Last IPv4 Addresses Allocated

February 3, 2011

Back in mid-January, I wrote about the scheduling of World IPv6 Day, June 8, 2011, which is intended to provide a large-scale test of the Internet infrastructure changes needed to support Internet Protocol version 6 [IPv6].  As I wrote in that post, we were nearly out of available addresses in the 32-bit IPv4 format.

Now, according to a post today on the “Law & Disorder” blog at Ars Technica, the last available blocks of IPv4 addresses were allocated this morning to the five Regional Internet Registries [RIR]; these organizations are responsible for issuing addresses to users in their geographic areas.  The RIRs still have addresses allocated to them that have not yet been used, but those will eventually be used.

In a ceremony in Miami this morning, the final five blocks of IPv4 addresses were given out to the five Regional Internet Registries that further distribute IP addresses to the far corners of the planet. The five RIRs still have tens of millions of addresses as working inventory, but once those addresses are given out, it’s over.

The RIRs differ in the size of their pools of free addresses, and also in the rate at which they are being used.  APNIC, which is responsible for the Asia/Pacific region, is closest to the edge, and will almost certainly run out of IPv4 addresses this year.  On the other hand, LACNIC (Latin America and the Caribbean) and AfriNIC (Africa) can probably carry on for a few years.  ARIN (North America) and RIPE (Europe, Russia, and the Middle East) are somewhere in between.

The Internet Engineering Task Force [IETF] has been working for a number of years on transition mechanisms to ease the IPv4 to IPv6 switch, and there is no reason to expect any major problem in the near term because there are no more IPv4 address blocks available.  But I hope it will serve as a wake-up call to the many organizations that have been dragging their feet about moving to IPv6.  There is still enough time to get things together, but the grace period will not be indefinite.

Incidentally, Ars Technica also has a good introductory article (dating from 2007) on the move to IPv6.

Update Thursday, 3 February, 22:25 EST

Wired also has an article on the allocation of the last IPv4 addresses, which has a little more explanation of some of the implications of the transition.

Microsoft Patch Tuesday Preview, February 2011

February 3, 2011

In keeping with its usual schedule, Microsoft released its Security Bulletin Advanced Notification for February, previewing the security fixes it plans to release next Tuesday, February 8.  This month the company will release 11 patches for Windows, and one for Microsoft Visio; three of these are rated Critical, and nine (including the Visio patch) are Important.  All supported releases of Windows are affected, each with at least one Critical vulnerability; the following table gives the breakdown by Windows version.

Windows Version Critical Important Moderate
Windows XP+SP3 2 6
Windows Vista 3 3
Windows Server 2003 1 7 1
Windows Server 2008 2 3 1
Windows 7 2 5
Windows Server 2008 R2 1 2 4
Visio 2002 / 2003 / 2007 1

Microsoft says that, of the 12 bulletins, 9 will definitely require a system restart; the other 3 may or may not, depending on the configuration of your system.

As always, this information is subject to change between now and the actual release of the security bulletins on Tuesday. I will post an updated summary after the release is made.

Google Releases Chrome 9

February 3, 2011

Today, Google announced the release of a new version, 9.0.597.84, of its Chrome Web browser, for all platforms (Mac OS X, Linux, and Windows).   The new version fixes nine security vulnerabilities (not all platforms are affected by all nine), and adds some additional function, including support for WebGL, which enables hardware graphics acceleration within the browser.  Further details of the fixed vulnerabilities are in the update announcement. More information on the new features is given in a post on the Google Chrome Blog.

Because of the security content of this release, I recommend that you update your systems to the new version as soon as you conveniently can,   You can use the built-in update mechanism (Help / About Google Chrome) on Windows machines; Linux users should be able to get the new version using standard package update tools (e.g., apt-get, synaptic).  Alternatively, you can download installation packages here.

%d bloggers like this: