Amazon finds $1B jackpot in its 100 million+ IPv4 address stockpile | The tech giant has cited ballooning costs associated with IPv4 addresses::undefined

  • FiveMacs
    link
    fedilink
    English
    1259 months ago

    Til finding money is the same as price gouging

  • @[email protected]
    link
    fedilink
    English
    819 months ago

    All it takes is one big company like Amazon changing their services to IPv6-only and most of the world would be converted over in a month or two… but now I guess we know the reason WHY Amazon doesn’t push such a policy.

    • @[email protected]
      link
      fedilink
      English
      319 months ago

      A massive swathe of current gen devices don’t even support it.

      It won’t be a month.

      Microsoft announce changes much smaller than that 4 years out and still have to give extensions.

      • @[email protected]
        link
        fedilink
        English
        209 months ago

        Seriously? How can any device call themselves current gen and not support something as basic as this? That’s just embarrassing.

          • @[email protected]
            link
            fedilink
            English
            29 months ago

            Ugh… still? I knew the mail app had shitty support for it and had to create an IPv4-only dns entry for my mail server, I didn’t realize the whole system was broken. Ah well, despite being an android user myself I would still place it in the bucket of “not modern” because there’s really no excuse for something like this.

            • @[email protected]
              link
              fedilink
              English
              19 months ago

              Probably via SLAAC. Android doesn’t follow the specifications for getting an individual DHCPv6 address

              • @[email protected]
                link
                fedilink
                English
                19 months ago

                Might be.
                Honestly I couldnt be bothered with IPv6 and learning all the intricacies. Plus having borderline OCD for symmetry and order on random things and objects makes me actively dislike the whole 50 adresses per device thing.

                But for real: Why even have an existing standard and not just use it at all.
                This is basically the Pingu meme saying “Well, now I am not doing it. >:(”

      • @[email protected]
        link
        fedilink
        English
        99 months ago

        Like what though?

        The last thing I have that doesn’t support ipv4 from the hardware level is my Nintendo DS.

        Everything else has the hardware capability, it’s just never used or enabled in the software by default.

        • @[email protected]
          link
          fedilink
          English
          8
          edit-2
          9 months ago

          it’s just never used or enabled in the software by default

          …and most people who own those devices have never heard of IPv6 and don’t know how to enable it. They just won’t be able to access your website. If Amazon dropped support for IPv4, there wouldn’t be anything i’d be able to do to deal with the fall out. I’m not going to send a technician to every single home of every customer I have. What I could (and would) do is move all my stuff off Amazon.

          • @[email protected]
            link
            fedilink
            English
            19 months ago

            this shouldnt be a.burden for users.

            you can simply update a device to support it by default.

        • @[email protected]
          link
          fedilink
          English
          4
          edit-2
          9 months ago

          My smart TV from two years ago does not support ipv6, and it was fairly high end.

          I was really trying about 5 years ago but there were just so many devices that don’t. My ISP still doesn’t

            • @[email protected]
              link
              fedilink
              English
              2
              edit-2
              9 months ago

              Vizio 65” OLED. Technically I don’t see anything saying yes or no on IPv6 but I didn’t find any relevant settings on the TV network config, nor do I see any IPv6 address on my router.

              I did see an online post of someone saying similar, except the Chromecast functionality used IPv6

      • @Mnemnosyne
        link
        English
        5
        edit-2
        9 months ago

        Wasn’t 64 bit adoption largely driven by Microsoft deciding they weren’t making a 32 bit version of their next Windows at one point? It seems it might take something similar.

        • @[email protected]
          link
          fedilink
          English
          89 months ago

          Microsoft supports 32 bit processors still with windows 10. They died out because it was becoming clear that 4GB of memory wasn’t going to be enough for applications, and the low margins on budget chips didn’t warrant maintaining 32 bit designs when the 64 bit versions would do and could still run the 32 bit software.

        • @[email protected]
          link
          fedilink
          English
          69 months ago

          No, 64 bit was widely adopted long before windows cut support. Keep in mind a 32 bit OS can only use ~4GB of ram, and most systems have been shipping with more than that for many years now.

          • @[email protected]
            link
            fedilink
            English
            19 months ago

            Towards the end of 32 bit’s life, physical address extension allowed operating systems to use more memory, often up to 40 bits worth, but still could still expose a 32 bit address space to user applications.

      • @[email protected]
        link
        fedilink
        English
        1
        edit-2
        9 months ago

        thats why dual stack exists. so older devices can still be used on an ipv6 network.

        just give us a functioning ipv6 infrastructure, and the majority of home routers in the marlet will deal with it seamlessly.

        so i want to know whats the damn holdup at this point?? my 3rd world country has it but big US players like carriers and amazon seemingly cant do it.

