Implications of IPv6?
- Thread starter Sunbed
- Start date
Associate
- Joined
- 3 Oct 2008
- Posts
- 1,890
- Location
- South London
None whatsoever. IPv6 Addressing is backwards compatible with the IPv4 address space.
The IPv4 address makes up the last 32 bits of an IPv6 one essentially, it just looks different because it's represented in Hex rather than decimal for standard notation.
A simplified example being 10.10.16.16 = 0::0A:0A:10:10. But in binary (and hence to a machine) that looks exactly the same. Just theorectically the IPv6 one has a shedload more preceding 0s.
The IPv4 address makes up the last 32 bits of an IPv6 one essentially, it just looks different because it's represented in Hex rather than decimal for standard notation.
A simplified example being 10.10.16.16 = 0::0A:0A:10:10. But in binary (and hence to a machine) that looks exactly the same. Just theorectically the IPv6 one has a shedload more preceding 0s.
ooo. ow. and other things.
IPv4 and IPv6 are not compatible. In the very early days of IPv6 there was a prefix reserved for IPv4 mapped addresses, but for routing this was dropped a long time ago. You cannot make the assumption the IPv4 address gets mapped into the last 32bits of an IPv6 address.
There is a transition mechanism, called 6to4 which will allow a PC with a global unique IPv4 address to automatically configure an IPv6 address, which does have this relationship, but it relies on relays, and encapsulation to work. 6to4 is considered less reliable and robust than IPv4. All the latest versions of the major OSes will prefer IPv4 to 6to4 where both are available (i.e. 6to4 will only be used to access IPv6 resouces if no IPv4 address is available for that resource)
So back to the original questions...
Can.... worms.... open....
The implications of IPv6......
IPv4 is a finite resource. The global pool of IPv4 addresses, maintained by IANA, is running out. They are likely to deplete their pool in the next two months. The Regional Internet Registries (the UK is covered by RIPE), who upto that point could obtain more address space from IANA, will start to run out about 1 year afterward. Once they are depleted the Local Internet Registries, typically ISPs, will not be able to obtain more IPv4 address though the normal channels (address trading may come into place, but all rare resources tend to become expensive. Presently IPv4 address space is pretty much free of charge).
This means that the ISPs will not be able to grow their networks in the normal manner. They will either need to buy IPv4 addresses, introduce address sharing mechanisms (carrier grade NAT) or help to transition the Internet to IPv6.
The IPv4 internet will not cease working. IPv4 nodes will still talk to other IPv4 nodes. There will however come a point where you cannot get an IPv4 address, and you will only be able to connect new nodes with IPv6. These will not be able to natively talk to the existing IPv4 nodes.
IPv6 was originally designed to run alongside IPv4, so nodes would have both address types, and could therefore talk to either; when parity was reached IPv4 could then be switched off. Unfortunately with no real financial incentive to do this, it didn't really happen (IPv6 is 15 years old). So we are at the point where we need to run both, but one is running out, some carrier are looking at ways to make IPv4 last longer (NAT already did this once, they are looking at another level of NAT). Some translation techlogoies do exist, mostly these allow IPv6 hosts to initiate communications with IPv4 servers/nodes, but not vice-versa.
Now regarding your OpenDNS. DNS answers are independant of the transport used to make the query. This means that Opendns can supply AAAA records (ipv6 address records) for sites that have them. If your PC's don't presently have IPv6 connectivity then if you do recieve AAAA records along with the A records the PC won't try to use them (its likely to not even request them). You'll continue to use IPv4. If your PC does support IPv6 then domains that do have AAAA records should result in your PC attempting to use IPv6. Providing your IPv6 connectivity to the site isn't broken (i.e you have a default route, but it is broken futher up the chain) it will work fine. If it is broken it could take sometime for the application to fall over to IPv4. (more details on brokeness here; http://www.fud.no/ipv6/)
Your existing routing should not be affected. You can think of IPv4 and IPv6 as too separate Internets (admittely largely sharing large portions of the same infrastructure). Your devices, and anything there are talking to need to be both connected to one, or the other to be able to communicate. Idealy natively connected, but if not then using some translation method.
