[ppml] Proposed Policy: IPv4 Countdown

[michael.dillon at bt.com]

> In the US we still do not know now if the increase in scooter 
> riding has
> greatly increased the number of fatal accidents and so on.  

It has here in London. One type is the scooter or bike rider who slams
into a lorry turning left in front of him. Translated, that means a
scooter or motorcycle rider who slams into a truck turning right in
front of them. Another type is the pedestrian who crosses the street in
slow traffic and doesn't look right before stepping PAST the car to
their right. Translated, pedestrian who crosses in slow traffic and
before stepping PAST the car to their left they don't check for a fast
scooter and get hit.

And then there are the scooter purse/bag snatchers.

When they started charging 5 quid a day (now up to 8 pounds a day) to
drive a car in Central London, nobody predicted these effects. They also
didn't predict that people would go to France, steal someone's licence
plates, come back home and use these foreign plates to avoid paying the
8 pound fees.

However, all these urban issues are different from what we face with
IPv4 wind-down. Any US city that cares to can look at London's
experience and learn from it. Urban issues tend to be like that, i.e. a
few pioneers and many followers and adapters. But IPv4 wind-down is a
global issue. There is only one chance to do the right thing and no
chance to correct mistakes. Fortunately, IPv6 exists as a sort of plan B
in case of any screw-ups with IPv4.

Most people don't understand IP addressing very well. There is too much
talking and thinking as if these addresses are substantial things that
you can buy, own, sell, etc. In fact, they are so unsubstantial that you
can manufacture them as needed using tools such as NAPT. A single IP
address on the NAPT gateway can thus serve many manufactured IP
addresses on your network. Although it is customary to use 10/8 for the
manufactured addresses, you can generally get away with selecting them
at random. There is nothing to stop you from using addresses that are
registered to other companies in ARIN's database. A few years ago I
worked for a company that built a global IP network using addresses
ranging from 1/8 to 7/8. They didn't even bother supporting CIDR on this
network and nobody ever tried to stop them from doing this. More
recently they started using 126/8 addresses. Recently this /8 was
allocated to a Japanese company but since the folks who "borrowed" 126/8
don't need to talk to customers of this Japanese broadband provider,
they will continue to use 126/8.

That's just my own personal and rather limited experience. I'm sure that
others, especially those whose work involves consulting for many other
companies, are aware of many more such situations. Another area where
IETF technology supports IP address manufacturing is MPLS VPNs. Have a
look at RFC 2547 section 4.1.

Maybe I should say that manufacturing IPv4 addresses leveraging tools
like NAPT and RFC 2547 VPNs is plan B, and IPv6 is plan C.

And then there is the Application Layer Gateway. Back in 1995 when I
hooked my home up to my first 24/7 Internet connection, it was a FreeBSD
server running the TIS firewalls toolkit. This was an application layer
gateway which means that for each application wanting to communicate
there was a proxy which would actually pass the data through. For
instance it would emulate a web server when talking to my browser and
manage its own connection to the real web server as an emulated client.
In effect, the IP addresses of my home network were not used at all on
the Internet. This concept can also be used to allow hosts on an IPv6
network to communicate with an IPv4 network. For that matter, if you
care to program it, this technique could also allow Apple Localtalk
connected hosts to communicate with the Internet. I remember setting up
something like this on that gateway many years ago.

So in reality, NAPT and MPLS VPNs are the plan B, ALGs are the plan C
and pure IPv6 is actually only plan D.

With so many safety valves, what is the point in doing anything
different while the IPv4 address space winds down?

--Michael Dillon