Mapping the Spectral Landscape of IPv6 Networks

Trailrunner7 writes: Like real estate, we're not making any more IPv4 addresses. But instead of trying to colonize Mars or build cities under the sea, the Internet's architects developed a separate address scheme with an unfathomably large pool of addresses. IPv6 has an address space of 2^128, compared to IPv4's 2^32, and as the exhaustion of the IPv4 address space began to approach, registries started allocating IPv6 addresses and there now are billions of those addresses active at any given time. But no one really knows how many or where they are or what's behind them or how they're organized.

A pair of researchers decided to tackle the problem and developed a suite of tools that can find active IPv6 addresses both in the global address space and in smaller, targeted networks. Known as ipv666, the open source tool set can scan for live IPv6 hosts using a statistical model that the researchers built. The researchers, Chris Grayson and Marc Newlin, faced a number of challenges as they went about developing the ipv666 tools, including getting a large IPv6 address list, which they accumulated from several publicly available data sets. They then began the painful process of building the statistical model to predict other IPv6 addresses based on their existing list.

That may seem weird, but IPv6 addresses are nothing at all like their older cousins and come in a bizarre format that doesn't lend itself to simple analysis or prediction. Grayson and Newlin wanted to find as many live addresses as possible and ultimately try to figure out what the security differences are between devices on IPv4 and those on IPv6.

Nothing Bizare about IPv6

[rahvin112]

The Post author is completely wrong when he says that IPv6 is in some bizarre format. IPv6 is exactly the same as IPv4, it's block of numbers. The primary difference is that IPv4 was arranged in a set of 4 blocks of 255 bit numbers. This was workable with a 32 bit address. Ipv6 on the other hand has 128 bits.

To handle a 128 bit address with the same 255 block format of ipv4 you'd need 16 blocks rather than 4. To make this easier and narrow it down to just 8 blocks of 4 digits they decided using HEX would be easier. The addressing scheme was also designed to solve many of the problems Ipv4 had, including automatic creation of a private locally addressable-only address space (the link local).

They also added an address assignment scheme that didn't required DHCP to find an assign an IPv6 address. This is called SLACC and in theory makes it trivial to setup an IPv6 network of devices without needing to build a huge DHCP server (for example in a factory where machinery needs IP addresses but have very primitive computing resources). They also designed the network so that it wouldn't be fragmented requiring huge BGP tables. Every Ipv6 network address is supposed to come with 64 bits of addresses for the user (providing the ISP complies with the RFC and provides each user a /64 as the RFC requires. What this means is that with every public IPv6 address you have 2 IPv4 networks worth of addresses to use on your own network.

There was a lot of though that went into IPv6 into solving a lot of the problems of IPv4. It does take a little getting used to because the numbers are so much bigger and it uses HEX by default to narrow down the number of digits. But other than the spin up of learning about all the new features of IPv6 and getting used to using HEX addressing it's quite a bit nicer to use IMO.

Re:Nothing Bizare about IPv6

[stooo]

>> but to regular users, the address format is the biggest hurdle to adoption.
That's OK.
Regular users don't need to do anything with an IP address.

Re: Nothing Bizare about IPv6

[jd]

Easy.

The top two bytes identify packet type.

The next two bytes are the ID of a router.

The next two bytes are the ID of a router on a given connection.

And so on, until you reach 48 bits that identify the computer on a router.

From any given point, you care about the two bytes above and either the two bytes below or the 6 bytes below if they're the last 6.

It's the equivalent of being given directions. Take a left at the third roundabout, then take a right at the second traffic light.

There's no nine year old outside of vegetative state that can't understand that. V4 is far more complex.

Re:Nothing Bizare about IPv6

[UnknownSoldier]

> I am able to explain an IPv4 address to a nine year old. However I don't understand Ipv6 addressing fully myself as it's just too damn complicated and cryptic with all colons and hex.

A phone number uses dashes as separators and is in base 10; IPV6 uses colons and is in base 16. Is it really THAT hard to understand??? (Also you don't write leading zeroes which is true in any base.)

e.g.
* 555-1234
* ::55:12:34

> adding two octals to the current IPv4 scheme.

Because if you are going to require a completely new incompatible scheme it is better to plan for the future and make sure you never run out of adddresses then to band-aid a half-baked kludge that will be obsolete sooner rather then later.

