In fact, IPv6 is not so perfect

Everything has its two sides, and technology is no exception. The arrival of IPv6 solves the problem of IPv4 address shortage, but it also brings other new problems. The design of IPv6 solves many pain points encountered by IPv4 in actual use, which makes many people ignore the existence of the problem. This is also one of the reasons why IPv6 has not been widely promoted and used.

[[250731]]

First, the address length. The length of an IPv6 address is four times that of an IPv4 address, reaching 128 bits. In this way, the source IP plus the destination IP has 256 bits, 32 bytes. The fixed length of the IPv6 message header is 40 bytes, which is twice the length of the IPv4 message header. If there is an extension header, the IPv6 message header will be even longer, up to 120 bytes. This means that in an IPv6 network, each forwarded IPv6 message needs to carry an IPv6 message header. Less data can be transmitted per unit length, because the IPv6 message header takes up more space. The reason why the IPv6 message header is designed as a fixed length and an optional header is to fully consider this point. Unnecessary functions are placed in the optional header, which can shorten the length of the IPv6 message header and save network bandwidth.

Even so, the IPv6 header is still at least 20 bytes more than the IPv4 header. If calculated based on the minimum 64 bytes, 20/64=31%, which wastes 31% of the network bandwidth. If calculated based on the maximum 1518 bytes, 20/1518=1.3%, which wastes 1.3% of the network bandwidth. Therefore, in the same network environment, the data transmission efficiency of IPv6 is reduced. More reserves must be made for IPv6. It is best to increase a certain amount of network bandwidth when deploying IPv6.

The second is the compatibility issue. IPv6 developers admit that the biggest mistake of IPv6 is that it is not backward compatible. The Internet Engineering Consortium once said that its biggest mistake in the development of IPv6 was that it did not provide backward compatibility with IPv4. The leaders of the IETF also admitted that when they formulated this industry standard 13 years ago, they did not do enough to ensure smooth communication between native IPv6 devices and IPv4 devices. This design makes IPv6 and IPv4 incompatible. They are two completely different networks. The implementation of IPv6 is equivalent to a complete relocation of the network, including the manufacturer's R&D technology, network products for ISO third-layer communication rules, global allocation of IPv6 addresses, and IPv6 network security performance. All these aspects need to be reconsidered, which has a great impact on the existing IPv4 network. Fortunately, the standard later designed some protocols for intercommunication between IPv4 and IPv6 networks so that the two networks can intercommunicate and merge. These technologies have completely dispelled many people's concerns about IPv6.

However, after all, there are two networks coexisting at the same time. The integration of IPv4 and IPv6 adopts a dual stack and tunnel mechanism, which not only makes the network deployment extremely complicated, but also brings more security risks. Attackers can use the security loopholes or transition protocol problems between the two protocols in the dual stack mechanism to evade security monitoring and even carry out attacks. IPv6 still retains many structural features of IPv4, such as option fragmentation and TTL, etc. These options are still under the threat of attack. Some attacks launched from the upper layer, such as buffer overflow attacks at the application layer and TCP SYN FLOOD attacks at the transport layer, have not been resolved in the IPv6 network. Since the widespread use of IPv4 was ignored at the beginning of IPv6 design, the use of IPv4 is deeply rooted in the hearts of the people and it is impossible to replace it with the IPv6 network at one time. This requires considering the integration of the two networks, and compatibility follows.

The third is security. IPv4 has many network security issues, but when IPv6 was designed as a standard, security issues were not so prominent. So although IPv6 has added security considerations, it is not perfect. At the same time, because IPv6's new network protocol design has brought new security issues, these were not fully considered at the beginning of the design, which makes the security threats faced by IPv6 more serious than those in the IPv4 era.

The management of PKI keys is a new unresolved issue in IPv6. The combination of extension headers and fragments will hinder packet detection, and IPv6 fragments may be used maliciously. IPv6 networks also need network security devices such as firewalls, VPNs, IDS, vulnerability scanners, network filters, and antivirus gateways, but the application of these devices is not mature and has not kept up with the development of IPv6. If IPv6 is implemented at this time, the entire network will undoubtedly be exposed. The IPv6 routing protocol still needs to be improved in practice. For example, the IPv6 multicast function only stipulates a simple authentication function and it is difficult to implement strict user restriction functions. Mobile IPv6 also has many new security challenges. In a network where IPv6 and IPv4 coexist, the network will have security issues of both, or new security vulnerabilities will arise. Some security vulnerabilities that occur when migrating from IPv4 to IPv6 have been discovered. For example, hackers can use IPv6 to illegally access LAN network resources that use both IPv4 and IPv6 protocols. Attackers can use hosts that use IPv6 with dual stacks installed to establish tunnels from IPv6 to IPv4 and bypass firewalls to attack IPv4. The converged network of IPv4 and IPv6 not only has the security issues of both, but also brings new security issues in the convergence. In the social context where network security is of widespread concern, this has to arouse people's vigilance and become a stumbling block in the promotion of IPv6.

In addition to the above introduction, IPv6 also has the problem of "skylight" in actual application, that is, when a web page contains links to other website content, even if the dual stack technology route is adopted, but the other websites cited have not been upgraded, IPv6 users will experience slow response when accessing the website, some content cannot be displayed, and some functions cannot be used. IPv6 addresses are too long and difficult to remember, and in fact, they cannot be remembered well at all. As we all know, compared with the implementation of 2G/3G/4G standards, my country has been at the forefront of the world in 5G standards. Some standards are proposed by Chinese manufacturers, but IPv6 is actually proposed by Western countries. my country has only introduced it. IPv6 addresses are massive, but not many are actually allocated to my country. China has 20% of the world's population, but only 2% of IPv6 addresses, which is better than IPv4, but still not sufficient.

In short, compared with IPv4, IPv6 does solve many major problems, but IPv6 also faces some new problems. It is not a permanent solution. We should be cautious about the introduction of IPv6 and deploy it in accordance with the actual situation of our network. Now, many problems still appear when IPv6 is strongly promoted at the national level. We need to find some solutions urgently. For the inherent problems of IPv6 standard that were not considered at the beginning of the design, we can optimize them. In recent years, some people have proposed IPv9. Especially in my country, there is a high demand for this. We hope that my country can take the lead in the design of IP network standards. Perhaps this standard is still far away from us, but it is still possible to come up with an IPv6+ standard to solve the new problems encountered in the process of promoting IPv6. Let us wait and see.