Internet Protocol version 6 (IPv6) is the most recent version of the Internet Protocol (IP), the communications protocol that provides an identification and location system for computers on networks and routes traffic across the Internet. IPv6 was developed by the Internet Engineering Task Force (IETF) to deal with the long-anticipated problem of IPv4 address exhaustion. IPv6 is intended to replace IPv4. In December 1998, IPv6 became a Draft Standard for the IETF, who subsequently ratified it as an Internet Standard on 14 July 2017.
Devices on the Internet are assigned a unique IP address for identification and location definition. With the rapid growth of the Internet after commercialization in the 1990s, it became evident that far more addresses would be needed to connect devices than the IPv4 address space had available. By 1998, the Internet Engineering Task Force (IETF) had formalized the successor protocol. IPv6 uses a 128-bit address, theoretically allowing 2128, or approximately 3.4×1038 addresses. The actual number is slightly smaller, as multiple ranges are reserved for special use or completely excluded from use. The total number of possible IPv6 addresses is more than 7.9×1028 times as many as IPv4, which uses 32-bit addresses and provides approximately 4.3 billion addresses. The two protocols are not designed to be interoperable, and thus direct communication between them is impossible, complicating the move to IPv6. However, several transition mechanisms have been devised to rectify this.
IPv6 provides other technical benefits in addition to a larger addressing space. In particular, it permits hierarchical address allocation methods that facilitate route aggregation across the Internet, and thus limit the expansion of routing tables. The use of multicast addressing is expanded and simplified, and provides additional optimization for the delivery of services. Device mobility, security, and configuration aspects have been considered in the design of the protocol.
IPv6 addresses are represented as eight groups, separated by colons, of four hexadecimal digits. The full representation may be simplified by several methods of notation; for example, 2001:0db8:0000:0000:0000:8a2e:0370:7334 becomes 2001:db8::8a2e:370:7334.
- 1 Main features
- 2 Motivation and origin
- 3 Comparison with IPv4
- 4 IPv6 packets
- 5 Addressing
- 6 IPv6 in the Domain Name System
- 7 Transition mechanisms
- 8 IPv6 readiness
- 9 Security
- 10 Standardization through RFCs
- 11 Deployment
- 12 See also
- 13 References
- 14 External links
IPv6 is an Internet Layer protocol for packet-switched internetworking and provides end-to-end datagram transmission across multiple IP networks, closely adhering to the design principles developed in the previous version of the protocol, Internet Protocol Version 4 (IPv4).
In addition to offering more addresses, IPv6 also implements features not present in IPv4. It simplifies aspects of address configuration, network renumbering, and router announcements when changing network connectivity providers. It simplifies processing of packets in routers by placing the responsibility for packet fragmentation into the end points. The IPv6 subnet size is standardized by fixing the size of the host identifier portion of an address to 64 bits.
Motivation and originEdit
IPv4 address exhaustionEdit
Internet Protocol Version 4 (IPv4) was the first publicly used version of the Internet Protocol. IPv4 was developed as a research project by the Defense Advanced Research Projects Agency (DARPA), a United States Department of Defense agency, before becoming the foundation for the Internet and the World Wide Web. IPv4 includes an addressing system that uses numerical identifiers consisting of 32 bits. These addresses are typically displayed in quad-dotted notation as decimal values of four octets, each in the range 0 to 255, or 8 bits per number. Thus, IPv4 provides an addressing capability of 232 or approximately 4.3 billion addresses. Address exhaustion was not initially a concern in IPv4 as this version was originally presumed to be a test of DARPA's networking concepts. During the first decade of operation of the Internet, it became apparent that methods had to be developed to conserve address space. In the early 1990s, even after the redesign of the addressing system using a classless network model, it became clear that this would not suffice to prevent IPv4 address exhaustion, and that further changes to the Internet infrastructure were needed.
The last unassigned top-level address blocks of 16 million IPv4 addresses were allocated in February 2011 by the Internet Assigned Numbers Authority (IANA) to the five regional Internet registries (RIRs). However, each RIR still has available address pools and is expected to continue with standard address allocation policies until one /8 Classless Inter-Domain Routing (CIDR) block remains. After that, only blocks of 1024 addresses (/22) will be provided from the RIRs to a local Internet registry (LIR). As of September 2015, all of Asia-Pacific Network Information Centre (APNIC), the Réseaux IP Européens Network Coordination Centre (RIPE_NCC), Latin America and Caribbean Network Information Centre (LACNIC), and American Registry for Internet Numbers (ARIN) have reached this stage. This leaves African Network Information Center (AFRINIC) as the sole regional internet registry that is still using the normal protocol for distributing IPv4 addresses. As of November 2018, AFRINIC's minimum allocation is /22 or 1024 IPv4 addresses. A LIR may receive additional allocation when about 80% of all the address space has been utilized.
It is widely expected that the Internet will use IPv4 alongside IPv6 for the foreseeable future.
Comparison with IPv4Edit
On the Internet, data is transmitted in the form of network packets. IPv6 specifies a new packet format, designed to minimize packet header processing by routers. Because the headers of IPv4 packets and IPv6 packets are significantly different, the two protocols are not interoperable. However, most transport and application-layer protocols need little or no change to operate over IPv6; exceptions are application protocols that embed Internet-layer addresses, such as File Transfer Protocol (FTP) and Network Time Protocol (NTP), where the new address format may cause conflicts with existing protocol syntax.
Larger address spaceEdit
The main advantage of IPv6 over IPv4 is its larger address space. The length of an IPv6 address is 128 bits, compared with 32 bits in IPv4. The address space therefore has 2128 or approximately 3.4×1038 addresses (340,282,366,920,938,463,463,374,607,431,768,211,456, which is approximately 340 undecillion, or 340 billion billion billion billion, addresses). As with IPv4, some of these addresses are reserved for special uses.
