IPv4

IPv4 address exhaustion is the depletion of the pool of unallocated Internet Protocol Version 4 (IPv4) addresses. The IP address space is managed by the Internet Assigned Numbers Authority (IANA) globally, and by five regional Internet registries (RIR) responsible in their designated territories for assignment to end users and local Internet registries, such as Internet service providers. With IANA's exhaustion on 31 January 2011,^[1][2][3] and the RIR APNIC's exhaustion on 15 April 2011, some parts of the world have already exhausted their IPv4 allocations,^[4][5][6] and the remaining RIRs are expected to deplete their pools within a few years.^[5]

IPv4 provides approximately 4.3 billion addresses; a subset of these have been distributed by IANA to the RIRs in blocks of approximately 16.8 million addresses each. The depletion of the IPv4 allocation pool has been a concern since the late 1980s, when the Internet started to experience dramatic growth. The Internet Engineering Task Force (IETF) created the Routing and Addressing Group (ROAD) in November 1991 to respond to the scalability problem caused by the classful network allocation system in place at the time.^[7][8] The anticipated shortage has been the driving factor in creating and adopting several new technologies, including Classless Inter-Domain Routing (CIDR) in 1993, network address translation (NAT), and IPv6 in 1998;^[8] IPv6 (Internet Protocol Version 6), which can support about Padron:Val addresses, is the IETF's successor technology to IPv4.^[9]

Although the predicted depletion was already approaching its final stages in 2008, most providers of Internet services and software vendors were just beginning IPv6 deployment.^[10]

IP addressing

Every node of an Internet Protocol (IP) network, such as a computer, router, or network printer, is assigned an IP address that is used to locate and identify the node in communications with other nodes on the network. Internet Protocol version 4 provides 2³² (approximately 4.3 billion) addresses. However, large blocks of IPv4 addresses are reserved for special uses and are unavailable for public allocation.

The IPv4 addressing structure provides an insufficient number of publicly routable addresses to provide a distinct address to every Internet device or service. This problem has been mitigated for some time by changes in the address allocation and routing infrastructure of the Internet. The transition from classful network addressing to Classless Inter-Domain Routing delayed the exhaustion of addresses substantially.

In addition, network address translation (NAT) permits Internet service providers and enterprises to masquerade private network address space with only one publicly routable IPv4 address on the Internet interface of a customer premise router, instead of allocating a public address to each network device. Complicating matters, IPv6 unaware NATs break native and 6to4 IPv6 connectivity, and a large fraction break 6in4 tunnels.

Address depletion

While the primary reason for IPv4 address exhaustion is insufficient design capacity of the original Internet infrastructure, several additional driving factors have aggravated the shortcomings. Each of them increased the demand on the limited supply of addresses, often in ways unanticipated by the original designers of the network.

Mobile devices

As IPv4 increasingly became the de facto standard for networked digital communication, the cost of embedding substantial computing power into hand-held devices dropped. Mobile phones have become viable Internet hosts. New specifications of 4G devices require IPv6 addressing.

Always-on connections

Throughout the 1990s, the predominant mode of consumer Internet access was telephone modem dial-up. The rapid growth of the dial-up networks increased address consumption rates, although it was common that the modem pools, and as a result, the pool of assigned IP addresses, were shared amongst a larger customer base. By 2007, however, broadband Internet access had begun to exceed 50% penetration in many markets.^[11] Broadband connections are always active, as the gateway devices (routers, broadband modems) are rarely turned off, so that the address uptake by Internet service providers continued at an accelerating pace.

Internet demographics

There are hundreds of millions of households in the developed world. In 1990, only a small fraction of these had Internet connectivity. Just 15 years later, almost half of them had persistent broadband connections.^[12] The many new Internet users in countries such as China and India are also driving address exhaustion.

Inefficient address use

Organizations that obtained IP addresses in the 1980s were often allocated far more addresses than they actually required, because the initial classful network allocation method was inadequate to reflect reasonable usage. For example, large companies or universities were assigned class A address blocks with over 16 million IPv4 addresses each, because the next smaller allocation unit, a class B block with 65536 addresses, was too small for their intended deployments.

Many organizations continue to utilize public IP addresses for devices not accessible outside their local network. From a global address allocation viewpoint, this is inefficient in many cases, but scenarios exist where this is preferred in the organizational network implementation strategies.

Due to inefficiencies caused by subnetting, it is difficult to use all addresses in a block. The host-density ratio, as defined in RFC 3194, is a metric for utilization of IP address blocks, that is used in allocation policies.

