By
The statement “We are running out of IPv4 addresses!” is nothing new… In fact, it is anticipation from scientists in the late 1980s to the early 90s, when the Internet started growing unexpectedly.
But if there are 4 billion IPv4 addresses in the pool, why are we running out of IPv4s?
There are many factors for this inevitable and painful exhaustion of IPv4 addresses. Such factors include the rapid increase in IP-hungry technology, the rise of IoT devices, virtualization, cloud-native services, and more.
Technologies like NAT and CIDR were solutions born out of this anticipation. However, the only solution to deal with IPv4 is with IPv6 migration.
Table Of Contents.
- The Future of IPv4.
- Welcoming IPv6.
- What are the Benefits of Migrating to IPv6?
- Improved Routing Efficiency.
- Simpler Packet Headers
- Support for Novel and Optimized Services.
- Better Security with Built-in IPSec and Larger Address Space.
- Save Bandwidth with Direct Flows: Multicasting.
- Improved IP configuration.
- Mobility Support in IPv6
- Techniques for Migrating to IPv6.
- How do I know if IPv6 is enabled or working?
- Key Takeaways.
1. The Future of IPv4.
On 3 February 2011, the IANA (Internet Assigned Numbers Authority) allocated the last five /8’s (with exactly 16.7 Million) reserved IPv4s to the five RIRs (Regional Internet Registry). This news was significant because it meant that the “free and unallocated” IPv4 addresses available from the top authority are officially depleted. So, now (as of Oct 2021), everything is up to each region to intelligently allocate their last /8 IPv4 space to ISPs, businesses, network operators, etc.
The graph below shows the daily assignment rate per RIR. APNIC (Asian RIR in red) assigned an average of 400K IPv4 addresses on their lowest days back from 2007 to 2010 and reached the average million address assignments per day during 2011. APNIC’s allocation rate dropped significantly when IANA gave them their last block.
IANA allocated the last free /8 address spaces (/8 is the CIDR notation for 16 Million addresses) in 2011 to all RIRs (refer to the below chart: IPv4 CIDR chart). RIPE NCC started using its last /8 free space in 2012, and by Nov 2019, RIPE NCC allocated the last free /22 space (1K addresses).
It is not over for RIRs; they do have more IPv4 space, those IPv4s available for transitioning to IPv6 and other recovered and reserved IPv4s. But every day that goes by, IPv4 addresses are becoming more expensive and harder to obtain. To save some addressing space, many ISPs are already performing wide-scale NATs (Carrier-Grade NATs —CGNAT). But in the long run, the only solution is to migrate to IPv6. Other countries, especially from APNIC like Japan, China, and South Korea, have already started to migrate to IPv6, especially since 2011.
Interesting Fact! IPv4 has been relying on the NAT protocol to maximize IP addressing space. Without it, we would have run out of IPv4 addresses a very long time ago. NAT provided both an opportunity to use a large space reserved for the private networks while providing an excellent level of security. Now, IPv6 doesn’t need NAT; there are way too many addresses that there is no need to reserve space for private usage.
2. Welcoming IPv6.
Although you could be hearing a lot about IPv6 these days, the protocol was introduced back in 1995! At its development stage, IPv6 was designed to address one problem: the IPv4 address depletion!
IPv6’s format can support a mind-blowing combination of network addresses. To summarize: 3.4^1038, this number equals something like 340 trillion trillion trillion IP addresses. From 1995 (development of IPv6) until today, the protocol has evolved so much that it not only increases the amount of IP addresses but also provides new services.
IPv6 adoption rates are increasing quickly. According to IPv6’s Google statistics, there is 35% of global users are accessing Google over an IPv6 connection as of (Oct 2021).
The transition to IPv6 is inevitable. Sooner or later, IPv6 will be the only proper and efficient way to give everybody an Internet addressing. As mentioned before, it took from 2011 to 2019 for all RIRs to exhaust their free IPv4 pools.
3. What are the Benefits of IPv6 Migration?
As mentioned earlier, IPv6 addresses are not just longer IPv4s. Some more qualities and complexities make IPv6 a completely different protocol than IPv4. Let’s look at some benefits of IPv6 migration.
a. Improved Routing Efficiency.
An IPv6 address is divided into three parts (Network or Site Prefix, Subnet ID, and Host or Interface ID) with a total length of 128 bits. The most significant set of bits (Site Prefix) of the IPv6 address contains the prefix used for routing on the Internet. These IPv6 prefixes can be grouped into single prefix groups (for example, a /48), and host prefixes can be omitted, making the routing tables a lot smaller and more efficient.
b. Simpler Packet Headers.
The IPv6 packet header is simpler than IPv4’s. One of the most notable distinctions from this simplicity is that IPv6 doesn’t use a Checksum field. This field was removed from the header because it was redundant, as error checking in TCP/IP communications is performed at other layers. The old IPv4 approach made every router check and recalculate the checksum, resulting in an inefficient process. Another field that was simplified is fragmentation. With IPv6, fragmentation is no longer a mandatory field in a packet.
c. Support for Novel and Optimized Services.
IPv6 doesn’t use NAT. It instead establishes a unique end-to-end connection between source and destination. This single IP connection allows better support for certain services. For example, P2P, gaming, and streaming will be more stable, as there is far more IP availability. Services like VoIP and QoS will also be more reliable.
d. Better Security with Built-in IPSec and Larger Address Space.
