The urgency of transitioning to IPV6
Photo by Alina Grubnyak on Unsplash
Italian version available here
IPv6 (Internet Protocol version 6) is the latest version of the communication protocol that manages Internet traffic. Its main difference from the previous version, IPv4, is the use of a 128-bit IP address, compared to the 32-bit IP address used by IPv4. This means that IPv6 can support a much larger number of IP addresses than IPv4, which proved inadequate to meet the growing demand for Internet connectivity. However, the transition from IPv4 to IPv6 has been slow and gradual due to compatibility with the old protocol and the need to update existing network infrastructure.
For over 20 years, the adoption of IPv6 has been a hot topic in the world of networks. Despite a steady growth, we are still far from full support for this new generation of IP addresses. IPv6 promises greater efficiency and scalability, but its adoption is hampered by a series of challenges and resistances.
One of the main difficulties in adopting IPv6 is the change, at least in part, of the network concept. This requires a deeper understanding of how it works, but once the mechanism is understood, it is more logical and practical than IPv4.
In addition, IPv6 challenges the beliefs of many "technicians" who for years have considered NAT as protection for the local network (it is not). LAN security is not guaranteed by simply "being behind NAT." Many "technicians" disable IPv6 as their first operation because they believe it can only cause problems, while in reality, what is lacking is proper knowledge of IPv6 management.
Meanwhile, IPv4 addresses have run out, and the few available on the market are sold at high prices. Providers like Hetzner and OVH have also increased their prices for IP addresses, affecting management dynamics. IPv6, on the other hand, is more efficient and suitable for the modern interconnected world, offering a virtually unlimited number of addresses.
However, IPv6 introduces new issues, such as the direct reachability of all devices through direct routing (without NAT), making the firewall even more critical in managing network security. It is necessary to better understand the dynamics of networks and subnets, and given the number of digits in IPv6 addresses, it is almost impossible to remember them by heart.
Today, all my devices are connected via IPv6. When I do not have direct support (such as in mobile connections), I use a Hurricane Electric tunnel or, if impossible (due to the lack of a public IPv4), a WireGuard connection to an external VPS capable of performing Nat66. I have created a ULA to still allow direct connection to public IPv6 addresses.
Unfortunately, many operators still do not fully understand the functioning of IPv6 and the number of addresses available. By assigning "only" a /64, they limit the possibilities of use, while a /48 or a /56 would allow the creation of numerous /64s, facilitating the use of SLAAC for connected devices. Operators likely fear repeating the mistakes made with IPv4 when large amounts of addresses were assigned, leading to the current scarcity. Fortunately, IPv6 has such a vast number of addresses that we should not worry about similar problems, even in the case of massive waste.
To accelerate the adoption of IPv6 and take advantage of its benefits, we must push for it to be implemented extensively and as quickly as possible. It is crucial to learn how to use it correctly and abandon the old (often wrong) criteria related to the technical limitations of IPv4. In this way, network quality will improve, optimization will be more effective, and everyone will benefit.
In conclusion, it is essential to overcome the resistances and fears associated with IPv6, adequately train technicians, and continually update ourselves on new developments. Only in this way can we ensure a more efficient, secure, and sustainable future for our networks and connected devices.
Written and posted by: Stefano Marinelli