In addition, the IPv4 address space is poorly allocated; in 2011, approximately 14% of all available addresses were utilized. While these numbers are large, it was not the intent of the designers of the IPv6 address space to assure geographical saturation[clarification needed] with usable addresses. Rather, the longer addresses simplify allocation of addresses, enable efficient route aggregation, and allow implementation of special addressing features. In IPv4, complex Classless Inter-Domain Routing (CIDR) methods were developed to make the best use of the small address space. The standard size of a subnet in IPv6 is 264 addresses, more than 4 billion times the size of the entire IPv4 address space. Thus, actual address space utilization rates will be small in IPv6, but network management and routing efficiency are improved by the large subnet space and hierarchical route aggregation.
Multicasting, the transmission of a packet to multiple destinations in a single send operation, is part of the base specification in IPv6. In IPv4 this is an optional (although commonly implemented) feature. IPv6 multicast addressing has features and protocols in common with IPv4 multicast, but also provides changes and improvements by eliminating the need for certain protocols. IPv6 does not implement traditional IP broadcast, i.e. the transmission of a packet to all hosts on the attached link using a special broadcast address, and therefore does not define broadcast addresses. In IPv6, the same result is achieved by sending a packet to the link-local all nodes multicast group at address ff02::1, which is analogous to IPv4 multicasting to address 188.8.131.52. IPv6 also provides for new multicast implementations, including embedding rendezvous point addresses in an IPv6 multicast group address, which simplifies the deployment of inter-domain solutions.
In IPv4 it is very difficult for an organization to get even one globally routable multicast group assignment, and the implementation of inter-domain solutions is arcane. Unicast address assignments by a local Internet registry for IPv6 have at least a 64-bit routing prefix, yielding the smallest subnet size available in IPv6 (also 64 bits). With such an assignment it is possible to embed the unicast address prefix into the IPv6 multicast address format, while still providing a 32-bit block, the least significant bits of the address, or approximately 4.2 billion multicast group identifiers. Thus each user of an IPv6 subnet automatically has available a set of globally routable source-specific multicast groups for multicast applications.
Stateless address autoconfiguration (SLAAC)Edit
IPv6 hosts can configure themselves automatically when connected to an IPv6 network using the Neighbor Discovery Protocol via Internet Control Message Protocol version 6 (ICMPv6) router discovery messages. When first connected to a network, a host sends a link-local router solicitation multicast request for its configuration parameters; routers respond to such a request with a router advertisement packet that contains Internet Layer configuration parameters. Routers present a special case of requirements for address configuration, as they often are sources of autoconfiguration information, such as router and prefix advertisements. Stateless configuration of routers can be achieved with a special router renumbering protocol.
Renumbering an existing network for a new connectivity provider with different routing prefixes is a major effort with IPv4. With IPv6, however, changing the prefix announced by a few routers can in principle renumber an entire network, since the host identifiers (the least-significant 64 bits of an address) can be independently self-configured by a host.
If IPv6 stateless address auto-configuration is unsuitable, IPv6 just like IPv4 allows for stateful configuration with the Dynamic Host Configuration Protocol version 6 (DHCPv6) or manual static configuration of hosts.
SLAAC privacy extensionsEdit
Like IPv4, IPv6 supports globally unique IP addresses. The design of IPv6 intended to re-emphasize the end-to-end principle of network design that was originally conceived during the establishment of the early Internet. In this approach, each device on the network has a unique address globally reachable directly from any other location on the Internet.
A unique IP address can potentially be used to track the network activity of a device. Moreover, when using IPv6 address auto-configuration, the Interface Identifier (MAC address) of a network card is used to make its public IPv6 interface identifier unique, exposing the type of hardware used and providing a unique handle for a user's online activity. Autoconfiguration on the basis of the network card MAC address is, therefore, a particular privacy concern for mobile devices, such as laptops, because when they access the Internet from different local area networks, their MAC based interface identifier would always stay the same. Thus the MAC address based interface identifier can be used to track the movement and usage of a particular mobile device.
When IPv6 was developed in the mid-90s, the Internet was not accessed by a large number of mobile devices and privacy was not the priority it has become today. To address these privacy concerns, the SLAAC protocol was updated with mechanisms that were termed “Privacy Extensions for Stateless Address Autoconfiguration in IPv6”, codified in RFC 4941, which introduced what are typically called "privacy addresses" or, more correctly, "temporary addresses". Temporary addresses employ randomized interface identifiers, and are generated in addition to stable addresses, and are to be employed for client-like outgoing communications, thus preventing IPv6 addresses from leaking the MAC address of the device when performing client-like operations. As the name implies, and as opposed to stable addresses, the Preferred Lifetime and Valid Lifetime of temporary addresses are not refreshed upon receipt of ICMPv6 RA packets advertising the corresponding SLAAC prefix. Instead, old addresses are phased out as new temporary addresses are configured. Typically the Preferred Lifetime of temporary addresses defaults to 1 day, while the Valid Lifetime defaults to 1 week. This means that IPv6 autoconfiguration will generate and set a new IPv6 host temporary every day, which will be valid for one week. As a result, a host that has had an uptime of at least one week may employ up to seven temporary addresses. As of late 2014 the SLAAC privacy extensions functionality was implemented by the following operating systems: all Microsoft Windows after Windows XP, all versions of Mac OS X from 10.7 onward, all versions of iOS since 4.3, all versions of Android since 4.0 (Ice Cream Sandwich). The privacy extension is now enabled by default in Windows (since XP SP1), OS X (since 10.7), and iOS (since version 4.3). Some Linux distributions have enabled privacy extensions as well.
Since temporary addresses do not eliminate the security and privacy implications of the traditional SLAAC stable addresses (that embed the underlying MAC address), the traditional scheme to generate stable addresses has been replaced by RFC 8064 with the method codified in RFC 7217 (sometimes known as "stable-privacy addresses", due to the filename of the IETF internet-draft that introduced the idea). RFC7217 addresses have been implemented and enabled by default in most recent versions of Ubuntu, Fedora, FreeBSD, and OpenBSD.
