Silkenweb Example: Hackernews Clone

AWS is estimated to make $400M to $1B with the new IPv4 charge

71 points by atyvr 1 year ago | 76 comments

luhn 1 year ago
What's really offensive about this is that AWS does not have good enough IPv6 support for most customers to migrate off of IPv4, even if they want to.
ALB uses 2-4 IPv4 addresses. It supports dualstack, but not IPv6-only.
CloudFront does not support IPv6 origins.
All APIs except for a handful are IPv4-only, so you either need a VPC endpoint (priced per month per AZ per API) or an IPv4 address to communicate with them.
It frustrates me that I'll be paying for a bunch of IPv4 addresses that I don't need for any business reason, I only have them because they're necessary within the AWS ecosystem.
- kichik 1 year ago
  I find the lack of IPv6 support for their own APIs the most insulting. In my case, I would end up paying more for VPC Endpoints than I would for IPv4 addresses. There is no escaping from this new fee. I really hope they resolve this soon.
- fulafel 1 year ago
  It's also pretty ridiculous their reverse proxy (ALB) "dual stack" mode can't serve IPv6 clients unless your backend app server is also IPv6. This is so much worse than anything you'd set up yourself.
  - zokier 1 year ago
    That doesn't seem right, for example this reddit thread (yeah, I know) says that ipv6 alb -> ipv4 target should work fine: https://old.reddit.com/r/aws/comments/1145bcw/dualstack_alb_...
    - fulafel 1 year ago
      Like most of the people in the linked reddit thread, I read the docs (and web search results[1] and LLM answers) as requiring v6 behind the ALB too. Not taking the poster's word for it yet but could be worth another look.
      [1] https://repost.aws/knowledge-center/elb-configure-with-ipv6
- zokier 1 year ago
  https://docs.aws.amazon.com/vpc/latest/userguide/aws-ipv6-su...
  yeah, that's a sad table. AWS has gazillion services and handful have even basic dual-stack support and even fewer have ipv6-only support :(
jedberg 1 year ago
What's interesting to me is that they always had this cost, but in the past it was always baked into the cost of anything that used a public IP (namely EC2).
The prices for IPv4 addresses finally got so high that they had to break it out into a separate charge because otherwise it would be too much to bake into the cost of everything. I also completely believe them when they say they are doing it to force people to be more intentional about their use of public IPv4.
And of course it's a great way to get people to move to IPv6, since those are still "free" (in quotes because those prices are still baked into the things that support them).
- jenny91 1 year ago
  > And of course it's a great way to get people to move to IPv6, since those are still "free" (in quotes because those prices are still baked into the things that support them).
  They are basically free because there is no shortage of them.
  - jedberg 1 year ago
    The costs to AWS are having to upgrade all their routers and any other equipment that handles IP (including the management cards in each physical host).
    - vel0city 1 year ago
      What percentage of their routers were acquired pre-IPv6? S3 wasn't publicly available until 2006, EC2 followed later. Was most enterprise networking equipment in the mid 2000's still without IPv6 support?
    - tormeh 1 year ago
      There is no way AWS has any equipment that is not IPv6-ready. These things are replaced about every 5 years or so. I bet it's all software that assumes IPv4, which is arguably worse.
    - kjs3 1 year ago
      AWS is holding onto those routers running something earlier than, what, IOS 12.4 from 2005? And all those servers with iDRAC6s from, what, 2012?
      Some day people will stop pretending IPv6 support is something that hasn't been ubiquitous in network gear for a decade or more.
    - organsnyder 1 year ago
      Surely by now all of their equipment can support IPv6 with at most a firmware upgrade?
- spott 1 year ago
  Did they reduce the cost of everything that it was baked into? Did EC2 instances get cheaper?
  - jedberg 1 year ago
    If history is any indication, they would either reduce the cost or just not raise it for a while. AWS is usually pretty good about keeping their profit percent steady and adjusting prices accordingly.
bombcar 1 year ago
This is the only way IPv6 will ever finally take off; if there's a cost to IPv4.
