URLs, IPs and interception

Roland Perry ukcrypto at chiark.greenend.org.uk
Sun, 2 Mar 2008 09:05:31 +0000 

In article <32E17AB0-F603-4F6F-A16C-74CFB104F00E@batten.eu.org>, Ian 
Batten <igb@batten.eu.org> writes
>> But you can't always access a website purely by IP address.
>
>And haven't been able to since the introduction of name-based virtual 
>hosting, made possible by HTTP 1.1.  I presume that in these days of IP 
>numbers being a shortage resource (Between 1992 and 1995 GBnet gave us 
>12 Class C IP numbers on the back of a 256K connection; last month COLT 
>gave me a /27 (32 addresses) on the strength of a pair of 10Mbps 
>connections) name-based virtual hosting is becoming more and more common.

IP addresses are issued on the basis of need, and requests are 
scrutinised much more rigorously these days. If you want to run a 
hundred real servers on that COLT line (or can demonstrate why you need 
a hundred clients with public IP addresses), there should be no 
objection to having sufficient addresses (although putting the servers 
in a co-location facility might be a better connectivity strategy).

My impression is that virtual servers were more driven by wanting an 
easy way to have multiple sites on one *box*.

There's still over a billion free [1] ipv4 addresses, although they are 
running out quickly [2]. (approx 110 /8 equivalents are advertised as in 
use, and 50 are allocated but not advertised [3]). 40 are still "in 
stock" at IANA, plus the free pools at RIRs - about another 20.)

However, there is considerable asymmetry on the Internet with clients 
vastly outnumbering servers. Over time the clients will increasingly 
hide behind NATs, and servers (whether real or virtual) will need to 
retain a public ipv4 address for the purposes of "dual stack" based 
transition to ipv6. However, there should be plenty of address space for 
deploying enterprise servers, one way or another.

[1] Combination of unused at IANA, RIRs and ISPs.
[2] Three years to go, according to current run-rate.
[3] Although perhaps half of this may never be advertised unless it is
      recovered from current registrants [4] and redistributed.
[4] The big debate at the moment is whether that can be done by
      "compulsory purchase", or does a free market have to develop.
-- 
Roland Perry