Ipv4 и ipv6 что это такое
Home / IT Strategy / IPv4 vs IPv6: Difference Between IPv4 and IPv6
There are currently two versions of the Internet Protocol (IP): IPv4 and IPv6. Both types enable online networking and data exchange, but the two versions identify devices differently and offer distinct features. So, which one is better, faster, and more secure?
This article offers a head-to-head comparison of IPv4 and IPv6, the two currently available IPs for routing traffic across the Internet. Read on to learn the main differences between the two protocols and see why switching to IPv6 is vital to the long-term health of the Internet.
What Is IP?
The Internet Protocol (IP) is a set of networking rules that enable computers to communicate over the Internet. IP has two primary purposes:
- Enable different computers to exchange data over the Internet while ensuring sent files arrive at the correct destination.
- Identify every device and domain that connects to the Internet by assigning a unique IP address (a series of digits that identify a specific computer or device).
When you send something online, the IP breaks data into smaller chunks called packets. Each packet has attached IP info that ensures whatever you send reaches the right recipient. This process occurs automatically and looks like this:
- The sender’s computer connects to the Internet via a local router, either at home or within an office server room.
- The router (which has a static IP address that never changes) assigns a temporary (a.k.a. dynamic) IP address to the device to enable communication.
- IP converts files into datagrams with a header (info consisting of IP source/destination and metadata) and the payload (the data itself).
- The protocol nests data into packets.
- IP breaks down data packets (fragmentation) and sends them over the Internet to the specified IP address.
- Once data reaches its destination, IP rebuilds the file (reassembly) to allow access.
The Internet Protocol does not assign IP addresses at random. A non-profit organization called Internet Corporation for Assigned Names and Numbers (ICANN) allocates IP addresses to Internet Service Providers (ISPs) who assign addresses to end-user devices.
Most networks combine IP with TCP (Transmission Control Protocol) or UDP (User Datagram Protocol) to form a connection between devices. All three are a part of the broader Internet Protocol Suite (TCP/IP) that governs rules for routing and receiving data over a network.
Learn the difference between public and private IP addresses, the two main types of «online IDs» computers use to communicate over the Internet.
What Is IPv4?
IPv4 is the first major version of the Internet Protocol that’s been the go-to communication model for the Internet since the 1980s. This protocol «carried» 94% of all online traffic in 2021.
IPv4 assigns 32-bit IP addresses to devices. Each address has four groups of numbers (8-bit sections called octets) separated by a period, such as:
The value of each octet ranges from 0 to 255, so the IPv4 model includes every address between 0.0.0.0 and 255.255.255.255. All IPv4 addresses have two parts:
- The network ID (the first three octets) that indicates which network the device is on.
- The host ID (the fourth octet) that identifies the specific device on that network.
For example, if your home network has a 192.168.1.1 address, 192.168.1 is the network ID, while the final octet (1) is the host ID. In most networks, the router gets the .1 value by default.
IPv4 enables the creation and use of 4,294,967,296 unique addresses (more commonly expressed as 2^32). In the 1980s and 1990s, over 4 billion available addresses seemed sufficient to meet the demand of the online world. However, it quickly became clear that a shortage was coming.
Nowadays, there are over 7.75 billion people worldwide, and most of us use two or more smart devices. Just over four billion IP addresses are no longer enough, so IT experts must «trick» devices into reusing the same addresses.
The most common technique for reusing IPv4 addresses is Network Address Translation (NAT). NAT enables you to represent a group of devices with a single IP address, which conserves bandwidth and slows down the depletion of IP addresses.
We view IP addresses in human-readable notations, such as 184.108.40.206. However, computers only understand binary format, so the address we see as 220.127.116.11 stands for 01000010.01011110.00011101.00001101 in the «computer language.»
Here are the main features of IPv4:
- Creates 32-bit IP addresses.
