Home > Articles > Software Development & Management

  • Print
  • + Share This

IPv4 Versus IPv6

The packet description in the preceding section applies to the current active IP standard, Internet Protocol version 4 (IPv4). With a 32-bit address space, IPv4 allows for 232 distinct addresses (that's 4,294,967,296 separate addresses). Though due to implementation realities such as subnetting (sectioning off addresses that share a common network component), a significant portion of that available address space cannot be assigned to individual systems. With the rapid and exponential growth of the Internet, the upper limit of available addresses in IPv4 began to concern various networking and standards groups. Consequently, in the early 1990s, the Internet Engineering Task Force (IETF) started working on the evolutionary replacement for IPv4: IPv6. Internet Protocol next generation (IPng or IPv6) is still on the drawing board and has yet to be widely accepted or implemented. IPv6 provides several key benefits over IPv4, namely:

  • Larger available address space—IPv6 uses a 128-bit address field making 2128 addresses available for use (you can do the math, but it's about 1,500 addresses for every square foot of the earth's surface).

  • Better support for recent technologies—IPv6 provides better capabilities to support autoconfiguration (such as DHCP), multicasting, traffic engineering, and zero configuration networking.

  • Mandatory IPsec support—In IPv4, IPsec is optional.

  • Simpler packet headers.

  • Smooth transition from IPv4—While no large-scale network transition is ever easy, the designers of IPv6 are trying to ensure the specifications of IPv6 will ease the pain.

The tremendous amount of effort required to migrate the world's networks from IPv4 to IPv6 ensures that at some point, both protocols will have to coexist and be interoperable.


One of the key differences in the comparison of IPv4 and IPv6 is the requirement for IPsec support in IPv6. IP Security (IPsec) is a set of protocols being developed by the IETF to support the secure exchange of encrypted packets at the IP layer. There are two major modes for IPsec: Tunnel and Transport. Tunnel mode, the more secure method, encrypts both the data and header portions of the packet. Transport mode encrypts the data portion of the packet, but does nothing with the packet header. In order to use IPsec, you must have an IPsec-compliant device on each end of the connection to handle the encryption and decryption of the packets. To successfully encrypt and decrypt packets, each device must share a public key. This is usually accomplished using a protocol called Internet Security Association and Key Management Protocol (ISAKMP). Through ISAKMP, the receiving device can obtain the sender's public key and authenticate the key using a digital certificate. (For a discussion of public key cryptography, see Chapter 18, "Cryptography.")

  • + Share This
  • 🔖 Save To Your Account

Related Resources

There are currently no related titles. Please check back later.