IPv4 Comes to an End

Cesar Diaz!cesar@lacnic.net!

Addressing in the Internet

•  Devices on the Internet need to have unique addresses in order to be reachable from each other – We have long put up with NAT, which up to a point

subverts this principle •  Address allocations are made hyerarchically

–  IANA -> LACNIC -> [your ISP here]

IPv4

•  There are 4,294,967,296 IPv4 addresses (32 bits long) but not all of them can be used!

•  Looks like a lot, right? But... World population currently stands at just over 6 billion people!

•  Mobile penetration 87%, Internet penetration 35%!

•  We all normally use more than one IP address (possibly 4)!

•  They don't seem to be that many now!!

Internet Number Resource Management

IANA  

ARIN  

ISP  

End  users  

LACNIC  

NIC.br  

ISP  br  

NIC.mx  

ISP  mx  

ISP  #1  

APNIC  

LIRs/ISPs  

RIPE  NCC  

LIRs/ISPs  

AfriNIC  

Historical Facts

•  1983 Research network for ~ 100 computers!•  1992 Internet is open to the commercial sector : !

– Exponential growth!–  IETF urged to work on a IP next generation protocol!

•  1993 Exhaustion of the class B address space!–  Forecast of network collapse for 1994 !!– RFC 1519 (CIDR) published!

•  1995 : RFC 1883 (IPv6 specs) published!–  First RFC about IPv6!

Evolution of the IPv4 Pool

•  Remember!–  IANA!

•  IANA assigns** /8 blocks to the RIRs!– The RIRs!

•  Assign blocks of varying sizes to their member organizations!

•  Members which are in turn ISPs then assign space to their customers !

Evolution of the IPv4 Pool

•  Run-out dates:!–  IANA ran out of free /8 blocks in January 2011!– APNIC was the first RIR to run out of IPv4 later in

2011**!– RIPE NCC ran out of IPv4 in 2012**!

•  Expected run out dates:!– LACNIC is expected to run out of IPv4 between

May and July of 2014 - DONE!

Evolution of the IPv4 Pool

Some%me  between  May  and  July  2014  

IPv4 Exhaustion

•  IPv4 resource management is governed by policies!– These policies are created and approved by the

community through a bottom-up process!– LACNIC acts as the steward of this process and

applies the policies for managing resources!•  Before runout time addresses are assigned

according to a needs-based set of criteria!•  Does IPv4 exhaustion mean that the free pool

reaches zero ? NO !

IPv4 Exhaustion

•  When the aggregated free pool reaches the equivalent of a /11 (~2 million addresses), new policies come into effect!

•  What follows is a two-tiered phase!– Soft-landing period!– Resources for new entrants!– Final exhaustion !

•  IPv4 assignment ceases to be needs-based!– Even if an organization justifies need, only a fixed

size prefix will be allocated!

Soft Landing

•  The first period after exhaustion is the soft landing period!

•  A /12 is available for soft landing!•  New or existing organizations can get up

blocks up to /22 in size every six months if properly justified!

•  This means!– Up to a single /22 (1024 addresses) every six

months!– 1024 blocks available !

New Entrants

•  After the soft-landing pool is exhausted, a second /12 is made available exclusively to new market entrants!

•  Every new organization will be able to request up to a /22 every six months !

THE WAY FORWARD – IPV6

So… What Next ?

•  Some argue you can take a pill and keep doing business as usual!– The pill known as carrier grade NAT !

•  But the rest of the world seems to be agreeing that the way forward is via IPv6!

•  There is good, bad and ugly in all this!•  Let’s take a look at both!

The Good: An End-to-End Network

•  Every device talks freely to each other. Almost no middleboxes, except at the very edge of the network!

The Bad: A CGN-”enabled” Network

•  Devices communicate via middleboxes almost always!

The Bad: Network Address Translation

•  Allows sharing a single public IP address among several devices!

•  Does not scale!

2801::17  

CGN  

Home  NAT  

(Some) Issues with NAT

•  When handling security!– When blocking one user's “malicious” traffic, we also

risk block traffic from many “good” users.!–  In order to identify which user accessed which

services logging the IP address is no longer enough, we also need to log port numbers.!

•  When scaling!– NAT “boxes” are limited in the number of

simultaneous users they can handle.!– Harder generally harder for Internet Content Providers

(i.e. geolocation, sessions based on IP, etc.)!

(Some) Issues with NAT

•  With service quality!– Port forwarding will become increasingly difficult

to manage for users and ISPs (big impact for gamers for example)!

– Service calls will go up!– The CGN box becomes a single point of failure!

•  This means!– Service quality as perceived by users will

deteriorate!–  ISPs costs will increase in the long run!

The Good: IPv6

•  IPv6 with its 128 address space solves all our addressing needs for the foreseeable future!

•  2ˆ128 IP address or 3.4 x 10ˆ38!•  (340,282,366,920,938,463,463,374,607,431,768,

211,456 IPs) !•  Restores the end to end nature of the Internet!

–  This means no single points of failure, no accidentally filtering out innocent users, etc.!

•   So why hasn’t the world done it already ? !– A long story!– However, IPv6 is being deployed as we speak !

IPv6 Deployments

•  Content providers:!– Google, Facebook, Yahoo! and several CDNs

have deployed IPv6!•  Access providers:!

– USA: Comcast, T-Mobile!– Europe: Free.fr!–  In our region: Telefónica Perú!

Global IPv6 Traffic

•  As seen by Google!

Global IPv6 Traffic

•  What happens if you enable IPv6 to an otherwise unsuspecting group of users ? !

•  Between 15% and 40% of your traffic will be over IPv6!

•  This means!– This portion of traffic will not need NAT!– This portion goes up as more and more networks

deploy IPv6!

The Ugly: We will need a bit of NAT

•  Sadly, we as a community have ignored this for so long that some form of NAT will be needed!

•  By the time IPv4 is completely exhausted there still will be a lot of IPv4-only content out there!

•  Our users, even if on IPv6, will want to access it!

The Ugly Network of the Future

•  Hopefully only for the immediate future!!

IPv4-­‐only  host  

IPv6-­‐enabled  host  

FINAL CONCLUSIONS

On IPv4 Exhaustion

•  IPv4 will run out for our region during 2014, our estimate is between May and July!

•  After exhaustion, the policies governing the remaining stock will be radically different!

•  Networks will need to keep growing nevertheless, so investments will need to be made!

On Carrier Grade NAT

•  No, it’s not a magic pill!•  No, it’s not business as usual!•  It is going to be expensive, and it will be an

investment without much return on it!

On Transition to IPv6

•  It’s the only path forward with a future!•  The rest of the world is deploying it!•  It also will be expensive, but the costs tend to

go down as deployment progresses!

THANK YOU!