[182356] in North American Network Operators' Group
Re: Dual stack IPv6 for IPv4 depletion
daemon@ATHENA.MIT.EDU (Doug Barton)
Wed Jul 15 14:11:13 2015
X-Original-To: nanog@nanog.org
To: George Metz <george.metz@gmail.com>
From: Doug Barton <dougb@dougbarton.us>
Date: Wed, 15 Jul 2015 11:11:05 -0700
In-Reply-To: <CANjVB-j1sqAegk_68Fw+u=f=84tDCQuL0awpejYF3d7LfZQDcg@mail.gmail.com>
Cc: "nanog@nanog.org" <nanog@nanog.org>
Errors-To: nanog-bounces@nanog.org
This is an OpenPGP/MIME signed message (RFC 4880 and 3156)
--1W4bOM0LXA9BcLMUQtWOWaP1RAGFHlkO1
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: quoted-printable
On 7/15/15 8:20 AM, George Metz wrote:
> Reasonability, like beauty, is in the eye of the beholder, but I thank
> you for the compliment. :)
I call them like I see them. :)
> The short answer is "yes, that constitutes being prudent".
Ok, good news so far. :)
> The longer
> answer is "it depends on what you consider the wildest dreams".
>
> There's a couple of factors playing in. First, look at every /64 that i=
s
> assigned as an IPv4 /32 that someone is running NAT behind.
Ok, that's a relatively common analogy, even if it isn't quite=20
technically correct.
> This is flat
> out WRONG from a routing perspective, but from an allocation
> perspective, it's very much exactly what's happening because of SLAAC
> and the 48-bit MAC address basis for it. Since /64 is the minimum, that=
> leaves us with less than half of the available bit mask in which to han=
d
> out that 1/8th the address space.
I have my own issues with RA/SLAAC, but let's leave those aside for a=20
second. It's probably a more correct analogy (although still not=20
completely accurate) to say that a /64 is equivalent to an IPv4 /24, or=20
some other small network that would be utilized by an end user with the=20
expectation that there are multiple devices running in it. I agree with=20
you that you'd never want to route that /64, but you (generally)=20
wouldn't want to route a /24, or more accurately something like a /28,=20
either.
Also, as Owen pointed out, the original concept for IPv6 networking was=20
a 64 bit address space all along. The "extra" (or some would say,=20
"wasted") 64 bits were tacked on later.
> Still oodles of addresses, but worth
> noting and is probably one reason why some of the "conservationists"
> react the way they do.
It's easy to look at the mandatory /64 limit and say "See, the address=20
space is cut in half to start with!" but it's not accurate. Depending on =
who's using it a single /64 could have thousands of devices, up to the=20
limit of the broadcast domain on the network gear. At minimum even for a =
home user you're going to get "several" devices.
> Next, let's look at the wildest dreams aspect. The current
> "implementation" I'm thinking of in modern pop culture is Big Hero 6
> (the movie, not the comics as I've never read them). Specifically,
> Hiro's "microbots". Each one needs an address to be able to communicate=
> with the controller device. Even with the numbers of them, can probably=
> be handled with a /64, but you'd also probably want them in separate
> "buckets" if you're doing separated tasks. Even so, a /48 could EASILY
> handle it.
Right, 65k /64s in a /48.
> Now make them the size of a large-ish molecule. Or atom. Or protons.
> Nanotech or femtotech that's advanced enough gets into Clarke's Law -
> any sufficiently advanced technology is indistinguishable from magic -
> but in order to do that they need to communicate. If you think that
> won't be possible in the next 30 years, you probably haven't been payin=
g
> attention.
I do see that as a possibility, however in this world that you're=20
positing, how many of those molecules need to talk to the big-I=20
Internet? Certainly they need to communicate internally, but do they=20
need routable space? Also, stay tuned for some math homework. :)
> I wrote my email as a way of pointing out that maybe the concerns (on
> both sides)- aren't baseless,
Please note that I try very hard not to dismiss anyone's concerns as=20
baseless, whether I agree with them or not. As I mentioned in my=20
previous message, I believe I have a pretty good understanding of how=20
the "IPv6 conservationists" think. My concern however is that while=20
their concerns have a basis, their premise is wrong.
