To mark APNIC’s 30-year anniversary, the APNIC Blog is running a series sharing stories, anecdotes, milestones and insights that capture some of the essence of the last three decades.
We’d love to hear your stories and memories of the APNIC community. Post them on social media using the tag #APNIC30th!
We all knew it would happen; the steady rise in demand for address space, and its distribution led to the foreseen problem of IPv4 exhaustion.
Several global moves extended the life of IPv4. In forming the Regional Internet Registries (RIRs), the community had reacted to an unsustainable rate of address consumption under the classful A/B/C model, as well as improving efficiencies of access to resources, in local timezones and languages where possible.
The adoption of ‘justified need’ address policy by the RIRs, plus classless inter-domain routing (CIDR), which permitted more fine-grained delegation of resources slowed the runout of IPv4, but exhaustion was inevitable.
By mid-2005, it was predicted that by 2010 all the RIRs would have received their last allocations of address space from IANA, and have only small amounts of addresses to distribute — mainly comprising returns to the RIRs, small holes between larger blocks, and the remainder of whatever space IANA distributed last. Something would have to be done.
The policy process to address this had roots in several policy proposals with three distinct strands of discussion:
- How to know when we were running out, by measurement and publishing of statistics.
- How to formalize the drawdown of the remaining resources from IANA equitably across the RIRs.
- How to change the allocation and assignment processes for IPv4 within APNIC as the resources approached exhaustion.
Knowing what we were actually dealing with
The first problem was at least partially addressed by prop-026: APNIC to publish address assignment statistics proposed by Toshiyuki Hosaka from JPNIC in January 2005 and implemented in August. This complemented the existing delegation statistics files (published continuously since 2001) and meant the community was able to understand for themselves the distribution rate of resources by economy and date inside the allocations, that is, the effective rate of address consumption once distributed. Alongside modelling by APNIC Labs, this allowed the community to understand the rate of consumption on a day-by day-basis, a process that continues to this day.
The question of equity
The second problem was a global question and demanded a global address policy — a cross-RIR agreement. This commenced in 2008, with prop-055 and reached approval in all the RIRs by February 2009, with ratification by ICANN in March of that year. Basic equity of access to the unallocated pool from IANA was preserved, throughout the period of rundown and beyond.
However, the process to arrive at global address policy is not direct and incurs a round of policy discussion in each of the five RIR’s lists and face-to-face meetings.
“I thought at the time it was really hard work, for both proposals: the global final /8, as well as what we’d do with our (APNIC’s) /8. But working around the regions to get all five to agree that IANA should give a /8 to each RIR was interesting, and folks were receptive to the idea (probably more so in other regions as they saw APNIC burning through /8s at a crazy rate). I think I learned more about how the address policy process worked in each region (ranging from bureaucratic to collaborative – no names!)” recalls Philip Smith.
“Thank goodness a large number of network operators took part in this process across the five RIRs,” adds Phillip.
“To be honest, in retrospect, I feel like there were a lot of (sometimes heated) bits exchanged for not a whole lot of gain. Ultimately, I’d say that the policy development process worked in that a consensus was reached”, recalls David Conrad.
Having agreed to a distribution process in common from IANA to the RIRs, one of the problems for IANA was deciding how to delegate the remaining quota of IPv4 /8 blocks, given the knowledge that some of them had been widely used, albeit unofficially, in globally visible routing for some time.
Leo Vegoda of ICANN recalls: “We knew that unofficial usage of the different unallocated /8s varied. In the runup to this, we commissioned Duane Wessels to measure it using DNS query leaks.”
This basic information on ‘tainted’ blocks from the DNS undertaken by IANA was complemented by ‘darknet’ collections run by several groups in Japan and Europe as well as APNIC Labs with assistance from AARNet, Google and other providers at scale. Large ranges of address were announced in the BGP, and the ‘return’ packets from dataflows that had originated inside these ranges without delegation were recorded as packet captures. This allowed a more accurate understanding of the risk for use of these addresses, and directly informed the decision to hold back some sub-spaces for general use, such as 188.8.131.52/24 and 184.108.40.206/24 — a network block that coincidentally wound up being assigned by IANA to APNIC.
It was known that the ranges being distributed might not have equally viable amounts of usable space. For fairness, all the RIRs had to have an equal chance of incurring risk.
Leo recalls: “Because we could see different amounts of use in different /8s we wrote and published software based on RFC 2777 [the IETF random selection process] to select the /8s to allocate. I think the sources of randomness were stock market index averages from 12:00 (local time) the day after the request was submitted. This is how APNIC ended up with 1/8 — it wasn’t my personal choice!”
