On 1th December 1995 was published the RFC1883 by Internet Engineering Task Force (IETF) – the beginning of new Internet Layer protocol history. More than 20 years have passed since those day and today approximately 10% of all hosts with support IPv6. Internet access (data from Google Statistics). If we look to
the Per-Country statistics that say: IPv6 is popular in developed countries with technology power (some exceptions available):
- United States – 24.21 %
- Germany – 22.41 %
- Switzerland – 29.21 %
- Portugal – 24.09 % (funny paradox: Spain – 0.06 %)
- Greece – 19.9 %
- Belgium – fantastic 42.96 %
- Peru – 15.85 %
Outsiders with minimal IPv6 integration:
- China – 1.7%
- Mexico – 0.0%
- Argentina – 0.03%
- Chile – 0.02%
- Spain – 0.06%
- Bolivia – 3.13%
- Poland – 2.04%
- Ukraine – 0.25%
- Russia – 0.77%
- India – 0.46%
- Australia – 1.68%
- New Zealand – 1.42%
Maybe some data is old or controversial, but regularity is clear. Why IPv6 is better than IPv4 and influential to modern Internet? Go to the next chapter.
The biggest reasons:
- addresses: ~ 4 billion in IPv4 vs 3.4×10^38 in IPv6. Four billion is too small for modern Internet: websites, smartphones, IoT (Internet of Things), web-cameras and many more devices. 3.4 * 10^38 can be explained as one IPv6 address for every 1 mm^2 of the Planet Earth upside
- easy management and configuration – IPv6 networks use autoconfiguration, management of big networks is coherent. Can be used without gateways and NAT.
- IPv6 kill NAT – transparent host to host communications is easy and effective. IPv6 support NAT, but no reason to user it cause public address is very cheaply and available for everyone.
- security – IPv6 has built-in the IPSEC protocol suite. Security of IPv4 networks depends from the software, not from Internet Protocol
- innovations in IPV6: scalability, totally multicasting, network layers, mobility.
- bigger data packages: IPv4 have limit up to 64 kB, IPv6 – 4GB.
- IPv6 hosts can generate local and global addresses with Stateless Address Autoconfiguration (SLAAC). Classic works with DHCP is also supported
- single and simple control protocol – ICPMv6
- modular header of the packet
Security and privacy in IPv6
In my opinion the most important feature – end-to-end encryption. This technology also implemented in IPv4, but used as non-universal feature. Encryption and integration features of IPv4 VPN is default standard components of IPv6 and used in all v6-networks. IPv6 also have the tons of privacy extension – for example, your public v6 IP can be hidden without VPN , Tor or others popular tools. MITM (man in the middle attack) is more hard in v6-networks. IPv6 extensions can also prevent tracking users from ISP.
SEND(Secure Neighbor Discovery) protocol helps to make secure domain resolving with cryptographic confirmation – attacks with redirecting traffic to wrong hosts is also very hard. Security in network applications is always important, more secure Internet protocol make our life better.
Address auto-configuration use MAC-address in v6-address – superb for user tracking, modern security extensions also prevent this.
Hardware & Software Support
The most of modern routers support IPv6: Cisco/Linksys, Netgear, Mikrotik, Zyxel and others. If your router doesn’t support IPv6 – don’t worry, maybe the OpenWrt or DD-Wrt firmwares can help. Please check the instructions for your device. What about Operation System adn browsers? All modern and old OS support IPv6: Linux, Widows, OS X, Android, iOS, Symbian, Bada and many others.
The most of big websites now work with IPv6: Facebook, Google, YouTube, Yahoo etc.
Check IPv6 support now
If you need to know about IPv6 support in your current Internet provider (ISP), time to open this websites in a browser: (test-ipv6.com)[http://test-ipv6.com/] or ipv6test.google.com. The classic ‘ping’ command also can help:
$ ping6 google.com connect: Network is unreachable
If your ISP support IPv6 – my congratulations! If no – no problemo, forward to the next chapter.
IPv6 without ISP support in 60 seconds
We can create tunnels and use IPv6 everyday. No, this isn’t like cheap or free VPS service with horrible latency and speed – my speed tests confirm that. You can set up tunnels on your PC, laptop or router. I suggest to use tunnel on router – easy way to migrate all your devices to IPv6. More informations for OpenWrt and DD-WRT.
Best Way – Tunnelbroker from Hurricane Electric
We need to register on tunnelbrocker.net and create tunnels. Select the most geographically near server to you:
As IPv4 Endpoint setup your IP address:
$ dig +short myip.opendns.com @resolver1.opendns.com
If the tunnel was successfully created you can see simple How-TO for Linux, OS X, Windows, OpenWrt, Ciso iOS and many others. Example configuration for Linux:
# modprobe ipv6 # ip tunnel add he-ipv6 mode sit remote 22.214.171.124 local 126.96.36.199 ttl 255 # ip link set he-ipv6 up # ip addr add 2001:470:1f06:6bb::2/64 dev he-ipv6 # ip route add ::/0 dev he-ipv6 # ip -f inet6 addr
Now it must work:
$ ping6 google.com PING google.com (2a00:1450:4010:c05::64): 56 data bytes 64 bytes from 2a00:1450:4010:c05::64: seq=0 ttl=46 time=44.420 ms 64 bytes from 2a00:1450:4010:c05::64: seq=1 ttl=46 time=38.763 ms 64 bytes from 2a00:1450:4010:c05::64: seq=2 ttl=46 time=39.775 ms 64 bytes from 2a00:1450:4010:c05::64: seq=3 ttl=46 time=38.256 ms
If your IP (behind NAT) doesn’t work with Tunnelbroker you always can use Freenet6.
Alternative Way – Freenet6 from Gogo6
Freenet6 service can be used anonymously, but registered user can always use the same addresses.
We need the gogoc client that available for Linux, Windows and OS X.
Example configuration for Linux:
# apt-get install gogoc // or # dnf install gogoc # service gogoc start
That’s enough, for stable addresses we need to setup login and password in the ‘/etc/gogoc/gogoc.conf’ configuration file.
Have fun with IPv6
Checking DNS for resolving the IPv6 addresses
$ host -t AAAA facebook.com facebook.com has IPv6 address 2a03:2880:2130:7f20:face:b00c:0:25de
Telnet also can work with IPv6:
$ telnet 3ffe:400:100::1 80
$ ssh root@[2a01:2870:2030:7f10:fdce:b10c:0:24de]
Open address in browser: