Table of contents
Internet Protocol version 6 (IPv6) provides enhanced security, privacy and performance and in many ways is easier to use than IPv4.
The use of IPv6 will continue to grow until it completely replaces legacy IPv4.
All Network Administrators, even for IPv4-only networks, need to make adjustments for IPv6 or they will be running their networks at increased risk.
Proper deployment of IPv4 to IPv6 transition technologies should be smooth.
A Brief History
When IPv4 was deployed in 1983, it was created for the few trusted networks that were connected to the Internet.
In the early 1980s, it was thought that the 3,706,452,992 public addresses that 32-bit IPv4 provides would be more than enough going into the future. The Internet engineers of the time didn’t expect so many people to have a computer in their home, much less so many people having multiple Internet capable devices like computers, tablets, phones, IoT, etc.
In the beginning, security wasn’t a major concern for IPv4. Security was usually handled by physical access to the computer equipment and application authentication with a username/password was used. It was left up to the organizations to allow access to individuals that were trusted not to be malicious.
IPSec was created many years after IPv4 was deployed and it had to be retro-fitted. The solution has security flaws. IPv4’s shortcomings led to the development of IPv5.
It was because of the explosion of the number of Internet capable devices in the 1990s that the development of IPv5 was abandoned. IPv5 was also 32-bit and so it provided the same limited address space as IPv4.
As an answer to IPv4 and IPv5's shortcomings, IPv6 became a formal Internet Standard in 1998.
IPv6's 128-bit address space that provides a mind boggling 42 undecillion (42,000,000,000,000,000,000,000,000,000,000,000,000) public addresses.
It also natively supports IPSec.
IPv6 offers many other enhancements that will be explained in the articles and lessons that follow.
Security: IPv6 Must be Considered by All
Many host devices leave the warehouse with IPv6 enabled by default. If this isn’t given appropriate consideration, a hacker could exploit this attack surface...even in an "IPv4 only" network.
It shouldn’t be ignored that we already live in an IPv6 world.
IPv6 is also a simpler and better organized than IPv4 and thus better for security.
Some believe that IPv6 causes privacy issues. On the contrary, IPv6 can provide privacy while still retaining valuable identity information.
NPTv6 (Network Prefix Translation), for example, translates an internal IPv6 address to external IPv6 address that’s used on the Internet. Some may know this technology by its old name…NAT66.
Like a car that needs a tune-up, the slow degradation of IPv4’s performance can go unnoticed.
An example of this is CGN (Carrier Grade NAT). An IPv4 only network sends traffic to the Internet. Unknown to the sending network, this IPv4 traffic can be tunneled and translated into IPv6…possibly multiple times going to and from its destination.
IPv4 is now a legacy protocol that was created when the Internet was in its infancy. IPv6 is for today and the future. One example is Apple’s App Store…it only uses IPv6.
As time passes, legacy IPv4 will continue to be phased out as IPv6 becomes more dominant.
These topics and more are discussed in more detail throughout MasterIPv6.com.