I’m more surprised that a single IP address is worth $20 apparently than Amazon owning 100 million of them.
What I wonder, is it a competitive advantage for Amazon at this point that they have so many? Phrased differently, would it benefit Amazon if the current status quo of IPv4 vs IPv6 adoption is maintained?
Yes, I think it would. Because despite the obvious business advantage they have, any would-be competitor would need IPs at a similar scale. That will either cost a ton more than Amazon has, or they simply won’t be available.
I own 2048 IPv4’s myself and their value is ever increasing. Like digital real estate, without the fluctuation of crypto. But I would prefer it if IPv6 would take over IPv4, and fast, because it will become a problem that will stifle competitors at some point. If most IPv4’s are owned by big corporations, that’s essentially.. them owning the current internet.
IPv6 is practically free.
I would love to see a breakdown of IPv4 FAANG ownership!
> I own 2048 IPv4’s myself and their value is ever increasing. Like digital real estate, without the fluctuation of crypto.
Until the day when ipv6-only connectivity becomes practical/commonplace. At some point ipv4 market is going to crash when they are simply not needed anymore. Of course that inflection point might still be quite far away, but I wouldn't count on ipv4 stock being a retirement fund
This is slowly happening. On my blog, I can see IP addresses of people who subscribed for my newsletter. It used to be 100 per cent IPv4 a year ago, now it is more like 8:1.
Not exactly. At 70% (like today in much of the world) that's certainly a practical option for most people. At 10% not so much.
So what happens is that beyond a certain point it stops making commercial sense to route IPv4 globally. That's probably before your 10% mark. So by then there's no point bothering with IPv4 for your systems unless you specifically serve that deprived market and will spend money to connect to them specially.
For IPv4 users the Internet still mostly works, when their system asks "A? some.website.example" and there is no A record because the IPv4 Internet isn't really a thing any more, it gets an answer like "10.20.30.40" where that address was arbitrarily picked as a temporary local assignment for some.website.example. When they connect to 10.20.30.40 a Network Address Translation module behind the scenes does an IPv6 connection to some.website.example and hooks them up.
So their copy of Internet Explorer still "works" although some more advanced features are flaky or missing but hey, they know they have crappy 20th century Internet and ought to upgrade.
Inside some larger companies there already is no IPv4, and that will spread, inconsistently but it will spread, because IPv4 is a pain in the backside, it's easier without it. Translation gateways keep things mostly working enough for people who have IPv4 only, today that's the majority, a decade from now it's a minority, and eventually it's too few people to care about.
Eventually (probably much below 10%) the translation gateways are thinly used enough that "nobody" proactively notices if they're broken, that'll happen in some places faster than others, but the effect is to push those final people to upgrade because it's just annoying to always be the person calling your ISP to complain when it breaks.
> I own 2048 IPv4’s myself and their value is ever increasing.
I own several /22's, and are renting them out through a broker. So far, 1 months rent (easily) covers the yearly RIR costs, so quite a good margin, and I still own them.
So when time comes, I can sell them, but before that, rent keeps coming in. Just need to make sure they are sold before the market value of an IPv4 crashes to zero.
This is a good question, I don't get why you are downvoted. I also own some /22 and I've been so far reluctant to rent them for the reasons you mentioned.
Just out of curiosity how does one go about purchasing and maintaining ownership of IPv4’s. Do you need to do it through your own company or is it possible as an individual. I’ve heard you have to demonstrate you can use them but that was in relation to IPv6’s.
Depending on which Regional Internet Registry you belong to (based on country of residence/incorporation), the process is roughly:
A) justify an AS and pay the fee
B) find someone to buy IPv4 addresses and pay them (probably a deposit)
C) justify IPv4 address space to the RIR and pay the fee to transfer from your seller
D) pay annual dues
If your RIR actually has space available, you might be able to skip step B. And you can get IPv6 addresses without finding a seller, because all the RIRs have IPv6 space.
RIR processes are generally human driven, so you might get more questions if you're filing as an individual.
It wouldn't take too much to make a breakdown of IP announcements. Ownership is a bit harder to track down, I think.
Looking at something like https://bgp.he.net/AS32934#_prefixes will tell you what IPs Facebook announces. Rinse and repeat for whoever else. Maybe a bit tricky if you need to track down subsidiary ASes.
Disclosure: I worked for WhatsApp including while it was part of Facebook, and was involved in getting AS11917 setup for WhatsApp.
