Talk to anyone who was involved back in ye olde days of the development of the Internet address system and underlying protocols and they will tell you that most of the major stuff — like the division of the domain name system into generic Top Level Domains (gTLDs) and country code top level domains (ccTLDs) just evolved on their own. Sometimes this worked out real well. Sometimes, not so much. But for better or for worse, these decisions set the pattern for how the internet evolved and created huge policy issues as the internet scaled up from a universe in which everyone knew everyone else to a system of global communications that always seems to be lurching toward — but never quite reaching — total collapse.
I’m not saying I could do better, or that anyone could. Indeed, I can argue that a lot of good stuff happened when people handled problems in an ad hoc manner and that the major effort to put a little forethought and adult supervision over the whole process, the Internet Corporation for Assigning Names and Numbers (ICANN), turned into a total mess.
Nevertheless, it gave me a bad turn to read that RIPE-NCC, which allocates the IP addresses for the European Union, will now allow holders of IPv4 addresses to openly buy and sell these address allocations (you can read the policies around the address allocation here).
Why does this make me uneasy, especially when a gray market in IPv4 addresses already exists? Because it makes fundamental changes in an underlying piece of critical infrastructure. That always makes me queasy, especially when I know that those making the changes have not adequately considered the very many ways this can go badly, as well as the ways in which it can go well. OTOH, I also recognize that, as Ecclesiastes warns, “to the making of many books there is no end, and much study is a weariness of flesh.” (Eccl: 12:12) Somebody needs to act sometime. Nor do I have a very clear idea what I would do instead to solve the IPv4 address exhaustion issue. But I really worry about creating a class of powerful incumbents invested in preserving the value of their IPv4 real estate and opposing transition to IPv6.
For more detail on this than any sane person would otherwise want, see below . . . .
I suppose my real problem is that I just haven’t dug into this area enough to really have an opinion. But then again, so few people have — which is part of what makes me uneasy. Few things rival IP address allocation in both importance and breathtaking, mind-numbing technical snooze-inducing power. This makes it either the ideal laboratory of exciting new ideas or a veritable Devil’s playground of possible mischief. Worse, I feel guilty for doing what I hate when someone else does it to me — swooping in suddenly after years of debate to try to go back to the beginning. OTOH, that’s policy for you and I always have to suck it up. So, with huge apologies to Milton Mueller, here we go.
Lengthy But Necessary Background
Some background for those who have no experience with the issues around IP address allocation (lucky you). We human beings generally use domain names to find websites, or have other means whereby we let the technology do the driving. But routing actual packets of information relies on the Internet Protocol (IP) address. It is this long string of numbers that routers recognize as the actual address. Critical to the question at issue here, IP addresses do not need to have an associated domain name. Many, many machines need IP addresses to communicate with each other, and do not bother with an actual domain name.
Many years ago, the folks running the Internet (to the extent anybody ran it) adopted IPv4 as the standard for IP addresses. This created a world with a large number of IP addresses. Enough that the few people actually involved in these decisions at the time thought they would never run out. They had a delightfully informal system where a few people at the university of Southern California operating as the Internet Assigned Numbers Authority (IANA) just gave this stuff out to anyone who asked. After all, who cared? It was a couple of thousand people playing with enough address space to give an IP address to everyone in the entire world.
As the Internet scaled up to become a global communication system, some formality and structure inevitably came into the system. Actually, the engineers running this, determined not to let governments get involved and screw things up, worked hard to create a system that was sufficiently international, open to interested parties, and insanely boring to most folks to keep administration of IP addresses pretty much a private matter. So today, we have 5 regional address registries (RIRs), one for the North American Region (ARIN), the South and Central American Region (LACNIC), the African Region (AFRIC), the Asia Pacific Region (APNIC) and the European Region (RIPE NCC). The IANA delegated address blocks to the RIRs to allocate to their regions, all under the loose umbrella of ICANN.