If you need more detail I should be able to send you copies of some white papers I have written on 'IPv6 Transition mechanisms', and 'IPv6 implications for DNS.'
TL: DR IPv6 should not impact existing IPv4 deployments. However at some future date some resources will be IPv6 only. IPv4 and IPv6 are not compatible, and you'll either require IPv6, or some form of translation, to speak to these IPv6 only resources. Transition and retranslation technologies are not as reliable or as robust as natice connectivity.
Last edited:
You do realise at the current rate, ipv4 runs out in November right? Ofc, the rate at which we're using ipv4 isn't constant, it increases every month.
There's plenty sites and programs using ipv6, and have been for a long time. Disabling, what has been a default service for years, and will become an essential service in the next 6 months, seems counter-productive (imo).
There's plenty sites and programs using ipv6, and have been for a long time. Disabling, what has been a default service for years, and will become an essential service in the next 6 months, seems counter-productive (imo).
Associate
- Joined
- 3 Oct 2008
- Posts
- 1,890
- Location
- South London
Too long; did actually read (a bit); slightly unecessary p33n waving.
But then I knew this being OcUK someone would get pedantic....
As I said; It was a simplified explanation. Perhapse to use the phrase "compatible" where I could better have used the word "interoperable" was naieve, but if the OP had wanted to read white papers on 4 to 6 migration practices he wouldn't have posted on an online shop community forum
He's talking about static routes in windows, not carrier services. For private network purposes what I said was perfectly applicable. Public networks are and always have been a different story and far more complicated. But are totally irrelevant here.
Too long; did actually read (a bit); slightly unecessary p33n waving.
But then I knew this being OcUK someone would get pedantic....
As I said; It was a simplified explanation. Perhapse to use the phrase "compatible" where I could better have used the word "interoperable" was naieve, but if the OP had wanted to read white papers on 4 to 6 migration practices he wouldn't have posted on an online shop community forum
He's talking about static routes in windows, not carrier services. For private network purposes what I said was perfectly applicable. Public networks are and always have been a different story and far more complicated. But are totally irrelevant here.
I was not trying to be pedantic. Unfortunately my job role is as an 'IPv6 Research and Development Engineer' for an service provider. A upshot of this is a rather constant effort to correct all the FUD that exists regarding IPv6. The answer you gave appears to not so much simplified, as much as downright wrong. People reading it could easily come to the conclusion that IPv4 and IPv6 were compatible, and that applications would automatically be able to cope with an address in either format. There is no semantic difference working network with public address and private addressing so saying your statement holds true for a particular scope also doesn't apply.
Applications and routers handle both private and public IPv4 address types in the same manner.
For those people who considered it too much to read, or more information than they needed, I did include a summary after the TL: DR.
Last edited:
Man of Honour
- Joined
- 30 Jun 2005
- Posts
- 9,515
- Location
- London Town!
Putting on my network architect hat (for one of Europe's largest hosting networks) I'm with the guy above. It's not compatible in any real form, while you can encapsulate a V4 address as you suggest in theory in practice it doesn't work like that, the address space isn't reserved and isn't routable globally.
Private addressing doesn't exist in IPv6 so making some sort of distinction between public and private networks seems particularly irrelevent and rather misleading, part of the point of IPv6 and one it's best features is it means we can kill NAT once and for all. (Only not...)
Trouble is too little supports IPv6 and we've run out of time. Some ISPs, particularly large consumer ones, have been almost criminally ignorant in their apathetic approach to preparing to support it. Most of the latest generation of network enabled devices ignored it completely, how many TVs etc support internet services now - how many of those support v6? Oh well...
