IPv6, or Internet Protocol Next Generation (IPng), is the
next protocol to be used for the Internet. The most noticeable,
and widely touted, aspect of IPv6 is its huge address space
compared to IPv4 (128 bits vs 32 bits); I'll go into the 32 vs
128 bit addressing in the second part of the writeup, since it's a
bit detailed.
Along with a lot more addresses, IPv6 offers three new features
over IPv4. One is security, through IPsec. Although IPv4 can
use IPsec, it's not integrated, and not all machines will have it;
IPsec will be a built-in part of IPv6. The two biggest features
of IPsec are authentication and encryption. Authentication
makes IP spoofing impossible, so that you can be sure which
particular machine any piece of Internet traffic comes from;
currently, IP spoofing allows attackers to hide where they are
coming from, so that the source of an attack can't be found. Of
course, an attacker could turn off the authentication of IPv6, but
other people are free to reject Internet traffic that isn't
authenticated.
The encryption part of IPv6 integrates encryption at the
transport layer. Of course, it's currently possible to use
encryption during communications, through the use of things like
SSL, SSH, and VPNs. However, universal IPsec will make it
easy for anything to use encryption on the net, without having to
use anything special like SSL.
The second new feature is automatic configuration. With automatic
configuration, you'll be able to plug your Internet aware
refrigerator into the household net, and *blam*, it'll be
on the Internet, without having to diddle with the refrigerator at
all; automatic configuration is part and parcel of IPv6, so you
don't have to have any sort of administration server to take care
of things. This means that even the most technophobic person
will be able to get their computers, refrigerators and toasters on
the net without any problem.
Automatic configuration is also useful in a business setting.
Let's say that a business wants to switch ISPs, which means that
it's going to be getting a whole new set of IP addresses. Right
now, this would entail a big pain since you'd have to reconfigure
all of your computers to use the new settings. But with IPv6's
autoconfiguration, the network will reconfigure itself to the new
ISP without any effort.
The third new feature is QoS, or Quality of Service. This
will let you tell the net how good a connection you need for each
connection. For instance, if you're downloading a huge file, you
can tell it low quality is OK; if part of the transmission gets
messed up due to low quality, it'll take 5 minutes to download
instead of 4, which is no big deal. But if you're doing voice
over the Internet, you don't want any glitches or interruptions,
so you tell it to use a high quality connection. QoS will make
audio and video conferencing over the Net much more reliable.
IPv6 vs IPv4 addressing
Even with the 4 billion IP addresses provided by its 32 bits,
IPv4 is slowly running out of room. Of course, things aren't as
dire as people sometimes claim they are, because this shortage is
staved off by two things. One is dynamically allocating IP
addresses (DHCP); if you have 100 computers, but only 10 of them
will be on at any one time, you can just pass around the same IP
address from one machine to another. The other is NAT, or
Network Address Translation. With NAT, you can have 100
ordinary machines sitting behind one machine that's physically
connected to the outside world, and that does the NAT; outgoing
connections get mucked with so that they all have (from the point
of view of the outside world) the same IP address, and then they
get translated back into internal addresses on the return trip.
There are two problems with this. One is that a computer that
uses dynamic address allocation or NAT can't accept incoming
connections, like for Internet telephony. The other problem is
that, if you want every toaster and refrigerator to have an IP
address, 4 billion addresses just isn't going to be enough, no
matter what you do with it.
Of course, there's still the question of how long 128 bits are
going to last us. To figure this out, we'll have to look at the
structure of the IPv6 address.
So let's look at the structure of an IPv6 address:
3 13 32 bits 16 bits 64 bits
+---+-----+-----------+---------+----------------------------+
|011| TLA | NLA | SLA | Interface ID |
+---+-----+-----------+---------+----------------------------+
The first three bits is for the type of service, so there's really
only 61 bits for all the different addresses. Next comes the 13
bit TLA address, or Top Level Aggregator. A TLA is a
company/entity that provides long distance (long haul) Internet
connectivity; examples of TLAs would be UUNET, Sprint and
MCI. TLA addresses would be parceled out by both company and
geographic area, so there'd be, say, one for UUNET California and
another for MCI California. 13 bits provides for around 8,000 TLA
addresses, and since there don't need to be that many entities
providing long haul data service, this will suffice for a long
time.
After the TLA address comes the NLA address, or Next Level
Aggregator. If UUNET were selling long haul service to a small,
local ISP, it would give one NLA address to that ISP. MCI,
which sells Internet connections directly, would give NLA addresses
to its various local facilities. The NLA address is 32 bits, as
large as the current IPv4 address, and each TLA has its very own
NLA address space, so there's no danger of running out.
After the NLA address comes the SLA address, or Site Level
Aggregator. The SLA is 16 bits long, so if, say, that small ISP
has only one NLA, it will have about 64,000 SLA's to dole out
among its customers. Larger ISPs will have multiple NLAs in any
single geographic area. An individual SLA would be given out to
an individual physical site.
After the SLA comes 64 bites of address information. This means
that each individual physical site can use up to 64 bits worth of
IP addresses. For example, MIT would get a single SLA
address, and then on its campus have 16 billion billion
(16 quintillion) different things connected to the Internet;
every single refrigerator, toaster and light-bulb on the MIT
campus could have its own address, and they wouldn't be close to
running out. And above the Interface ID part of the address,
there's 61 bits worth of higher-level addresses, so there can be
up to 2 billion billion different physical sites, with each site
having up to 16 billion billion different IP addresses. So,
something majorly wrong or weird would have to happen for us to
run out of IP address anytime within the next century with this
scheme.
Some good sources of info for IPv6 are:
- http://www.stardust.com/ipv6/documents/v6tech.htm
- http://www.ipv6forum.com/
- http://www.ipv6.org/