As long as everyone could get reasonable access to IP addresses at affordable cost, address allocation did not raise much concern. But as more and more machines needed IP addresses, the harder it became to just give addresses away. Other problems also started to emerge. The size of routing tables in the routers (the tables of where to send packets to reach their destinations) and the amount of capacity taken up by traffic information kept growing, and network engineers kept struggling heroically to keep up. Depending on how you look at it, the continuing functioning of the internet as a global medium under these conditions is either the ultimate triumph of Libertarian theory (because it is happening without centralized planning or government coordination) (except when it does) or a perpetual crisis waiting for the day of collapse when the ad hoc system of patches and solutions can no longer keep up.
So What’s the Problem?
Which brings us to the present day. Despite clever and creative things, such as network address translation (NAT), to stretch the existing batch of IP addresses, the availability of IPv4 addresses is becoming increasingly more urgent. As we add more devices and more networks worldwide, we need more addresses. If you can’t get an address yourself, you need to hook into someone else’s network and have them give you some of their IP address space. That works to some degree, but has problems for its own. If I want to offer a competing network to the large carriers, I may not want to get IP address space from them – and they may not want to provide it to me. Even without the competition issues, needing to get IP address space from someone else rather than having a direct delegation from an RIR raises issues of cost and may also provide a way for the IP address provider to dictate what I can do with my network.
As a helpful example, consider the parallel addressing system for text messaging short codes here in the U.S. If I am a business wanting to transmit text messages to many people simultaneously and receive many text messages simultaneously – for example, to announce my choice of Vice Presidential candidate – I need a short code. I can only get one from the Common Short Code Authority (CSCA). To get this code, I have to fill out a fairly long form detailing why I want the short code, what I plan to do with it, and other rather intrusive questions about my possible business plan. If the CSCA doesn’t like my answers, it won’t give me a short code. If it gives me a short code, I have to obey all sorts of rules and guidelines. CSCA can inspect my business at any time to ensure I’m complying with the rules, and take away my short code if it thinks I’m not following the rules. Even when the system works, and no one leverages it for anticompetitive advantages, it is a real pain imposing significant costs on businesses trying to use short codes.
So far, IPv4 has avoided that fate. The RIRs generally charge modest fees for address blocks to get folks to limit their use of address space to just what they need. Also critically, until now, they have generally prohibited the sale and purchase IP addresses from one private party to another. The RIRs generally treat IP addresses like phone numbers, a network resource nobody owns and that must be available to everyone on an affordable, non-discriminatory basis. This does not prevent sub-delegation by carriers to customers. in fact, the RIRs encourage this to save IP address space. Nor has it prevented a modest “grey market” in IP addresses from emerging. But the availability of IP addresses on reasonable terms has kept anyone from trying to arbitrage the IP address market or leverage IP address space for anticompetitive purposes in a major way.
But the continued depletion of IPv4 address blocks changes this dynamic. Despite everything engineers have done to stretch the IPv4 address space, the RIRs are running out. But the number of networks needing IP addresses keeps growing. We have now moved from a world where no one could ever imagine running out of address space to a world where we ask how soon until we run out.
So Whatever Happened to IPv6
As far back as 1998, the IETF adopted an initial standard for a new internet addressing system, IPv6, which would have even MORE address space. IPv6 has enough address space, I am told, for just about every molecule on Earth. IANA has delegated IPv6 blocks to all the RIRs, and the technical community has flogged converting from IPv4 to IPv6 for years. So why do we still have a crisis?
The biggest problem with the transition is that – despite significant efforts to address this problem – IPv6 is not backward compatible. For those who do not immediately grasp why I put that in bold italic, it means that if you use an IPv6 network, you can only talk to other users of IPv6 and cannot communicate with users of IPv4 (at least not without much work). This is a classic [link]“network effect” problem. Why would I spend money to build an IPv6 network when everyone else I want to talk to is on the IPv4 network? The failure of IPv6 migration to date pretty much answers that question: “no reason, so I won’t do it.”
