[governance] Why IPv4 address depletion matters (was Re: Reinstate...)

Norbert Bollow nb at bollow.ch
Mon Nov 26 17:12:29 EST 2007 

McTim <dogwallah at gmail.com> wrote:

> On Nov 26, 2007 4:20 PM, Norbert Bollow <nb at bollow.ch> wrote:
> > Veni Markovski <veni at veni.com> wrote:
> >
> > > Of the many issues around the Internet, the DNS and esp. the IP
> > > addresses are not on the priority list of anyone except people with
> > > some commercial interest, scientific researchers, professionals. The
> > > end user does not care about them.
> >
> > Possibly because they are not informed about how any mismanagement of
> > these resources contributes, or is likely to contribute in the future,
> > to problems that are truly painful for them.
> 
> Are you saying that there is mismanagement currently, or are you
> referring to the classfull allocation era?

I think that mismanagement exists right now with regard to preparing
for the transition to IPv6.

For example although Switzerland has an "IPv6 Task Force" website
with a wonderfully comprehensive supposed organigram of that "IPv6 Task
Force", that "IPv6 Task Force" doesn't really exist anymore in reality.
There are no activities and no-one is in charge.

This kind of situation is IMO a clear indication of mismanagement, and
while I don't know anything definitive about other countries, I'd be
very surprised if this kind of problem exists only in Switzerland.

> > > That actually is the big pain of some people here - that regardless
> > > of what they say, and how loud, the users still don't care about
> > > ICANN, but about how much they pay for what kind of service.
> >
> > In my opinion, price of internet access cannot really be discussed
> > independently of the question of economics of how having internet
> > access will result in sufficient economic value creation that the
> > infrastructure costs can thereby get paid for.
> >
> > Now the problem with IP address depletion is that unless progress is
> > made with the transition to IPv6, there will in a few years be two
> > fundamentally different types of internet access.  "Consumer" internet
> > access will be behind several layers of NAT, which allows to "surf
> > the web", use email, etc, but which does not make it possible for
> > businesses to allow customers to interact with their IT systems.
> 
> Unless they use a web interface.  I must be missing smt, why do you
> need a public address for this?

How do you set up even a simple HTTP-based web interface if the entire
geographic area where your company happens to be located is behind
several layers of NAT each designed to facilitate only "consumer" web
access, without any support for accepting remotely-initiated connections?

Things get even more difficult when you start thinking about security
and the only "secure communications tool" that the company's customers
know to use is their web browser's built-in HTTPS support...

> In
> > economically underdeveloped areas, only this kind of internet access
> > will be available at all, making the already now difficult problem of
> > economic development in such areas even worse.
> 
> Again, I'm not getting you.  Are you talking about economically
> underdeveloped areas in developed countries or economically
> underdeveloped regions of the world.

Primarily the latter, although I'm not totally sure that the kind
of danger which I think exists in so-called developing countries
cannot also affect some of the more remote parts of industrialized
nations.  

> If the former, well a market may develop in IP addresses at some
> point,

IMO, if we reach that kind of scarcity of IPv4 addresses, the
transition to IPv6 has been severely mismanaged.

BTW, if that occurs, I'm also concerned about routing table growth.

> so that there may be tiered accounts offered by ISPs (with the
> cheaper NAT accounts likely being taken up by customers with less
> disposable income).

Yes, exactly.  In geographic areas that are inhabited almost
exclusively by such "customers with less disposable income", only
the NAT accounts will be available.

> This market is not likely to last very long, as IPv6 deployment will
> surge as address space declines

Can you explain the precise economic machanism which will (in your
opinion) make IPv6 deployment surge?

In my opinion it is the worst aspect of the mismanagement of the
transition to IPv6 that the economic aspect of the problem has
generally not been thought through carefully enough.

> If the latter, as I have mentioned before, the 2 youngest RIRs have
> the slowest rate of address "usage", so Africa and Latin America may
> have IP addresses to give away long after the USA and EU run out.

Isn't it much more likely that the decision-makers in Africa and
Latin America would agree, due to pressure and/or by some form of
bribery, to a policy proposal like the following?

http://www.ripe.net/ripe/policies/proposals/2007-09.html

> Another complicating factor is that when the IANA runs out of IPs, the
> RIRs will still have them for a period, When the RIRs run out, LIRs
> will still have them for a period.  This period could be days months
> or even years.

I agree that this extra time exists, but that doesn't change my
concern that's really high time now to fix the problems with the
IPv4->IPv6 transition.

Iljitsch van Beijnum has a proposal which I think goes in the right
direction:

http://www.ietf.org/internet-drafts/draft-van-beijnum-modified-nat-pt-02.txt

However considering that it will take significant time to discuss the
remaining technical details, reach consensus, implement and deploy,
IMO we're really uncomfortably close to IPv4 address space exhaustion
already.

> By contrast, there
> > are enough IPv4 address numbers that businesses in economic centres
> > and in the rich countries will always be able to get fixed IP addresses
> > for their webservers.
> 
> If a market develops, probably.  But why do you need a public IP
> address per serever?  That's very old school thinking,  You can run
> many many webservers using 1 IP.

Except perhaps when someone gets enough traffic to a single site
that they host the site on multiple machines with load-balancing,
I cannot imagine anyone running multiple webservers (I mean, several
physical machines, not "domains" or "sites") without giving these
hosts at least one public IP address each.

Then there is the issue that HTTPS needs a separate public IP
address for each site.  (The reason is that HTTPS is simply HTTP
over TLS, so the server presents its certificate when the connection
is established, when it knows only the IP address and port number
used to contact it, but it hasn't yet seen the Host: header.)

> > I believe that in principle, the internet could help a lot to create a
> > "digital opportunity" in those regions of the world which are currently
> > suffering from lack of economic development.
> 
> very true!
> 
> > However, I think that it is quite possible that this digital
> > opportunity may be lost to a significant extent due to not paying
> > enough attention to the IPv4 address depletion issue.
> 
> What do you propose?

1. We should do what we can to move specification and implementation
   of "Modified NAT-PT" (the Internet-Draft that I mentioned above)
   forward as quickly as possible.

2. Governments should check whether their national "IPv6 Task Force"
   or equivalent is alive and well and preparing responsibly for
   facilitating an orderly transition to IPv6.

3. They should also make significant funds available as developmental
   aid for poor countries in the form of investment incentives to
   create good dual-stack IPv4+IPv6 infrastructure.

Greetings,
Norbert.


-- 
Norbert Bollow <nb at bollow.ch>                      http://Norbert.ch
President of the Swiss Internet User Group SIUG    http://SIUG.ch
Working on establishing a non-corrupt and
truly /open/ international standards organization  http://OpenISO.org
____________________________________________________________
You received this message as a subscriber on the list:
     governance at lists.cpsr.org
To be removed from the list, send any message to:
     governance-unsubscribe at lists.cpsr.org

For all list information and functions, see:
     http://lists.cpsr.org/lists/info/governance

More information about the Governance mailing list