The IPv4 Depletion site

The top stories for 2010 was that some major sites and ISPs turned on IPv6. What was the top 10 IPv6 and IPv4 depletion stories for 2011? Did I miss any significant story? Please comment.

1. IANA runs out of IPv4 addresses
In February 2011, IANA runs out of addresses. This was much earlier than most people predicted. People start to realize that they must start looking into IPv6.

2. APNIC runs out of IPv4 addresses
In April, just two months after IANA runs out of IPv4 addresses it is the first RIRs turn. APNIC serving Asia Pacific and Asia is down to their last /8 and the more restricted policy stats to take effect. They can no longer allocate IPv4 addresses the conventional way.

3. IPv4 addresses for sale
Microsoft aquires a large chunk of addresses from what is left of Nortel. They pay $11.25 per address. People are scratching their heads woundering why Microsoft just didn’t go to ARIN and request the addresses.

4.World IPv6 day
On 8 June, 2011, ISP’s and content providers joined together and turned on IPv6 for a day. The event was a success and very fee issues were found. This attest that IPv6 is ready for prime time.

5. Decrease in IPv4 allocation rate
The allocation rate of IPv4 slows down after APNIC’s depletion. More restrictive policies are in place at the RIR’s and we have not seen and really large allocations in either ARIN or RIPE.

6. Godaddy enables IPv6 DNS
Godaddy enables IPv6 for their DNS servers. 25% of the domains in the world are all of the sudden accessible over IPv6. (Note, that this relates to DNS servers, the web hosting service at Godaddy is still on “Internet classic”)

7. The realization that dual stack networks brokenness is minimal
World IPv6 day and other measurement efforts around the web concludes that the worries about IPv6 brokenness are exaggerated. It can be concluded that turning on IPv6 will not cause any significant loss in website viewers for most companies.

8. Vendor support
With the depletion of IANA and APNIC a lot of vendors jump on the IPv6 bandwagon. Most Firewall, Load balancer, DNS, etc vendors are issuing press releases about how they now support IPv6. They interesting questions will be if the support is as good as they claim.

9. Lack of IPv6 strategies from some large organizations
Just like in 2010. Some large organizations still seems to lack an Ipv6 strategy. Did they read the news at all?

10. Nokia ditches Symbian
Nokia changes strategy and ditches SymbianOS. This creates problems for the Wireless Carriers with Ipv6 plans, since symbian actually had the best IPv6 support of all phone platforms.

There are plenty of numbers floating around about the amount of IPv6 traffic that can be seen. Whenever I go to an industry event, somebody is always presenting a number. All of them are probably accurate but they are all significantly different. What are they actually are measuring and why are they so different?
First let’s look at some numbers from different industry stakeholders:

Backbone
At the Texas IPv6 Summit in September 2011, Yves Poppe from TATA communication noted that 0.061% of his traffic was IPv6. That doesn’t seem to be a lot. To simplify things, let’s round that number to 0.1%
Slides can be found here (slide 9)

Content
At IETF81 in Quebec City in July a panel of Google, Facebook, Cisco and Yahoo! noted how much IPv6 traffic they could see on the world IPv6 day. slides can be found here.
Google could see 0.33%, facebook 0.20, Yahoo! 0.29% and Cisco could see 1.11%
This sounds better, but still not great. Let’s round this number of to 1%

Clients
Also at the TXv6TF Summit in Austin, Ron Broersma from DREN presented how much traffic he can see in his fully dual stacked network. An astonishing 10% of his traffic is over IPv6. That sounds like a lot. His slides can be found here

How come these numbers are so significantly different from each other? Well, it is because the measure different things. Remember that both a v6 capable source and an IPv6 capable destination is needed for an IPv6 session to take place. The number from the IPv6 capable content providers (1%) is measuring the amount of IPv6 capable clients. The number from DREN is actually measuring the number of IPv6 capable servers (10%). The number from the backbone provider is measuring the ratio of IPv6 traffic that is the mathematical product of the IPv6 capable clients and the IPv6 capable servers. The figure below illustrates what the different measurements actually measures.

Conclusion
The two conclusions that can be drawn from this exercise is that:
1. The number of IPv6 capable content far exceeds the number of IPv6 capable clients. This is alarming as it really points to the fact that service providers are not taking IPv6 seriously (there are a few exceptions).
2. Any additional clients that are being upgraded to support IPv6 will have larger impact on the total IPv6 that the Internet backbones can see than a similar increase for the IPv6 content. For example an additional 1% of clients would bring up the total Internet traffic to 0.2% (10% * 2%) whereas a 1% increase on the content side would only bring up the total backbone traffic to 0.11% (11% * 0.1%).

