IP Addressing: IPv4 versus IPv6

The Internet began to grow rapidly in the early 1980s. Then, when the World Wide Web was introduced in the early 1990s, the growth exploded even more. Even before the World Wide Web, network specialists around the world saw that the growth rate would eventually exhaust the available IP addresses. They predicted that the number of devices needing to connect to the Internet would soon exceed the number of available addresses. At that time, there was only one standard IP addressing scheme. The fourth version of IP addresses, IPv4, was the first version in widespread use. Everyone knew the IPv4 addresses were unable to keep up with the rapid Internet growth.

The Internet needed a new way to address devices that would allow many more addresses. These additional addresses were needed to allow the growing number of computers, smartphones, tablet computers, consumer electronics, and hundreds of other types of devices to connect to the Internet. The new addressing format is the sixth version of IP, IPv6. IPv4 is still the more common addressing scheme, but IPv6 is gaining in popularity and becoming more common. You will learn about both of these important IP addressing schemes in this section.

NOTE

The Internet Assigned Numbers Authority (IANA) is the organization responsible for coordinating IP addresses and resources around the world. The IANA reported that it exhausted the primary address pool of IPv4 addresses on February 3, 2011.

IPv4

IPv4 is the fourth revision of the IP addressing scheme, but was the first revision to be deployed in most IP networks. IPv4 is the most common version in use today. IPv4 and the newer IP revision form the basis of the standard protocols used across the Internet. The Internet Engineering Task Force (IETF), a global volunteer organization that develops and promotes Internet standards, published the IPv4 description in 1981. The document RFC 791 contains the complete IPv4 specification including the details of the IPv4 structure and use.

IPv4 was designed primarily for packet-switched networks. Because the intent of the protocol was to support dynamic paths between source and destination, IPv4 does not rely on existing circuits. It’s called a connectionless protocol. IPv4 treats each packet as a separate entity and allows each packet to travel along a different path to its destination. Intermediate network nodes can route packets based on current network conditions. IPv4 relies on higher layer protocols, such as TCP, to establish connections, handle errors, and guarantee delivery.

IPv4 addresses are 4-byte (32-bit) numbers. This means IPv4 can address 232 or 4,294,967,296 unique devices. Although that sounds like plenty of IP devices, today’s Internet has many more than 4 billion potential devices worldwide. To avoid running into the upper limit of IP addresses, the IPv4 specification includes three blocks of private addresses.

Another common feature that routers and firewalls may support is Dynamic Host Configuration Protocol (DHCP), a standard method for internal devices to request and receive IP addresses and configuration information. An organization’s DHCP server may be part of a router or firewall device, but is generally a separate server. DHCP makes it possible to provide network connections to many devices without having to manually configure each one. Organizations that use Network Address Translation (NAT) and private IP addresses make it possible to continue using IPv4 even through the rapid Internet expansion. Although it’s being replaced with IPv6, IPv4 will be around for many years.

IPv4 addresses are not commonly expressed as 32-bit integers. Instead, they are written as four separate 8-bit numbers, called octets, separated by periods or dots. This common IPv4 representation is called dot notation. An 8-bit number can be in the range of 0 to 255, so these numbers are easier for people to handle.

A table has six columns: Class, Leading Bits, Size Of Network Field, Number Of Networks, Number Of Nodes, and Address Range. The row entries are as follows. Row 1: Class, A, large. Leading Bits, 0. Size Of Network Field, 8. Number Of Networks, 128. Number Of Networks, 16,777,216. Address Range, 0.0.0.0 to 127.255.255.255. Row 2: Class, B, medium. Leading Bits, 10. Size Of Network Field, 16. Number Of Networks, 16,384. Number Of Networks, 65,536. Address Range, 128.0.0.0 to 191.255.255.255. Row 3: Class, C, small. Leading Bits, 110. Size Of Network Field, 24. Number Of Networks, 2,097,152. Number Of Networks, 256. Address Range, 192.0.0.0 to 223.255.255.255. Row 4: Class, D, multicast. Leading Bits, 1110. Size Of Network Field, Not applicable. Number Of Networks, Not applicable. Number Of Networks, Not applicable. Address Range, 224.0.0.0 to 239.255.255.255. Row 5: Class, E, future use. Leading Bits, 1111. Size Of Network Field, Not applicable. Number Of Networks, Not applicable. Number Of Networks, Not applicable. Address Range, 240.0.0.0 to 255.255.255.255. TIP

You can find several IP address calculators online; for example, https://www.countryipblocks.net/ip_calculator.php. This website provides several IPv4 calculators to make IP address management easier.

