Three reasons we need IPv6 …in Kubernetes
Will we get to the point they create an ETF fund that tracks the IPv4 address price?
This post was originally a Twitter thread, but posting it here for posterity.
First Reason
IPv4 has a limited number of resources. The number of private IPv4 addresses in RFC 1918 is less than 18 million.
Some service providers with over 18 million subscribers would hit this IPv4 address space limitation and become IPv6 early adopters.
Yes, NAT (Network Address Translation) has helped extend the lifespan of IPv4. But it doesn’t help in scenarios where you need to uniquely “identify” a given resource.
So, I try not to get triggered by messages like:
What about Kubernetes?
The Microservices Platform team at Mercari shared some interesting insights about their addressing plan. 8 Kubernetes clusters would consume 12% of the RFC 1918 IPv4 address pool. Check out Network Architecture Design for Microservices on GCP.
But my major concern is this addressing limitation may lead you to other networking problems; “enable a flat L2 network” as they describe.
The good news is we have plenty of GLOBAL IPv6 addresses.
Second Reason
So you might think, this is boring, technical stuff, these are just implementation details… However, it’s becoming a business problem, especially for cloud providers.
You want to buy IPv4 addresses before they do. Supply and demand!
I’m going to repeat this because I think is important. You want to buy them before they do.
Two years ago, the price of each IPv4 address was exceeding $20 each. This means a network costs:
- /24 -> U$ 5.000
- /16 -> U$ 1.300.000
- /8 -> U$ 16.500.000
Andree Toonk estimates the price of each IPv4 address at $34 today (IPv4 for sale — WIDE and APNIC selling 43.0.0.0/8). However, they are paying up to $60 for each address according to https://auctions.ipv4.global/prior-sales (Thank for the tip Aaron).
The good news is IPv6 addresses are practically free.
Third Reason
If you try to interconnect Kubernetes clusters, you will end up building an overlay, as you cannot route private address space over the Internet.
This introduces complexity to your network design. More details here: Kubernetes multi-cluster networking made simple.
How do you VPN without a middleware? You can run a VPN from the hosts, removing any requirements from the network, hence you have a simpler network.
You don’t need NAT nor VPN middleware with IPv6
Conclusions
IPv6 in a nutshell:
✔️ We have an almost unlimited number of IPv6 addresses
✔️ IPv6 addresses are practically free
✔️ IPv6 Simplifies Network deployments
This is all part of a presentation I did sometime ago with a typo in the TITLE which I just realized.
