[ppml] My view on IPv4 (was: Re: IPv4 wind-down)

Tue Apr 3 06:42:50 EDT 2007

On 3-apr-2007, at 5:54, Michel Py wrote:

> Hi Iljitsch,

Hey Michel! IETF meetings aren't the same without you.  :-)

>> It will be the kind of NAT where a service provider puts 10,
>> 100 or even 1000 customers behind a single IP address, and
>> the number of usable TCP ports starts being a problem.

> This is not as bad as it appears. I have some customers with 100 to  
> 300
> PCs out of a single IP and I never saw the number of simultaneous  
> ports
> above 1K out of a possible 64K.

Isn't TCP TIME_WAIT 240 seconds? That means that you get to set up  
64k / 240 = 273 new TCP sessions per second. When browsing the web,  
you can easily create several new sessions per second for short  
periods. Depending on the activity of the users, I'm expecting  
problems to occur somewhere between 100 and 1000 users behind a  
single IP address.

>> and hence any applications that are more complex than client-server.

> As long as 95% of the users are ok with that, there is no problem.  
> What
> does Joe User care? Email, surfing, P2P, and Skype. The same way
> applications have been made NAT friendly, they will be made 2xNAT
> friendly.

And then 3x, 4x? At some point, IPv6 will start looking attractive.  
The simplest way to overcome NAT problems is to get IPv6 through it  
and have the applications use IPv6. Microsoft is already doing this  
for some peer-to-peer stuff.

>> We need the water to boil at some point so the frog jumps out.

> I agree, but I project that 10K hosts behind a /28 and possibly /29  
> NAT
> pool will cause no major issues, therefore the water is not going  
> to get
> hot any time soon. Emerging markets in countries that don't have  
> enough
> IPv4 will not be made of geeks who want their own IP address, and  
> double
> NAT will remain the solution in a world where not having v4 is not an
> option.

Double NAT will happen for exactly that reason, but my point is that  
even though that addresses important needs, it's not enough to  
address ALL needs.

Currently, the cost of adding IPv6 to a network is relatively high  
because IPv6 is not as well-supported as IPv4 in hardware, software,  
supporting tools and by people, and the benefit is very limited  
because few others use IPv6. The cost of adding NAT is low because  
it's extremely common already and workarounds are in place to make it  
work reasonably well, while the benefit is large because you get to  
talk to nearly the entire IPv4 world.

When the remaining number of IPv4 addresses isn't large enough to  
honor the requests for 250k+ address blocks that larger ISPs make,  
the cost of IPv6 will be lower and keep decreasing because IPv6 will  
have much better support than it has now, while the benefits increase  
as more and more people adopt IPv6. For NAT, it's the other way  
around. Multiple layers of NAT need more and more complex  
workarounds, and the benefits decrease as more and more users/ 
applications fail to work through increasing levels of NAT.

So at some point, the cost/benefit ratios that now favor NAT over  
IPv6 will reverse and IPv6 will become more attractive than adding  
more NAT on top of what's already there by then.

Additionally, as the IPv4 stash depletes and the cost/benefit trends  
become clear, people will plan ahead and will be more inclined to  
bite the IPv6 bullet a bit sooner rather than wait until the bitter  
end because they come to realize that IPv6 is inevitable.

Note though, that we're not at that point yet. Although I think it's  
rather unlikely, it's still _possible_ that the IPv4 address usage  
will break the current trend and we can make IPv4 last for much  
longer than we anticipate today. If we manage to reduce the number of  
IPv4 addresses given out per year by 11% every year, we can make the  
remaining IPv4 address pool last indefinitely.

I think the psychological point of no return will be reached when the  
number of addresses left in the  IPv4 pool is equal to or lower than  
three times what was used in the previous year. If we stabilize at  
170 million addresses/year we'll reach that point in late 2011. If 57  
million per quarter (228M/yr), like 2007 so far, is the new trend,  
we'll reach the "three years left" point in late 2009.

(However, if the number of addresses per year keeps going up, the  
time between "three years left" and "all out" will be less than the  
expected three years.)

>> In other words: the running out of IPv4 space is a
>> necessary requisite for wide scale IPv6 adoption.
>> Without it, nothing is going to change.

> If your goal is IPv6 deployment, I agree. I would point out though  
> that
> most businesses and users are not IPv6 evangelists,

My goal isn't IPv6 deployment (although I'm not dead set against  
seeing a thriving market for IPv6 consultancy...) but having the  
internet work as well as it can for years to come. This means  
adopting IPv6 at exactly the right time: too soon, and it's too hard  
and too expensive, too late, and lack of IPv4 address will get in the  
way of communication over the internet.

>> Therefore, any policy that seeks to artifically avoid running out
>> is harmful because it perpetuates an address starvation model.

> And any policy that seeks to artificially accelerate the running  
> out is
> suicide,

Which is certainly not something I favor. Two considerations. First,  
an IPv4 address sitting unused in a RIR or IANA database isn't of any  
use, so we should continue to make them available to end-users while  
supplies last. Second, the most important thing is predictability. If  
people can see that the number of available IPv4 addresses goes down  
consistently, they can plan around that and be ready in time. If it  
happens sooner than expected, many people will be in trouble, and  
restricting the flow of IPv4 addresses makes life in IPv4 harder  
without providing a push to move to IPv6, maximizing the pain.

>> - it's unfair that more than 50% of all IPv4 address space
>> is held by US entities which then get to make a lot of money
>> from them, while the developing world holds next to no address
>> space and would have to buy it from richer countries.

> Making money has never been about being fair.

Since when is this a discussion about making money? If that's what we  
want, let the RIRs increase their fees by a factor 10 or so.