Thursday, December 18, 2008

Is The Internet in Trouble?

My profession is in large enterprise networking. Much of my work in the last few years has been to leverage the power of the Internet for my employer. In that regard there is much to be gained building relationships and collaborative ventures with business partners, vendors and customers via the Internet. Everyone is doing it.

However, it is unwise for any business to put all their eggs in one basket. There are growing concerns that the Internet as it is constructed is reaching its limit. As well known Internet architect-guru John Day once said: "The Internet architecture has been fundamentally flawed from the beginning. It's a demo that was never finished."

With all the talk of net-neutrality and IPv6 and the coming exponential growth of demand as TV, movies and newspapers move inexorably to an Internet distribution model it's almost inevitable that we are heading for a crash. Some say as early as 2012.

Today's Internet was mainly designed together with the TCP and IP protocols in the 1970s and early 1980s. TCP or Transmission Control Protocol and its famous three way handshake is what has made the Internet as reliable as it is today. It has inherent error checking built in that ensures that the data/content you requested is delivered. IP or Internet Protocol shows TCP the way. You may have heard the term IP address in your computing career - and that's exactly what it is - an address that points the way to your computer. For all intents and purposes it's hardly any different than the street address on your house. But just like back before the days of postal zip codes in 50's and 60's the system is becoming too large for something as quaint as IPv4.

For a while network address translation or NAT together with CIDR and VLSM helped stave off the inevitable depletion of available IP addresses. NAT allowed you to do a "many to one" scenario behind an Internet connected firewall so that from a web server's stance hundreds or thousands of connections all appeared to coming from the same address. The firewall would maintain a table of private addresses to deliver the request "inside" to a unique computer. CIDR and VLSM in a nutshell allowed network engineers to carve up large networks and route the traffic efficiently without wasting address space. OK that's a lot of mumbo jumbo that basically describes a band aid.

The problem now is that what we are doing and what we want to do with the Internet is going to bring the current architecture to its knees. In today's Internet, a URL or web site name first must resolve to an IP address - a street number if you will, and then to a well-known port, like say, an apartment number for example. If a system has multiple interfaces (such as when it's multihomed - a computer with more than one address for the same physical place), it has multiple aggregate-able IP addresses. The Internet routers can't tell, however, that these different addresses go to the same place (because there's no defined mechanism for this), the system has to be assigned a non-aggregate-able address, which increases everyone's router-table size. In practice, that means that either most users can't use multihoming, or routing tables must increase causing a strain on an rickety system. The system as it was designed is revealing its limits.

In the case of raw bandwidth there is good news. With fiber optic cable having been put down with abandon in the late 90's by Qwest, Global Crossing, AT&T and others we should have bandwidth to spare. That's all fine and well, but what good is a super highway with billions of unicyclists going every-which-way without guard rails and coherent signage.

IPv6, the next generation of IP protocol will not in and of itself solve the problems of mutihoming or network mobility, but rather shine the light on the Internet's inherent transport limitations. One of the biggest challenges surrounding adopting IPv6 is that nearly all the applications in use today are potentially impacted. Each and everyone one of them would need to be explicitly enabled to work with IPv6. We can't underestimate what a huge challenge that would be. Considering what I know of human nature there will be gazillion widely deployed and beloved applications that will never, ever be upgraded. Essentially the de facto APIs in use today are more or less tied to TCP/IP rather than along the lines of - ConnectTo: DNS name, service or port. Have you heard the term - painted into a corner?

What many in my field euphemistically call PFM (Pure Friggin Magic) to explain how all this Internet stuff works in a fashion that is greater than a sum of all its parts, we will be left standing mouth agape with our keyboards in hand when the bottom finally falls out. Just knowing how people go absolutely ape when their e-mail doesn't work it will not be hard to imagine what will happen when commerce comes to halt on The Day The World Wide Web Stood Still!



John Curran said...

Craig -

It's true that we're going to be experiencing an interesting event in a few years, but it predominantly impacts the Internet Service Provider community, in that it will become more difficult to connect new businesses to the Internet due to inability to obtain additional IPv4 address space. The secondary impact will be the push for everyone to upgrade their web and email site to support IPv6 in addition to IPv4, as this will significantly reduce the transition work for ISP's everywhere who continue to grow the Internet via IPv6.

It's not envisioned to be a "flag day" cutover, and it may not even be noticed by the vast majority of Internet users. For more information on one possible transition plan, refer to Internet RFC 5211.