IPv6 is big. Really big. You just won’t believe how vastly, hugely, mind-bogglingly big it is. I mean, you may think it’s a long way down the road to the chemist, but that’s just peanuts to IPv6.
The old Internet, the one you’re probably using right now, runs on IP version 4. IPv4 addresses have numbers and dots; they look like 188.8.131.52. There are about 4,009,754,624 IPv4 addresses, or about half an IPv4 address for each person on the planet. Almost all of those have been assigned to someone, so even if they’re not currently in use it’s going to be hard or expensive for you to get more.
IPv6 addresses have colons and hexadecimal numbers; they look like 2600:1415:11:19d::2add. There are about 42,535,295,865,117,307,932,921,825,928,971,026,432 (forty-two unidecillion) IPv6 addresses, or about six octillion for each person on the planet.
(Actually, there are a lot more than that, about eight times more, but the Internet powers-that-be decided that even reserving seven-eighths of the theoretical space for future expansion would leave plenty of address space available.)
Why does IPv6 provide so many addresses? The obvious reason is that while four billion seemed like a ridiculously large number of internet endpoints in the late 1970s we’ve now found it wasn’t, and we’ve run out of address space, and we’d rather only switch to a new protocol once – so we’d better not risk running out of IPv6 addresses. Just as important, though, is that we can take advantage of all that address space to avoid many of the gross hacks that are in place on the IPv4 internet to support more devices than it has IP addresses and to make the process of connecting a new device to your home network easier.
Your home ISP probably provides you with, at most, a single IPv4 address. But you have a couple of laptops, a desktop PC, a couple of game consoles, some tablets, some smartphones, a smart TV, a roku or appletv or chromecast for streaming video, a voip phone, a smart tv, and all sorts of other devices that need to connect to the internet for service or updates. How does that work? Each of your devices is dynamically assigned a “private” IPv4 address that can’t actually access the Internet. Then your router dynamically rewrites all the network connections from all those devices to multiplex them onto the single real IPv4 address you have. It’s a mess – and it gets even more complicated when you need a device on a private address on your network to find and directly talk to a device with a private address on someone else’s network.
With IPv6 your ISP doesn’t give you a single address, they give you a “/64” – about 18,446,744,073,709,551,616 (eighteen quintillion) IPv6 addresses. That means you’ll never need to worry about sharing a single IP address again – there’s enough space for four billion copies of the entire IPv4 Internet in the space your ISP gives your home connection. It also enables address assignment protocols that drastically simplify connecting a new device. When you turn on your new voip phone it can automatically get a persistent IPv6 address, one that can directly connect to any other IPv6 voip phone on the planet. You can play multiplayer games without having to rely on a central server. You can access your fancy home automation system or baby monitor from anywhere, access controls allowing, without any horrible port forwarding or proxying workarounds.
All of this opens up a great IPv6-based future for Internet-based products and services; especially those that benefit from people communicating directly with each other.
But it does mean that identity and reputation change somewhat in IPv6, and that has some implications for sending email over IPv6. More on that on Wednesday.
What are the implications of querying DNS servers / whois records with such a high number of address possibilities? Or is this a non-concern based on how these systems are structured today.
It’s pretty much a non-issue for legitimate uses (and it makes many less legitimate uses quite a bit harder).
The main exception is use of DNS as a distribution method for IP based blacklists – doing that naively for IPv6 in the same way it’s done for IPv4, combined with a spammer bouncing around a lot of IP addresses, would blow out resolver caches and cause performance issues. There are workarounds for that, but it’s something people are still thinking about.
“When you turn on your new voip phone it can automatically get a persistent IPv6 address, one that can directly connect to any other IPv6 voip phone on the planet.”
And wont the government of more-or-less-freedom-loving countries love a way to track you everywhere you go. And the hardware MAC forms part of the IPv6 address as well…
So expect lots of proxy and NAT to continue.
And that’s before you even worry about IPv6 auto-configuration opting you silently into an SSL proxy…
No, your concerns are pretty much baseless. Take a look at RFC 4941, just to begin with.
You said “it can automatically get a persistent IPv6 address” not me 🙂