Again, an example from another area of US media and telecom policy illustrates the point. When Congress started the transition to digital television as part of the 1996 Telecommunications Act, it initially made the transition from analog television to digital television voluntary. It would only happen when 85% of stations started doing digital transmission. But no broadcasters wanted to invest in digital television program development or transition until people actually owned televisions that could receive digital signals. But nobody wanted to buy very expensive televisions to receive digital signals unless they needed to in order to get programming, which didn’t exist because no one could receive the programming. Finally, Congress broke the logjam in 2005 (so they could hold the 700 MHz auction and raise big bucks) and ordered all broadcast stations to stop analog transition and move to digital on February 17, 2009.
We don’t have that equivalent for IPv6. We have no one forcing network operators to move from IPv4 or otherwise make their networks IPv6 compatible. Nor is it clear how we could achieve that on a global – or even regional or national – basis. And believe me, a lot of very smart, highly motivated folks have spent a good deal of time trying to figure out how to make that happen. So, for the foreseeable future, we will need to figure out how to manage the IPv4 space in a world of scarcity rather than a world of abundance.
Enough Background! What Did RIPE Actually Do? And Why Does It Make You Uneasy?
RIPE decided to adopt a private market solution. For the first time, if you hold an IP address, you can sell it to someone else, at whatever price you want, under whatever terms you want.
This may seem a funny time to try private market approaches, and Europe seems an odd place to engage in the experiment. But this goes to one of the key points about public policy – it gets shaped by those who show up to play. Remember how I mentioned how insanely complicated and boring this stuff is to most ordinary folks? That means a very small set of actors actually shows up to do the work, and they therefore make the rules.
So who shows up? Well, engineers of course, many of whom work for companies that care a great deal about address allocation. A private market solution makes their lives easier, as they already have IP addresses and would prefer to get them by just buying them from people who want to sell them. Yes, there is a long tradition that engineers check their company allegiance at the door when they show up for technical coordination. But to the extent that’s true, the very experiences that make their insights useful also shape their results. These guys have a problem they want to solve, this looks like a fairly straightforward way to do it. And, no offense to engineers, public policy is as much a specialty as engineering. I may pick up some basic concepts, but I do not delude myself that I can run a network on my own.
A handful of public policy types do show up at these things, and trememendous credit goes to those who, like Milton Mueller have stayed involved despite the high cost, low return, and occassional outright contempt displayed in this community for disciplines like economics and public policy. However, as a combination of both law of averages and overall temperment, these public policy types are overwhelmingly free market enthusiasts who believe that private markets inevitably allocate resources better and more efficiently than any other system.
O.K., So What’s Wrong With A Free Market Solution?
Actually, for all I know, this may prove the best way to handle the problem. As I have often said, there is nothing intrinsically good or bad about market mechanisms. Markets do work pretty well for disrtibuting lots and lots of goods. Despite growing scarcity of IPv4 numbers, there are still an awful lot of them. In theory, that makes it very hard to corner the market, or leverage the scarcity through a cartel or even conscious parallelism. There is already a grey market in IP addresses, so trying to stop all trade in IP numbers is probably a losing proposition. Nor do I think that a public interest allocation system a la FCC license allocation could be easily implemented, or even necessarily a good idea.
Playing dice with critical infrastructure is almost always a losing bet: History shows that allocation of scarce critical resources through market forces almost alway turns out to be a phenomonally bad idea. For one thing, despite all claims to the contrary, I have never met a critical infrastructure resource scarce enough to need market distribution but so plentiful it can’t get leveraged at some point in the distribution chain. We got into this mess by assuming we had all the address space we could ever use. Now we assume we have so much the market will never grow distorted. I see no reason why this assumption will prove more accurate than the pevious assumption.
Keep in mind we do not need some single entity — or even a small cartel of evil greedy capitalists in a smoke filled room — to create real problems in market structure for critical resources. But to the best of my knowledge, no one has made a serious examination of the actual market or its implications throughout the supply chain. The closest is this analysis of IPv6 issues by OECD. We’re flying blind here, with the underlying address system of the Internet. Lacking a religious faith in the Gods of the Marketplace, this induces queasiness rather than the warm fuzzy that comes from embracing the Market in its Coasian Perfection.
