An IP address (Internet Protocol address) is a unique address that devices use in order to identify and communicate with each other on a computer network utilizing the Internet Protocol standard (IP). Any participating network device — including routers, computers, time-servers, printers, Internet fax machines, and some telephones — can have their own unique address.

An IP address can also be thought of as the equivalent of a street address or a phone number (compare: VoIP) for a computer or other network device on the Internet. Just as each street address and phone number uniquely identifies a building or telephone, an IP address can uniquely identify a specific computer or other network device on a network.

An IP address can appear to be shared by multiple client devices either because they are part of a shared hosting web server environment or because a proxy server (e.g. an ISP or anonymizer service) acts as an intermediary agent on behalf of its customers, in which case the real originating IP addresses might be hidden from the server receiving a request. The analogy to telephone systems would be the use of predial numbers (proxy) and extensions (shared).

IP addresses are managed and created by the Internet Assigned Numbers Authority. IANA generally assigns super-blocks to Regional Internet Registries, who in turn allocate smaller blocks to Internet Service Providers and enterprises.

IPv6
(From Wikipedia, the free encyclopedia)

Internet Protocol version 6 (IPv6) is a network layer IP standard used by electronic devices to exchange data across a packet-switched internetwork. It follows IPv4 as the second widely-used version of the Internet Protocol to be formally adopted for general use as the basis of the Internet.

History

The main improvement brought by IPv6 (Internet Protocol version 6) is the increase in the number of addresses available for networked devices, allowing, for example, each cell phone and mobile electronic device to have its own address. IPv4 supports 232 (about 4.3 billion) addresses, which is inadequate for giving even one address to every living person, much less for supporting the burgeoning market for connective devices. If one considers that the need to account for network topology in assigning addresses means that some are not available for use in practice, it becomes apparent that the shortage is greater than this simple reckoning would indicate; it is, however, lessened somewhat by the use of technologies such as network address translation. IPv6, however, supports 2128 addresses; this is approximately 5×1028 addresses for each of the roughly 6.5 billion people alive today.

Invented by Steve Deering and Craig Mudge at Xerox PARC, IPv6 was adopted by the Internet Engineering Task Force in 1994, when it was called "IP Next Generation" (IPng). (Incidentally, IPv5 was not a successor to IPv4, but an experimental flow-oriented streaming protocol intended to support video and audio.)

As of December 2005, IPv6 accounts for a tiny percentage of the live addresses in the publicly-accessible Internet, which is still dominated by IPv4. The adoption of IPv6 has been slowed by the introduction of classless inter-domain routing (CIDR) and network address translation (NAT), each of which has partially alleviated the impact of address space exhaustion. Estimates as to when the pool of available IPv4 address will be exhausted vary — in 2003, Paul Wilson (director of APNIC) stated that, based on then-current rates of deployment, the available space would last until 2023[1], while in September 2005 a report by Cisco Systems that the pool of available addresses would be exhausted in as little as 4–5 years.[2] As of November 2006, a regularly updated report projected that the IANA pool of unallocated addresses would be exhausted in May 2011, with the various Regional Internet Registries using up their allocations from IANA in August 2012.[3] This report also argues that, if assigned but unused addresses were reclaimed and used to meet continuing demand, allocation of IPv4 addresses could continue until 2024. The U.S. Government has specified that the network backbones of all federal agencies must deploy IPv6 by 2008.[4] Meanwhile China is planning to get a head start implementing IPv6 with their 5 year plan for the China Next Generation Internet.

It is expected that IPv4 will be supported alongside IPv6 for the foreseeable future. However, IPv4-only clients/servers will not be able to communicate directly with IPv6 clients/servers, and will require service-specific intermediate servers or NAT-PT protocol-translation servers.

China is an early adopter of IPv6, and India also seems to be moving ahead of the United States in this area.

Features of IPv6

To a great extent, IPv6 is a conservative extension of IPv4. Most transport- and application-layer protocols need little or no change to work over IPv6; exceptions are applications protocols that embed network-layer addresses (such as FTP or NTPv3; NTPv4 supports IPv6). However, most applications need small changes or at least need to be recompiled with IPv6 supporting libraries. High level scripts and some well designed applications might work unchanged.

