Skip to main content

IPv6 Transition: Time to Address the Issue

January 17, 2014

What is IPv6?

The basics: an IP address is like a postal address for each and every Internet-connected device. Without one, websites would not know where to send the information each time you perform a search or try to access a website.

So why do we need IPv6?

Think of a publicly routable IP address as a network resource. IPv4 as a network resource is being depleted and in many regions of the world has already been depleted. These IP addresses are managed by five Regional Internet Registries (RIR) around the world – ARIN, IACNIC, RIPE, AFRINIC and APNIC. Out of those, APNIC - the RIR for Asia - is already out of address. They ran out of IPv4 address in 2011. RIPE - the RIR for Europe and the Middle East - ran out in late 2012. ARIN - North America - and LACNIC - South America - are on track to run out of IP address sometime in 2014.

Even with the depletion of IPv4 addresses, there are hundreds of millions of people still to come online, many of whom will do so in the next few years. IPv6 is a vast new resource that is designed completely differently and is much more available than IPv4. IPv6 will allow new users to come online, providing enough addresses - 2128 to be exact - for everyone and all of their various devices.

Could you imagine a lack of Internet addresses and what kind of problems would occur? Your favorite web programs would drastically slow down, computers would find it more difficult to communicate with one another and your privacy could be at risk because it will be difficult to tell the difference between you and another computer user. To allow the Internet to continue to develop and spread across the world, implementing IPv6 is necessary.

Making the Switch to IPv6

I would like to address that our long-ingrained habits of IPv4 address design can lead us astray when working with IPv6. The appropriate design and management is crucial in your transition from IPv4 to IPv6.

IPv4 address design and management is all about conservation. IPv4 address supplies have been slowly diminishing for the past two decades, so we're very careful with our supply. When you go to your allocation authority - whether that is the address administrator within your organization, your service provider or your RIR - to ask for more IPv4 addresses, you are required to provide compelling justification for why you need a bit of their limited resource.

When you create your IPv4 addressing schema, you design for individual subnets, using VLSM to carefully allocate your precious resource so that you (hopefully) have the right balance between enough subnets in your network and enough hosts on each subnet. The idea of consistently assigning, say, a /24 or a /20 to every single IPv4 subnet regardless of the number of hosts on that subnet is, for very many network engineers, unthinkable.

The conservative instinct runs deep in anyone who has worked with IPv4 for a while, but this instinct can lead you into some poor decisions when working with IPv6. There is one overarching rule I tell all my clients when beginning an IPv6 address design:

Forget everything you ever learned about IPv4 address design.

Maybe that sounds a little overheated, but the fact is that every bad decision I’ve seen made in IPv6 addressing can be traced to IPv4 conservatism.

IPv6 is a vast resource, vast at a scale that most of us have a hard time envisioning. Those of us who speak regularly about IPv6 to customers or in public forums have our favorite analogies to try to convey the unimaginable differences in size - mine involves ants and light-years - because it's important to get across that we simply are not going to run out of IPv6 addresses.

What’s a Few Trillion Addresses?

The IPv4 influence on IPv6 thinking most often shows its influence when talking about addressing point-to-point links. The IANA and all the RIRs recommend using /64 subnets everywhere in your network, including on point-to-point links. But so many designers just can't bring themselves to do it. The reasoning goes like this:

"A /64 subnet is 264 addresses. That's about 18 million trillion addresses, and you want me to use just two of them and waste all the rest? That's just crazy!"

Okay, but you have no problem using /64 subnets on regular LANs or VLANs. How many hosts will you put on one of those subnets? 500? 1,000? Let's say 1,000.

When you're talking about 18 million trillion addresses, the difference between 2 and 1000 is negligible. So why is 264 - 2 horrifyingly wasteful, while 264 - 1,000 is reasonable?

If you're worried about using up your allocation of IPv6 addresses, stop it. If your allocation does not support addressing every subnet in your network as a /64 - including point-to-point links - the problem is not that you are managing your addressing frivolously. The problem is that your allocation isn't large enough. Go ask your addressing authority for more. Remember, RIR and IANA practices encourage you to use /64 everywhere. They will give you enough space to do that.

Most importantly, what I hope you take away from all this is a healthy appreciation for the scale of the IPv6 address space and that if you're worried about waste, you're probably thinking too small.

Portions of this article originally appeared in an article written for Network World titled "The Logic of Bad IPv6 Address Management."


Related Blogs

February 04, 2014

Internet Security Questions for the Cloud Provider | Optiv

When considering a move to the cloud, there are a number of security questions that should be considered as you select a potential cloud provider. Alm...

See Details

July 22, 2014

What's Your IPv6 Plan?

Microsoft announced on June 11 that their supply of US-based IPv4 addresses for their Azure cloud service has run dry. With no more IPv4 addresses ava...

See Details

March 11, 2014

How-To: Implementing a Baseline for IPv6 Controls

Many organizations have IPv6 in their line of sight but are not ready to implement. Because the IPv6 protocol stack is enabled as a default on most sy...

See Details

How Can We Help?

Let us know what you need, and we will have an Optiv professional contact you shortly.

Privacy Policy

Related Insights

July 21, 2015

Data Security Solutions

Learn how we can help secure your date throughout its lifecycle.

See Details

July 21, 2015

Network Security Solutions

Learn how we help protect your environment while maintaining connectivity.

See Details

July 21, 2015

Application Security Solutions

Learn how Optiv can help with web, email and application protection.

See Details

Stay in the Know

For all the latest cybersecurity and Optiv news, subscribe to our blog and connect with us on Social.


Join our Email List

We take your privacy seriously and promise never to share your email with anyone.

Stay Connected

Find cyber security Events in your area.