The Addressing Crunch
By Kevin Werbach, Thu Apr 19 00:00:00 GMT 2001

What started with PDAs and mobile phones is quickly extending to music players, gaming machines and thousands of other handheld devices. How will the Internet cope with such rapid growth?

There are two big problems with the current state of addressing on the Internet and wireless networks: too many addressing systems, and not enough addresses. How these emerging tensions are resolved will have a significant impact on the future of the mobile Internet.

Addressing is essential to any network. In order to call you, I need to know your telephone number. If I want to send you an instant message or you want to download a file from my Website, our machines must be able to find one another. Addressing becomes even more important when users are mobile, because devices are no longer tied to physical locations.

Though it sounds dry and technical, addressing plays an important role in defining how networks operate. And that influences everything from service offerings to level of innovation that occurs. For example, interoperability of addresses makes it possible for new technologies to spread rapidly. Email took off in the early 1990s when users on different networks could communicate with each other transparently for the first time.

The Web took advantage of the introduction of uniform resource locators (URLs), which made it easy to specify any resource on the Net regardless of its file type. Imagine what the world would be like if my mobile phone couldnít call yours because we had incompatible address spaces!

Running out of numbers

IPv4, the version of the Internet protocol most of the Net uses today, employs a 32-bit addressing scheme. In other words, the Internet could theoretically handle 232 or over 4.2 billion unique nodes. That sounds like a very big number. It must have sounded like an inexhaustible number when the protocol was being defined, back in the days when the entire Internet had only a few thousand connected computers.

Nonetheless, IPv4 is running out of gas. One problem is that companies don't necessarily use address space in the most efficient manner. IP addresses are assigned in blocks, and many organizations were assigned massive blocks years ago that far exceed their needs. There are some 300 million Internet users worldwide, and the number of Internet-connected devices is growing much faster than the number of people online.

More than 200 million mobile phone handsets were sold worldwide last year. In the next few years every phone sold will be capable of some Internet connectivity, in addition to a huge number of handheld computers such as Palms. Not to mention massive numbers of embedded Internet-connected devices residing in everything from cars to buildings.

Some solutions to the addressing crunch cause problems of their own. Devices such as firewalls and network address translators (NATs) are being deployed throughout the network, either to cope with address scarcity or for other reasons such as security. NATs translate between public addresses visible to the outside and private addresses on the other side. One advantage is that a single NAT, with one IP address, can sit in front of many devices, conserving address space. But if a NAT encounters traffic from an unfamiliar application, it may have difficulty identifying the destination address. At that point the application breaks.

Application developers and network administrators these days have to spend an increasing amount of time routing around NATs and firewalls. Beyond inefficiency, such workarounds make new services less likely to be developed and make services less likely to interoperate with one another.

Not just the Internet

Address scarcity is not just an issue for the Internet. Telephone networks have also been running out of numbers, thanks to the explosion of second lines, fax machines and mobile phones. Competition among carriers has worsened the problem, because numbers are assigned to these companies in huge blocks whether or not the use most of them.

As prices have dropped and new services have become available, usage has skyrocketed, putting demand on addressing schemes. AT&T created toll-free service in 1967, and from that time through the mid-1990s the service got by in the US with a single area code (800). In the few years since, not only has 800 been exhausted, but two follow-on codes (888 and 877) have been as well. Many countries, including the UK, have been forces to restructure their telephone numbering systems, creating huge levels of confusion and inconvenience when users have to change their numbers.

Now, imagine that every Internet device is also a telephone, and vice versa. Thanks to IP telephony technology, itís possible to make a voice telephone call over an Internet connection. Companies such as Cisco and 3Com are encouraging companies to throw out their office phone systems and route their voice calls over the data networks, saving costs of network duplication and enabling new features. Standards such as the session initiation protocol (SIP), which supports call-control features over IP, and VoiceXML, which allows developers to create voice-based applications as easily as Web pages, are bringing the Internet and the telephone world together.

Efforts are underway to develop addressing structures for this hybrid world. In particular, the ENUM protocol developed through the Internet Engineering Task Force (IETF) allows telephone numbers to piggyback on the Internetís domain name system. When a telephone number is registered with an ENUM registry, someone contacting that number will be able to locate computers, phones or other devices reachable through the Internet. This way, phone calls can be routed over the Internet using ordinary telephone numbers without ever touching the public switched telephone network.