- asmor 1 year ago
  Money is a terrible discriminator unless you want to advantage the rich. This would fuck up connectivity for everyone that relies on affordable hosting long before it'd force a rusted old enterprise to adopt IPv6.
  dig github.com AAAA
  - mdaniel 1 year ago
    I hear you, and do appreciate your point. But, what other incentive alignment levers are available for corporations than their bottom line?
    Also, I'm just saying:
```
  $ dig gitlab.com. AAAA
  2606:4700:90:0:f22e:fbec:5bed:a9b9
```
    I'd bet that's in no small part due to them hosting on GCP
    Interestingly, it seems AWS is the outlier in the "IPv6 control plane is a fad" stance
```
  $ dig admin.googleapis.com. AAAA  # as one might expect
  2607:f8b0:4005:810::200a
  $ dig management.azure.com. AAAA  # which surprised me
  2603:1030:a0b::10
  $ dig ec2.amazonaws.com. AAAA  # :trollface:
  $ dig ec2.amazonaws.com. A
  209.54.181.135
```
    - colmmacc 1 year ago
      $ dig AAAA ec2.us-east-1.api.aws ... 2600:1f70:8000:a0:41d7:f53b:34f4:5798
      The EC2 API is available over IPv6. AWS services that support IPv6 for their APIs use the .aws TLD and the SDKs and CLIs know how to invoke that when IPv6 is preferred. See https://docs.aws.amazon.com/general/latest/gr/rande.html#dua...
      The reason is for backwards compatibility. If IPv6 was simply added to the original names, some clients would instantly shift from using IPv4 to IPv6 and in the process break any customer IAM policy in place that is restricted by IP address. Some day it may be the right call to let that kind of breakage happen, but for now the preference is to ensure that customers are not surprised.
      See also: https://docs.aws.amazon.com/vpc/latest/userguide/aws-ipv6-su...
crazygringo 1 year ago
> So the approximate value of Amazon's IPv4 estate today is about: $4.6 Billion dollars!
> AWS will likely make anywhere between $400 Million and $1 Billion dollars a year with this new IPv4 charge!
In other words, it's not clear AWS is "making" anything at all. It might take them over 10 years to pay back the cost of what it would take to acquire them today.
Now I assume Amazon is making some level of profit on them, but the article seems to confuse income with profit. "Making" money is generally understood to mean profit, not income.
- akerl_ 1 year ago
  The IPv4 space almost certainly did not cost them $4.6 billion to acquire. They acquired it much cheaper, and they can’t reasonably sell it because they need it for users. So charging for it when they previously did not nets them revenue they were leaving on the floor before.
  - crazygringo 1 year ago
    The exact price doesn't matter. The point is, it's wrong to conflate profits with income. You need to subtract costs before you can declare that Amazon "makes" a particular amount of money.
    You are of course correct that this gives them revenue, my point is that the article is falsely framing this entirely as profit.
    - akerl_ 1 year ago
      The costs were already paid. AWS bought that IP space over the past decade. On their financials for 2024, the cost of the IP space they already held is zero.
- jedberg 1 year ago
  They already own those IPs and there is no ongoing fee to keep owning them. So everything they make is profit since they costs have already been accounted for.
  Like if you already owned a piece of land and let people rent houses on the land, and now you're charging them extra rent per square foot of land. You already own the land, so it's pure profit, because before you were including the cost of land in the houses. But of course the metaphor breaks down because at AWS you can move to IPv6 to avoid the cost, but you can't move the house off the land.
  - crazygringo 1 year ago
    That is not correct.
    IP addresses are intangible property and, at this scale, their cost would probably be amortized over a period of e.g. 20 years.
    For accounting (and tax purposes), it's not one big up-front cost where everything that follows is pure profit.
