(thing) by khym chanur Sat Jul 28 2001 at 5:28:11

IPv6, or Internet Protocol Next Generation (IPng), is the next protocol to be used for the Internet. The most noticeable, and widely touted, aspect of IPv6 is its huge address space compared to IPv4 (128 bits vs 32 bits); I'll go into the 32 vs 128 bit addressing in the second part of the writeup, since it's a bit detailed.

Along with a lot more addresses, IPv6 offers three new features over IPv4. One is security, through IPsec. Although IPv4 can use IPsec, it's not integrated, and not all machines will have it; IPsec will be a built-in part of IPv6. The two biggest features of IPsec are authentication and encryption. Authentication makes IP spoofing impossible, so that you can be sure which particular machine any piece of Internet traffic comes from; currently, IP spoofing allows attackers to hide where they are coming from, so that the source of an attack can't be found. Of course, an attacker could turn off the authentication of IPv6, but other people are free to reject Internet traffic that isn't authenticated.

The encryption part of IPv6 integrates encryption at the transport layer. Of course, it's currently possible to use encryption during communications, through the use of things like SSL, SSH, and VPNs. However, universal IPsec will make it easy for anything to use encryption on the net, without having to use anything special like SSL.

The second new feature is automatic configuration. With automatic configuration, you'll be able to plug your Internet aware refrigerator into the household net, and *blam*, it'll be on the Internet, without having to diddle with the refrigerator at all; automatic configuration is part and parcel of IPv6, so you don't have to have any sort of administration server to take care of things. This means that even the most technophobic person will be able to get their computers, refrigerators and toasters on the net without any problem.

Automatic configuration is also useful in a business setting. Let's say that a business wants to switch ISPs, which means that it's going to be getting a whole new set of IP addresses. Right now, this would entail a big pain since you'd have to reconfigure all of your computers to use the new settings. But with IPv6's autoconfiguration, the network will reconfigure itself to the new ISP without any effort.

The third new feature is QoS, or Quality of Service. This will let you tell the net how good a connection you need for each connection. For instance, if you're downloading a huge file, you can tell it low quality is OK; if part of the transmission gets messed up due to low quality, it'll take 5 minutes to download instead of 4, which is no big deal. But if you're doing voice over the Internet, you don't want any glitches or interruptions, so you tell it to use a high quality connection. QoS will make audio and video conferencing over the Net much more reliable.

IPv6 vs IPv4 addressing

Even with the 4 billion IP addresses provided by its 32 bits, IPv4 is slowly running out of room. Of course, things aren't as dire as people sometimes claim they are, because this shortage is staved off by two things. One is dynamically allocating IP addresses (DHCP); if you have 100 computers, but only 10 of them will be on at any one time, you can just pass around the same IP address from one machine to another. The other is NAT, or Network Address Translation. With NAT, you can have 100 ordinary machines sitting behind one machine that's physically connected to the outside world, and that does the NAT; outgoing connections get mucked with so that they all have (from the point of view of the outside world) the same IP address, and then they get translated back into internal addresses on the return trip.

There are two problems with this. One is that a computer that uses dynamic address allocation or NAT can't accept incoming connections, like for Internet telephony. The other problem is that, if you want every toaster and refrigerator to have an IP address, 4 billion addresses just isn't going to be enough, no matter what you do with it.

Of course, there's still the question of how long 128 bits are going to last us. To figure this out, we'll have to look at the structure of the IPv6 address.

So let's look at the structure of an IPv6 address: 

  3    13    32 bits    16 bits              64 bits
+---+-----+-----------+---------+----------------------------+
|011| TLA |    NLA    |   SLA   |        Interface ID        |
+---+-----+-----------+---------+----------------------------+

The first three bits is for the type of service, so there's really only 61 bits for all the different addresses. Next comes the 13 bit TLA address, or Top Level Aggregator. A TLA is a company/entity that provides long distance (long haul) Internet connectivity; examples of TLAs would be UUNET, Sprint and MCI. TLA addresses would be parceled out by both company and geographic area, so there'd be, say, one for UUNET California and another for MCI California. 13 bits provides for around 8,000 TLA addresses, and since there don't need to be that many entities providing long haul data service, this will suffice for a long time.

After the TLA address comes the NLA address, or Next Level Aggregator. If UUNET were selling long haul service to a small, local ISP, it would give one NLA address to that ISP. MCI, which sells Internet connections directly, would give NLA addresses to its various local facilities. The NLA address is 32 bits, as large as the current IPv4 address, and each TLA has its very own NLA address space, so there's no danger of running out.

After the NLA address comes the SLA address, or Site Level Aggregator. The SLA is 16 bits long, so if, say, that small ISP has only one NLA, it will have about 64,000 SLA's to dole out among its customers. Larger ISPs will have multiple NLAs in any single geographic area. An individual SLA would be given out to an individual physical site.

After the SLA comes 64 bites of address information. This means that each individual physical site can use up to 64 bits worth of IP addresses. For example, MIT would get a single SLA address, and then on its campus have 16 billion billion (16 quintillion) different things connected to the Internet; every single refrigerator, toaster and light-bulb on the MIT campus could have its own address, and they wouldn't be close to running out. And above the Interface ID part of the address, there's 61 bits worth of higher-level addresses, so there can be up to 2 billion billion different physical sites, with each site having up to 16 billion billion different IP addresses. So, something majorly wrong or weird would have to happen for us to run out of IP address anytime within the next century with this scheme.

Some good sources of info for IPv6 are:

  • http://www.stardust.com/ipv6/documents/v6tech.htm
  • http://www.ipv6forum.com/
  • http://www.ipv6.org/
I like it! 3 C!s