IANA also invested in a reclamation exercise. As Leo notes: “I went through the old IPv4 registry entries and got people to agree to hand back /8s. One of them was the 14/8 for X.25 gateways but there were more /8s. Now I think back on it, people were very public spirited in returning these, which would be worth huge sums on today’s transfer market.”
As Tomoya Yoshida from NTT recalls, “it was important to check the reachability of new /8, especially near the timing of exhaustion […]. Generally, immediately after [a] /8 is allocated by IANA, it [was] only 70% reachable. [..] due to the bogon filter[s]. Therefore, the influence of the bogon filter [was] suggested to the world and I insisted that bogon filter[s] be promptly deactivated.”
Tomoya also participated in the darknet address testing: “…we advertised /8s allocated to APNIC from IANA from Japan. Then we investigated the dirty IPv4 addresses and reserved the ones that had a large impact, for example 220.127.116.11/24 including 18.104.22.168. etc. This was an important measure not only for us, but for the end customer who still [depend on] IPv4 at that time.”
Making sure everyone got their slice
The third problem was the local decision of each RIR. For APNIC, the discussions occupied much of 2007 and 2008, as the community converged on the idea of a ‘reservation’ of resources to be held in future trust, and for the sizes of delegation from this pool to be small enough to ensure as many new entrants as possible into the future had access to sufficient addresses to bootstrap into a larger enterprise. They could then either acquire IPv4 on the transfer market, deploy a carrier-grade NAT (CGN) to increase utilization of their IPv4, or deploy IPv6 dual-stack to reduce pressure on the CGN pool.
For those of you interested in the details of how this was discussed, two email list threads stand out:
• The discussion of the ‘countdown’ proposal that failed to reach consensus and was abandoned. However this, and subsequent discussions, led directly to the adoption of prop-055 – Global policy for the allocation of the remaining IPv4 address space implemented in March 2009 (discussed above).
• This discussion, which led to policy proposal prop-053 – Changing minimum IPv4 allocation size to /22. This was implemented in August 2008 after achieving consensus across all the RIRs.
The determination was made to cap these delegations at a /22, equivalent to 1,024 IPv4 hosts. From the /8 block reserved for this purpose, 22.214.171.124/8, this meant that approximately 16,000 new entrants could be ensured of at least some IPv4 under the ‘final /8 policy’, an increase of over two times the current delegated membership levels in APNIC.
Philip Smith comments: “The discussion about what to do with our /8 in the APNIC region was much simpler — I actually felt emboldened by the global /8 to think that what we’d developed at APNIC for the final /8 could be replicated elsewhere. Proposing the same policy for the RIPE region worked. For [AFRINIC] region it seemed to be so far distant as their predicted uptick in burn rate of IPv4 didn’t happen (all those new operators and infrastructure I was being told about carried on living happily behind NATs, double NATs, etc, rather than deploying native dual stack as I had expected). ARIN and LACNIC regions had other outcomes, and the APNIC/RIPE region ideas for the final /8 found little support.”
Subsequent address policy tuning has also added more resources to this pool of addresses, and has led to the reclamation of addresses, which were held under legacy assignment or allocation. This, in turn, has led to a continuance of the pool, which at current rates of consumption, is expected to last until 2029/2030.
Was the policy effective? Did it do what we expected? Philip recalls: “So the global final /8 was quite a unique achievement. Was it a good outcome or bad outcome, in the long term? That would keep a panel discussion busy for hours.”
The path into the future — final /8 and IPv6 transition
Across this period, IPv6 ceased to be a theoretical network protocol and had to begin to get deployment at scale. From the perspective of 2023, with the world at 35% IPv6 capability these beginnings were very small, but two vital components, which are explored in the next blog post in this series, had to be overcome.
1. The IPv6 code base had to be ‘baked into’ the operating systems of computers, home gateways and ISPs’ routing and switching infrastructure. Japanese developers at WIDE in the KAME project played a vital role in this process, bootstrapping the first BSD IPv6 sockets implementation.
2. Models of IPv6 address deployment that were capable of supporting widescale deployment had to be settled. From an initially cautious model, APNIC rapidly settled on the current model of delegation where most ISPs get a /32, some smaller end sites get a /48, and rather than a linear handout APNIC uses sparse allocation methods to preserve the horizon of growth behind each delegation made.
The contribution IPv4 policy development in the years of the final /8 rundown was made with laser-like focus on an IPv6 future. There was no continuing supply at scale for the volume of new customers in any region worldwide: IPv6 was necessary, to support the continued growth of the Internet. By 2009, nobody could doubt the truth; as the deadline of 2010 passed and rundown hit in 2011 (in APNIC), this became abundantly clear.
The last eighteen years of APNIC’s address delegation behaviour had changed.
The views expressed by the authors of this blog are their own and do not necessarily reflect the views of APNIC. Please note a Code of Conduct applies to this blog.