    Just because costs happen before income, it doesn't follow that all the income is profit. You have to look at things over the expected useful time frame of property.
- lotsofpulp 1 year ago
  > Now I'm sure Amazon is making some level of profit on them, but the article seems to confuse income with profit. "Making" money is generally understood to mean profit, not income.
  Common clickbait tactic, hence avoiding the use of falsifiable terms like net income or profit.
- Elective1565 1 year ago
  But did they acquire them all today? (No, no they did not.)
greatgib 1 year ago
What is raging is to know that IP v4 address ranges are provided at no cost to organisations. And even if they still had to acquire some from other organizations at a cost, there certainly don't have to pay a regular fee to keep them.
So in the end, they take a public good that is basically free, a lot lot lot of it, and like a hold up they make a lot of money racketeering you monthly because you are too insignificant to be allowed to own your own ips...
- greyface- 1 year ago
  This is not true at all, at least in the ARIN service region.
  * Aside from a very minimal amount of space allocated for v6 transition technologies[1] and from the waitlist[2], organizations do have to pay market rates for IP addresses.
  * Organizations do need to pay a yearly fee to keep them, which scales with the amount of address space held.[3]
  * You are not too insignificant to be allowed to own your own IPs - anyone can establish at least 2 peering relationships, ask ARIN for an ASN, and acquire some IPs.
  [1]: https://www.arin.net/participate/policy/nrpm/#6-5-3-1-subseq...
  [2]: https://www.arin.net/participate/policy/nrpm/#4-1-8-arin-wai...
  [3]: https://www.arin.net/resources/fees/fee_schedule/
ChrisArchitect 1 year ago
Related discussion on the ipv4 change announcement 6 months ago:
AWS to begin charging for public IPv4 addresses
https://news.ycombinator.com/item?id=36989798
tiffanyh 1 year ago
If Google just banked $3B by extending their server depreciation schedule, imagine how much more profitable AWS would be if they also did the same.
https://news.ycombinator.com/item?id=39199841
I wouldn't be surprised if AWS are holding back on implementing this financial change for a future raining day quarter ... because it'd have a bigger impact than IPv4 billing.
digitalsushi 1 year ago
Jeez. Eventually someone is going to break down and invent a new IP solution that doubles the number of addresses that we have now.
I mean if I were doing it, I'd probably make it more like 1,028 times bigger but maybe it would present as hubris. Addresses would be so plentiful they'd basically be free.
And since I am using magic to do all of this, I'd invent it over 20 years ago, so that it'd have been decades since we were still talking about it.
- ericpauley 1 year ago
  This ongoing "IPv4 with more bits" meme needs to die.
  There was no way to change IPv4 to have more address space while maintaining compatibility with existing routers. Routers are hardware-accelerated so can't just support new protocols with a software update.
  If you need a new protocol, why just lengthen the address without fixing other weaknesses, since you'll never be able to change it again? This is IPv6, and while you can argue some changes weren't necessary, it is simply not true say that IPv4 with extra bits would have been easy.
- anyfactor 1 year ago
  "If we don't study the mistakes of the future, we're bound to repeat them for the first time." - Ken M
- hn8305823 1 year ago
  And I would make sure it had complete feature parity with IPv4 (DHCP, VRRP etc) instead of embarking on a religious crusade to reinvent the way devices connect.
  It took over a decade to get feature parity from the non-network-operators that overtook the IETF, and that seriously delayed IPv6 adoption.
- kelnos 1 year ago
  I know you're joking & making fun of glacial IPv6 adoption, but if IPv6 was just IPv4 + more address bits, I'm sure it'd be fully adopted by now and IPv4 would be something kids taking computer networking courses would be taught about in the "history" section.
  IPv6 involved too many other changes to make it a straightforward upgrade. I agree that it's ridiculous that we still don't have universal v6 support, but let's not pretend the protocol designers made it easy.