    • Max-P
      link
      fedilink
      English
      139 months ago

      It would be a good start if AWS supported IPv6 on all their services in the first place. Everything enters through CloudFront so I don’t need any IPv4. But AWS’s own services don’t have IPv6 in every region, so I still have to provision NAT gateways.

      • @[email protected]
        link
        fedilink
        English
        59 months ago

        Yikes. I get free IPv6 for my servers through Hurricane Electric since my ISP doesn’t provide it yet, I wonder if their service also works on AWS? I mean come on, if someone like Comcast can figure it out, why is it so hard for a major player like Amazon?

        • Max-P
          link
          fedilink
          English
          49 months ago

          Lots of legacy networking I would assume.

          Most services especially compute can get IPv6 so if all you have is EC2 instances you’re good. S3 is usually fine, but I think when you get into Lambdas and especially the more niche services, those are IPv4 only, so you need some IPv4 addressing.

          Ironically I’ve really been enjoying the massive IPv6 address space, makes numbering dozens of VPCs and subnets a whole lot easier. I don’t get why it’s not in huge demand especially larger customers.

          • @[email protected]
            link
            fedilink
            English
            19 months ago

            It is actually in demand by one big customer, the DoD. Amazon is pushing hard to get all its services IPv6 by EOY as of this year’s re:Invent. Something like 98% need to be in place for DoD contracts.

            And they’re trying to force people over to IPv6 by charging them per public IPv4 address, so, hopefully that spurs the migration. Larger address counts/space is super useful.

  • @[email protected]
    link
    fedilink
    English
    389 months ago

    I remember doing an IT course over a decade ago and learning about IPv6 taking over, honestly surprised it hasn’t yet. I just looked it up and apparently they came up with it in 1998. How is it taking so long? Is there some technical reason it’s harder or something? Does the extra address size mean a not so great trade off in traffic or something?

    note: I did study a bit of networking and IT but have forgotten everything mostly and work in a different field, thus my ignorance.

    • @[email protected]
      link
      fedilink
      English
      39
      edit-2
      9 months ago

      IPv6 is here, and has been for a long time. But if, for example, your web or email server can only be reached over IPv6 some people will not be able to load the site or send emails to you.

      The entire internet is configured to work with IPv4. Some of the internet (less than a quarter) is also configured to also work with IPv6.

      Imagine if your home had two driveways on different streets. Do you tell everyone both addresses, or do you pick one of them? Probably just one right? Now imagine if the second address can only be reached if someone has an off road capable vehicle. And you don’t know what vehicle someone has - which address would you give them? Is it even worth having two driveways?

      That’s the situation we’re in. IPv4 support is required and works perfectly. IPv6 is optional and doesn’t always work.

      • @[email protected]
        link
        fedilink
        English
        89 months ago

        IPv4 support is required and works perfectly.

        Except it doesn’t work perfectly, because it has a relatively small address space. That’s why ipv6 exists.

        • @[email protected]
          link
          fedilink
          English
          79 months ago

          The driveway works perfectly, but it doesn’t have space for all the guests if they all want to use their own vehicles.

          Thankfully, we have carpooling and rideshares.

      • @[email protected]
        link
        fedilink
        English
        69 months ago

        “Luckily” we are reaching the point where IPv4 just isn’t going to be fiscally sustainable for the majority of companies, meaning the push to IPv6 will be hastened.

        Though I don’t pretend it isn’t going to be a hell of a ride.

          • @[email protected]
            link
            fedilink
            English
            6
            edit-2
            9 months ago

            I had a roommate once who need an IP for something, and because it was a device I had been working with recently, I just rattled off “192.168.0.7” or something.

            He was in awe of the fact that I could remember it. However, it’s not that difficult when you know the private prefix you use is always “192.168.” and that gets burned into your brain. The next octet is often zero (maybe 1 if your home network gets crazy), and you really only need to remember the final octet for the device.

            Point is, fe80::x will go the same way. You’ll remember fe80, and the rest is however you handled your own network scheme.

            (I can never remember the class B private address space, though. Only classes A and C. Never needed to bother with the class B space when you can subnet 10.x.x.x so much.)

            • @[email protected]
              link
              fedilink
              English
              19 months ago

              The next octet is often zero (maybe 1 if your home network gets crazy)

              No. It’s 23 or 42.

          • @[email protected]
            link
            fedilink
            English
            59 months ago

            I definitely agree with automatically configured stuff, but I enjoy setting link-local static IP address with IPv6, like my home server is fe80::bad:c0de or 192.168.0.2, and my NAS is fe80::coo1:da1a or 192.168.0.3. I’ve definitely mistyped the IPv4 a few times (see your 169 typo), but the IPv6 always delivers hackerman vibes.

            I have also set <prefix>::bad:c0de and have my IPv6 prefix on a keybind, but I understand that’s a bit of a stretch.

