[181555] in North American Network Operators' Group
Re: How long will it take to completely get rid of IPv4 or will it
daemon@ATHENA.MIT.EDU (Valdis.Kletnieks@vt.edu)
Sat Jun 27 18:01:29 2015
X-Original-To: nanog@nanog.org
To: bob@FiberInternetCenter.com
In-Reply-To: Your message of "Sat, 27 Jun 2015 07:38:43 -0700."
<afbe484dc31699873778f26d98f096bd.squirrel@66.201.44.180>
From: Valdis.Kletnieks@vt.edu
Date: Sat, 27 Jun 2015 17:54:05 -0400
Cc: North American Network Operators' Group <nanog@nanog.org>
Errors-To: nanog-bounces@nanog.org
--==_Exmh_1435442045_2477P
Content-Type: text/plain; charset=us-ascii
On Sat, 27 Jun 2015 07:38:43 -0700, "Bob Evans" said:
> What will come first ?
> A) the earths future core rotation changes altering the ionosphere in such
> a way that we are all exposed to continuous x-rays that shorten our
> lifespan
> OR
> B) the last IPv4 computer running will be reconfigured to IPv6
Data point:
I just ran a tcpdump looking for NTP packets going to 128.173.14.71. In 90
minutes, I got hits from 330 unique IP addresses, including some that were
chatty enough to indicate there were dozens of hosts behind a NAT.
The biggest offenders:
% tcpdump -n -r ~/ntp.dump | cut -f3 -d' ' | cut -f1-4 -d'.' | sort | uniq -c | sort -nr | head -30
reading from file /home/valdis/ntp.dump, link-type EN10MB (Ethernet)
5507 200.195.163.227
3797 74.254.73.226
2989 200.19.200.174
1718 50.129.20.208
1160 200.169.44.45
1119 200.206.35.74
624 201.64.113.34
516 186.215.65.33
352 201.48.247.23
352 187.72.210.97
350 200.171.23.66
281 177.96.208.28
212 187.28.183.82
206 189.22.174.82
200 200.195.127.118
195 187.72.239.145
180 68.213.39.6
180 198.234.129.210
176 201.93.57.129
176 201.90.121.244
176 201.82.103.134
176 201.67.192.74
176 201.59.167.213
176 201.55.163.226
176 201.55.123.98
176 201.48.80.252
176 201.30.191.178
176 201.26.253.187
176 200.250.99.132
176 200.247.208.84
Note that 128.173.14.71 was an IBM RS/6000 taken out of service in June 1999,
and we've not re-used the IP address since. So basically, anybody who has
tried to get NTP from that address anytime this century has come up empty.
The other scary number?
% tcpdump -n -r ~/ntp.dump | grep NTP | cut -f6 -d' ' | sort | uniq -c
reading from file /home/valdis/ntp.dump, link-type EN10MB (Ethernet)
413 NTPv1,
205 NTPv2,
34900 NTPv3,
2155 NTPv4,
I'm not sure which scares me more - that there are boxes on the net *still*
running v1 or v2, or boxes that have upgraded to v4 and are blindly using
the same ntp.conf without bothering to sanity check if a clock is still usable....
--==_Exmh_1435442045_2477P
Content-Type: application/pgp-signature
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
Comment: Exmh version 2.5 07/13/2001
iQIVAwUBVY8bfQdmEQWDXROgAQL5DhAAvhwHNLQ9foniXzZWSbLE9tbigIL0k2al
S0OeaL7RM1d8aKwiZCbiYFZZccoHUGKYp0/hARJzlv/ThGmmWgI1qh24Ypc1XJuD
4xhSDRXmDYfgliEFdG96SIoP2c7DUtsnyujWVPCE0vgnfdKtr6mId1n1obmcNDx2
x0vGNneKFDOL3eKz6APQ/o5u82568puPgD5RO/hQ5Pmt2bgR1g+eUbPjbzYNd3i2
/NR1ntDkaNjBzUzVbhCsn1tYFqpfif2eRorvFSfLJbo5mNcJ8v0RCz2I47jiLrbQ
YYBWbXjh0zpZGjyNfw57iyygFXB7RCYUlJ26bAeF3TTBFAhhnSRwNr7J6NYsp+bI
Tn7WnPD0Ev3Lq7JmG13HjiW5G333lZJK25NNWk942VVWq+lvQGf8Pq5jKXFPpdr5
rVNyP1TIvpz2gPeoH9tC9/4WMTi87spIRuZNSGQUFrpZOWgwiQJi7YhHw96Ant3m
e/uWC7UeYEz2FpXFhXre/i5roNCiQzwa3XXD9J/BcprUuA7cIgT4vt6JjlSGf/s9
JRut/W9pbIcHxKNF7il0a+My2aPdV1hG41rEZ8lsFZYQdmvPkodoXzCpFA5nMT02
yw3FCokPmy7717T5k06BTOGFiOfYLQCFjrMtE9LHM/ERyKS6i9aRDVgWuUQajGlr
FKZWPCi+17Y=
=A6bB
-----END PGP SIGNATURE-----
--==_Exmh_1435442045_2477P--
