Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

Advertise on LowEndTalk.com
Are we using IPv6 addresses wisely?
New on LowEndTalk? Please read our 'Community Rules' by clicking on it in the right menu!

Are we using IPv6 addresses wisely?

elgselgs Member
edited June 2015 in General

I understand IPv6 addresses are effectively much much more than we need, or we can imagine. However, I'm somehow confused the way we are spending them today. It's not uncommon for a server provider to provide tens, hundreds, or even more IPv6 addresses per server. Do we really need that many? Think about the way we use IPv4 addresses, 127.0.0.0 is totally wasted, it's about 16.7 million addresses, also 169.254.x.x. I don't have much knowledge about IPv6, yet. So what I said above might be totally wrong.

«1

Comments

  • A standard IPv6 subnet is a /64 which is 18,446,744,073,709,551,616 seperate IP addresses. The reasoning for this is, and I quote from RFC 5375 – IPv6 Unicast Address Assignment Considerations

    "Using a subnet prefix length other than a /64 will break many features of IPv6, amongst other things Neighbor Discovery (ND), Secure Neighborship Discovery (SEND) [RFC3971], privacy extensions [RFC4941], parts of Mobile IPv6 [RFC4866], PIM-SM with Embedded-RP [RFC3956], and SHIM6 [SHIM6]. A number of other features currently in development, or being proposed, also rely on /64 subnet prefixes.

    Nevertheless, many IPv6 implementations do not prevent the administrator from configuring a subnet prefix length shorter or longer than 64 bits. Using subnet prefixes shorter than /64 would rarely be useful; see Appendix B.1 for discussion.

    However, some network administrators have used prefixes longer than /64 for links connecting routers, usually just two routers on a point-to-point link. On links where all the addresses are assigned by manual configuration, and all nodes on the link are routers (not end hosts) that are known by the network administrators do not need"

    www.ReThinkVPS.com - Founded 2010

  • Summury of OP's post:

    omg omg we're going to run out of the 18,446,744,073,709,551,616 available IPs, omg omg omg omg omg omg omg

  • ricardoricardo Member
    edited June 2015

    well we only need 2^63 more devices and that's a distinct possibility!

    Thanked by 2rm_ deadbeef
  • TACServersTACServers Member, Provider
    edited June 2015

    Ill quote rednectar.net/2012/05/24/just-how-many-ipv6-addresses-are-there-really/

    Given that the first 3 bits of a public IPv6 address are always 001, giving /48 allocations to customers means that service providers will only have 2^(48-3) or 2^45 allocations of /48 to hand out to a population of approximately 6 billion people. 2^33 is over 8 billion, so assuming a population of 2^33, there will be enough IPv6 /48 allocations to cater for 2^(45-33) or 2^12 or **4096 IPv6 address allocations per user in the world.**
    

    That's calculating /48 allocations, per person, at a global population of 8 Billion. If I ran out of /64s allocating one /64 per VPS out of a /48, I'd be really happy. Financially. That's 65536 allocated subnets.

    Thanked by 1rm_
  • HBAndreiHBAndrei Member, Provider

    deadbeef said: Summury of OP's post:

    omg omg we're going to run out of the 18,446,744,073,709,551,616 available IPs, omg omg omg omg omg omg omg

    Remember the time when folks thought 640k RAM would be enough? :D

    Free Uptime Monitoring - minimize your downtime by being the first to know about it.
    Free Blacklist Monitoring - don't let a few bad clients ruin your network.

  • ClouviderClouvider Member, Provider
    edited June 2015

    HBAndrei said: Remember the time when folks thought 640k RAM would be enough? :D

    Aye, hence he assumed /48 per each device per person I believe, which is a good buffer :-).

    Clouvider Limited - Leading EU Provider || Dedicated Server Sale - Our Latest LET Offer

    Cloud Web Hosting | SSD & SAS HA OnApp VPS | UK, NL & DE Dedicated Servers | Network Services | Colocation | Managed Services

  • Until we get to the galaxy wide web I don't think IPv6 exhaustion is likely to be a problem.

    Besides if we ever do get that far who says we'd even be using TCP/IP.

    Thanked by 1elgs
  • HBAndreiHBAndrei Member, Provider

    dragon2611 said: galaxy wide web

    gww. doesn't sound so good, we'll have to come up with a better name for it.

    Thanked by 2Traffic elgs

    Free Uptime Monitoring - minimize your downtime by being the first to know about it.
    Free Blacklist Monitoring - don't let a few bad clients ruin your network.