  - fulafel 1 year ago
    There's new features in IPv6 but if you don't use them, it's pretty just more bits as far as applications and users can see. The biggest change is probably replacing ARP, but that part has been unchanged and shipping since the start and invisible to users. And of course there's also simplifications vs IPv4.
    The biggest shock is for people who have gotten the NAT stockhold syndrome (which always went against IPv4 internet architecture, there's a reason it's outlawed in the standard track IP RFCs).
  - cryptonector 1 year ago
    To be fair, a lot of the growing pains with IPv6 were pains that had to be discovered as we went.
    I wish IPng had taken a totally different approach to addressing and routing:
    - for addressing, yes, very large (or even variable-length, like CNLP, see below) addresses fields in the IPng header
    - for routing, the IPng header should have had a source and destination ASN fields, with the source being filled in by the sender's router(s) (either immediately in the interior, or at the edge), and the destination ASN fields to be filled in by the sender by querying something like the DNS (but optimized for, essentially, CIDR-style IP->ASN lookups, though DNS can do it). This would have made routing much simpler and faster, since routing protocols would only have to exchange information about ASNs and not about any address prefixes, thus yielding much smaller routing tables. The address->ASN lookup service would have needed very little churn since its contents would change only when sites change Internet service providers.
    I wasn't there then, so don't blame me, but also honestly I probably wouldn't have thought of this either.
    In practice we ended up with something just like this but... without address number portability, which is a shame.
- steve918 1 year ago
  So what's taking you so long?!
  - tough 1 year ago
    time travel machine mvp is taking a bit more than planned
    - cryptonector 1 year ago
      So far it can only go forwards in time [at 1s/s].
- bastardoperator 1 year ago
  IPv5 xxx.xxx.xxx.xxx.xxx for the win! /s
  - gtvwill 1 year ago
    Tbh not sure why the protocol couldn't be upgraded so that xxx.xxx.xxx.xxx, xxxx.xxxx.xxxx.xxxx and xxx.xxx.xxx.xxx.xxx are all accepted. Seems a monumentally shite oversight to not be like that. I mean it's a freaking telephone book address system. Astounding they baked it in just xxx.xxx.xxx.xxx and didn't upgrade the protocol at all in the last 20 years (is this just entirely due to profit/asset protecting?).
    Response was to make a wholly new protocol when they could have just updated the standard and forced suppliers to patch updates?
    USB backwards compatability that shiz. The fact I can take a modern usb device and plug it in a 1.1 gen port and it still just works. Why the hell isn't ipv4 like that for upgrades?
    Seriously is there any real technical hurdle why we didn't do it this way?
    - superluserdo 1 year ago
      This very confident sentiment comes up in every comment section about IPV4/6
      - "Updating the standard" is making a new protocol
      - "forced suppliers to patch updates" - how?
      - "USB backwards compatability that shiz. The fact I can take a modern usb device and plug it in a 1.1 gen port and it still just works. Why the hell isn't ipv4 like that for upgrades?" - because you're changing the address space of the protocol. If the new standard can address more than 2^32 things, then it won't be backwards compatible with v4.
      - "Seriously is there any real technical hurdle why we didn't do it this way?" - Assuming you're talking about having a variable-length address from the start in IPV4, because I assume having a non-fixed packet header size would be much more computationally expensive and violate a lot of assumptions that you can make when the header is fixed (having a fixed region of the buffer that is known to always be the full header). You'd be much better having a fixed-length address that is enough to cover all possible nodes in the network - exactly what IPV6 has done.
      - "Astounding they baked it in just xxx.xxx.xxx.xxx" - IPV4 was first deployed in 1982. Wikipedia tells me that the year before, there were just over 200 nodes on the ARPANET. I think you're doing a bit of a disservice to the people who designed this stuff by castigating them for not factoring a 20'000'000x increase in network size into their protocol.
    - cqqxo4zV46cp 1 year ago
      Because I don’t want to feel like I’m shopping at IKEA when I’m configuring my router.
