You may not have heard, but the internet is running out of space. In fact, it already did. The American Registry for Internet Numbers announced that its pool of free IPv4 addresses had reached zero in 2015, and the African Network Information Centre was among the last regional internet registries to announce IPv4 exhaustion in 2017.
The long-forecasted day the internet runs out of addresses has arrived and it marks a paradigm shift in the internet’s evolution. There’s no reason to worry, though, because the collective internet isn’t shutting down. It’s more nuanced than that.
IPv4 has served as the backbone of the internet since its inception, carrying it from a mesh of four connected computers in 1969 to the Internet of Things today. The exhaustion of IPv4 addresses has been predicted for years and, now that it has happened, we’ve hastened the need for IPv6, its long-groomed successor.
Though IPv6 has been available globally since 2012, it has seen a slow, if increasing, adoption rate. In this IPv4 vs IPv6 comparison, we’re going to outline the finer distinctions between them and tell you why IPv6 is necessary, even if it isn’t quite where it should be. We’ll also discuss how IPv6 affects virtual private network users because VPNs are kind of a big deal around here.
What IP Means
The letters “IP” stand for “internet protocol,” which is a set of rules governing how packets are transmitted across the internet. A protocol, at least in the context of networking, simply standardizes the way machines communicate. Packets are encapsulated bits of data and everything on the internet relies on them. Webpages, emails and instant messaging all involve sending and receiving network packets.
A detailed history of internet protocol isn’t within the scope of this article, but it was created by two computer scientists, Vint Cerf and Bob Kahn in 1974. Cerf and Kahn created what would become the first version of the TCP/IP suite, designed to replace the Network Control Program, or NCP, protocol that powered ARPANET, which was basically the first internet.
The invention of the Transmission Control Protocol, or TCP, and IP, as well as ARPANET, gave way to not only IP addresses, but the modern internet we enjoy today.
How TCP and IP Work Together
The routing and delivery of packets hinges on one crucial element: IP addresses. They categorize network devices with a unique number, which allows for communication over the IP-based network that we call the internet.
The TCP/IP protocol suite is the de facto standard for communication on the internet. Without IP addresses, there’d be nowhere from which to send or receive data.
TCP and IP work in unison to send and receive packets. TCP is responsible for breaking data into bits, encapsulating them in packets, then reassembling the data at its destination. The IP is responsible for the reliable transmission of the packets. The linchpin of the IP process is in the IP address of every network recipient.
You can relate it to the postal system. The postal service allows a package or letter, the packet, to be sent via the postal system, TCP/IP, with no physical or direct connection between the sender and receiver. Because a postal service delivers mail across the country, the internet, each recipient needs a unique address, an IP address, from which to send or receive mail.
IPv4 vs IPv6
There are two versions of IP addresses: IPv4 and IPv6. As the name suggests, IPv4 is the fourth version of the TCP/IP suite. Versions 0 through 3 were experimental, making IPv4 the first non-experimental, major version for production. IPv4 was deployed on ARPANET in 1983 and still powers most of the internet.
That brings us full circle to our predicament. When IPv4 was deployed in the 1980s, its design couldn’t anticipate the internet boom of the late 1990s and after the millennium. The growing number of users, coupled with the advent of always-on and IoT devices, has accelerated the depletion of IPv4 addresses.
Plus, lots of IP addresses were wasted in the early days of IPv4, with companies and institutions receiving far more addresses than they could ever use.
IPv4 uses 32-bit addresses, which equates to 4 bytes. That limits the address pool for IPv4 to around 4.3 billion unique addresses. That sounds like a lot until you factor in the estimated 7.5 billion people in the world. The address are allocated by five regional internet registries, each serving a different part of the world. All have announced the exhaustion of their IPv4 addresses.
Despite the digital boom, we seem to continue to connect more devices and users to a vintage internet. That is thanks to network address translation.
The internet relies heavily on network address translation now that IPv4 has been exhausted. It allows one IP address to be used for a group of devices, essentially recycling IP addresses. With NAT, a device, such as a router, acts as an agent between a private network and a public one, like the internet. It then translates the private addresses of devices behind it into one unique address.
NAT not only helps conserve IP addresses, but it also improves security by hiding the majority of the network in one IP address. NAT can be configured in different forms to offer firewall protection, filter traffic and increase network administration, as well. There’s no such thing as being too secure in an internet age rife with cybercrime.
The inevitability of IPv4 depletion wasn’t unforeseen, as IPv6 was in development as early as 1994 and technically available since 1998.
IPv6 and the Future Internet
IPv6 will rectify the IPv4 problem by offering 128-bit, or 16-byte, addresses. This means the address pool for IPv6 is around 340 undecillion, or 340 trillion trillion trillion, which is an unimaginably large number. IPv6 will require a hexadecimal format to display the address and should offer enough capacity to satiate generations of connection-hungry devices.