- Addresses use four 1-byte decimal numbers separated by a dot, a format that a human can easily read and even remember.
- Connectionless protocol.
- Requires small amounts of memory to store address info in the network.
- Supported by nearly all devices and websites on the Internet.
- Offers video libraries and conferences.
- Enables the creation of a simple virtual communication layer over diversified devices.
Learn how to check your IP address in Linux the easy way (both for IPv4 and IPv6).
What Is IPv6?
IPv6 is the latest Internet Protocol version and the successor to IPv4. IPv6 aims to fulfill the need for more IP addresses, the main issue of the previous IP. Another common name for IPv6 is IPng (Internet Protocol next generation).
Unlike its predecessor, IPv6 uses 128-bit hexadecimal IP addresses. This model enables 2^128 unique addresses (over 340 undecillion, which is 340 with 36 zeros).
IPv6 addresses are significantly longer than IPv4 variants (eight 16-bit blocks with groups of four symbols, often called hextets or quartets) and are alphanumeric. Also, whereas IPv4 relies on periods for formatting, IPv6 uses colons, such as in this example:
The model omits leading zeros (like in IPv4), and you’ll sometimes find IP addresses that have a double colon (::) that designate any number of 0 bits (such as 1201:2db7::fa00:0040:6669, in which the third, fourth, and fifth hextets are 0000).
While IPv6 is more sustainable than IPv4, the majority of the Internet still uses IPv4. Upgrading all the routers, servers, and switches that have used IPv4 for decades takes a lot of time and money. Compatibility is also a concern, which is why we’re seeing a rise in IPv4-to-IPv6 conversion techniques like:
- Dual stacking that enables a device to run both protocol types at the same time.
- IPv6 tunnels that allow private networks to communicate with each other even if they use different IP versions.
While functional, IP conversions create flaws that can lead to network security risks, cyber attacks, and data breaches. Ideally, a network should rely solely on IPv6, which is bound to become the norm in the coming years.
Here are the main features of IPv6:
- A 128-bit hexadecimal address scheme.
- Both stateful and stateless configurations.
- Auto-configuration capabilities.
- Support for Quality of Service (QoS), a.k.a. flow labeling.
- Better multicast routing and simpler header format than IPv4.
- End-to-end connectivity at the IP layer, so there’s no need for NAT, one of the most popular workarounds for conserving IPv4 addresses.
- Integrated Internet Protocol Security (IPSec) with built-in authentication, encryption, and privacy support.
The world did not skip over IPv5. The draft for IPv5 came out in 1990 when IT experts wanted to use it for streaming services (such as voice and video). However, the model never took off due to technical issues, and it eventually fell behind when IPv6 came out in 1995.
IPv4 vs IPv6: Table Comparison
The table below offers an in-depth IPv4 vs IPv6 comparison:
|Point of comparison||IPv4||IPv6|
|Size of IP address||32-bit (4 bytes)||128-bit (16 bytes)|
|Number of available IP addresses||4.3 billion (must reuse and mask addresses)||340 undecillion (every device can have a unique address)|
|IP address notation||Decimal address, 4 fields (octets) separated by dots (.)||Alphanumeric address, 8 fields (hextets or quartets) separated by colons (:)|
|Main selling point||Widely supported and easy to use||Virtually unlimited number of IP addresses|
|IP address lifetime||Not an applicable concept||Two lifetimes: preferred and valid (preferred lifetime is always smaller or equal to valid)|
|Address prefix||Sometimes used to designate network from host portion (written as /nn suffix on the presentation form of address)||Used to designate the subnet prefix of an address (written as /nnn)|
|Configuration||DHCP or manual configuration||Stateless address auto-configuration (via Internet Control Message Protocol version 6 (ICMPv6) or DHCPv6)|
|Number of header fields||12 (length of 20-60 bytes)||8 (fixed length of 40 bytes)|
|Checksum in header||Yes||No|
|Types of addresses||Unicast, broadcast, and multicast||Unicast, multicast, and anycast|
