Re: Rant (Was Re: Our friend FTP, again)

[Janos Mohacsi <mohacsi () iit bme hu>]

On Tue, 20 Apr 1999 ark () eltex ru wrote:

> Date: Tue, 20 Apr 1999 13:14:30 +0400
> From: ark () eltex ru
> To: mohacsi () iit bme hu
> Cc: dleblanc () mindspring com, firewall-wizards () nfr net
> Subject: Re: Rant (Was Re: Our friend FTP, again)
>
> -----BEGIN PGP SIGNED MESSAGE-----
>
> nuqneH,
>
> Janos Mohacsi <mohacsi () iit bme hu> said :
>
> > I am sure that IPv6 will be deployed in 1-2 years, because of shortage of
> > IP address base in Asia, and Europe. US  will lag behind of them: enough
> > IPv4 addresses. But If you get IPSec with IPv6 why you will not buy IPv6
> > ready/compliant system.... 
> >
> > IPv6/IPsec combination are quite mature from several vendors.
>
> Hell, i am pretty sure IPv4 address shortage is pure administrative
> problem, not a technical one. Seen too much of "we have a research lab
> with ~100 workstations so we need C network" :-E~~  (actually they need 3:
> one for firewall and 2 for public servers) I can't believe ipv4 address
> space is not enough for all hosts that actually need true routable
> address.

I am sure it may be tecnical too and economical.

Scenario1: NAT box 
NAT box (firewall)                                      A $
Administrative task to maintain workstations            B $
Modify applications to use NAT/firewall                 C $
Use existing IPv4                                       0 $


Scenario2: IPv6  
Get IPv6 compliant router or router software            ~ A $
Administrative task to maintain workstations            << B $
Modify applications to use IPv6                         > C $
Use existing IPv6                                       0 $

Porting a well written program to  Pv6 is very easy.


Other economical factors:
Router table of backbone routers with NAT will be very confusing and very
big... -> Routing slow down....

With IPv6 plus:
1. Everybody can have routable address -> Easier global local connection
-> If you need multimedia capability NAT wont be your bottleneck.

2. IPSec

3. Multimedia capability built in.

etc...


> If we find a way to get those addresses back from _abusers_ (sic!) then we
> don't have to spend time and money migrating to v6.

So you advocate renumbering...
Did youe ever tried IPv4 renumbering? It is a nightmare. It is much more
easier with IPv6 (built in capability...) 


What do you think of the the different mobile devices, intelligent cars
,refrigerators, intelligent houses. Do they need IP address ? Certainly
yes. How would you access your own house devices without IPv6?
With NAT? How much adresses do you need? 

NATs are only a partial sollutions. With NAT we can have 2^32 (Address
part)*2^16 (port part) addresses: 281474976710656 but efficiency of
allocation hardly can be between 0.22 and 0.26. The efficiency can be
approximately: 0.26 (Address part) * 0.01 (Port part). Port part is quite
optimistic that means that we can serve 600 client from one address... 

So the total end system with NAT appriximatley: 73 000*10^6. 
To compare:
The total population of USA is: 267*10^6 
But total population of China is: 1221*10^6

Probably we have enough IP numbers with 128 bits...

Janos Mohacsi