Overview

IPv6 (Internet Protocol version 6) is the latest revision of the Internet Protocol (IP), the primary communications protocol upon which the entire Internet is built. It is intended to replace the older IPv4, which is still employed for the vast majority of Internet traffic as of 2012. IPv6 was developed by the Internet Engineering Task Force (IETF) to deal with the long-anticipated problem of IPv4 running out of addresses.

Each device on the Internet, such as a computer or mobile telephone, must be assigned an IP address, a number with a certain number of binary digits (each presented by one bit), in order to communicate with other devices. With the ever-increasing number of new devices being connected to the Internet, there is a need for more addresses than IPv4 can accommodate. IPv6 uses 128-bit addresses, allowing for 2¹²⁸, or approximately 3.4×10³⁸ addresses — more than 7.9×10²⁸ times as many as IPv4, which uses 32-bit addresses. IPv4 allows for only 4,294,967,296 unique addresses worldwide (or fewer than one address per person alive in 2012), but IPv6 allows for around 4.8×10²⁸ addresses per person; a number unlikely to ever run out. However, this means the two protocols are not compatible, complicating the transition to IPv6.

Why IPv6?

• Depletion of IPv4 addresses by 2013
• No more NAT (Network Address Translation)
• Simplified Routing
• No Broadcasting, Multicasting only
• IPv6 will never run out of addresses
• Data encryption built-in
• Current equipment can be used
• Support for mobile devices

IPv4 vs IPv6

IPv4

• Broadcast ARP-MAC Address
• IP Address acquisition (Static/DHCP)
• APIPA (Automatic IP Addressing)
• 32 Bit IP Address

• 4 octets of 8 bits
• Decimal numbering system
• Subnet Mask defines the network or sub-network

IPv6

• No Broadcast
• Multicast. ND Neighbour Discovery Messages
• Hexadecimal numbering system
• 8 Blocks of 16 bits each

• No more Subnet Masks, just Subnet Prefix Lengths
• Separator is a colon > :

IPv6 Rules

• Leading zeros may be omitted

2001:0DA8:E800:0000:0260:3EFF:FE47:0001 > 2001:DA8:E800:0:260:3EFF:FE47:1

• Consecutive blocks of zeros can be written as a double colon ::

2001:0DA8:E800:0000:0000:0000:0000:0001 -> 2001:DA8:E800::1

• Only one double colon per IP Address
• Hexadecimal has 4 characters max. We use hexadecimal as binary would be too long and large and difficult to type

Useful Conversion Chart for Hexadecimal/Decimal/Binary

IPv6 Address Scopes

Three categories of IP addresses are supported in IPv6:

• Unicast – An identifier for a single interface. A packet sent to a unicast address is delivered to the interface identified by that address. It can be link-local scope, site-local scope, or global scope.
• Multicast – An identifier for a group of interfaces (typically belonging to different nodes). A packet sent to a multicast address is delivered to all interfaces identified by that address.
• Anycast – An identifier for a group of interfaces (typically belonging to different nodes). A packet sent to an anycast address is delivered to the closest member of a group, according to the routing protocols’ measure of distance. Anycast addresses are taken from the unicast address spaces (of any scope) and are not syntactically distinguishable from unicast addresses. Anycast is described as a cross between unicast and multicast. Like multicast, multiple nodes may be listening on an anycast address. Like unicast, a packet sent to an anycast address will be delivered to one (and only one) of those nodes. The exact node to which it is delivered is based on the IP routing tables in the network
• Reserved

Link-Local Unicast address

• Only used for communications within the local subnetwork (automatic address configuration, neighbor discovery, router discovery, and by many routing protocols). It is only valid on the current subnet
• Routers do not forward packets with link-local addresses
• They are allocated with the FE80::/64 prefix -> can be easily recognized by the prefix FE80. Some books indicate the range of link-local address is FE80::/10, meaning the first 10 bits are fixed and link-local address can begin with FE80, FE90,FEA0 and FEB0 but in fact the next 54 bits are all 0s so you will only see the prefix FE80 for link-local address
• Same as APIPA 169.254.x.x in IPv4, it is assigned when a DHCP server is unavailable and no static addresses have been assigned
• Usually created dynamically using a link-local prefix of FE80::/10 and a 64-bit interface identifier (based on 48-bit MAC address)

Global Unicast address

• A Unicast address acts as an identifier for a single interface. An IPv6 packet sent to a Unicast address is delivered to the interface identified by that address.
• Unicast packets sent through the public Internet
• Globally unique throughout the Internet
• Starts with a 2000::/3 prefix (this means any address beginning with 2 or 3). But in the future global Unicast address might not have this limitation

Site-Local/Unique Local Unicast address

• Allows devices in the same organization, or site, to exchange data.
• Starts with the prefix FEC0::/10. They are analogous to IPv4′s private address classes.
• Site-local addresses are no longer supported (deprecated) by RFC 3879 so you might not see it in the future.

Special Addresses in IPv6

• ::/96 The zero prefix denotes addresses that are compatible with the previously used IPv4 protocol.
• ::/128 An IPv6 address with all zeroes in it is referred to as an unspecified address and is used for addressing purposes within a software.
• ::1/128 This is called the loop back address and is used to refer to the local host. An application sending a packet to this address will get the packet back after it is looped back by the IPv6 stack. The local host address in the IPv4 was 127.0.0.1
• 2001:db8::/32 This is a documentation prefix allowed in the IPv6. All the examples of IPv6 addresses should ideally use this prefix to indicate that it is an example
• fec0::/10 This is a site-local prefix offered by IPv6. This address prefix signifies that the address is valid only within the local organization. Subsequently, the usage of this prefix has been discouraged by the RFC.
• fc00::/7 This is called the Unique Local Address (ULA). These addresses are routed only within a set of cooperating sites. These were introduced in the IPv6 to replace the site-local addresses. These addresses also provide a 40-bit pseudorandom number that reduces the risk of address conflicts
• ff00::/8 This prefix is offered by IPv6 to denote the multicast addresses. Any address carrying this prefix is automatically understood to be a multicast address
• fe80::/10 This is a link-local prefix offered by IPv6. This address prefix signifies that the address is valid only in the local physical link

Transition Techniques

• Dual Stack Techniques allowing IPv4 and IPv6 to co-exist together in the same network
• Tunneling Techniques to avoid order dependencies when upgrading hosts, routers or regions
• Translation Techniques to allow IPv6 only devices to communicate with IPv4 only devices

IPV6 vs IPV4: what are they, what’s the difference, which is most secure?

Comparitech have written a useful article on IPV6 vs IPV4: what are they, what’s the difference, which is most secure? Please see the below link for the article.

https://www.comparitech.com/blog/vpn-privacy/ipv6-vs-ipv4/