|Number of classes||Class A to E||No classes|
|Address masking||Used||Not used|
|VLSM (Variable Length Subnet Mask) support||Yes||No|
|How to ping||ping [insert IP address]||ping6 [insert IP address]|
|Starting and stopping||Use the STRTCP or ENDTCP command to start or end IPv4||Specify YES on the STRIP6 parameter of the STRTCP command to start (the ENDTCP command ends IPv6)|
|Packet size||The minimum packet size is 576 bytes||The minimum packet size is 1208 bytes|
|Packet fragmentation||Performed by routers and sending nodes||Performed by the sending node only|
|Routing Information Protocol (RIP)||Supported by the routed daemon||RIP does not support IPv6 (uses static routes for network functions)|
|Simple Network Management Protocol (SNMP)||Yes||No|
|IPSec (Internet Protocol Security)||Optional||Integrated and mandatory|
|Built-in end-to-end encryption||No||Yes|
|Quality of Service (QoS)||The packet header does not identify packet flow for QoS handling||The packet header contains Flow Label field that specifies packet flow for QoS handling|
|DNS records||Pointer (PTR) records, IN-ADDR.ARPA DNS domain||Pointer (PTR) records, IP6.ARPA DNS domain|
|IP to MAC resolution||Broadcast ARP||Multicast neighbor solicitation|
|Local subnet group management||Internet Group Management Protocol (IGMP)||Multicast Listener Discovery (MLD)|
|Optional fields||Yes||No (but there are Extension Headers)|
|Header includes options||Required||Moved to IPv6 extension headers|
|Mobility protocol||Uses Mobile IPv4 (MIPv4)||Uses Mobile IPv6 (faster handover, routing, and hierarchical mobility)|
|Address allocation||Initially allocated by network class, now relies on smaller allocations of Classless Inter-Domain Routing (CIDR)||Allocation is still in early stages, but the address space is large enough to give everyone a /48 subnet prefix length|
Why Is IPv6 Better Than IPv4?
IPv6 is the most recent version of the IP, and it’s more advanced, secure, and faster than IPv4. Here are the main advantages IPv6 has over its predecessor:
- Enough IP addresses for the foreseeable future.
- Simplified router tasks (mainly due to the encoding of IPv6 addresses that uses a hierarchy similar to CIDR).
- Auto-configuration that automates tasks such as IP address assignment and device numbering.
- Better compatibility with mobile networks.
- Reduced size of routing tables, which leads to more efficient routing.
- Up to 15% boost to speed, primarily due to bigger payloads and allowing every device to have a public IP address (instead of hiding behind a NAT router).
- Built-in IPSec, end-to-end encryption, identity verification, and data integrity features.
Despite these benefits, less than 1% of current networks use IPv6. All others use IPv4, which has been the go-to IP since the birth of the Internet. Legacy systems are challenging (and expensive) to root out, especially the ones we have relied on for decades.
There are further problems on top of transition-related issues. Some VPNs do not support the latest IP, while many operating systems and network infrastructures struggle with IPv6 routing. Also, larger packet headers could potentially slow down certain use cases that would work more optimally with IPv4.
The main reason IPv6 beats the previous version is the significantly larger pool of available IP addresses. The difference in speed is neglectable for most use cases, while tech-savvy admins know how to add most IPv6-native features to IPv4. What no one can create are new IPv4 addresses (which the US ran out of in 2015), which is the main reason IPv6 is bound to take over eventually.
In theory, we can also run out of IPv6 addresses. However, if we keep the current pace of Internet expansion, exhausting IPv6 will become a concern somewhere around 9,000,000 AD.
IPv4 vs IPv6: The Two IP Versions Will Not Co-Exist Forever
IPv4 will stick around for a long time due to the cost and compatibility issues of switching to IPv6. However, the shift to IPv6 is vital to the long-term health of the Internet, so it’s only a matter of time before IPv6 becomes the norm. The gradual transition might take years, but a permanent switch to IPv6 should already be on your business planning and IT radar.
