Skip to content
tmittelstaedt's profile

Problem solver


312 Messages

Sun, Jan 25, 2015 11:00 AM

Static IP price increases

Hi All,


  Disclaimer: I'm not speaking for Comcast.


Recently Comcast raised static IP pricing.  This is not unexpected to anyone who follows what is going on with IP addressing.  If you aren't aware of it, please continue reading.


First you need to do a little homework.  read the following:


Now, let's talk about what is going on.  Since IPv4 is out, the only way an expanding ISP (like Comcast) can get more of it is by paying a transfer fee.  This transfer fee system was setup by the RIR's to encourage people who are sitting on old blocks of IPv4 that they are not using, to return them to the free pool for reassignment.


This HAS been happening.  BUT, most of it is taking place in secret.  There HAVE been a few of these transfers that have become public knowledge - like the following:


which was publicized because it was done through Bankruptcy Court, and that is a public record.  But, that price was 4 years ago.  The market has got a lot tighter since then and prices have gone up.


So, to connect the dots here - Comcast has to fork over lots of money for more IP - their costs to obtain it have risen - they want to pay for that somehow.  Apparently some pinhead in their accounting group is under the impression that Comcast business customers who use a SINGLE Static IPv4 address somehow use "more" IPv4 than a dynamic IPv4 business customer and so it's fair to charge them more money.


While this logic is fair for those business customers with static subnets - I am one - it's UNFAIR for business customers with a SINGLE static IPv4 number.


There is only 1 real answer and that is switching to IPv6.   There is no transfer market in IPv6 and fees for it are far, far, cheaper.


Comcast _is_ working on this.  But they are NOT done.


What really needs to happen is the following:


1) Comcast must get static IPv6 deployed.  Quit screwing around.  Dynamic IPv6 has been deployed and is working.  We have been listening to excuses about "having to work on the bootfiles" for too long.  This is not rocket science, people.  Lock the developer in his office with a chamber pot and a Mountain Dew dispenser, turn off his phone, turn off his email, post a guard, and tell him to get the thing done.  8 hours should be plenty enough time to modify a bootfile.


2) Once static IPv6 is deployed, Comcast must offer it as a chargable item that is LESS in cost than IPv4.  Meaning the following:  You want IPv4, you pay a lot.  IPv6 is included.   You want ONLY IPv6, you pay MUCH LESS.


These 2 factors will help to create a financial incentive to get people to avoid using static IPv4 subnets and switch to static IPv6.  That is what we need to get people off IPv4 and on to IPv6.  But, there is also more that needs to happen:


3) Customers need to get familiar with use of dynamic DNS.  I have seen 2 schemes out there for this:


a) the NAT/address translator issues the dynamic DNS updates to the DNS server.  This is the model that costs $25 a year.


b) A PC that is behind the NAT/address translator logs into the dynamic DNS server and updates the IP address.


If your a business that needs a single static IP for remote access - then dynamic DNS may work out for you.  That not only will allow you to drop the expensive static IP - it might allow you (if your working out of your home) to go to a residential Comcast account instead of a business account.


Along with understanding dynamic DNS is the need to use modern router gear that can deal with dynamic dns.  A LOT of router gear more than a couple years old cannot deal with it - or they cannot deal with VPN's to it.


I have seen a number of IPSec VPN schemes out there that attempt to implement SITE2SITE vpn's with one or both sides dynamic.  Usually these don't work very well.   What most people are doing now is switching to OpenVPN-based solutions that build SSH vpn tunnels that can deal with it if one side shifts IP addresses.


4) Customers also need to understand that a Network Address Translator is NOT A FIREWALL.  You have zero business running any kind of server on IPv6 without either running host-based firewalling (firewalling on the server) or device-based (a firewall in front of the server or servers)


For years people used NAT with the notion that somehow NAT constituted a firewall.  It only does for the most crude and basic types of attacks.


