
ARIN Finally Runs Out of IPv4 Addresses - jgrahamc
http://www.networkworld.com/article/2985340/ipv6/arin-finally-runs-out-of-ipv4-addresses.html
======
lordnacho
If IP addresses are scarce, why does it not seem to cost me anything to get
one? I've had a bunch of online servers that came with a static IP, and an ISP
service that came with one, at various times. It seldom seemed to be
explicitly priced, and when it was the price was not really something worth
considering.

~~~
msbarnett
Because address allocation is inefficient and it is impractical to address
this inefficiency in IPv4.

ARIN is out but your ISP has extras. Why doesn't your ISP sell its extras,
since a scarce resource should have monetary value?

 _Routing tables_.

Selling individual IPs off piecemeal isn't practical because routers simply do
not have enough RAM to handle the enormous routing tables that would
resultantly be necessary in order for packets to find their destinations.

~~~
thaumasiotes
I have a hard time seeing how IPv6 solves this problem. If we allocate them
all individually, we have a world-shattering routing table problem. If we
allocate them in gargantuan blocks, we have the same problem we have now with
IPv4 -- we can't reallocate because routing becomes an impossible task. What
am I missing? We're certainly not going to get the allocation right by doing
it all at the beginning.

~~~
msbarnett
> What am I missing?

A few things.

There's only 4,294,967,296 addresses in IPv4, so if you hand out giant blocks,
you run out quite fast, whereas with
340,282,366,920,938,463,463,374,607,431,768,211,456 you could hand out huge
IPv4 /8 sized blocks from now until the heat death of the sun if you wanted
to.

But there's more to it than that. Right now only 1/8th of the IPv6 address
space is "assigned to the internet", so there's effectively 7/8ths being held
in reserve for the foreseable future -- this is partially to accommodate
realistic router memory limits in the near term. IPv6 also has a more
efficient hierarchical routing scheme than CIDR (which was kind of bolted on
to IPv4 after-the-fact), which helps keep router tables from consuming
terabytes of RAM. And IPv6 is designed to be more easily renumberable when we
_do_ make mistakes with assignments, with a clear separation between subnet
prefix all that requires is changing the routing prefix.

At the end of the day, with 340 trillion trillion trillion addresses, handing
out too many isn't ever going to be a big worry in the foreseeable lifetime
of...anything, really.

~~~
Sophira
The fact that only 1/8th is assigned to "the Internet" right now is worrying.
After all, we know how that worked out with the 240.0.0.0/4 range in IPv4 - it
was reserved for future use, but was never able to be used because by the time
it would have been useful, everything classed it as non-routable. It's a huge
swath of addresses that just can't be used.

~~~
dspillett
The only solution to that sort of thing is just to be bloody minded.

Make it known from the start that when the currently unallocated blocks are
needed they will be used, and if that breaks things for people who have used
them already that is their fault and their problem to fix.

~~~
Sophira
To be clear, I don't mean that 240.0.0.0/4 isn't able to be globally routable
because everybody's using it for their own private stuff. I mean that
240.0.0.0/4 isn't routable _at all_.

------
burtonator
We just did an internal migration to some ipv6 for some of our internal code
so we could communicate with sites that use ipv6...

Long story short, it was hard. Required custom lib recompilations, etc.

I don't have all the details but it was significantly harder than I originally
thought.

------
nwilkens
[https://www.arin.net/resources/request/ipv4_countdown.html](https://www.arin.net/resources/request/ipv4_countdown.html)
Looks like 9 /24's remain

~~~
astrodust
Considering there were once hundreds of millions kicking around and being
handed out like candy, having about two thousand left is basically nothing.

It's like saying the grocery store isn't cleaned out, there's still a single
jar of peanut butter left.

~~~
XorNot
My current company has maybe 100 left to sell virtual server hosting with.
Sometime in the next year this fact will reach management and we'll be going
on a harvesting spree to reclaim them from elsewhere. All of which is
ridiculous.

------
jcranmer
It's worth noting that APNIC, LACNIC, and RIPE all ran out of IPv4 addresses
years ago (2011, 2014, 2012, respectively). Although, by the definition of
exhaustion those organizations used (roughly "someone requested a block that
we couldn't fulfill), ARIN ran out seweral months ago.

What this announcement really amounts to is "we cannot give out anymore IPv4
addresses." ARIN lists just 9 /24 blocks. By contrast, RIPE bottomed out at
about .8 of a /8--about 6000 times the current ARIN IPv4 address pool. RIPE,
for example, hit its . By contrast, ARIN is at 9 /24s.

------
jwatte
Require payment of $1 per year per public IP, and suddenly wastrels like the
Apple class A will be available again...

~~~
msbarnett
IANA was allocating at a rate of 2 /8s _per month_ right before they ran out.

Recovering an /8 would take staggeringly more effort than it is worth in terms
of how little it fills existing demand.

There is no scheme that will make IPv4 work in the long-term. The mathematics
are very simple. You cannot fill demand for exponentially more than 4 billion
numbers with a pool of only 4 billion numbers.

~~~
jwatte
I think you mean /24?

~~~
km3k
Nope. They've been allocating at least several /24's per day even since
getting down to their last /8.

------
Fizzadar
While it's sad that there are so many large and unused blocks (Apple, DoD,
etc), whats worse is the disgraceful adoption of IPv6 by ISP's.

