The collapse in IPv4 transfer prices is what caught my eye here, dropping from a ~$55 peak in 2021 to a mean of $22 in early 2026 (figure 12).
This validates my hypothesis that the run-up in 2020–2022 was an artificial scarcity bubble driven largely by hyperscalers. AWS was right up there stockpiling before they shifted their pricing model. Once AWS introduced the hourly charge for public IPv4 addresses (effectively passing the scarcity cost to the consumer), their acquisition pressure vanished. The text notes Amazon stopped announcing almost 15M addresses in Nov 2025. I think they have moved from aggressive accumulation to inventory management.
We are seeing asset stranding in real-time. The market has realized that between the AWS tax and the efficacy of mobile CGNAT, the desperate thirst for public v4 space was not infinite. I'm curious to hear more takes on this.
"As you may know, IPv4 addresses are an increasingly scarce resource and the cost to acquire a single public IPv4 address has risen more than 300% over the past 5 years. This change reflects our own costs and is also intended to encourage you to be a bit more frugal with your use of public IPv4 addresses and to think about accelerating your adoption of IPv6 as a modernization and conservation measure."
Their move disgusted me and I moved from AWS to OCI.
They hadn't bothered to add ipv6 support to most of their services and the ones that did have it usually were only dual stack - still requiring an ipv4 address.
As someone with a background in electronics who doesn't manage any internet-connected equipment but has multiple embedded devices connected to a WAN, I'm glad that IPv4 still seems to have a bit of life left in it.
When IPv6 was developed, over 30 years ago, connecting everything to the internet seemed like a great idea. I know that IPv6 can be made secure, but I don't have the background or research time to learn how to do so, and the NAT-by-default of IPv4 effectively means that I get the benefit of a default-deny security strategy that makes it impossible to accidentally directly connect anything to the internet.
I'm hoping I can keep using IPv4 until IPv8 or IPv4.5 or whatever comes next is developed with the modern proliferation of cheap insecure IoT in mind.
For some background on why IoT products are so insecure:
Hardware manufacturers don't really comprehend the idea of updates, let alone timely of security patches. Hardware has to work on the day of release, so everything is documented and tested to verify it will work. I have hardware with a TCP/IP stack that was released 20 years, (https://docs.wiznet.io/Product/Chip/Ethernet/W5500) and doesn't have a single errata published, despite widespread use. This is expected for every single component, for even the smallest 1-cent transistor, which has dozens of guaranteed performance characteristics laid out over several pages of documentation (https://en.mot-mos.com/vancheerfile/files/pdf/MOT2302B2.pdf).
When manufacturers venture into a product that runs software, they don't realize that for a given complexity, working through undocumented or, worse yet, incorrectly documented APIs takes more time than the equivalent hardware development and documentation. I've worked on multiple projects where software bugs were fixed with hardware workarounds, because it's faster, cheaper, and easier to develop, test, document, retool, and add a few cents of bill-of-materials cost per product, than to get reliable output from the already-written library that's supposed to provide the functionality.
The hardware TCP/IP stack that I linked to was developed at a time when it was the cheapest way to connect a low-power embedded system to a network. Modern low-power embedded systems have multiple cores running at hundreds to thousands of MIPS making the resources to run a softtware TCP/IP stack trivial, but the product still sells well, because when security is an absolute must, the hardware development and maintenance cost for the functionality is still cheaper than through software, even when there's no marginal cost to run the software.
IPv4 is not NAT-by-default. The reality of the world we live in today is that most home networks have a NAT, because you need multiple devices behind a single IP.
That said, I agree: it's quite unknowable how many services I've turned on on local machines with the expectation that a router firewall sat between me and potential clients.
But that doesn't go away with IPv6 - the NAT does, the router doesn't, and the firewall shouldn't either. For example, the default UniFi firewall rules for IPv6 are: 1. Allow Established/Related Traffic (outbound return traffic), 2. Block Invalid Traffic, 3. Block All Other Traffic
You must explicitly open a firewall rule for inbound IPv6 traffic. NAT is not the firewall.
IPv6 is just as secure as IPv4. NAT usually combines address translation with a stateful firewall. I remember when they were separate things. IPv6 has the stateful firewall, all the same security but without the mess of address translation.
