Prepare for a new IP version

Featured eBooks
Whole-of-State Cybersecurity
The State of Trust in Government
Cybersecurity in State and Local Government
 

Connecting state and local government leaders

By

In a world of 18-month software lifecycles, the Internet Protocol is an anomaly. The IP Version 4 stack now running on your agency's desktop and server systems predates even networked PCs.

Version 6 will make it possible for more nodes to link to the Internet

By Pete Loshin
Special to GCN

In a world of 18-month software lifecycles, the Internet Protocol is an anomaly. The IP Version 4 stack now running on your agency's desktop and server systems predates even networked PCs.

But IPv4 has managed to scale up along with the Internet as it grew from a few dozen government research sites into a global network now approaching 100 million nodes. The IP version was published in 1981 as a Defense Department standard known as Request for Comments 791 and has needed a face-lift for some time.''

Users have been hearing about the next version, IPv6, formerly called IPng (for IP next generation), mostly because of IPv4's address squeeze.''

IPv4 uses 32-bit addresses, which set an upper limit of about 4 billion addressable nodes'a high estimate because IPv4 allocates addresses inefficiently. Network addresses are getting scarcer as the Internet continues to expand, but an even more pressing problem is how to cope with the explosive growth in Internet routing tables.'
'
As more networks link up to the Net, the number of routes a backbone router must track in some cases exceeds 140,000 entries. The bigger the tables, the more they hamper the backbones in moving Internet traffic.

Current IPv4 network addresses fall into three categories. Class A includes only a few networks'a maximum of 126'but they can have as many as 16 million nodes. The 16,000 Class B networks can each address up to about 65,000 nodes. Class C network addresses are the most common'about 2 million, each capable of addressing 254 nodes. The class structure severely limits IPv4's ability to handle growth.

Breaking away''

A temporary remedy called Classless Interdomain Routing (CIDR) breaks the class system and makes large groups of Class C networks resemble a single network entity so that only one routing table entry is necessary, not thousands.

Another quick fix, network address translation (NAT), lets networks use as many addresses as they need internally, but they can access the outer world only through an address gateway box. From the outside, it all appears to be a single standalone system. NAT is a cheap way to finesse the address space shortage, but it poses problems for firewalls, other applications and outside users who want access to internal hosts.

IPv6 eliminates the address shortage by using 128-bit addresses. It gets around the routing table issue by aggregating addresses. Its streamlined header and design refinements fix nagging issues such as network autoconfiguration, mobile IP, IP security, fragmentation, source routing and the very large packets known as jumbograms.

The IPv6 specification was published in December 1998 as the Internet Engineering Task Force's RFC 2460.

To see graphically how an IPv6 address is assembled, visit the Web site at playground.sun.com/pub/ipng/html/ipng-main.html.

IPv4 addressing lacks specificity; it's like indicating a person's location as Mali or Paraguay or Queensland. Each router must process the full IPv4 address and match it up against a routing table.

In contrast, IPv6 aggregates addresses into big groupings that get more specific as they go along. The first few bits of an address might indicate, say, South America. The packet would go to a router serving South America, which might see Bolivia in the next few bits and forward the packet to Bolivia's router. From there, the packet might go on to La Paz and then to its final destination.''

IPv6's global aggregation architecture splits addresses into two parts. The high-order 64 bits identify the network, and the low-order 64 bits identify the node.''

A format prefix gives the type of IPv6 address. Next comes a top-level aggregation entity, likely to be a country or a large carrier, followed by 8 bits reserved for future growth. Then comes another aggregation entity, likely to be a large company or Internet provider, and finally a site-level aggregation entity, probably assigned by the entity above it.'Such addresses are far more efficient to route across backbones. The upper limit of no more than 8,192 top-level aggregators pares down the size of backbone routing tables.

The IPv6 header eliminates IPv4's length, identification, flag, fragment offset, header checksum, options and padding fields. Because IPv6 headers are all the same length, no length field is necessary. IPv6 prohibits fragmentation except between end nodes, so the identification, flag and fragment offset fields go away, too.'

IPv6 options are handled in separate extension headers, and options no longer clutter the main header. IPv4's type-of-service field changes into the traffic class field, and the time-to-live field becomes the hop limit field. A flow label field supports IPv6 packet sequences that require the same routing treatment, such as video streams.

The simplified, standard-sized IPv6 header also makes routing easier for packets with special options. IPv4 forces routers to sense and handle all special packets, such as those using IP Security encryption and authentication. But IPv6 routers can ignore the end-to-end options and process only those relevant to the routing process.