Classful Network

The original addressing architecture used for the Internet used classful networks. This addressing architecture created five different types of networks based on their required number of nodes. Each class of network was restricted to a range of IP addresses; for example, Class A networks were all networks in which the leading digit on the IP address was 0. Class A networks could contain a large number of nodes. The tradeoff came in balancing the number of networks and the number of nodes. Because of the limited number of bytes in the IPv4 address, the classful network architecture limited the number of larger Class A and Class B networks. On the other hand, classful networks allowed many more Class C networks with fewer nodes. The IANA issued IP addresses based on the expected number of nodes a network would support. This strategy limited the IANA’s flexibility and ended up wasting IP addresses. TABLE 5-1 shows how the five classes compare with one another.

TABLE 5-1 Classful Network Classes

Loopback and Reserved Addresses

A loopback address is a test address that a physical or virtual network interface card can use to test whether it is working properly and the TCP/IP stack is installed. Testing a network with an IP-based application with a virtual server and virtual workstation can now be performed on a single host. Users can test virtual communications without accessing the physical network.

In IPv4, 127.0.0.1 is the most commonly used loopback address; however, this IP address range extends to 127.255.255.255.

A reserved address is specifically used with internal IP networks or intranets. A loopback address is an example of a reserved address. Each class of network has reserved IP addresses that support a specific testing or operational function. Reserved addresses are not broadcast on the public Internet.

For a list of special or reserved IPv4 address ranges and associated Requests for Comments (RFCs), visit this website: https://www.iana.org/assignments/iana-ipv4-special-registry/iana-ipv4-special-registry.xhtml

Classless Inter-Domain Routing

The original classful architecture was replaced in 1993, when the IETF published new standards for allocating IP address blocks. The new standards are contained in RFC 1518 and RFC 1519, and updated in RFC 4632. The IANA now manages network addressing using Classless Inter-Domain Routing (CIDR). CIDR allows the IANA to segment any address space to define larger or smaller networks as needed. This new strategy gives the IANA far more flexibility to allocate networks of virtually any size without wasting large blocks of IP addresses. Classful networks were based on fixed network identifiers. CIDR uses Variable Length Subnet Masking (VLSM) to allow networks to be fragmented into any size subnetwork.

CIDR defines networks using IP address prefixes. The IANA can allocate a network that consists of any number of binary bits to form the network’s address. A CIDR block is a group of addresses that share the same prefix. Classful networks defined only a limited number of network prefixes based on network class. CIDR allows network prefixes of any length, up to the IPv4 address size. The CIDR address format is similar to the IP address dot notation. A network’s address is the base IP address in dot notation, followed by the number of bits in the prefix. The two values are separated by a slash character (/). TABLE 5-2 shows several CIDR block address examples.

TABLE 5-2 CIDR Block Addresses
CIDR BLOCK ADDRESS IP ADDRESS RANGE COMMENTS
168.12.0.0/16 168.12.0.0 to 168.12.255.255 Same as classful Class B network
201.100.98.0/24 201.100.98.0 to 201.100.98.255 Same as classful Class C network
131.98.80.0/20 131.98.80.0 to 131.98.95.255 Does not map to a classful class—defines a network with 4096 addresses
222.123.88.80/28 222.123.88.80 to 222.123.88.95 Does not map to a classful class—defines a network with 16 addresses

FYI

CIDR address block notation really uses two numeric notations. The IPv4 address part is in dot notation. That means it contains four octets. The second part of the CIDR address block is the number of bits in the network address. That means that to determine whether an IP address is in a specific network, you have to visualize the address in binary form. Then, just compare the leading bits to see if they match the network’s address. For example, the CIDR address block 168.12.0.0/16 has a binary network address of:

10101000.00001100.00000000.00000000

Any IP address with the same leading 16 bits (10101000.00001100) would be in this network.

