Writing

Feed Software, technology, sysadmin war stories, and more.

Wednesday, May 16, 2012

Tiny bubbles of IPv4 in future IPv6-only networks

Sometimes I get ideas about things which won't need to exist for a very long time. That doesn't stop me, of course, so I keep pondering them, and stir in a dose of reality. The way people operate now when they buy things in bulk to do some menial job is probably going to be the same in a few decades. This shapes the ultimate design of my vaporware product idea.

Let's say it's quite a number of years from now, and people are starting to set up local networks which are IPv6-only. For whatever reason, they don't run IPv4 on the same wire. I'm going to assume this will be rooted in some kind of corporate decree stemming from a shortsighted technology decision. It's the sort of thing like this: "enabling both causes X and Y to happen, so we're just going to abandon 4". Someone will probably push this forward in order to accomplish one of their quarterly goals.

Just like now, this bulldozing of things in order to make their goal will overlook something that's been largely forgotten but is rather important. They will forget that their network includes a number of old embedded devices which only speak IPv4. These are cameras, thermostats, door sensors, and so on. They are relatively dumb devices which have been installed in hard-to-reach places for years and just keep working.

So now they have a problem. Going to "all 6" is going to leave those devices useless. That's not an option. They can't exactly go and replace all of them, because maybe some of them aren't being made any more (say, for a proximity card technology that's past its prime), and besides, it would be crazy expensive. They forgot about them, so they never budgeted for replacing all of them, including the physical labor of actually reaching some of these things (a variety of interesting and hard-to-reach places).

They can't stay where they are, but they can't go forward, either. Now what? Well, they need a solution which will let them go forward while holding back little pockets of the network in a way that's nigh-impossible to screw up. It also needs to be affordable.

This is where my idea comes in. Someone will make a little box which has a pair of RJ45s and some kind of embedded firmware inside. One side goes to the old device, and one side goes to the new network. For bonus points, it should be designed with these ports spread to either side of the device instead being next to each other, and the outer plastic clamshell should have huge colorful arrows and labels, like "<--- OLD " and "NEW --->", so it's hard to get wrong. It might also have a barrel connector or similar for power. If it uses power-over-Ethernet, then it'll need to also pass that through somehow.

Anyway, inside the box, it'll have just enough brains to join the IPv6 network on the "NEW" side while also creating an entire IPv4 Internet from whole cloth on the "OLD" side. Its job is going to be to consistently map any given 128 bit v6 address to a usable 32 bit v4 address inside its "bubble". Then it just has to throw traffic back and forth.

The consistency in mapping will need to be preserved across multiple instances of these vaporware devices. That way, you can be sure that any given v6 address will map to the same v4 address behind all of these devices. That way, you can just grant access to that on your cameras, thermostats, or whatever, and that same setting can be applied universally to your legacy v4-only stuff.

Obviously, when you hash 128 bits down to 32, there will be collisions, but that's nothing new to this situation. The general goal here is to ensure that you can use multiple host addresses within a typical corporate v6 network and still be able to tell them apart within the v4 "bubbles" behind these hypothetical devices.

There is a catch here, of course. This assumes that everything the original device does works by having other systems connect to it. If it needs to connect outward for some reason, you're in a world of hurt. I'm mostly thinking about these cheap "IP cameras" and things of that nature where they just sit there and wait for something else to connect and start polling.

I have to admit that part of my inspiration for this device is looking to tweak the IPv6 wonks who insist that NAT is evil and must never be allowed to touch their precious addressing scheme. I just have this feeling that the clammy fingers of reality are going to reach out and force this issue sooner or later, and devices like I have described here will be the result.

If this becomes successful, expect to see a small number of web sites pop up which offer to run the "XYZ calculation" which gives the expected "bubbled" v4 address from a given v6 address. It's no different from what happens with corporate technology today: people get stuck running it, and rely on the results of random web searches to cargo-cult their way through it.

There's my idea. Let's see what the future brings.