1

I understand that the world is moving toward IPv6 because of IPv4 address exhaustion. I also understand that a server can listen for connections on both IPv4 and IPv6.

My question is, with respect to a web service: under what circumstances would a user connect using IPv6? Does it depend on their ISP?

Nathan Long
  • 1,545
  • 7
  • 22
  • 38

1 Answers1

0

This is a task which normally is usually performed "behind the scenes", nowadays more companies are choosing to point their domains to an IPv6 server, however this is transparent for the end users, they will not be aware if the website is working with IPv6 or IPv4. The main responsibility here is on the back-end side and the system or network administrator needs to keep in mind several factors to start using IPv6 and the advantages that this can represent.

  • The network capabilities of the current back-bone infrastructure (Severs, Firewalls, Loadbalancers, Routers).

  • Security - IPv6 can run end-to-end encryption and IPv6 also supports more- secure name resolution.

  • Scalability -If the company is expecting to have a huge increase of traffic over their web sites in the near future, IPv6 is the option.

  • Reduce of processing on Network Devices - An advantage that IPv6 has over IPv4 is its large 128-bit address space, which creates sufficient globally- unique addresses and removes the requirement for NAT, also It enables internet service providers to reduce the size of their routing tables by making them more hierarchical.

At the end, sooner or later all we will have to migrate our resources from IPv4 to IPv6, so, If you can start considering to migrate your web sites to IPv6, you will be making sure the continuity of your services in Internet and you will be avoiding further incompatibility problems.

Octavio Alamilla Galicia
  • 42
  • 2
  • Can you elaborate why IPv6 is more secure than IPv4? How exactly is name resolution more secure in IPv6? Why would huge increase in traffic be handled better with IPv6? – Tero Kilkanen Oct 30 '20 at 22:50
  • 1
    @TeroKilkanen, a big problem with IPv4 is NAPT, which prevents IPv4 from being able to use IPsec as a transport protocol or part of the IPv4 protocol, but it is built into IPv6. NAPT prevents the use of any transport protocols other than TCP, UDP, or ICMP, and it it is quite resource intensive, slowing packet forwarding. Also, fragmentation has been removed from IPv6, which speeds packet delivery. A fixed IPv6 header size also speeds packet forwarding because the intermediate devices do not need to account for a variable length IPv4 packet header. – Ron Maupin Oct 31 '20 at 04:29
  • This is semantics, but IPv6 itself isn't automatically more secure than IPv4. It does allow IPSec implementation, but since IPSec is not implemented by default over IPv6, IPv6 by default is as secure as IPv4. Also, NAPT processing power argument does not apply to the mentioned use case for scalability, since web sites don't use NAPT. Packet forwarding speed improvements do affect scalability, but how big is the scalability improvement in practice for a single web site? – Tero Kilkanen Oct 31 '20 at 08:46
  • My point here is, IPv6 is a good thing and I am waiting for the day when everything is IPv6 only. However, inaccurate arguments about benefits are not useful. – Tero Kilkanen Oct 31 '20 at 09:09
  • 1
    @TeroKilkanen, I did not make the security claims. Many web sites do use NAPT and port forwarding. Real world tests have shown a big improvement over IPv4 across the public Internet. Also, business-to-business is often encrypted with IPv6 across the public Internet. Other protocols that simply cannot be used with IPv4 due to NAPT (at least at the customer site) can now be used with IPv6. There is now great interest in SCTP (Windows does not natively support it, but that may change) and other protocols that are more difficult to implement (requiring something like STUN/TURN). – Ron Maupin Oct 31 '20 at 16:41