I only skim the NANOG (North American Network Operators Group) list so this may or may not be helpful.
It seems one of the big problems is the memory required to store routing tables in big routers. Assume you have ISP1 with the addresses 1.1.0.0/16 or 65K addresses that they allocate among their subscribers. The rest of the internet can route all of their traffic to them with one route statement. Now, assume that they subnet that out to 256 companies that have 256 addresses each. If it turns out that one of those companies only needs 1 address, they're wasting 255. BUT, the only people they can feasibly give them to are other companies served by ISP1. If they were to try and assign the unused addresses to a customer on ISP2, the rest of the internet would have to add a new route for that specific customer. If every ISP did that, we'd double the size of the routing tables. It's not like there's 4 billion addresses that are being doled out in a haphazard and we can just throw a few back in the bucket. There's an attempt to aggregate them to geographically close locations. I'm sure I've glossed over a lot of details, and I realize some of the math is a "bit" off, but I hope you get my point. From: James Hill [mailto:james.h...@superamart.com.au] Sent: Monday, February 07, 2011 3:54 PM To: NT System Admin Issues Subject: RE: [semi-OT] Last IPv4 address blocks assigned >> And what do you propose happen with the rest of the traffic that these >> organizations send to each other? They have multiple external addresses, so some can be Nat'd and some not. Sheesh, why is this so damn hard? And don't use "scale" as an excuse. Bigger shops have more technical people, they have bigger budgets etc. >> So, you're sure that IPv6 is unsuitable in a majority of situations for most >> organizations, but you're equally sure that conveniently unnamed commercial >> devices are able to handle the level of traffic required for large >> organizations and universities? I never said it is unsuitable in a majority of situations, where did you get that from? IPV6 is essential there is no question about that. ISP's and the backbone providers handle more traffic than universities surely? So yes I think it's fair that devices exist that handle the level of traffic. . For example, Telstra is Australia's largest ISP and telephony provider. Customers who have a mobile data plan do not receive a public IP, they are issued with a private IP. They would have hundreds of thousands of customers on this part of their network so there is obviously some equipment managing this task. I don't *know* what devices they are using so I can't name them, but they are obviously using something capable. >> Are you sure that you actually understand the nuances of the issues being >> discussed? Yes I believe I do. >> By whose account is it *excessive* ? Do you want someone coming and >> telling you that something that you went out and obtained legitimately must >> be taken away in order to be fair to someone else who wasn't even around at >> that time? If a resource is limited and there are those who have excessive amounts (the figures already mentioned in this topic show that they are excessive, they have so many spare that they are wondering if they can sell some) then yes taking some back may be an option. We've seen this in other spaces, power and water for example and many would argue that internet is just as critical these days(even though I personally think that's a bit crazy). >> How should they manifest this caring spirit that you feel they don't have? >> By giving up addresses to whom? You can't be serious? Hand them back to ever allocated them in the first place so that they can then be allocated to whoever needs them. >> Can you even articulate who it is that is in need of these addresses but >> can't get them? How is this also not blindingly obvious? ANYONE that needs an address. At the end of the day IPV6 is the answer. I'm not disagreeing with that in any shape or form. What I've been trying to convey is that the IPV4 space could have lasted longer. That there are organisations that have far more than they ever needed and that this has impacted other organisations unfairly imo over the last few years. James. On Mon, Feb 7, 2011 at 1:05 AM, James Hill <james.h...@superamart.com.au<mailto:james.h...@superamart.com.au>> wrote: NAT doesn't work for all things. > No of course not but that's not an excuse for it to not be used. Surely it > can be used for the majority of traffic? Universities also have the type of applications that simply exceeded the capabilities of most commercial network devices. When I worked at a Uni, AARNET was already in the gbps speed, and that was quite a while ago. > I highly doubt that there aren't commercial devices that can handle this now > and for the last several years. ISP's had to be using something all these > years. Because they don't have to. You're not any more entitled to the space as the next person. > This is the REAL issue. They don't have to so they don't care. They were > allocated excessive IP's and so they never had to design their networks in > any other manner. IPV6 may have been around for a long time but it wasn't suitable for use 10 years ago or even now in some cases. > Because it wasn't the standard and everything that goes along with that. > Apps, operating systems etc that just didn't support it and some that still > don't. If it was the way to go why didn't uni's implement it solely 10 years > ago? Lastly, a Class C is only 256 addresses. In Australia (I used to work at UNSW), we have Unis that have 10,000+ staff, and 30,000+ students. That's bigger than most companies, and most ISPs. A Class C (256 addresses) would simply be way too small for that type of organisation. FWIW we had two Class Bs. > I'm not denying that it isn't a big network and that there isn't a > requirement for more public IP's. But even then not all of those staff and > students are active on the network at the same time. It's also clear (as per > Jack's email) that many of the public IP's are NOT in use. Huh? What are you talking about. This isn't a problem for the Uni. It's a problem for the majors at peering points. CIDR (for example) doesn't work unless there's a hierarchical address space. > You'll need to explain where you are coming from on this one before I can > comment. In particular who you regard as majors/peering points. James. -----Original Message----- From: Ken Schaefer [mailto:k...