Internet Protocol Security (IPsec) was originally developed for IPv6, but found widespread deployment first in IPv4, for which it was re-engineered. IPsec was a mandatory part of all IPv6 protocol implementations, and Internet Key Exchange (IKE) was recommended, but with RFC 6434 the inclusion of IPsec in IPv6 implementations was downgraded to a recommendation because it was considered impractical to require full IPsec implementation for all types of devices that may use IPv6. However, as of RFC 4301 IPv6 protocol implementations that do implement IPsec need to implement IKEv2 and need to support a minimum set of cryptographic algorithms. This requirement will help to make IPsec implementations more interoperable between devices from different vendors. The IPsec Authentication Header (AH) and the Encapsulating Security Payload header (ESP) are implemented as IPv6 extension headers.
Simplified processing by routersEdit
The packet header in IPv6 is simpler than the IPv4 header. Many rarely used fields have been moved to optional header extensions. With the simplified IPv6 packet header the process of packet forwarding by routers has been simplified. Although IPv6 packet headers are at least twice the size of IPv4 packet headers, processing of packets that only contain the base IPv6 header by routers may, in some case, be more efficient, because less processing is required in routers due to the headers being aligned to match common word sizes. However, many devices implement IPv6 support in software (as opposed to hardware), thus resulting in very bad packet processing performance. Additionally, for many implementations, the use of Extension Headers causes packets to be processed by a router's CPU, leading to poor performance or even security issues.
Moreover, an IPv6 header does not include a checksum. The IPv4 header checksum is calculated for the IPv4 header, and has to be recalculated by routers every time the time to live (called hop limit in the IPv6 protocol) is reduced by one. The absence of a checksum in the IPv6 header furthers the end-to-end principle of Internet design, which envisioned that most processing in the network occurs in the leaf nodes. Integrity protection for the data that is encapsulated in the IPv6 packet is assumed to be assured by both the link layer or error detection in higher-layer protocols, namely the Transmission Control Protocol (TCP) and the User Datagram Protocol (UDP) on the transport layer. Thus, while IPv4 allowed UDP datagram headers to have no checksum (indicated by 0 in the header field), IPv6 requires a checksum in UDP headers.
IPv6 routers do not perform IP fragmentation. IPv6 hosts are required to either perform path MTU discovery, perform end-to-end fragmentation, or to send packets no larger than the default Maximum transmission unit (MTU), which is 1280 octets.
Unlike mobile IPv4, mobile IPv6 avoids triangular routing and is therefore as efficient as native IPv6. IPv6 routers may also allow entire subnets to move to a new router connection point without renumbering.
The IPv6 packet header has a minimum size of 40 octets (320 bits). Options are implemented as extensions. This provides the opportunity to extend the protocol in the future without affecting the core packet structure. However, RFC 7872 notes that some network operators drop IPv6 packets with extension headers when they traverse transit autonomous systems.
IPv4 limits packets to 65,535 (216−1) octets of payload. An IPv6 node can optionally handle packets over this limit, referred to as jumbograms, which can be as large as 4,294,967,295 (232−1) octets. The use of jumbograms may improve performance over high-MTU links. The use of jumbograms is indicated by the Jumbo Payload Option extension header.
The header consists of a fixed portion with minimal functionality required for all packets and may be followed by optional extensions to implement special features.
The fixed header occupies the first 40 octets (320 bits) of the IPv6 packet. It contains the source and destination addresses, traffic classification options, a hop counter, and the type of the optional extension or payload which follows the header. This Next Header field tells the receiver how to interpret the data which follows the header. If the packet contains options, this field contains the option type of the next option. The "Next Header" field of the last option, points to the upper-layer protocol that is carried in the packet's payload.
Extension headers carry options that are used for special treatment of a packet in the network, e.g., for routing, fragmentation, and for security using the IPsec framework.
Without special options, a payload must be less than 64kB. With a Jumbo Payload option (in a Hop-By-Hop Options extension header), the payload must be less than 4 GB.
Unlike with IPv4, routers never fragment a packet. Hosts are expected to use Path MTU Discovery to make their packets small enough to reach the destination without needing to be fragmented. See IPv6 packet fragmentation.
IPv6 addresses have 128 bits. The design of the IPv6 address space implements a different design philosophy than in IPv4, in which subnetting was used to improve the efficiency of utilization of the small address space. In IPv6, the address space is deemed large enough for the foreseeable future, and a local area subnet always uses 64 bits for the host portion of the address, designated as the interface identifier, while the most-significant 64 bits are used as the routing prefix. While the myth has existed regarding IPv6 subnets being impossible to scan, RFC 7707 notes that patterns resulting from some IPv6 address configuration techniques and algorithms allow for address scanning in many real-world scenarios.
The identifier is only unique within the subnet to which a host is connected. IPv6 has a mechanism for automatic duplicate address detection, so that address autoconfiguration always produces unique assignments.
The 128 bits of an IPv6 address are represented in 8 groups of 16 bits each. Each group is written as four hexadecimal digits (sometimes called hextets or more formally hexadectets and informally a quibble or quad-nibble ) and the groups are separated by colons (:). An example of this representation is 2001:0db8:0000:0000:0000:ff00:0042:8329.
For convenience, an IPv6 address may be abbreviated to shorter notations by application of the following rules.
- One or more leading zeros from any groups of hexadecimal digits are removed; this is usually done to either all or none of the leading zeros. For example, the group 0042 is converted to 42.
- Consecutive sections of zeros are replaced with a double colon (::). The double colon may only be used once in an address, as multiple use would render the address indeterminate. RFC 5952 requires that a double colon not be used to denote an omitted single section of zeros.
