IPv4 and IPv6 are networking protocols that allow electronic devices to communicate with one another. These protocols give connected devices an IP (Internet Protocol) address that is used to locate and send data between devices across the web and on local networks. But why are Internet Service Providers and cloud hosting companies are upgrading their networks to support IPv6? What are the differences between IPv4 and IPv6?
We’re going to guide you through the complexities of IPv4 and IPv6 with the goal of giving you a better understanding of the technology involved, key differences, and advantages/disadvantages of each one.
IPv4, or Internet Protocol Version 4, is a 32-bit addressing scheme that provides IP addresses as well as protocols to provide routing and connectivity to connected devices.
Each IP address provided by IPv4 will be in the format of xxx.xxx.xxx using decimal digits ranging from 0-9. With this format of addressing, there can be around 4.3(4,294,967,296) billion IPv4 addresses.
IPv4 or Internet Protocol Version 6 is a 128-bit addressing scheme that Is used similarly to IPv4. The biggest difference between the two protocol versions is that IPv6 utilizes 128-bit addressing vs IPv4’s 32-bit.
Each IPv6 is in the format of xxxx.xxxx.xxxx.xxxx.xxxx.xxxx.xxxx.xxxx. Ouch! That’s a bit hard on the eyes. IPv6 addresses are formatted in 8 groups of 4 hexadecimal characters. With this format we can create a total of 340,282,366,920,938,463,463,374,607,431,768,211,456 addresses. That’s an insane amount!
So, what happened to IPv5 and why did we hop from IPv4 to IPv6? IPv5, originally designed in 1979, included improvements for streaming data.
The introduction of this protocol led to technologies that we use today such as VoIP(Voice over IP) and MPLS(Multi-Protocol Label Switching). IPv5 still uses the same addressing scheme as IPv4, which was one of the main reasons why this protocol version was never released to the public.
The main reason that the IPv6 protocol was created was to prevent us from running out of IP addresses. Currently, IPv4 addresses are constantly traded to meet the demands of the growing number of devices being used on the web. Making the swap to IPv6 will stop us from worrying about this problem for a long time to come.
After learning about IPv4 and IPv6 you must be wondering, which one should I be using? The truth is… either. Or even both… Don’t worry, the following sections will shed some light on the key differences between both protocol versions.
Some of the key differences between IPv4 and IPv6 are:
- No need for NAT(Network Address Translation) in IPv6
- IPv4 uses 32-bit decimal addressing and IPv6 uses 128 hexadecimal addressing
- IPv4 sections are separated by a dot(.) and IPv6 by a colon(:)
- IPv4 packets utilize 12 headers while IPv6 uses 8
- Easier administration on local networks with IPv6
- Simplified routing in IPv6 (mostly due to not utilizing NAT)
What the common trend seems to state is that IPv6 is more secure than IPv4. That isn’t necessarily true and is all dependent on your network design. The three most significant technologies that people believe make IPv6 more secure than IPv4 are the innate defense from IP scanning, the built-in usage of IPsec, and the removal of NAT as a dependency.
Let’s dive into each of these in more detail.
A common method hackers use to attack a network is through scanning public IP addresses and attempting to scan the network for vulnerabilities such as open ports. This attack method works well on IPv4 networks due to the average time it takes to scan every public IPv4 address being around 5 minutes. When utilizing IPv6 addresses, that time jumps from 5 minutes to an estimated 38 billion years.
That being said, you wouldn’t want to rely on the extended address range for any security. Even with an estimated time of 38 billion years, if your address was at the beginning of the list and you had unsecured ports opened, your network would still get attacked. While the odds are low that this can happen, the risk is still similar to IPv4 and is easily avoidable by securing open ports on your network.
IPsec, or Internet Protocol Security, was designed to provide security to the network layer, specifically authentication and encryption. For IPv6, IPsec is a mandatory feature, and for IPv4, it’s typically used for encryption while utilizing VPNs. IPsec is a nice security feature that is easily implemented.
For both IPv4 and IPv6 protocols, there are subtle nuances for utilizing IPsec properly. Starting with IPv6, IPsec is a mandatory feature for this protocol version. What this means is that all devices that support IPv6 will innately have IPsec as a feature set.
However, while IPsec is mandatory on all devices, its utilization is completely optional. Essentially, if you don’t confirm that you are using IPsec, there’s a chance that it may be turned off. Think of a door with a lock. The lock can provide great security for securing your home… if you don’t remember to lock the door, that lock does nothing.
