5.3 Merge window, part 1
Architecture-specific
- The x86 umonitor, umwait, and tpause instructions are now supported for use by user-space code; they make it possible to efficiently execute small delays without the need for busy loops. A knob has been provided to allow system administrators to control the maximum period for which the CPU can be paused.
- The pa-risc architecture now supports dynamic ftrace.
Core kernel
- The scheduler utilization clamping patch set has been merged. This feature allows an administrator to cause specific processes to appear to create more or less load than they actually do; that, in turn, will affect how the CPU frequency governor responds when those processes become runnable. So, for example, an interactive process could be made to appear to have heavy CPU requirements, causing an immediate increase in CPU frequency when that process wakes up.
- The pidfd_open() system call has been added; it allows a process to obtain a pidfd for another, existing process. It is also now possible to use poll() on a pidfd to get notification when the associated process dies.
- Also added is the clone3() system call, which reorganizes the clone() interface, makes it more extensible, and adds space for more flags.
- The new bpf_send_signal() helper allows a BPF program to send a signal to an arbitrary process.
- The BPF verifier is now able to handle programs with loops, as long as the execution of the loop is bounded and cannot cause the program to exceed the maximum instruction count; that removes a major limitation that has irritated BPF developers for some time. Note that this is not the bounded-loop work that was under discussion late last year; it is a new implementation. It seems that the verifier efficiency improvements merged for 5.2 made this task rather simpler.
Filesystems and block layer
- The NFSv4 server now creates a directory under /proc/fs/nfsd/clients with information about current NFS clients, including which files they have open.
Hardware support
- Audio: Conexant CX2072X codecs, Rhythm Tech rt1011 and rt1308 amplifiers, and Cirrus Logic CS47L35, CS47L85, and CS47L90 codecs.
- Industrial I/O: Infineon DPS310 pressure and temperature sensors, Analog Devices ADF4371 and ADF4372 wideband synthesizers, Analog Devices AD8366 gain amplifiers, and ChromeOS EC lid-angle sensors.
- Media: Allegro DVT video control units and Amlogic video decoders.
- Miscellaneous: Freescale i.MX8 DDR performance monitors, Renesas RZ/A1 interrupt controllers, Annapurna Labs fabric interrupt controllers, Atmel SHA204A random-number generators, TI LM3697, LM36274, and LM36274 LED controllers, Dialog Semiconductor SLG51000 regulators, Socionext SynQuacer SPI controllers, Freescale i.MX8M CPU-frequency controllers, Infineon PXE1610 voltage regulators, Infineon IRPS5401 power-management ICs, NXP i.MX8 SCU on-chip OTP controllers, Mixel MIPI DSI PHYs, Fairchild Semiconductor FSA9480 microUSB switches, and ChromeOS embedded controllers.
- Networking: NXP TJA11xx PHYs, Google Virtual NICs, and Hisilicon HI13X1 network interfaces.
- USB: Qualcomm PCIe Gen2 PHYs.
- Removals: the isdn4linux ISDN driver subsystem has been removed entirely; it doesn't appear to have been used for some time. The separate CAPI subsystem is also on its way out, but it has only been moved to the staging directory for now. The mISDN subsystem will remain for now. See this commit for details.
Networking
- The kernel will now accept IPv4 addresses in the 0.0.0.0/8 range as valid. Getting the Internet as a whole to allow that is a work in progress but, once it happens, it will make 16 million more IPv4 addresses available for use.
- It is now possible to attach BPF programs (at the control-group level) to the setsockopt() and getsockopt() system calls. That allows the imposition of administrator policy on those calls; see this commit for some documentation.
- There is also a new socket-level hook to call a BPF program once every round-trip-time interval.
Security-related
- Cryptographic keys can now be tied to a specific user or network namespace, making them unavailable outside of that namespace. Keys are also now protected by access control lists; see this commit for details. (Note that the ACL patch was subsequently reverted though it may be back before the end of the merge window).
Internal kernel changes
- force_sig() has always taken the target task as a parameter, but it has never actually been safe to use for anything other than the current task. That parameter has been removed and a large number of callers have been updated.