An example of application of these rules:
- Initial address: 2001:0db8:0000:0000:0000:ff00:0042:8329
- After removing all leading zeros in each group: 2001:db8:0:0:0:ff00:42:8329
- After omitting consecutive sections of zeros: 2001:db8::ff00:42:8329
All interfaces of IPv6 hosts require a link-local address. IPv6 link-local addresses have the prefix fe80::/10. This prefix is combined with a 64 bit suffix, which the host can compute and/or assign by itself—without configuration and without the presence or cooperation of an external network component like a DHCP server.
The lower 64 bits of the link local address (the suffix) were originally derived from the MAC address of the underlying network interface card. As this method of assigning addresses would cause undesirable address changes when faulty network cards were replaced, and as it also suffered from a number of security and privacy issues, RFC 8064 has replaced the original MAC-based method with the hash-based method specified in RFC 7217.
Address uniqueness and router solicitationEdit
IPv6 uses a new mechanism for mapping IP addresses to link layer addresses (MAC addresses), because it does not support the broadcast addressing method, on which the functionality of the Address Resolution Protocol (ARP) in IPv4 is based. IPv6 implements the Neighbor Discovery Protocol (NDP, ND) in the link layer, which relies on ICMPv6 and multicast transmission.:210 IPv6 hosts verify the uniqueness of their IPv6 addresses in a local area network (LAN) by sending a neighbor solicitation message asking for the link layer address of the IP address. If any other host in the LAN is using that address, it responds. In a LAN, MAC addresses are designed to be unique, which minimizes chances of duplication.
After having generated a link-local address, the IPv6 host determines if the LAN is connected to any router network card with IPv6 implementation by sending out an ICMPv6 router solicitation message to the all-routers multicast group with its link-local address as source. If there is no answer after a predetermined number of attempts, the host concludes that no routers are connected. If it does get a response from a router, there will be network information inside that is needed to create a globally unique address. There are also two flag bits that tell the host whether it should use DHCP to get further information and addresses:
- The Manage bit, that indicates whether or not the host should use DHCP to obtain additional addresses
- The Other bit, that indicates whether or not the host should obtain other information through DHCP. The other information consists of one or more prefix information options for the subnets that the host is attached to, a lifetime for the prefix, and two flags:
- On-link: If this flag is set, the host will treat all addresses on the specific subnet as being on-link, and send packets directly to them instead of sending them to a router for the duration of the given lifetime.
- Address: This is the flag that tells the host to actually create a global address.
The assignment procedure for global addresses is similar to local address construction. The prefix is supplied from router advertisements on the network. Multiple prefix announcements cause multiple addresses to be configured.
Stateless address autoconfiguration (SLAAC) requires a /64 address block, as defined in RFC 4291. Local Internet registries are assigned at least /32 blocks, which they divide among subordinate networks. The initial recommendation stated assignment of a /48 subnet to end-consumer sites (RFC 3177). This was replaced by RFC 6177, which "recommends giving home sites significantly more than a single /64, but does not recommend that every home site be given a /48 either". /56s are specifically considered. It remains to be seen if ISPs will honor this recommendation. For example, during initial trials, Comcast customers were given a single /64 network.
IPv6 in the Domain Name SystemEdit
In the Domain Name System (DNS), hostnames are mapped to IPv6 addresses by AAAA ("quad-A") resource records. For reverse resolution, the IETF reserved the domain ip6.arpa, where the name space is hierarchically divided by the 1-digit hexadecimal representation of nibble units (4 bits) of the IPv6 address. This scheme is defined in RFC 3596.
When a dual-stack host queries a DNS server to resolve a fully qualified domain name (FQDN), the DNS client of the host sends two DNS requests, one querying A records and the other querying AAAA records. The host operating system may be configured with a preference for address selection rules RFC 6724.
An alternate record type was used in early DNS implementations for IPv6, designed to facilitate network renumbering, the A6 records for the forward lookup and a number of other innovations such as bit-string labels and DNAME records. It is defined in RFC 2874 and its references (with further discussion of the pros and cons of both schemes in RFC 3364), but has been deprecated to experimental status (RFC 3363).
IPv6 is not foreseen to supplant IPv4 instantaneously. Both protocols will continue to operate simultaneously for some time. Therefore, IPv6 transition mechanisms are needed to enable IPv6 hosts to reach IPv4 services and to allow isolated IPv6 hosts and networks to reach each other over IPv4 infrastructure.
According to Silvia Hagen, a dual-stack implementation of the IPv4 and IPv6 on devices is the easiest way to migrate to IPv6. Many other transition mechanisms use tunneling to encapsulate IPv6 traffic within IPv4 networks and vice versa. This is an imperfect solution, which reduces the maximum transmission unit (MTU) of a link and therefore complicates Path MTU Discovery, and may increase latency.
Dual-stack IP implementationEdit
Dual-stack IP implementations provide complete IPv4 and IPv6 protocol stacks in the operating system of a computer or network device on top of the common physical layer implementation, such as Ethernet. This permits dual-stack hosts to participate in IPv6 and IPv4 networks simultaneously. The method is defined in RFC 4213.
A device with dual-stack implementation in the operating system has an IPv4 and IPv6 address, and can communicate with other nodes in the LAN or the Internet using either IPv4 or IPv6. The Domain Name System (DNS) protocol is used by both IP protocols to resolve fully qualified domain names (FQDN) and IP addresses, but dual stack requires that the resolving DNS server can resolve both types of addresses. Such a dual stack DNS server would hold IPv4 addresses in the A records, and IPv6 addresses in the AAAA records. Depending on the destination that is to be resolved, a DNS name server may return an IPv4 or IPv6 IP address, or both. A default address selection mechanism, or preferred protocol, needs to be configured either on hosts or the DNS server. The IETF has published Happy Eyeballs to assist dual stack applications, so that they can connect using both IPv4 and IPv6, but prefer an IPv6 connection if it is available. However, dual-stack also needs to be implemented on all routers between the host and the service for which the DNS server has returned an IPv6 address. Dual-stack clients should only be configured to prefer IPv6, if the network is able to forward IPv6 packets using the IPv6 versions of routing protocols. When dual stack networks protocols are in place the application layer can be migrated to IPv6.
