Networking.com

IPv6 (Internet Protocol Version 6)

By TechTarget Contributor

IPv6 (Internet Protocol version 6) is a set of specifications from the Internet Engineering Task Force (IETF) that is essentially an upgrade of IP version 4 (IPv4), a category of IP addresses in IPv4-based routing. The basics of IPv6 are similar to those of IPv4 -- devices can use IPv6 as source and destination addresses to pass packets over a network, and tools like ping work for network testing as they do in IPv4, with some slight variations.

The specification (RFC8200) for IPv6 was published in 2017 and was elevated to Internet Standard (STD86).

Difference between IPv4 and IPv6

The most obvious improvement in IPv6 over IPv4 is that IP addresses are lengthened from 32 bits to 128 bits. This extension anticipates considerable future growth of the Internet and provides relief for what was perceived as an impending shortage of network addresses. IPv6 also supports auto-configuration to help correct most of the shortcomings in version 4, and it has integrated security and mobility features.

Benefits of IPv6

IPv6 benefits include:

IPv6 complications

IPv6 complications include:

Who deploys IPv6?

Google reported in August 2019, that nearly 29 percent of those searching on Google were doing so over IPv6.

The Federal Communications Commission (FCC) notes that the transition will be years long. During the transition, steps will be taken by Internet service providers, content and application providers to ensure that IPv4 addresses will continue to be supported. However, during the transition, the FCC warns, online services could be impaired or degraded, and privacy could be compromised because of increased dividing and transferring of IPv4 addresses.

As of August 2019, most virtual private network (VPN) providers weren't yet supporting IPv6.

IPv6 security

IPv6 can run end-to-end encryption (E2EE). Widespread adoption of IPv6 will therefore make man-in-the-middle attacks (MitM) significantly more difficult.

According to network security firm Sohpos, IPv6's support of the Secure Neighbor Discovery (SEND) protocol renders Address Resolution Protocol (ARP) poisoning and other naming-based attacks more difficult. With IPv4, it’s fairly easy for an attacker. IPv6 makes it difficult for attackers to redirect traffic between two legitimate hosts and manipulate a conversation.

This added security depends entirely on proper design and implementation, and the more complex and flexible infrastructure of IPv6 makes for more work. If, for example, a server enables IPv6 by default but the firewall doesn't, the network is more prone to attack.

Operating a network in which two internet protocols -- IPv4 and IPv6 -- are deployed generally implies that network configuration needs to be replicated for IPv6 -- that is, the network must be configured so that IPv6 can operate like IPv4. This network configuration not only includes aspects such as enabling IPv6 routing and incorporating IPv6 information in the domain name system, but also the enforcement of network security policies via packet filtering.

IPv6 and MAC address

IPv6 addresses are 128 bits long (16 bytes), including 64 bits for the network number and 64 bits for the host number. The host portion of an IPv6 address or part of it often will be derived from a media access control (MAC) address or other interface identifier. Depending on the subnet prefix, IPv6 has a more complicated architecture than IPv4. The number of IPv6 addresses is 1028 (79 228 162 514 264 337 593 543 950 336) times larger than the number of IPv4 addresses. The text form of the IPv6 address is xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx, where each x is a hexadecimal digit, representing 4 bits. Leading zeros can be omitted.

11 Sep 2019

All Rights Reserved, Copyright 2000 - 2024, TechTarget | Read our Privacy Statement