It also really worries me that the entities best placed to take advantage of the new market structure are those with the greatest financial interest in figuring out how to leverage the market — the carriers. The ability to absorb enough of the market to force new entrants to accept disadvanatgeous terms for access to IP addresses worries me. Again, this would not require that carriers control all IP addresses. They just have to control enough to make it more expensive than submitting to terms. Anyone who studies how Microsoft gained its dominance in the software market should recognize that the ability to create just the right set of incentives and disincentives in provision of a critical input is key to establishing and maintaining market power.
Finally, the possession of critical infrastructure assets invairably creates oportunities for arbitrage. If there is money to be made by playing games, folks will work on figuring out the games to play. Enron built a fortune (in the short term) figuring out how to manipulate the private electric markets. Ask the people of California — or even the Enron stockholders — whether creating opportunities for arbitrage by adopting free market mechanisms served them well.
What happens to IPv6 Migration: We also have the peculiar paradox that the more we make it possible to stretch IPv4 address space to avoid a crisis, the more difficult we make it to transition to IPv6. Every dollar of invested cost in maintaining the IPv4 space by a company or new entrant is one more dollar of lock-in for the existing network. Worse, anyone that controls IPv4 address space that has value has an incentive to maximize the value of that resource. As this resource becomes utterly worthless once a tipping point’s worth of folks switch to IPv6, it creates a real incentive to delay the IPv6 transition as much as possible.
Again, I come back to the fact that those best positioned to become this class of IPv6 resistant incumbents are the carriers. That’s not a matter of evil intent. It is a straightforward economic reality of the fact that it is the carriers who do the routing.
Mind, if IPv4 incumbents became too powerful or obnoxious, it might drive a critical mass of people to adopt IPv6 to escape. The problem with this theory is that incumbents tend to be fairly good at finding a middle ground between “the competitive market price” and “so awful that people will pay anything to escape.” We call this middle ground “extraction of monopoly rents.” While nobody likes this very much (except those that have the critical asset), it costs too much (in both monetary and non-monetary terms) to do without and develop and alternative. Worse, during the period of shift, the incumbents can modify their extraction of monopoly rents to make things more livable and reduce the incentive to develop an alternative to a point where it doesn’t happen.
I do know that the longer the transition from IPv4 to IPv6 goes on, the harder it will be to do. Creating a class of actors invested in IPv4 as a valuable asset rather than simply as a question of cost avoidance will not help.
Does what happen in Europe stay in Europe: I’m glad only one RIR has decided to take the plunge. But how long will the other RIRs wait before opting for this approach? We had credit default options and subprime loans for many years before the collapse. Countries and institutions that initially rejected these instruments and investment vehicles as too risky succumbed to the constant pressure from investors eager to “get in on the action.” Until last year, countries with conservative investment laws looked like fuddy-duddy dinosaurs preventing their citizens from getting in on the good times. This year, not so much.
I am worried that we will see a huge rush to declare RIPE’s policy shift a “success” before we even know what success would mean here. I expect that “success” will be measured in something really stupid and irrelevant, like total number of transactions as compared to assignments. I also anticipate that as parties begin to make money from the sale of address blocks, similar parties in other regions will begin to lobby for these changes.
Without having some framework to figure out what the Hell would constitute “success” or “failure” of RIPE’s market experiment, we will almost certainly see it become the dominant model. Why? Becuase it is the only model, and its supporters will loudly proclaim its success. With no metrics to define success, this will look very convincing.
So What’s Your Bright Idea Oh Wise One?
I don’t have one. Heck, for all I know, creating an unregulated market in IPv4 addresses with no possibility of regulatory oversight may be the right solution. It would certainly make it very difficult for any single government to unilaterally regulate the IP address market. It also addresses a real problem of address exhaustion that we face with increasing urgency.
But I have a very bad feeling about this, and I have come to trust that instinct. At least, I trust it enough to explain at great length why this makes me uneasy.