ISP customers with public-facing IPv6Edit
Internet service providers (ISPs) are increasingly providing their business and private customers with public-facing IPv6 global unicast addresses. However, if in the local area network (LAN) IPv4 is still used, and the ISP can only provide a public facing IPv6, the IPv4 LAN addresses are translated into the public facing IPv6 address using NAT64, a network address translation (NAT) mechanism. Some ISPs cannot provide their customers with public-facing IPv4 and IPv6 addresses, thus supporting dual stack networking, because some ISPs have exhausted their globally routable IPv4 address pool. Meanwhile, ISP customers are still trying to reach IPv4 web servers and other destinations.
A significant percentage of ISPs in all Regional Internet Registry (RIR) zones have obtained IPv6 address space. This includes many of the world's major ISPs and mobile network operators, such as Verizon Wireless, StarHub Cable, Chubu Telecommunications, Kabel Deutschland, Swisscom, T-Mobile, Internode and Telefonica.
While some ISPs still allocate customers only IPv4 addresses, many ISPs allocate their customers only an IPv6 or dual stack IPv4 and IPv6. ISPs report the share of IPv6 traffic from customers over their network to be anything between 20% and 40%, but by mid-2017 IPv6 traffic still only accounted for a fraction of total traffic at several large Internet exchange points (IXPs). AMS-IX reported it to be 2% and SeattleIX reported 7%. A 2017 survey found that many DSL customers that were served by a dual stack ISP did not request DNS servers to resolve fully qualified domain names into IPv6 addresses. The survey also found that the majority of traffic from IPv6-ready webserver resources were still requested and served over IPv4, mostly due to ISP customers that did not use the dual stack facility provided by their ISP and to a lesser extent due to customers of IPv4-only ISPs.
The technical basis for tunneling, or encapsulating IPv6 packets in IPv4 packets, is outlined in RFC 4213. When the Internet backbone was IPv4-only, one of the frequently used tunneling protocols was 6to4. Teredo tunneling was also frequently used for integrating IPv6 LANs with the IPv4 Internet backbone. Teredo is outlined in RFC 4380 and allows IPv6 local area networks to tunnel over IPv4 networks, by encapsulating IPv6 packets within UDP. The Teredo relay is an IPv6 router that mediates between a Teredo server and the native IPv6 network. It was expected that 6to4 and Teredo would be widely deployed until ISP networks would switch to native IPv6, but by 2014 Google Statistics showed that the use of both mechanisms had dropped to almost 0.
IPv4-mapped IPv6 addressesEdit
Hybrid dual-stack IPv6/IPv4 implementations recognize a special class of addresses, the IPv4-mapped IPv6 addresses. These addresses are typically written with a 96-bit prefix in the standard IPv6 format, and the remaining 32 bits written in the customary dot-decimal notation of IPv4.
Addresses in this group consist of an 80-bit prefix of zeros, the next 16 bits are ones, and the remaining, least-significant 32 bits contain the IPv4 address. For example, ::ffff:192.0.2.128 represents the IPv4 address 192.0.2.128. Another format, called "IPv4-compatible IPv6 address", is ::192.0.2.128; however, this method is deprecated.
Because of the significant internal differences between IPv4 and IPv6 protocol stacks, some of the lower-level functionality available to programmers in the IPv6 stack does not work the same when used with IPv4-mapped addresses. Some common IPv6 stacks do not implement the IPv4-mapped address feature, either because the IPv6 and IPv4 stacks are separate implementations (e.g., Microsoft Windows 2000, XP, and Server 2003), or because of security concerns (OpenBSD). On these operating systems, a program must open a separate socket for each IP protocol it uses. On some systems, e.g., the Linux kernel, NetBSD, and FreeBSD, this feature is controlled by the socket option IPV6_V6ONLY, as specified in RFC 3493.
RFC 6052 defines a class of IPv4-embedded IPv6 addresses with the address prefix 64:ff9b::/96 for use in NAT64 transition methods. For example, 64:ff9b::192.0.2.128 represents the IPv4 address 192.0.2.128.
Compatibility with IPv6 networking is mainly a software or firmware issue. However, much of the older hardware that could in principle be upgraded is likely to be replaced instead. In 2010, the American Registry for Internet Numbers (ARIN) suggested that all Internet servers be prepared to serve IPv6-only clients by January 2012.
Host software may have only IPv4 or only IPv6 networking software, or it may support dual-stack, or hybrid dual-stack operation. Many popular applications with networking capabilities are compliant. Some software transitioning mechanisms are outlined in RFC 4038, RFC 3493, and RFC 3542.
IPv6 has been implemented on all major operating systems in use in commercial, business, and home consumer environments. All personal computers and smartphones running recent major operating system versions support IPv6.[clarification needed]
Hardware and embedded systemsEdit
The CableLabs consortium published the 160 Mbit/s DOCSIS 3.0 IPv6-ready specification for cable modems in August 2006. DOCSIS 2.0 was updated as DOCSIS 2.0 + IPv6 to provide IPv6 support, which may be available with a firmware upgrade.
The addition of nodes having IPv6 enabled by default by the software manufacturer, may result in the inadvertent creation of shadow networks, causing IPv6 traffic flowing into networks having only IPv4 security management in place. This may also occur with operating system upgrades, when the newer operating system enables IPv6 by default, while the older one did not. Failing to update the security infrastructure to accommodate IPv6 can lead to IPv6 traffic bypassing it. Shadow networks have occurred on business networks in which enterprises are replacing Windows XP systems that do not have an IPv6 stack enabled by default, with Windows 7 systems, that do. Some IPv6 stack implementors have therefore recommended disabling IPv4 mapped addresses and instead using a dual-stack network where supporting both IPv4 and IPv6 is necessary.