Subnet Mask

Many networks define a subnet mask to serve the same purpose as the prefix length of CIDR address blocks. The subnet mask is a binary number that contains all 1’s in the leftmost prefix length positions. All other bits are 0’s. For example, the subnet mask for the CIDR address block 168.12.0.0/16 would be:

11111111.11111111.00000000.00000000

This subnet mask contains 16 ones and is followed by 16 zeros. The common notation for subnet masks is dot notation. So, this subnet mask would commonly appear as: 255.255.0.0

Networks use the subnet mask to help determine which network a given IP address belongs to by indicating which part of an IP address denotes the network and which part denotes the host. This helps make routing decisions to determine where to send a packet. The IP address 192.168.1.2 with a subnet mask of 255.255.255.0 can be seen as N.N.N.H (with N = network and H = host). All eight bits in each of the first three octets indicate the network and all eight bits in the last octet indicate the host. So, the IP address 192.168.1.2 belongs to network 192.168.1.0. TABLE 5-3 shows the subnet masks for example CIDR block addresses.

TABLE 5-3 Subnet Masks
CIDR BLOCK ADDRESS SUBNET MASK
168.12.0.0/16 255.255.0.0
201.100.98.0/24 255.255.255.0
131.98.80.0/20 255.255.240.0
222.123.88.80/28 255.255.255.240
Private Networks

The IPv4 protocol defines three ranges of addresses for private networks. A private network is one that contains private IP addresses. Private IP addresses are not routable, which means public routers won’t forward any packets with private IP addresses. The purpose of private IP addresses is to allow organizations to assign their own device IP addresses from the private network ranges. This practice allows organizations to consume only a small number of public IP addresses. The organization’s perimeter network devices will use NAT to map internal private IP addresses to external routable IP addresses. As defined in RFC 1918, the ranges of private IPv4 addresses are:

  • 10.0.0.0 to 10.255.255.255
  • 172.16.0.0 to 172.31.255.255
  • 192.168.0.0 to 192.168.255.255

Organizations can obtain a small number of public addresses and use private addresses for all of their internal IP devices. NAT devices map IP addresses to another set of IP addresses to save public IP address space and utilize private IP addressing internally. Many routers and firewalls support NAT. NAT is needed when you translate IP addresses from one network to another. Port address translation (PAT) also maps internal IP addresses to public or external IP addresses. PAT allows you to share a single, public-facing IP address with a range of internal, private IP host addresses.

Resolving Addresses

Thus far, you have seen only IP addresses used to identify hosts; however, it’s more common to use host names to identify hosts in many applications. Host names are more meaningful than IP addresses; for example, the host name amazon.com is more descriptive than one of Amazon’s IP addresses: 72.21.211.176. Because applications and users like to use host names, it’s important to look up the IP address for a given host name. The process of finding an IP address for a host name is called address resolution. The Domain Name System (DNS) is a hierarchical naming system that allows organizations to associate host names with IP address name spaces. DNS servers store these associations and make the tables available for network users. DNS servers return an IP address when given a known host name. DNS is a simple service, but it’s crucial to making the Internet a usable network. DNS servers keep up with the changing host names and make it easy to react to any organization that changes its IP addresses.

Technical TIP

How Do NAT and PAT Work?

Suppose you have a LAN and want to use a private IP address of 192.168.1.0/24 to connect to the public Internet using a pool of public IP addresses. This can be performed using NAT. If enabling NAT, all public-facing IP host addresses can be translated to the private, 192.168.1.0/24 IP host addresses. NAT requires a properly sized IP host address pool of available IP host addresses to work properly.