IPv4 vs IPv6 — Understanding the differences
In this lesson, we are going to examine the differences in how IPv6 operates compared to IPv4. We will compare the IPv6 header to the IPv4 header and talk about the new IPv6 extension headers.
IPv4 Header vs IPv6 Header
IPv6 is using two main types of headers: Main IPv6 Header and the new IPv6 Extension Headers. The main IPv6 header is equivalent to the IPv4 one with some field differences introduced for better efficiency. Figure 1 compares both headers.
Figure 1. Comparing IPv4 and IPv6 headers
Note that the IPv6 header has fewer fields which makes it more efficient and faster to process. Another big advantage is that the header length is fixed size 40 bytes, comparing to the variable length size of the IPv4 header.
The Version field is a 4-bit long identifier of the IP protocol version. Needles to say, it is set to 4 in IPv4 and 6 in IPv6.
Figure 2. IPv6 Version field
However, in the most common case where IP is encapsulated in Ethernet, identification of the IP protocol happens at the data-link layer through a 16-bit field in the frames called EtherType. Each frame has an EtherType field that identifies the upper-layer protocol in the payload portion. When IPv6 is encapsulated in Ethernet II, the value used is 0x86dd, where 0x means that the digits are hexadecimal values. When IPv4 is encapsulated in Ethernet II, the value used is 0x800.
Figure 3. IPv6 Packet in Ethernet Frame
The Traffic Class field is an 8-bit long identifier of the packet’s class or priority. It is the same concept as the Type of Service field in the IPv4 header. The first 6 bits of the Traffic Class field represents the DSCP field as defined in RFC 2474, and the last 2 bits are used for ECN as defined in RFC 3168.
Figure 4. IPv6 Traffic Class Field
Originally, in IPv4 only the first 3 bits were used as QoS value called IP Precedence. Later it was superseded by the Diffserv technology that uses the first 6 bits and the value is called Differentiated Services Code Point or just DSCP.
The Flow Label is a 20-bit long field that indicates to intermediate devices that a packet belongs to a specific sequence of packets between a source and a destination. IPv6 routers use this field to distinguish different traffic flow between the same source and destination, for example, different TCP sessions between the same endpoints. When the Flow label value is set to 0 means that the packet is not associated with any specific flow.
Figure 5. IPv6 Flow Label field
The IPv6 Payload field is a 16-bit identifier of the length in bytes of the data portion of a packet including any IPv6 Extension headers. The length does not include the main IPv6 header. As you can see in Figure 3, any extension headers are considered part of the payload portion. In contrast, the IPv4 Total Length field measures the length of the entire IP packet including the IPv4 header.
Figure 6. IPv6 Payload-Length Field
Both the IPv4 Total-Length and IPv6 Payload-length fields are 16-bit long, therefore allowing for up to 65,355 byte-long packets. In reality, most IP packets (both v4 and v6) are 1500 byte-long due to a technology called Maximum Transmission Unit (MTU), which defines the maximum size of a packet that can pass through the link. However, IPv6 can carry larger payloads than 65,355 bytes using the Jumbo Payload option in the Hop-by-hop extension header. These larger packets are called jumbograms and are defined in RFC 2675. Jumbograms IPv6 packets can carry payloads between 65,536 and 4,294,967,295 bytes. They are used inside very-high-speed datacenters and supercomputers.
The Next Header is an 8-bit field that specifies either the type of the first extension header (if any) or the upper-layer protocol in the payload such as TCP, UDP, or ICMPv6. The field is similar to the IPv4 Protocol field but with some additional options. When indicating an upper-layer protocol, the IPv6 Next Header field uses the same values that are used in the IPv4 Protocol.