Linus Torvalds has been a little grumpy during this merge window, having
encountered multiple regressions that affected his machine. Most of those
have been worked out for now; with luck things will go more smoothly from
here on out. If the usual schedule holds, the 5.3 merge window will close
on July 21, with the final 5.3 release expected in early-to-mid
September.
| Index entries for this article | |
|---|---|
| Kernel | Releases/5.3 |
Posted Jul 12, 2019 22:34 UTC (Fri)
by meyert (subscriber, #32097)
[Link] (55 responses)
Posted Jul 12, 2019 22:44 UTC (Fri)
by corbet (editor, #1)
[Link] (1 responses)
Posted Jul 16, 2019 23:30 UTC (Tue)
by mtaht (subscriber, #11087)
[Link]
Posted Jul 12, 2019 23:26 UTC (Fri)
by bartoc (guest, #124262)
[Link] (21 responses)
Posted Jul 13, 2019 1:05 UTC (Sat)
by shentino (guest, #76459)
[Link] (20 responses)
Posted Jul 13, 2019 8:19 UTC (Sat)
by cpitrat (subscriber, #116459)
[Link] (17 responses)
Posted Jul 13, 2019 9:10 UTC (Sat)
by Cyberax (✭ supporter ✭, #52523)
[Link] (16 responses)
Posted Jul 13, 2019 20:46 UTC (Sat)
by cesarb (subscriber, #6266)
[Link]
Posted Jul 14, 2019 2:41 UTC (Sun)
by naptastic (guest, #60139)
[Link] (14 responses)
Posted Jul 16, 2019 4:49 UTC (Tue)
by riking (subscriber, #95706)
[Link] (1 responses)
Posted Jul 16, 2019 8:01 UTC (Tue)
by naptastic (guest, #60139)
[Link]
Posted Jul 16, 2019 23:16 UTC (Tue)
by mtaht (subscriber, #11087)
[Link] (4 responses)
2) From our testing and from source code inspection of all the source code in the world (amazing what we can do nowadays) we've only found *1* application that used a multicast address in the 225/8 - 231/8 address range, which was reserved for future multicast use and never allocated for anything by iana the great multicast-everything orgy of the late 80s.
Do let us know if the multicast portion of this patch here breaks anything:
https://github.com/dtaht/unicast-extensions/blob/master/p...
After fixing 240/4 last december....
We submitted the 0/8 patch in the hope that we would stimulate discussion of the more advanced patches, and it, um, went right upstream (0/8 really is uncontroversial, and john's been waiting for the standard to be changed since he co-invented bootp), and NOW we're getting the discussion on various forums over the last few days and I'm trying to keep up....
Posted Jul 17, 2019 10:53 UTC (Wed)
by naptastic (guest, #60139)
[Link] (3 responses)
Thinking about it more, my anxiety about multicast isn't warranted. All my applications that use multicast are IPv6-capable. If I, as the system administrator, am not willing to set up my network for IPv6 multicast, I have no room to complain.
So... before this thread, I was opposed to reclaiming multicast IPv4 ranges, but having learned more from you wonderful folks, I am now totally indifferent on the matter. Thank you!
(It might be mildly inconvenient if I have to reconfigure my firewall if other classes of networks get reclaimed. Meh: Progress necessitates inconvenience. MEH, I SAY!)
Posted Jul 17, 2019 16:41 UTC (Wed)
by luto (guest, #39314)
[Link] (2 responses)
ftp://ftp.cmegroup.com/SBEFix/Production/Configuration/co...
Posted Jul 17, 2019 21:34 UTC (Wed)
by mtaht (subscriber, #11087)
[Link]
As I said, 225/8-231/8 appear to be entirely unused in the world. 120m addresses.
Let's make 'em unicast!
Posted Jul 17, 2019 21:35 UTC (Wed)
by mtaht (subscriber, #11087)
[Link]
Posted Jul 16, 2019 23:19 UTC (Tue)
by mtaht (subscriber, #11087)
[Link] (6 responses)
Only a few routing daemons and related routing hw needs to be modified to make 240/4 globally routable. Babeld already has support, the FRR and bird folk have agreed in principle to make it work, juniper works with a flag, cisco's enterprise routers work, smaller scale ones don't. currently.
Posted Jul 16, 2019 23:40 UTC (Tue)
by Cyberax (✭ supporter ✭, #52523)
[Link] (5 responses)
Is it worth it now?
Posted Jul 17, 2019 3:23 UTC (Wed)
by mtaht (subscriber, #11087)
[Link] (4 responses)
Posted Jul 17, 2019 16:42 UTC (Wed)
by Cyberax (✭ supporter ✭, #52523)
[Link] (1 responses)
So yes, 7 years is about right. However, this assumes linear growth and it's probably not. For example, China has an official plan to move to IPv6 by 2025 with major deployments starting next year.
