IPv6

About a month ago mbq.me has joined the Internet of the future and dancing turtles, namely got a globally routable IPv6 address. It’s like 15 years late and through absolutely ridiculous routes to the rest of the world my VPS provider has, but awesome nevertheless. Here is my amateur view of what actually changes from IPv4 and why it matters.

Most visible thing is that the address is 4 times longer. The popular interpretation is that it is to sustain the growth of the number of Internet-connected devices, but this is actually half-true — this is way too long for that. Here is a picture with sizes; note how IPv6 address compares with MAC, which space is expected to contain all Internet-connectable devices for years, and no-one is worried about its exhaustion. Visual comparison of 4 byte IPv4 address, 6 byte MAC and 16 byte IPv6 address. The real deal is that is is large enough to make public IPv6 addresses trivially creatable and disposable like UUIDs, or like having the flexibility of a private IPv4 address and reachability of a public IPv4 address in one thing.

A second, tightly connected difference is that one machine will normally have a lot of IPv6 addresses connected to a single link, changing over time; some special like a link-local, some used for client connections, some routed to VMs or containers, some to start few copies of the same service without fighting with alternative ports, etc. This is possible because a non-douchebag (a.k.a. standards-compliant) ISP should give at least an entire /64 subnet, i.e. assign only the first half of the IPv6 address, leaving the rest up to you. Obviously, private networks are also possible; automatically you will get loopback address ::1, and an aforementioned link-local address from fe80::/64 which allows to talk only with other devices in the local network segment (most notably the router), effectively replacing local subnet broadcasts known from v4.

Automatically assigned addresses are generally derived from MAC in a reversible process known as stateless autoconfiguration (SLAAC); because MAC basically identifies your hardware and IP is known to remove servers you connect to because of the lack of masquerade, it leads to a popular idea that IPv6 is a serious privacy breach. This is not true though, because you can override this in numerous ways: be randomising MAC, giving random static address or turning on IPv6 privacy extensions which make the derivation irreversible. MAC-derived link-local address is on the other hand benign because it never leaves LAN and router already knows MAC because it is needed on the lower OSI level. The other argument is that even a random address is an unique identifier of your machine; this can be fixed however by regularly changing the IP to a new one, which is way more flawless than in IPv4 just because this is one of the core IPv6 ideas. The subnet part will obviously stay the same, but it is equivalent to the router address in an NATed v4 network.

Finally, IPv6 offers a sane, integrated way to automatically configure routing; everything gets negotiated via ICMPv6, there is no ARP, and router basically only needs a small advertising daemon like radvd (or even dnsmasq‘s built-in) to function.

To sum up, I really hope it will become prevailing soon; not just because IPv6 Internet is easier and more efficient, but also more open and decentralised, with a real peer-2-peer (without STUNs) and more accessible private cloud services.

Previously: So, you want to optimise something?, later: Nomads.

CC-BY mbq, written 21-3-2016, last revised 28-7-2018.