We have known that we would run out of IPv4 addresses since 1981, when the Internet Protocol was standardized. The numbers say there will be no more than 4,294,967,296 different IPv4 addresses. (4 billion and change is the number of combinations that can be made with 32 IPv4 addresses). Before 1993, addresses were given in very large blocks due to technical limitations in routing protocols. This limit was raised, but at the same time, the Internet began to become more mainstream, requiring more and more addresses.
This is also the time when the IETF realized that at some point, we will run out of IP addresses. The date it was decided for the well to dry up was 2005. Although they were wrong in the year, they were right about their opinion that 32 degrees was not enough for the coming years.
The invention of network address translation (NAT), which allows multiple systems to share a single address, has been credited for heralding the life of IPv4, but two other technologies are also very important. Changing the length of subnetting makes it possible to give different subnetworks the appropriate address block size, and ethernet changes make it possible to have much larger subnets, reducing the waste of the network.
The well is dry
Next year may be the last year that large Internet Service Providers can acquire IP addresses under rules that have been in effect for more than a decade, however. Let’s look at the current state of the IPv4 address space first, and then see what’s in store in the near future.
The Internet Assigned Numbers Authority (IANA) keeps track of the IPv4 address space in what are known as /8 blocks (hereafter referred to as /8). This slash notation is a way to specify address ranges. A / 8 is all addresses starting with a given 8-bit value. There are 28 (256) of those blocks, in five classes:
Class A: 0 - 127 Class B: 128 - 191 Class C: 192 - 223 Class D: 224 - 239 Class E: 240 - 255
Class D is used for multicast, where a single packet is sent to multiple receivers. Class E has been “saved” since the beginning of time, so enthusiastic programmers have peppered their code with checks that write these addresses. It’s usually a handful of lines of code, but there’s no way to update it every those systems before we need those addresses, so class E cannot be deployed for general use. Class A becomes three / 8s that cannot be used. 0.0.0.0 refers to the default role, and taints every 0/8 block. 10/8 is used for private address, and localhost address 127.0.0.1 makes 127/8 unusable. So that leaves 221 usable /8s at point A, B and C. Their current status is 101 allocated, 92 inherited, and 28 unallocated.
Classification methods are issued under (variations of) current rules by one of the five Regional Internet Registries (RIRs). Legacy is mainly /8s issued directly to the US government (about 10 of them) and the likes of IBM, Apple, DEC, HP, and MIT, or class B networks (/16s) issued to companies higher education and smaller groups. Unallocated blocks are those that are completely unused. They represent the first source of free IPv4 addresses, creating the IANA international pool (responsible architect). However, in addition to the global pool of IANA, each block assigned to the RIR has a small space that is not used as people give the address space back, or large amounts in the blocks that the RIRs attract new representatives to current ISPs. (We will ignore the fact that some end users also receive addresses directly from RIRs for simplicity.) There is also residual space in most class B blocks. Which brings the total amount of unused IPv4 address space, in millions of addresses, to:
(For the mathematicians among us: 2919 + 788 = 3707 while 221 X 224 ?106 = 3707.764736.)
So how will 788 million addresses get us? Basically, the number of address space given per year was 10/8s in 2005 and 2006 and almost 12 in 2007 and 2008. Assuming no major changes, that would give us four years before the remaining 788 addresses are used. (47/8s). However, there is an agreement between IANA and the RIRs that each of the RIRs has one of the last five/8. When the global pool reaches five / 8s, each RIR gets one, the pool will be empty, and that’s it.
RIRs maintain nine months worth of address space. When they clicked below that, they requested two new /8s from IANA. For ARIN and RIPE NCC, that is in the range of two / 8s, but for APNIC it is more like four, as APNIC needs to satisfy the insatiable thirst for IPv4 addresses that China has developed in recent years. LACNIC uses about half / 8 in nine months, and AfriNIC alone has two million addresses.
