IPv6 or Internet Protocol Version 6 is an upgrade of IPv4. IP version 6 is a network layer protocol that allows data communications to pass packets over a network. This involves sending and receiving data in the form of packets between 2 nodes in a network. Internet Engineering Task Force (IETF) gave RFC 2460 specification for IPv6 is in 1998.
IPv6 was introduced to replace IPv4 and is often referred to as the “next generation Internet” because of its enhanced capabilities and its growth in recent years.
How does IPV6 Work?
Every device that is connected to the Internet has a separate identity and has its own IP address in order for the internet connection to function effectively. Let us understand this with the help of an example.
To reach your friend’s house, you must know his or her correct street address and zip code. IP address works the same way for your device. The earlier version, IPv4 uses a 32-bit addressing scheme and supports over 4.3 billion devices.
This may sound like a huge number but apparently this is not enough. Due to rapid increase in use of the internet, personal computers, smartphones and Internet of Things (IoT) devices, there will be a massive requirement of more IP addresses.
IPv6 uses 128-bit addressing and supports over 340 trillion trillion. Instead of the IPv4 address method of 4r sets of 1-3digit numbers, IPv6 uses 8 groups of 4 hexadecimal digits, separated by colons.
The IP version 6 can handle packets more effectively, enhance performance and boost security. It helps internet service providers to decrease the size of routing tables by making them more hierarchical.
Network Address Translation (NAT) and IPv6
You must be wondering, if IPv6 is a better and updated version of IPv4, then why it hasn’t been adopted fully yet.
One of the main reasons behind this is Network Address Translation (NAT), which takes private IP addresses and converts them to public IP addresses.
Such an enterprise machine with a private IP address can send and receive packets from a machine outside a private network with a public IP address.
Without NAT, large companies with thousands of computers will use a large number of public IPv4 addresses if they want to communicate with the outside world. However, these IPv4 addresses are limited and almost exhausted to the point where they have to be assigned.
NAT helps alleviate the problem. With NAT, thousands of private address computers can be presented to the public Internet via NAT computers such as firewalls or routers.
The way NAT works is when a company computer with a private IP address sends packets to a public IP address outside the corporate network, it first enters the NAT. It then registers the source and destination addresses of the packets in the conversion table.
NAT changes the source address of the packet to the public address of the NAT device and sends it to an external destination.
When the packet responds, NAT converts the destination address to the private IP address of the computer on which communication is started. A single public IP address can represent a computer with multiple private addresses.
Benefits of IPv6
Following are the benefits of IPv6:-
- Supports long 128-bit (16 bytes) source and destination addresses
- Use Linked Local Range Full Node Multicast Addresses
- No manual configuration or DHCP required.
- Assign the host name to an IPv6 address by registering host address (AAAA) resources in DNS.
- Use pointer resource records in IPV6. ARPA DNS domain assigns IPv6 addresses to the host name.
- Supports 128 bytes of packet size (no fragmentation).
- Use the flow label field to identify the sequence of packets processed by Quality of Service (QoS) of the router.
- Use Internet Control Message Protocol version 6 (ICMPv6) router requests and router announcement messages to determine the IP address of the best default gateway.
- Resolve an IP address to a link layer address by using a multicast neighbor request message.
- Manage local subnet membership using multicast listener detection (MLD) messages
Disadvantages of IPv6
Checksums are not included in the header. IPv6 no longer has a header checksum that protects the IP header. This means that packets may be passed incorrectly when the packet header is corrupted by a transmission error.
- IPv4 and IPv6 computers cannot communicate directly with each other.
- The process of switching from IPv4 to IPv6 is slow and tedious.
- Understanding the IPv6 subnet itself can be difficult.
- Because headers are fixed-length in IPv6, options cannot be labeled in IP headers as in IPv4.
- IPSec is Required
- Use the flow label field to identify the sequence of packets that the router performs QoS processing.
- Allows hosts to send fragmented packets, but does not allow routers.
Who should worry about IPv6 addresses and why?
The IPv6 network layer protocol is ideal for both business and home users.
- Tech Companies
- Data Centers
- Network Engineers
- Mobile Carriers
When Does IPv6 Leak Identity Occur?
IPv6 has no direct harm associated with it. However, when a user connects to a VPN, things can get a little more complicated. The VPN user is assigned an IPv4 IP address when connecting to the VPN.
When this user attempts to communicate with an IPv6 server or peer, the actual IP address may be compromised. This can lead to identity disclosure.
IPv6 can run end-to-end encryption (E2EE). As a result, widespread adoption of IPv6 will make man-in-the-middle attacks more difficult.
According to cybersecurity company Sohpos, IPv6 support for the Secure Neighbor Discovery (Send) protocol makes Address Resolution Protocol (ARP) poisoning and other naming-based attacks more difficult. Using IPv4, an attacker can do it quite easily.
IPv6 makes it difficult for an attacker to redirect traffic and manipulate conversations between two legitimate hosts.
This increased security depends entirely on the correct design and implementation, and the more complex and flexible IPv6 infrastructure does more work. For example, if the server is enabled by default, but the firewall is not enabled, the network is more vulnerable to attacks.
Running a network that implements two Internet protocols (IPv4 and IPv6) typically means that IPv6 needs to replicate the network configuration, that is, the network must be configured before IPv6 can run as IPv4.
This network configuration includes not only enabling IPv6 routing and incorporating IPv6 information into the domain name system but also implementing network security policies through packet filtering.