Friday, 13 June 2014

IPv4 running out

Well, it was bound to happen sooner or later - Microsoft say they have
run out of US IPv4 addresses for their Azure service and are now starting to assign non-US addresses to US services.

This follows LACNIC (the regional registry responsible for Latin America and the Caribbean) announcing that their Gradual Exhaustion and New Entrants policies had come into effect on Monday as they hit their last /10 (around 4 million IPv4 addresses).  This essentially means that the remaining addresses are going to be allocated on an extremely strict policy, which to all intents and purposes means there are no more addresses to be had from LACNIC.

APNIC (Asia Pacific) and RIPE (Europe) have been running under their respective end-game policies for some time now, and ARIN (North America) are also operating under their "phase 4" policy, although this policy seems very vague compared to those of the other RIRs.  So the only region where IPv4 addresses are still being handed out is AFRINIC (Africa).

AFRINIC have a relatively large number of addresses left and don't really seem to burn through them very fast, probably owing to relatively slow technological development within the region - they have about 3.14 /8s (about 53 million addresses) and are projected to run out some time around the middle of 2019 with their current rate of consumption.  It will be interesting to see if the AFRINIC consumption now increases as global businesses, such as Microsoft, start requesting assignments from AFRINIC to be used in other regions.  Indeed, I wonder if the history of the applicant will count against them - will AFRINIC refuse to hand addresses to Microsoft, for example, because they now have a history of using large numbers of non-US addresses on US services?

I note that The Register has made a few silly comments in their article on this latest news that probably need some clarification:

Firstly they ask "why Azure is relying on Ipv4".  Microsoft's blog post didn't mention anything about the internals of Azure - it didn't indicate that the actual infrastructure was affected at all.  Indeed, the internals are probably running on IPv6, or private IPv4 addresses, so wouldn't be affected by the IPv4 address shortage.  However, The Register has failed to figure out that the people hosting services on Azure want the general public to be able to access them, and with the majority of ISPs still dragging their feet to roll out IPv6 to their customers there's no alternative but to use IPv4 on the server end too.

The other question they pose is "how Redmond let itself run out of IPv4 addresses" when they were "buying IPv4".  Now to be clear: IPv4 addresses have never been a purchasable commodity.  Addresses were assigned by the regional registrars according to strict criteria - at no point could Microsoft have gone to a registrar and said "can we have enough addresses to last us 10 years please" - the registrar would've told them to get lost (RIPE's policy was for LIRs to only get 6 months' worth at a time, for example).  Now, MS did, in fact, buy a bunch of IP addresses from the bankrupt Nortel in 2011, and there was some surprise that the registry didn't just demand that they be returned since strictly speaking this kind of sale doesn't seem to be allowed - the terms of most registries is that you return addresses to the registry when you stop using them.  Arguably a company that is selling off thousands of addresses is no longer using them, so they should've probably been returned rather than being sold.  In any case, in the general case, IPv4 addresses have never been for sale, so its hard to fault Microsoft for not buying up the world's supply years ago.

What is clear, however, is that everyone, especially ISPs, seriously needs to pull their finger out and roll out IPv6 soon.  Its long past the point where we can expect a slow trouble-free migration, we're well into a period where there's going to be some major disruption as people who have been dragging their feet suddenly spot the sky falling in on them.

No comments:

Post a comment