Keeping the current version of Internet Protocol, the world will run out of IP addresses by 2007. So is it time to move to IPv6?
Microsoft’s most recent operating systems, the Windows XP client and the .NET server family, include a number of improvements that take advantage of current and future technologies to make life easier for users and administrators. One such improvement is built-in support for Internet Protocol version 6 (IPv6), also referred to as the next generation IP or IPng. This version of IP provides several advancements over the most-used IP version, IPv4. IPv4 has served us well, but it provides a comparatively small address space and blocks of addresses were unevenly allocated. “Small” is a relative term, but the architects didn’t allow for the idea of ubiquitous Internet connectivity.
How do you know you need it?
IPv6 offers advantages over the current specification in four areas:
1. Scalability. The most obvious reason to increase the address space is to provide for a unique address for every toaster, coffee maker, or any other device on the planet. The current IPv4 space only allows four billion addresses, yet the world population already exceeds six billion, so it cannot support even one device per person without resorting to tricks such as NAT (network address translation). The problem with NAT is that it breaks the original assumption of end-to-end bi-directional links between systems, so some higher-level protocols and applications will not work when NAT is used.
IPv6 uses a 128-bit address space, theoretically enough for 340 trillion trillion trillion (3.4x1038) addresses. In practice, there will be a smaller number due to the way addresses are structured, but we’re still talking about 35 trillion sites, each with an 80-bit local address space, “which seems to be enough for nine billion people [the projected population in 2050],” according to the Internet Society (ISOC). It’s said to be enough to give an address to each grain of sand on the planet.
The way IPv4 addresses were initially allocated means some countries are starved of addresses. Despite the huge IPv6 address space, addresses will still need to be allocated in blocks to allow efficient routing, and ISOC points out there is consequently a clash between fairness, which “allows anyone who wants a block of addresses to get one,” and scalability (due to issues in maintaining compact routing tables).
The Internet Assigned Numbers Authority (IANA—the organisation that oversees the distribution of IP addresses—has set out a number of goals for the IPv6 address allocation policy, namely uniqueness, accessible registration, aggregation, conservation, fairness, and minimised overhead. According to IANA, “the goal of aggregation is considered to be the most important” although it also describes uniqueness as an “absolute requirement”. The idea behind aggregation is that the “address space should be distributed in a hierarchical manner, according to the topology of network infrastructure”.
Avoiding the fragmentation of address ranges will limit the expansion of Internet routing tables.
Currently, there are over 80,000 entries in the IPv4 routing tables. Enforcing aggregation will limit external routing information to no more than 8192 items.
2. Security The IPv6 specification includes security features in the form of packet encryption (Encapsulated Security Payload, or ESP) and source authentication (Authentication Header, or AH). Both these features are optional parts of the IPv4 specification, but it is mandatory that they are included in every IPv6 implementation.
This means we will be reasonably certain that the data within packets will not be easily inspected while in transit, and that a packet originated from its purported source, thus reducing opportunities for spoofing. AH also provides assurance that the packet has not been altered in transit. That said, it is not mandatory that either ESP or AH are actually used.
3. Performance. IPv6 packets include a Flow Label field, allowing routers to establish virtual circuit-style connections. The field identifies a set of packets that belong to the same flow—much like the Service Type (Diffserv) field in IPv4—so routers and other network devices can perform prioritisation or traffic shaping. This makes it easier to ensure real-time data such as videoconferencing streams are prioritised. IPv6 distinguishes traffic that tolerates delays caused by congestion (eg, e-mail) from isochronous traffic such as audio and video streams. Furthermore, routers will be able to use the information they collect to analyse traffic patterns and use the results to improve network performance.
The Flow Label for a particular flow is a pseudo-random number. No other flow from the same source is assigned the same Flow Label. The Flow Label and the source address are therefore the only information needed for a router to classify a packet for the purpose of determining its priority, and they are stored in the packet header.
With IPv4, this process typically requires examination of the source address, source port, destination address, and destination port.
The fixed size and reduced number of fields in the IPv6 header both allow simplified processing by routers. The new protocol also improves performance by preventing packet fragmentation: an algorithm is included to discover the transmission path and the smallest MTU (maximum transmission unit) along it, and then packet sizes are restricted to that minimum.
4. Autoconfiguration. IPv6 includes a feature called Stateless Autoconfiguration that saves users or administrators from specifying the IP address of a particular piece of hardware. Instead, it generates a link-local IP address based on its media-level address (essentially the Ethernet MAC address or equivalent for other connectivity hardware) and uses the Neighbour Discovery (ND) protocol to check that no other local device is already using that address. If one is, the device repeats the process with a randomly generated address.
Next, an ND Router Solicitation message attempts to discover a local IPv6 router. If there is one, it provides the rest of the information needed to form the “real” IP address. Where no routers are present, autoconfiguration allows two or more devices on an isolated network to communicate.
IPv6 autoconfiguration also simplifies the process of assigning new IP addresses in the event that the organisation moves to a different ISP. The router can use ND to notify devices of the change. This process also makes life easy for users of mobile devices such as phones, PDAs, and notebook computers that connect to different networks at different times. It also means consumer appliances with Internet connections (such as the washing machine that can download new wash cycle programs, or the air conditioner you can turn on by remote control) and other embedded systems will be capable of being hooked up without the user having to perform any network configuration.
Fixed IP addresses have an implication for privacy in that they make it easier to profile a particular user. This is set to become a greater issue as more and more extremely personal devices such as PDAs and mobile phones are connected to the Internet. The idea of generating a portion of the address from a hardware characteristic (typically the MAC address) would make it possible to track the location of the device over time, for example. IPv6 reduces this privacy risk by establishing mechanisms for generating addresses incorporating a random (or pseudo-random) component in place of a component associated with a specific device (such as the MAC address).
There is also an IPv6 equivalent of DHCP, known appropriately enough as DHCPv6, which can provide further information such as the addresses of DNSes.
