IPv4 Exhaus�on And IPv6 Deployment
Carlos Mar�nez @Sint-Maarten Internet Week IPv4 • There are 4,294,967,296 IPv4 addresses (32 bits long) but not all of them can be used • Looks like a lot, right? But... World popula�on currently stands at just over 6 billion people • Mobile penetra�on 87%, Internet penetra�on 35% • We all normally use more than one IP address (possibly 4) • They don't seem to be that many now! Internet Number Resource Management
IANA
ARIN LACNIC APNIC RIPE NCC AfriNIC
ISP NIC.br NIC.mx ISP #1 LIRs/ISPs LIRs/ISPs
End users
ISP mx Evolu�on IANA’s central pool
120
100
80
60
40
20
0 1999 2000 2001 2002 2003 2004 2005 2006 2007 2008 2009 2010 2011 /8 RIRs IPv4 Exhaus�on
Source: Geoff Huston h�p://www.potaroo.net/tools/ipv4/ IPv4 Exhaus�on Phases One /22 once for One /22 The old Pre- every new every 6 “normal” exhaus�on member months
Source: h�p://www.lacnic.net/en/web/lacnic/agotamiento-ipv4 Current Evolu�on of LACNIC’s IPv4 Pool Historical Facts • 1983 Research network for ~ 100 computers • 1992 Internet is open to the commercial sector : – Exponen�al growth – IETF urged to work on a IP next genera�on protocol • 1993 Exhaus�on of the class B address space – Forecast of network collapse for 1994 ! – RFC 1519 (CIDR) published • 1995 : RFC 1883 (IPv6 specs) published – First RFC about IPv6 Emergent Measures • CIDR (Classless Interdomain Rou�ng) • Private Addresses (RFC1918) • NAT (Network Address Transla�on) – IPv4 Address Mul�plexing – Global IP <–> Private IP Transla�on – Global IP <–> Private IP + port (NAT-PT) • This measures gave us �me to develop and deploy IPv6 IPv4 exhaus�on consecuences • The sky won’t fall and the Internet won’t stop, but … • It will be harder to allocate con�guous address blocks (impact to rou�ng tables) • IPv4 more expensive and harder to get – IPv4 Transfers and addresses’ market (E.g. Microso� buying Nortel's legacy IP address space) – RIR’s IPv4 exhaus�on policies (i.e APNIC’s last /8, Gradual IPv4 Resource Exhaus�on) – IPv4 address alloca�on will be less equal • Restric�ons for growth and development on broadband and mobile networks Possible solu�ons • NAT (Network Address Transla�on), AKA: – Carrier Grade NAT (CGN) – Large Scale NAT (LSN) – NAT444 • IPv6 – **The** Solu�on !
Network Address Transla�on (NAT) • Allows sharing a single public IP address among several devices • Does not scale CGN
Home NAT
2801::12 Issues with NAT • When blocking one user's “malicious” traffic, we also risk block traffic from many “good” users. • In order to iden�fy which user accessed which services logging the IP address is no longer enough, we also need to log port numbers. • NAT “boxes” are limited in the number of simultaneous users they can handle. • Harder for Internet Content Providers (i.e. geoloca�on, sessions based on IP, etc.) • Port forwarding will become increasingly difficult to manage for users and ISPs (big impact for gamers for example) What is IPv6 Then ? What is IPv6 in one Page:
u IPv6 is a Network Protocol with many more addresses than IPv4: 340,282,366,920,938,463,374,607,431,768,211,456 available addresses. u With so many addresses we can overcome the shortage in IPv4 supply and continuing support the growth of Internet. u In IPv6 some tasks are simpler than in IPv4: (Auto- configuration, Renumbering, Multicast, IP Mobility, etc.) u IPv6 Enables Innovation. Particularly for applications without NAT Things that change in IPv6, And that are good to know:
u IPv6 addresses are represented by Hexadecimal numbers. Example: 2001:DB8:12FF:1231:FFB5::F9DA/64. u In IPv6 there is not Network Mask, only Prefix Length. u In IPv6 the header is always 40 bytes long, extensions are listed as “next header”. u In IPv6 there is no Broadcast, only Multicast. u In IPv6 there is no ARP or IGMP, ICMPv6 takes those jobs. u In IPv6 routers do not fragment, only Terminals. Path MTU Discover is Mandatory. Things that change in IPv6, that are good to know:
u IPv6 header does not include a checksum, so if designing software, UDP checksum is mandatory. u There are different types (reserved, unicast, multicast and anycast) of IPv6 Addresses and different scopes (global and link-local).
u Example:2001:13c7:7002:1::1 is a Unicast Global Address. fe80::217:f2ff:fe4d:a80e%en1 is a Link Local Address. u Typically a host has more than one IPv6 unicast address configured with the same or different scopes (plus the IPv4 address). IPv4 and IPv6 dual reference stacks
Application … layer DNS SSH SMTP HTTP
Transport UDP layer TCP …
IGMP ICMP ARP ICMPv6
Network layer IP (v4) IP (v6)
Data link / Ethernet PPP HDLC … physical layers IPv6 • 3.4 x 1038 IP addresses • 340,282,366,920,938,463,463,374,607,431,76 8,211,456 IP addresses!! • Some say that there are enough IPv6 addresses for each one of the “Sahara's desert grains of sand”. But … • IPv4-only devices can't “talk” with IPv6-only devices. • A translator is needed (addi�onal equipment, with addi�onal cost, etc.) • This translator device also breaks the communica�on model. • Both devices need to “speak” the same IP version Dual Stack • The best solu�on • Dual-stack devices can communicate with other dual-stack devices and with IPv4-only and IPv6-only devices. Why IPv6 is important • It is the only feasible way to grow the Internet • It will allow the Internet to grow open and as an engine of innova�on • It will create new opportuni�es on: – P2P Social-Networks, P2P Storage, P2P Clouds – Home Networking ICAv6 – IPv6 Adop�on in Our Region
• Top performers: 1. Ecuador 2. Brazil 3. Trinidad & Tobago 4. Cuba 5. Colombia 6. Peru The effec�ve deployment of the IPv6 protocol throughout the region has been one of LACNIC's constant driving forces since 2003. With this objec�ve in mind, more than 6000 technicians have received training through the various ac�vi�es that LACNIC has coordinated with the support of different stakeholders in every corner of its service region. The support provided to technical forums (FLIP6) shows the level of coordina�on and collabora�on achieved within the region, as does the work conducted with governments and other relevant bodies. Ques�ons?
Comments? CASA DE INTERNET DE LATINOAMÉRICA Y EL CARIBE
twi�er.com/LACNIC facebook.com/ LACNIC youtube.com/user/lacnicstaff gplusme.at/LACNIC
Thank you!