2008 IPv4/IPv6 Update

2008 was sort of a milestone year for IPv6. Foremost there was the much-touted US OMB Mandate which everyone got excited about back about 2005: By June of this year all federal agencies’  “infrastructure  (network backbones) must be using IPv6 and agency networks must interface with this infrastructure.” In the years between that mandate and the deadline, however, the language and requirements slipped significantly.

The language moved from requiring that all purchased networking equipment be “IPv6 compliant” to “IPv6 capable,” because agencies could not come to a reliable and consistent definition of what “compliant” meant. In fact some agencies even had trouble defining what “infrastructure” meant. The Internal Revenue Service, for example, defined it as the backdoor of one public-facing router to the backdoor of another public-facing router. Other agencies defined it differently.

There was also a backing away from the original expectations that the infrastructures must be using IPv6 to simply demonstrating that they could pass IPv6 packets. By early 2006, capability demonstration came down to:

-       Transmit IPv6 traffic from the Internet and external peers, through the backbone, to the LAN

-       Transmit IPV6 traffic from the LAN, through the backbone, out to the Internet and external peers

-       Transmit IPv6 packets from a LAN, across the core, to another LAN (or to another node on the same LAN)

Once this demonstration was complete, the network was deemed IPv6 capable and IPv6 could be turned off until needed. Quite a letdown from what we thought would be happening by June 30, 2008.

Reports have varied as to whether even this was a success; the OMB itself says that all agencies would meet the goal, while other reports have said that up to a third of agencies missed the deadline.

But be sure to not take the wrong lessons from the unspectacular passing of the June 2008 deadline. The engineers at the federal agencies put years of planning and effort into getting this far, and have been well funded; if you haven’t even started planning yet, you’ve got a long road ahead of you.

Another, more subtle, milestone is the change in the way IPv6 is presented in public networking forums. We have left behind what might be called the “marketing phase” of IPv6; most everyone in the IP networking world now understands that IPv6 is inevitable. Network operators (starting in the latter half of last year) are now focused on how to best implement IPv6; large portions of the agendas at NANOG, RIPE, and APRICOT have been devoted to strategy sharing.

The 2008 Olympics in Beijing was also an IPv6 event. Although not evident to the fans or athletes, the Olympics nevertheless was an opportunity for Beijing Internet Institute, China Netcom, an others to showcase a number of IPv6-connected applications including surveillance cameras and lighting control systems.

An Update on IPv4 Depletion

In October of last year I wrote about the state of the remaining IPv4 addresses and the allocations made so far. At the time 11 /8s had been assigned in 2007, and I predicted 12-15 would be assigned overall that year. As it turned out 13 /8s were assigned.

This year has looked much better for IPv4, with only seven /8s assigned:

-       110/8                        APNIC            November 08

-       111/8                        APNIC            November 08           

-       112/8                        APNIC            May 08                                   

-       113/8                        APNIC            May 08

-       173/8                        ARIN              February 08

-       174/8                        ARIN              February 08

-       197/8                        AfriNIC            October 08

Although there’s a chance one or two more blocks could be assigned in the remaining two weeks, these seven are probably it for the year.

What influence does this have on the dates when the pool of available IPv4 addresses would run dry? One of the assumptions around IPv4 depletion has been that the allocation rate would increase year by year. Yet this year might indicate a slowdown. Allocations of /8s since 2000 are:

-       2000:             4

-       2001:             6

-       2002:             4

-       2003:             5

-       2004:             9

-       2005:             11

-       2006:             10

-       2007:             13

-       2008:             7

As of now there are 36 /8s remaining – 14% of the 256 /8s comprising the entire IPv4 address space.

How does the low 2008 allocation effect the predicted depletion date? Not as much as you might think. The two best ongoing studies of IPv4 depletion are those of Cisco’s Tony Hain and APNIC’s Geoff Huston. In mid-2007 Hain was predicting the depletion date to be mid-2010 and Huston was predicting mid-2011. With the latest statistics Hain’s prediction has moved out a little to the end of 2010, and Huston’s has actually moved in a little to early 2011. Considering that their two methodologies yielded widely different predictions when they started in 2003 (Hain predicted 2008, Huston 2021), their steady convergence to around the first of 2011 is impressive.

