV4 addresses. Mr. DeLong explains that every Regional Internet Registry (RIR) has developed an “austerity policy.” Europe is more than one year into its austerity plan (rb- which I noted here).  For Asia Pacific it has been more than two years. Latin America and Caribbean Network and Information Center (LACNIC) is close to triggering its plan.

IPv4 address brokers and auction houses

In response to the shortage (and profit), a new industry of IPv4 address brokers and auction houses has arisen. Many of the IPv4 addresses have been assigned, though not necessarily used. The IPv4 marketplaces list the number of IPv4 resources that are still available. The blog says a company called Hilco Streambank launched an auction marketplace that provides liquidity for IPv4 address sellers and connects them with buyers.

auctions that provides liquidity for IPv4 address sellers and buyers.Broker IPv4 Market Group believes potential legal issues in this highly regulated space make such auctions not feasible. The article says an auction winner may end up not getting the approval to get the addresses they have won. Which would leave both the buyer and seller in limbo. Some bidders are illegitimate; no contract terms are established other than pricing.

Hence, brokers are stepping in to lend end-to-end IPv4 address transaction expertise. They help with marketing, sales, the transfer process, and the financial aspects. IPv4 Market Group also provides legal and technical advice. (rb- I noted the rise of IP brokering here)

Prices of IPv4 addresses will skyrocket

Mr. Verge says auctions and brokerages are band-aids. The space will run out, potentially causing the prices of IPv4 addresses to skyrocket and making a fast-track transition to IPv6 ever more urgent.

ARIN could hand out its last free IPv4 addresses by the end of 2014Mr. DeLong is not a fan of either brokerages or auction houses. He told DCK, “I’m old-school in this regard … I feel that the whole idea of treating address resources as a resale commodity is distasteful at best. These are a community resources that [were] handed out without charge on the basis of actual need for the addresses. It’s pretty clear to anyone who was around in the early days that if you had addresses you no longer needed, you were expected to return them to the community for use elsewhere. I regard these monetized transfers as being more of a necessary evil to bridge a (hopefully) short-term gap and not a desirable state of affairs.

Hilco Streambank CEO Gabe Fried responded to DCK’s concerns. “Our policy is that a buyer cannot close a transaction for any reason, we move on with the next highest bidder and prohibit that bidder from further participation … We’ve successfully completed numerous transactions that were initiated on our auction platform to the satisfaction of both buyer and seller. Additionally, the auction platform is designed only to automate the bid/ask portion of the transaction, and not to provide all of the post-closing transaction support. We still do that by hand, as we do with our traditional brokerage services.

by the end of 2014The ISOC provides some perspective on the urgency of getting your network off of IPv4. They calculate that one /8 of IPv4 address space is equivalent to about 65,000 /24s and ARIN has delegated an average of 92,000 /24s per year for the past three years. When you factor in that some of ARIN’s last IPv4 space is reserved, a /16 for critical infrastructure and a /10 to aid IPv6 deployment, the math indicates that ARIN could hand out its last free IPv4 addresses by the end of 2014 … if not sooner.

 rb-

I have covered the IPocalypse since 2009 and it seems to finally become a reality. IPv6 has been a non-issue for many of the engineers I have spoken with, .edu is flush with IPv4 but the rest of the world is not. 

Related articles

 

Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedInFacebook, and Twitter. Email the Bach Seat here.

Category: Uncategorized | Tags: , , , , , , , ,
| December 17, 2013
Comments Off on Wiring Closet 3.0

Wiring Closet 3.0

Wiring Closet 3.0The lowly wiring closet at the edge of the network is evolving. You know the one’s that IT shares with the custodians or the women’s lav. The neglected place that connects all end-points into the enterprise network infrastructure. Throughout my career we have moved from 3Com SuperStack hubs to 10/100 SuperStack switches to 100/1000/10000 Cisco 2960’a fixed Ethernet devices. In this first edge era, the primary buying criteria was the price per port. Low price was the critical factor. These devices might have had a few network services but they only provided best-effort connectivity services with little to no operational control according to Nick Lippis in the Lippis Report 103: Wiring Closet Switches Gain Strategic IT Value Label.

Baystack stackCommoditized network gear created enterprise networks consisting of equipment from different vendors. Purchases throughout the wiring closets, distribution, and core were based mainly on cost. The article says that equipment from multiple vendors is the hallmark of Wiring Closet 1.0. Wiring Closet 1.0 made effective management difficult. Multiple management systems required that organizations keep a large staff with diverse skills to keep up network functionality.

Wiring Closet 2.0

Most organizations are now in the Wiring Closet 2.0 era. As competition drove margins on edge switches into the single digits, the author states that vendors began to add services to a new breed of device. The new features on 2.0 switches created new ways for the vendors to compete on different (rb- and more profitable) fronts beyond price per port. Mr. Lippis argues enterprise trends are forcing IT executives to check projects, programs, and priorities as they seek to drive down Total Cost of Ownership (TCO) while extracting added value from their enterprise network. Business executives expect their IT departments to meet continually growing demands without significant year-over-year network expenditures. (rb– the ever popular more with less argument) The article says the new realities include new mixed traffic patterns and increased desktop bandwidth requirements for new applications, communications, and data center strategies.