So in two years’ time, the RIRs will receive their final /8s. At that time, the situation for each of the five RIRs will be very different. Because AfriNIC has such a slow burn rate, it will be able to continue business as usual for a good number of years, unless Africa suddenly starts using up abundant more address space. The situation for LACNIC will be similar, but to a lesser extent. The other three RIRs will have about 1 to 2 years of regular address space and use the leftovers in place of the remaining legacy.
But … the question is whether the RIRs will have the courage to continue burning the address space they still hold when it is clear that they will not get more. ARIN will. “Yes, ARIN will continue to provide address allocations to ISPs as long as it has address space,” said ARIN President and CEO John Curran. “ARIN will isolate the address ‘/10’ from the last partition that will have the decisions made from it only for the purposes of facilitating IPv6 deployment, but the rest will remain.”
I’m not sure. The problem is that there are address allocation policies for each RIR organized by “area”. After following this process for RIPE and ARIN domains for some time in the past, I think it is very likely that new, more restrictive policies will be created as the amount of free IPv4 address space decreases. So we can find ourselves in a situation where there is (some) IPv4 address space left, but almost no one will be able to get any of it because the bar is set too high. In fact, some people argue that we already are, as the big telcos forego using public address space for things like 3G service without even bothering to try to get enough address space for these services.
Considering the fact that only a fraction of the 2,500 members or members of ARIN occupy more than 80 percent of the address space offered by ARIN, it makes sense for the other 99 percent to push through a policy change that makes it is possible for broadcasting. ISPs and wireless operators to obtain more addresses, allowing ARIN to continue operations at 20 percent capacity for years to come. Of course, when fat cats see this look, they may go for a wash and leave a big question behind. RIRs evaluate questions, but they have a low return to false positives.
In the long run that will not work for ISPs, because often, they will need to come back for more address space. At this point, the RIR checks whether the previous allocations have been used in accordance with the policies. If not, there are no new addresses. Of course this arrangement doesn’t really work for him the last question.
When we get to the point that the half-million or so large blocks needed by the big ISPs are no longer available, or very difficult to obtain, it will still be possible to obtain small blocks of address space necessary to host services, so the service may remain on IPv4 indefinitely. ISPs, on the other hand, need a continuous supply of new addresses to connect new customers.
Some have suggested that generating IP addresses is a product that can be purchased to solve this problem. Apart from the question of whether companies like the US government (150 million addresses) and HP (33 million addresses) that sit on the maximum addresses deserve a big wind, I don’t think this will work. Someone who wants addresses for a 19″ rack full of servers in a data center will be happy to pay $1, $10, or even $100 for an address. The Comcasts, Deutsche Telekoms, and Softbanks of this world won’t pay anything like that, even if they are prepared to buy dozens of small blocks rather than get whatever they need for (pretty much) free, also, if HP wants to sell off 16/8, the address once given to DEC, will have to do a big check to make sure there are no firewall rules or hardware filters that keep 16/8 as important before these addresses can be released. So The cost of the addresses will be too low to cover such an audit.
Either by choice or otherwise, large ISPs will have to give each customer its own IPv4 address. Giving those customers IPv6 is not an option, because most of the services are still IPv4-only and many IP devices that do not run a full operating system (mobile phones, VoIP phones, webcams) do not support IPv6. . So that means stretching existing IPv4 addresses one way through “carrier promotion NAT” (CGN).
But aren’t existing IPv4 users sitting pretty? Maybe, maybe not. Some ISPs may take away addresses from existing users to provide their CGNs with enough addresses. Server-side applications such as the web and email will work well through CGNs and IPv6-to-IPv4 translators, but peer-to-peer applications such as VoIP and BitTorrent, not so much. Maybe the ISPs will care about that, maybe not. Even those of us who still have insufficient IPv4 addresses at that point will start to feel the pain, because more and more of the colleagues we want to talk to are sitting behind very weak CGNs.
So enjoy peer-to-peer apps while you can; Their end date will come soon after 2010.
Further reading: Predicting the End of the World.