Mapping the Spectral Landscape of IPv6 Networks

Trailrunner7 writes: Like real estate, we're not making any more IPv4 addresses. But instead of trying to colonize Mars or build cities under the sea, the Internet's architects developed a separate address scheme with an unfathomably large pool of addresses. IPv6 has an address space of 2^128, compared to IPv4's 2^32, and as the exhaustion of the IPv4 address space began to approach, registries started allocating IPv6 addresses and there now are billions of those addresses active at any given time. But no one really knows how many or where they are or what's behind them or how they're organized.

A pair of researchers decided to tackle the problem and developed a suite of tools that can find active IPv6 addresses both in the global address space and in smaller, targeted networks. Known as ipv666, the open source tool set can scan for live IPv6 hosts using a statistical model that the researchers built. The researchers, Chris Grayson and Marc Newlin, faced a number of challenges as they went about developing the ipv666 tools, including getting a large IPv6 address list, which they accumulated from several publicly available data sets. They then began the painful process of building the statistical model to predict other IPv6 addresses based on their existing list.

That may seem weird, but IPv6 addresses are nothing at all like their older cousins and come in a bizarre format that doesn't lend itself to simple analysis or prediction. Grayson and Newlin wanted to find as many live addresses as possible and ultimately try to figure out what the security differences are between devices on IPv4 and those on IPv6.

Nothing Bizare about IPv6

[rahvin112]

The Post author is completely wrong when he says that IPv6 is in some bizarre format. IPv6 is exactly the same as IPv4, it's block of numbers. The primary difference is that IPv4 was arranged in a set of 4 blocks of 255 bit numbers. This was workable with a 32 bit address. Ipv6 on the other hand has 128 bits.

To handle a 128 bit address with the same 255 block format of ipv4 you'd need 16 blocks rather than 4. To make this easier and narrow it down to just 8 blocks of 4 digits they decided using HEX would be easier. The addressing scheme was also designed to solve many of the problems Ipv4 had, including automatic creation of a private locally addressable-only address space (the link local).

They also added an address assignment scheme that didn't required DHCP to find an assign an IPv6 address. This is called SLACC and in theory makes it trivial to setup an IPv6 network of devices without needing to build a huge DHCP server (for example in a factory where machinery needs IP addresses but have very primitive computing resources). They also designed the network so that it wouldn't be fragmented requiring huge BGP tables. Every Ipv6 network address is supposed to come with 64 bits of addresses for the user (providing the ISP complies with the RFC and provides each user a /64 as the RFC requires. What this means is that with every public IPv6 address you have 2 IPv4 networks worth of addresses to use on your own network.

There was a lot of though that went into IPv6 into solving a lot of the problems of IPv4. It does take a little getting used to because the numbers are so much bigger and it uses HEX by default to narrow down the number of digits. But other than the spin up of learning about all the new features of IPv6 and getting used to using HEX addressing it's quite a bit nicer to use IMO.

Re:Nothing Bizare about IPv6

First off, if you're going to complain about something, you really ought to know what you're complaining about. The various addresses you mention are quite frankly. WRONG and INCORRECTLY formatted. An IPv6 address is simply 8 groups of 4 hexadecimal numbers. Then to reduce the length of the notation, you first remove any leading zeros. And finally, you can eliminate the largest string of zeros with "::". A properly formatted IPv6 address will have at most ONE pair of colons with nothing between them.

So let's take an example IPv6 address of 2001:0db8:85a3:0000:0000:8a2e:0370:7334
Now let's get rid of unneeded leading zeros. 2001:db8:85a3:0:0:8a2e:370:7334
And finally, get rid of the longest string of zero groups. 2001:db8:85a3::8a2e:370:7334

Now contrast that to the BS examples you gave of ::::ff::00, ::::323::f0::c7, and ::::00::e1::27
The first value you gave had 6 colons, which is possible if you've eliminated two groups of zero. But you have the sequence "::::" which is quite illegal, you'll never see more than 2 colons in a row. And if you do see two colons in a row, you'll only see that sequence ONCE. Then your next 2 examples have 8 colons each. WHAT? That would imply 9 groups of 4 hex digits or a length of 144 bits, not the 128 bits of IPv6.

Headline Revised [Re:Infinity is larger than that]

[XXongo]

I see that /. revised the headline: when I posted that comment, the headline was "Mapping the Infinitely Large Address Space of IPv6 Networks". Now it's been revised to remove the "infinitely large" phrase: "Mapping the Spectral Landscape of IPv6 Networks." So, if it seems like the comment doesn't make sense-- that's why.