  • ClouviderClouvider Member, Provider
    edited June 2015

    HBAndrei said: gww. doesn't sound so good, we'll have to come up with a better name for it.

    and possibly a better firewall :)

    Clouvider Limited - Leading EU Provider || Dedicated Server Sale - Our Latest LET Offer

    Cloud Web Hosting | SSD & SAS HA OnApp VPS | UK, NL & DE Dedicated Servers | Network Services | Colocation | Managed Services

  • good to see dead:beef weighing in on ipv6.

    Thanked by 1deadbeef
  • J1021J1021 Member

    @ricardo said:
    good to see dead:beef weighing in on ipv6.

    ::b00b

    Thanked by 1sdglhm
  • raindog308raindog308 Moderator

    HBAndrei said: Remember the time when folks thought 640k RAM would be enough? :D

    I know the math, but somehow, someway, we will find a way to exhaust ipv6. It's the way humans work.

    For LET support, please visit the support desk.

  • MicrolinuxMicrolinux Member
    edited June 2015

    @elgs said: Are we using IPv6 addresses wisely?

    Yes.

    IPv6 allocation is not not analogous to IPv4 allocation. IPv6 is not only a larger address space, it's a fundamentally different addressing scheme with different operational considerations. Attempting to compare the two is folly. IPv6 allocation is not based on "need", you have to get that out of your head (admittedly tough to do after so many years of IPv4).

    Thanked by 2Spirit ATHK
  • To add to the fact that they choose to use /64 as a subnet prefix which seems excessive. Google bought a /96 block.

  • KuJoeKuJoe Member, Provider
    edited June 2015

    @MINIMAN10000 said:
    To add to the fact that they choose to use /64 as a subnet prefix which seems excessive. Google bought a /96 block.

    Why would Google buy such a small block? ARIN gives them out for free.

    A /96 is only 4294967296 addresses, we give every client 18446744073709551616 addresses (/64) so Google got ripped off.

    -Joe @ SecureDragon - LEB's Powered by Wyvern in FL, CO, CA, IL, NJ, GA, OR, TX, and AZ
    Need backup space? Check out BackupDragon
  • @KuJoe said:
    Google got ripped off.

    Google.CN, that got booted out of China, which has no use for IPv6 so they just bought a /96.

  • ClouviderClouvider Member, Provider

    /96 is non routable. Recheck your sources @TheOnlyDK.

    Clouvider Limited - Leading EU Provider || Dedicated Server Sale - Our Latest LET Offer

    Cloud Web Hosting | SSD & SAS HA OnApp VPS | UK, NL & DE Dedicated Servers | Network Services | Colocation | Managed Services

  • @Clouvider said:
    /96 is non routable.

    Uhh what? Did I say that it's routable or usable?

  • ClouviderClouvider Member, Provider
    edited June 2015

    Why would they 'buy' it if they can't do anything with it? Where did you find this information? From a networking and logical point of view it makes no sense.

    Clouvider Limited - Leading EU Provider || Dedicated Server Sale - Our Latest LET Offer

    Cloud Web Hosting | SSD & SAS HA OnApp VPS | UK, NL & DE Dedicated Servers | Network Services | Colocation | Managed Services

  • TheOnlyDKTheOnlyDK Member
    edited June 2015

    @Clouvider

    I wasn't the one said Google bought it, I just commented on it saying Google yet again bought something useless. And I even said it's probably for google.cn which is useless sitting there as a redirect domain. I believe you misunderstood what I said but I understand what you are saying (and I agree too).

    @MINIMAN10000 said:
    To add to the fact that they choose to use /64 as a subnet prefix which seems excessive. Google bought a /96 block.

  • ClouviderClouvider Member, Provider

    @TheOnlyDK please excuse me, I'm on my mobile, I have tagged wrong person... :/.

    The question stands for @MINIMAN10000

    Thanked by 1TheOnlyDK

    Clouvider Limited - Leading EU Provider || Dedicated Server Sale - Our Latest LET Offer

    Cloud Web Hosting | SSD & SAS HA OnApp VPS | UK, NL & DE Dedicated Servers | Network Services | Colocation | Managed Services

  • @Clouvider For the life of me I always reverse block sizes. Google bought a 2^96 which if I'm getting the numbers correct this time is a /32. Using https://moz.com/blog/ipv6-cblocks-and-seo as a source it appears that it is likely isps will buy blocks of /32 or 2^96 ips.

  • ClouviderClouvider Member, Provider
    edited June 2015

    @MINIMAN10000 I wouldn't trust with technical stuff any website that still uses phrase 'C-Block'. It just doesn't exist anymore. For more than 10 years.

    Clouvider Limited - Leading EU Provider || Dedicated Server Sale - Our Latest LET Offer

    Cloud Web Hosting | SSD & SAS HA OnApp VPS | UK, NL & DE Dedicated Servers | Network Services | Colocation | Managed Services

  • ReeRee Member

    I posted this the last time "we're going to run out" came up.