NAT, or Network Address Translation, is a method of IP address mapping that is utilized to preserve public IPv4 addresses. This is mostly utilized in LANs (local area networks) with a one-to-many setup. Network Address Translation with a one-to-many setup ends up giving your router a single public IP address shared by all of your devices Due to IPv6 having enough addresses that no device needs to share a public IP, NAT isn’t used at all.
Some people view the removal of NAT as a boost to security while others view it as a negative. In actuality, it doesn’t make too much of a difference for your network’s security.
NAT can be nice due to its innate functionality of masking the current device’s public IP when sending data on the web. This process doesn’t add any extra security, the security comes from the use of a stateful firewall, which is supported by almost all routers. A stateful firewall remembers the hosts that the device is sending data to, and only allows packets back from hosts that you are sending data to. Put simply, this built-in firewall will block all traffic that was not initiated by the current device.
The biggest takeaway from this section is that IPv6 is more secure out of the box than IPv4. That being said, if you were to apply some simple configurations to your network, you can reach the same level of security with IPv4 that you would have with IPv6.
This is a hot topic in networking, what about the difference in speed? Currently, it looks like IPv6 is faster than IPv4, but under most circumstances, the difference amounts to milliseconds – something that won’t have an effect on the end-user.
At the current time of writing of this article, it is believed that the slight increase of speed comes from the fact that devices can utilize public IP addresses when using IPv6, instead of sending data back and forth using NAT with IPv4.
Since IPv6 can send data directly between devices, IPv6 just needs to check the data was transmitted correctly, while IPv4 needs to do error checking at multiple levels to ensure the data is intact and accurate when it’s received by the other device. So yes, in terms of speeds, IPv6 is slightly faster.
A lot is going on with transitioning from IPv4 to IPv6. It was estimated that around this time we would be at 50% utilization of IPv6 addresses worldwide. At present, we are at around 30% global utilization.
The future adoption of IPv6 largely depends on several factors such as migrations from ISPs, large enterprises, and cloud providers. Implementing this change on their end is a large and expensive task. Due to the fact that IPv4 addresses are being exhausted, there will be an apex where the cost of IPv4 addresses starts to exceed the cost of the transition to IPv6.
Put simply, yes! As the connected world increases rapidly, the more we will need to utilize IPv6. The idea is to slowly move over devices to IPv6 to release pressure on IPv4 addresses. That being said, even though the technology is moving in this direction, the more IPv6 addresses we utilize, the more IPv4 addresses that will be released back into the pool for someone else to acquire.
The main reason you would not want to swap over to IPv6 right away is that all of the sites and services you visit may not support IPv6. As the adoption rate grows higher, the less of a problem this will be.
Effortless Server & Web Application Management with RunCloud
We’ve covered a lot of topics in this article regarding IPv4, IPv6, IPsec, NAT, IP Scanning, etc… that’s a lot of information to parse. Now that we are at the end of this article you might be wondering how to go about upgrading to IPv6, how to upgrade your network to support both IPv4 and IPv6 users, or even if your network is currently secure? Or am I vulnerable to some of the issues listed earlier?
This is where RunCloud comes in. RunCloud is a simple, yet powerful control panel that can help you manage multiple cloud services across various platforms. For example, earlier on in this article, we mentioned how IPv6 has IPsec built-in by default but may not necessarily be turned on. Utilizing a service like RunCloud will give you a simple method for securing and managing your entire server down effortlessly.
IPv4 vs. IPv6? Honestly, it doesn’t matter too much. What really matters is how you go about securing and optimizing your server and network to deliver optimal speeds and secure connections. If the option is available to you, it doesn’t hurt to flip that dual-stack switch up, just to be prepared for the future.
One day, we will eventually be using IPv6 addresses, IPv6 is the future of IP addresses. All networks will slowly start to make the transition over to IPv6. This transition will not happen overnight nor will it happen over the next couple of months. It’ll be years until most websites and services can be visited over IPv6. It will be even longer before websites completely shut off their IPv4 support.
So, there really isn’t much to worry about apart from focusing on deploying servers that are reliable, fast, and secure which is what we at RunCloud are dedicated to making easier than ever – and it’s why we’re trusted by people new to server management all the way to senior Linux SysAdmins.