Internet Protocol version 4, generally referred to as IPv4, was developed in the early 1980s. An IPv4 address comprises four numbers, each ranging from 0 to 255, which are separated by periods. For example, Avast’s IP address is 220.127.116.11. There is more to IP addresses, and it helps to understand the essentials of TCP/IP as well, but these are the basics.
Every website has an IP address; we just don’t use them anymore, typically. In the early days of the internet, it was necessary to know a website’s IP address in order to navigate to it. Then, the Domain Name Service (DNS) came along, which translates numbers into names. So when you type in “www.avast.com,” the DNS translates that back to 18.104.22.168. This enables us to navigate the web much more conveniently, as it’s much easier to recall a website’s name than its IP address.
Have we run out of IPv4 addresses?
IPv4 has a theoretical limit of 4.3 billion addresses, and in 1980, that was more than enough. But as the internet grew and went global, we quickly ran out of addresses, especially in today’s era of smartphones and IoT devices.
The internet has been running out of IPv4 addresses since the 1990s. While clever engineers have found ways around the problem, it wasn’t long before a more permanent fix became the goal. Developed to solve these capacity issues for good, IPv6 was needed when IPv4 could no longer support the load.
At present, IPv4 coexists on the internet with its newer version, though eventually, everything will use IPv6. Replacing old IPv4 equipment would be prohibitively expensive and disruptive, and so IPv6 is being slowly rolled out as older IPv4 hardware is retired.
IPv6: the future of the web?
Internet Protocol version 6, or IPv6, was first introduced in the late 1990s as a replacement for IPv4. Even then the builders of the internet realized IPv4’s limitations and the eventual shortage.
IPv6 uses 128-bit addresses, allowing for a theoretical 340,282,366,920,938,463,463,374,607,431,768,211,456, or 340 undecillion addresses. IPv6 addresses are represented as eight groups of four hexadecimal digits, with the groups being separated by colons. One example might be “2002:0de6:0001:0042:0100:8c2e:0370:7234,” but methods to abbreviate this full notation exist.
In addition to increasing the supply of IP addresses, IPv6 also addressed IPv4’s many shortcomings — chief among them being security, which we’ll delve into more later.
IPv4 vs. IPV6
The advent of IPv6 brought more functionality, in addition to more IP addresses. For example, IPv6 supports multicast addressing, which allows bandwidth-intensive packet flows (such as multimedia streams) to be sent to multiple destinations simultaneously, reducing network bandwidth. But is IPv6 better than IPv4? Let’s find out.
IPv6 has a new feature called autoconfiguration, which allows a device to generate an IPv6 address as soon as it powers up and puts itself on the network. The device begins by looking for an IPv6 router. If one is present, the device can generate a local address and a globally routable address, allowing access to the wider internet. In IPv4-based networks, the process of adding devices often has to be done manually.
IPv6 allows devices to stay connected to several networks simultaneously. This is due to interoperability and configuration capabilities that enable the hardware to automatically assign multiple IP addresses to the same device.
Next, we examine the differences between IPv4 and IPv6 through the lenses of speed and security.
IPv4 vs. IPv6: Speed comparison
How do IPv4 and IPv6 compare when it comes to speed? The security blog Sucuri ran a series of tests in which they found that in direct connections, IPv4 and IPv6 delivered the same speed. IPv4 occasionally won the test.
In theory, IPv6 should be a little faster since cycles don’t have to be wasted on NAT translations. But IPv6 also has larger packets, which may make it slower for some use cases. What really makes a difference at this point is that IPv4 networks are mature and thus highly optimized, more so than IPv6 networks. So with time and tuning, IPv6 networks will get faster.
IPv4 vs. IPv6: Security comparison
IPv6 was built with more security in mind. IP Security (IPSec) is a series of IETF security protocols for security, authentication, and data integrity, and it’s fully integrated into IPv6. The thing is, IPSec can also be fully integrated into IPv4. It’s up to ISPs to implement it — and not all companies do.
IPv6 is designed for end-to-end encryption, so in theory, widespread adoption of IPv6 will make man-in-the-middle attacks significantly more difficult.