          • @[email protected]
            link
            fedilink
            English
            19 months ago

            fd00::x is shorter than 192.168.x.x

            Technically you’re supposed to use fdxx:xxxx:xxxx::x, but on your home network nobody cares.

    • @[email protected]
      link
      fedilink
      English
      289 months ago

      There are huge gaps in ipv6 adoption which means most users and services must continue to support and use ipv4.

      Since everyone has to continue ipv4 support, there’s not much motivation to push general adoption of ipv6. Maintaining dual stack support has its own costs.

      Even within AWS, many of their services still don’t support ipv6. AWS fees for ipv4 addressing may end up being a comparatively big driver for adoption.

      • @[email protected]
        link
        fedilink
        English
        129 months ago

        Even within AWS, many of their services still don’t support ipv6. AWS fees for ipv4 addressing may end up being a comparatively big driver for adoption.

        You just outlined a reason for AWS not to fully support IPv6 as well.

    • @[email protected]
      link
      fedilink
      English
      189 months ago

      In addition to what the other commented said, a lot of sys and net admins really don’t like the idea of every lan device being globally addressable, while there’s ways around it, a standard ipv4 Nat is a safety blanket to a lot of admins… Not that it should be like that, just my observation.

      • @[email protected]
        link
        fedilink
        English
        9
        edit-2
        9 months ago

        a lot of sys and net admins really don’t like the idea of every lan device being globally addressable

        Those admins don’t know what they’re talking about. IPv6 has a region of the address space that can only be reached locally - similar to the 192.168.x.x space in IPv4. The only difference is it’s really big (way bigger than the entire IPv4 space).

        As for NAT… there’s nothing stopping you from using it with IPv6. It’s often unnecessary, but if you disagree you can use it. And in practice NAT is often part of the transition process to IPv6 - my cell network carrier for example gives my phone an IPv6 address on their internal network but routes all my traffic to the regular internet via IPv4. They are using NAT to do that. If you try to ping my phone’s IPv6 address, it won’t reach my phone.

        • @[email protected]
          link
          fedilink
          English
          49 months ago

          Honestly my biggest issue with ipv6, aside from not understanding it, which I don’t, at all, I’ve realized while setting up my own opnsense firewall, is that they decided on FUVKING COLONS. AND LETTERS. Okay, cool, hexadecimal exists, that’s swell, but typing them is such a fucking pain in the ass.

          There’s no way to put your fingers on a keyboard to make it feel natural.

      • @[email protected]
        link
        fedilink
        English
        4
        edit-2
        9 months ago

        They need to stop that nonsense. NAT is not for security, and was not designed for security purposes. In fact, there are a few ways it subverts security, such as SNI in TLS making the connection less private than it could be.

        If they want to block external connections, a border firewall can do the job just fine without NAT. It’s arguably better, because NAT complicates existing firewall rules and their implementation in code. Complications are the enemy of security.

        • @[email protected]
          link
          fedilink
          English
          19 months ago

          a border firewall can do the job just fine without NAT

          How do you anonymize ip addresses without effectively recreating nat using firewall rules?

            • @[email protected]
              link
              fedilink
              English
              19 months ago

              There is no way to personally identify anyone. Right now advertisers have to jump through hoops of cookies and browser fingerprinting to identify you- which can be blocked.

              • @[email protected]
                link
                fedilink
                English
                29 months ago

                They still wouldn’t. A single computer address is not an individual. They’re only slightly better off compared to knowing the edge router IP like they do now.

                If you really want to protect against that, then use a proxy or an onion router. NAT was never meant to do this, and it does it poorly.

                • @[email protected]
                  link
                  fedilink
                  English
                  19 months ago

                  A single computer address is not an individual.

                  It is extremely likely to be the same user. Shared computers are rare today.

              • Dark Arc
                link
                fedilink
                English
                19 months ago

                In a large cooperate network, or even a small network, there’s nothing fixing a device to a specific network address. You can shuffle those around between people entering and leaving the building and device power cycles just like DHCP does for IPv4.

    • @[email protected]
      link
      fedilink
      English
      139 months ago

      How is it taking so long?

      It’s more complicated and v4 is already there. That was the reasoning and it hasn’t changed even though by now it should have.

    • @[email protected]
      link
      fedilink
      English
      129 months ago

      To add to what others have said, I’ve heard that wide adoption of NATing as a standard practice basically ensured IPv4 longevity well beyond its logical end. This along with the cost to fully upgrade a network to IPv6 meant there was no financial incentive for companies to adopt it.

      With Amazon starting to charge for IPv4 addresses, it won’t be long before Google and Microsoft do the same with GCP and Azure. This may be the financial kick in the ass to get large enterprise environments to finally commit to IPv6.

      • @[email protected]
        link
        fedilink
        English
        19 months ago

        Financial incentive does exist, but the problem is that it’s a tragedy of the commons. Me upgrading only makes sense if everything else is also upgraded. Until then, it makes sense for me not to spend anything. However, everyone else is making exactly that same calculation.