Goddard rocket scientistSwitch vendors recognized these trends. They responded by developing a new type of wiring closet switch. Second-generation switches added significant functionality. The vendors’ goal is to transform the commoditized network edge (rb- low profit) into a strategic IT asset (rb- high profit). The blog says these new switches enable a host of new applications for Wiring Closet 2.0.

  • Quality of Service: Wiring Closet 2.0 switches tag applications like IP telephony and Unified Communications at access to guarantee priority throughout an internal network and active monitoring
  • Power Over Ethernet (PoE): Second generation, wiring closets distribute power over Ethernet cables. POE enables new classes of devices to be powered from the Wiring Closet 2.0. These demands include WLAN access points, video surveillance, and IP phones. As well as specialty devices such as health care instrumentation, point of sale devices and soon even laptops.
  • Security: The network edge Is the first level of defense. Network Access Control (NAC) and application policing have increased in importance. They are needed to protect the integrity of the network, data privacy, and compliance. Wiring Closet 2.0 switches integrate security features and the support of security appliances bolstering defense-in-depth strategies.
  • Wireless Local Area Networking: WLAN integration, which includes access point, PoE, and controller support, increases WLAN coverage. Further common network management interfaces streamline operational support for both wired and wireless networks.
  • Unified Communication (UC): UC support via PoE to power IP phones and UC end-points plus unique UC configuration profiles to ensure reliable and stable UC operation.
  • Application Intelligence: Application intelligence or the categorizing of applications as they enter the wiring closet and either mark them with QoS or discard the application. This enables application policing at the network edge.
  • Layer 3: Full layer 3 forwarding enabling all the value associating with routing including segmentation and aggregation are now included in some wiring closet switches.
  • Total Cost of Ownership: The network edge and wiring closet switches in particular have a TCO breakdown of 20% capital spend and 80% operational spend according to Gartner (IT). Mew wiring closet switches are more expensive from a capital acquisition point of view. However, their operational cost is lower. Thus, the total dollar spend over a three-year period will also be lower while delivering increased value to the enterprise.

Wiring Closet 3.0

The IT industry is on the verge of a new era at the network edge. New technologies and requirements will disrupt Wiring Closet 2.0.

  • 10Gbps Ethernet: 10Gbps Ethernet is the future of networking. If the past is a guide to the future, then over time more and more 1 Gbps Ethernet ports will upgrade to 10 Gbps. This will place a strain on wiring closet packet processing performance while driving up 10Gbps port density requirements plus downstream distribution and core switch capabilities.
  • Software-defined networking (SDN): The holy grail of SDN is to separate the network control plane from the data plane. The model I carry in my head is wireless networks. There is a central controller that tells the WAP’s what to do and they do their job without any help from the central controller. This implies that the network devices can be dumber and cheaper.
  • Network Management: Consistent network management means leveraging the same supplier for the network edge, distribution, and core.
  • True Layer 3 Support: To support all the above-mentioned trends and unforeseen applications, wiring closet switches need to support full layer 3 forwarding.
  • Support of UC, Mobility, and Security: This basis of competition is one of the most important attributes to the new network edge. Wiring closet switches need to support both standard interfaces and services for UC, mobility, and security so that mixed vendor solutions may occur.
  • IPv6: If you have wiring closets full of perfectly good Layer 2 switches, there’s no reason to replace them just because you can’t manage them with IPv6. If they work today, they’ll work until they break, and you don’t need to worry about (or budget for) swapping them out any sooner.

IPv6

IPv6

Dan Campbell, President, Millennia Systems, Inc. suggested in a recent CircleID post that to manage the move to an IPv6 enabled Wiring Closet 3.0. Organizations should strive to use theIPv6 dual-stack migration strategy. This is where IPv6 is added to the existing systems so they can simultaneously function with both IP versions. Tunneling and translation techniques should be used when the dual-protocol configuration is not possible. The mantra of “dual stack where you can, tunnel where you must” is the order of the day.

He advises that starting today, don’t buy another box unless it supports dual-stack operation or offers a clear, well-defined upgrade plan. It doesn’t matter if the manufacturer is “up and to the right” in the latest Gartner (IT) report; anything you buy from now on that is IPv4-only is a waste of valuable resources.

Mr. Campbell tells network administrators that while LAN switches function mainly at layer 2. They forward Ethernet frames regardless of whether the packet inside is IPv4 or IPv6. There are some functions on a switch that works at layer 3 or higher. They include:

• Dynamic ARP Inspection (DAI).
• DHCP Snooping.
• Multicast Listener Discovery (MLD) Snooping (the IPv6 equivalent of IGMP Snooping).
• Quality of Service (QoS) marking for upstream Differentiated Services treatment.
• Access Lists (e.g., VLAN or regular ACLs).

He explains that these features need layer 3 or upper-layer information; Layer 3 is needed to inspect the packet header or payload inside the Ethernet frame. These features may not be things you are doing now, but you never know when you will. Security requirements and hardening guidelines are recommending things like DAI, DHCP Snooping, and ACLs at the access layer.

The more streaming video gets moved to IP networks, the more the need for multicast. MLD Snooping is necessary to improve performance. Finally, the continued convergence of voice, video, and other rich media and interactive applications to IP networks is furthering the need for QoS. It is always best to mark traffic as close to the edge as possible.

Related articles

Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedInFacebook, and Twitter. Email the Bach Seat here.

Category: low voltage | Tags: , , , , , , , , ,
« Older Entries   Recent Entries »