I'm not sure what AS11917 is for now but the lion's share of WhatsApp now runs over/in Facebook's network/datacenters. WhatsApp chat connections are terminated on the FB edge like most other FB traffic and it shares FB's common CDN for media. AS11917 might be some legacy stuff or, as was mentioned, special policy stuff. But assuming things are as they were a year or two ago most of your WA traffic is via AS32934.
I'm not 100% sure, but if WhatsApp wanted to run their own datacenters, then they'll need their own IP ranges, and BGP/AS numbers is how IPs are "routed".
The AS number is used to let others know that a given IP range is reachable via your router.
I'd like to give a better explanation, but I think it would be wrong. BGP is really hard for me to grasp, even if my networking colleagues claims it's not really that complicated.
"Running a datacenter" isn't something that inherently needs its own IP range. You could run a datacenter only in private address space and NAT to the internet (though this wouldn't really be very practical) or even run in private space. My point is that having a lot of computers doesn't _necessarily_ require getting public IPs or ASNs.
You need public addresses if you want to be publicly reachable. If you're small you might find an ISP — let's say ISP Inc — that will give you an internet connection and allocate some part of the address space it in turn has been allocated. There's no need for BGP or dedicated IPs here — the rest of the internet already knows how to reach the range(s) of addresses assigned to ISP Inc, and from there ISP Inc's own network takes care of sending the traffic down the pipe to you.
If you need a lot more addresses, or you want to use more than one ISP (either of which could apply to WhatsApp's case), you probably need to get a dedicated assignment and an ASN. The ASN means you're an "autonomous system" — not a carved out bit of someone else's network. You go to your local registrar and convince them you need some addresses, and then you go to your ISP(s) and ask them for "transit", which means they'll connect you to their network and route to and from the rest of the internet for you. But since you're now using your own addresses it's not as simple as above, where your IPs were part of your ISP's range and everyone else just sent their traffic to your ISP for them to route to you. Your IPs are yours now, and until you tell the rest of the internet how to find you nothing will work. To make this work you have to get your ISP(s) to tell the internet "hey, y'all want to send traffic to Mr Weasel LLC? I can handle it for you". This is called "announcing" a prefix (IP range) and BGP is the mechanism through which all the routers on the internet propagate announcements detailing who is providing connectivity to who.
Conceptually this stuff is quite straightforward but in practice it can be mindbending. As well as transit there are peering arrangements (where Mr Weasel can arrange with Netflix to swap traffic over a dedicated physical connection, rather than their respective ISPs) and hella complicated traffic engineering schemes linking the big content providers to the internet. For instance, Facebook has thousands of transit and peering connections with other ISPs and providers and deciding which path is optimal for any given situation requires very complicated policies and management.
While what you suggest is possible it’s amature and fraught with problems.
Any halfway serious company that wanted to run a global application on their own infra is gonna need their own ASN and internet presence with their own IP space.
You can split hairs however you like on when one needs their own allocation. That wasn’t my point — I was just trying to illustrate to the parent poster (since they seemed uncertain) how internet routing works at a basic level and why decisions over IP space aren’t necessarily a concern for “running a datacenter”. Perhaps I took this remark too literally and I hope the parent commenter forgives me if that is the case.
The smallest routable IPv4 network on the Internet is a /24, which is 256 addresses. Regional Internet Registries won't assign you smaller than a /24, but individual ISPs might. Even if you have an assignment, maintaining it requires payment of annual fees to your RIR, unless you're a lucky "legacy" address holder from before the RIRs were formed.
I own a /24 from the early 90's, registered before ARIN and the other RIRs existed. It is considered a legacy block and I've never signed the legacy registration agreement, so no fees for me! I do have it routed to my home network over a "business broadband" connection.
I use my network mostly for experimentation and it is unlikely to be a target for hijack. If I were a commercial enterprise I would want RPKI for the future. Currently it seems mostly irrelevant in a practical sense, due to the small number of ASes actually validating.
From what I understand, the problem is in routing them. If you could buy a single IP address then all the routers need to keep a record of where that IP address goes to rather than a simple rule of this whole block goes out port 5
No, not really. If a new organization needs a large block of ip addresses, they just use IPv6. The biggest reason IPv4 persists is because deploying IPv6 can be very expensive for legacy users: new equipment, retraining, hiring. For a large organization, planning and executing such a deployment can take years. There are a lot of fresh new telecom providers in India who do not have that kind of baggage, so they chose to deploy IPv6 networks from the start for their cellular internet. You'll notice that if you're on a cellular network, even in the U.S., you will have an IPv6 address. If "the market" ever tries to price gouge for IPv4 addresses to the point where deploying IPv6 becomes the cheaper option, then organizations will just use IPv6 instead.
