IP address timebomb
29/06/2007
IP addresses are as crucial to websites as street addresses are for businesses but some network engineers predict that we will run out of them in two years. What is the solution?

June 27, 2007 Bernhard Warner

After nearly two decades of ceaseless commercial internet expansion, there are roughly 700 million IP addresses still available. If we think of the net as a city, it would be about 80 per cent full.

This city poses unique development issues. You need to be assigned an ID number – Internet Protocol address – before you can enter or communicate with the locals. As in real life, if you want to build a permanent location for your home or business, you need a fixed address so neighbours can find your website.

IP addresses are essential to our digital existence. They are assigned to net users, smart devices and RFID tags (automatic identification device using radio waves). It allows us to program an individual device, like a garden sprinkler, to power on half an hour before the others, by pulling up its IP address on a computer or a smart phone screen and punching in some commands. Think of what mischief you could accomplish hacking into your neighbour’s appliances!

When you think about the demand, 700 million IP addresses doesn’t seem enough to share with 1 billion (and growing) net users. If we don’t extend net access to the remaining 5 billion unwired humans, we have about another two years before we run out. This "ticking clock" has some network engineers particularly concerned.

"From the current calculations, something like 24 March, 2010 would be the last day, but that target date is constantly brought forward," said Latif Ladid, an IP network specialist who has been monitoring our voracious appetite for IP addresses. "It’s essentially over today," he continued.

Network engineers have known about this problem for some years. To try to counteract it, they devised a new IP protocol called IP version 6, or IPv6. We currently use the rapidly dwindling IPv4 protocol, which once had as many as 4.3 billion address combinations.

"IPv6 is virtually limitless," said Ladid, who serves as president of the IPv6 Forum, an international trade body educating organisations to make the switch.

Ladid’s organisation is not alone. Last month, the American Registry for Internet Numbers (ARIN), sent out the strongest warning yet that time is running out on IPv4.

"The available IPv4 resource pool has now been reduced to the point that ARIN is compelled to advise the Internet community that migration to IPv6 is necessary."

IPv6 addresses are already being distributed, particularly in Asia where smart mobile devices are taking off. Closer to home, Deutsche Telekom is issuing an IPv6 address to each new ADSL customers.

There are concerns that some businesses and ISPs will not upgrade in time, meaning their employees and customers will not be able to communicate with the next wave of netizens.

The scenario is already drawing parallels with Y2K, the millennium bug that carried grave predictions of global network meltdown. In that case, disaster was averted because the fix was fairly straightforward.

This time, the solution is a bit more time consuming. Companies will have to log each new smart device and assign it an IPv6 address so it can reach out to other devices.

"A last minute changeover is basically the scenario ARIN is trying to avoid. That is the alarm bell they are sending out," Ladid said.

In addition to the extra room IPv6 affords, it is considered to be a much more secure network protocol. The IP address is fixed, removing some of the anonymity built into the current system. Under IPv6, a lifetime address is assigned – think of it as a street address or ID number – that will more or less enable a PC or device to recognise instantaneously who is trying to communicate. With IPv4, an address is randomly generated and can easily be spoofed - perfect for a spammer or virus writer.

IPv6 won’t eliminate these two scourges, according to Ladid, but it will make their lives more difficult as the culprits should be much easier to trace. "If I know your address and you know mine, the communication is a lot more secure," Ladid said.

It will certainly make it harder to hack your neighbour’s garden sprinklers.