Also, if you have devices connected to WAN, then they are insecure because they are not NATed.
"As the Internet continues to evolve, it is no longer the technically innovative challenger pitted against venerable incumbents in the forms of the traditional industries of telephony, print newspapers, television entertainment and social interaction. The Internet is now the established norm. The days when the Internet was touted as a poster child of disruption in a deregulated space are long since over, and these days we appear to be increasingly looking further afield for a regulatory and governance framework that can challenge the increasing complacency of the very small number of massive digital incumbents.
It is unclear how successful we will be in this search for responses to this oppressive level of centrality in many aspects of the digital environment. We can but wait and see."
If you think the time that a given social network spends at the top is long now, wait until there's a "regulatory and governance framework" knocking out most newcomers.
I pay close attention to IPv4 addresses for outgoing emails. At work we use several email services and pay for a dedicated IP(v4) at each. And when we provision a new service, we expect our new IP address to be “clean,” by which I mean it is ideally not found on any email reputation list.
For websites and services I don’t care. Some hosting platforms publish via CNAME, and some via A and AAAA records. Most seem to use a mix of v4 and v6 addressing.
The falling price of IPv4 addresses looks to me like we’ve made it to other side of the IPv6 rollout: demand for IPv4 is falling faster than supply now. Not clear if those prices are adjusted for inflation; the post-COVID spike looks like a lot of other nominal price graphs. If not, then the recent price drop is even more dramatic than it appears.
Perhaps in the long run, IPv4 becomes an artisanal choice for uses that depend on stable IP reputation: email sending, primarily. And everyone else relies on TLS for reputation signals, not caring about the IP address.
There is a growing grey market for IPv4 still, though, and probably always will be. It seemed like people were treating them like crypto for a while. Still people out there trying to re-route old abandoned ranges. There are still a lot of legacy ranges that belong to defunct organizations and never got properly sold.
The real story here is China and India have been quietly buying up gobs of African IP blocks - most of which are used for botting operations. I see it in my server logs.
China already de-facto owns half of Africa so it's natural they would prey on their scarce IP resources as well.
When you see AI scraping at a massive scale originating from $AFRICAN_COUNTRY IP space, and that country's GDP is smaller than Rhode Island, you sure as shit know someone else is behind it.
I see this often that people refer to countries as actors. Are you implying that the government of these countries bought those resources and they're now owned by the government? Or are you saying that citizens/corporations of those countries are buying? I find it weird, I wouldn't use the phrase "The United States is buying XYZ" unless it was the current government doing so?
I'm not sure the distinction matters, and attribution is inherently hard and easy to get wrong. I frequently read Country X is doing Y, less as a indicator of government action and more of a single that we can't be more specific of who within the country is performing an action but we know the behavior is occurring there.
In the case of IP address purchases, these are publicly tied to specific public and private entities and can be easily queried through the regional registries. These private entities are frequently the same kind of shell company you'll get with hiding shady financial details.
It seems to be widly accepted that the Chinese State (don't know about India) often imposes on or sponsers citizens to perform actions it finds adventagious.
And, I'd say, the US is known to do this. I'll lead with 'Project Azorian' to back it up.
India does it too. You see it on all socials as well as reddit. Brain dead posts and comments praising the current govt or gate against anyone criticising.
Almost all the Indian subreddits are against the current government. You will be banned from a subreddit even if you rightly speak in support of current government on Reddit.
It's hard to take your rest of your comment seriously if you are blatantly dishonest about this.
In the US, the government can apply pressure and bargain with companies for favor, but there is no legal requirement of companies agreeing (shy of court orders). Far more than cases of corporate compliance with the government are cases of corporate defiance.
In China, there is no meaningful difference between the party and any Chinese company. Companies are seed funded by the state and carry the will of the state. There is no "come back with a court order" in China. And even if there was, the courts are also just another arm of the party.
Just yesterday--and I don't know how I wound up there--I looked at RFC1166 (from 1990) which is "a status report on the network numbers and autonomous system numbers used in the Internet community." There's a long list of companies and individuals who were assigned "internet numbers". To my surprise, my real name is listed there! I have no clue why.
