Friday, September 09, 2011
Address allocation changes in IPv6
IPv6 represents such a systemic change to the way IP addresses are allocated across an organization that businesses may need to completely revise their strategies and processes to make room for the new protocol, Network Computing reported.
According to the news source, the primary similarities in address location between the two protocols exist within the binary level. In this area, there are a few practices commonly used for IPv4 that can also be applied to IPv6. Among them is the process of dividing address bits between network parts that help technicians identify the precise link location of the device attached to the address. Similarly, IPv4 practices for CDIR notation can also be applied to IPv6. However, these binary-level similarities are the only core address allocation likenesses between IPv4 and IPv6, and almost everything else will need to change when migrating to the new protocol.
The primary difference between allocating addresses in IPv6 instead of IPv4 comes down to the core logic used to disperse IPv4 addresses. The report explained most IPv4 address allocation strategies depended heavily on subnetting, a process used to maximize the reach of IPv4 addresses by borrowing host prefixes within a subnet. This process helped extend the lifecycle of IPv4 addresses and has become an entrenched practice in many settings.
However, the report explained processes designed to essentially recycle address prefixes are entirely divergent from what IPv6 requires, as the new protocol features enough addresses and an architecture to allow each device to have its own IP address.
The news source said the full scope of this core difference between IPv4 and IPv6 by pointing out that a company given a /40 IPv6 prefix will have enough addresses to /64 subnets, the equivalent of 4.3 billion subnets. This comes together to almost equal the number of subnets possible in all of IPv4 within a single deployment of IPv6.
With such major changes to how businesses will manage, allocate and disperse IPv6 addresses and corresponding infrastructure, many experts expect the migration to create significant security issues. According to a recent Light Reading report, IPv6 is designed to be inherently more secure than IPv4. However, Merike Kaeo, chief Network Security architect for Double Shot Security, told the news source that threats have become more sophisticated than those IPv6 was originally designed to prevent and businesses must respond by investing in security systems designed to work well with IPv6.