IPv6 Since 20 Years: Why IPv6 Is Better For Privacy And How To Use It Without ISP Support

Introduction

On 1th December 1995 was published the RFC1883 by Internet Engineering Task Force (IETF) – the beginning of new Internet Layer protocol history. More than 20 years have passed since those day and today approximately 10% of all hosts with support IPv6. Internet access (data from Google Statistics). If we look to
the Per-Country statistics that say: IPv6 is popular in developed countries with technology power (some exceptions available):

  • United States – 24.21 %
  • Germany – 22.41 %
  • Switzerland – 29.21 %
  • Portugal – 24.09 % (funny paradox: Spain – 0.06 %)
  • Greece – 19.9 %
  • Belgium – fantastic 42.96 %
  • Peru – 15.85 %

Outsiders with minimal IPv6 integration:

  • China – 1.7%
  • Mexico – 0.0%
  • Argentina – 0.03%
  • Chile – 0.02%
  • Spain – 0.06%
  • Bolivia – 3.13%
  • Poland – 2.04%
  • Ukraine – 0.25%
  • Russia – 0.77%
  • India – 0.46%
  • Australia – 1.68%
  • New Zealand – 1.42%

Maybe some data is old or controversial, but regularity is clear. Why IPv6 is better than IPv4 and influential to modern Internet? Go to the next chapter.

Why IPv6?

The biggest reasons:

  • addresses: ~ 4 billion in IPv4 vs 3.4×10^38 in IPv6. Four billion is too small for modern Internet: websites, smartphones, IoT (Internet of Things), web-cameras and many more devices. 3.4 * 10^38 can be explained as one IPv6 address for every 1 mm^2 of the Planet Earth upside
  • easy management and configuration – IPv6 networks use autoconfiguration, management of big networks is coherent. Can be used without gateways and NAT.
  • IPv6 kill NAT – transparent host to host communications is easy and effective. IPv6 support NAT, but no reason to user it cause public address is very cheaply and available for everyone.
  • security – IPv6 has built-in the IPSEC protocol suite. Security of IPv4 networks depends from the software, not from Internet Protocol
  • innovations in IPV6: scalability, totally multicasting, network layers, mobility.
  • bigger data packages: IPv4 have limit up to 64 kB, IPv6 – 4GB.
  • IPv6 hosts can generate local and global addresses with Stateless Address Autoconfiguration (SLAAC). Classic works with DHCP is also supported
  • single and simple control protocol – ICPMv6
  • modular header of the packet

Security and privacy in IPv6

In my opinion the most important feature – end-to-end encryption. This technology also implemented in IPv4, but used as non-universal feature. Encryption and integration features of IPv4 VPN is default standard components of IPv6 and used in all v6-networks. IPv6 also have the tons of privacy extension – for example, your public v6 IP can be hidden without VPN , Tor or others popular tools. MITM (man in the middle attack) is more hard in v6-networks. IPv6 extensions can also prevent tracking users from ISP.

SEND(Secure Neighbor Discovery) protocol helps to make secure domain resolving with cryptographic confirmation – attacks with redirecting traffic to wrong hosts is also very hard. Security in network applications is always important, more secure Internet protocol make our life better.

Address auto-configuration use MAC-address in v6-address – superb for user tracking, modern security extensions also prevent this.

Hardware & Software Support

The most of modern routers support IPv6: Cisco/Linksys, Netgear, Mikrotik, Zyxel and others. If your router doesn’t support IPv6 – don’t worry, maybe the OpenWrt or DD-Wrt firmwares can help. Please check the instructions for your device. What about Operation System adn browsers? All modern and old OS support IPv6: Linux, Widows, OS X, Android, iOS, Symbian, Bada and many others.

The most of big websites now work with IPv6: Facebook, Google, YouTube, Yahoo etc.

Check IPv6 support now

If you need to know about IPv6 support in your current Internet provider (ISP), time to open this websites in a browser: (test-ipv6.com)[http://test-ipv6.com/] or ipv6test.google.com. The classic ‘ping’ command also can help:

$ ping6 google.com
connect: Network is unreachable

If your ISP support IPv6 – my congratulations! If no – no problemo, forward to the next chapter.

IPv6 without ISP support in 60 seconds

We can create tunnels and use IPv6 everyday. No, this isn’t like cheap or free VPS service with horrible latency and speed – my speed tests confirm that. You can set up tunnels on your PC, laptop or router. I suggest to use tunnel on router – easy way to migrate all your devices to IPv6. More informations for OpenWrt and DD-WRT.

Best Way – Tunnelbroker from Hurricane Electric

We need to register on tunnelbrocker.net and create tunnels. Select the most geographically near server to you:

As IPv4 Endpoint setup your IP address:

$ dig +short myip.opendns.com @resolver1.opendns.com

If the tunnel was successfully created you can see simple How-TO for Linux, OS X, Windows, OpenWrt, Ciso iOS and many others. Example configuration for Linux:

# modprobe ipv6
# ip tunnel add he-ipv6 mode sit remote 209.51.161.14 local 207.87.157.215 ttl 255
# ip link set he-ipv6 up
# ip addr add 2001:470:1f06:6bb::2/64 dev he-ipv6
# ip route add ::/0 dev he-ipv6
# ip -f inet6 addr

Now it must work:

$ ping6 google.com
PING google.com (2a00:1450:4010:c05::64): 56 data bytes
64 bytes from 2a00:1450:4010:c05::64: seq=0 ttl=46 time=44.420 ms
64 bytes from 2a00:1450:4010:c05::64: seq=1 ttl=46 time=38.763 ms
64 bytes from 2a00:1450:4010:c05::64: seq=2 ttl=46 time=39.775 ms
64 bytes from 2a00:1450:4010:c05::64: seq=3 ttl=46 time=38.256 ms

If your IP (behind NAT) doesn’t work with Tunnelbroker you always can use Freenet6.

Alternative Way – Freenet6 from Gogo6

Freenet6 service can be used anonymously, but registered user can always use the same addresses.

We need the gogoc client that available for Linux, Windows and OS X.

Example configuration for Linux:

# apt-get install gogoc
// or
# dnf install gogoc

# service gogoc start

That’s enough, for stable addresses we need to setup login and password in the ‘/etc/gogoc/gogoc.conf’ configuration file.

Have fun with IPv6

Checking DNS for resolving the IPv6 addresses

$ host -t AAAA facebook.com
facebook.com has IPv6 address 2a03:2880:2130:7f20:face:b00c:0:25de

Telnet also can work with IPv6:

 $ telnet 3ffe:400:100::1 80

And ssh:

 $ ssh root@[2a01:2870:2030:7f10:fdce:b10c:0:24de]

Open address in browser:

http://[2a01:2870:2030:7f10:fdce:b10c:0:24de]/

 

Read more:

Santa Claus in Linux Style: Top Linux Hardware and Free Linux/Programming Books & Courses Recommendations

KDE Plasma and KDE Apps on Wayland Review and Video: The First Plasma Wayland Live Image

Person of The Year 2015 in the Linux/OpenSource Community: Open Voting

Node OS Review – Ultra-minimal Linux Distribution With Node.js/JavaScript Userspace