Monday, March 8, 2010

The Need for IPv6

Almost a year ago, I brought IPv6 connectivity to my home network / LAN.

Background

Similar to the past Y2K issue, the Internet is facing a similar issue that just hasn't been publicized too much in the mainstream media yet: Exhaustion of the IPv4 addresses currently being used. I found a very interesting and detailed IPv4 Address Report by Geoff Huston that is auto-generated daily. There are various estimates as to the numbers and dates, but all the predictions are currently falling in the range of years 2011-2012. This shortage of IPv4 addresses will certainly be a much larger issue than other predictions and myths for the year 2012.

The only real solution to the IPv4 address shortage is upgrading to IPv6. IPv4 allowed for 232, or 4,294,967,296 addresses. With most computers, servers, and even cell phones each being assigned a unique address, the shortage should not be surprising. However, back when the IPv4 specification was published back in 1981 (RFC 791), I'm sure 4+ billion addresses was considered more than sufficient. IPv6 solves this shortage by increasing the number of possible addresses to 2128, or 3.4×1038. Written out, this is 340,282,366,920,938,463,463,374,607,431,768,211,456 addresses. Beyond the increased address space, IPv6 also brings a number of other features, including mandatory support for advanced security, simplified processing, and support for network mobility.

IPv6 became active for production use on the Internet in June 2006. Unfortunately, it seems that many organizations and much of the Internet has not yet committed to converting, and the shortage will have to be dealt with. I see this causing more problems for regular at-home users than anyone else. Most individuals are not aware of the issue, and have little choice than to accept however their ISP handles the issue - short of possibly switching providers. Already, most consumers are only leased one IP address per Internet account, which usually must be shared between several computers and other Internet-connected devices. This is almost always accomplished through network address translation (NAT). This already causes complications and issues with file transfers, remote assistance applications, VPN software, online gaming, and many other typical Internet uses. As the shortage becomes more significant, expect for an increasing number of ISPs to no longer lease a public IP address at all, but instead only lease a private IP, where multiple private IPs share one public IP - essentially nesting one NAT network within another, and will only further complicate matters. The same "public IP per Internet account" that we are accustomed to today may still be available - but only for an added fee.

Use of NAT and private IPs are also in conflict with the fundamental design of the Internet and prevent end-to-end connectivity. Overall, it increasingly seems that Internet providers are only guaranteeing limited "web access" vs. fuller "Internet access". I.E., if it doesn't run in a web browser, it is probably not supported. I already experienced this first-hand in my previous dealings with Alltel / Verizon in regards to my wireless Internet issues. Consumers need to start demanding more from their ISPs, and need to know and have a limited understanding of the facts to do so. One tool that can help with this is the ICSI Netalyzer hosted by UC Berkeley. Guarantee of a public IP - either IPv4 or IPv6 - is also something that should be investigated and demanded.

IPv6 Choices

The best and easiest way to utilize IPv6 is by connecting to an ISP that provides IPv6 support. Unfortunately, finding such an ISP is still a nearly impossible task - especially when limited to those that provide local access. There are a number of transition mechanisms that should be able to provide IPv6 even without ISP support, but all have their own issues. For example, Microsoft Windows Vista, Windows 7, and most other modern operating systems support 6to4, Teredo, and ISATAP as tunneling mechanisms. However, I have not had any real success with any of these - at least not under Windows and while behind a NAT.

6to4 actually seems like an ideal solution to provide IPv6 access to a LAN, as long as there is a capable device to serve as a router that also has access to a public IPv4 address. Unfortunately, the address of the IPv6 subnet is based on the IPv4 address. While this may be a feasible solution for those with static IPv4 addresses (rare, more expensive, and only becoming worse), use on a dynamic IPv4 address requires an insanely short lifetime on IPv6 addresses, and requires the entire LAN to be re-addressed whenever the hosting IPv4 address is updated.

This pretty much leaves me with tunneled IPv6 access through a tunnel broker, using either configured 6in4 or AYIYA protocols. The best I have found - at least for free - are Hurricane Electric's Tunnel Broker, SixXS, and gogoNET (previously go6.net).

SixXS has the largest list of available "Points of Presence" - 35 over 18 countries. However, access pretty much requires the AICCU client, which is becoming a bit outdated and has a number of issues under Windows. (As of this writing, the last update for Windows was 2008-05-25.) Additionally, while free, SixXS has had much difficulty maintaining uptimes - particularly the one in Chicago as well as other POPs in the US.

gogoNET currently has much better support for Windows (using their gogoClient - with versions for most *nix versions as well), but the available tunnels are limited to 3, and with nothing local to the US: Montreal, Amsterdam, and Sydney.

Overall, I've had the most success with Hurricane Electric. HE provides 24 tunnels across 10 countries, including 12 within the US. However, unlike SixXS and gogoNET, HE provides no visible support for use behind a non-owned firewall, such as for mobile use on other public networks.

2 comments:

Technical Tony said...

Any updates since you first posted this? I actually like NAT and think it's a great 'solution' for home-users, but if ISPs start using it themselves that would definitely break things.

I recently reviewed my D-Link and Linksys routers (multiple locations) and found that they all 'support' IP6 but I'm not sure what that means or how I would take advantage of it. If I understand correctly we need ISPs to start directly offering IP6 connections and/or in-house '6to4' servers?

Anonymous said...

IPv6 is amazing. In Poland noone use it and I believe that many years change after we would have IPv6 here in Poland enabled.

==============
Stefan Dzimidko
Warsaw
Windows IPv6