Not to spoil the article (but there's a lot in there) but I was particularly intrigued by the ongoing tumbling of the price of IPs. After peaking in 2022, "these days the low price of $9 per address is back to the same price that was seen in 2014."
I was also surprised to find that out the other day when someone on Reddit was complaining they couldn’t get a good price on a /17 they were hoarding to sell for a profit. Good riddance.
I’m curious about that meta viewport declaration and where it came from: I don’t believe I’ve ever seen it in that order. The customary ordering has the attributes and content properties all reversed:
I'm interested in any new successful startups going full IPV6 from the beginning. Once we cross that bridge, where your internal IPV4 knowledge is equivalent to token ring knowledge, there's nothing else to watch.
That looks weird. I am guessing that someone knows about the mismatch between ccTLDs (where the UK is .uk) and ISO codes (where the UK is GB and Ukraine is UA) and tried to correct something and got it wrong.
Really need governments to start pushing harder on IPv6 adoption. We need sticks, not just carrots. My favorite is chaos engineering forced IPv4 downtime.
Nah, we just need actual carrots. If something new is better than what people currently have, and you make it easy for them to get the new thing, people will naturally abandon the old thing. They'll do it happily. In fact, it will be hard to stop them from abandoning the old thing for the new thing.
IPv6 has failed at being better, being accessible, or both. Rather than punish people for failing to adopt something that isn't better or easy to get, either improve IPv6 so that it's actually attractive or admit defeat and start work on the next version that people will genuinely want.
The moment you start thinking "Let's make what people have now worse until they move to this other thing they don't want" its an admission that whatever you're pushing people to is shit.
In the US, I really want the FCC to mandate that an ISP provides IPv6 connectivity in order to meet the criteria to be considered broadband (and access the subsidies related to that). Don't even care if the functionality is off by default / you have to call and agree the routing may be sub-optimal, whatever. I currently use HE tunnels but on top of additional latency, the HE <-> Cogent peering dispute still makes it difficult to access services over IPv6.
There should be rule that ISP with CGNAT must offer IPv6 as an alternative. The US doesn't use CGNAT as much as other countries, but would help people stuck behind crappy CGNAT.
It always sends me to sleep when IP enthusiasts lament the lack of adoption for IPv6.
It's obvious to anyone that looks at the two formats that any kind of hacky workaround like NAT gateways will be preferable indefinitely to actually adopting the monstrosity that is IPv6.
I am on zen which you can consider to be as vertical tab mode in FF as well (considering zen is based on FF) (but all be it, I love how slick zen looks! Zen is amazing)
And I have the same texture too! I hadn't observed it until your message
Different RIRs & LIRs have different policies, but the "foolproof" way is to just set up an LLC and register resources through that. There are usually renewal fees as well. If you're not hoping to be able to sell them after you get them, a careful reading of RIR policies can usually net you one or two /24s without needing to buy any blocks.
In either case, if you end up with internet resources you can trawl through sites like https://bgp.services/ to find a cheap VPS provider near you that supports peering. I run my own AS and advertise 3 network blocks (2 IPv4 + 1 IPv6) out of 2 different DCs for several hundred $ per year all in all (including renewal fees, VPS, taxes, etc).
The collapse in IPv4 transfer prices is what caught my eye here, dropping from a ~$55 peak in 2021 to a mean of $22 in early 2026 (figure 12).
This validates my hypothesis that the run-up in 2020–2022 was an artificial scarcity bubble driven largely by hyperscalers. AWS was right up there stockpiling before they shifted their pricing model. Once AWS introduced the hourly charge for public IPv4 addresses (effectively passing the scarcity cost to the consumer), their acquisition pressure vanished. The text notes Amazon stopped announcing almost 15M addresses in Nov 2025. I think they have moved from aggressive accumulation to inventory management.
We are seeing asset stranding in real-time. The market has realized that between the AWS tax and the efficacy of mobile CGNAT, the desperate thirst for public v4 space was not infinite. I'm curious to hear more takes on this.
It is noteworthy that in 2020 AWS had very limited ipv6 support, but these days they have at least some support in the most critical services.