> but at the same time maybe there's a way
> to split the difference. It's not too much of a stretch to see that,
> soon, 256 subnets may not actually be enough to deal with the connected=
> world and "Internet of Things" that's currently being developed. But
> would 1024? How about 4096? Is there any need in the next 10-15 years
> for EVERYONE to be getting handed 65,536 /64 subnets?
So, here's where the math gets to be both fun, and mind-boggling. :)=20
There are 32 /8s in 2000::/3. Let's assume for sake of argument that=20
we've "wasted" two whole /8s with various drama. There are 2 to the 40th =
power /48s in a /8, multiply by 30, and divide by 10 billion (to=20
represent a fairly future-proof number of people on the planet). That's=20
3,298.5 /48s per person.
So you asked an interesting question about whether or not we NEED to=20
give everyone a /48. Based on the math, I think the more interesting=20
question is, what reason is there NOT to give everyone a /48? You want=20
to future proof it to 20 billion people? Ok, that's 1,600+ /48s per=20
person. You want to future proof it more to 25% sparse allocation? Ok,=20
that's 400+ /48s per person (at 20 billion people).
At those levels even if you gave every person's every device a /48,=20
we're still not going to run out, in the first 1/8 of the available space=
=2E
> Split the difference, go with a /52
That's not splitting the difference. :) A /56 is half way between a /48 =
and a /64. That's 256 /64s, for those keeping score at home.
So the advice I've been giving out for quite a while now, which has been =
both well received and implemented with success, is for ISPs who want to =
practice conservation to *reserve* a /48 for every home user, and to=20
*allocate* the first /56 from it. To some extent I agree with Owen that=20
the world would be a better place if everyone just gave out /48s. But=20
I'm also pragmatic, and I'd rather see IPv6 deployed sooner rather than=20
later. I think that 256 networks should be enough for even the most=20
complex home networks (including multiple layers of routers, etc.) and=20
it's incumbent on the software authors to slice up what they are handed, =
rather than making assumptions.
Meanwhile, if the ISP "blows through" their end-user pool at /48=20
reservations, they can go to their RIR and get more space. And if cosmic =
rays befuddle the minds of every RIR on the planet and somehow that=20
doesn't become possible, they can go back through their /48 reservations =
and start allocating the first /56 from the bottom /49 to new customers. =
Lather, rinse, repeat.
Doug
--=20
I am conducting an experiment in the efficacy of PGP/MIME signatures.=20
This message should be signed. If it is not, or the signature does not=20
validate, please let me know how you received this message (direct, or=20
to a list) and the mail software you use. Thanks!
--1W4bOM0LXA9BcLMUQtWOWaP1RAGFHlkO1
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="signature.asc"
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
iQEcBAEBCAAGBQJVpqI9AAoJEFzGhvEaGryE1g8H/27fDBGrqZ/eDWp9O3nCg3dE
HP2JCcWfg2lMW4Qhd0Rh1imquZTSDph3pY2FQf7fjHbHXN3EIrfr+HrMPZznlznu
fcTmQwDR0sha8/X5XDpR22BWqqudMzEX80gW7zJVDLrmBWJSLgQ/WhFVY5JrBxkF
2Faln/+U5LXazJ5vkcmj6X5YMIAe4B5tMcMHtetzxjwCxFgMeBLbzgjve4iaMPq/
99IyuA46mt6i5mQC7Io9NADpvhnmLOFbYUYMkeQY0XBoe0aUUUVG0dxZ7cIyRBjE
Jv4AhQXfCgdK+o/SxnCivBflg7yfYxEvMHJpFshlCed5hobC5wt2lDnyuT5vMlw=
=J0pA
-----END PGP SIGNATURE-----
--1W4bOM0LXA9BcLMUQtWOWaP1RAGFHlkO1--