IPv6 also supports more-secure name resolution. The Secure Neighbor Discovery (SEND) protocol adds a security extension to the Neighbor Discovery Protocol (NDP), which handles discovery of other network nodes on a local link. By default, NDP is not secure, so it can be susceptible to malicious interference. SEND secures NDP with a cryptographic method that is independent of IPsec.
Thanks to native IPSec, IPv6 provides two security headers which can be used separately or together: the Authentication Header (AH) and Encapsulating Security Payload (ESP). Authentication Header provides data-origin authentication and protection against replay attacks, while ESP delivers connectionless integrity, data-origin authentication, protection against replay attacks, and limited traffic flow confidentiality, as well as privacy and confidentiality through encryption of the payload. IPv4 can also have this protection if IPSec is implemented on the network.
IPv4 has been significantly updated over the years, so the difference between IPv4 and IPv6 security is not extraordinary. The same IPSec in IPv6 is now available for IPv4; it’s up to network providers and end users alike to embrace and use it — so a properly configured IPv4 network can be as secure as an IPv6 network.
Avast SecureLine VPN is currently compatible only with IPv4, but keeps your IP completely hidden with bank-grade encryption to maintain safety and anonymity online.
Additional benefits of IPv6
IPv6 allows for binding a public signature key — one-half of an asymmetric encryption system, the other being the private key — to an IPv6 address. The resulting Cryptographically Generated Address allows the user to demonstrate "proof of ownership" for a particular IPv6 address and validate their identity. It is impossible to retrofit this functionality to IPv4 with the current 32-bit address space constraint.
The new protocol also enables end-to-end connectivity at the IP layer by eliminating the need for Network Address Translation (NAT) — one of the workarounds designed to conserve IPv4 addresses. This transition opens the door for new and valuable services. Peer-to-peer networks are easier to create and maintain, and services such as VoIP and Quality of Service (QoS) become more robust.
Also, IPv6 brings the ability to belong to many networks simultaneously, with a unique address on each network, and the ability to combine multiple enterprise networks without readdressing.
Ultimately: Is IPv6 better? Usually, but not always. If you’re asking yourself, “Should I use IPv6?” read on before making your decision.
How to disable IPv6 on Windows, Mac, and Linux
Since very few VPN services support IPv6, IPv6 traffic on your physical NIC may leak information about your online activity or your hardware MAC address. For that reason, if your ISP does support IPv6, but you use a VPN like SecureLine VPN, you should disable IPv6 on your system.
The first thing to do is determine if your ISP supports IPv6. Comcast most notably does and makes a lot of noise about it. However, plenty of big-name ISPs do not, such as Spectrum (which you may know as Time Warner or Road Runner). This site will help you determine if your ISP supports it.
If the IPv6 connectivity test says “Not supported,” then you are OK and your IPv6 address isn’t leaking. Spectrum falls into this category. If the test for IPv6 connectivity says “Supported,” then you should consider disabling the IPv6 in your operating system.
Instructions for disabling IPv6 are available for Windows, MacOS, and Linux.
Why don't we switch to IPv6 permanently?
We will, in time. Legacy technologies take a long time to die off, and the switch to a replacement is never as fast as its supporters would prefer. There will be a permanent migration to IPv6, but it will take decades to achieve. The Internet Society reported last year that there are 24 countries in the world where IPv6 totals more than 15% of overall IP traffic, and 49 that have topped the 5% threshold. So migration from IPv4 to IPv6 is progressing very slowly.
How to Protect your IP address
Why protect your IP address? With your location showing, you expose yourself to a variety of security and privacy issues, such as:
Packet sniffing: Hackers can observe your IP traffic to find out sensitive information about you such as your online banking activity.
Surveillance: Your ISP, snoops, and even governments can spy on your web traffic.
Geo-blocking: Websites can see your location and discriminate against you based on it. They can block content and even raise prices.
Avast SecureLine VPN hides your IP address and anonymizes your online activity to keep you safe online. Take back your online privacy in just one click.