Early mitigation efforts

Efforts to delay address space exhaustion started with the recognition of the problem in the early 1990s, and include:

• Use of Network address translation (NAT), in which many computers share one IP address, but which makes the computers behind the NAT unaddressable from the outside, breaking end-to-end connectivity
• Use of private network addressing
• Name-based virtual hosting of web sites
• Tighter control by regional Internet registries on the allocation of addresses to local Internet registries
• Network renumbering and subnetting to reclaim large blocks of address space allocated in the early days of the Internet, when the Internet used inefficient classful network addressing

Exhaustion dates and impact

Talaksan:Ipv4-exhaust.svg

Exhaustion of IPv4 addresses since 1995.

Talaksan:Rir-rate.svg

IPv4 addresses allocation rate per RIR.

Talaksan:Huston rir ipv4 exhaustion projection.png

Geoff Huston's projection of the evolution of the IP pool for each RIR.

On 31 January 2011, the last two unreserved IANA /8 address blocks were allocated to APNIC according to RIR request procedures. This left five reserved but unallocated /8 blocks.^[4][13][14] In accord with ICANN policies, IANA proceeded to allocate one of those five /8s to each RIR, exhausting the IANA pool,^[15] at a ceremony and press conference on 3 February 2011.

The various legacy address blocks with administration historically split among the RIRs were distributed to the RIRs in February 2011.^[16]

APNIC was the first regional Internet Registry to run out of freely allocated IPv4 addresses, on 15 April 2011. This date marked the point where everybody who needed an IPv4 address could not be guaranteed to have one allocated. As a consequence of this exhaustion, end-to-end connectivity as required by specific applications will not be universally available on the Internet until IPv6 is fully implemented. However, IPv6 hosts cannot directly communicate with IPv4 hosts, and have to communicate using special gateway services. This means that general-purpose computers must still have IPv4 access, for example through NAT64, in addition to the new IPv6 address, which is more effort than just supporting IPv4 or IPv6. The demand for IPv6 is expected to ramp up to pervasiveness over three to four years.^[17]

In early 2011, only 16–26% of computers were latent IPv6 capable, while only 0.2% prefer IPv6 addressing^[18] many using transition methods such as Teredo tunneling.^[19] About 0.15% of the top million websites are IPv6 accessible.^[20] Complicating matters, 0.027% to 0.12% of visitors cannot reach dual-stack sites,^[21][22] but a larger percentage (0.27%) cannot reach IPv4-only sites.^[23] IPv4 exhaustion mitigation technologies include IPv4 address sharing to access IPv4 content, IPv6 dual-stack implementation, protocol translation to access IPv4 and IPv6-addressed content, and bridging and tunneling to bypass single protocol routers. Early signs of accelerated IPv6 adoption after IANA exhaustion are evident.^[24]

Regional exhaustion

Talaksan:Regional Internet Registries world map.svg

Regional Internet registries

APNIC was the first RIR to restrict allocations to 1024 addresses for each member due to its stock reaching critical levels of 1 /8 at 14 April 2011.^{[4][25][26][27][28][29]} The APNIC RIR is responsible for address-allocation in the area where the internet is growing the quickest with emerging markets like China and India.

RIPE NCC, the regional Internet registry for Europe, is expected to be the next RIR after APNIC to run out of allocatable IPv4 addresses. This exhaustion is expected in the middle of 2012 according to Geoff Huston's projection. The exhaustion may occur sooner, depending on whether RIPE NCC experiences a last minute run on IPv4 addresses like the one seen at APNIC, and on whether LIRs which would normally have requested addresses from APNIC will now request addresses from RIPE NCC ("RIR shopping"). Starting 1 July 2010, RIPE has also been providing LIRs with addresses for progressively smaller periods of time, only providing addresses for up to 3 months of expected usage from 1 July 2011.^[30]

Other RIRs are expected to exhaust within half a year to several years.^[31]

After IANA exhaustion, IPv4 address space requests are subject to additional restrictions at ARIN,^[32] but allocation policy is still largely unchanged. APNIC, LACNIC, and RIPE NCC are reserving the last obtained block for IPv6 transition, following special endgame set-aside policies.