Posted Jul 18, 2019 6:19 UTC (Thu)
by cpitrat (subscriber, #116459)
[Link]
Posted Jul 17, 2019 20:31 UTC (Wed)
by farnz (subscriber, #17727)
[Link]
The trouble is that if you look at Geoff's IPv4 Address Report, we were consuming more than a /8 per month until we ran out of free-floating addresses. So cleaning up IPv4 needs to provide 84 /8s to get us to 7 years - for decades, you're looking at hundreds of /8s, which is going to get awkward…
Posted Jul 18, 2019 23:02 UTC (Thu)
by naptastic (guest, #60139)
[Link]
Posted Jul 13, 2019 9:25 UTC (Sat)
by dottedmag (subscriber, #18590)
[Link] (1 responses)
Posted Jul 14, 2019 1:24 UTC (Sun)
by naptastic (guest, #60139)
[Link]
I dunno about a "black market" but people sending spam or doing SEO are still willing to beg, borrow, or steal for IPs, given the chance.
Posted Jul 13, 2019 9:38 UTC (Sat)
by jem (subscriber, #24231)
[Link] (17 responses)
Sigh. This reminds me of the old fable The Tortoise and the Hare. Millions of new available addresses may sound impressive, but not so impressive when you realize they will be used up in a couple of weeks. Not to mention that "Getting the whole internet to allow that" is something that I don't think will ever happen. The effort spent on this would have been more wisely spent on promoting IPv6. More usable addresses... no, more usable /64 subnets would have been put to use for less effort. Granted, these addresses would be unreachable to some, but we will in any case inevitably reach a point in the future where IPv4 isn't capable of holding the growing Internet together.
Posted Jul 13, 2019 10:20 UTC (Sat)
by sytoka (guest, #38525)
[Link] (15 responses)
Posted Jul 13, 2019 12:02 UTC (Sat)
by ju3Ceemi (subscriber, #102464)
[Link]
From my point of view, there is nothing you can do to let ipv4 devices talks to a wider addr space : the IP is nothing but an unique identifier, which de facto makes your wish unrealizable
Posted Jul 13, 2019 13:51 UTC (Sat)
by farnz (subscriber, #17727)
[Link] (13 responses)
I hear that a lot from armchair designers, but I've yet to have one enumerate an actual way for IPv6 to be retro-compatible with IPv4 that isn't present in IPv6 already.
IPv4 addresses are a subset of IPv6 addresses - if you have an IPv4 address, then it also exists in (at least) five different forms for different (mostly failed) compatibility mechanisms in IPv6:
On top of that, SIIT got reworked into SIIT-DC, which allows a pure IPv6 network to choose a prefix for IPv4 use and do stateless NAT instead of NAT64. And, of course, you can do NAT64 or 464XLAT in a private prefix.
Each of these mechanisms has its own set of problems as compared to running dual stack networks; 464XLAT and NAT64 are only happening now because in the mobile world, operators are beginning to experience pain from running NAT'd IPv4, and reducing the need for NAT via IPv6 saves actual dollars. And, if nothing else, pure IPv4 has the advantage of zero change needed - any alternative IPv6 proposal needs to cope with IPv4-only hosts that refuse any form of change to support IPv6, otherwise you face the same problems as SIIT, NAT64, and 6to4 do.
Posted Jul 13, 2019 16:11 UTC (Sat)
by plugwash (subscriber, #29694)
[Link] (12 responses)
1. Routers don't relay by default, the relaying is handled by specific relay routers, which most ISPs don't implement.
A mechanism similar to 6to4 but designed to work with NAT (not to fight against it like teredo does) and that was implemented by default as part of every dual stack router and OS would IMO have eased deployment considerably.
Posted Jul 13, 2019 16:25 UTC (Sat)
by farnz (subscriber, #17727)
[Link] (11 responses)
The lack of relay routers will exist for any overlay network - and note that if you have IPv4 on both ends, you can route to 2002::/16 over IPv4 directly, not needing a relay router. There's no particular reason why all dual-stack routers weren't relay routers, except that operators did not want to support any IPv6 transition mechanism at all - not even 6to4.
And Teredo is as good as you can get given the way NAT works; fighting NAT is the norm when you're trying to tunnel through it.
