Tuesday, July 8, 2014

IPv6 Growth Inflection Point

Now that the percentage of IPv6 users accessing Google's websites has reached 4%, I decided to revisit my prior post projecting IPv6 growth. Assuming that people around the world use google as it sits atop Alexa’s list of top websites, it would seem such a measurement provides data that could be loosely projected to the Internet at large. It took just 140 days for the IPv6 user rate to climb from 2% to 3%, and interestingly only 140 days from 3% to 4%. Is IPv6 growth going linear? Or more likely have just passed an inflection point beyond which growth will accelerate?

Reiterating our view that the historical IPv6 user data is comprised of two segments, the first being the nearly linear component of near zero penetration up through 2011, and the second representing the present growth phase, we plot the measured IPv6 penetration since the end of 2011. Applying both exponential and second order polynomial curve fittings as before in Figure 1, we see that our exponential curve, the solid red line, fits very well with a R2 of over 0.99 while our polynomial curve fit, the dashed green line yields a respectable R2 of 0.9844.

Figure 1: Curve fittings for most recent Google IPv6 users data

The exponential curve predicts IPv6 penetration at 6.2% by the end of this year, while the polynomial predicts 5.6%. These predictions are both a bit higher than the corresponding points from my prior post at 5.9% and 4.9% respectively. The trend curves are getting steeper though they diverge rapidly after these near term predictor points, with the former model predicting nearly 15% penetration by the end of 2015 and polynomial indicating only about 10%. Incidentally, the linear 140-day percentage point increase model predicts 8.0% by the end of 2015. Stay tuned for my next post on this topic and an update when this particular penetration measure hits 5%.

Friday, June 6, 2014

Take our annual IPv6 survey to celebrate World IPv6 Launch

On this second anniversary of World IPv6 Launch, are you among the growing population of those having deployed IPv6? The World IPv6 Launch site has a nice infographic to commemorate the anniversary which indicates growing IPv6 momentum. The Internet Society links to several measurement sites, many of which indicate an increasing volume of IPv6 traffic.
Whether you have already deployed IPv6 or you have no plans at all, you are invited to complete our annual IPv6 survey. This year's survey is very similar to last and prior years' surveys in order to help us identify trends and changing perceptions about IPv6. The survey should take about five minutes to complete so we invite you to let us know what you think. We're also going to be drawing the name of one survey respondent to whom we will award a $100 Visa gift card, so I invite you to complete the survey.

Thursday, April 24, 2014

Internet only has room for another 1.4% of world pop

As I pondered my prior post regarding ARIN's announcement of its IPv4 address capacity dwindling down to a single /8, I began to wonder how long it would be before those supporting only IPv4 communications would feel the impact. The "impact" of ignoring IPv6 may be the inability to communicate with THE growth segment of the Internet. Once IPv4 is totally depleted, ALL growth will by necessity utilize IPv6.

And this total depletion time may come very soon. As I pointed out in that post, the sum total IPv4 address space that's available globally is about 0.1 billion. Truthfully, ISPs that obtain space from RIRs and enterprises from ISPs, likewise have their own stock of IPv4 capacity, but once the RIRs run out, there will be no additional space to be had. Consider that the 0.1 billion IP addresses represents a mere 1.4% of the world's population of 7.2 billion. One simple minded conclusion would be that the IPv4 Internet can support a mere 1.4% increase in Internet user penetration.

The current Internet user penetration as reported by Internet Live Stats is about 40% today. The penetration at the end of 2013 was 38.5%, so it took less than four months to grow further than 1.4% in penetration. So could it be another four months until we're totally out of space? Not likely, but it is likely that within a year, IPv4 space will be very hard to come by.

The world's insatiable appetite for IP addresses derives primarily from the proliferation of IP-addressable devices, from consumer communications devices like tablets and mobile phones, to industrial or public safety sensors, to developing countries deploying broadband and wireless networks. If you desire to share information, conduct business, or otherwise communicate with users of such devices, you should consider deploying IPv6 support in the very near future if you have not already. As use of such devices flourishes, they will ultimately use IPv6 addresses as that is all wireless and broadband operators will have available to assign. If you'd like them to be able to reach you online, you'll need IPv6-accessible resources, which means you'll need IPv6 address space. Don't know where to start? Contact us to learn more and for help.