But NAT is unusuable for IPv6.  There are a couple of competing implementations of IPv6 NAT out there but this is NOT a VHS vs Betamax thing where the "best" IPv6 NAT is going to win.  NO ONE is going to "win" because NAT itself is an abomination and was only tolerated 15 years ago because most hardware of the time was too underpowered to do real stateful inspection.  IPv6 NAT isn't going anywhere, never will go anywhere, and people who try that path will be locked into a vendor-specific implementation and will pay through the nose forever.


the future in static IP subnets at a site is a static IPv6 subnet, behind a real stateful inspection firewall.  It is not translation!


5) Comcast needs to allow business customers with static IP subnets to use their own firewalls.  Right now the ONLY real firewalling solutions for a business customer with a static IP subnet is a bridging firewall like an Untangle system ( or host-based firewalling.  This is simply not acceptable for an IPv6 implementation with an IPv6 static subnet that thousands of hosts at the site can exist on.


It would really help if anyone wanting to beat Comcast over the head on static IP pricing would read all of this and get familiar with it.  As I see it from a fairness POV, Comcast's pricing increase for static IP addressing IS ONLY FAIR if a real, working alternative in static IPv6 is offered.


It IS fair to charge a SMALL additional fee for static IPs.  They do require additional administrative overhead.


But it is NOT fair when the price for a single static IPv6 IP or a static IPv6 subnet is THE SAME as for a single static IPv4 address or static IPv6 subnet.


I understand Comcast's IPv4 costs are going up due to IPv4 runout, and they want to create financial incentives to NOT use up IPv4.  So, increasing the charge for a static IPv4 subnet IS FAIR because it creates a greater incentive for people like me to use less of it or better yet to pass that lopsided price increase along to our customers, thus creating an incentive for them to shift to IPv6.   BUT, it is NOT fair when NO static IPv6 subnet alternative is provided, and it is NOT fair when SINGLE IPv4 static users are ALSO penalized - since their IPv4 costs are the same as a dynamic customer (except for a small cost to track and manage  which certainly has not increased)


As a community we are not going to get anywhere arguing with Comcast about pricing increases unless we do it from a fairness standpoint.  We have to acknowledge that static IPs do have increased costs - but Comcast has to meet us halfway and acknowledge that until they can provide the alternative - fully functioning static IPv6 both subnets and individual numbers - it is unfair to raise prices on static IPv4.


Accepted Solution

Gold Problem solver


610 Messages

7 y ago

@tmittelstaedt wrote:

2) Once static IPv6 is deployed, Comcast must offer it as a chargable item that is LESS in cost than IPv4.  Meaning the following:  You want IPv4, you pay a lot.  IPv6 is included.   You want ONLY IPv6, you pay MUCH LESS.

The problem with that is the (lack of) critical mass for IPv6-capable users. You go IPv6 only, you cut yourself off from %95+ of users and other sites on the internet. Turn off IPv4 on your machine and try to browse the web, if you don't believe me.


I'm right there with you, we ALL need MORE IPv6 options, they MUST be substantially cheaper than IPv4, and the fact that  static IPv6 addresses on one of the USA's largest ISPs still aren't available in the year 2015 is shameful.

Problem solver


312 Messages

7 y ago

The price increases aren't aimed at IP-anything-capabable users.  Not right now.  They are aimed at people who put servers on the Internet.  We know that it's pointless to ask users to gear up for IPv6 when not all servers on the Internet are reachable via IPv6.  So, the pressure is on people to dual-stack their servers.  And one of the ways that's being done is jacking prices up for static IP numbers - because a static IP is a requirement for anyone running a server on the Internet.


The fact is that small fry - like a business that just wants to run their own mailserver, or the end user who wants to be able to RDP into their desktop PC - are caught in this.  Since there's no way to discriminate between one of these and a commercial provider of services with a mailserver with 1000 users on it, they are going to get painted with that brush.