PAT has an internal algorithm that uses the original source port number of the internal IP host to make a unique public IP address and port number value. For example, two hosts assigned the IP addresses of 192.68.1.100 and 192.68.1.101 could send traffic to and from the Internet by using the shared public IP address 172.122.40.41 and a unique source port number. If the source port number is already allocated, PAT searches for an available one. Any internal IP host at IP address 192.168.1.100 could access the Internet by using the shared public IP address and a source port value of 172.122.40.41:10000. Meanwhile, the host at IP address 192.168.1.101 could access the Internet by using the IP address and source port value of 172.122.40.41:10001.

Most residential or commercial Internet service providers provide Internet access to home users and businesses in this manner. PAT is typically used to translate all the internal private IP addresses on the internal network to a single, shared IP address that connects to the Internet. PAT uses a 16-bit source port number to translate between an internal IP host and the Internet.

IPv6

In spite of the efforts to reduce the number of IP addresses organizations required, IPv4 addressing was not able to keep up with the explosive demand. Today’s wide range of network-ready devices needs IP addresses to be truly useful. Many of these devices are always on and connected to the network. That means any strategy that depends on sharing IP addresses won’t work. As demand for Internet connections increased, so did the need for a new way to address the new devices. The IETF published a new standard for IP addresses in RFC 2460. The new standard, IPv6, makes several changes to the older IPv4 standard.

NOTE

An undecillion is a very large number that consists of a 1 followed by 36 zeros.

The primary motivation for creating IPv6 was to increase the network address space. IPv6 accomplishes this goal by increasing the address size from the IPv4 32 bits to 128 bits. IPv4 could address 232 devices, or around 4.3 billion. IPv6’s larger address size can address 2128 devices, or over 340 undecillion.

IPv6 does much more than just switch to a bigger address. In using a bigger address, IPv6 effectively does away with the need for NAT. Recall that NAT was introduced to deal with the eventual exhaustion of IPv4 addresses. With a nearly endless pool of IPv6 addresses, NAT is no longer needed to reuse network addresses. IPv6 also has several additional features, including:

  • Making assigning IP addresses easier
  • Simplifying renumbering networks
  • Standardizing the host identification part of the address
  • Integrating network security into the protocol
  • Defining multicasting as part of the specification

IPv6 addresses are 128 bits in length, so they need a different notation. The classic IPv4 dot notation would require 16 octets and be awkward to use. IPv6 addresses are expressed as eight groups of four hexadecimal digits. Each group is separated by colons. For example, you would write an IPv6 network address as:

2001:0db8:0000:0000:0206:0000:a80c:052b

IPv6 addresses that specify a unique device are called unicast addresses. Generally, IPv6 unicast addresses are logically divided into two 64-bit segments (see FIGURE 5-7). The first 64-bit segment (the first four groups of hexadecimal digits) represents the network prefix, which identifies the network. IPv6 uses a variable length network prefix similar to CIDR in IPv4, which also uses a variable length network prefix. The second 64-bit segment (the second group of four hexadecimal digits) represents the interface identifier (IID) or host. Each device has a unique interface identifier for a given network. In fact, the interface identifier can be generated from the device interface’s MAC address or by using a random number generation process.

An array depicts the I P v 6 address format, which has a total length of 128 bits and split in two 64-bits: the first 64 bits comprise the network prefix, and the last 64 bits comprise the interface I D. Text reads, X X X X equals 0000 through F F F F.

FIGURE 5-7 IPv6 address format.

The IPv6 address format can still be long and sometimes repetitive; for instance, consider the following IPv6 address:

2001:0db8:0000:0000:0206:0000:a80c:052b

The IPv6 specification offers two rules to abbreviate IPv6 addresses. Abbreviated addresses are smaller and contain less redundant information. The two rules for IPv6 address abbreviating are:

  1. You may omit any leading zeros within any group of hexadecimal digits.
  2. You may replace only one grouping of two or more consecutive groupings of zeros in an address with a double colon.

These two simple rules allow IPv6 packets to compress network addresses without losing any of the address details. TABLE 5-4 shows several examples of IPv6 address abbreviation.