    - kelnos 1 year ago
      > Seriously is there any real technical hurdle why we didn't do it this way?
      Yes, because designing and implementing a protocol like USB is nothing like designing and implementing an internetworking protocol.
      > not sure why the protocol couldn't be upgraded so that xxx.xxx.xxx.xxx, xxxx.xxxx.xxxx.xxxx and xxx.xxx.xxx.xxx.xxx are all accepted
      You can't just add address bits to a fixed-size protocol header that wasn't intended to be extended in that manner. IP addresses don't actually look like those dotted strings you're talking about. Those representations are for convenience and ease of reading for humans. For computers, it's a 4-byte quantity that's sent over the wire in binary, not a string of base-10 numbers separated by dots. When these things were designed, CPUs, custom processing units, and RAM were incredibly expensive. When you designed a protocol, you designed it for efficiency in size and parsing speed. Otherwise no one would implement your protocol, because it wouldn't be cost-effective to do so. Today we throw around JSON payloads in our HTTP responses without a care for the bandwidth needed or processing power used to parse. If you tried to do something like that back in 1981 when IPv4 was introduced, you'd be laughed out of the room and fired.
      Your middle suggestion ("xxxx.xxxx.xxxx.xxxx") makes no sense: each part of the dotted-quad notation we're familiar with represents an 8 bit quantity (base-10 numbers 0 through 255). Adding another base-10 digit is nonsensical. The last example, a dotted-...er...quint? is certainly one option, which would increase the address field in the header from 4 to 5 bytes, giving us 256 times the current number of addresses (more or less). IPv6, instead of going from 4 to 5 address bytes, goes to 8 address bytes. That allows us to give every grain of sand on all the Earth's beaches an IPv6 address, several times over. Overkill? Maybe. Probably. But consider how long it's taken to adopt this new protocol. If we were to only add 1 more address byte, and then run out of addresses again, we'd likely have to wait even longer than this time for a future IPv7 to become adopted.
      Now, going back to the fairly modest 1-byte increase in the address fields (and presumably no other protocol changes). For some devices a fairly simple software update would suffice, but for many router-type hardware of the time (25+ years ago), it wouldn't have been feasible to solely upgrade the software or firmware. Consider that things like routing tables would now require 25% more memory per address, and memory was something routers of the time didn't have in abundance. And some of these older pieces of hardware actually had parts of the protocol "parsing" done in hardware, which you can't change after the fact; you need to scrap the entire thing and build something new.
      I do agree that it was foolish to design a whole new protocol. If they'd just released a new protocol where the only change was more address bits, I'm sure it'd be fully adopted by now and IPv4 would be a thing of the past.
- VoodooJuJu 1 year ago
  You could do that, and if you did, I think you'd find a lot of success with your new solution, as people the world over would switch to using it.
  Just make sure you make it as user-friendly & functional as its predecessor and don't stuff a whole bunch of nonsensical half-baked features into it. Otherwise, people may have no choice but to keep using the older solution.
- listenallyall 1 year ago
  That's awesome. I have no doubt you would use common sense and make the addresses in this new system simple, recognizable, and just an extended version of what everybody is already used to, like 111.222.33.44.55.66
  - jedberg 1 year ago
    This right here was the biggest mistake for IPv6. Adoption would have been so much easier if IP6s were just "extra numbers" tacked onto the end so that if an old router saw it, it would ignore the extra bits and send it to the "IPv4" part of the address.
    - alphager 1 year ago
      That's not how routers or routes work.
    - organsnyder 1 year ago
      The potential number of edge cases in IPv4-only hardware is staggering.
planet_1649c 1 year ago
Can't they provide an anycast ip's like fly.io does to all their customers. Most of the things are anyhow behind dns entries and i doubt people direct hit IP addresses.
- overstay8930 1 year ago
  They do, it's called Global Accelerator
notwhereyouare 1 year ago
article turns into an ad at the end, just a FYI
1 year ago