@adopenstatic.com<mailto:k...@adopenstatic.com>] Sent: Monday, 7 February 2011 2:38 PM To: NT System Admin Issues Subject: RE: [semi-OT] Last IPv4 address blocks assigned NAT uses ports - there's a limit of about 65,000 of those per NAT device. And why should Universities have to configure NAT? We've had IPv6 for 10+ years now. Maybe people should get around to migrating. Getting some IP address space back from a Uni is going to postpone the problem by a day or two at most. And lastly, there's the complexity of routing. You can't just take random bits of address space hacked out from existing netblocks and efficiently put them into routing tables. Cheers Ken -----Original Message----- From: James Hill [mailto:james.h...@superamart.com.au<mailto:james.h...@superamart.com.au>] Sent: Monday, 7 February 2011 11:30 AM To: NT System Admin Issues Subject: RE: [semi-OT] Last IPv4 address blocks assigned It's always amazed me that universities don't seem to know how to configure NAT. If all of the uni's and big businesses that have ridiculous amount of public ip's learned how to use NAT then the V4 space would have lasted longer. It would have been easier for organisations that actually needed more public IP's to get them too over the last few years. -----Original Message----- From: Kramer, Jack [mailto:jack.kra...@ur.msu.edu<mailto:jack.kra...@ur.msu.edu>] Sent: Saturday, 5 February 2011 1:20 AM To: NT System Admin Issues Subject: Re: [semi-OT] Last IPv4 address blocks assigned Ouch! I would say at least 30,000 to 40,000 user machines plus things like servers, HPCC farms, appliances, and VMs. We have a student population of about 47,000 plus about 11,000 staff, though not all of those users are on campus at any given moment. There's no NAT on campus so unless you set up a NAT device yourself you're going to get a public IP. Our dormitory population is about 18,000 - each of those machines receives an IP from the dormitory DHCP range, which is protected by the campus border firewall/IPS. Wireless machines also receive externally facing IPs but are shielded by the border systems as well. (And, of course, lots of students have wireless laptops or things like iPods, etc.) Staff machines can either be DHCP or static; static addresses are publicly accessible by default while DHCP ranges are protected by the border unless requested otherwise. Obviously not every student is online at any given moment, but their IP reservations are protected by the campus DHCP servers for something like 3 months from last activity - just long enough that you have to get a new reservation when you come back from summer break. The campus backbone network is where things get interesting - we've just been upgraded to 10Gb for building interconnects with most buildings at 1Gb internal networking and our fibre network extends into some areas of downtown Lansing (the local hospital, for instance) as well as to some of our satellite sites around the state. It's a big network, even if my little departmental piece of it isn't so vast. ---- Jack Kramer Computer Systems Specialist University Relations, Michigan State University w: 517-884-1231 / c: 248-635-4955 On 2/4/11 9:57 AM, "Martin Blackstone" <mblackst...@gmail.com<mailto:mblackst...@gmail.com>> wrote: >50 > >-----Original Message----- >From: Crawford, Scott >[mailto:crawfo...@evangel.edu<mailto:crawfo...@evangel.edu>] >Sent: Friday, February 04, 2011 6:55 AM >To: NT System Admin Issues >Subject: RE: [semi-OT] Last IPv4 address blocks assigned > >out of curiosity, how many computers does that serve? > >________________________________________ >From: Kramer, Jack [jack.kra...@ur.msu.edu<mailto:jack.kra...@ur.msu.edu>] >Sent: Friday, February 04, 2011 8:13 AM >To: NT System Admin Issues >Subject: Re: [semi-OT] Last IPv4 address blocks assigned > >The nice thing about being at a public university - 520,000 IP addresses. >(Michigan State has 35.8 through 35.15.) I wonder if we can sell them? >It'd help make up for state budget cuts. > >---- >Jack Kramer >Computer Systems Specialist >University Relations, Michigan State University >w: 517-884-1231 / c: 248-635-4955 > > > > >On 2/3/11 5:43 PM, "Ben Scott" ><mailvor...@gmail.com<mailto:mailvor...@gmail.com>> wrote: > >> It's official. Today (Thr 3 Feb 2010), IANA delegated the last free >>IPv4 address blocks to the Regional Internet Registries. There are no >>free blocks left. >> >>http://arstechnica.com/tech-policy/news/2011/02/river-of-ipv4-addresse >>s >>-of >>ficially-runs-dry.ars >> >> It will doubtless take a little time for those blocks to trickle >>down to actual network operators. And, of course, just because >>address space is assigned doesn't mean it's used; some "idle" blocks >>may be released or even sold. >> >> But any which way you slice it, the writing on the wall is clear: >>Getting public IPv4 addresses is going to become increasingly >>difficult. >> >> Welcome to IPv6. Hope you brought your helmet. >> >>-- Ben ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com<mailto:listmana...@lyris.sunbeltsoftware.com> with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com<mailto:listmana...@lyris.sunbeltsoftware.com> with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