Report from the TXv6TF summit – (C) Stephan Lagerholm September 16, 2011

The Texas IPv6 Task force summit in Austin took place between September 14 and 15. Here is a brief summary of the most interesting talks and conclusions. All presentations are already online if you want to deep dive.

IPv6 capable Wireless
First of all, I recently got a new laptop and I haven’t have time yet to test IPv6 on it. AT&T generously provided a WLAN with IPv6 support. Since I’m using Windows 7 I thought it would just work and that I would get a SLAAC address. However it turned out that I didn’t get on the IPv6 internet but everybody around me did. After some troubleshooting I realized that my host firewall that is built in with my antivirus actually IS BLOCKING IPV6 BY DEFAULT. Thanks for that F-secure, you just lost my business for my next renewal.

Breakage/Happy eyeballs
About a year ago, there were a lot of talks about how enabling IPv6 and adding AAAA records for your web servers could break a small fraction of clients. Although this breakage only would be a fraction of a percent it was still too high of a number for some large content providers.
Several speakers including myself concluded that the breakage appears to not be as severe as initially thought. Unless you are on the Alexa top 100 list, I think it is safe to say that you can enable IPv6 on your web server and publishing a quad-A record in your DNS without experiencing any problem.

IPv6 day is still going on
Yves Poppes from TATA communication as well as Ron Broersma from DREN shared some statistics about the IPv6 usage. It turns out that the IPv6 traffic has grown since the IPv6 day even if some large content providers decided to turn off IPv6 after the IPv6 day concluded. Ron concluded that they had around 15% IPv6 traffic on their network normally. Sometimes the IPv6 traffic spiked to up to 30%. Since his network is fully dual stacked, this is an indication on how much IPv6 content there are out there, probably more than you expected…

IPv4 run out?
Many presenters showed new statistics about when the different RIRs will run out. I shared some data from my IPv4depletion.com site. The consensus is that we might have a little bit more time with IPv4, especially in the ARIN region. This does however not mean that you can slack off on your IPv6 deployment.
Owen Delong from HE says: “I don’t think any IPv4 prediction that goes beyond 2012 for any RIR is accurate”. My personal opinion is that ARIN might have IPv4 addresses for some years longer than that, but again that does not mean that you can slack off on your IPv6 rollout.

Router Advertisement
There were a lot of discussion about rouge Router Advertisement and the security implication. I always thought that the problem as analog to a rogue DHCP server in IPv4. However Ron Broersma brought up a good point that the problem is mostly accidental and not malicious. If you turn on connection sharing in windows then all clients on the LAN might send you traffic. This is somewhat different from what you will have to do to accomplish the same thing on IPv4 with a DHCP server. In the IPv4 case you actually would have to download and activate a DHCP server, something that you don’t do by accident (Although I have to admit that I once pissed off a network admin by accidentally just doing that)

The next TXv6TF meeting will most likely be in Houston around March of next year. We hope to see you there.

I’m doing a webcast together with Jeff Hartley from Brocade on August 24. If you are interested in how you can deploy NAT64 and DNS64 with Brocade ServerIron ADX and Secure64 DNS, then please attend.

Register here

The email below showed up at the NANOG (North American Network Operators’ Group) email list today. It will be interesting to see if this block will get sold and if the seller manages to get as much or more money as the Nortel block that Microsoft bought earlier this year.

Subject: Corporation for Sale with IPv4 Assets
Date: August 6, 2011 6:31:04 PM EDT
To: nanog@nanog.org

North American Corporation (domiciled in Nevada) is for sale.

All non-IPv4 assets and debts (and other liabilities) have been transferred
to another related corporation.

IPv4 Assets include:
1 – ASN; and
3 – /20 networks (12,288 IP Addresses) direct allocations (non-legacy).

Multiple options available for sale/purchase.  Motivated sellers.
Please e-mail: ipv4brokers@gmail.com or call/text: (404) 532-9535.
Available on Saturday and Sunday for discussion.

Join us for the 3rd Texas IPv6 Task Force Summit in Austin, TX on September 14-15 2011.

Registration is now open

If you are new to IPv6 then I suggest that you also sign up for the lab. Everything is provided for free. I hope to see you there.

Stephan Lagerholm, Director Txv6TF.

© 2011 – Stephan Lagerholm (ipv4depletion.com)

At Nanog 52 John Curran, the president and CEO of ARIN held a presentation about IPv4 transfers. One of the slides stated that ARIN expects to run out of IPv4 addresses in early 2012. John also verbally hinted that it might actually be earlier than that. The presentation can be found here.