More interesting is what the 2008 numbers say about a predicted IPv4 “run on the bank.” For a couple of years there has been speculation that as more and more network operators realized that the IPv4 address space was almost used up, many would exaggerate their projected address needs in order to get as much IPv4 space as they could while anything remained.

Well, there aren’t many large service providers – the network operators most dependent on a steady supply of addresses – in denial about IPv4 depletion. As I mentioned earlier, they’re busy in operator forums discussing strategies for deploying IPv6. Yet the RIRs did not ask for many allocations this year, indicating that not many service providers are asking them for new assignments.

A run on the bank could still happen, but if it hasn’t happened yet it probably won’t happen at all. More than likely the decrease in allocations indicates two things:

-       Most service providers are comfortable with their transition planning and expect to be ready for IPv6 by 2011 or 2012. Although NTT/Verio is the only Tier I service provider to currently have widespread IPv6 deployment, the other six (AT&T, Global Crossing, Level 3, Qwest, Sprint, and Verizon) all are in various stages of planning and deployment; most have at least limited IPv6 support already. These seven providers make up the “core” of the Internet, based on their peering structures. As Tier II providers turn up IPv6, the core should be ready for them.

-       The 13 /8s allocated in 2007 might have been a bit liberal, so that this year’s allocations represent a lull while the slack is taken up. ARIN took no allocations in 2007 and only two in 2008; RIPE took no allocations in 2008. Both RIRs will likely need large allocations in 2009. Mobile growth in South America and Africa will probably drive a few allocations to LACNIC and AfriNIC. And, of course, continued growth in China and India will mean more allocations to APNIC. If all this is the case, we will be back to 12-15 /8s allocated in 2009.

IPv4 Address Fragmentation

There is a single factor that more than doubles the number of entries in the public BGP table, consuming bandwidth and memory and processor cycles and, most importantly, destabilizing the Internet with high BGP churn and slow reconvergence.

That factor is the prevalence of long IPv4 prefixes in the public BGP routing tables.

Geoff Huston’s hugely useful BGP Routing Table Report shows that today, 12 December 2008, the University of Oregon’s Route Views Project (AS6447) counts 289,392 prefix entries in the public BGP tables. Of these, an amazing 226,857 entries – 78.4% of the entire table – are longer than /20. 150,170 of them – 51.89% -- are 24-bit prefixes.

If these long prefixes were properly aggregated, the Internet BGP tables could be drastically reduced in size ad the Internet itself made more stable.

Two simple factors are responsible for most of these long prefixes existing in the public routing tables:

-       Network operators splitting up their aggregate and advertising different constituent parts of the aggregate at different peering points as a way to perform simple traffic engineering, causing traffic to different internal destinations to enter the network at different peering points.

-       Simple laziness; a surprisingly large number of operators could aggregate their address blocks and simply do not do so.

While this fragmentation of IPv4 advertisements causes problems now, it is going to become much worse over the next couple of years as the last IPv4 addresses are assigned. The IANA and the RIRs do their best to make IPv4 assignments in aggregateable blocks, even reserving space on either side of the block in case it is needed in the future.

But as IPv4 comes within a year or two of depletion, the remaining address assignments are not going to be in tidy aggregates; they are going to be scattered across the entire IPv4 range. So if you need a /22, you might actually get four entirely discontiguous /24s. You would have to advertise all four of these even if you are conscientious about aggregation and have no need to engineer your incoming traffic.

Fragmented address assignments, the growth they impose on the public Internet tables, and the destabilization they impose on BGP are going to become increasingly troubling issues throughout 2009 and 2010.

Join the Network World communities on Facebook and LinkedIn to comment on topics that are top of mind.
Must read: 10 new UI features coming to Windows 10