Impact of APNIC RIR exhaustion and LIR exhaustion

Systems that require inter-continental connectivity will have to deal with exhaustion mitigation already due to APNIC exhaustion. At APNIC, existing LIRs could apply for twelve months stock before exhaustion when they were using more than 80% of allocated space allocated to them.^[33] Since 15 April 2011, the date when APNIC reached its last /8 block, each (current or future) member will only be able to get one allocation of 1024 addresses (a /22 block) once.^[34][35] As the slope of the APNIC pool line on the "Geoff Huston's projection of the evolution of the IP pool for each RIR" chart to the right shows, the last /8 block would have been emptied within one month without this policy. By APNIC policy, each current or future member can receive only one /22 block from this last /8 (there are 16384 /22 blocks in the last /8 block). Since there are around 3000 current APNIC members, and around 300 new APNIC members each year, APNIC expects this last /8 block to last for many years.^[36]

The 1024 addresses in the /22 block can be used by APNIC members to supply NAT44 or NAT64 as a service on an IPv6 network. However at a new large ISP, 1024 IPv4 addresses might not be enough to provide IPv4 connectivity to all the customers due to the limited number of ports available per IPv4 address.^[37]

The Regional Internet Registries (RIR’s) for Asia (APNIC) and North America have a policy called the Inter-RIR IPv4 Address Transfer Policy which allows IPv4 addresses to be transferred from North America to Asia.^[38][39] The ARIN policy will receive final ratification on 16 November 2011.

IPv4 broker businesses have been established to facilitate these transfers.

Notable exhaustion advisories

Estimates of the time of complete IPv4 address exhaustion varied widely in the early 2000s. In 2003, Paul Wilson (director of APNIC) stated that, based on then-current rates of deployment, the available space would last for one or two decades.^[40] In September 2005, a report by Cisco Systems suggested that the pool of available addresses would deplete in as little as 4 to 5 years.^[41] In the last year before exhaustion, IPv4 allocations were accelerating, resulting in exhaustion trending to earlier dates.

• On 21 May 2007, the American Registry for Internet Numbers (ARIN), the Anglo-American RIR, advised the Internet community that due to the expected exhaustion in 2010, "migration to IPv6 numbering resources is necessary for any applications which require ongoing availability from ARIN of contiguous IP numbering resources".^[42] "Applications" include general connectivity between devices on the Internet, as some devices only have an IPv6 address allocated.
• On 20 June 2007, the Latin American and Caribbean Internet Addresses Registry (LACNIC), advised "preparing its regional networks for IPv6" by 1 January 2011, for the exhaustion of IPv4 addresses "in three years time".^[43]
• On 26 June 2007, the Asia-Pacific Network Information Centre (APNIC), the RIR for the Pacific and Asia, endorsed a statement by the Japan Network Information Center (JPNIC) that to continue the expansion and development of the Internet a move towards an IPv6-based Internet is advised. This, with an eye on the expected exhaustion around 2010, will create a great restriction on the Internet.^[44][45]
• On 26 October 2007, the Réseaux IP Européens Network Coordination Centre (RIPE NCC), the RIR for Europe, the Middle East, and parts of Central Asia, endorsed a statement^[46] by the RIPE community urging "the widespread deployment of IPv6 be made a high priority by all stakeholders".
• On 15 April 2009, ARIN sent a letter to all CEO/Executives of companies who have IPv4 addresses allocated informing them that ARIN expects the IPv4 space will be depleted within the next two years.^[47]
• In May 2009, the RIPE NCC launched IPv6ActNow.org to help explain "IPv6 in terms everyone can understand and providing a variety of useful information aimed at promoting the global adoption of IPv6".
• On 25 August 2009, ARIN announced a joint series event in the Caribbean region to push for the implementation of IPv6. ARIN reported at this time that less than 10.9% of IPv4 address space is remaining.^[48]
• World IPv6 Day was an event sponsored and organized by the Internet Society and several large content providers to test public IPv6 deployment. It started at 00:00 UTC on 8 June 2011 and ended at 23:59 the same day. The test primarily consisted of websites publishing AAAA records, allowing IPv6 capable hosts to connect to these sites using IPv6, and for misconfigured networks to be corrected.

Post-exhaustion mitigation

By 2008 policy planning for the end-game and post-exhaustion era was underway.^[49] Several proposals have been discussed to delay shortages of IPv4 addresses:

Reclamation of unused IPv4 space

Before and during the time when classful network design was still used as allocation model, large blocks of IP addresses were allocated to some organizations. Since the use of Classless Inter-Domain Routing (CIDR) the Internet Assigned Numbers Authority (IANA) could potentially reclaim these ranges and reissue the addresses in smaller blocks.Padron:Citation needed ARIN, RIPE NCC and APNIC have a transfer policy, such that addresses can get returned, with the purpose to be reassigned to a specific recipient.^[50][51][52] However, it can be expensive in terms of cost and time to renumber a large network, so these organizations will likely object, with legal conflicts possible. However, even if all of these were reclaimed, it would only result in postponing the date of address exhaustion.