Stay tuned . . . .
I wonder if this is going to hammer BGP as well… Since owning an IP block is useful only if others can route to it.
Further, applying free market principles to a resource which is scarce and growing scarcer, and for which there is only increasing demand will have, I think, just one Keynesian solution.
Although if the prices skyrocket enough, the meek will inherit IPv4, while the rest of us (?) will inherit IPv6. Which has its own vicious complication.
Harold, as always I hate to see you tilting at windmills. This is not as dire a problem as you make it out to be.
1) There are companies that have developed software/hardware translators. See <a href=”http://www.google.com/url?s…“>here</a>, <a href=”http://www.google.com/url?s…“>here</a>, <a href=”_IntegrationAndTransition_Abr2003.pdf&ei=To9lSbDHD5KJ-gaX3_iiBw&usg=AFQjCNFbZ7vrXkl8VIg6MKyZ-RIgoSPlsA&sig2=8q6Dqwiqo-_l1gWQilC9Gg” rel=”nofollow”>http://www.google.com/url?s…“>here.</a>
2) Clients, Servers and internode devices can run a dual stack configuration. Like I do here on several linux boxes —
eth0
Link encap:Ethernet HWaddr 00:1a:92:e2:48:XX
inet addr:192.168.XX.XXX Bcast:192.168.XX.255 Mask:255.255.255.0
inet6 addr: fe80::21a:92ff:XXXX:4862/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
(Scrubbing applied for security reasons.)
Which by the way my provider already supports IPv6 as does AT&T which who just happens to hold 2 of the largest IPv4 blocks on the planet. When one can do a dual stack the issue of IPv4-IPv6 interoperability really becomes a red herring.
3) Some 75% of the IP’s deployed are dynamic and though NAT’s don’t solve all the problems it does point out that firms holding large blocks of B class addresses could be more efficient with them.
So its not a technical issue. Any device made in the last 5 years can do IPv6. Which in Tech is an eon. Its a matter of will.
So here is my prescription:
A) Phase out the IPv4 address space. When a company or ISP goes belly up the address space reverts to the regional addressing authority responsible. They are directed to not rerelease those addresses.
B) Artifiically inflate the cost of reregistering the IPv4 addresses. Bump it to a $1000 plus costs. Keep raising the rates to drive the point home.
C) In the same breath be generous with the IPv6 addressing. Maybe even up to the point of paying entities to sell IPv4’s back.
D) Since there seems to be a drive for universal broadband infrastructure, tie the $$ such that it must be IPv4 free zone.
Nothing worthwhile is ever easy. But this is NOT a Woe-is-us technical issue.
JohnMc
I hope you are right. This is an area where I need to trust the judgment of others and it seems no one can agree.
John Mc writes:
“Clients, Servers and internode devices can run a dual stack configuration”
…but of course that requires that said devices have BOTH IPv4 and IPv6 addresses. Not a fatal problem if you happen to have IPv4 before the RIRs run out, but if not — if for example, you are an aspiring new entrant, things could be a bit more challenging…
John Mc’s “prescription” sounds quite a bit like an alternative proposal that was informally discussed in several regions:
http://www.eyeconomics.com/…
Needless to say, this idea did not elicit great enthusiasm.
Harold
It’s a transfer policy, not really a free market. For more information than you apparently had, see the IGP paper on the topic, which can be found here:
http://internetgovernance.o…
First, you are fundamentally wrong that RIPE and others in the addressing comunity haven’t considered the implications, economic and technical.
The idea has been savagely debated for over a year now, proposals have gone through various iterations.
One key fact you are not aware of is that there is no straight-out market for v4 address blocks, rather, you must go to the RIR to “justify your need” for the addresses under old (central planning) policies, you can’t just buy them. So all this change does is give holders of surplus addresses an economic incentive to release them. Simple, and good. all this breast-beating is silly, and the guy who posted in front of me, who thinks he’s going to centrally manage the migration to v6 via address policy is even sillier 😉
Crafting institutional arrangements to create incentives and disincentives that encourage independent market actors to interact in ways that result in desirable market outcomes is generally called “market design,” not “central management.” When inaugurating a completely new and unprecedented market, the alternative to “market design” is not so much “silly” as it is reckless and fatalistic — a blind faith that whatever happens must be, by definition, the best that could have happened.