As I said, it's easy to set the goals for a better mechanism, it's a lot harder to actually design it.
Posted Jul 14, 2019 2:55 UTC (Sun)
by plugwash (subscriber, #29694)
[Link] (10 responses)
Yes it will for any overlay network invented *now*.
If such encapsulation had been part of the core protocol from the start and relaying behaviour had been mandated or at least strongly recommended as part of every dual stack router then we wouldn't have the mess of relay shortages we have today.
> fighting NAT is the norm when you're trying to tunnel through it.
The alternative to fighting the NAT is to go with the flow of it, that is when deencapsulating. modify the V6 addresses to match the v4 addresses/ports.
Of course such an idea is unthinkable to the "end to end is sacred" crowd.
Posted Jul 14, 2019 3:18 UTC (Sun)
by gus3 (guest, #61103)
[Link]
That crowd should shift their thinking, to "just make sure the damn thing keeps working the way it did."
Posted Jul 14, 2019 10:17 UTC (Sun)
by farnz (subscriber, #17727)
[Link] (8 responses)
I'm not talking about overlay networks invented now - I'm talking about overlay networks invented back in 1999, when IPv6 was new. And 6to4 encapsulation was strongly recommended as part of every dual stack router back then; the only error, IMO, in 6to4, was the effort expended to try and get people to run public relays, when we would have been better off with 2002::/16 containing the entire IPv4 routing table over time, and with everyone routing their own subset of 2002::/16, on the basis that when native IPv6 arrives, we'd be able to turn it off.
Further, note that there's no-one able to mandate relay operation - operators want to control what they offer, and won't offer free services just for the sake of it, especially not expensive ones like relays.
Going with the flow of NAT is what NAT64 (called NAPT in early IPv6 documents) does. It's not been deployed until recently because provides zero gain unless you're planning to turn off IPv4 for large swathes of your network.
It's perhaps worth remembering that the whole reason Teredo exists is that Microsoft wanted an easy way for game developers to write NAT traversal multiplayer games; Teredo was their answer, in that game developers just write IPv6-only games ignoring the existence of NAT, and Microsoft handles the NAT traversal problem for you in Teredo.
Again, though, I don't see constructive answers on how IPv6 could have been technically better at retrocompatibility - just claims that it can't be fixed (despite the fact that the very fix you're suggesting was in IPv6 in 1999, and ignored by network operators), and an insult to the people working on this stuff. What protocol changes would you have made that make IPv6 more compatible with IPv4?
Posted Jul 14, 2019 10:37 UTC (Sun)
by ianmcc (subscriber, #88379)
[Link] (7 responses)
Posted Jul 14, 2019 11:02 UTC (Sun)
by farnz (subscriber, #17727)
[Link] (6 responses)
That has two problems, one inherent to variable length addressing, and one an upgrade problem, and also ignores the fact that IPv4 is already a special case of IPv6.
In IPv6, all addresses have same hardware latency, and IPv4 is a special case of IPv6 anyway (this fact is used by SIIT-DC with a per-DC IPv6 /96 matching all of IPv4, and was the idea behind SIIT).
Posted Jul 15, 2019 11:45 UTC (Mon)
by ianmcc (subscriber, #88379)
[Link] (5 responses)
Done properly, I don't think variable length addresses need to have a performance penalty, and indeed it might end up faster. Eg, if my ISP is allocated the address A.B.C, then they allocate their customers addresses of the form A.B.C.D. The routing tables only need to refer to A.B.C, and the IPS's routers only need to look up on D. My home network can use addresses of the form A.B.C.D.E (or additional devices hanging off something can get A.B.C.D.E.F et cetera). This doesn't change the lookup time for the upstream routers because they just ignore the parts of the address that are not relevant for them.
Posted Jul 15, 2019 13:30 UTC (Mon)
by farnz (subscriber, #17727)
[Link]
While problem 1 is common to IPv6 during the transition period, the problem with variable length addresses with 1:1 IPv4 compatibility for the source + destination are 4 bytes case is that the transition period is effectively infinite - there is never a penalty for refusing to migrate, whereas in IPv6 land, there is a penalty for failure to migrate once a tipping point is reached. For example, today it is the case that if you care about the performance of your servers when accessed via a mobile phone, you need to support IPv6, because for significant subsets of mobile users, IPv4 goes via a remote NAT, while IPv6 takes the shortest route.
