As per the internet usage stats, Internet users skyrocketed in the last decade at an unprecedented growth rate of over 1300%, almost 65% of the world population are now active users of the internet. In India alone, the internet users growth is whooping 11,000% from the year 2000 till 2021. Yes, you read it correctly, it’s 11,200% to be precise as quoted. The same is the case with connected devices, interestingly the connected devices are now seen generating more data than the traditional application transactions. Statista mentions by 2025, there will be more than 75 billion Internet of Things (IoT) connected devices in use, nearly a threefold increase from the IoT installed base in 2019.
Fundamentally, this growth in internet adoption and penetration is demanding more and more devices to remain connected and each of them requires globally routed IP Addresses, the basic requirement of any entity to be uniquely identified on the internet. Internet protocol is the sole enabler responsible for establishing connectivity between source and destination on the internet to interact and communicate with each other.As part of the core protocols of standards-based internetworking methods via logical addressing system and performs routing, which is the forwarding of packets from a source host to the intended destination host on another network over the Internet, often called as internetworkingat the internet layer of the Internet Protocol Suite.
The currently deployed version of the IP protocol is fourth version called IPv4and is in production since 1983, it provides approximately four billion addresses. From this range defined in IPv4, about 18 million addresses are reserved for use in private networksthus packets addresses in these ranges are not routable in the public Internet; thus usable range is limited and is seen grossly depreciated already also known as IPv4 address exhaustion.
With the recognition of this problem was in the early 1990s, the Internet Engineering Task Force (IETF)created the Routing and Addressing Group (ROAD) in November 1991 to respond to the scalability problem caused by the classful network allocation system in place at the time and lead to the design of IPv6, (RFC 2460 ) the successor technology to IPv4 to address this problem. IPV6 natively supports approximately 3.4×1038 network addresses, i.e. more than 340 undecillion ( 340 billion, billion, billion, billion) unique IPv6 addresses, in theory, to ensure we don’t run out of addresses ever even if we were to provide each grain of sand on earth unique IP address thus redefining the “Internet” the very next level of connected entities of the universe…so to say!
IPv6 increases the IP address pool size from 32 bits to 128 bits adding more levels of addressing hierarchy, to get a greater number of addressable nodes connected and simplifies auto-configuration of addresses and gateways thereof. It also provides the labeling of the packets belonging to traffic "flows" when the sender requests special handling, such as quality of service or "real-time" service for voice and video streaming traffic, etc. IPv6 by design includes performance enhancement techniques like refined multicasting, stateless address auto-configuration (SLAAC), simplified headers to streamline router processing, and the option to allow larger packets in run time. Data Security in IPv6 is handled via IPSec, which was actually built for IPv6 but widely used after retrofitting for IPv4.
IPv6 addresses are 128 bits long and provide an address space of 2^128 addresses and are logically segmented into eight blocks of four hexadecimal digits each. Blocks are separated by colons for easier identification and processing. The intelligent use of Global prefix ensures the routing information is present in each IPV6 address to help to route easier and faster, the subsequent block denotes subnet ID, which allows the segmentation of logical or geographical grouping of the IPV6 IP ranges and carries site and subnet specific information. The Interface ID is local and the actual address of the interface wherein this IPV6 address is assigned for. Remember there is no subnet mask like IPV4 in IPV6 deployment,
By default, at address, string is long thus difficult to remember compared to IPv4 yet there are some techniques allowed so that the address can be shortened, eliminating all preceding zeros and collapsing the blocks with zeros just noting as colons…
IPv6 addresses also use network prefixes, which are specified in slash notation. The prefix is used to specify routes or address ranges, not a network ID. Routing table entry for IPv6
As a native feature of IPV6 addressing, any system on start-up will automatically create an address called link-local address on each available interface, using a component of the Neighbor discovery protocol with the prefix fe80::/64. this helps local discovery of any IPv6 node easily and without any conflict to ensure dependent services kick in seamlessly. The NDP operates at the link layerof the Internet model and is responsible for gathering various information required for internet communication, including the configuration of local connections and the domain name servers and gateways used to communicate with more distant systems using five different ICMPv6 packet types for the purpose of router solicitation, router advertisement, neighbor solicitation, neighbor advertisement, and network redirects
Using NDP to create globally routable unicast address: the host sends router solicitation requests and an IPv6 router responds with a prefix assignment, this process is called Stateless address autoconfiguration (SLAAC)to ensure each interface upon request gets an IPv6 address assigned by neighboring routers or DHCPv6 servers using the link-local address
The addressing methodologies offer three basic choices, for primary addressing and routing methodologies common in networking: unicast, anycast, and multicast addressing.