Wednesday, April 23, 2014

ARIN Reaches Final Stage for IPv4 Address Space

ARIN today announced that it is now down to its last /8 of IPv4 address space. This is the point when remaining IPv4 capacity is considered "depleted" and more stringent allocation policies are put into effect, as outlined in the announcement. The analogous depletion state was announced and similar policies enforced by APNIC in 2011 and by RIPE in 2012. LACNIC crossed the /8 threshold in 2011 but will engage its depletion policies when it reaches one /11 (2.1M IP addresses).

The last /8 threshold means the RIR has about 16.8 million IPv4 addresses available, which may seem like a lot, but each allocation consists of hundreds if not thousands of IP addresses to ISPs and customers. Hence the more stringent allocation policies to extend the lifetime of IPv4 a bit longer. You can follow the current outlook on IPv4 lifetime by RIR on Geoff Huston's potaroo site and summarized below and updated with this recent ARIN information:

RIRProjected Exhaustion DateRemaining /8sIP addresses
APNIC19-Apr-2011 (actual)0.793713.3M
RIPE NCC14-Sep-2012 (actual)0.819313.7M

The net impact is that the Internet has just over 100 million IPv4 addresses available. That's 0.1 billion, which with only about 40% Internet user penetration today, doesn't leave much capacity at all for those 4 billion plus earthlings who do not yet have Internet access. If you haven't been convinced of the inevitability of IPv6, hopefully this helps and provides ample time to plan for it. If you haven't had time or resources to plan for IPv6, now is the time to start planning. BT can help with network assessment, planning and deployment services, free IPv6 addressing tools, and commercial IP address management (IPAM) solutions. Contact us to learn more.

Tuesday, February 11, 2014

Predicting IPv6 Growth

Upon hearing the news that Google’s measurement of IPv6 users hitting their websites hit 3% of total users, having just surpassed 2% in September, 2013, I became less skeptical of the exponential growth predictions for IPv6. Under the assumption that people around the world use google and it is atop Alexa’s list of top websites, it would seem such a measurement provides data that could be loosely projected to the Internet at large. To explore this uptick in hits, I sampled some data points from Google’s statistics site in an attempt to create a future projection.
Figure 1: A pair of curve fittings for Google IPv6 users data

In my first attempt at “curve fitting,” I considered quarterly data points going back to early 2009 when google started measuring IPv6 visitors. Applying curve fitting to these data points, I created the the chart of Figure 1, with sample data points represented as blue diamonds. Applying an exponential curve to this data set yields the more gradually sloping (red) curve in Figure 1. As you can see, this curve seems to overcompensate in early years while flattening growth in the later years. This curve’s estimated penetration yielded less than 2% at the end of 2013, well below measured data. I then applied a second-order polynomial trendline in attempt to more closely map to data samples, shown as the steeper (green) line. This curve seems to better fit the later measurements in the chart, though it predicts passing 3% in mid-2014, a metric that has already been reached. Incidentally, the polynomial curve yields an R2 of 0.95, which is a better fit than the 0.9 value for the exponential curve.
Figure 2: Curve fittings for most recent Google IPv6 users data

I then considered the data as comprising two segments, the first being the nearly linear component of near zero penetration up through 2011, and the second representing the present growth phase. Considering only these latter data points, Figure 2 illustrates another pair of trend lines, exponential, in this case the steeper of the two and polynomial. Interestingly, the exponential curve yields an R2 of over 0.98, representing quite a good fit, and the polynomial fit isn’t too bad at about 0.96. It’s interesting to extrapolate these curves out a couple years to predict the growth in IPv6 Google users and by loose association, Internet IPv6 users. The table below summarizes the predicted percentage of Google users accessing via IPv6, considering data samples back to 2009. These predictions are rather unimpressive, with modest IPv6 penetration with neither reaching double digit penetration even by the end of 2015. But I personally tend to put more stock in the more recent sample data, shown in the far right two columns of the table, illustrating a more rapid adoption of IPv6.

Model prediction
Samples 2009-2013
Samples 2012-2013
End of year

What will the future hold for IPv6 user growth? These models vary quite widely in predicting growth rate, but the trend is definitely upward. Make preparations for IPv6 in your network today.