IPv6 packet fragmentationEdit
Research has shown that the use of fragmentation can be leveraged to evade network security controls, similar to IPv4. As a result, RFC 7112 requires that the first fragment of an IPv6 packet contains the entire IPv6 header chain, such that some very pathological fragmentation cases are forbidden. Additionally, as a result of research on the evasion of RA-Guard in RFC 7113, RFC 6980 has deprecated the use of fragmentation with Neighbor Discovery, and discouraged the use of fragmentation with Secure Neighbor Discovery (SEND).
Standardization through RFCsEdit
Due to the anticipated global growth of the Internet, the Internet Engineering Task Force (IETF) in the early 1990s started an effort to develop a next generation IP protocol.:209 By the beginning of 1992, several proposals appeared for an expanded Internet addressing system and by the end of 1992 the IETF announced a call for white papers. In September 1993, the IETF created a temporary, ad-hoc IP Next Generation (IPng) area to deal specifically with such issues. The new area was led by Allison Mankin and Scott Bradner, and had a directorate with 15 engineers from diverse backgrounds for direction-setting and preliminary document review: The working-group members were J. Allard (Microsoft), Steve Bellovin (AT&T), Jim Bound (Digital Equipment Corporation), Ross Callon (Wellfleet), Brian Carpenter (CERN), Dave Clark (MIT), John Curran (NEARNET), Steve Deering (Xerox), Dino Farinacci (Cisco), Paul Francis (NTT), Eric Fleischmann (Boeing), Mark Knopper (Ameritech), Greg Minshall (Novell), Rob Ullmann (Lotus), and Lixia Zhang (Xerox).
The Internet Engineering Task Force adopted the IPng model on 25 July 1994, with the formation of several IPng working groups. By 1996, a series of RFCs was released defining Internet Protocol version 6 (IPv6), starting with RFC 1883. (Version 5 was used by the experimental Internet Stream Protocol.)
The first RFC to standardize IPv6 was the RFC 1883 in 1995, which became obsoleted by RFC 2460 in 1998.:209 In July 2017 this RFC was obsoleted by RFC 8200, which elevated IPv6 to "Internet Standard" (the highest maturity level for IETF protocols).
The 1993 introduction of Classless Inter-Domain Routing (CIDR) in the routing and IP address allocation for the Internet, and the extensive use of network address translation (NAT), delayed IPv4 address exhaustion. The final phase of exhaustion started on 3 February 2011. Universities were among the early adopters of IPv6. Virginia Tech deployed IPv6 at a trial location in 2004 and has since expanded IPv6 deployment across the campus network. In 2016 82% of the traffic on their network used IPv6. Imperial College London has been experimenting with IPv6 deployment since 2003 and in 2016 the IPv6 traffic on their networks averaged between 20% and 40%. A significant portion of this IPv6 traffic was generated through their high energy physics collaboration with CERN, which depends entirely on IPv6.
Since 2008, the Domain Name System (DNS) supports IPv6. In the same year, IPv6 was first used in a major world event during the Beijing 2008 Summer Olympics. As of September 2013[update], about 4% of domain names and 16.2% of the networks in the Internet had IPv6 protocol support. In 2014, IPv4 still carried more than 99% of worldwide Internet traffic.
The deployment of IPv6 in the Internet backbone is in progress. In 2018 only 25.3% of the about 54,000 autonomous systems advertised both IPv4 and IPv6 prefixes in the global Border Gateway Protocol (BGP) routing database. A further 243 networks advertised only an IPv6 prefix. Internet backbone transit networks offering IPv6 support exist in every country globally, except in parts of Africa, the Middle East and China. By mid-2018 some major European broadband ISPs had deployed IPv6 for the majority of their customers. British Sky Broadcasting provided over 86% of its customers with IPv6, Deutsche Telekom had 56% deployment of IPv6, XS4ALL in the Netherlands had 73% deployment and in Belgium the broadband ISPs VOO and Telenet had 73% and 63% IPv6 deployment respectively. In the United States the broadband ISP Comcast had an IPv6 deployment of about 66%. In 2018 Comcast reported an estimated 36.1 million IPv6 users, while AT&T reported 22.3 million IPv6 users.
The Internet exchanges in Amsterdam and Seattle are the only large exchanges that publicly show IPv6 traffic statistics, which as of October 2018 are tracking at about 2.9% and 7.7%, growing at about 1.9% and -2.6% per year, respectively. As of 15 June 2019[update], the percentage of users reaching Google services with IPv6 is about 29% and about 26% of Alexa Top 1000 web servers support IPv6. According to the Internet Society's report State of IPv6 Deployment 2018 major mobile network providers drove the IPv6 adoption. In Japan the mobile network providers Nippon Telegraph and Telephone (NTT), KDDI and SoftBank pushed forward on IPv6 deployment, while in India IPv6 adoption was advanced by Jio, which has a LTE network which covers India's 29 states and reaches 80% of the country's population. In 2018 Jio had an estimated 237.6 million IPv6 users. In the United States IPv6 adoption was pioneered by Verizon Wireless. In 2009 Verizon mandated IPv6 operation and reduced IPv4 to an optional capability for LTE cellular hardware. Verizon productively deployed IPv6 across its existing IPv4 network to avoid the network complexity that arose from networks using the same private network IPv4 address space. As of 2018 80% of the traffic from Verizon Wireless to major content providers was using IPv6.
In the United States, some data centers are transitioned to IPv6 networking. Since 2018, Facebook has been eliminating IPv4 in data centers, while the network-facing load balancers accept IPv4 and IPv6 traffic. LinkedIn and Microsoft have stated intentions to move their networks to IPv6. Google, LinkedIn, and Akamai are as of 2018 deploying IPv6 in data center networks and are connecting natively with IPv6 end users.
- New Zealand IPv6 Task Force. "FAQs". Retrieved 26 October 2015.
- Siddiqui, Aftab (17 July 2017). "RFC 8200 – IPv6 has been standardized". Internet Society. Retrieved 25 February 2018.