Larger address space

The main feature of IPv6 that is driving adoption today is the larger address space: addresses in IPv6 are 128 bits long versus 32 bits in IPv4.

IPv6 was designed to allow the bottom 64 bits to be set to the MAC address of the network card of the computer and the top 64 bits would be used for routing purposes. The top 64 bits are divided into four 16-bit groups, allowing for four levels of address delegation, for example from IANA to ISPs to companies to departments. These large blocks make administration easier and avoids fragmentation of the address space, which in turn leads to smaller routing tables. Since each host on a network segment can use the bottom 64-bits of the IPv6 address, the minimum allocation to companies or users will be a /48, leaving 16bits-worth of subnets; that is, each "enterprise" will have ~64k LANs to allocate as they see fit. Larger companies and ISPs will be allocated /32 or larger blocks.

The larger address space avoids the potential exhaustion of the IPv4 address space without the need for NAT and other devices that break the end-to-end nature of Internet traffic. The drawback of the large address size is that IPv6 is less efficient in bandwidth usage, and this may hurt regions where bandwidth is limited.

Another advantage of the larger address space is that it makes scanning certain IP blocks for vulnerabilities significantly more difficult than in IPv4, which makes IPv6 more resistant to malicious traffic. This apparent advantage is somewhat blunted by distributed attack techniques and access to the very techniques that will enable users and devices to connect in IPv6 — with such things as all hosts multicasts and Directory Service tables which will list which IPv6 addresses in the range actually have machines attached. Similarly, when new spoofing techniques are invented it will be much harder to track down rogue malware machines, especially if they are unlisted.

Stateless autoconfiguration of hosts

IPv6 hosts can be configured automatically when connected to a routed IPv6 network. When first connected to a network, a host sends a link-local multicast (broadcast) request for its configuration parameters; if configured suitably, routers respond to such a request with a router advertisement packet that contains network-layer configuration parameters.

If IPv6 autoconfiguration is not suitable, a host can use stateful autoconfiguration (DHCPv6) or be configured manually.

Stateless autoconfiguration is only suitable for hosts; routers must be configured manually or by other means.

Multicast

Multicast is part of the base protocol suite in IPv6. This is in opposition to IPv4, where multicast is optional.

Most environments do not currently have their network infrastructures configured to route multicast; that is — the link-scoped aspect of multicast will work but the site-scope, organization-scope and global-scope multicast will not be routed.

IPv6 does not have a link-local broadcast facility; the same effect can be achieved by multicasting to the all-hosts group (FF02::1).

The m6bone is catering for deployment of a global IPv6 Multicast network.

Jumbograms

In IPv4, packets are limited to 64 KiB of payload. When used between capable communication partners, IPv6 has support for packets over this limit, referred to as jumbograms. The use of jumbograms improves performance over high-throughput networks.

Faster routing

By using a simpler and more systematic header structure, IPv6 was supposed to improve the performance of routing. Recent advances in router technology, however, may have made this improvement obsolete[citation needed].

Network-layer security

IPsec, the protocol for IP network-layer encryption and authentication, is an integral part of the base protocol suite in IPv6. However, almost all old IPv4-capable TCP/IP-stacks also have an IPsec implementation, yet IPsec has not seen wide deployment except for securing BGP traffic between IPv6 routers.

Mobility

IPv6 hosts are not constrained by the location of the physical network, are transport layer independent and will support the robustness and availabilty of network services. Also referred to as Mobile IPv6 (MIPv6) and defined in RFC 3775 and RFC 3776. MIPv6 also uses IPv6 anycast addressing to locate and send binding updates to support mobility.

However, again, Mobile IP has also been standardized for the old IPv4, yet has not seen widespread adoption.

Addressing

128-bit length

The primary change from IPv4 to IPv6 is the length of network addresses. IPv6 addresses are 128 bits long (as defined by RFC 4291), whereas IPv4 addresses are 32 bits; while the IPv4 address space contains 4,294,967,296 addresses, IPv6 has enough room for 340,282,366,920,938,463,463,374,607,431,768,211,456 (340 undecillion, 282 decillion, 366 nonillion, 920 octillion, 938 septillion, 463 sextillion, 463 quintillion, 374 quadrillion, 607 trillion, 431 billion, 768 million, 211 thousand, 456) unique addresses. In exponential form, this equates to ~3.402823669*(10^38) unique addresses.