The outcome is going to be ugly, carrier grade NAT for a very large number of home users and possibly some fragmentation of the internet into reachable and unreachable segments for a while. It'll involve transition mechanisms which are flaky at best and compromise standard and security at worst (deploying ToTd and DNSSEC at the same time...wow that's bright...)
Will it impact you? Yes. You probably won't directly associate it with IPv6 but it will affect you and others.
I've personally given up trying to fix it now, I operate a fully native v6 capable network across 10 countries (that's two years of my life I won't get back), I have native v6 connectivity at home and DNS which supports it correctly. I can't be responsible for everyone else...
Private addressing doesn't exist in IPv6 so making some sort of distinction between public and private networks seems particularly irrelevent and rather misleading, part of the point of IPv6 and one it's best features is it means we can kill NAT once and for all. (Only not...)
Trouble is too little supports IPv6 and we've run out of time. Some ISPs, particularly large consumer ones, have been almost criminally ignorant in their apathetic approach to preparing to support it. Most of the latest generation of network enabled devices ignored it completely, how many TVs etc support internet services now - how many of those support v6? Oh well...
The outcome is going to be ugly, carrier grade NAT for a very large number of home users and possibly some fragmentation of the internet into reachable and unreachable segments for a while. It'll involve transition mechanisms which are flaky at best and compromise standard and security at worst (deploying ToTd and DNSSEC at the same time...wow that's bright...)
Will it impact you? Yes. You probably won't directly associate it with IPv6 but it will affect you and others.
I've personally given up trying to fix it now, I operate a fully native v6 capable network across 10 countries (that's two years of my life I won't get back), I have native v6 connectivity at home and DNS which supports it correctly. I can't be responsible for everyone else...
Associate
- Joined
- 3 Oct 2008
- Posts
- 1,890
- Location
- South London
Refer to the linked reasearch paper. In particular the secton on Dual Stacks.
http://ntrg.cs.tcd.ie/undergrad/4ba2.02/ipv6/interop.html
"Nodes with dual IP stacks will have both and IPv4 protocol stack and an IPv6 one. When communicating with IPv6 nodes, they use IPv6 and when communicating with IPv4 nodes, they revert to IPv4. These nodes have what are called IPv4 compatible IPv6 addresses - these are addresses where the first 96 bits of the address are zeroes and the last 32 forms a valid IPv4 address. Every current IPv4 address can be transformed to an IPv6 address in this way. "
This is what I was getting at. Devices currently running IPv4 can run IPv6 in addition to IPv4 while maintaining the same address. So stuff like OpenDNS etc mentioned in the OP and private addressing schemes need not change addresses just because they're implementing IPV6.
Dual stacks also allows provate addressed systems to migrate to IPv6 using the exact same addressing schemes. This however ISN'T applicable to public networks as the public IPv4 domain is the domain suffering the shortage in address space.
My post just tried to put that into simpler un-techy terms that above taking into account the unknown level of competance of the thread author. I.E in terms a human would understand rather than a fellow network architect.
http://ntrg.cs.tcd.ie/undergrad/4ba2.02/ipv6/interop.html
"Nodes with dual IP stacks will have both and IPv4 protocol stack and an IPv6 one. When communicating with IPv6 nodes, they use IPv6 and when communicating with IPv4 nodes, they revert to IPv4. These nodes have what are called IPv4 compatible IPv6 addresses - these are addresses where the first 96 bits of the address are zeroes and the last 32 forms a valid IPv4 address. Every current IPv4 address can be transformed to an IPv6 address in this way. "
This is what I was getting at. Devices currently running IPv4 can run IPv6 in addition to IPv4 while maintaining the same address. So stuff like OpenDNS etc mentioned in the OP and private addressing schemes need not change addresses just because they're implementing IPV6.
Dual stacks also allows provate addressed systems to migrate to IPv6 using the exact same addressing schemes. This however ISN'T applicable to public networks as the public IPv4 domain is the domain suffering the shortage in address space.
