December 31st. 2009: NAT Free - Goodbye to an old friend
Paw Prints: Writings of the maddog
By now anyone who does not know we are running out of IPv4 Internet addresses must be living in a hole. The warnings and pleadings of the Internet community to move toward IPv6 have gone from "advisory" to "panic" to "IT is almost too late". But while the final issue may have to be solved by the "cupboard is bare" answer, I have found a few more reasons for me (and others) to make the move now instead of later.
Recently I have been looking at dual issues of mobile Internet and power consumption. Through several different avenues, a culprit is appearing, and its name is IPv4.
Now don't get me wrong, IPv4 has been my friend for many, many years. It served me faithfully through years at Digital Equipment Corporation and beyond, but IPv4 is getting more than a little "long in the tooth".
I started questioning my relationship with IPv4 when I was thinking about extending my VoIP calling to a real phone handset. I have been doing VoIP for a long time from my desktop and my laptop. Using IPv4 in these cases has been fine since I seldom walk around while wearing my headset, carrying my laptop cradled in my arms and chatting over VoIP. While having to connect to a foreign server and look for someone to be "logged in" was only annoying, I would still have enjoyed directly contacting the person and device if I could already know their "telephone number".
However, when I am carrying a handset I might find myself moving from one subnet to another, and there starts the real breakup of my IPv4 relationship. IPv4 has trouble moving across subnet boundaries.
Now I do not blame the founders of IPv4 for this little issue. It was not in their vision to foresee computers more powerful than a PDP-11 or even an mainframe that we could carry in our hands, powered by batteries the size of a walnut while drinking lattes in a coffee shop. Nor were they necessarily looking forward to having gigabyte files downloaded to a phone while we walked down a street. In fact, another issue with IPv4, the address space, is a sign that the Internet has succeeded far better than they anticipated....demanding multiple billions of addresses and the freedom to assign them as needed. As I said, IPv4 and I have been friends a long time, but the friendship is being strained...
Mobile IPv6 would allow the system (whether it be a notebook that you carry down the hall or a cell phone carried outside) to maintain the connection across subnets. The technology exists, there are Free and Open Source implimentations, and IPv6 screams out for us to implement it for telephony.
Another strain on my IPv4 friendship is Nat. No, not Nat Friedman, my friend of many years and co-founder of Ximian (nee Helix Code), but Network Address Translation. A cute hack to allow many more addresses to fit into the already crowded address space, it virtually eliminates the ability for true Peer-to-Peer networking that IPv6 addressing would allow.
I really want my machines (all of them) to have a real, unique address and a way to be found while moving. Mobile IPv6 allows that. And I can "find" my system without the use of a centralized (and perhaps overloaded) server that maps my IPv4 address into reality. All of a sudden "NAT transparency" becomes a non-issue, because I do not have to "hide" behind Network Address Translation.
Security for mobile phones is also an issue. Yes, you can have security with IPv4, but security was enhanced in IPv6, and we should be taking advantage of it.
The real killer though, was the recent thoughts that have occurred regarding power usage in MID devices. It seems that NAT requires a "keep alive" signal to be sent every 40-120 seconds. This "keep alive" signal means, at the very least, that some transmission has to occur in order to keep the address and the connection alive. Depending on how far up the network stack this has to be initiated, it may need to waken a suspended CPU long enough to send the "keep alive" packet, increasing network traffic and decreasing battery life. IPv6 does not need this, and I have seen estimates of up to 20 percent greater battery life on suspended systems such as a phone handset doing WiFi based VoIP with IPv6.
So now the challenge:
I intend on being "IPv4 free" by the end of 2009. I am going to go through every system, every device I own, and make sure it is using IPv6. I am going to test every application I use and make sure it can navigate IPv6 addresses. When I find an issue, I will move to remedy it. Note that this is not a "hurry up" mandate. I am leaving myself plenty of time...a whole year (plus a bit). By December 31st, 2009 I pledge to be "NAT free".
Well, except for my friend, Mr. Friedman.
Good Luck Jon and a QuestionJon,
In your effort to eliminate IPV4, will you have to replace routers,
laptops, desktops, servers, etc, etc?
Can you tell us how to afford such or how to convert this
2003 laptop of mine to IPV6?
VMware bids for a stake in the container industry with a bold effort to integrate containers with its classic virtualization system.
3ROS attack tool lowers the technical bar so anyone can be an intruder.
Mozilla's latest browser offers powerful new privacy feature
If attackers are on your system, saving your passwords in a password vault is no protection.
Faulty hash algorithm persists, despite efforts by experts to raise awareness.
Powerful man-in-the-middle attack is now targeting online shopping.
Another high-profile coder says the kernel team needs a kinder, gentler culture.
Bug database has a bug of its own that could allow an intruder to create an unauthorized account.
Report focuses federal resources on achieving universal Internet access.
Leading browser makers say “no” to porous encryption algorithm