When AWS rolled out plans to start charging for IPv4 addresses:
https://aws.amazon.com/blogs/aws/new-aws-public-ipv4-address...
"As you may know, IPv4 addresses are an increasingly scarce resource and the cost to acquire a single public IPv4 address has risen more than 300% over the past 5 years. This change reflects our own costs and is also intended to encourage you to be a bit more frugal with your use of public IPv4 addresses and to think about accelerating your adoption of IPv6 as a modernization and conservation measure."
Their move disgusted me and I moved from AWS to OCI.
What disgusted you about it? I'm out of the loop
They hadn't bothered to add ipv6 support to most of their services and the ones that did have it usually were only dual stack - still requiring an ipv4 address.
As someone with a background in electronics who doesn't manage any internet-connected equipment but has multiple embedded devices connected to a WAN, I'm glad that IPv4 still seems to have a bit of life left in it.
When IPv6 was developed, over 30 years ago, connecting everything to the internet seemed like a great idea. I know that IPv6 can be made secure, but I don't have the background or research time to learn how to do so, and the NAT-by-default of IPv4 effectively means that I get the benefit of a default-deny security strategy that makes it impossible to accidentally directly connect anything to the internet.
I'm hoping I can keep using IPv4 until IPv8 or IPv4.5 or whatever comes next is developed with the modern proliferation of cheap insecure IoT in mind.
For some background on why IoT products are so insecure:
Hardware manufacturers don't really comprehend the idea of updates, let alone timely of security patches. Hardware has to work on the day of release, so everything is documented and tested to verify it will work. I have hardware with a TCP/IP stack that was released 20 years, (https://docs.wiznet.io/Product/Chip/Ethernet/W5500) and doesn't have a single errata published, despite widespread use. This is expected for every single component, for even the smallest 1-cent transistor, which has dozens of guaranteed performance characteristics laid out over several pages of documentation (https://en.mot-mos.com/vancheerfile/files/pdf/MOT2302B2.pdf).
When manufacturers venture into a product that runs software, they don't realize that for a given complexity, working through undocumented or, worse yet, incorrectly documented APIs takes more time than the equivalent hardware development and documentation. I've worked on multiple projects where software bugs were fixed with hardware workarounds, because it's faster, cheaper, and easier to develop, test, document, retool, and add a few cents of bill-of-materials cost per product, than to get reliable output from the already-written library that's supposed to provide the functionality.
The hardware TCP/IP stack that I linked to was developed at a time when it was the cheapest way to connect a low-power embedded system to a network. Modern low-power embedded systems have multiple cores running at hundreds to thousands of MIPS making the resources to run a softtware TCP/IP stack trivial, but the product still sells well, because when security is an absolute must, the hardware development and maintenance cost for the functionality is still cheaper than through software, even when there's no marginal cost to run the software.
> the NAT-by-default of IPv4
IPv4 is not NAT-by-default. The reality of the world we live in today is that most home networks have a NAT, because you need multiple devices behind a single IP.
That said, I agree: it's quite unknowable how many services I've turned on on local machines with the expectation that a router firewall sat between me and potential clients.
But that doesn't go away with IPv6 - the NAT does, the router doesn't, and the firewall shouldn't either. For example, the default UniFi firewall rules for IPv6 are: 1. Allow Established/Related Traffic (outbound return traffic), 2. Block Invalid Traffic, 3. Block All Other Traffic
You must explicitly open a firewall rule for inbound IPv6 traffic. NAT is not the firewall.
IPv6 is just as secure as IPv4. NAT usually combines address translation with a stateful firewall. I remember when they were separate things. IPv6 has the stateful firewall, all the same security but without the mess of address translation.
Also, if you have devices connected to WAN, then they are insecure because they are not NATed.
This closes on a bit of a downer:
If you think the time that a given social network spends at the top is long now, wait until there's a "regulatory and governance framework" knocking out most newcomers.
I pay close attention to IPv4 addresses for outgoing emails. At work we use several email services and pay for a dedicated IP(v4) at each. And when we provision a new service, we expect our new IP address to be “clean,” by which I mean it is ideally not found on any email reputation list.