    A fact about IPv6 size I read awhile ago was that if the IPv4 address space was the size of a credit card, the IPv6 address space would be the size of our solar system. Since I'm bored, I figured I'd try to verify that.

    IPv6 = 2^128, IPv4 = 2^32. Divide one into the other and you see IPv6 address space is this many times bigger than IPv4: 79,228,162,514,264,337,593,543,950,336

    A credit card is roughly 2x3 inches, or 6 square inches. So multiply the previous number by 6 to get the IPv6 size in square inches: 475,368,975,085,586,025,561,263,702,016

    That's a big number, so let's convert to square miles: 118,413,303,421,083,971,810

    Still too big, how about square Astronomical Units: 13,704

    That's roughly the area of a circle with radius 66AU.

    Pluto's orbit takes it as far as 50AU from the sun (roughly).

    So we're talking a circle that is MUCH bigger than the orbit of Pluto (especially when you consider that Pluto has a very elliptical orbit).

    So the next time you're worried that we're going to run out of IPv6 addresses...don't.

    Thanked by 2elgs TheOnlyDK
  • BruceBruce Member

    @cncking2000 said:
    That's calculating /48 allocations, per person, at a global population of 8 Billion.

    IPv6 is not about people. it's about IoT, mostly. 70 TRLLION devices, all internet connected, by 2040

    free trial zilore monitoring

  • what! :/

    Well we can have a lot of ipv6 but still being useful if ISP does not implement it. And the tunnel dont work.

    Nothing for the moment

  • TACServersTACServers Member, Provider
    edited June 2015

    @Bruce - Can't wait for the Internet of Threats. Who is going to patch their refrigerator, toaster, oven, lights, garage openers, doorbells, water heaters, furnaces, thermostats, and ceiling fans when they can't even patch a router? All IoT device manufactures need to implement ways to force updates to these devices. Can you imagine a 7 BILLION device botnet? That's only 1% of your mentioned 70 Trillion devices being infected, and I am sure current infected computer and device counts are above 1% of the total of the internet, today. :/

    Thanked by 2raindog308 Infinity
  • ClouviderClouvider Member, Provider
    edited June 2015

    @cncking2000 you better ask for the extended support contract to get software upgrades for your new smart fridge ;)

    Clouvider Limited - Leading EU Provider || Dedicated Server Sale - Our Latest LET Offer

    Cloud Web Hosting | SSD & SAS HA OnApp VPS | UK, NL & DE Dedicated Servers | Network Services | Colocation | Managed Services

  • @cncking2000 said:
    Bruce - Can't wait for the Internet of Threats. Who is going to patch their refrigerator, toaster, oven, lights, garage openers, doorbells, water heaters, furnaces, thermostats, and ceiling fans when they can't even patch a router?

    Reading the text agreeing and then....

    All IoT device manufactures need to implement ways to force updates to these devices.

    Instapwn!!!!!!!!! :D

  • TACServersTACServers Member, Provider

    @Clouvider - Yes, hi, I'm calling to extend my FRIDGEnet Service. EOL? What? It's only 6 years old!

  • TACServersTACServers Member, Provider
    edited June 2015

    @deadbeef said:
    Instapwn!!!!!!!!! :D

    I think if they function similar to a linux box with auto-updates, I am not too sure that this would be a problem. Now, if they left some sort of open port on all these devices to be able to talk to the device on a whim to update it.. I agree with you entirely.

  • BruceBruce Member

    clearly security is a growing market

    free trial zilore monitoring

  • 4n0nx4n0nx Member

    If I remember correctly, my home ISP was assigned a /19

    :(

    (((o(゚▽゚)o))) If privacy is outlawed, only outlaws will have privacy. (((o(゚▽゚)o)))

    ヽ(`Д´)ノ Everyone should run Tor on their idle servers.

  • Anyways to sum up what I was getting at. As with IPv4 the concern is never the per person as people generally only grab what they need. It is the businesses that grab significantly more than they need that eat up the majority of the allocation. If businesses grab ISPs sized /32 IPv6 blocks then there are a total of 4,294,967,296 allocations before we are out of ipv6.

  • PwnerPwner Member
    edited June 2015

    No, we are not using IPv6 wisely at all. We should just allocate a /128 for every individual so we won't need to worry about IPv6 exhaustion in the future. </ joke>

  • Personally I thought /96 for individual allocations /64 for ISP level allocations and /32 for RIR allocations would work well.