This prediction is very far away from my own prediction that ARIN will continue to have IPv4 addresses into April of 2014. I believe that John’s prediction is overly aggressive in terms of the depletion date. I’m looking at the statistics and facts that I have and I can really not see how ARIN will be depleted by the end of this years. Let’s look into this in more details. What I believe speaks for a later depletion date is that:

• ARIN has recently implemented a change in the policy so that you now only can request a supply of IPv4 to cover for the next 3 months of demand as oppose to 12 months of demand.
• ARIN currently holds the largest pool of free IPv4 addresses. The pool is about 6  x /8 or close to 100 million addresses.
• The current burn rate for ARIN is 0.1 x /8 pr about 1.6 million addresses per month. A simple linear extrapolation suggests depletion date 50+ months from now. That’s way into 2015!
• The consumption in the ARIN region has been very steady and linear lately. I don’t see any indication of that changing.

It is still however, good ideas to start implement IPv6 if you are in the ARIN region. What first and foremost should motivate you to do so is that APNIC and RIPE will soon be out of IPv4 addresses. There will soon be clients and servers in that region that you are unable to communicate with.

The world IPv6 day is finally here. Several large organizations are participating. Google is now responding with an IPv6 address for www.google.com when you ask their DNS forcing clients to try IPv6 prior to IPv4.

Some statistics about IPv6 traffic can be found here: For the Internet Exchange in Amsterdam and for Akamai
It is hard to tell right now if there is a significant increase in IPv6 traffic around the globe.

If you know any other sites that provides real time statistics, let me know.

This week APNIC delegated their last IPv4 address the conventional way. The remaining pool of IPv4 addresses in the APNIC region will be delegated in small chunks of 1024 addresses. There is in other words nothing left other than breadcrumbs in this region.

In contradiction to my very exact estimate of the IANA depletion date, my tool and the mathematics I have been using failed to predict the APNIC depletion date with good accuracy. The algorithms that I have been using were not very good at predicting how an over 300% increase in demand over the last 2 months affected the depletion date. I would have been better off just using a linear algorithm with the last 2 months of demand as my input.

I must say that I was very surprised how quickly the APNIC pool got depleted. It appears that a “rush to the bank” happened once the members in the region realized that they might not get any additional IPv4 addresses. As the graph below indicates, the APNIC average burn rate went from slightly below 400,000 IPv4 addresses per day prior to the IANA exhaustion to almost 1.2 million IPv4 addresses per day after the IANA pool was depleted.

RIPE next

The current burn rates and the sizes of the RIR pools suggest that RIPE will be the next registrar to run out of free IPv4 addresses. RIPE have had a quite modest burn rate of about 150,000 addresses per day over the last year. The peak in the graph below in November is from when both Orange and T-mobile in the UK allocated 2 million addresses each (T-mobile and Orange actually merged their UK operations, so it is somewhat strange that they both could get 2 million addresses at the same day, but that is another story).

A linear extrapolation based on the RIPE burn rate and pool size suggests that RIPE would run out of IPv4 addresses in May of next year. There is currently no indication of a “rush to the bank” in the RIPE region. The current burn rate is actually slower than the yearly average.  

Modeling RIPE based on APNIC

We know that the demand in APNIC increased substantially when it was apparent that they would be the first RIR to be depleted. If RIPE is experiencing the same type of rush, when would then RIPE get depleted? Let’s do the math:

RIPE has 4.27 x /8 addresses left in their pool. This equals about 71,650,000 addresses.

The one year average burn rate in the RIPE region has been around 150,000 addresses per day. The rush experienced in APNIC increased the demand by 3.08 times. A similar increase in demand would get RIPE to a burn rate of 460,000 addresses per day. With such burn rate, RIPE would only be able to honor delegation requests for another 156 days.

Based on the calculations above, the RIPE depletion date could be as early as 19^th September 2011.

The wildcard in this calculation is of course if “RIR shopping” will become popular. The fear is that members of other regions will start allocating addresses in regions with remaining IPv4 addresses. If this will become a reality, we could see an even earlier RIPE depletion date.

APNIC has announced that they are running out of IPv4 addresses. They have less than 1 x /8 left. This trigger a very strict delegation policy and IPv4 addresses will not be available the conventional way any longer in the region.

This means that we soon will see IPv6 only hosts in Asia Pacific. If you are doing business online and intend to provide service to those clients you will have to have IPv6 implemented. This is the final warning that you will have to implement IPv6 regardless of what region you are located in.