Skip to main content

What's Your IPv6 Plan?

July 22, 2014

Microsoft announced on June 11 that their supply of US-based IPv4 addresses for their Azure cloud service has run dry. With no more IPv4 addresses available from the American Registry for Internet Numbers (ARIN), Microsoft has been forced to resort to what’s left of their pool of international IPv4 addresses to support new service deployments. This situation creates some geo-location concerns. According to Ganesh Srinivasan, Azure’s Senior Program Manager, “Some Azure customers may have noticed that for a VM deployed in a U.S. region, when they launch a localized page on a web browser, it may redirect them to an international site.”

IPv4 address depletion hardly comes as a surprise for Microsoft, the company that famously purchased 666,624 IPv4 addresses from Nortel for $7.5 million – that’s $11.25 per address – in a bankruptcy sale back in March of 2011. They knew IPv4 was on its last legs and have been working hard for years to minimize the effects on its business. And yet, here we are with Azure struggling to find addresses for its customers.

The takeaway lessons are that IPv4 depletion is real, IPv6 transition is non-trivial and companies that are not planning for IPv6 now are soon going to be in trouble.

Having been heavily involved in the IPv6 community for more than 15 years, the only thing that surprises me is that IPv4 address depletion still surprises some operators. Despite our “voices in the wilderness” act, most networkers circa 2003 believed that IPv4 depletion would not happen until sometime in the 2020s – if at all. Then, by 2005 enough data was gathered to indicate that IPv4 depletion would happen much earlier than anticipated. Pessimistic forecasts indicated depletion in 2008, and the most optimistic were indicating no later than 2015.

Heads began coming out of the sand, but still no one was doing much about it because there was no sense of urgency. IPv6 deployment was expensive and troublesome, and IPv4 address depletion was tomorrow’s problem.

Well, tomorrow is here.

The Internet Assigned Numbers Authority (IANA), the organization that manages the worldwide IP address supply, announced on February 3, 2011 that they had allocated the last available IPv4 addresses to the five Regional Internet Registries (RIRs). And what’s the status of the five RIRs? Well, if your company is based in Africa you could be okay for a while. Otherwise, you might have a problem:

  • APNIC (covering Asia Pacific) announced that it had depleted its supply on April 15, 2011. 
  • RIPE NCC (covering Europe, the Middle East and western Asia) announced depletion on September 14, 2012.
  • ARIN (covering North America and parts of the Caribbean) announced depletion on April 23 of this year.
  • LACNIC (covering Latin America and parts of the Caribbean) announced depletion on June 10 of this year.
  • AFRINIC (covering the African continent) is not expected to reach depletion until sometime in 2019. However, out-of-region use of AFRINIC address space can be expected to accelerate their depletion date.

It’s important to understand what the RIRs mean by “depletion.” They operate under something called a Final /8 Policy by which, when the last 8-bit prefix (16,777,216 individual addresses) is reached, assignment policies are tightened, the size of prefix that can be requested is sharply limited to /22, and in some cases only LIRs (service providers) can request those. Policy specifics vary among the RIRs, but in all cases that last block of 16 million addresses is treated as a depleted resource.

Below the RIR level, service providers who assign addresses to their customers (Local Internet Registries, or LIRs) have remaining pools of varied sizes and varied strategies for conserving what they have left. But we are watching the last few IPv4 addresses swirling down the drain.

Yet even in the face of these cold hard facts, I regularly encounter networkers intrepidly clinging to the fleeting hope that it really isn’t all that bad. That somehow, some way, they won’t have to deal with IPv6 deployment.

They’ll point out that while the entire IPv4 address space consists of 256 /8 prefixes, the addresses currently advertised in the BGP tables of the public Internet represent around 160 /8s.  Even accounting for Class D (Multicast), Class E (Experimental) and other reserved addresses, the BGP tables indicate that there is a large pool, somewhere out there, of unused IPv4 addresses. Why isn’t the IANA reclaiming those unused addresses?

A few years ago the IANA did, in fact, consider forcing the return of unused IPv4 address blocks. Their conclusion was that the cost in time and legal expenses of such a reclamation project far outweighed the benefit. The IANA estimated that taking back a single /8 could involve up to 2 years of courtroom time, for a resource that would be used up in about 2 months. Aside from a very few civic-minded organizations, most holders of unused address blocks will fight to keep them.

The very fact of IPv4 depletion is the reason so few are willing to voluntarily give back unused addresses. They know they’re sitting on a valuable asset. There are estimates that the price of an IPv4 address could rise well above the $11.25 Microsoft paid to $30 or more. Poor planning leads to panic, and panic is always profitable for someone. A number of brokerages have arisen to facilitate – with the sanction of RIRs – the sale of IPv4 addresses from those who have ‘em to those who need ‘em.

Does it make sense to purchase a block of IPv4 addresses? It might, if you have Microsoft’s pocket depth, and the alternative is to lose new business. But would the money be better spent getting IPv6 up and running in your network?

Converting the unused Class E IPv4 addresses to public or private address space has also been suggested more than once. Class E accounts for 16 of IPv4’s 256 /8s, which seems like a lot. But distributed worldwide, that would only extend the life of IPv4 for about 18 months before we’re back to depletion. Add to that the expense and headaches of upgrading operating systems that currently see Class E addresses as invalid, and it again makes more sense to invest that effort into deploying IPv6.

IPv4 depletion is inevitable, and ignoring it is a serious business risk. And if you think deploying IPv6 is expensive now, try doing it in emergency mode. Do you know when you will need IPv6? Do you know how you’re going to deploy it?

Having a good plan now will save you serious expense and headaches later.

Related Blogs

March 11, 2014

How-To: Implementing a Baseline for IPv6 Controls

Many organizations have IPv6 in their line of sight but are not ready to implement. Because the IPv6 protocol stack is enabled as a default on most sy...

See Details

January 17, 2014

IPv6 Transition: Time to Address the Issue

What is IPv6? The basics: an IP address is like a postal address for each and every Internet-connected device. Without one, websites would not know wh...

See Details

June 24, 2014

Confessions of an IPv4 Conservative

An area in which I've seen IPv4 thinking influence IPv6 addressing is on the prefix allocation side. And I have a confession to make: Until recently I...

See Details

How Can We Help?

Let us know what you need, and we will have an Optiv professional contact you shortly.

Privacy Policy

Related Insights

Stay in the Know

For all the latest cybersecurity and Optiv news, subscribe to our blog and connect with us on Social.


Join our Email List

We take your privacy seriously and promise never to share your email with anyone.

Stay Connected

Find cybersecurity Events in your area.