Four years ago, various groups within the Internet community began working on the next version of the Internet Protocol, IPv6. The current version, IPv4, has been adequate to support simple distributed applications, such as file transfer and electronic mail. But the world’s needs today are calling for the Internet to support a multimedia environment, rich in applications, and use of the World Wide Web. With the advent of complex client/server environments and intranets in the corporate world, greater support of these applications and for Web users is a must.
The Internet Engineering Task Force (IETF) issued a call for proposals for specifications for the next generation IP. Two years ago, a design for IPv6 was developed. That design focuses on three main areas:
IPv6 uses a 128-bit addressing scheme. This increases address space by a factor of 296! According to one IPv6 paper, this should provide for “adequate addressing capability for any network limited to this planet.” By using 128 bits rather than 32 bits as IPv4 does, IPv6 increases address space by a billion x a billion x a billion times. A comparison of this increase translates to:
IP Version | Size of Address Space |
---|---|
IPv4 | 32 bits = 4,294,967,296 |
IPv6 | 128 bits = 340,282,366,920,938,463,463,374,607,431,768,211,456 |
But what is as important as the address space is the how the addresses are allocated. IPv6 assigns addresses in a hierarchical manner, as needed by the requester, rather than in blocks that have unused addresses, as IPv4 does. In this hierarchical scheme, an upper authority subdivides its address allocation to a lower authority, which can subdivide its address allocation to the next lower authority, and so on.
Currently, the bulk of addresses are assigned by network providers. With IPv6, addresses are not centrally allocated and only one prefix (010) is for network provider allocations.
The address classes of IPv6 also meet the needs of the user community more directly than IPv4. There are basically three types of network users: ones who use an organization’s intranet and the Internet; ones who use only their company’s intranet at this time, but might connect to the Internet in the future; and individuals who connect to the Internet via telephone lines from home, airports, hotels, or anywhere else.
IPv6 provides a better way of servicing these kinds of users by offering three address types:
The IPv6 addresses are 128-bit identifiers for interfaces and sets of interfaces.
Unicast addresses identify a single interface. Packets sent to a unicast address are delivered to the interface identified by that address.
There are four types of unicast addresses.
Example:
Bits | 3 | n | m | o | p | 125-n-m-o-p |
010 | Registry ID | Provider ID | Subscriber ID | Subnet ID | Interface ID |
Example of link-local:
Bits | 10 | n | 118-n |
1111111010 | 0 | Interface ID |
Example of site-local:
Bits | 10 | n | m | 118-n-m |
1111111011 | 0 | Subnet ID | Interface ID |
Example:
Bits | 96 | 32 |
0000 FFFF | IPv4 Address |
Example:
Bits | 96 | 32 |
0000 0000 | 0001 |
The interface is the system’s Ethernet, FDDI, or Token Ring MAC address (48-bit).
Multicast addresses identify a set of interfaces that usually belong to different nodes. Packets sent to a multicast address are delivered to all interfaces identified by that address. This is useful in several ways, such as sending discovery messages to only the machines that are registered to receive them. A particular multicast address can be confined to a single system, restricted to a specific site, associated with a particular network link, or distributed world-wide. Note that IPv6 has no broadcast addresses and uses multicasting instead.
Example:
Bits | 8 | 4 | 4 | 112 |
11111111 | Flags | Scope | Group ID |
Anycast addresses are new to IP technology with this version of the protocol. This kind of address identifies a set of interfaces, usually belonging to different nodes. A packet sent to an anycast address is delivered to one of the interfaces identified by the address. This is usually the nearest interface, and is determined by how the router measures distance.
This makes routing more efficient because the address itself can specify intermediate hops en route to a destination, rather than having the router determine the route.
Example:
Bits | n | 128-n |
Subnet prefix | 0000 0000 |
Network performance is directly related to routing. The amount of traffic that leaves the local network (external traffic) compared to the amount of traffic that occurs on the network is constantly increasing. This is due in part to the demand for more services, especially graphics based services. Speeds for LANs and WANs have also increased to hundreds of megabits per second, with gigabit networks not far in the future. Routers need to perform their functions of processing and forwarding IP datagrams much quicker than before.
There are fewer fields in an IPv6 packet header than in IPv4. To increase the speed at which a packet travels past a router, separate optional headers are placed between the IPv6 header and the transport layer header. Most of these are not examined or processed by routers along the packet’s path, which simplifies
and speeds up router processing. Additional optional headers are also easier to add, making IPv6 more flexible than IPv4. Because the IPv6 packet header has a fixed length, processing is also simplified.
IPv6 does not fragment packets as they are routed as IPv4 does. Instead, packet fragmentation and reassembly will be done exclusively in the communicating hosts, thus reducing the workload for intermediate routers. When the transition to IPv6 is complete, the Internet will consist of only networks with Maximum Transmission Units (MTUs) equal to or larger than 576 bytes.
Performance with IPv6 will be optimized by the use of flow labels. The flow source specifies in the label any special service requirements from routers along a path, such as priority, delay, or bandwidth. All packets in the sequence carry the same details of this information in the flow label to reserve the type of service they need from intermediate routers. Such a need would be for transmitting video, or limiting traffic a specific computer or application sends to avoid congestion.
With IPv6, a flow can be one or multiple TCP connections, and a single application could generate a single flow or multiple flows. An example of a single flow would be a text page, and an example of a multiple flow would be an audio/visual conference.
Packets that share a flow label also share path, resource allocation, discard requirements, accounting, and security attributes. The flow label is defined before transmission.
As the Internet has grown in popularity and use, the reasons for its use have changed and increased. More and more, users want to know that their transactions and access to their own sites are secure. Users also want to increase security across protocol layers. Up until IPv6, security has been available only by added applications or services.
IPv6 provides security measures in two functional areas, authentication and privacy.
Authentication requires that a sender log into the receiver. If the sender is not recognized, then access is not allowed. If access is allowed, this ensures that the packets were actually sent by the approved sender and that the content was not changed in transit.
Privacy takes the form of encryption and protects data from unintended users. Packets that leave a site can be encrypted and packets that enter a site can be authenticated.
Both privacy and authentication can be applied in a “security association.” For a one-way exchange between a sender and a receiver, one association is needed; for a two-way exchange, two associations are needed. When combining authentication and privacy, either can be applied first. If encryption is applied first, the entire packet is authenticated, including encrypted and unencrypted parts. If authentication is applied first, authentication applies to the entire packet.
Configuring IPv4 systems has traditionally been difficult and problematic. IPv6 offers two ways computer systems and personal electronic products configure themselves automatically: stateful and stateless.
With stateful autoconfiguration, servers can dynamically assign unique addresses to computers as they are requested, getting the addresses from a database of pre-allocated values.
With stateless autoconfiguration, IPv6 nodes can generate globally unique addresses by concatenating the link-local address of the network connection they are using with an internal interface number, such as an Ethernet or Token Ring MAC address.
Much planning, testing, and more testing has gone into the development of IPv6 to ensure that use of the Internet is interrupted as little as possible. The next section explains the transition plan.