For websites and services I don’t care. Some hosting platforms publish via CNAME, and some via A and AAAA records. Most seem to use a mix of v4 and v6 addressing.
The falling price of IPv4 addresses looks to me like we’ve made it to other side of the IPv6 rollout: demand for IPv4 is falling faster than supply now. Not clear if those prices are adjusted for inflation; the post-COVID spike looks like a lot of other nominal price graphs. If not, then the recent price drop is even more dramatic than it appears.
Perhaps in the long run, IPv4 becomes an artisanal choice for uses that depend on stable IP reputation: email sending, primarily. And everyone else relies on TLS for reputation signals, not caring about the IP address.
There is a growing grey market for IPv4 still, though, and probably always will be. It seemed like people were treating them like crypto for a while. Still people out there trying to re-route old abandoned ranges. There are still a lot of legacy ranges that belong to defunct organizations and never got properly sold.
The real story here is China and India have been quietly buying up gobs of African IP blocks - most of which are used for botting operations. I see it in my server logs.
China already de-facto owns half of Africa so it's natural they would prey on their scarce IP resources as well.
When you see AI scraping at a massive scale originating from $AFRICAN_COUNTRY IP space, and that country's GDP is smaller than Rhode Island, you sure as shit know someone else is behind it.
I see this often that people refer to countries as actors. Are you implying that the government of these countries bought those resources and they're now owned by the government? Or are you saying that citizens/corporations of those countries are buying? I find it weird, I wouldn't use the phrase "The United States is buying XYZ" unless it was the current government doing so?
Both.
In the case of China, I believe it's government or CCP-controlled entities, and the end-game is something more nefarious.
For India, IMO it's private industry. They're just trying to make a buck.
I'm not sure the distinction matters, and attribution is inherently hard and easy to get wrong. I frequently read Country X is doing Y, less as a indicator of government action and more of a single that we can't be more specific of who within the country is performing an action but we know the behavior is occurring there.
In the case of IP address purchases, these are publicly tied to specific public and private entities and can be easily queried through the regional registries. These private entities are frequently the same kind of shell company you'll get with hiding shady financial details.
It seems to be widly accepted that the Chinese State (don't know about India) often imposes on or sponsers citizens to perform actions it finds adventagious.
And, I'd say, the US is known to do this. I'll lead with 'Project Azorian' to back it up.
India does it too. You see it on all socials as well as reddit. Brain dead posts and comments praising the current govt or gate against anyone criticising.
> You see it on all socials as well as reddit
Almost all the Indian subreddits are against the current government. You will be banned from a subreddit even if you rightly speak in support of current government on Reddit.
It's hard to take your rest of your comment seriously if you are blatantly dishonest about this.
In the US, the government can apply pressure and bargain with companies for favor, but there is no legal requirement of companies agreeing (shy of court orders). Far more than cases of corporate compliance with the government are cases of corporate defiance.
In China, there is no meaningful difference between the party and any Chinese company. Companies are seed funded by the state and carry the will of the state. There is no "come back with a court order" in China. And even if there was, the courts are also just another arm of the party.
Just yesterday--and I don't know how I wound up there--I looked at RFC1166 (from 1990) which is "a status report on the network numbers and autonomous system numbers used in the Internet community." There's a long list of companies and individuals who were assigned "internet numbers". To my surprise, my real name is listed there! I have no clue why.
Not to spoil the article (but there's a lot in there) but I was particularly intrigued by the ongoing tumbling of the price of IPs. After peaking in 2022, "these days the low price of $9 per address is back to the same price that was seen in 2014."
I was also surprised to find that out the other day when someone on Reddit was complaining they couldn’t get a good price on a /17 they were hoarding to sell for a profit. Good riddance.
Unrelated to the post, but please include a viewport tag[0] on your website; it's one line of code that makes things far easier to read on mobile.
[0]: `<meta content="initial-scale=1,width=device-width" name="viewport">`
I’m curious about that meta viewport declaration and where it came from: I don’t believe I’ve ever seen it in that order. The customary ordering has the attributes and content properties all reversed:
I'm interested in any new successful startups going full IPV6 from the beginning. Once we cross that bridge, where your internal IPV4 knowledge is equivalent to token ring knowledge, there's nothing else to watch.