Major issues remain before ENUM is widely deployed. One concerns the administration of the system. Private companies have already established ENUM registries, but the IETF and the International Telecommunications Union are arguing there should be a sing public ENUM root managed by the national numbering authorities that administer telephone numbers.

Beyond IPv4

The IETF is also working to overcome the scarcity of IP addresses. Work in on a successor to IPv4 began in 1994, and the proposed IPv6 has been a draft standard since August 1998. IPv6 offers a 128-bit address space, which supports 264 or 18,446,744,073,709,551,616 separate networks, each of which can include 264 unique devices. Those are big numbers, equivalent to 1,5000 addresses per square meter on the planet. The Net has a way of exceeding expectations, but it's hard to imagine the IPv6 address space being exhausted in the foreseeable future.

However, IPv6 deployment has been slow. Itís a chicken and egg problem: software and hardware vendors have little incentive to incorporate IPv6 if the networks they connect to donít support or require it, but those networks are reluctant to deploy IPv6 until there are enough devices and applications using it.

IPv6 is an engineerís solution that addresses the address shortage and makes other enhancements to IP, but so far end users and corporations havenít seen compelling business advantages to adopting it. In addition, researchers recently discovered security flaws in the mobile implementation of IPv6 that could allow eavesdroppers to spoof legitimate devices.

A thousand addressing schemes bloom

While the IETF has been pushing IPv6 with limited success for several years, a number of companies have taken matters into their own hands and created new addressing systems of their own. Major peer-to-peer applications such as instant messaging (AOL Instant Messenger and ICQ) and the Napster music-sharing service often incorporate purpose-specific addressing structures to allow direct communication between nodes.

The important element here is that these systems make it as easy to send information as to receive it. Because most users have dial-up connections to the Internet that are not permanently online, they typically donít have a unique IP address assigned to them. Instead, Internet service providers dynamically assign an address from a common pool each time the user logs on. Under this arrangement itís easy to download files from a Website, but setting up your own server is difficult. Services such as Napster overcome this limitation by allowing every user to pick their own address, though this address only works when communicating with other Napster users. Other applications have created their own private address spaces in the same way.

The danger is that these application-specific addressing spaces will be incompatible. If all you want to do is share music files, the Napster addressing scheme is fine. But if you want to be a full-fledged network participant, engaging in whatever Internet-based services you wish and communicating with all other devices in the network, you need to have some addressing mechanism not tied to a specific application.

Microsoft is wading into the addressing battle with its Hailstorm initiative. Hailstorm, an element of Microsoftís far-reaching .Net vision, is a set of technologies to enable identity-based Web services. The notion is that each user would have network-based resources such as calendars and file storage, which could be accessed securely from any Internet-connected device and fed into other Web-based applications.

At the core of Hailstorm is Passport, Microsoftís identity-management service built upon the technology it acquired when it bought pioneering personalization startup Firefly. Passport stores personal information on servers so that users need not log in and specify their preferences each time they visit a site.

Microsoft claims some 160 million Passport users, largely because it has made Passport the authentication mechanism for its own Websites such as Hotmail and MSN. Microsoft makes a powerful argument for a unified Internet identity infrastructure. However, many users are uncomfortable with the idea that Microsoft would be the company managing that infrastructure, and doing so through centralized data repositories.

The future

Where all this goes is anyoneís guess. On the one hand, it would be nice to have one Łber-addressing system so that it was easy to find every person, at every time, on every device. On the other hand, it often makes sense to have different addresses for different purposes. An email message is different from a phone call, which is different from a request for a Web page, and the different addressing structure for each communications mechanism reflect those differences.

Technologists have always focused on identifying machines on a network. When each device corresponded to one or more individuals, this approach made sense. But increasingly, each user has many devices, and the same device may be used in many different locations and for different purposes. What we really need are ways to identify people, with the machines being secondary. But the easier it becomes to identify people, the more difficult privacy and security issues need to be addressed.

Watch the developments in Internet addressing closely. The approaches and systems that win out will go a long way to defining the shape of the converged voice and data networks of the future.

Kevin Werbach is the Editor of Release 1.0, an influential monthly report that covers the converging worlds of technology, communications and the Internet. He also co-organizes the annual PC Forum and High Tech Forum conferences for technology industry executives.

Kevin is known worldwide as a leading thinker on topics such as the future of e-business, network architecture, convergence and technology policy. An active participant in online communities for over fifteen years, he is particularly interested in the complex ways that new technologies intersect with markets and society.