My post just tried to put that into simpler un-techy terms that above taking into account the unknown level of competance of the thread author. I.E in terms a human would understand rather than a fellow network architect.
bigredshark as a network architecht what would you say is holding us back from IPv6? From a home users point of view, most modern PCs are fully capable of IPv6, but unfortunately the home networking devices are not, but what is it like in the ISP infrastructure side of things? Is it a case of their not being suitable IPv6 capable carrier grade devices? Or is it the usual thing of too much work/too much learning new stuff that those in charge simply don't want the hassle of taking the 'correct' route and instead try to force IPv4 to continue working?
A while ago I tried out some of the hurricane electric (he.net) IPv6 tests to see how easily I could access IPv6 content and how available I am to IPv6 users, and found out that even though I can access IPv6 content through a special service, what must be holding back some people is that my domain registrar doesn't support IPv6, 123-reg simply doesn't support AAAA records.
A while ago I tried out some of the hurricane electric (he.net) IPv6 tests to see how easily I could access IPv6 content and how available I am to IPv6 users, and found out that even though I can access IPv6 content through a special service, what must be holding back some people is that my domain registrar doesn't support IPv6, 123-reg simply doesn't support AAAA records.
I'll happily accept that you were trying to answer the question in a helpful manner. However you stated;
'IPv6 Addressing is backwards compatible with the IPv4 address space.'
Whereas the open lines of the document you linked to were;
''IPv6 and IPv4 are two completely separate protocols. IPv6 is not backwards compatible with IPv4, and IPv4 hosts and routers will not be able to deal directly with IPv6 traffic (and vice versa).'
Your attempt to simplify completely reversed the statement. I also would take arguement with that document. It appears to be an undergraduate paper, and does not appear to have undergone peer-review which is the standard for most published research material. I'd also suggest that they have not provided enough details on how the mapped addresses are utilised. I believe generally most operating systems either have two separate stacks or do not, by default, accepted mapped addresses, as they can introduce security issues.
Last edited:
Man of Honour
- Joined
- 30 Jun 2005
- Posts
- 9,515
- Location
- London Town!
You going tomorrow? - I'm not sure if I'm going to go in person or just get the webcast and work from home yet...I'm tempted to pop along as I rather want to see the building...
Man of Honour
- Joined
- 30 Jun 2005
- Posts
- 9,515
- Location
- London Town!
For home users - compatible CPE is a massive stumbling block, probably the biggest. That and the underlying lack of device support - your PC might support it but what else do you have connected to the internet? Your console, TV, bluray player, mobile phone - do they support it?
Carrier wise, everything supports IPv6 now (has done for a while but the performance and hardware processing of it has been lacking in the past), there is a lack of knowledge and a bit of laziness (wrong word really, it's a long haul process) when it comes to deploying it. I've spoken to two tier 1 carriers who couldn't offer us IPv6 transit at their flagship London locations recently (naming and shaming Level3 and Sprint...)
I suspect the scale of implementation in large networks and training of staff is holding a lot of people back (and there are dependencies, BT's broadband platforms don't have a happy history when it comes to IPv6 support).
For many business IP types the idea of IPv6 seems to pass them by, that NAT will no longer exist seems to confuse them no end and they can't see the advantage in killing it, only the firewall rule-sets they'll have to build as a result (which they should have done already if they were any good...)
Domain companies are also an issue - they can support the records, the server have supported them for years, but their portals and the like can't yet. Validating AAAA records seems to confuse developers (ours haven't quite cracked it yet). That important because, with IPv6 addresses being quite so unmemorable, DNS is going to matter even more...
Man of Honour
- Joined
- 30 Jun 2005
- Posts
- 9,515
- Location
- London Town!
For what it's worth - it appears the usual CPE manufacturers are going to cough up IPv6 capable products/firmware in the next month or so...