User Tools

Site Tools



Take from:

= IPv6 Carrots = IPv6 allows for new approaches to Internet networking such as traffic efficiency, security, mobility and quality of service. Valuable features include:

2.1 Address Abundance

The header format of IPv4 packets limits the number of possible addresses for Internet devices to 4.3 billion, already inadequate for the multitude of devices now globally networked. IPv6 increased the address field size to permit a vastly larger number of addresses, 3.4 x 1038. Even single enterprises are usually allocated at least a /64 prefix, which contains about four billion times the total number of possible addresses in today's IPv4 Internet.

2.2 Easier Management

IPv6 networks have simpler, flatter and more manageable architectures, which leads to scalability, flexibility and overall economy. Addresses can be configured by hosts automatically without manual intervention (SLAAC), allocated via DHCPv6 servers, or statically addressed as required. This means corporate mergers and acquisitions become simpler and more scaleable, and the renumbering of often-colliding private address space is no longer necessary. Expanding networks, previous hindered by IPv4 scarcity, can be reworked into appropriate hierarchical and logical infrastructure layouts. IPv6 address management software improves the integrity of the process of allocating and tracking addresses.

2.3 End-To-End Transparency

IPv6's vast address space means direct node-to-node addressing, better for performance and security. IPv6 removes the need for stopgap conservation techniques such as multiple levels of NATs (network address translators), which slow connectivity, hinder troubleshooting and prevent tracing of illegal activity. The streamlined IPv6 header is also more efficiently processed by routers, and a new flow label supports special handling, offering quality of service and other features.

2.4 Mandated Security

IPv6 can run end-to-end encryption and integrity-checking, with IPSec support, mandatory in IPv6. When used with a suitable key infrastructure, IPSec provides header extensions that allow authentication and encryption. IPv6 also supports more secure name resolution with the Secure Neighbor Discovery (SEND) protocol, to enable cryptographic confirmation of a host's identity. This makes name-based attacks more difficult, and provides an improved level of trust. With IPv4 it is relatively easy for an attacker to observe or manipulate traffic between two hosts, but more secure IPv6 makes this a much harder prospect.

2.5 Better Mobility

IPv6 mobility capabilities are greatly improved over IPv4. Mobile IPv6 has dynamic home agent address discovery and no longer requires foreign agent external infrastructure to handle connectivity. It is faster due to less routing bandwidth overhead, and built-in route optimisation support. The NEMO protocol is an extension of mobile IPv6, which will provide Internet access for entire mobile networks such as planes, trains, cars, without any interruption to sessions as the networks reconnect.

2.6 Platform for Innovation

The value of network connectivity grows exponentially with every node that joins in. The innovative value of IPv6 lies in the incremental jump in complexity that becomes possible with its vastly larger networks. Huge sizes, scalability and flexibility of IPv6 networks foster streamlined processes, communications, and new business models. IPv6 is designed to easily cope with future innovation with header extensions. The Internet of Things on any serious scale, e.g. massive sensor networks for scientific data, business inventory, traffic monitoring, etc., is possible only with IPv6.

= IPv6 Sticks = There are not only benefits to adopting IPv6, there are serious drawbacks in not using it:

3.1 IPv4 is Over

On the surface, the IPv4 world seems calm. However, the top-level body that assigns IPv4 addresses, IANA, announced as long ago as 2011 it had no more blocks of IPv4 left to distribute. The Asia-Pacific registry APNIC also hit IPv4 exhaustion in 2011, as did the European RIPE-NCC registry in 2012, and South American LACNIC in 2014. The North American registry, ARIN, announced in April 2014 it has also reached its final stages of IPv4. All registries strongly recommend immediate IPv6 adoption.

IPv4 is done. It's old technology. Your current IPv4 range may be enough for life support for some time yet, but if expansion or diversification is required, your networks will suffer. Any new technology requiring Internet access will push network demand to the limit. Yes, there are stop-gaps such as NAT boxes, but they are costly and require time-consuming expertise and maintenance. Far better to put scarce resources into something with a future, and to do it before IPv4 exhaustion becomes an emergency.

As Vint Cerf said on this issue, “Engineering in a crisis is never a good idea…“

3.2 Things and Clouds Need IPv6

Cloud computing is now fundamental to most enterprises, providing cheap, powerful resources such as databases, applications, security and system administration that cannot be afforded individually. IP addresses are critical for orchestrating cloud processes. To commission or decommission cloud virtual machines, multiple IP addresses need to be reserved or freed up with blinding speed. The IPv4-based Internet, increasingly hamstrung by NATs, cannot provide such functionality, and the required numbers of addresses simply do not exist in IPv4.

The Internet of Things, the concept of communicating networks of independent devices, is estimated to reach twenty to thirty billion devices by 2020. Every networked device needs an address, and IPv4 has a hard limit of 4.3 billion. IPv6 has 340,282,366,920,938,000,000,000,000,000 billion addresses.

IPv6 is the only technology that can scale to deal with massively distributed cloud infrastructure and the Internet of Things.

3.3 IPv6 is On by Default

Almost all current device operating systems have working IPv6, many with IPv6 enabled by default. See Wikipedia's comparison of IPv6 support in operating systems, and the IPv6 for Microsoft Windows FAQ. There is far more IPv6 traffic on most networks than commonly recognised. If enterprise firewalls have not been expressly configured to handle IPv6, then the enterprise is vulnerable to malicious traffic, no matter how sturdy the old IPv4 defences are.

IPv6 is on by default, and can be accidently or deliberately used to bypass usage and security policies.

3.4 Shadow Networks and IPv6

While IPv6 remains uncommon, it will be used by those seeking to avoid attention. The most shadowy networks remain hidden except to devotees, but one well-known peer-to-peer filesharing network, the Pirate Bay, went to IPv6 two years ago after courts began ordering European ISPs to block Pirate Bay IPv4 addresses. IPv6 is also being used for free, fast Internet. In 2012, large numbers of students began downloading the IPv6Now tunnel client to avoid their slow ISP and use a free academic IPv6 server. Since then, the client has been downloaded tens of thousands of times worldwide. While not illegal, this is certainly flying under the radar of their network service providers.

If you think your network's not carrying IPv6, it just means you don't know about it.

3.5 Government Use IPv6

Governments worldwide take IPv6 very seriously. The US government has already transitioned to supporting IPv6 on all external services, and in 2014 mandated IPv6 for all internal services. The Australian Government met a deadline in 2012 for external services to be IPv6 capable. In Australia, the Department of Defence began its IPv6 migration in 2005. In the US, DREN, the defense research and engineering network, has dedicated significant effort to IPv6 implementations in everything from 'network-centric warfare' to networked uniforms. Governments in India, Japan, Korea, Malaysia, Vietnam, etc., have mandated IPv6-transition timetables. In April 2014, the Chinese government announced it would be providing 20 billion Chinese yuan (3.2 billion US dollars) for IPv6 promotion and expansion.

IPv6 transition is actively supported by governments globally.

3.6 Business Continuity Needs IPv6

Connectivity is now essential to the viability of most enterprises. Management must always be aware of issues that will impact on service delivery and the bottom line, and IPv4 exhaustion is a serious threat that will prevent enterprises from significantly expanding networks or taking competitive advantage of new features. Sadly, some levels of management dismiss IPv6 as a technical upgrade with no commercial relevance, despite its importance having been promoted widely for many years. Any excuse for avoiding IPv6 is increasingly flimsy, especially in the light of governmental adoption globally, and not acting on knowledge that affects business continuity is a neglect of corporate responsibilities.

why_you_need_ipv6.txt · Last modified: 2017/11/04 23:23 by admin