Github still refuses to switch on support for ipv6 traffic for some reason, so you can't interact with github then
The country code GB in some of the tables should show the source economy being Great Britain right? Am I misunderstanding the table?
That looks weird. I am guessing that someone knows about the mismatch between ccTLDs (where the UK is .uk) and ISO codes (where the UK is GB and Ukraine is UA) and tried to correct something and got it wrong.
its correct in other tables.
.uk being the TLD, and .gb being the ISO 3166-1 alpha-2 code is a quirk of history that comes with .uk being on the internet very early.
Really need governments to start pushing harder on IPv6 adoption. We need sticks, not just carrots. My favorite is chaos engineering forced IPv4 downtime.
Nah, we just need actual carrots. If something new is better than what people currently have, and you make it easy for them to get the new thing, people will naturally abandon the old thing. They'll do it happily. In fact, it will be hard to stop them from abandoning the old thing for the new thing.
IPv6 has failed at being better, being accessible, or both. Rather than punish people for failing to adopt something that isn't better or easy to get, either improve IPv6 so that it's actually attractive or admit defeat and start work on the next version that people will genuinely want.
The moment you start thinking "Let's make what people have now worse until they move to this other thing they don't want" its an admission that whatever you're pushing people to is shit.
In the US, I really want the FCC to mandate that an ISP provides IPv6 connectivity in order to meet the criteria to be considered broadband (and access the subsidies related to that). Don't even care if the functionality is off by default / you have to call and agree the routing may be sub-optimal, whatever. I currently use HE tunnels but on top of additional latency, the HE <-> Cogent peering dispute still makes it difficult to access services over IPv6.
There should be rule that ISP with CGNAT must offer IPv6 as an alternative. The US doesn't use CGNAT as much as other countries, but would help people stuck behind crappy CGNAT.
Or we should start a wall of shame of services not available on IPv6.
https://whynoipv6.com/
What holds them back though? Even my shitty self-hosted website on a not-so-known VPS supports IPv6.
I'm assuming priorities and convincing the old guard it's something to do
It provides no benefit, so even the smallest amount of added complexity or additional engineering effort required isn't worthwhile.
I did not have to put any additional engineering effort into it though.
It always sends me to sleep when IP enthusiasts lament the lack of adoption for IPv6.
It's obvious to anyone that looks at the two formats that any kind of hacky workaround like NAT gateways will be preferable indefinitely to actually adopting the monstrosity that is IPv6.
NAT is the monstrosity, not IPv6.
But has the nice side-effect of working as a firewall, before traffic gets to you.
IPv6 routers use a stateful firewall just like NAT includes. Just without the problems of NAT.
NAT has the side-effect of working as a shower curtain. It will mostly keep light drops of water out, but will not stand up to a fire.
No, it does not. Always use a firewall if you need a firewall. NAT is not a replacement for it.
Unrelated to the post, but I love the left texture when I'm on vertical tab mode in FF. Very cool
I am on zen which you can consider to be as vertical tab mode in FF as well (considering zen is based on FF) (but all be it, I love how slick zen looks! Zen is amazing)
And I have the same texture too! I hadn't observed it until your message
Unless I misunderstand something, that texture is not especially related to Firefox or vertical tabs.
I have it both under Firefox or Chromium, and whether my tabs are vertical or not. It's just the website's background.
IPv6 will change the world. Believe in it
How many more decades will I have to wait to have IPv6 from my ISP though?
how realistic is it to buy a block in 2026 as an individual? I understand that it is useless, but how much so
Different RIRs & LIRs have different policies, but the "foolproof" way is to just set up an LLC and register resources through that. There are usually renewal fees as well. If you're not hoping to be able to sell them after you get them, a careful reading of RIR policies can usually net you one or two /24s without needing to buy any blocks.
In either case, if you end up with internet resources you can trawl through sites like https://bgp.services/ to find a cheap VPS provider near you that supports peering. I run my own AS and advertise 3 network blocks (2 IPv4 + 1 IPv6) out of 2 different DCs for several hundred $ per year all in all (including renewal fees, VPS, taxes, etc).