Dual stack IPv6 for IPv4 depletion

Wed Jul 15 18:11:05 UTC 2015

On 7/15/15 8:20 AM, George Metz wrote:
> Reasonability, like beauty, is in the eye of the beholder, but I thank
> you for the compliment. :)

I call them like I see them. :)

> The short answer is "yes, that constitutes being prudent".

Ok, good news so far. :)

> The longer
> answer is "it depends on what you consider the wildest dreams".
>
> There's a couple of factors playing in. First, look at every /64 that is
> assigned as an IPv4 /32 that someone is running NAT behind.

Ok, that's a relatively common analogy, even if it isn't quite 
technically correct.

> This is flat
> out WRONG from a routing perspective, but from an allocation
> perspective, it's very much exactly what's happening because of SLAAC
> and the 48-bit MAC address basis for it. Since /64 is the minimum, that
> leaves us with less than half of the available bit mask in which to hand
> out that 1/8th the address space.

I have my own issues with RA/SLAAC, but let's leave those aside for a 
second. It's probably a more correct analogy (although still not 
completely accurate) to say that a /64 is equivalent to an IPv4 /24, or 
some other small network that would be utilized by an end user with the 
expectation that there are multiple devices running in it. I agree with 
you that you'd never want to route that /64, but you (generally) 
wouldn't want to route a /24, or more accurately something like a /28, 
either.

Also, as Owen pointed out, the original concept for IPv6 networking was 
a 64 bit address space all along. The "extra" (or some would say, 
"wasted") 64 bits were tacked on later.

> Still oodles of addresses, but worth
> noting and is probably one reason why some of the "conservationists"
> react the way they do.

It's easy to look at the mandatory /64 limit and say "See, the address 
space is cut in half to start with!" but it's not accurate. Depending on 
who's using it a single /64 could have thousands of devices, up to the 
limit of the broadcast domain on the network gear. At minimum even for a 
home user you're going to get "several" devices.

> Next, let's look at the wildest dreams aspect. The current
> "implementation" I'm thinking of in modern pop culture is Big Hero 6
> (the movie, not the comics as I've never read them). Specifically,
> Hiro's "microbots". Each one needs an address to be able to communicate
> with the controller device. Even with the numbers of them, can probably
> be handled with a /64, but you'd also probably want them in separate
> "buckets" if you're doing separated tasks. Even so, a /48 could EASILY
> handle it.

Right, 65k /64s in a /48.

> Now make them the size of a large-ish molecule. Or atom. Or protons.
> Nanotech or femtotech that's advanced enough gets into Clarke's Law -
> any sufficiently advanced technology is indistinguishable from magic -
> but in order to do that they need to communicate. If you think that
> won't be possible in the next 30 years, you probably haven't been paying
> attention.

I do see that as a possibility, however in this world that you're 
positing, how many of those molecules need to talk to the big-I 
Internet? Certainly they need to communicate internally, but do they 
need routable space? Also, stay tuned for some math homework. :)

> I wrote my email as a way of pointing out that maybe the concerns (on
> both sides)- aren't baseless,

Please note that I try very hard not to dismiss anyone's concerns as 
baseless, whether I agree with them or not. As I mentioned in my 
previous message, I believe I have a pretty good understanding of how 
the "IPv6 conservationists" think. My concern however is that while 
their concerns have a basis, their premise is wrong.

> but at the same time maybe there's a way
> to split the difference. It's not too much of a stretch to see that,
> soon, 256 subnets may not actually be enough to deal with the connected
> world and "Internet of Things" that's currently being developed. But
> would 1024? How about 4096? Is there any need in the next 10-15 years
> for EVERYONE to be getting handed 65,536 /64 subnets?

So, here's where the math gets to be both fun, and mind-boggling. :) 
There are 32 /8s in 2000::/3. Let's assume for sake of argument that 
we've "wasted" two whole /8s with various drama. There are 2 to the 40th 
power /48s in a /8, multiply by 30, and divide by 10 billion (to 
represent a fairly future-proof number of people on the planet). That's 
3,298.5 /48s per person.

So you asked an interesting question about whether or not we NEED to 
give everyone a /48. Based on the math, I think the more interesting 
question is, what reason is there NOT to give everyone a /48? You want 
to future proof it to 20 billion people? Ok, that's 1,600+ /48s per 
person. You want to future proof it more to 25% sparse allocation? Ok, 
that's 400+ /48s per person (at 20 billion people).

At those levels even if you gave every person's every device a /48, 
we're still not going to run out, in the first 1/8 of the available space.

> Split the difference, go with a /52

That's not splitting the difference. :)  A /56 is half way between a /48 
and a /64. That's 256 /64s, for those keeping score at home.

So the advice I've been giving out for quite a while now, which has been 
both well received and implemented with success, is for ISPs who want to 
practice conservation to *reserve* a /48 for every home user, and to 
*allocate* the first /56 from it. To some extent I agree with Owen that 
the world would be a better place if everyone just gave out /48s. But 
I'm also pragmatic, and I'd rather see IPv6 deployed sooner rather than 
later. I think that 256 networks should be enough for even the most 
complex home networks (including multiple layers of routers, etc.) and 
it's incumbent on the software authors to slice up what they are handed, 
rather than making assumptions.

Meanwhile, if the ISP "blows through" their end-user pool at /48 
reservations, they can go to their RIR and get more space. And if cosmic 
rays befuddle the minds of every RIR on the planet and somehow that 
doesn't become possible, they can go back through their /48 reservations 
and start allocating the first /56 from the bottom /49 to new customers. 
Lather, rinse, repeat.

Doug

-- 
I am conducting an experiment in the efficacy of PGP/MIME signatures. 
This message should be signed. If it is not, or the signature does not 
validate, please let me know how you received this message (direct, or 
to a list) and the mail software you use. Thanks!

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 473 bytes
Desc: OpenPGP digital signature
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20150715/a88b526e/attachment.sig>