- Rami Rosen (2014). Linux Kernel Networking: Implementation and Theory. New York: Apress. ISBN 9781430261971. OCLC 869747983.
- Google IPv6 Conference 2008: What will the IPv6 Internet look like?. Event occurs at 13:35.
- Bradner, S.; Mankin, A. (January 1995). The Recommendation for the IP Next Generation Protocol. IETF. doi:10.17487/RFC1752. RFC 1752.
- Rashid, Fahmida. "IPv4 Address Exhaustion Not Instant Cause for Concern with IPv6 in Wings". eWeek. Retrieved 23 June 2012.
- Ward, Mark (14 September 2012). "Europe hits old internet address limits". BBC News. BBC. Retrieved 15 September 2012.
- Huston, Geoff. "IPV4 Address Report".
- "African Network Information Center : -". my.afrinic.net. Retrieved 28 November 2018.
- S. Deering; R. Hinden (December 1998), Internet Protocol, Version 6 (IPv6) Specification, Internet Engineering Task Force (IETF), RFC 2460 Obsoletes RFC 1883.
- Partridge, C.; Kastenholz, F. (December 1994). "Technical Criteria for Choosing IP The Next Generation (IPng)". RFC 1726.
- "Moving to IPv6: Now for the hard part (FAQ)". Deep Tech. CNET News. Archived from the original on 9 February 2011. Retrieved 3 February 2011.
- RFC 1112, Host extensions for IP multicasting, S. Deering (August 1989)
- RFC 3956, Embedding the Rendezvous Point (RP) Address in an IPv6 Multicast Address, P. Savola, B. Haberman (November 2004)
- RFC 2908, The Internet Multicast Address Allocation Architecture, D. Thaler, M. Handley, D. Estrin (September 2000)
- RFC 3306, Unicast-Prefix-based IPv6 Multicast Addresses, B. Haberman, D. Thaler (August 2002)
- Thomson, S.; Narten, T.; Jinmei, T. (September 2007). "IPv6 Stateless Address Autoconfiguration". RFC 4862.
- RFC 2894, Router Renumbering for IPv6, M. Crawford, August 2000.
- Ferguson, P.; Berkowitz, H. (January 1997). "Network Renumbering Overview: Why would I want it and what is it anyway?". RFC 2071.
- Berkowitz, H. (January 1997). "Router Renumbering Guide". RFC 2072.
- T. Narten; R. Draves; S. Krishnan (September 2007). "Privacy Extensions for Stateless Address Autoconfiguration in IPv6". www.ietf.org. Retrieved 13 March 2017.
- T. Narten; R. Draves; S. Krishnan (8 August 2014). "Privacy Extensions for IPv6 SLAAC". www.internetsociety.org. Retrieved 13 March 2017.
- "Overview of the Advanced Networking Pack for Windows XP". web.archive.org. Archived from the original on 7 September 2017. Retrieved 15 April 2019.
- Kaps, Reiko (13 April 2011). "IPv6: Privacy Extensions einschalten". Heise (in German). Retrieved 15 April 2019.
- "Comment #61 : Bug #176125 : Bugs: "procps" package: Ubuntu". Bugs.launchpad.net. Retrieved 19 February 2012.
- Silvia Hagen (2014). IPv6 Essentials: Integrating IPv6 Into Your IPv4 Network (3rd ed.). Sebastopol, CA: O'Reilly Media. p. 196. ISBN 978-1-4493-3526-7. OCLC 881832733.
- "The History of Domain Names | IPv6". www.historyofdomainnames.com. Archived from the original on 12 June 2018. Retrieved 12 June 2018.
- Zack, E. (July 2013). "IPv6 Security Assessment and Benchmarking".
- Gont, F. (March 2016). "Operational Implications of IPv6 Packets with Extension Headers". draft-gont-v6ops-ipv6-ehs-packet-drops-03.
- RFC 3963, Network Mobility (NEMO) Basic Protocol Support, V. Devarapalli, R. Wakikawa, A. Petrescu, P. Thubert (January 2005)
- RFC 2675, IPv6 Jumbograms, D. Borman, S. Deering, R. Hinden (August 1999)
- RFC 4291, p. 9
- Graziani, Rick (2012). IPv6 Fundamentals: A Straightforward Approach to Understanding IPv6. Cisco Press. p. 55. ISBN 978-0-13-303347-2.
- Coffeen, Tom (2014). IPv6 Address Planning: Designing an Address Plan for the Future. O'Reilly Media. p. 170. ISBN 978-1-4919-0326-1.
- Horley, Edward (2013). Practical IPv6 for Windows Administrators. Apress. p. 17. ISBN 978-1-4302-6371-5.
- S. Kawamura (August 2010). "A Recommendation for IPv6 Address Text Representation". section 4.2.2. RFC 5952.
- S. Kawamura (August 2010). "A Recommendation for IPv6 Address Text Representation". RFC 5952.
- Narten, T. (August 1999). "Neighbor discovery and stateless autoconfiguration in IPv6". IEEE Internet Computing. 3 (4): 54–62. doi:10.1109/4236.780961.
- S. Thomson (September 2007). "IPv6 Stateless Address Autoconfiguration". section 5.5.1. RFC 4862.
- T. Narten (September 2007). "Neighbor Discovery for IP version 6 (IPv6)". section 6.3.7. RFC 4861.
- "IPv6 Address Allocation and Assignment Policy". RIPE NCC. 8 February 2011. Retrieved 27 March 2011.
- Brzozowski, John (31 January 2011). "Comcast Activates First Users With IPv6 Native Dual Stack Over DOCSIS". corporate.comcast.com. Comcast. Retrieved 15 April 2019.
- Silvia Hagen (2014). IPv6 Essentials: Integrating IPv6 Into Your IPv4 Network. O'Reilly Media, Inc. p. 176. ISBN 9781449335267.
- "IPv6 Transition Mechanism / Tunneling Comparison". Sixxs.net. Retrieved 20 January 2012.
