IPv6

Internet Protocol version 6 (IPv6) is the current version of the Internet communications protocol used to route traffic across the Internet. It was meant to replace IPv4 when it was introduced in 1995. It still has not, and IPv4 functions side by side with IPv6 on the modern Internet.

IPv6 became a IETF draft standard in December 1998. It didn't become an actual Internet IETF standard until July 14th, 2017.

Advantages Over IPv4

The Internet is built upon a protocol suite called TCP/IP. This abbreviation stands for Transmission Control Protocol, and Internet Protocol. Version 4 of the IP protocol was standardized in September 1981. Using 32-bit addresses seemed logical at the time.

32-bit address means that there are 2^32 (4,294,967,296) possible unique IPv4 dresses available. That may sound like a big number and it probably seemed like it was more than the world could possibly need back in 1981. It turned out that is is not nearly enough. Europe ran out of IPv4 addresses in December 2019.

IPv6 uses 128-bit addresses instead of 32-bit addresses. A total of 2^128 possible addresses works out to 340,282,366,920,938,463,463,374,607,431,768,211,456 unique IPv6 addresses. That's roughly 667 quadrillion addresses per square millimeter of the Earth's surface.

IPv6 Addresses

An IPv6 address has eight notations of four hex numbers (0-f. An IPv6 address could look like:

2001:0DB8:400:965a:0000:0000:0000:0001

It is possible to use :: to represent zeros. That address can also be written as 2001:0DB8:400:965a::1

You can also strip leading zeros from IPv6 addresses. 2001:0DB8:400:965a:0042::1 can also be written as 2001:DB8:400:965a:42::1.

Addresses with the few simple words one can make using a to f and numbers that may be read as letters are, by some, called IPv6 IP pollution. Others call it playful cleverness (1337:babe, beef:cafe etc).

IPv6 addresses are typically handed out to end-users in /64 network blocks. A whole /64 prefix is necessary to do stateless auto-configuration on a single local network.

 2001:0DB8:0400:000e:0000:0000:0000:402b
       ||| |||| |||| |||| |||| |||| ||||
       ||| |||| |||| |||| |||| |||| |||128
       ||| |||| |||| |||| |||| |||| ||124
       ||| |||| |||| |||| |||| |||| |120
       ||| |||| |||| |||| |||| |||| 116
       ||| |||| |||| |||| |||| |||112
       ||| |||| |||| |||| |||| ||108
       ||| |||| |||| |||| |||| |104
       ||| |||| |||| |||| |||| 100
       ||| |||| |||| |||| |||96
       ||| |||| |||| |||| ||92
       ||| |||| |||| |||| |88
       ||| |||| |||| |||| 84
       ||| |||| |||| |||80
       ||| |||| |||| ||76
       ||| |||| |||| |72
       ||| |||| |||| 68
       ||| |||| |||64
       ||| |||| ||60
       ||| |||| |56
       ||| |||| 52
       ||| |||48
       ||| ||44
       ||| |40
       ||| 36
       ||32
       |28
       24

IPv6 supports stateless auto-configuration. Clients on a IPv6-enabled network with stateless auto-configuration can listen for router advertisement messages and automatically configure an address and a default route.

The Router Advertisement Daemon (radvd) can be used to configure a router to hand IPv6 addresses out to clients on the local network. The Linux kernel will take care of network address auto-configuration on the client side. Clients will, additionally, need something like rdnssd to auto-configure DNS.

Stateless auto-configuration allows the clients to pick the last four notations of their IPv6 address. The network cards MAC address (real or fake) is used unless IPv6 privacy extensions are enabled. This means that a /64 IPv6 subnet is only enough for one local network even though the address space in a /64 represents 18,446,744,073,709,551,616 possible addresses. The entire IPv4 address space, in comparison, can have a maximum of 4,294,967,296 addresses. IPv6 "wastes" a million times more on every single local network.

Security Concerns

The IPv4 IP shortage was solved by placing the majority of devices connected to the Internet behind a NAT firewall.

Devices connecting to IPv6 networks get globally routable addresses. This means that each device on a local network should have have a firewall and secure service policies (That is also a good idea on IPv4 networks).

Enabling IPv6

There are two ways to get IPv6 connectivity if your ISP does not provide it to you:

1. Setup and configure a IPv6 tunnel to a IPv6 tunnel broker
2. Use a 6rd IPv6 rapid deployment tunnel to your ISP

There used to be a very long list of Free IPv4 to IPv6 Tunnel Brokers available back in the early 2000s. That list has been reduced to Hurricane Electric's tunnelbroker.net service and the Ukraine-specific NetAssist Tunnel Broker.

Configuring a IPv6 tunnel from Hurricane Electric is fairly easy. Note: IPv6 tunnels use protocol 41 so you will have to make sure your firewall isn't blocking protocol 41 (iptables -A INPUT -p 41 -j ACCEPT).

Going the 6rd route may be a better choice if your ISP provides a 6rd address. Some do, some do not. Some of those who do don't mention them on their own website so you may need to search for 6rd+yourisp in a search engine to find your ISPs 6rd address (if they have one).

Linux and Software Support

"IPv6 support" used to be a question worth asking. It is now non-issue, if a piece of software can connect to the Internet then it is likely able to use both IPv4 and IPv6.

The Router Advertisement Daemon (radvd) can be used to provide IPv4 auto-configuration using a Linux gateway/server.

NetworkManager, the standard way of getting network connectivity on GNU/Linux distributions with systemd, has had IPv6 support for years. The kernel is capable of auto-configuring itself on a IPv6 network without NetworkManager but it won't configure DNS. You will need rdnssd to configure DNS using RDNS advertisements.

Links

• Check if IPv6 is enabled/working:
  • mirrors.bieringer.de /cgi-bin/ipv6calcweb.cgi will show you if you are connecting using IPv6 and some details about your IP address if you are.
  • http://www.kame.net/ will show a dancing turtle if you connect via IPv6 and a still image if you are not.