Figure 7. IPv6 Next Header Field
Some of the most common values are shown in the table below.
|Next Header value (in hex)||Description|
|6||Transmission Control Protocol (TCP)|
|11||User Datagram Protocol (UDP)|
|2F||Generic Routing Encapsulation (GRE)|
|32||Encapsulating Security Payload (ESP)|
|3A||Internet Control Message Protocol version 6 (ICMPv6)|
|3B||No Next Header for IPv6|
|59||Open Shortest Path First (OSPF)|
IPv4 Checksum Field
In the IPv4 header, there is a Checksum field that is used to verify and discard corrupted packets. It is a 16-bit cyclic redundancy check (CRC) that is validated and recomputed at each hop along the network path.
In IPv6, there is no Checksum field. To make the header more efficient and easier to process, the protocol creators decided to not include this CRC check in the Layer 3 header. At this point, you may be wondering whether this makes IPv6 less reliable than IPv4? The answer is no because upper-layer protocols such as TCP and UDP have their own checksum fields as shown in Figure 5. Also, there is a CRC validation at the Ethernet layer and therefore in the IPv6, the checksum is unnecessary.
Figure 8. TCP and UDP Checksum field
In UDP, the checksum field is optional, but since there is no checksum field in the IPv6 header when UDP is carried by IPv6, the checksum field is mandatory.
IPv4 Time to Live (TTL) vs IPv6 Hop Limit
In IPv4, the TTL field ensures a packet won’t circulate the network indefinitely in case of a routing loop. Each time a packet passes through a layer 3 device, the TTL value is decremented by one. When the value becomes 0, the packet is discarded. By default, the TTL value is set to 255.
Figure 9. IPv6 Hop Limit Field
In IPv6, the Hop Limit field is basically the same thing, just the name has been changed to more precisely describe the function of the field.
Fragmentation in IPv4 and IPv6
If you look closely at the IPv4 header fields, you will note three fields that are not present in the IPv6 Header — the Identification, Flags, and Fragmentation Offset fields. They have been removed in version 6 because of the difference in the way fragmentation is handled in both protocols.
In IPv4, all network layer devices are allowed to fragment packets if the DF-bit (don’t fragment) is not set. For example, if a router receives a packet that is larger than the MTU of the outgoing interface, the router divides the packet into multiple packets and send them out. The final destination is then responsible to reassemble the fragments into the original IP packet. Such an example is shown in figure 9.
Figure 10. IPv4 Fragmentation is done by a router
The three IPv4 fields Identification, Flags, and Fragmentation Offset are used in this fragmentation handling process.
In IPv6, routers do not fragment packets. When an IPv6 router receives a packet larger than the MTU of the outgoing interface, the router discards the packet and sends an ICMPv6 «Packet Too Big» message back to the sender. The message includes the MTU value of the egress link, so the source can adjust the packet size and retransmit. This process is called Path MTU Discovery and is described in RFC 1981, Path MTU Discovery for IP Version 6. An example is shown in figure 10.
There are two important points to clarify:
- Typically, when a source starts sending packets to a destination, it is not a single packet but a series of multiple ones. This process of adjusting the MTU is happening only with the first packet and after that, the entire flow is being transmitted with the proper packet size.
- Obviously, IMCPv6 messages have to be able to reach the sender for PMTU to work. Oftentimes, ICMPv6 is filtered out on firewalls or other security devices, and the PMTU process breaks.
Figure 11. IPv6 Fragmentation is done by the source
Here is an example of an ICMPv6 Echo Request packet that uses the default Traffic Class, Flow Label, and a Hop Limit of 128. It is sent between two nodes using link-local addresses.
