“Many players in the ISP segment are aware of the issues and the urgency to act.”
The Internet is facing a technical split, we are entering into a future where it contains two sets of underlining Internet Protocols: IPv4 and the newest version IPv6.
This is according to new study published Wednesday by the Georgia Institute of Technology’s Internet Governance Project.
A key finding of the report is that adoption of IPv6 globally is moving at a slow pace: “Of the 215 economies measured, only 26 (12%) had steadily increasing levels of IPv6 capability over the three year study period.”
They found that there is currently very little incentive for small enterprise networks to move to the latest protocol, as they don’t need to grow at the same pace as larger organisations and in the coming years they will still be: “Lodged in a slower-moving software and hardware ecosystem tied to IPv4.”
IPv4 Addresses are Running Out
Essentially the Internet Protocol consists of a header and payload. The header is the source IP address, while the load is the data that is being sent.
All IP addresses assigned to networks, computers and individual IoT devices are assigned via the Internet protocol.
The problem is IPv4 creates unique IP addresses based on a 32-bit base, so it can only create 4,294,967,296 (4.2 billion) IP addresses.
As the Internet matures, expands and incorporates points of entry like Internet of Things devices it needs a lot more unique addresses than the 4.2 billion IPv4 can provide.
It’s a problem we have already solved with IPv6, which is 128-bit, and capable of creating a tad few more IP addresses than its predecessor.
340,282,366,920,938,463,463,374,607,431,768,211,456 to be exact. (That’s 340 undecillion,
282 decillion, 366 nonillion, 920 octillion, 938 septillion, 463 sextillion, 463 quintillion, 374 quadrillion, 607 trillion, 431 billion, 768 million, 211 thousand for those who care).
To put this into context IPv6, is capable of providing enough addresses for every atom that is on planet Earth and still have a significant amount left.
IPv4 versus IPv6: Companies Are Hesitant to Decide
Organisations have been slow to move to IPv6 for several reasons, such as not actually needing vast amounts of new IPs; deployment cost of upgrading to IPv6 is also a consideration. With regards to cost the issue isn’t getting a IPv6 IP, as they are cheap and clearly abundant, it’s the initiation and maintenance that requires investment.
The Internet Governance Project study also found that there is a robust market for second hand IP addresses, noting that the cost of an IPv4 address roses frpm $8.00 in 2014 to $17.00 in 2018. Organisations that are holding onto used IPv4 addresses have a growing incentive to sell them on, thus alleviating a scarcity problem that could drive IPv6 adoption
James Karimi, Senior Vice President of Engineering at GTT said: “Many players in the ISP segment are aware of the issues and the urgency to act. However, as long as there are the technical means to overcome the IPv4 addressing shortage, such as creating gateways with shared IPv4 for several connected machines, and there are no regulatory mandates to cutover to IPv6, the migration to IPv6 will be slowed.”
“A migration to IPv6 has other benefits beyond increasing the number of available IP addresses. IPv6 simplifies some network layer functions such as routing and mobility, and offers better security options through better thought engineering and a more adapted IPsec protocol management. Due to the almost limitless number of available addresses, IPv6 would be more efficient than IPv4 for video delivery and would simplify the internal addressing of high-performance computing centers.”
Benefits for Mobile and IoT Device is Clear
Enterprises who are deploying mobile internet services or IoT devices are opting for IPv6 and are slowly diverting traffic away from the now older IPv4 protocoled internet.
A major issue is that IPv6-only and IPv4-only hosts cannot communicate with each other without an intermediate gateway.
Wicus Ross Lead Security Researcher SDLabs told us that: “IPv4 network deployments rely heavily on perimeter security to protect and NAT [network address translate] private networks. IPv6 network implementation differs from this greatly and almost forces organisations to consider zero trust network deployment architecture, which is a big mind shift. It almost feels as if the lack of zero trust network adoption is the reason why IPv6 has seen low adoption.”
Security is a big concern for enterprises going forward, not just in the case of the technology, but about the messy ecosystem two competing protocols could create. Companies are already trying to manage hybrid cloud infrastructures and a host of other mixed services. Poor organisation and misconfiguration is a growing threat for IT departments.
Ed Williams Director EMEA SpiderLabs at Trustwave told us that his: “Biggest concern around the adoption of IPv6, is organisations not understanding they may already be dual stacked i.e. running both IPv4 and IPv6.”
“We’ve seen numerous occasions where the IPv4 Internet facing infrastructure is mature, when we look at the IPv6 Internet facing infrastructure, this is often less mature and offers a target rich environment for the bad guys.”
The report from the Internet Governance Project highlights that there is a risk the internet is splitting into two camps that may struggle to interoperate. As it stands IPv6 is here and being adopted, albeit slowly, but IPv4 is not going to just disappear.
“The wisest course of action for the global Internet technical community is to look forward to a mixed IPv4-IPv6 world for the next 20 years and plan accordingly,” advises Internet Governance Project.