Wednesday, October 15, 2008

Millions of unused IP's out there *ROFL*

There is an article I saw on Slashdot today that pointed to some research done by a group that indicated there are Millions of IP addresses out there that are unused (or lying idle). You can find the article here but I decided to post a few of my thoughts about this.

There are numerous reasons out there why there is a lot of PUBLIC IP space that will not be reachable from the Internet. Business to Business (B2B) where multiple companies networks need to talk to each other is the perfect example of this. B2B is becoming much more relevant in the days of outsourcing services and for service providers. Additionally there is a lot of infrastructure that is out there that uses Public IP space that will not respond to scans because they have been hardened not to do so. Someone on Slashdot pointed out that blocking ICMP THROUGH a router or firewall is a no-no, but blocking it destined to the device is just fine and is actually good practice. Now there are companies like GE that were assigned a /8 and assigned every device a Public IP whether it needed it or not. These companies need to be read the riot act by ARIN and return it.

Some people out there use every study about IPv4 to sing the praises of IPv6. Here is how I respond to that. Please note, I do believe that IPv6 makes a lot of sense in places but there are huge obstacles that are going to have to be overcome before we get there. I think the ultimate irony about it is that we want to move to IPv6 to get away from our band aid IPv4 solution of NAT. I find this hilarious because in order to move from IPv4 to IPv6 we are going to still end up doing NAT until IPv4 is totally gone.

Those who just spout that we should just up and move to IPv6 have no clue. The world is not ready for IPv6 and my money is that we will not end up with mainstream adoption (and I mean every new consumer device and piece of software that comes out is IPv6 aware) for at least another decade. There is way too much to do and companies have just over the last few years really started networking everything and they are going to have to re-tool and re-learn.
Nobody wants to go back and learn a brand new protocol for which you basically need to throw away 80% of what you thought you know.

Finally, IPv6 only truly solves one problem that we have in IP networking today and that is the number of available addresses. We know for a fact in Ethernet that your not going to have several million devices in the same broadcast domain (VLAN) (and yes, I know some of IPv6 uses multicast) so we are going to be orders of magnitude more wasteful than we can possibly be with IPv4. The only way around it is to subnet which past a /80 you lose the ability to do autoconfiguration which basically renders IPv6 useless.


1 comment:

Robert F. Crocker said...

Good luck consolidating your access and pillaging. As always only use these techniques on computers that you have been given permission to use. ip locator