March 2006 Newsletter
p1.jpg
Intro
 

This month's 6Sense has articles on an issue that often arises – the address space of IPv6 versus IPv4. David Goodrum of NFR Security informs us on the exact number of IPv6 addresses (for those of us for whom “340 undecillion” just isn’t accurate enough), and gives us some clever similes to explain the size of a quintillion (a note to our British readers – we mean the U.S. definition here, also used by the U.N., of 1018 , not the British quintillion, which is 1030 ). Alex Ramia of coalitionsummit.com takes us through the history of NATs, both pro and con. And Dale Geesey of v6 Transition shows us various models of IPv4 address exhaustion which show that even under wildly optimistic assumptions – that the demand for addresses won’t go up because of increasing usage of devices such as cell phones, for instance – the day when one can no longer affordably get IPv4 addresses is in the foreseeable future. Finally, coalitionsummit.com is having an upcoming event in Falls Church, VA, and is providing information on that.
Speaking of upcoming events, please don’t forget to mark your calendars with the next Summit, the Federal IPv6 Summit in Reston, VA, from 17-19 May. The Federal IPv6 Summit will feature an outstanding line-up of speakers, including major political and military leaders, organizational executives, ISPs and first responders. The theme for this conference is Benefits, Innovations and Solutions, and that is what we intend to elicit from our world experts: the actual benefits that the Federal Government expects to see from IPv6 in the near and far term; what Innovations will be possible after the transition to v6 (as we all know, you often miss a lot of the payoff if you switch to new technology with old procedures); and, what solutions are presenting themselves to the challenges anticipated during the transition period. We expect strong support and attendance from the Federal departments and their contractor base. We also plan some surprise demonstrations of actual IPv6 applications, and up-to-the-minute reports on the first city in America to be both totally wireless and IPv6 enabled – this event will be unique, and you will experience history in the making.

Are you ready for your 18 quintillion new IPv6 neighbors?
 

One of the great benefits of IPv6 is also one of the biggest security problems. In IPv4, the total number of addresses was around 4 billion addresses or so. Most people in the industry already understand that there is a terrible shortfall of IP address space in the world, and have been told that IPv6 solves this problem. But, they may not understand how completely this problem has been solved, and the ramifications of this solution on security.
Bigger is Better
In IPv6, the total number of addresses is 340 billion billion billion billion addresses. Or more specifically, 340,282,366,920,938,463,463,374,607,431,768,211,456 addresses. That means, we don’t have to worry about running out of IP addresses ever again… at least, not for a long time…. maybe when we populate another solar system (there are plenty of addresses for every planet in our solar system). What we specifically want to discuss is how this affects subnetting. With IPv6, the smallest address space you can have is almost four billion times larger than the entire IPv4 address space (a little over 18 quintillion addresses just for a home user)! It is calculated as 264.
But, most people truly have almost no concept of how big 18 quintillion is. So, let me give you a few examples. Let’s say that a single IP address is represented by one inch (about 2.5mm) on my ruler. How many IP addresses do I need to get to the moon and back?

The Vanishing Trusted Network
 

The telecom world is seeing a shift in the challenge of its sole ownership of a Trusted Network. This erosion of its dominance started with the birth of the World Wide Web and, fortunately for Bell companies, this erosion of their control over a Trusted Network is considerably slowed as vulnerabilities are exposed on the Web. The first machines on the Internet network were connected through a secure, predictable pipe; this network pipe had fixed ends and was considered trusted.
Owners were identified and the Web was considered peer to peer. However, the peers were giant mainframes, and portable devices were concoctions of Hollywood. When the popularity of the Internet network forced its rushed growth, many things started to fail; some were quite memorable. Specifically, in 1997, 36 state attorney generals required AOL to stop advertising until it could provide reasonable modem access, allow easy cancellation and provide significant refunds.
In 1998, 20 states filed Assurances of Voluntary Compliance forcing America Online(AOL) to clarify its free trial offers, disclose its premium surcharges, communications charges, cancellation procedures, and reform its other business practices. As Ohio Attorney General Betty Montgomery said, announcing the 1998 AVC, "The problem we're experiencing with America Online is similar to a parking attendant that sells too many monthly passes — when drivers show up at the garage it's already full of cars."

Understanding IPv4 Address Exhaustion
 

The federal government has set 2008 as the date that all government agencies must start using IPv6 across their core networks and the agencies are working to meet that deadline; but, utilizing IPv6 in the core is different than utilizing IPv6 across the entire enterprise. Questions are already rising on what are the next steps beyond 2008 to continue the transition and what are the right dates to target for a complete transition to IPv6. The US Army has developed a transition approach in which they plan to try and limit the period of IPv4 and IPv6 coexistence. They plan to achieve IPv6 Dominance between 2010-2013 and begin actively removing support for IPv4 from their enterprise. There may be limited systems utilizing IPv4 until they are phased out in favor of newer ones, but these would be the exception rather than the rule. As agencies move forward in their transition planning efforts, they must determine what are the drivers and constraints impacting their transition. Figure 1 below shows examples of drivers and constraints that may impact agencies’ IPv6 Transition time frames.
See figure in full article.
The topic of IPv4 address exhaustion is one many organizations are watching closely, especially as the plans for transitioning to IPv6 are ramping up within the US. The IPv4 address space is limited and there is general consensus that the IPv4 address space, managed by Internet Corporation for Assigned Names and Numbers (ICANN) and the Regional Internet Registries (RIRs), is headed toward exhaustion, but there are varying opinions on the timing of when there will be no more addresses available from the RIRs.

Upcoming ExecutiveBiz Event: The New, New Internet
 

On March 30, Congressman Tom Davis will kick off a special half-day seminar on IPv6 called, "The New, New Internet," followed by a panel discussion of IPv6 from a local business perspective. The event will be at the Fairview Park Marriott Hotel in Falls Church, VA, on March 30. Please click the Info link below for more details.