Let’s quickly summarize what we have learned in this lesson in the following table:
В чем разница между IPv4 и IPv6
Интернет-протоколы, или так называемые, IP-адреса – протокол связи, через который происходит передача данных (датаграмм). С их помощью соединяются все персональные компьютеры и другие устройства из разных уголков мира, превращаясь в единую сеть – интернет. По IP определяется месторасположение оборудования, перевод информации в датаграммы и указывается их путь от источника к получателю. Работают интернет-протоколы на основании определенных закономерностей и требований, требующих обязательного учета при передаче данных.
Всемирная сеть постоянно развивается. И, чтобы соответствовать постоянно возрастающим нормам и требованиям, видоизменяются и стандарты. Так, наряду с системой IPv4 на рынке представлена еще одна – IPv6. В чем же отличие? Что лучше: IPv4 или IPv6 и так ли просто будет перейти на более высокую версию протокола связи?
Что это: IPv4 и IPv6?
IPv4 – один из основных интернет-стандартов, реализованных на правилах взаимодействий между сетями на онлайн-просторах. Его первая версия разработана в конце 60-х годов прошлого века специально для компьютерной сети американского Министерства обороны – Arpanet (Advanced Research Projects Agency Network, Сеть Агентства передовых исследований). Именно она считается прародителем интернета. В работе этот протокол применяет 32-битные поля источника и адресата, ограничивающие допустимое пространство до 4,3 млрд. адресов. А на сегодня их общее количество уже перевалило через 20 млрд., и цифра постоянно увеличивается.
IPv4 применяется для обеспечения качественного соединения в сетях, основываясь на коммутационных пакетах. Здесь реализована технология передачи датаграмм, имеющая непосредственную связь между текущей нагрузкой на трафик и пропускной способностью, временем доставки. Но здесь нет гарантий, что информация будет доставлена или доставлена только один раз, без повторов. Также в IPv4 не предусмотрено определенной последовательности действий.
Ограничения 4 версии интернет-протокола стимулировали работы над более усовершенствованным поколением еще в первой половине 90-х годов прошлого века. Разрабатывала это Целевая группа Internet Engineering Task Force (IETF). Специалистам удалось решить проблему с ограничением количества адресов, теперь их предоставляется бесконечное множество. Не актуальным стало и исчерпание IP-адреса. Но все же IPv4 и IPv6 сети достаточно схожи между собой: 6 версия интернет-протокола обеспечивает абсолютную передачу данных по разным сетям, основываясь на уникальных принципах проектирования, которые были реализованы в 4 поколении. Но она уже применяет 128-битные адреса, способные обеспечить «именем» более, чем 34*10 37 пользователей. А этого более, чем хороший запас.
IPv4 vs IPv6 – Does It Really Make a Difference?
IPv4 and IPv6 are networking protocols that allow electronic devices to communicate with one another. These protocols give connected devices an IP (Internet Protocol) address that is used to locate and send data between devices across the web and on local networks. But why are Internet Service Providers and cloud hosting companies are upgrading their networks to support IPv6? What are the differences between IPv4 and IPv6?
We’re going to guide you through the complexities of IPv4 and IPv6 with the goal of giving you a better understanding of the technology involved, key differences, and advantages/disadvantages of each one.
What is IPv4?
IPv4, or Internet Protocol Version 4, is a 32-bit addressing scheme that provides IP addresses as well as protocols to provide routing and connectivity to connected devices.
Each IP address provided by IPv4 will be in the format of xxx.xxx.xxx using decimal digits ranging from 0-9. With this format of addressing, there can be around 4.3(4,294,967,296) billion IPv4 addresses.
What is IPv6?
IPv4 or Internet Protocol Version 6 is a 128-bit addressing scheme that Is used similarly to IPv4. The biggest difference between the two protocol versions is that IPv6 utilizes 128-bit addressing vs IPv4’s 32-bit.
Each IPv6 is in the format of xxxx.xxxx.xxxx.xxxx.xxxx.xxxx.xxxx.xxxx. Ouch! That’s a bit hard on the eyes. IPv6 addresses are formatted in 8 groups of 4 hexadecimal characters. With this format we can create a total of 340,282,366,920,938,463,463,374,607,431,768,211,456 addresses. That’s an insane amount!