Re:Nothing Bizare about IPv6

First off, if you're going to complain about something, you really ought to know what you're complaining about. The various addresses you mention are quite frankly. WRONG and INCORRECTLY formatted. An IPv6 address is simply 8 groups of 4 hexadecimal numbers. Then to reduce the length of the notation, you first remove any leading zeros. And finally, you can eliminate the largest string of zeros with "::". A properly formatted IPv6 address will have at most ONE pair of colons with nothing between them.

So let's take an example IPv6 address of 2001:0db8:85a3:0000:0000:8a2e:0370:7334
Now let's get rid of unneeded leading zeros. 2001:db8:85a3:0:0:8a2e:370:7334
And finally, get rid of the longest string of zero groups. 2001:db8:85a3::8a2e:370:7334

Now contrast that to the BS examples you gave of ::::ff::00, ::::323::f0::c7, and ::::00::e1::27
The first value you gave had 6 colons, which is possible if you've eliminated two groups of zero. But you have the sequence "::::" which is quite illegal, you'll never see more than 2 colons in a row. And if you do see two colons in a row, you'll only see that sequence ONCE. Then your next 2 examples have 8 colons each. WHAT? That would imply 9 groups of 4 hex digits or a length of 144 bits, not the 128 bits of IPv6.

Re:Nothing Bizare about IPv6

Actually, phone numbers are also in base16 - though the end user has no way of dialing {a..f}. It's mainly a curiosity, but they're used internally for diagnostics and range remapping...

Re:Balderdash.

Reality - we're not giving away FREE ipv4 addresses any more.

AWS just got 3.0.0.0/8 - I thought we'd run out? Oh wait, lots of big allocations still sitting basically unused all over the place.

Charge even $1/year and watch how much ipv4 address space frees up.

Re: Balderdash.

[jd]

Those are not new addresses, they're cohabited old addresses. Same way a block of flats is one building, not a hundred.

Re: Filler story?

[jd]

It's old, antiquated technology the libertarians and conservatives killed in the 90s.

Seems like FUD

[argStyopa]

Haven't we heard about the "impending" exhaustion of IP addresses now for what, at least a decade?

Re:golang?

[CaptainDork]

That was invented by Evonne Goolagong and, sure, her racket had a kind of "web," (sorta), but it's not blocked.

Sadly, she died.

I suspect it'll be gamers who push us to IPv6

[Solandri]

I'm seeing more and more help requests from gamers who aren't able to play a networked game because they sit behind a NATed IPv4 firewall they don't control, which blocks the ports their game needs and doesn't have UPnP enabled (for automatic port forwarding). Usually they're apartment dwellers, but a small number of them are people whose ISPs are putting them behind a NAT (i.e. the ISP has more customers than IPv4 addresses).

Re:I suspect it'll be gamers who push us to IPv6

[sims+2]

I kind of doubt it as the majority of games seem to be using servers now that can act as a go between to establish NAT to NAT connections.

The cell carriers have short changed their customers with IPv6.

With IPv4 on cellular you got a public IPv4 address that you could host a webcam or whatever you wanted and access it remotely with just the IP and port number.

With IPv6 on cellular they give you a IPv6 address that blocks all incoming connections so even if you know the IP address and port you still can't make the connection.

You still have to have a go between server to start the connection, just like you would if you were still using NAT'd IPv4.

I wonder how many of the wireline ISPs have done the same to their customers?

Re:2^128 != Infinitely large

[jellomizer]

I could say I remembered a time when Slashdot didn't get fixed into details of semantics. However that was never the case.
2^128 would be enough for every atom on earth to get an address. So in essence it is more then we could ever conceive of using. In terms of practicality the supply of address is so high, we can treat it like infinity

Headline Revised [Re:Infinity is larger than that]

[XXongo]

I see that /. revised the headline: when I posted that comment, the headline was "Mapping the Infinitely Large Address Space of IPv6 Networks". Now it's been revised to remove the "infinitely large" phrase: "Mapping the Spectral Landscape of IPv6 Networks." So, if it seems like the comment doesn't make sense-- that's why.

Re:2^128 != Infinitely large

[morethanapapercert]

I do remember when /. was a content aggregator. At the time, people complained that the posted articles were things they had already seen elsewhere. (quite often weeks before) There have been a few times in /. history where the staff flat out asked the users for suggestions on improving the site. One perennial suggestion was to provide meaningful, original content. This article is clearly geek worthy, whether it matters is subject to individual taste, so they are fulfilling their mission statement.