The built-in IPSec does not automatically make IPv6 more secure than IPv4. Although the IPSec field (which provides encryption and authentication) is built-in in the IPv6 header, it is not mandatory to use it. However, implementing IPSec in IPv6 guarantees encryption and authentication, making the protocol more secure than IPv4. Another advantage of IPv6 security is that hackers won’t simply scan IPv6 networks the way they did with IPv4. Scanning large IPv6 subnets with randomly allocated addresses is impossible.
e. Save Bandwidth with Direct Flows: Multicasting.
The traditional IPv4 uses broadcast messages that force every listening device in the same network to stop and read the packets. Broadcasting every device in an extensive network for different purposes like ARP can make things easier, but it can hurt performance and threaten security.
IPv6 does not support broadcast— instead, it uses multicast and anycast messages. Multicasting allows packet flows with intensive bandwidth to be sent to multiple simultaneous destinations within a group. The non-target devices on the same network do not have to stop and process every single packet.
f. Improved local IP Assignment
IPv6 allows network configuration via a stateless or stateful method. A new procedure referred to as Stateless Address Auto Configuration (SLAAC) requires minimal (if not any) manual IP configuration in networking devices. Stateless means that the device generates its IPv6 address without relying on a third-party server. SLAAC uses the host’s MAC converted as EUI 64-bit format to create a unique address. In addition, the stateful or DHCPv6 works similarly to DHCPv4, which depends on a server. The advantage of DHCPv6 is that the DHCP server does not need to advertise subnet masks; the local router does it.
g. Mobility Support in IPv6.
IPv6 allows devices to move freely around an IPv6 Internet and remain connected. Each device moving across the network is always identified by a home address, regardless of what current point it is currently using to attach. While IPv4 also supported mobility, IPV6 improves this feature with route optimization, better neighbor discovery, and much lower overhead.
4. IPv6 Migration Techniques.
Migrating to IPv6 doesn’t just mean replacing IPv4 with IPv6; It means enabling IPv6 to work alongside IPv4. For now, most organizations’ networks depend on IPv4, so for them, it is impossible to migrate to IPv6 in a short time period. Both protocols will need to coexist for some time to be able to transition.
Migrating to IPv6 has been slow, but it is already happening. Countries with an alarming shortage of IPv4 addresses are starting to make IPv6 mandatory. This is the case for countries in Asia, like China and India. Other countries are looking at IPv6 migration as a necessity for innovation and avoiding later chaos. For example, Belarus is the first country in the world to make IPv6 support for ISPs mandatory by law.
Below are three common IPv6 migration techniques that most of these countries are putting into practice.
a. Migrating to IPv6 with Dual-stack.
Migration from IPv4 to IPv6 should start with the dual-stack (IPv4 and IPv6) network approach, where computers can use either version (IPv4 or IPv6) to communicate. IPv4 and IPv6 will need to co-exist for many years and provide dual-stack functionality. Dual-stack is already becoming a new norm, especially in areas without free IPv4 space, like Asia, and soon Europe and North America.
b. Tunneling.
Tunneling is a technique that involves encapsulating one protocol (IPv4 or IPv6) inside of the other (IPv4 or IPv6). For instance, if you have two IPv6-enabled computers unable to communicate across an IPv4 network, tunneling simply encapsulates the IPv6 traffic inside IPv4 packets.
c. Translation.
A technique that involves translating a protocol into the other. With the translation techniques, IPv6 computers can freely communicate with IPv4 computers. An IPv6 proxy is used to translate a protocol to another protocol. This proxy can be a server placed on the end of a network to intercept all IP packets and translate them to the other protocol.
5. How do I know if IPv6 is enabled or working?
Today (as of Oct 2020) almost all new devices and OSs have IPv6 compatibility, whether they are deployed in an IPv6 network, is a different question. Your computer certainly has an IPv6 address, and you might not even be aware. In addition, your ISP might also be already using a dual-stack network.
The easiest way to determine whether you are using IPv6 is to run an online test such as test-my-IPv6 or ipv6-test.com. You can also check the IPv6 parameters on your computer. For example, with a quick look into macOS’s network properties, you can see that IPv6 is configured by default (automatically); the same goes for many Linux, Windows, Unix, and even mobile platforms. This “automatically” means that your computer will perform IPv6 stateless autoconfiguration (as opposed to IPv4’s DHCP).
In addition, a quick look into the terminal with the “ifconfig” command, will show you the IPv6 address. Remember, you shouldn’t need any NAT to convert private to public, so your IPv6 will be used privately (home) and outside on the Internet.
Of course, using the same IPv6 for public communications and without any NAT may seem vulnerable and risky. But no worries, a hacker won’t simply be able to scan trillions of addresses, plus there is a high chance you’ll have IPSec enabled.
6. Key Takeaways.
The 90’s scientists were right, it was only a matter of time before we ran out of IPv4 addresses. The internet is growing unexpectedly with IP-hungry technology and IoT devices.
IPv4s are quickly becoming more expensive and harder to obtain. Even IP allocation authorities like the IANA and RIRs are pushing everyone away from IPv4 and encouraging people to deploy IPv6, at least with a dual-stack network until the IPv6 support strengthens.
IPv6 is slowly catching up. Almost all new devices support both IP versions. It will take time, and it will be a slow IPv6 migration, but IPv6 will soon take over.
0Comments