Tuesday, January 28, 2014

New gTLD Update: Signed TLDs Now Outnumber Unsigned TLDs

In the six weeks since I blogged about the emergence of new generic Top Level Domains (gTLDs) in the root zone, eighty-four new gTLDs have been delegated. This brings the total number of TLDs, including country code TLDs (ccTLDs) to 427. Of the recently added eight-four gTLDs, nine are internationalized, and this brings us to fifty internationalized TLDs, comprising a mix of both gTLDs and ccTLDs.

And thanks to the signing requirement of the new gTLD program, all eighty-four domains are signed with DNSSEC. This brings the number of signed TLDs to 235, with 229 having delegation signer (DS) records in the root zone. Signed TLDs under which you register domain names, especially those with DS records in the root zone, streamline the process for resolvers to validate your signed name space. Resolvers need only maintain the root zone public key (trust anchor) to validate signed subtrees of the global DNS namespace. As long as each domain along this chain down to your zone is signed, a resolver can validate your signatures using the root trust anchor. This "chain of trust" is linked via DS records, which are published in a parent zone and authenticate a child zone's public key.

With more signed TLDs, especially if yours is/are signed, your path to securing your name space becomes simpler. The table below reflects todays status, updated since my prior post. Other than the addition of eighty-four gTLDs (9 IDN and 75 non-IDN), the .name generic-restricted TLD was signed, moving one tally from unsigned non-IDN to signed non-IDN in that row.

Country Code TLD129024159
Generic TLD1410900
Sponsored TLD0708
Infrastructure TLD (.arpa)0100
Generic-restricted TLD0201

Tuesday, December 17, 2013

More New Generic Top Level DNS Domains

Since the inaugural set of four new generic top level domains (gTLDs) was announced six weeks ago, the tally of new gTLDs has grown to 35. And the number of new gTLDs will likely continue to grow well into the hundreds during 2014 as respective domain applicants work through the approval process. Even today, the 35 newly delegated TLDs comprise just over 10% of the 343 TLDs in the Internet root zone.

The table below summarizes the status of the today's TLDs by type (country code, generic, etc.), whether internationalized or not, and whether DNSSEC-signed or not. Starting at the bottom of the table, of the three generic-restricted TLDs, .biz, .name and .pro, only .biz is signed and clearly none of them are internationalized. The .arpa infrastructure domain is signed as well. None of the so-called sponsored TLDs are internationalized and about half are signed. All of the generic TLDs are signed, and the 35 new gTLDs fall within this row. In fact, all new gTLDs must be signed as required by the new gTLD program. And for the first time, we have five gTLDs so far that are also internationalized, thanks also to the program.

Country Code TLD128924160
Generic TLD53400
Sponsored TLD0708
Infrastructure TLD (.arpa)0100
Generic-restricted TLD0102

All of this may be quite interesting, but how does this affect you? Certainly you should be aware of an inflow of new TLDs in the DNS, which affords the opportunity to register subdomains within appropriate TLDs. For example, if your organization seeks to reach a certain population which uses a non-Latin based language, publishing your domain name (and website) in native language could attract and simplify reachability to your web infrastructure.

Secondly as new gTLDs move towards production, an increasing proportion of DNSSEC-signed zones will rise accordingly. Signed TLDs extend the DNSSEC chain of trust down from the root through a growing proportion of the TLD layer, and ultimately to second level domains typically administered by organizations, enterprises, governments, etc. Such a linked chain of trust simplifies the process of DNSSEC signature validation on the part of validating resolvers, which can authenticate domain information and verify information integrity using the root trust anchor.

Speaking of DNSSEC validation, according to Verisign Labs, alas, less than 5% of resolutions are performed by validating resolvers. Some large broadband and wireless providers have enabled DNSSEC validation within their recursive servers, but many have yet to do so. Much like the case with IPv6, opportunities for use of DNSSEC are growing as the Internet evolves, but it requires some work to participate. DNSSEC can help build a more secure Internet, so if your TLD(s) support DNSSEC signing, I encourage you to investigate implementing DNSSEC. And if any of your TLDs are internationalized, internationalizing your domain label may likewise be worthy of analysis.

You can follow the links to these web resources to keep up with the new gTLD program at ICANN, IANA for a listing and types of TLDs, and ICANN Research regarding TLD signing status.