- Silvia Hagen (2014). IPv6 Essentials: Integrating IPv6 Into Your IPv4 Network. O'Reilly Media, Inc. pp. 222–223. ISBN 9781449335267.
- "Advisory Guidelines for 6to4 Deployment". IETF. RFC 6343. Retrieved 20 August 2012.
- "IPv6: Dual stack where you can; tunnel where you must". www.networkworld.com. 5 September 2007. Archived from the original on 11 May 2008. Retrieved 27 November 2012.
- "Basic Transition Mechanisms for IPv6 Hosts and Routers". IETF. RFC 4213. Retrieved 20 August 2012.
- Silvia Hagen (2014). IPv6 Essentials: Integrating IPv6 Into Your IPv4 Network. O'Reilly Media, Inc. p. 222. ISBN 9781449335267.
- Juniper TechLibrary (31 August 2017). "Understanding Dual Stacking of IPv4 and IPv6 Unicast Addresses". www.juniper.net. Retrieved 13 March 2017.
- "IPv6". www.nro.net. Retrieved 13 March 2017.
- Enric Pujol (12 June 2017). "What stops IPv6 traffic in a dual-stack ISP?". www.apnic.net. Retrieved 13 June 2017.
- Steven J. Vaughan-Nichols (14 October 2010). "Five ways for IPv6 and IPv4 to peacefully co-exist". www.zdnet.com. Retrieved 13 March 2017.
- Silvia Hagen (2014). IPv6 Essentials: Integrating IPv6 Into Your IPv4 Network. O'Reilly Media, Inc. p. 33. ISBN 9781449335267.
- Hinden, Robert M.; Deering, Stephen E. "RFC 4291 - IP Version 6 Addressing Architecture, section 184.108.40.206. IPv4-Compatible IPv6 Address". tools.ietf.org. Retrieved 23 September 2019.
- OpenBSD Kernel Interfaces Manual –
- "Basic Socket Interface Extensions for IPv6". IETF. February 2003. p. 22. RFC 3493. Retrieved 28 November 2017.
- "Web sites must support IPv6 by 2012, expert warns". Network World. 21 January 2010. Retrieved 30 September 2010. Cite journal requires
- "DOCSIS 2.0 Interface". Cablemodem.com. 29 October 2007. Archived from the original on 4 September 2009. Retrieved 31 August 2009.
- "RMV6TF.org" (PDF). Archived from the original (PDF) on 5 January 2012. Retrieved 20 January 2012.
- Gont, Fernando (10 March 2019), IPv6 Security for IPv4 Engineers (PDF), retrieved 30 August 2019
- Gont, Fernando (10 January 2019), IPv6 Security Frequently Asked Questions (FAQ) (PDF), retrieved 30 August 2019
- Mullins, Robert (5 April 2012), Shadow Networks: an Unintended IPv6 Side Effect, archived from the original on 11 April 2013, retrieved 2 March 2013
- Cicileo, Guillermo; Gagliano, Roque; O’Flaherty, Christian; et al. (October 2009). IPv6 For All: A Guide for IPv6 Usage and Application in Different Environments (PDF). p. 5. Retrieved 2 March 2013.
- Jun-ichiro itojun Hagino (October 2003). "IPv4-Mapped Addresses on the Wire Considered Harmful".
- Bradner, S.; Mankin, A. (December 1993). "IP: Next Generation (IPng) White Paper Solicitation". RFC 1550.
- "History of the IPng Effort". Sun. Archived from the original on 23 May 2014.
- "The Recommendation for the IP Next Generation Protocol – Appendix B". RFC 1752.
- S. Deering; R. Hinden (July 2017), Internet Protocol, Version 6 (IPv6) Specification, Internet Engineering Task Force (IETF), ISSN 2070-1721, RFC 8200 Obsoletes RFC 2460.
- "IPv4 Address Report". Potaroo.net. Retrieved 20 January 2012.
- State of IPv6 Deployment 2018, Internet Society, 2018, p. 3
- "Beijing2008.cn leaps to next-generation Net" (Press release). The Beijing Organizing Committee for the Games of the XXIX Olympiad. 30 May 2008. Archived from the original on 4 February 2009.
- Das, Kaushik (2008). "IPv6 and the 2008 Beijing Olympics". IPv6.com. Retrieved 15 August 2008.
- Mike Leber (2 October 2010). "Global IPv6 Deployment Progress Report". Hurricane Electric. Retrieved 19 October 2011.
- van Beijnum, Iljitsch (28 August 2014). "IPv6 adoption starting to add up to real numbers: 0.6 percent". Ars Technica. Retrieved 9 April 2015.
- David Frost (20 April 2011). "Ipv6 traffic volumes going backwards". iTWire. Retrieved 19 February 2012.
- State of IPv6 Deployment 2018, Internet Society, 2018, p. 6
- State of IPv6 Deployment 2018, Internet Society, 2018, p. 7
- State of IPv6 Deployment 2018, Internet Society, 2018, pp. 7–8
- "Traffic Graphs | www.seattleix.net". www.seattleix.net. Retrieved 30 October 2017.
- "AMS-IX - sFlow Statistics". stats.ams-ix.net. Retrieved 19 March 2019.
- "IPv6". Google Statistics. Retrieved 21 June 2019.
- "Measurements | World IPv6 Launch". www.worldipv6launch.org. Retrieved 21 June 2019.
- State of IPv6 Deployment 2018, Internet Society, 2018, p. 2
- Reliance Jio Infocomm Limited, Cellular Operators Association of India
- State of IPv6 Deployment 2018, Internet Society, 2018, p. 7
- Derek Morr (9 June 2009). "Verizon Mandates IPv6 Support for Next-Gen Cell Phones". CircleID.
- State of IPv6 Deployment 2018, Internet Society, 2018, p. 3
- State of IPv6 Deployment 2018, Internet Society, 2018, p. 2
- State of IPv6 Deployment 2018, Internet Society, 2018, p. 8