        ISPs have a lot of trouble managing IPv4. How much so depends on when you got your allocations. The first ISPs in the US got tons. The ones that grew out in other countries had to pick over the scraps. Even later US ISPs, particularly mobile carriers, got hit just as hard.

        Those later arrivals have to implement Carrier Grade NAT, where all traffic goes through a small set of IPv4 addresses. Sometimes, it’s multiple layers of NAT. It takes extra equipment and network design to support all this, which in turn affects speed, reliability, and cost.

    • @[email protected]
      link
      fedilink
      English
      109 months ago

      Even tough IPv6 is technically superior to IPv4 for the network operator it doesn’t have clear benefits for home users.

      Having global addresses instead of NAT means less control over your LAN and these unique public addresses can track users more accurately.

      • @[email protected]
        link
        fedilink
        English
        19 months ago

        is there any reason why we can’t still use NAT with IPv6? it seems like that would solve at least some of the problems.

        • @[email protected]
          link
          fedilink
          English
          4
          edit-2
          9 months ago

          In principle, no. In practice I looked into it to do a quick job of enabling ipv6 on my router and the software either just doesn’t do it, or fights you actively.

          Generally speaking ipv6 is a PITA to administer, at least from the POV of someone who’s not a professional network admin and can’t be arsed to spend a month learning a gazillion new concepts when I can be just fine with ipv4.

        • @[email protected]
          link
          fedilink
          English
          29 months ago

          It is possible, it’s just not generally supported be ISP routers. Also there is a possibility of performance issues since IPv4 NAT often relies on hardware acceleration which might not work for NAT6.

        • Dark Arc
          link
          fedilink
          English
          29 months ago

          Because you shouldn’t. NAT causes so many issues, nobody sane is implementing NAT for IPv6 as an out of the box option.

      • Dark Arc
        link
        fedilink
        English
        19 months ago

        Having global addresses instead of NAT means less control over your LAN

        You can still have internal IP addresses and things like the router firewall work pretty much like they always have. I’m not sure what you mean by less control really.

        these unique public addresses can track users more accurately

        I feel like that concern is overblown. You get way more information from DNS, for way cheaper, than you get from “there were 27 devices, now there are 28!” and both takes being the ISP and observing the traffic.

        It’s also not like VPNs can’t work in IPv6 land for people that really are conscious of hiding as much information about what they’re doing from their ISP as possible.

  • @[email protected]
    link
    fedilink
    English
    23
    edit-2
    9 months ago

    Many, many years ago, long before AWS was ever a thing, I posted on Slashdot about how there are problems with the IPv6 rollout. Basically that it should have been aggressively done in the 90s as a simple increase in address length and not try to fix every goddamn thing wrong with IPv4. Not doing that meant being stuck in a decades long rut with adaptation.

    Someone accused me of being a shill for the telecom industry who wanted to profit off the shortage of IPv4 address space. I mentioned this to someone who I consider the smartest networking guy I know, and he thought that was dumb as hell. IPv4 causes more headaches than it’s worth for those telecom companies to try to astroturf Slashdot or anywhere else.

    And yet, now we’re here with Amazon actually making good on the premise, if not the actual astroturfing (yet).

  • @[email protected]
    link
    fedilink
    English
    209 months ago

    customers will pay $0.005 per public IPv4 address per hour

    That works out to $43.80 per year ($43.92 if it’s a leap year).

    today’s average IPv4 price tag [is] $35

    Seems like AWS’s IPv4 pricing is a bit of a rip-off. Not that there’s much of an alternative for anyone who isn’t able to buy an entire block, though.

    • partial_accumen
      link
      fedilink
      English
      109 months ago

      IPv4 is really outdated.

      Dirty IT open secret. Lots and LOTS of IT still running mission critical workloads is outdated too, but still running.

      • @[email protected]
        link
        fedilink
        English
        49 months ago

        We still had a networked DOS 3.1 server running at my last job for the intercom system in the building when I was IT that ended up blowing up in a power surge we had (it was wired into a direct 12v power rail that for some reason had no surge protection). Of course they did the obvious thing to do and spent $4k to get the exact same DOS 3.1 box second hand to replace it with

  • Dizzy Devil Ducky
    link
    fedilink
    English
    13
    edit-2
    9 months ago

    The scary part about this, outside of amazon, is the fact that I actually understand some of the technical stuff being said in the comments.

  • @[email protected]
    link
    fedilink
    English
    5
    edit-2
    9 months ago

    For instance, this old blog post from Meta (Facebook back then) claimed IPv6 optimizations accelerated their site by 10-15%

    How the hell does the addressing system improve a sites performance by 10-15%??? That’s crazy!

    Also - Maybe I Should read that blog post lol