IPv4 still works and should do so for some time. But as we run out of address space, more and more organizations' networks are making do with less and less. And the routing table explosion is only going to get worse. Security is always a concern for government, and IPv6 will make implementing an IP security architecture much easier without the performance impact suffered by IPSec over IPv4. IPv6 also can handle automatic node configuration and tools for supporting mobile users.

No pain, no gain

Although any upgrade brings pain, the good news is that IPv6 will arrive gradually. There is no cutover date, and vestiges of IPv4 probably will remain with us forever.''

You can build in connectivity through IPv6/IPv4 protocol gateways and tunnels. No need to implement the new protocol on every system at once'and there's no effect on interoperation with legacy systems. You need not hurry unless you are running out of IPv4 addresses and have no way to get more, or unless you need a IPv6-specific feature.''

For example, the Dynamic Host Configuration Protocol automatically configures approved nodes. IPv6's stateless autoconfiguration, spelled out in RFC 2462, lets unknown nodes query the nearest autoconfiguration server for basic network configuration.''

If you do need such features immediately, IPv6 is available free in any Linux operating system distribution.

As for the downside, IPv6 adoption is competing for resources against the year 2000 problem. It also faces resistance from North American Internet providers, most of whom have all the network addresses they need and do not want to deal with an upgrade.'' Compelling applications such as streaming audio and video probably are what will bring IPv6 to a desktop PC near you.

Pete Loshin, of Arlington, Mass., is the author of several books about networking protocols.

NEXT STORY: PTO wants no net downtime

X
This website uses cookies to enhance user experience and to analyze performance and traffic on our website. We also share information about your use of our site with our social media, advertising and analytics partners. Learn More / Do Not Sell My Personal Information
Accept Cookies
X
Cookie Preferences Cookie List

Do Not Sell My Personal Information

When you visit our website, we store cookies on your browser to collect information. The information collected might relate to you, your preferences or your device, and is mostly used to make the site work as you expect it to and to provide a more personalized web experience. However, you can choose not to allow certain types of cookies, which may impact your experience of the site and the services we are able to offer. Click on the different category headings to find out more and change our default settings according to your preference. You cannot opt-out of our First Party Strictly Necessary Cookies as they are deployed in order to ensure the proper functioning of our website (such as prompting the cookie banner and remembering your settings, to log into your account, to redirect you when you log out, etc.). For more information about the First and Third Party Cookies used please follow this link.

Allow All Cookies

Manage Consent Preferences

Strictly Necessary Cookies - Always Active

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Sale of Personal Data, Targeting & Social Media Cookies

Under the California Consumer Privacy Act, you have the right to opt-out of the sale of your personal information to third parties. These cookies collect information for analytics and to personalize your experience with targeted ads. You may exercise your right to opt out of the sale of personal information by using this toggle switch. If you opt out we will not be able to offer you personalised ads and will not hand over your personal information to any third parties. Additionally, you may contact our legal department for further clarification about your rights as a California consumer by using this Exercise My Rights link

If you have enabled privacy controls on your browser (such as a plugin), we have to take that as a valid request to opt-out. Therefore we would not be able to track your activity through the web. This may affect our ability to personalize ads according to your preferences.

Targeting cookies may be set through our site by our advertising partners. They may be used by those companies to build a profile of your interests and show you relevant adverts on other sites. They do not store directly personal information, but are based on uniquely identifying your browser and internet device. If you do not allow these cookies, you will experience less targeted advertising.

Social media cookies are set by a range of social media services that we have added to the site to enable you to share our content with your friends and networks. They are capable of tracking your browser across other sites and building up a profile of your interests. This may impact the content and messages you see on other websites you visit. If you do not allow these cookies you may not be able to use or see these sharing tools.

If you want to opt out of all of our lead reports and lists, please submit a privacy request at our Do Not Sell page.

Save Settings
Cookie Preferences Cookie List

Cookie List

A cookie is a small piece of data (text file) that a website – when visited by a user – asks your browser to store on your device in order to remember information about you, such as your language preference or login information. Those cookies are set by us and called first-party cookies. We also use third-party cookies – which are cookies from a domain different than the domain of the website you are visiting – for our advertising and marketing efforts. More specifically, we use cookies and other tracking technologies for the following purposes:

Strictly Necessary Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Functional Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Performance Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Sale of Personal Data

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.

Social Media Cookies

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.

Targeting Cookies

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.