We all hope that you are right Milton, but things sometimes work out otherwise. See for example:
http://www.fmi.org/docs/int…
Harold: “For the first time, if you hold an IP address, you can sell it to someone else, at whatever price you want, under whatever terms you want.”
No. You have _always_ been able to sell address space. They are just numbers after all. What changed is that until the recent RIPE policy, if you wanted the addresses to be associated with the buyer in the RIPE database, the seller had to create a shell company, transfer the IP addresses to that shell, then have the buyer acquire the shell company. The RIPE policy is trying to allow such transfers to occur without the need to form a company for the purpose AND allow for the increased imposition of policy constraints on the transfers. The alternative was for RIPE to continue to try to play King Canute in the face of overwhelming economic pressure for the creation of open IPv4 address markets. All this would have done would have been to make RIPE irrelevant. If the other RIRs don’t follow suit, they run the exact same risk.
The reality of the RIR system is that they exist by and for the convenience of their membership. It is currently easier for ISPs to rely on the RIRs to determine who is associated with address blocks than for those ISPs to establish address “ownership” multi-laterally. However, if the RIRs try to impose policies that the ISPs do not agree with, the ISPs will simply find other mechanisms by which address “ownership” status can be determined.
In a couple of years, IPv4 addresses will no longer be available from the RIRs. ISPs will either (a) obtain IPv4 addresses via “non-traditional” means, (b) find some technical solution that reduces their requirements for IPv4 addresses, or (c) choose not to add new customers. Unfortunately, (b) has proven to be quite difficult. As such, if the RIRs get in the way of (a), they’d be forcing the ISPs to choose (c). This would likely not be very convenient.
While it might be amusing to imagine a world in which the RIRs (or even ICANN) were able to be more interventionist in order to maintain the “from each according to ability, to each according to need” model of IPv4 address allocation, it is wildly unlikely (a) the ISPs would put up with it and (b) the RIRs could reach the necessary consensus before few decades after the question was already moot.
Harold,
Two or three thoughts.
1. This post displays the reflex conservatism associated with those who distrust and fear any new-fangled device or method. It makes Berry Goldwater look like a leftist.
2. I run XP and it supports IPV6. However, if I enable IPV6, DNS inquiries take about 10 times longer. Consequently, web browsing slows down significantly. So I keep IPV6 turned off.
3. Mueller and DCR are correct, this policy has been considered and reviewed. It may be flawed but it appears to be better than the status quo.
YMMV
ISTR back in the bad old days when the Internet really was an Internet, not just a TCP/IP net, there were gateways between networks with completely disparate addressing systems and protocols. So that one could send a message from ARPANET to BITNET to UUnet to FidoNet to The WELL, when each was totally independent. Couldn’t that sort of thing be used again? I see in the Wiki article on IPv6 there are various mechanisms already for transitioning.
I see your point about nobody wanting to switch over until it becomes mandatory/necessary. We don’t change versions of a compiler until the manufacturer announces that they will no longer support the old version.
Why couldn’t there be gateways between the IPv4 and IPv6 internets?
TV,
Your observations are spot on of course. But again it is a matter of will not technical prowess. Sadly it is human nature to just squat if there is no compelling reason to change. Which for most end node consumers, running with IPv4 suits them fine. The irony is most consumers are oblivious to the whether they are running IPv4 or not. Their address is ponied up by the DHCP server and they are done. So whether they are on an IPv6 would probably not concern them.
The providers of course have a different problem. The ‘half pregnant’ transition issue is the most expensive state to be in as they end up running dual states for quite some time. So the reluctance is palpable. But from what I have seen the alternatives aren’t any rosier than just ‘doing it’.