And variable length addresses always have a performance or cost penalty in hardware, which never goes away. For a fixed size address, the router simply reads the address and acts on it. For a variable length address, the router has to read the length, read the first chunk of the address, mask off any parts of the first chunk of address that aren't valid, attempt to act on it, and then if the needed part of the address is longer than the chunk, repeat for the next chunk. Worse, if you're not cautious, router manufacturers will attempt to "get away" with not handling the full complexity - e.g. only route on the first N bits, and ignore the rest of the address - and if those routers become common, you've effectively shrunk the routable component of the address. We've seen this in IPv4 in the 80s, where routers fell back to a slow path if the routing prefix was too long (more than 16 bits), and we've seen this in IPv6 routers that only route on the first 64 bits of the address. Variable length addressing just makes this harder, because you also have to handle the pain that 32 bit "1.1.1.1" is not guaranteed to route to the same place as 64 bit "1.1.1.1/32", which is not guaranteed to route to the same place as 128 bit "1.1.1.1/32" (well, unless you remove the requirement that 32 bit "1.1.1.1" routes to the same place as IPv4 "1.1.1.1").
This extra complexity is inherent to variable length addressing, and makes the hardware more complex; in turn, this means that you either need more complex hardware to handle lookups in the same number of clock cycles, or you need more clock cycles to do the same lookup. Fixed length addresses avoid this - you always read a fixed size chunk and then act on it.
Posted Jul 15, 2019 13:46 UTC (Mon)
by excors (subscriber, #95769)
[Link]
I think the problem is that in practice, strict hierarchical addressing doesn't work. E.g. there's anycast, where the same IP address is advertised by multiple servers around the world, and users will get routed to whichever one is nearest (based on BGP's definition of "nearest"). Or for redundancy you might want one server to advertise a single IP prefix through two ISPs, so if one fails it'll get routed through the other.
Non-hierarchical usage of the IPv4 space has been a known issue for many years, causing significant expansion of routing tables (see e.g. https://bgp.potaroo.net/). That's quite a problem when routers store the table in expensive content-addressable memory (for efficient lookups), and the table size grows too large for the hardware.
There's a more fundamental issue with IP addresses being both "locator" and "identifier". Originally they were seen as locators, i.e. a hierarchical address that describes how to find the server with increasing specificity, with routing based on IP prefixes and CIDR etc. DNS mapped stable identifiers (domain names) onto addresses. DNS didn't work well enough for that, so nowadays IP addresses are often just identifiers and don't indicate anything about the actual location of the server (as with anycast and multihoming), but routing protocols weren't designed to be efficient identifier lookup services. Occasionally people have tried to disentangle the two concepts, like with LISP, but I don't know if they've had any success.
Posted Jul 15, 2019 14:47 UTC (Mon)
by imMute (guest, #96323)
[Link] (2 responses)
Posted Jul 15, 2019 15:10 UTC (Mon)
by farnz (subscriber, #17727)
[Link]
Note, too, that a variable length address space limited to N bits of address can be mapped into a fixed size address space of size N+1 bits. You add a prefix bit which is 1 if the next N bits are the full address, or 0 otherwise, and do this recursively. You can then unmap by counting leading 0s to retrieve the address size, strip the next 1 bit, and the remainder is the address.
In other words, unless your variable length address is greater than 127 bits in maximum size, it can be entirely mapped into IPv6.
Posted Jul 16, 2019 23:56 UTC (Tue)
by mtaht (subscriber, #11087)
[Link]
Posted Jul 16, 2019 23:29 UTC (Tue)
by mtaht (subscriber, #11087)
[Link]
And testing of course! We reached the point in our testbeds where nothing less than a global scale (e.g. a commit to linux mainline) test would prove anything.
Eventual politics and standardization efforts will eat 1000s more of (hopefully someone else's) time than either of these two phases.
IPv6 is way harder in many, many respects. And still, desperately needed.
Making 0/8 work, universally, is going to be *easy*.
Maybe if 0/8 creates enough controversy, someone will listen to me about what more is needed to accelerate ipv6 adoption.
Posted Jul 16, 2019 23:09 UTC (Tue)
by mtaht (subscriber, #11087)
[Link] (12 responses)
1) The context of the effort and talk: https://www.netdevconf.org/0x13/session.html?talk-ipv4-un...
And I like to think it's one of my better talks, despite the clothing malfunction.