Given the design of IPv6 and IPv6, both protocols do not have a standard upgrade mechanism we are used to upgrading our device drivers, system patches and/or version upgrades, etc. since IPv6 is not foreseen to supplant IPv4 instantaneously. Yet they are designed to operate simultaneously, such implementations are called dual-stack mode and most of the networking devices today support dual-stack mode. Technically still both networks operate independently of each other.
To augment the resources from both these networks for seamless user experience, IPv6 transition mechanismsare needed to enable IPv6 hosts to reach IPv4 services and to allow isolated IPv6 hosts and networks to reach each other over IPv4 networks and resources. In dual-stack mode, each device or node, in particular, get IPv4 and IPv6 addresses and for effective address resolution they depend on resolving DNS server can resolve both types of addresses having associated DNS entries are made in “A” record for IPv4 and “AAAA” record for IPv6, for that device or node as a standard fully qualified domain name. In India, there are many ISPs and TELCO’s who are already using the dual-stack and use IPv4 LAN addresses translating into the public-facing IPv6 address using NAT64, a network address translation (NAT) mechanism, the implementations are large scale and is a testimonial of successful dual-stack implementation.
There are however much more references that are using Hybrid dual-stack IPv6/IPv4 implementations with a special class of addresses, called the IPv4-mapped IPv6 addresses which are written with a 96-bit prefix in the standard IPv6 format, and use the remaining 32 bits written in the customary dot-decimal notation of IPv4 transforming the address to recognize IPv4 mapping in the IPv6 address itself for easier routing.
The real-time stats published by APNIC Asia pacific arm of Internet Regional Registry ( Read, IRR ) shows staggering adoption rate in India, thanks to few leading telecom operators/carrier networks using it for public-facing IPv6 addresses, seems to have gained success in the large scale adoption in their user buckets and others will follow.
There are many reasons for the slow and low adoption of IPv6 and many organizations struggle to get a clear answer on the approach, strategy, and most importantly cost-benefit, here are few key barriers that we could fathom out ..
There are many more reasons we can list down and debate yet it boils down to effective planning, allocating resources, and just following existing best practices from IPv4 have equivalents in IPv6 security. The complexity, scalability, and security are contextual tenets and have to be considered while choosing or enabling authentication for your routing protocols, turning on bogon filters to limit the attack surface, and configuring host-based firewalls to prevent lateral movement inside your network perimeter, etc. as recommended in both IPv4 and IPv6 environments to ensure effective manageability of all the above tenets.
In Summary, IPv6 and IPv4 will coexist for many more years, possibly decades due to multiple reasons we discussed above, yet doesn’t mean an enterprise can afford to rely on just IPv4. It warrants to put forth a charter to discuss, help mitigate the risk and assign costs associated with IPv6 adoption planning as early as today. IPv6 momentum in the industry has increased but the adoption rates are still s/low. We do have large IPv6 commercial deployments in many business sectors that have seen benefits driven by reduced cost, decreasing complexity, improving performance, and eliminating barriers to security and innovation in the connected world of their workloads. IXPs, CSPs, and leading-edge carrier networks, for example, have been evolving to IPv6-only networks and with the new 5G rollout in near future IPv6 adoption should gather momentum. Anyway, the IPv6 is here to stay and will charter the newer and faster way we would want our internet to be, for sure!
***