IPv6 addresses are typically composed of two logical parts: a 64-bit (sub-)network prefix, and a 64-bit host part, which is either automatically generated from the interface's MAC address or assigned sequentially. Because the globally unique MAC addresses offer an opportunity to track user equipment, and so users, across time and IPv6 address changes, RFC 3041 was developed to reduce the prospect of user identity being permanently tied to an IPv6 address, thus restoring some of the possibilities of anonymity existing at IPv4. RFC 3041 specifies a mechanism by which variable over time random bit strings can be used as interface circuit identifiers, replacing unchanging and traceable MAC addresses.

Notation

IPv6 addresses are normally written as eight groups of four hexadecimal digits. For example, 2001:0db8:85a3:08d3:1319:8a2e:0370:7334 is a valid IPv6 address.

If a four-digit group is 0000, the zeros may be omitted. For example, 2001:0db8:85a3:0000:1319:8a2e:0370:1337 can be shortened as 2001:0db8:85a3::1319:8a2e:0370:1337. Following this rule, any group of consecutive 0000 groups may be reduced to two colons, as long as there is only one double colon used in an address. Leading zeros in a group can also be omitted. Thus, the addresses below are all valid and equivalent:

Having more than one double-colon abbreviation in an address is invalid, as it would make the notation ambiguous.

A sequence of 4 bytes at the end of an IPv6 address can also be written in decimal, using dots as separators. This notation is often used with compatibility addresses (see below). Thus, ::ffff:1.2.3.4 is the same address as ::ffff:102:304.

Additional information can be found in RFC 4291 - IP Version 6 Addressing Architecture.

Literal IPv6 Addresses in URLs

In a URL the IPv6-Address is enclosed in brackets. Example:

http://[2001:0db8:85a3:08d3:1319:8a2e:0370:7344]/

This notation allows parsing a URL without confusing the IPv6 address and port number:

http://[2001:0db8:85a3:08d3:1319:8a2e:0370:7344]:443/

Additional information can be found in "RFC 2732 - Format for Literal IPv6 Addresses in URL's" and "RFC 3986 - Uniform Resource Identifier (URI): Generic Syntax"

Network notation

IPv6 networks are written using CIDR notation.

An IPv6 network (or subnet) is a contiguous group of IPv6 addresses the size of which must be a power of two; the initial bits of addresses, which are identical for all hosts in the network, are called the network's prefix.

A network is denoted by the first address in the network and the size in bits of the prefix (in decimal), separated with a slash. For example, 2001:0db8:1234::/48 stands for the network with addresses 2001:0db8:1234:0000:0000:0000:0000:0000 through 2001:0db8:1234:FFFF:FFFF:FFFF:FFFF:FFFF

Because a single host can be seen as a network with a 128-bit prefix, you will sometimes see host addresses written followed with /128.

Special addresses

There are a number of addresses with special meaning in IPv6:

* ::/128 — the address with all zeros is an unspecified address, and is to be used only in software.
* ::1/128 — the loopback address is a localhost address. If an application in a host sends packets to this address, the IPv6 stack will loop these packets back to the same host (corresponding to 127.0.0.1 in IPv4).
* ::/96 — the zero prefix was used for IPv4-compatible addresses (see Transition mechanisms below)
* ::ffff/96 — this prefix is used for IPv4 mapped addresses (see Transition mechanisms below)
* 2001:db8::/32 — this prefix is used in documentation (RFC 3849). Anywhere where an example IPv6 address is given, addresses from this prefix should be used.
* fc00::/7 — Unique local IPv6 unicast addresses are routable only within a set of cooperating sites. They were defined in RFC 4193 as a replacement for site-local addresses (see below). The addresses include a 40-bit pseudorandom number that minimizes the risk of conflicts if sites merge or packets somehow leak out.
* fe80::/64 — The link-local prefix specifies that the address only is valid in the local physical link. This is analogous to the Autoconfiguration IP address 169.254.x.x in IPv4.
* fec0::/10 — The site-local prefix specifies that the address is valid only inside the local organisation. Its use has been deprecated in September 2004 by RFC 3879 and systems must not support this special type of address.
* ff00::/8 — The multicast prefix is used for multicast addresses.[1]

There are no address ranges reserved for broadcast in IPv6 — applications use multicast to the all-hosts group instead.