Yes! we need faster ipv6 adoption! But if we want to interconnect with the rest of the internet ipv4 is still going to be required for a very, very, long time. Think hard about this:
I'd asked everyone in the room on the "just deploy ipv6" side - which I used to be on, too! - to think about "“Even if they have deployed IPv6, growing networks *must continue to acquire* scarce, increasingly expensive IPv4 addresses to interconnect with the rest of the Internet.”" -
And think harder on the ipv6 deployment problems. I have a long note about what's going wrong with that, too, which I need to finish and write up somewhere. I like to think we made one giant leap with the cerowrt project, but more major leaps are required to finish ipv6 adoption in any foreseable amount of time.
Anyway, the conclusion john gilmore, myself, and paul came to, that any way we thought about the future of the internet, more ipv4 addresses were going to be needed. Making 'em is a start. No matter what we do to make more... IPv4 prices look to skyrocket in the coming years.
Anyway, to answer another thought, 0/8 (16m) is more addresses than amazon, google, and facebook have, combined. 240/4, which we removed the last barrier to adoption for in linux last december, has 260m addresses. 225/8-231/8 have ~120m. Previous allocation policies DO need to be rethought in order to make best use of these, but first up is making it technically feasible at all.
Another thought: On any given day only about 700m ipv4 addresses appear on the internet.
Lastly... it might take 5-7 to make these address ranges fully usable... but even then, based on the ipv6 deployment curves in the above report, still seems worth it.
Always helps to have more folk helping, of course, please see https://github.com/dtaht/unicast-extensions for more info and patches to various daemons and other OSes.
Posted Jul 18, 2019 9:01 UTC (Thu)
by jem (subscriber, #24231)
[Link] (11 responses)
I believe the Internet is going to break up into two islands at some point anyway. There is only so much juice you can squeeze out of an orange. We will reach a tipping point where the cost of getting IPv4 addresses and the popularity of IPv6 make it more economical for some services go IPv6 only. The problem with today's thinking that IPv4 is the reference, and IPv6 some kind of add-on, combined with the exponential growth of the Internet, is that it will hit a wall at some point. I will not feel sorry for the companies going bankrupt because of this.
>Anyway, to answer another thought, 0/8 (16m) is more addresses than amazon, google, and facebook have, combined.
It is my understanding that Facebook moved to IPv6 on their internal network, because 10.0.0.0/8 was not enough for the size and topology of the network.
>And think harder on the ipv6 deployment problems. I have a long note about what's going wrong with that, too, which I need to finish and write up somewhere.
Please do, I would like to read about these problems. It's funny how some organizations seemingly have had no trouble deploying IPv6 half a decade ago, while others don't seem to be struggling hard. Which makes me believe they aren't struggling at all, they just have an attitude problem. Or how do you explain the great differences between ISPs within a single country? Or that there does not seem to be a correlation between deployment rate and the status of a country as a developing vs. industrialized nation? What explains that Google's statistics show Germany having a IPv6 deployment rate of 42% and neighboring Denmark only 3.54%? Or Malaysia at 38% vs. Indonesia 0.32%?
Posted Jul 18, 2019 9:56 UTC (Thu)
by farnz (subscriber, #17727)
[Link]
The other point is that between DSR and IPv4 in IPv6 tunnels for services, and the gradual move to IPv6, it's possible for someone like Facebook to stop needing more IPv4 as long as they have full IPv6 support.
This then decouples your growth from your IPv4 address needs to some degree; you need sufficient IPv4 that each load balancer can receive a full set of requests. With current hardware, that lets you receive tens of gigabits per second of upload to your service and requests for downloads per IPv4, while responses to the Internet are dealt with by DSR.
So, as long as people are actively migrating to IPv6 with IPv4 as an add-on, the demand for IPv4 will fall. You just don't need that much IPv4 per service user when you treat IPv4 as a secondary protocol.
Posted Jul 18, 2019 17:58 UTC (Thu)
by mtaht (subscriber, #11087)
[Link] (9 responses)
and think about it.
Posted Jul 18, 2019 18:27 UTC (Thu)
by mtaht (subscriber, #11087)
[Link]
Posted Jul 19, 2019 17:46 UTC (Fri)
by jem (subscriber, #24231)
[Link] (7 responses)
> The prospect of what some engineers have called “IPv4 runout” was the main reason for developing IPv6 in the first place. From an economic point of view, however, resources never just “run out;” instead, as their supply diminishes they become increasingly expensive, and consumption patterns adapt to scarcity with greater conservation and new forms of substitution.