What Happened To IPv5?
So, what happened to IPv5 and why did we hop from IPv4 to IPv6? IPv5, originally designed in 1979, included improvements for streaming data.
The introduction of this protocol led to technologies that we use today such as VoIP(Voice over IP) and MPLS(Multi-Protocol Label Switching). IPv5 still uses the same addressing scheme as IPv4, which was one of the main reasons why this protocol version was never released to the public.
Why Was IPv6 Invented In The First Place?
The main reason that the IPv6 protocol was created was to prevent us from running out of IP addresses. Currently, IPv4 addresses are constantly traded to meet the demands of the growing number of devices being used on the web. Making the swap to IPv6 will stop us from worrying about this problem for a long time to come.
IPv4 vs. IPv6 – Which One Comes Out On Top?
After learning about IPv4 and IPv6 you must be wondering, which one should I be using? The truth is… either. Or even both… Don’t worry, the following sections will shed some light on the key differences between both protocol versions.
Some of the key differences between IPv4 and IPv6 are:
- No need for NAT(Network Address Translation) in IPv6
- IPv4 uses 32-bit decimal addressing and IPv6 uses 128 hexadecimal addressing
- IPv4 sections are separated by a dot(.) and IPv6 by a colon(:)
- IPv4 packets utilize 12 headers while IPv6 uses 8
- Easier administration on local networks with IPv6
- Simplified routing in IPv6 (mostly due to not utilizing NAT)
IPv4 vs IPv6 – Security
What the common trend seems to state is that IPv6 is more secure than IPv4. That isn’t necessarily true and is all dependent on your network design. The three most significant technologies that people believe make IPv6 more secure than IPv4 are the innate defense from IP scanning, the built-in usage of IPsec, and the removal of NAT as a dependency.
Let’s dive into each of these in more detail.
A common method hackers use to attack a network is through scanning public IP addresses and attempting to scan the network for vulnerabilities such as open ports. This attack method works well on IPv4 networks due to the average time it takes to scan every public IPv4 address being around 5 minutes. When utilizing IPv6 addresses, that time jumps from 5 minutes to an estimated 38 billion years.
That being said, you wouldn’t want to rely on the extended address range for any security. Even with an estimated time of 38 billion years, if your address was at the beginning of the list and you had unsecured ports opened, your network would still get attacked. While the odds are low that this can happen, the risk is still similar to IPv4 and is easily avoidable by securing open ports on your network.
IPsec, or Internet Protocol Security, was designed to provide security to the network layer, specifically authentication and encryption. For IPv6, IPsec is a mandatory feature, and for IPv4, it’s typically used for encryption while utilizing VPNs. IPsec is a nice security feature that is easily implemented.
For both IPv4 and IPv6 protocols, there are subtle nuances for utilizing IPsec properly. Starting with IPv6, IPsec is a mandatory feature for this protocol version. What this means is that all devices that support IPv6 will innately have IPsec as a feature set.
However, while IPsec is mandatory on all devices, its utilization is completely optional. Essentially, if you don’t confirm that you are using IPsec, there’s a chance that it may be turned off. Think of a door with a lock. The lock can provide great security for securing your home… if you don’t remember to lock the door, that lock does nothing.
NAT, or Network Address Translation, is a method of IP address mapping that is utilized to preserve public IPv4 addresses. This is mostly utilized in LANs (local area networks) with a one-to-many setup. Network Address Translation with a one-to-many setup ends up giving your router a single public IP address shared by all of your devices Due to IPv6 having enough addresses that no device needs to share a public IP, NAT isn’t used at all.
Some people view the removal of NAT as a boost to security while others view it as a negative. In actuality, it doesn’t make too much of a difference for your network’s security.