IPv6 packet
The structure of an IPv6 packet header.
The structure of an IPv6 packet header.

The IPv6 packet is composed of two main parts: the header and the payload.

The header is in the first 40 octets of the packet and contains both source and destination addresses (128 bits each), as well as the version (4-bit IP version), traffic class (8 bits, Packet Priority), flow label (20 bits, QoS management), payload length (16 bits), next header (8 bits), and hop limit (8 bits, time to live). The payload can be up to 64KiB in size in standard mode, or larger with a "jumbo payload" option.

Fragmentation is handled only in the sending host in IPv6: routers never fragment a packet, and hosts are expected to use PMTU discovery.

The protocol field of IPv4 is replaced with a Next Header field. This field usually specifies the transport layer protocol used by a packet's payload.

In the presence of options, however, the Next Header field specifies the presence of an extra options header, which then follows the IPv6 header; the payload's protocol itself is specified in a field of the options header. This insertion of an extra header to carry options is analogous to the handling of AH and ESP in IPsec for both IPv4 and IPv6.

IPv6 and the Domain Name System

IPv6 addresses are represented in the Domain Name System by AAAA records (so-called quad-A records) for forward lookups; reverse lookups take place under ip6.arpa (previously ip6.int), where address space is delegated on nibble boundaries. This scheme, which is a straightforward adaptation of the familiar A record and in-addr.arpa schemes, is defined in RFC 3596.

The AAAA scheme was one of two proposals at the time the IPv6 architecture was being designed. The other proposal, designed to facilitate network renumbering, would have had A6 records for the forward lookup and a number of other innovations such as bit-string labels and DNAME records. It is defined in the experimental RFC 2874 and its references (with further discussion of the pros and cons of both schemes in RFC 3364).

AAAA record fields NAME Domain name
TYPE AAAA (28)
CLASS Internet (1)
TTL Time to live in seconds
RDLENGTH Length of RDATA field
RDATA String form of the IPV6 address as described in RFC 3513

RFC 3484 specifies how applications should select an IPv6 or IPv4 address for use, including addresses retrieved from DNS.

IPv6 and DNS RFCs

* DNS Extensions to support IP version 6 - RFC 1886
* DNS Extensions to Support IPv6 Address Aggregation and Renumbering - RFC 2874
* Tradeoffs in Domain Name System (DNS) Support for Internet Protocol version 6 (IPv6) - RFC 3364
* Default Address Selection for Internet Protocol version 6 (IPv6) - RFC 3484
* Internet Protocol Version 6 (IPv6) Addressing Architecture - RFC 3513
* DNS Extensions to Support IP Version 6 (Obsoletes 1886 and 3152) - RFC 3596

IPv6 scope

IPv6 defines 3 unicast address scopes: global, site, and link. Site-local addresses are non-link-local addresses that are valid within the scope of an administratively-defined site and cannot be exported beyond it.

Site-local addresses are deprecated by RFC 3879. Note that this does not deprecate other site-scoped address types (e.g. site-scoped multicast).

Companion IPv6 specifications further define that only link-local addresses can be used when generating ICMP Redirect Messages [ND] and as next-hop addresses in most routing protocols.

These restrictions do imply that an IPv6 router must have a link-local next-hop address for all directly connected routes (routes for which the given router and the next-hop router share a common subnet prefix).

IPv6 deployment

In February 1999, The IPv6 Forum was founded by the IETF Deployment WG to drive deployment worldwide creating by now over 30 IPv6 Country Fora and IPv6 Task Forces IPv6 FORUM. On 20 July 2004 ICANN announced[5] that the root DNS servers for the Internet had been modified to support both IPv6 and IPv4.

A global view into the IPv6 routing tables, which displays also which ISPs are already deploying IPv6, can be found by looking at the SixXS Ghost Route Hunter pages: these pages display a list of all allocated IPv6 prefixes and give colors to the ones that are actually being announced in BGP. When a prefix is announced, that means that the ISP at least can receive IPv6 packets for their prefix. They might then actually also offer IPv6 services, maybe even to end users/sites directly.