~~~
wlesieutre
Despite all the hate that Comcast (deservedly) gets, they do bring IPv6 to my
apartment. Good on them for being on the ball.

~~~
nadams
> Despite all the hate that Comcast (deservedly) gets, they do bring IPv6 to
> my apartment. Good on them for being on the ball.

Which would be great if everyone was running IPv6 - however my experiences is
that some IPv6->IPv4 tunnels break some protocols (like T-Mobile's IPv6->IPv4
tunnel - I have to use IPv4 because their tunnel appears to break SIP
connections. I'm not sure if they did that on purpose for suspect reasons. And
of course - they don't make this easy...).

~~~
MichaelGG
No, SIP is a terrible protocol so things will often break unintentionally. A
lot of NATs also try to "fixup" the breakage and make it worse.

~~~
nadams
> No, SIP is a terrible protocol so things will often break unintentionally.

I use Asterisk and I've never had random problems with SIP. All my problems
have been due to network (such as firewalls or network disconnected) or client
implementations. I've found this article which makes me laugh [1]:

> The solution is remarkably easy!

If it's so easy - why doesn't he create an RFC proposal for a SIP 2.0?

SIP isn't the only protocol that isn't flawless. FTP and VPN comes to mind.

But here is an article that states exactly what I said and experienced [2]:

> SIP works fine in either an IPv4-only or IPv6-only environment, but issues
> arise in a mixed environment.

[1] [http://www.talkingpointz.com/why-sip-
sucks](http://www.talkingpointz.com/why-sip-sucks)

[2] [http://www.networkcomputing.com/networking/can-sip-and-
ipv6-...](http://www.networkcomputing.com/networking/can-sip-and-ipv6-co-
exist/d/d-id/1233831)?

~~~
MichaelGG
Yes, FTP has an atrociously bad design. The difference is that SIP wasn't made
in the early 80s, so what's their excuse? VPNs typically do OK, except IPSec
because the IETF didn't want to admit that NAT existed (though I believe they
cleaned that up with an add-on and things are mostly fine now.) As an end-
user, hopefully your implementors have solved most problems for ya. As an
implementor, SIP is a curse. (HTTP, which SIP drew its nutty parsing rules
from, recently ditched the entire format in preference of a binary format. Not
related to the IP-embedding-galore that SIP added, but still interesting to
note.)

SIP does not "work fine" in an IPv4 only environment, as any NAT user will
attest to. It _can_ , by ignoring the RFC and hoping that no middleware gets
involved. (Middleware only gets involved because the RFC makes it a juicy
target.)

~~~
nadams
> VPNs typically do OK

Assuming the network administrator has configured his router for VPN pass
through [1].

> SIP does not "work fine" in an IPv4 only environment, as any NAT user will
> attest to.

Seems to work fine for me. The built in SIP client for Android works great in
IPv4 both NAT and non-NAT. However, it seems to have some issues with IPv6
(not surprised due to the lack of feedback on the Android bug tracker...).
Zoiper on the other hand will work through pretty much anything you throw at
it.

I'm not saying SIP is perfect - but my experiences with SIP have been
generally positive with Asterisk. Now I'm also in control of Asterisk and can
tweak the configuration - I'm sure a lot of canned SIP systems are completely
broken.

[1] [http://www.tp-link.us/FAQ-558.html](http://www.tp-link.us/FAQ-558.html)

------
0xCMP
For the normal users out there. What are the implications? Is this simply IPs
being reserved for servers on the internet?

~~~
ju-st
One implication is that you may not get a real IPv4 address anymore. So your
cable/DSL connection will be behind a Carrier grade NAT (
[https://en.wikipedia.org/wiki/Carrier-
grade_NAT](https://en.wikipedia.org/wiki/Carrier-grade_NAT) ) which breaks
applications and causes problems for your internet provider (technical
complexity), for software developers (implementation of workarounds for CGNs)
and for you, because you suffer the consequences.

Also, more expensive IP addresses raise the barrier to entry for new
competitiors, so your internet connection may get more expensive.

~~~
jwatte
The cost of entry argument is specious because everyone has the same variable
cost.

The real cause of lack of competition is the cost of physical access.

------
ck2
There are at least a million IPv4 not in use here:

[https://en.wikipedia.org/wiki/List_of_assigned_/8_IPv4_addre...](https://en.wikipedia.org/wiki/List_of_assigned_/8_IPv4_address_blocks#List_of_assigned_.2F8_blocks)

Possibly 100+ million.

What the frack does Halliburton need with 16 million IP addresses?

On that note, US Department of Defense apparently does not just consume most
of the US budget, it also consumes over 210 MILLION ip addresses.

There are also a quarter billion ip addresses in the E block, which is
probably easier to reprogram all routers than get all consumer devices to
support ipv6 properly.

~~~
mrbill
I was a sysadmin for a division of Halliburton for over a decade (until this
past January) and word came down the pipe that they were going to retire/give-
back 134.132.x (owned by Landmark Graphics subsidiary) and work on moving off
10.x in the next few years.

Keep in mind that a lot of these allocations were made in the 80s and 90s when
nobody worried about running out of IPv4 addresses; in addition I saw what we
paid to ARIN every year just to "have" 10.x and it was an insane amount (I
remember it being more than my yearly salary).

~~~
swinglock
You paid for using 10.0.0.0/8? Am I reading this correctly?

~~~
tedunangst
Possibly meant 11/8 which has been abused as an extension of 10/8.

~~~
mrbill
Typo; I meant 34.0.0.0/8.