Here we have the tortoise and the hare again. Take the number of potentially available IPv4 addresses. Let's say half of them change owners to make better use of them. We still have half of the available addresses left. Now half of them can be sold, and we still have half left!
> The incentives provided by the secondary market have led to the identification of millions of unused or underutilized IPv4 numbers by brokers such as IPv4 Market Group and exchanges such as Addrex and Hilco Streambank.
Remember, the demand for (old) new IPv4 addresses is one /8 per month (16 million).
The report compares IPv6 and IPv4 purely from a cost perspective, but fails completely (or I didn't find it) to consider the scenario that supporting IPv6 is a must for an ISP, or they will lose their customers. Let's say some reasonably popular services start popping up as IPv6-only, because that makes more sense economically.
Posted Jul 19, 2019 18:11 UTC (Fri)
by Cyberax (✭ supporter ✭, #52523)
[Link]
Once the remaining IPv4-only hardware is phased out (within the next 3-5 years), the only barrier preventing IPv6 is simply organizational inertia.
Posted Jul 21, 2019 2:49 UTC (Sun)
by mtaht (subscriber, #11087)
[Link] (1 responses)
I've been tired of typing of late, I was thinking pulling together a videoconference to discuss these issues would be fun. Would that work for you?
We used to do a thing on the vuc show pretty regular.
Posted Jul 22, 2019 2:00 UTC (Mon)
by Cyberax (✭ supporter ✭, #52523)
[Link]
Posted Jul 23, 2019 13:04 UTC (Tue)
by nilsmeyer (guest, #122604)
[Link] (3 responses)
That would require the cost of an IPv4 address to rise astronomically, and currently that's not how the economics of IPv4 work. Most customers I work with don't bother with IPv6 at all, when I'm in the position to set up infrastructure I usually just sneak it in since it's mostly a freebie. Then again, my personal servers currently don't have an IPv6 address assigned even though I have DS-Lite at home...
Posted Jul 23, 2019 15:49 UTC (Tue)
by farnz (subscriber, #17727)
[Link] (2 responses)
There's a degree of geographic luck involved, too - most of the developed world has enough IPv4 that there's no short-term shortage (no need to put everyone behind CGNAT, for example). IPv6 is thus something you do because you want it, not because you need it - it's worth it for the big players (Google/YouTube, Netflix, Facebook) because it lets you bypass CGNAT on mobile and in countries with IPv4 shortage, which improves your performance metrics.
In contrast, in a reasonable number of less developed countries, you're stuck behind CGNAT for IPv4 whether you like it or not, and need IPv6 if you want to run a server other than an onion service, or you pay for AWS/GCE/other services in a country with enough IPv4. If you're lucky, your ISP is sane enough to run 464XLAT or dual-stack; if you're unlucky, you're IPv4-only and have no choice but pay for Western services.
Posted Jul 24, 2019 7:33 UTC (Wed)
by jem (subscriber, #24231)
[Link] (1 responses)
According to Wikipedia, "RIPE NCC, the regional Internet registry for Europe, was the second RIR to deplete its address pool on 14 September 2012", after APNIC. AFRINIC was the last. The situation in North America may be a bit better.
Posted Jul 24, 2019 8:20 UTC (Wed)
by farnz (subscriber, #17727)
[Link]
It's not the RIR holdings of IPv4 that matter - the run out of a RIR simply means that new ISPs in a region cannot get started. Instead, it's the IPv4 holdings of each ISP in the region that matter, as compared to the size of their customer base; if (to choose an example that has deployed IPv6) Comcast in the USA has 50 million potential customers in its service area, and a total of 60 million IPv4 addresses across all its ASes, it can shuffle IPv4 around to get one IPv4 per customer, minimum, and thus no CGNAT.
In contrast, if an ISP in Botswana has 50,000 IPv4 addresses (half the total assigned to Botswana), it can't offer one IP address per user in its service area (it has to CGNAT 7:1 if it claims the whole of the current Internet market in Botswana, and worse if the Internet grows). Because the RIRs are out, said ISP can only grow by buying addresses from someone else when it needs them - so the incentive is there to CGNAT.
Plus, you then have user expectations to take into account; in the USA, people expect the experience they get from stateless routing by ISPs, and NAT under their control; this means that CGNAT is expensive, because it has to maintain state in such a way that a single device failure does not lose a user's NAT mappings. In other countries, CGNAT can be cheaper because it's all the local users have ever known, so it can be unreliable, and that's just the way the Internet is.