TABLE 5-4 IPv6 Address Abbreviation
FULL IPV6 ADDRESS COMPRESSED ADDRESS COMMENT
2001:0db8:0000:0000:0206:0000:a80c:052b 2001:db8:0:0:206:0:a80c:52b Rule 1: Drop leading zeros
2001:0db8:0000:0000:0206:0000:a80c:052b 2001:db8::0206:0000:a80c:052b Rule 2: Replace consecutive zeros
2001:0db8:0000:0000:0206:0000:a80c:052b 2001:db8::206:0:a80c:52b Rules 1 and 2
Network Methodologies

IPv6 supports three different methodologies to send packets. The different methodologies make it easier to send packets to their desired destinations. IPv6 includes methods to send packets to one, several, or many destinations. These methodologies include:

  • Unicast—Sending a packet to a single destination
  • Anycast—Sending a packet to the nearest node in a specified group of nodes
  • Multicast—Sending a packet to multiple destinations

Unlike IPv4, IPv6 does not support sending broadcast-type packets. A broadcast address sends a packet to a complete range of IP addresses. Sending broadcast messages to a large subnet can cause network congestion and allow attackers to affect a network’s availability. Each IPv6 address includes a scope value. The scope identifies the part of the network in which the address is valid. Organizations can use IPv6 scope to limit a node’s communication to a local subnet or to a larger network.

IPv4 to IPv6

Due to the structural differences between IPv4 and IPv6, each requires its own layer in the OSI Reference Model. That means there need to be at least two stacks at Layer 3 to support both versions of IP. Changing from IPv4 to IPv6 is a gradual process that requires operating system support of both versions during the transition. Most, if not all, current operating systems support a dual IP stack, which means the operating system supports both IPv4 and IPv6 using two separate network stacks for IP. Each operating system can decide to implement dual IP stacks with separate stacks or by using a hybrid approach. Dual IP stacks allow programmers to deploy software that works on either IPv4 or IPv6 without having to be concerned with the networking details. Programmers should write code that specifically uses IPv6 addresses. They can continue to use IPv4 addresses and let the dual IP stack use a special IPv6 address format, the IPv4-mapped address. However, some networks may have only IPv6 running. In that case, applications will need to be accessible by those IPv6-only devices, which will become more prevalent over time.

IPv4-mapped addresses allow IPv6 to use existing IPv4 addresses. An IPv4-mapped address is composed in the following manner:

  • The first 80 bits are set to zero.
  • The next 16 bits are set to one.
  • The remaining 32 bits correspond to the IPv4 address.

For example, the IPv4 address 216.12.18.44 would be represented in IPv6 as the IPv4-mapped address:

::ffff:216.12.18.44

Literal IPv6 Addresses

IPv4 addresses are commonly used in network resource identifiers and in Universal Naming Convention (UNC) path names. Both addressing options include the IPv4 address to identify a host. IPv6 addresses pose a problem: The colon character is a reserved character in both network resource identifiers and UNC path names. The colon character is already used for other purposes. The IPv6 specification contains special handling for each of these situations. TABLE 5-5 summarizes how IPv6 addresses can be used in each context.

TABLE 5-5 IPv6 Literal Addresses
ENTITY RESOLUTION EXAMPLE
Network resource identifier—The colon character already separates the host name and port number. Add square brackets around literal IPv6 addresses. http://[2001:db8::206:0:a80c:52b]:8080
UNC path names—The colon character is an illegal character. Convert colon characters to dashes, and append the “.ipv6-literal.net” domain to IPv6 literal addresses. 2001:db8::206:0:a80c:52b would be written as: 2001-db8--206-0-a80c-52b.ipv6-literal.net

IPv6 provides more addresses, flexibility, and security than its predecessor. The IPv6 specification includes features that ease the process of transitioning to the new standard. IPv6 is the future of the Internet. It’s the protocol that will allow the Internet to continue to grow and mature.

..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.
Reset
52.14.240.178