Many hackers have familiar sayings in their heads, such as “If it ain’t broke, don’t fix it” and KISS (Keep it simple, stupid). Those of us who have been in the field for some time have habits that are hard to break. When it comes to personal networks, simplicity is key, and the idea of transitioning from IPv4 to IPv6 addresses seems crazy. However, with the increasing number of ‘smart’ devices, streaming media gadgets, and personal phones, finding IPv4 space for our IoT experiments is becoming difficult. Is it time to consider embracing IPv6?
The linked GitHub Gist by [timothyham] summarizes the essential concepts for home network admins to understand before making changes. The first major point is that IPv6 has a vastly larger address space than IPv4, eliminating the need to find spare IPv4 addresses. IPv6 assigns multiple addresses to the same interface. The 128-bit addresses are split into a 64-bit prefix assigned by your ISP and a 64-bit interface identifier. Using SLAAC (Stateless Address Autoconfiguration), clients can manage their own addresses. You don’t have to use SLAAC, but it will make life easier. The suffix typically remains static, allowing integration with a local DNS server.
Another major concept concerns routing. IPv6 uses RA (Router Advertisement) instead of DHCP for address assignment. Local clients receive a globally routable prefix, meaning each device can communicate directly over the Internet without needing an intermediate WAN IP address like in the IPv4 system. However, a stateful firewall is still necessary for security.
Finally, we will assign another address to the local clients that need to communicate with each other; this is the ULA (Unique local address), which is the address given to your internal devices, such as printers, media servers, and your pile of IoT gadgets. You can grab a ULA prefix from a website such as this one, to generate a unique locally routable IPv6 prefix, then assign this to your clients and let them autoconfigure the suffix part. This new ULA is assigned to your local DNS server. So, it’s a lot of work, but with IPv4 running on borrowed time, we might be forced to switch eventually, and it’s better to have a head start, eh?
Need convincing that there really is an IPv4 addressing problem? Well, this side of the pond, we ran out already. In case this is all too serious for you, we discovered a hack from a few years ago that seriously abuses the IPv6 address space. Go check this out!
Header: Raysonho @ Open Grid Scheduler / Grid Engine, CC0.