And IPv6 is a mutual thing for the big players and mobile operators - T-Mobile loses demand on its CGNAT (which they like), and the big operators get improvements on their latency metrics (which they like). Note that, for example, just-in-time sending of the next chunk of video involves smaller chunks if the latency from server to client is lower, and you can spend more time preparing a page for the same TTI if the latency is lower.
Posted Jul 26, 2019 11:29 UTC (Fri)
by meuh (guest, #22042)
[Link] (1 responses)
HP-PA / PA-RISC seems more maintained as an architecture, than, say, Itanium / IA-64.
In particular, QEMU has support for HP-PA / PA-RISC emulation, but not for Itanium / IA-64.
As I've never seen, nor used a physical HP-PA machine, I can only guess they're mostly some kind of mainframes, where upgrading to newer Linux kernel won't happen anytime soon.
So I wonder what the incentive is to keep updating HP-PA / PA-RISC alive, beside usual hacker motives.
Posted Jul 26, 2019 11:44 UTC (Fri)
by pizza (subscriber, #46)
[Link]
(It could be argued that the stuff that was easily ported from PA-RISC has already been done so (be it to x86/x86_64 or Itanium) so all that's left is the stuff that cannot be ported yet is so critical that it's worth emulating forever..)
Give it a few more years, and you'll probably see interest in Itanium emulation pick up.
5.3 Merge window, part 1
I would like to know more!
Commit? Background/context?
See this post. Commit 96125bf9985a.
0.0.0.0/8
0.0.0.0/8
5.3 Merge window, part 1
5.3 Merge window, part 1
5.3 Merge window, part 1
5.3 Merge window, part 1
5.3 Merge window, part 1
5.3 Merge window, part 1
5.3 Merge window, part 1
5.3 Merge window, part 1
5.3 Merge window, part 1
5.3 Merge window, part 1
5.3 Merge window, part 1
5.3 Merge window, part 1
5.3 Merge window, part 1
5.3 Merge window, part 1
5.3 Merge window, part 1
5.3 Merge window, part 1
5.3 Merge window, part 1
5.3 Merge window, part 1
5.3 Merge window, part 1
5.3 Merge window, part 1
5.3 Merge window, part 1
5.3 Merge window, part 1
5.3 Merge window, part 1
5.3 Merge window, part 1
5.3 Merge window, part 1
5.3 Merge window, part 1
5.3 Merge window, part 1
2. It doesn't work with NAT.
5.3 Merge window, part 1
5.3 Merge window, part 1
5.3 Merge window, part 1
5.3 Merge window, part 1
5.3 Merge window, part 1
5.3 Merge window, part 1
5.3 Merge window, part 1
5.3 Merge window, part 1
5.3 Merge window, part 1
5.3 Merge window, part 1
5.3 Merge window, part 1
5.3 Merge window, part 1
5.3 Merge window, part 1
5.3 Merge window, part 1
https://www.internetgovernance.org/2019/02/20/report-on-i...
5.3 Merge window, part 1
5.3 Merge window, part 1
5.3 Merge window, part 1
https://via.hypothes.is/https://www.internetgovernance.or...
5.3 Merge window, part 1
5.3 Merge window, part 1
5.3 Merge window, part 1
This will not happen until IPv6 is firmly in place. More realisticly, CGNs are a growing pain for ISPs and users and 464XLAT is a way to make them somewhat less painful.
5.3 Merge window, part 1
5.3 Merge window, part 1
5.3 Merge window, part 1
5.3 Merge window, part 1
5.3 Merge window, part 1
There's a degree of geographic luck involved, too - most of the developed world has enough IPv4 that there's no short-term shortage (no need to put everyone behind CGNAT, for example).
[IPv6 is] worth it for the big players (Google/YouTube, Netflix, Facebook) because it lets you bypass CGNAT on mobile and in countries with IPv4 shortage, which improves your performance metrics.
Google (including YouTube) and Facebook are doing operators like T-Mobile a big favor, because they generate a large portion Internet traffic, which means packets between the handset and YouTube doesn't have to go through NAT64. It's all end-to-end with no address or protocol conversion, like the Internet was originally designed to work, only using IPv6 this time.
5.3 Merge window, part 1
HP-PA / PA-RISC
The pa-risc architecture now supports dynamic ftrace
HP-PA / PA-RISC