  • joepie91joepie91 Member, Provider

    cncking2000 said: Can't wait for the Internet of Threats. Who is going to patch their refrigerator, toaster, oven, lights, garage openers, doorbells, water heaters, furnaces, thermostats, and ceiling fans when they can't even patch a router? All IoT device manufactures need to implement ways to force updates to these devices.

    Yeah. The infosec community has been pushing for this for a while. Unfortunately, there's no business case for it - as long as manufacturers can get away with poorly secured firmware, that's the cheapest option for them.

    Capitalism and security don't go together very well.

  • deadbeefdeadbeef Member
    edited June 2015

    @joepie91 said:
    Capitalism and security don't go together very well.

    Yeah, right - In contrast to say ... chernobyl level security. Now those were really secure practices.

  • joepie91joepie91 Member, Provider

    @deadbeef said:
    Yeah, right - In contrast to say ... chernobyl level security. Now those were really secure practices.

    That's not a contrast I was drawing, not sure why you're bringing it up.

    Security costs money, an inherent part of capitalism is maximizing profit - thus if companies can get away with substandard security, they will. It's pretty logical, really, it's just another conflict of interest (like is a common occurrence with capitalism).

  • @joepie91 said:

    >

    That's not a contrast I was drawing, not sure why you're bringing it up.

    As a starting point for disproving your point.

    Security costs money, an inherent part of capitalism is maximizing profit - thus if companies can get away with substandard security, they will. It's pretty logical, really, it's just another conflict of interest (like is a common occurrence with capitalism).

    You're not thinking it deep enough. While this is not a fair comment, I don't have time to expand on it atm, but I will tomorrow. So stay tuned :)

  • joepie91joepie91 Member, Provider

    deadbeef said: As a starting point for disproving your point.

    That makes no sense. That a particular non-capitalism model also causes security issues, is in no way related to whether capitalism has such issues or not. There's more than two social/economic models in existence, and no rule exists that only one of them can have a particular issue.

    deadbeef said: I don't have time to expand on it atm, but I will tomorrow.

    Awaiting :)

  • rm_rm_ Member

    MINIMAN10000 said: Personally I thought /96 for individual allocations /64 for ISP level allocations and /32 for RIR allocations would work well.

    Because certainly, there's going to be 4 billion RIRs.

    Thanked by 1elgs
  • SpiritSpirit Disabled
    edited June 2015

    4n0nx said: If I remember correctly, my home ISP was assigned a /19

    It's most likey /29

    In 2012 RIPE extended /32 to /29 for LIRs. Those who already had /32 could request /29 without additional documents because complete /29 from where they got one /32 was already reserved in past.

  • HBAndrei said: Remember the time when folks thought 640k RAM would be enough? :D

    I still do. The key is, enough for what? Well, to do something useful. I think this is one of the main things holding back IPv6 adoption. In actual fact, IPv4 is still enough to do something useful. Of course the "omg the sky is falling" marketing types will never have enough. I liken those to the workman who blames his tools. Of course better (or more appropriately "other") tools can be useful. But that is very different from being a necessity.

  • WilliamWilliam Member, Provider
    edited June 2015

    4n0nx said: If I remember correctly, my home ISP was assigned a /19

    RIPE? Very unlikely - The largest IPv6 netblock i have ever seen assigned by RIPE was a /24 (Theres a file on the RIPE FTP with all alloc data, too lazy to grep it now).

  • rm_rm_ Member

    Spirit said: It's most likey /29

    William said: RIPE? Very unlikely

    http://bgp.he.net/net/2003::/19 Deutsche Telekom AG

    Thanked by 14n0nx
  • 4n0nx4n0nx Member

    How did you know? :D Thanks I couldn't find it.

    So yes I don't think IPv6 addresses are used wisely at all. -_-

    (((o(゚▽゚)o))) If privacy is outlawed, only outlaws will have privacy. (((o(゚▽゚)o)))

    ヽ(`Д´)ノ Everyone should run Tor on their idle servers.

  • I'm not even sure that using IPv6 addresses for a lot of IoT is wise. So I move house and get a new ISP, now my fancy fridge needs to get a new IP. Perhaps they won't give it to me because that fridge does not comply with environmental specs in the new jurisdiction.

    Anyway, I'm getting off topic, but what is on topic is that I don't think ISPs should be the ones to give IPv6 addresses to end users. That is a legacy approach, but it is not wise.

  • rm_rm_ Member
    edited June 2015

    4n0nx said: How did you know? :D

    I just heard about it earlier. There aren't a lot of /19s assigned, in fact this might be the only one.

    Thanked by 14n0nx
  • WilliamWilliam Member, Provider

    Amazing - Even the German government got less, and they had to fill extremely solid justification (like a /48 per tank they have)

Sign In or Register to comment.