Get best of the week

IPv6 - a wonderful world worth a quick transition to it

Almost all the articles that I saw on the topic “What is IPv6 good for and why should I switch to it faster” only speak of a simply wider address space. At best, stateless address autoconfiguration ( SLAAC) is mentioned.)). This is depressing, but IPv6 has many other implicit goodies, being a very thoughtful protocol stack (IPv6 + ICMPv6 + NDP)! It seems that IPv6 is just stupid about the extension of addresses, and then it’s especially no profit. Or, some articles cry that they do not see a momentary profit from the introduction / transition. Simplicity and convenience, flexibility and advanced features (due to getting rid of NAT alone) are not as easy to measure as any delays and bandwidth. Therefore, I decided to collect my vision of the beautiful world of IPv6 protocol and its advantages in this article.

Do not use IPv6 to build something new, new networks - it just does not make sense, since we lose a lot of amenities and opportunities, getting a bunch of hemorrhoids from depriving this mass of amenities and opportunities. IPv6 is supported even with Windows XP version. The last time I checked five years ago, but even then SLAAC + RDNSS / DNSSL supported both iOS and Android and even Windows 10 devices, not to mention GNU / Linux and BSD systems.

IPv4 is not a bad protocol. His only problem is that he neverI did not think to create a large global network, where almost every person on the globe will have access to it directly from his pants (where the smartphone is). It was created at a time when computers were faster than networks (weird comparison?) And with lots of memory. Now the opposite: you can make a 10 Gb communication channel trivially at home, but out of the box, none of the massively used OSs can effectively switch or route traffic at this speed.

It is difficult for the end user to imagine the benefits that are received, since the Internet, in fact, has not been given to anyone for a long time: the overwhelming majority of people have always sat behind NAT and believe that the invention of protocols like WebSocket is something regular, normal, logical and reasonable, and nothing except TCP, UDP, and ICMP, we don’t really go over IP.

It will be difficult for a network engineer, purely psychologically, to overpower himself in the understanding that there are really a lot of addresses and networks that do not make sense (and even will only harm the convenience and ease of maintenance) and save on their use. The big problem is the realization that IP addresses are no longer a scarce resource and you have to think most often in terms of not single addresses, but entire huge networks with at least a / 64 prefix.

IPv6 has more serious requirements (this part can be called disadvantages):

  • Minimum allowed channel MTU: 1280 bytes.
  • The channel should be with detection (or even correction) of errors.
  • The NDP protocol works actively on top of multicast addresses, requiring efficient multicast broadcasts on Ethernet.
  • PMTUD is required for (efficient) operation since IPv6 does not have packet fragmentation at the router level.
  • The ICMPv6 protocol plays a very important role for the operability of IPv6 networks, at least for NDP and PMTUD - by blocking it (as many admins like to do on IPv4 networks), the network will most likely stop working.

What IPv6 gives, what advantages it has:

  • , Facebook, , WhatsApp, YouTube ..! . , , peer-to-peer , . : BitTorrent .
  • NAT ( , ): . , SCTP in-order , TCP, , head-of-line blocking. , overhead- , , , IPsec ( VPN) SCTP UDP . , . !
  • IPsec, , . - VPN-/, TCP : setsockopt per-socket IPsec policy, IKE (sadb_ident), SSL/TLS-! IPv6 , SSL/TLS, , . IPsec , ( IKE/KINK/whatever ) . , !
  • IP — IP , default- . - /64 . !
  • , site-local (fc::/7), - , VPN ( IPv4 , ). , . !
  • , /, 4 , ( :dead:babe:): 2a02:6b8::2:242 (ya.ru), :face:b00c: Facebook, 2001:4860:4860::8888 DNS Google-, 2620:0:ccc::2 (OpenDNS). - , /, .
  • , / . /48, /56 /64 , . , !
  • /48, /56 , : 2000::/3 , - 1/8 . , 7 . !
  • Killer-feature: link-local . link-local . IPv4 . - 10/8 , , . IPv6 , - fe80::1 . !
  • well-known multicast (broadcast Ethernet-), ad-hoc :

    # ping6 ff02::1%igb0
PING6(56=40+8+8 bytes) fe80::be5f:f4ff:fedd:2752%igb0 --> ff02::1%igb0
16 bytes from fe80::be5f:f4ff:fedd:2752%igb0, icmp_seq=0 hlim=64 time=0.036 ms
16 bytes from fe80::be5f:f4ff:fedd:98f1%igb0, icmp_seq=0 hlim=64 time=0.239 ms(DUP!)
16 bytes from fe80::be5f:f4ff:fee6:c37e%igb0, icmp_seq=0 hlim=64 time=0.344 ms(DUP!)
16 bytes from fe80::be5f:f4ff:fedd:9c5d%igb0, icmp_seq=0 hlim=64 time=0.479 ms(DUP!)
  • Killer-feature: SLAAC. , plug-and-play, - . , - ICMPv6 , ( , MTU, DNS) IPv6 . , - rtadvd, , . :

    igb0:addr="2001:dead:beef::":mtu=1320:rdnss="2001:dead:beef::1":

  • Anycast NDP , .
  • IPv6 : , , IPv4 hop-. IPv4. !
  • Flow label IPv6 / (src, dst, proto, portSrc, portDst), , (src, dst, flowLabel) IPv6 . IP , , , . Flow label !
  • Multicast NDP , broadcast, IPv4, , ARP DHCP. !
  • NDP, DHCPv6 ICMPv6, , . , NDP/ICMPv6 , : Ethernet , PPP . IPv4 ARP DHCP, Ethernet, PPP, PPP / . IPv6 link-local . , IPsec ! !
  • NDP NUD (neighbour unreachability detection) () , next hop- , . , , heartbeat , timeout- IPv4. !
  • NDP RA (router advertisement) NDP redirect , , round-trip- NDP address resolution, IPv4 . !

I would also like to mention the well -designed Mobile IPv6 . With just a relatively simple daemon (home agent) in the home network and a daemon on the mobile host (mobile agent), you can have fully working mobile IPv6, when you can always reach the mobile address using your home address. Unlike Mobile IPv4, without any additional requirements for the network where the mobile agent is located. IP packets will simply be effective(just adding an extended IPv6 header) proxied from the home agent to the mobile. In addition, if a third-party connection initiator also supports MIPv6, then it will transparently agree with home and mobile agents that it will send traffic directly to the mobile host, without proxying through the home, providing the maximum possible efficiency (taking into account one extended IPv6 header) transmission . And thanks to the fast NDP NUD, a change in the mobile network will lead to minimal time delays due to updating the address of the mobile host. And all this with minimal additions to the ICMPv6 / NDP protocols, the introduction of a simple advanced IPv6 header and Mobility Header.

Give IPv6 and full Internet access to the masses!

More articles:


All Articles