NAT can be nice due to its innate functionality of masking the current device’s public IP when sending data on the web. This process doesn’t add any extra security, the security comes from the use of a stateful firewall, which is supported by almost all routers. A stateful firewall remembers the hosts that the device is sending data to, and only allows packets back from hosts that you are sending data to. Put simply, this built-in firewall will block all traffic that was not initiated by the current device.
The biggest takeaway from this section is that IPv6 is more secure out of the box than IPv4. That being said, if you were to apply some simple configurations to your network, you can reach the same level of security with IPv4 that you would have with IPv6.
IPv4 vs IPv6 – Speed
This is a hot topic in networking, what about the difference in speed? Currently, it looks like IPv6 is faster than IPv4, but under most circumstances, the difference amounts to milliseconds – something that won’t have an effect on the end-user.
At the current time of writing of this article, it is believed that the slight increase of speed comes from the fact that devices can utilize public IP addresses when using IPv6, instead of sending data back and forth using NAT with IPv4.
Since IPv6 can send data directly between devices, IPv6 just needs to check the data was transmitted correctly, while IPv4 needs to do error checking at multiple levels to ensure the data is intact and accurate when it’s received by the other device. So yes, in terms of speeds, IPv6 is slightly faster.
Why you don’t need to switch from IPv4 to IPv6 right away
A lot is going on with transitioning from IPv4 to IPv6. It was estimated that around this time we would be at 50% utilization of IPv6 addresses worldwide. At present, we are at around 30% global utilization.
The future adoption of IPv6 largely depends on several factors such as migrations from ISPs, large enterprises, and cloud providers. Implementing this change on their end is a large and expensive task. Due to the fact that IPv4 addresses are being exhausted, there will be an apex where the cost of IPv4 addresses starts to exceed the cost of the transition to IPv6.
Is IPv6 Going To Become More Common In The Future?
Put simply, yes! As the connected world increases rapidly, the more we will need to utilize IPv6. The idea is to slowly move over devices to IPv6 to release pressure on IPv4 addresses. That being said, even though the technology is moving in this direction, the more IPv6 addresses we utilize, the more IPv4 addresses that will be released back into the pool for someone else to acquire.
The main reason you would not want to swap over to IPv6 right away is that all of the sites and services you visit may not support IPv6. As the adoption rate grows higher, the less of a problem this will be.
Effortless Server & Web Application Management with RunCloud
We’ve covered a lot of topics in this article regarding IPv4, IPv6, IPsec, NAT, IP Scanning, etc… that’s a lot of information to parse. Now that we are at the end of this article you might be wondering how to go about upgrading to IPv6, how to upgrade your network to support both IPv4 and IPv6 users, or even if your network is currently secure? Or am I vulnerable to some of the issues listed earlier?
This is where RunCloud comes in. RunCloud is a simple, yet powerful control panel that can help you manage multiple cloud services across various platforms. For example, earlier on in this article, we mentioned how IPv6 has IPsec built-in by default but may not necessarily be turned on. Utilizing a service like RunCloud will give you a simple method for securing and managing your entire server down effortlessly.
So, IPv4 or IPv6? Which one?
IPv4 vs. IPv6? Honestly, it doesn’t matter too much. What really matters is how you go about securing and optimizing your server and network to deliver optimal speeds and secure connections. If the option is available to you, it doesn’t hurt to flip that dual-stack switch up, just to be prepared for the future.
One day, we will eventually be using IPv6 addresses, IPv6 is the future of IP addresses. All networks will slowly start to make the transition over to IPv6. This transition will not happen overnight nor will it happen over the next couple of months. It’ll be years until most websites and services can be visited over IPv6. It will be even longer before websites completely shut off their IPv4 support.
So, there really isn’t much to worry about apart from focusing on deploying servers that are reliable, fast, and secure which is what we at RunCloud are dedicated to making easier than ever – and it’s why we’re trusted by people new to server management all the way to senior Linux SysAdmins.