How long will it take to completely get rid of IPv4 or will it happen at all?

Valdis.Kletnieks at vt.edu Valdis.Kletnieks at vt.edu
Sat Jun 27 21:54:05 UTC 2015 

On Sat, 27 Jun 2015 07:38:43 -0700, "Bob Evans" said:
> What will come first ?
> A) the earths future core rotation changes altering the ionosphere in such
> a way that we are all exposed to continuous x-rays that shorten our
> lifespan
>                  OR
> B) the last IPv4 computer running will be reconfigured to IPv6

Data point:

I just ran a tcpdump looking for NTP packets going to 128.173.14.71.  In 90
minutes, I got hits from 330 unique IP addresses, including some that were
chatty enough to indicate there were dozens of hosts behind a NAT.

The biggest offenders:

% tcpdump -n -r ~/ntp.dump | cut -f3 -d' ' | cut -f1-4 -d'.' | sort | uniq -c | sort -nr | head -30
reading from file /home/valdis/ntp.dump, link-type EN10MB (Ethernet)
   5507 200.195.163.227
   3797 74.254.73.226
   2989 200.19.200.174
   1718 50.129.20.208
   1160 200.169.44.45
   1119 200.206.35.74
    624 201.64.113.34
    516 186.215.65.33
    352 201.48.247.23
    352 187.72.210.97
    350 200.171.23.66
    281 177.96.208.28
    212 187.28.183.82
    206 189.22.174.82
    200 200.195.127.118
    195 187.72.239.145
    180 68.213.39.6
    180 198.234.129.210
    176 201.93.57.129
    176 201.90.121.244
    176 201.82.103.134
    176 201.67.192.74
    176 201.59.167.213
    176 201.55.163.226
    176 201.55.123.98
    176 201.48.80.252
    176 201.30.191.178
    176 201.26.253.187
    176 200.250.99.132
    176 200.247.208.84

Note that 128.173.14.71 was an IBM RS/6000 taken out of service in June 1999,
and we've not re-used the IP address since.  So basically, anybody who has
tried to get NTP from that address anytime this century has come up empty.

The other scary number?

% tcpdump -n -r ~/ntp.dump | grep NTP | cut -f6 -d' ' | sort | uniq -c
reading from file /home/valdis/ntp.dump, link-type EN10MB (Ethernet)
    413 NTPv1,
    205 NTPv2,
  34900 NTPv3,
   2155 NTPv4,

I'm not sure which scares me more - that there are boxes on the net *still*
running v1 or v2, or boxes that have upgraded to v4 and are blindly using
the same ntp.conf without bothering to sanity check if a clock is still usable....



-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 848 bytes
Desc: not available
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20150627/302bb550/attachment.sig>

More information about the NANOG mailing list