Deploy360 29 February 2016

Fruitful discussions at APRICOT

By Kevin MeynellFormer Senior Manager, Technical and Operational Engagement

APRICOT 2016The Internet Society including Deploy360 was in attendance at APRICOT 2016 which was held from 15-26 February 2016 at the SkyCity Convention Centre in Auckland, New Zealand. This is the annual get together of the network operations community in the Asia-Pacific region, and also incorporates meetings of the APNIC, APStar, APTLD and APIX participants, so definitely worthwhile attending.

There were a number of presentations with relevance to Deploy360 topics that are worth highlighting. First up, the session on IPv4 exhaustion and the state of the transfer market and the presentations from Alain Durand (ICANN), Geoff Huston (APNIC) and John Curran (ARIN). The figures for IPv4 address transfers clearly show a dramatic increase since mid-2015 as the remaining pool of IPv4 addresses is depleted, with the majority of transfers being registered by the largest LIRs. There has also been a significant transfer of legacy (i.e. pre-1997) addresses with the substantive majority being larger block sizes between /11 and /16, indicating that the economics are now favouring transfers from organisations with surplus addresses.

This is is backed up with data provided by Sandra Brown (IPv4 Market Group) and Gabe Fried (Hilco Streambank) who’ve seen substantial activity since the exhaustion of the ARIN IPv4 address pool. More IPv4 space had recently come onto the market, facilitated by the introduction of RIPE Inter-RIR transfers that had equalised prices to somewhere around USD 7-12 per IP address, but prices were again expected to rise in the near future. This was also because the higher prices per address paid for the smaller blocks was encouraging the break-up of larger blocks, with the corresponding consequences for the global routing table.

APRICOT 2016 Opening PlenaryIn fact, there is empirical evidence this is happening as Geoff Huston (APNIC) showed during his presentation on routing during the closing plenary. Despite the IPv4 address pool approaching exhaustion, the number of entries in the global routing table (default free zone) continues to grow at around 50,000 per year, with the total number of entries approaching 600,000.

However, the average age of addresses being announced has increased substantially in recent years, suggesting that formerly allocated but unused address space is being pressed into service. For example, only 2% of addresses announced in 2010 were allocated over 20 years ago, but this rose to 33% in 2015. In addition, the average size of routing advertisements has decreased from around 7,000 in 2010 to under 5,000 in 2015, even though growth in the total number of advertised IPv4 addresses shows signs of slowing.

By way of comparison, Geoff also showed that the number of IPv6 entries in the global routing table was growing at around 6,000 per year, with the total number of entries currently around 27,000. The number of IPv6 AS numbers is growing at about half the rate of those for IPv4, so whilst IPv6 remains a long way behind, the IPv6 routing table is growing at a relatively faster rate.

So the message is that IPv4 addresses really are running out, and the market is realising that it’s going to cost substantial amounts of money to maintain IPv4 in future. It’s also worth checking out the excellent presentation on IPv6 in Mobile Networks from Sunny Yeung (Telstra) who highlighted the reality that mobile networks need to be provisioned with IPv6. He points out there are even insufficient private IPv4 addresses when using Carrier Grade NATs (CGNs) on a global scale, and these complicate communication where private addresses need to be re-used. There is a very real cost to using CGNs, and spending money on interim solutions does not ultimately solve the long-term problems or simplify network operations.

Auckland Sky TowerFor those that might need further convincing, it’s again worth mentioning the reprised presentation earlier in the conference on IPv6 performance by Geoff Huston. We already highlighted this in our report on RIPE 71, but his analysis suggests that if you can establish a connection then IPv4 and IPv6 appear to have comparable performance, even though the odds of establishing the connection still currently favour IPv4. One interesting caveat though, is there appears to be greater instability in IPv6 BGP routing than in IPv4, although this mostly affects only a very small number of users. The reasons for this is something to investigate further.

The current state of IPv6 deployment was discussed in more detail during the IPv6 Readiness Measurement BoF, which included a presentation from Deploy360’s Kevin Meynell on the Internet Society’s State of IPv6 Readiness. In this session, several Regional and National Internet Registries provided the IPv6 state-of-play in their respective jurisdictions, with some additional perspective offered by individual organisations.

Last but not least, Kevin also presented on the Deploy360, BCOP and MANRS work during the ISOC@APRICOT session, as well as participating in the ‘Tech Girls Get Together’ session to relate his  inspirations and influences on how and why he got into networking in the first place. The goals of Deploy360 are to encourage real-world deployment of Internet technologies, but it’s important not to forget the next generation of network engineers too.

If all this inspires or persuades you to transition your networks, devices and applications to IPv6, then please see our Start Here page for more information!

Disclaimer: Viewpoints expressed in this post are those of the author and may or may not reflect official Internet Society positions.

Related articles

Improving Technical Security 15 March 2019

DNS Privacy Frequently Asked Questions (FAQ)

We previously posted about how the DNS does not inherently employ any mechanisms to provide confidentiality for DNS transactions,...

Improving Technical Security 14 March 2019

Introduction to DNS Privacy

Almost every time we use an Internet application, it starts with a DNS (Domain Name System) transaction to map...

Improving Technical Security 13 March 2019

IPv6 Security for IPv4 Engineers

It is often argued that IPv4 practices should be forgotten when deploying IPv6, as after all IPv6 is a...