Similarly, IP address blocks have been allocated to entities that no longer exist and some allocated IP address blocks or large portions of them have never been used. No strict accounting of IP address allocations has been undertaken, and it would take quite a bit of effort to track down which addresses really are unused, as many are only in use on intranets.Padron:Citation needed

Some address space that was previously reserved by IANA has been added to the available pool. There have been proposals to use the class E network range of IPv4 addresses,^[53][54] but many computer and router operating systems and firmware do not allow the use of these addresses.^{[41][55][56][57]} For this reason, the proposals have sought not to designate the class E space for public assignment, but instead propose to permit its private use for networks that require more address space than is currently available through RFC 1918.

Several organizations have returned large blocks of IP addresses. Notably, Stanford University relinquished their Class A IP block in 2000, making 16 million IP addresses available.^[58] Other organizations that have done so include the United States Department of Defense, BBN Technologies, and Interop.^[59]

Markets in IP addresses

The creation of markets to buy and sell IPv4 addresses has been considered to be a solution to the problem of IPv4 scarcity and a means of redistribution. The primary benefits of an IPv4 address market are that it allows buyers to maintain undisrupted local network functionality.^[60][61] IPv6 adoption, while in progress, is currently still in early stages.^[62] It requires a significant investment of resources, and poses incompatibility issues with IPv4, as well as certain security and stability risks.^[63][64]

• According to some research, IPv6 traffic over 2011 has accounted for less than 0.3% of all the Internet traffic, regardless of the source. Also, very few ISPs currently deploy IPv6 to the consumer market, so it is not necessary to reach more consumers.^[65]
• The creation of a market in IPv4 addresses would only delay the practical exhaustion of the IPv4 address space for a relatively short time, since the public Internet is still growing.
• The concept of legal ownership of IP addresses as property is explicitly denied by ARIN and RIPE NCC policy documents and by the ARIN Registration Services Agreement. Nor is it clear in which country's legal system the lawsuits would be resolved.
• Ad-hoc trading in addresses could lead to fragmented patterns of routing that could expand the global routing table.
• Microsoft bought 666,624 IPv4 addresses from Nortel's liquidation sale for 7.5 million dollars in a deal brokered by Addrex.^[66][67] Before exhaustion, Microsoft could have obtained addresses from ARIN without charge, provided that, as per ARIN policy, Microsoft could present ARIN with a need for them.^[68] The success of this transfer was contingent on Microsoft successfully presenting ARIN with such a justification. The purchase provided Microsoft with a supply that was sufficient for their claimed needs for growth over the next 12 months, rather than for a 3-months' period as is normally requested from ARIN.^[69]

Transition mechanisms

Padron:Unreferenced section As IPv4 addresses run out, some ISPs will not be able to provide globally routable IPv4 addresses to all their customers. Nevertheless those customers are likely to require access to servers that only have IPv4 addresses. Therefore, ISPs may have to provide a mechanism that allows those customers access to the IPv4 Internet.Padron:Citation needed Several technologies have been developed for providing this IPv4 service over an IPv6 access network.

In ISP-level IPv4 NAT, ISPs may implement IPv4 network address translation within their networks and allocate private IPv4 addresses to customers. This approach has the advantage of allowing the customer to keep using their existing hardware. This has been successfully implemented in some countries, e.g., Russia, where many broadband providers use Carrier-grade NAT, and offer publicly routable IPv4 address at an additional cost.Padron:Citation needed

However the allocation of private IPv4 addresses to customers may conflict with private IP allocations on the customer networks. Furthermore, very large ISPs may have to divide their network into subnets to allow them to reuse private IPv4 addresses, complicating network administration. There are also concerns that features of consumer-grade NAT such as DMZs, STUN, UPnP and application-level gateways might not be available at the ISP level. ISP-level NAT is likely to result in double NAT which is likely to further complicate the use of such mechanisms.Padron:Citation needed

NAT64 translates IPv6 requests from clients to IPv4 requests. This avoids the need to provision any IPv4 addresses to clients and allows clients that only support IPv6 to access IPv4 resources. However this approach requires modifying DNS replies (DNS64) and cannot support IPv4-only client devices.