ISPs that provide IPv6 connectivity to their customers can be found in the Where can I get native IPv6 FAQ.

The mandate by the United States Government to move to an IPv6 platform for all civilian and defense vendors by summer 2008 will greatly boost deployment. The awarding of over $150 billion in contracts in spring of 2007 by the General Services Administration will in itself come close to the total amount spent on the Y2K upgrade of the previous decade, and total cost will swell far beyond that, to as much as $500 billion.[6]

Transition mechanisms

Until IPv6 completely supplants IPv4, which is not likely to happen in the foreseeable future, a number of so-called transition mechanisms are needed to enable IPv6-only hosts to reach IPv4 services and to allow isolated IPv6 hosts and networks to reach the IPv6 Internet over the IPv4 infrastructure. IPv6 Transition Mechanism / Tunneling Comparison contains an overview of the below mentioned transition mechanisms.

Dual stack

Since IPv6 is a conservative extension of IPv4, it is relatively easy to write a network stack that supports both IPv4 and IPv6 while sharing most of the code. Such an implementation is called a dual stack, and a host implementing a dual stack is called a dual-stack host. This approach is described in RFC 4213.

Most current implementations of IPv6 use a dual stack. Some early experimental implementations used independent IPv4 and IPv6 stacks. There are no known implementations that implement IPv6 only.

Tunneling

In order to reach the IPv6 Internet, an isolated host or network must be able to use the existing IPv4 infrastructure to carry IPv6 packets. This is done using a technique somewhat misleadingly known as tunnelling which consists in encapsulating IPv6 packets within IPv4, in effect using IPv4 as a link layer for IPv6.

IPv6 packets can be directly encapsulated within IPv4 packets using a protocol number of 41. They can also be encapsulated within UDP packets e.g. in order to cross a router or NAT device that blocks protocol 41 traffic. They can of course also use generic encapsulation schemes, such as AYIYA or GRE.

Automatic tunneling

Automatic tunneling refers to a technique where the tunnel endpoints are automatically determined by the routing infrastructure. The recommended technique for automatic tunneling is 6to4[7] tunneling, which uses protocol 41 encapsulation. Tunnel endpoints are determined by using a well-known IPv4 anycast address on the remote side, and embedding IPv4 address information within IPv6 addresses on the local side. 6to4 is widely deployed today.

Teredo [8] is an automatic tunneling technique that uses UDP encapsulation and is claimed to be able to cross multiple NAT boxes. Teredo is not widely deployed today, but an experimental version of Teredo is installed with the Windows XP SP2 IPv6 stack. IPv6, 6to4 and Teredo are enabled by default in Windows Vista [9].

Configured tunneling

Configured tunneling is a technique where the tunnel endpoints are configured explicitly, either by a human operator or by an automatic service known as a Tunnel Broker[10]. Configured tunneling is usually more deterministic and easier to debug than automatic tunneling, and is therefore recommended for large, well-administered networks.

Configured tunneling typically uses either protocol 41 (recommended) or raw UDP encapsulation.

Proxying and translation

When an IPv6-only host needs to access an IPv4-only service (for example a web server), some form of translation is necessary. The one form of translation that actually works is the use of a dual-stack application-layer proxy, for example a web proxy.

Techniques for application-agnostic translation at the lower layers have also been proposed, but they have been found to be too unreliable in practice due to the wide range of functionality required by common application-layer protocols, and are commonly considered to be obsolete. See for example SIIT[11], NAT-PT[12], TCP-UDP Relay[RFC 3142], Socks-based Gateway[13], Bump-in-the-Stack or Bump-in-the-API[14].

IPv6 Network Integration Phases

IPv4-Dominant: Most network traffic is IPv4, the routing/control plane is running IPv4, and IPv6 service is provided via tunnels and other transition mechanisms through the IPv4-only parts of the network.

IPv6-Capable: The network, hosts, servers, and applications have been upgraded to a full dual stack and are capable of running IPv6. Both v4 and v6 share the network as equal partners.

IPv6-Dominant: Most network traffic is IPv6, the routing/control plane is running IPv6, and IPv4 service is provided via tunnels and other transition mechanisms through the IPv6-only parts of the network.

IPv6-Only: The network, hosts, servers, and applications have been fully upgraded to IPv6 and IPv4 has been deactivated.