The growth of IP address use is exponential. It has now been close to 30 years since the current Internet Protocol Version 4 - IPv4 - was implemented as the underlying protocol for the Internet. The chief motivation for revising the existing Internet protocol is the anticipated depletion of IPv4 address space. With its 32-bit addresses, IPv4 allows for 232 , or approximately 4 billion, unique IP addresses – a number that seemed large enough for future devices when put into place in 1977, but is now clearly insufficient. Suddenly those four billion addresses in the available address pool are inadequate.
The growth of IP address demand and IPv4 exhaustion is also expected to come from new applications and innovations, including always-on appliances used in utility grids, smart homes, healthcare monitoring and intelligent sensor networks.
IPv6 is the successor to the first addressing infrastructure of the Internet, Internet Protocol version 4 (IPv4). In contrast to IPv4, which defined an IP address as a 32-bit value, IPv6 addresses have a size of 128 bits. Therefore, IPv6 has a vastly enlarged address space compared to IPv4.
- Larger address space for global reachability and scalability
- Eliminates the need for NAT
- Simplified header format for efficient packet handling
- Hierarchical network architecture for routing efficiency
- Stateless and Stateful Address Configuration
- Embedded security with mandatory IPSec implementation
- Better support for Prioritized Delivery (QOS handling)
- Multicast is an embedded part of the protocol
- Enhanced support for Mobile IP and Mobile Computing Devices
New terms introduced in IPv6
IPv6 Neighbor Discovery (RFC 4861) It does ARP like function by Determine the link-layer address of a neighbor on the same link. ND also discovers local routers on the subnet and keeps track of neighbor states. IPv6 neighbor discovery uses neighbor solicitation and neighbor advertisement while Ipv6 router discovery uses router solicitation and router advertisement process.
Router Discovery IPv6 router discovery is a process used by IPv6 nodes to discover the routers on the local link. IPv6 Router discovery process use two messages as part of discovery process, Router Advertisements (ICMPv6 type 134) & Router Solicitations (ICMPv6 type 133).
IPv6 Auto Configuration Process by which IPv6 hosts automatically configure IPv6 addresses and default gateway without manual configuration. Based on the information received from router advertisement, the host can achieve an auto configuration with prefix information option in RA, or from DHCPv6 or with the help of the combination of autoconfiguration and DHCPv6.
IPv6 Tunneling Tunneling provides a mechanism to transfer IPv6 traffic through an IPv4–only network. At the tunnel source or head end, the system encapsulates an IPv6 packet into an IPv4 packet and sends it to the remote tunnel destination. The tunnel destination strips the IPv4 packet header and forwards the original IPv6 packet further into an IPv6 cloud. These types of tunnels are called dual-stack tunnels because they support both IPv4 and IPv6.
IPv6 Address Representation
- Addresses are 128 bits (16 bytes) long (versus 4 bytes in IPv4)
- Divided into 8 blocks of 16 bits each
- Each block of 16 bits converted into a 4 digit hex number separated by colons “:”
–where xxxx= 0000 .. FFFF
- Leading zeros can be removed
- 0000 can be represented with a single 0
- Multiple consecutive sequences of 0 blocks can be collapsed with a double colon “::” (ONCE ONLY per address)
Types of IPv6 Addresses
- Unicast Addresses
–Global (Public)2000::/3[rfc4291, rfc3587]
–Link localFE80::/10 [rfc4291]
–Site Local (Private)FEC0::/10 [rfc4291; deprecated by rfc3879]
–Unique Local (Private)FD00::/8 [rfc4193]
- Multicast addresses
–Similar operation to IPv4FF00::/8[rfc4291]
- Anycastaddresses (New in IPv6)
–A unicast address assigned to multiple interfaces
–Used to address several devices which provide the same service
–Network will route anycast traffic to closest device
- Special addresses
- No more broadcast addresses !
IPv6 benefits over Ipv4
IPv6 Security Benefits
IPv6 can run end-to-end encryption using current standards of VPN technology. IPSEC is built in the protocol for IPv6. IPv6 also supports more-secure name resolution. The Secure Neighbor Discovery (SEND) protocol is capable of enabling cryptographic confirmation that a host is who it claims to be at connection time. This renders Address Resolution Protocol (ARP) poisoning and other naming-based attacks more difficult.