DS-Lite (Dual-Stack Light) uses tunnels from the customer premises equipment to a network address translator at the ISP.^[70] The consumer premise equipment encapsulates the IPv4 packets in an IPv6 wrapper and sends them to a host known as the AFTR element. The AFTR element de-encapsulates the packets and performs network address translation before sending them to the public Internet. The NAT in the AFTR uses the IPv6 address of the client in its NAT mapping table. This means that different clients can use the same private IPv4 addresses, therefore avoiding the need for allocating private IPv4 IP addresses to customers or using multiple NATs.

Address plus Port allows stateless sharing of public IP addresses based on TCP/UDP port numbers. Each node is allocated both an IPv4 address and a range of port numbersPadron:Clarify to use. The technique avoids the need for stateful address translation mechanisms in the core of the network, thus leaving end users in control of their own address translation.Padron:Citation needed

Long-term solution

The deployment of IPv6 is the only available solution to the IPv4 address shortage.^[5] IPv6 is endorsed and implemented by all Internet technical standards bodies and network equipment vendors. It encompassed many design improvements, including the replacement of the 32-bit IPv4 address format with a 128-bit address for a capacity of about 3.4×10³⁸ addresses. IPv6 has been in active production deployment since June 2006, after organized worldwide testing and evaluation in the 6bone project ceased.

See also

• IPv6 transition mechanisms
• List of assigned /8 IPv4 address blocks

References

Padron:Reflist

External links

• Official current state of IPv4 /8 allocations, as maintained by IANA
• IPv6.com – Knowledge Center for Next Generation Internet IPv6
• ICANN recovers Large Block of Internet Addresses (14.0.0.0/8) 2008-02-10
• Global Policy Proposal for Remaining IPv4 Address Space – Background Report 2008-09-08
• potaroo.net: IPv4 Address Report with countdown
• RIR IPv4 status: APNIC RIPE

1. Padron:Cite web
2. Available Pool of Unallocated IPv4 Internet Addresses Now Completely Emptied, Major Announcement Set on Dwindling Pool of Available IPv4 Internet Addresses
3. Padron:Cite web
4. Padron:Cite web
5. Padron:Cite web
6. Padron:Cite web
7. RFC 4632
8. Padron:Cite book
9. Padron:Cite web
10. Padron:Cite web
11. Padron:Cite web
12. Padron:Cite web
13. Padron:Cite web
14. Padron:Cite web
15. Padron:Cite web
16. Padron:Cite web
17. Padron:Cite web
18. Padron:Cite web
19. http://www.apricot-apan.asia/__data/assets/pdf_file/0012/31314/2011-02-23-dualstack-geoff.pdf
20. Padron:Cite web
21. Padron:Cite web
22. http://www.nanog.org/meetings/nanog51/presentations/Tuesday/Y_world_ipv6_day_v2.pdf
23. Padron:Cite web
24. Padron:Cite web
25. Padron:Cite web
26. APNIC IPv4 Address Pool Reaches Final /8 [Apnic-announce], 15 April 2011
27. http://www.potaroo.net/tools/ipv4/fig27h.png
28. http://www.potaroo.net/presentations/2011-02-25-movie.pdf
29. http://www.tndh.net/~tony/ietf/IPv4-rir-pools-zoom.jpg
30. Padron:Cite web
31. Padron:Cite web
32. Padron:Cite web
33. Padron:Cite web
34. Padron:Cite web
35. Padron:Cite web
36. Padron:Cite web
37. Padron:Cite web
38. Padron:Cite web
39. Padron:Cite web
40. Exec: No shortage of Net addresses By John Lui, CNETAsia
41. Padron:Cite web
42. Padron:Cite press release
43. Padron:Cite press release
44. Padron:Cite press release
45. Padron:Cite press release
46. Padron:Cite web
47. Padron:Cite web
48. Padron:Cite news
49. Padron:Cite web
50. Padron:Cite web
51. Padron:Cite web
52. Padron:Cite web
53. Padron:Cite web
54. Padron:Cite web
55. Padron:Cite web
56. Padron:Cite web
57. Padron:Cite web
58. Padron:Cite web
59. Padron:Cite web
60. Padron:Cite web
61. Padron:Cite web
62. Padron:Cite web
63. Padron:Cite web
64. Padron:Cite web
65. Padron:Cite web
66. Padron:Cite web
67. Padron:Cite web
68. Padron:Cite web
69. Padron:Cite web
70. RFC 6333 - Dual-Stack Lite Broadband Deployments Following IPv4 Exhaustion