> You'll notice that if you're on a cellular network, even in the U.S., you will have an IPv6 address.
Just a data point.
I'm on a cellular network in the UK for both my phone and my phone network (via 4G router).
My phone get an IPv6 address only, no IPv4.
But my home network gets an IPv4 address only, no IPv6. I can't obtain IPv6 on the home network even though it's the same cellular service (down to the same kind of SIM and same contract) as the phone.
Please tell me which network so I can immediately switch.
Three unfortunately still don't use IPv6, and I'd prefer if my phone were IPv6-only than IPv4-only since everything else in my life is IPv6 capable -- all my servers, my home Internet, my email provider, etc...
EDIT: So it seems some people have gotten IPv6 addresses from Three last year - e.g. https://twitter.com/Mythic_Beasts/status/1195292901191892992 - so perhaps I just need to wait for Three to enable it for everyone? Not going to wait forever though...
The phone Settings > About > Status shows an IPv6 and no IPv4.
However it's not really IPv6-only. It is able to make IPv4 connections, which rather than going over the IPv6 route, are instead tunnelled to the network separately via the modem and the network applies CGNAT and assigned an ephemeral source IPv4.
I also I also use Three for my 4G+Wifi home router. That doesn't get an IPv4 at the moment, just an IPv6. None of my home devices can make IPv6 connections over the LAN to my internet services. They resolve ok, but then have no route.
Same applies when using my phone as a Wifi hotspot. The hotspot is IPv4 only, even though the phone itself has an IPv6 uplink.
Now I know it's an experimental partial rollout by Three, I wonder if I'd see the opposite if I swapped the two SIMs.
I've seen some VM providers charge more to get an instance with IPv4 connectivity. Amazon doesn't charge extra for that (last I looked anyway), so that's a potential advantage.
IPv6 penetration is growing, but Akamai reports that even the most IPv6 networks only go to ~ 92% IPv6. So if you want to have full reach, you need IPv4, but you don't really need IPv6 (although, you may want it, some of the CGNAT systems that users are behind are pretty bad, avoiding that is nice)
* They'll provide a free dynamic IPv4 address attached to any interface/VM for the life of that VM.
* They'll provide static IPv4 addresses. These are generally free, but you'll be charged if they're not attached to a VM (i.e., sitting unused). Only one IP per instance is free.
Charge is a half cent an hour, so works out to about $3.65/mo to camp on an IP address.
Nothing is free when you get it from a profitable business.
EC2 prices are pretty high compared to other offerings if you run the machine permanently. The "free" IPv4 address is certainly a part of the price. (There are other parts like good maintenance, which you don't necessarily get from cheaper competitors)
Scaleway charges you 1 € / month for such address whether you use it or not. That's a 25% premium on the cheapest machine when in use. Much cheaper than AWS whether in use or not.
Not sure how many customers could perfectly live without the IPv4, but AWS seems to be in the market position to (covertly) charge them, too.
Typically not (but I guess it's possible). CGNAT is expensive to run, but carriers do it because it can be less expensive than getting more IPv4 addresses, and it's faster to add capacity than to get addresses. IPv6 addresses are very low cost and quick to ger assigned, so if you're supporting IPv6, and you run low on addresses, adding CGNAT doesn't make sense.
It's much more typical to either have cgnat IPv4 and public IPv6, or just cgnat IPv4 and no IPv6 than to have cgnat both.
That doesn't sound quite right to be honest - do you have a source for that?
I don't even see what possible rational there could be for such a change.
Most native v6 consumer already have firewalls for IPv6 in the CPE which block any incoming connections per default, so not even the misusing NAT as firewall argument applies here.
That’s what’s happening here in Spain. The biggest ISPs are doing nothing to migrate to IPv6 because they are sitting on a shitload of IPv4 addresses and that makes it very hard for new ISPs to compete.
There's a u shaped curve on pricing. There's a lot of demand for /24s, because sometimes that's all you can justify.
Once you get bigger than what can be easily justified, the prices go down a bit. If you need a /18, you can probably use either an /18 or two /19s or ... You can make it work, and there's not enough benefit for contiguous to pay more. Of course, if you can justify an /8, there is a premium for contiguous. Otoh, not too many /8's for sale.
What I wonder, is it a competitive advantage for Amazon at this point that they have so many? Phrased differently, would it benefit Amazon if the current status quo of IPv4 vs IPv6 adoption is maintained?