International IPv6 Day

June 8th was the first International IPv6 Day.  Huh?  What is that?

IP or the Internet Protocol, is part of the TCP/IP communications protocol that modern computers use to communicate with each other.  We have been using IPv4 or Internet Protocol version 4 since the early 90’s to provide addressing  and routing on the Internet.  IPv4 uses a 32 bit binary (ones and zeros) addressing scheme that commonly looks something like, which happens to be the address of Microsoft’s web site.

On Feb 3, 2011, IANA, the Internet Assigned Numbers Authority, assigned the last blocks of available IPv4 address to the Regional Internet Registries, which will distribute them to Internet Service Providers in their regions until they are gone.  Each block of address represents about 16 million machines, but the current rate of take up is around 200 million per year, which means that available IPv4 addresses will be exhausted this year, or early next year.

This was foreseen years ago, in 1998, and the industry has developed IPv6 to replace IPv4.  IPv4 has a total address space of about 3.5 billion addresses.  IPv6 uses a 128 bit hexadecimal (base 16)numbering system with a total address pool of approximately 340 undecillion.  Or 3.4 billion billion billion billion.  How big is this?  Using grains of sand, this would be about the volume of four earth sized planets.  This is a lot of Internet connected devices, and should last us for another 50 years or so.  (That’s right, only 50 years).  Converting from IPv4 to IPv6 is a daunting task that has been compared to changing out a jet engine on an aircraft while in flight.  It would be somewhat similar to changing the telephone numbering plan from 10 digits to 40 digits, and updating all the phones and telephone switching equipment to handle it.

Anyway, as usual, almost nothing has been done in a significant way to actually deploy IPv6 on the Internet.  Everybody is pretty much waiting for someone else to start, so they can see how they did it, what worked, and what didn’t and then do it themselves.  There are several options to select from as far as deployment goes, but the most obvious on is to use both IPv4 and IPv6 together until IPv6 is fully deployed everywhere, and then retire IPv4. 

Windows Vista and Windows 7 operating systems support this dual protocol approach.  We will have to have two address per machine, an old IPv4 address and a new IPv6 address.  Machines which can’t support this dual stack method would be unable to see or connect to machines which have only an IPv6 address.  These kinds of resources (IPv6 only) will have to exist, since there will soon be no more IPv4 addresses to give out.  There are currently 3 billion or so Internet connected devices, and these all have to support an IPv6 address or be replaced with devices that can support IPv6.  If this were to happen in a 5 year time frame, this would mean a conversion rate of 15 million machines per month.

Do you see a problem?  Me too.

What does this mean to you?  You may need to get your ISP to replace your cable or DSL modem. If you are running a server or some sort of resource that is accessible from the Internet, you will need to get an IPv6 address for that device, too.   You don’t have to ditch your old XP system since a clever little IPv4 technique known as Network Address Translation can continue to supply local addresses on your home or business network, behind that IPv6 cable or DSL modem or router.  You will still be able to connect to anything you can connect to today.  New sites and services that arrive after IPv4 exhaustion in 2012 and beyond may be difficult or impossible to connect to unless you and your ISP are completely IPv6 capable. 

We live in interesting times.  Keep an eye on this issue, it will eventually affect almost everything we do.


About the Author:

I am a cybersecurity and IT instructor, cybersecurity analyst, pen-tester, trainer, and speaker. I am an owner of the WyzCo Group Inc. In addition to consulting on security products and services, I also conduct security audits, compliance audits, vulnerability assessments and penetration tests. I also teach Cybersecurity Awareness Training classes. I work as an information technology and cybersecurity instructor for several training and certification organizations. I have worked in corporate, military, government, and workforce development training environments I am a frequent speaker at professional conferences such as the Minnesota Bloggers Conference, Secure360 Security Conference in 2016, 2017, 2018, 2019, the (ISC)2 World Congress 2016, and the ISSA International Conference 2017, and many local community organizations, including Chambers of Commerce, SCORE, and several school districts. I have been blogging on cybersecurity since 2006 at

Add a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.