IPv6 will supplant IPv4 at some point. At present, only about 25 percent of internet traffic is running on IPv6. For consumers, there isn’t much that needs to be done to prepare for IPv6. Internet service providers will lead the transition. That said, if your equipment is more than a few years old, it likely isn’t IPv6 compatible.
Slow IPv6 Adoption
ISPs, as well as mobile carriers, will be largely responsible for taking most of us into the IPv6 landscape. Large enterprises, data centers and cloud providers will see to their own migration. ISPs are dragging their feet, though, as they seem to do with upgrades.
In their defense, part of that is pragmatic. IPv6 isn’t designed to be backwards compatible with IPv4. That means, for the time being, IPv4 and IPv6 coexist as parallel networks. Until now, there was no incentive for ISPs, carriers, web hosts, etc. to be proactive with IPv6 readiness. It costs time and money to upgrade servers, routers and switches for IPv6 deployment.
Hardware support in general is holding the internet back from transitioning to IPv6 en masse. ISPs not only have to upgrade their equipment, but have to deal with customer-provided equipment, as well. It takes dual-stack hardware to allow IPv4 and IPv6 to operate simultaneously.
Dual-stack hardware is a double-edged sword, though. While it theoretically softens the transition to IPv6, it’s expensive. It has also created a bottleneck in IPv6 adoption in that it has created a safety net, keeping a lot of IPv4 networks in place. A solution called lightweight 4over6, or lw4o6, is being developed to allow IPv4 traffic over an IPv6-only network, which could facilitate more IPv6 deployment.
Aside from hardware support, there is a lack of widespread software and development support. Many users may run into network access errors while trying to connect over IPv6. That is usually a lack of IPv6 support at the driver and firmware level. Most operating systems support the new standard, but as Microsoft has shown, Windows updates aren’t above fumbling that support.
Plus, deploying IPv6 networks requires changes to the Domain Name System and DNS records, as well as special considerations for DNS configurations, such as SLAAC and DHCP.
Users have run into DNS issues on IPv6-only networks. Running a IPv6 test is a good way to catch DNS issues. Read through our guide to learn more about what DNS records are if you’re unsure why that would be an issue.
IPv6 Security Threats
There are security issues that have made IPv6 migration a challenge, as well. Theoretically, IPv6 should offer more security than IPv4 because IPSec is baked into it, meaning internet traffic is encrypted end-to-end. To learn more about why that encryption is important, read our description of encryption.
Dual-stacking allows for two IP protocols to be in play, which means both have to be protected. Many might assume that IPv6 intrusion into IPv4 isn’t possible, but they’d be mistaken. IPv6 can be used to bypass IPv4 security for attacks, such as hijacking. You can learn more about those attacks in our browser hijacking explanation.
The DNS configuration for IPv6 will be different from IPv4. In addition to the connection issues, there’s also a higher risk for DNS attacks, primarily DNS amplification attacks. They are usually used to strengthen distributed denial-of-service or botnet attacks.
IPv6 and VPNs
Another concern with IPv6 security and privacy is the lack of compatibility with VPNs. Many VPN providers have not upgraded their hardware or software to embrace the IPv6 protocol. A lot of them still only support IPv4 addresses, meaning your IP address remains unchanged and IPv6 traffic will be routed through the ISP.
That’s problematic and antithetical to the purpose of a VPN. Those that do not support or protect IPv6 traffic are not only subject to IPv6 leaks, but also DNS hijacking. If you’re unsure about how your VPN is handling IPv6 traffic, ipleak.net is a good test.
To learn more about what can happen when your traffic leaves the VPN tunnel, read our what are DNS leaks guide.
It’s worth noting that VPN IPv6 leak protection and IPv6 support are two different things. The former is usually just disabling IPv6, while the latter is effectively and safely routing IPv6 traffic across IPv6 networks.
Many of those on our best VPN providers list recommend disabling IPv6, including NordVPN and ExpressVPN, which are among our top recommendations. Neither provider has rolled out support for IPv6 and both recommend disabling it. While that’s disappointing for those looking to jump on board with IPv6, it’s not uncommon.
For those looking for complete IPv6 support, we’re happy to report that CyberGhost supports it and routes IPv6 traffic through its encrypted tunnel. Not only is the service among the fastest VPNs we’ve tested, it’s a good choice for streaming almost anything. Read more in our CyberGhost review.
The migration to IPv6 is inevitable because IPv4 won’t carry us any further, even though we may be clinging on to it. That said, IPv6 is still in its infancy, comparatively speaking, and has a way to go yet.
If you find your preferred VPN provider isn’t offering IPv6 support, don’t worry. IPv6 adoption is increasing, so VPN providers should start laying out adoption plans, if they haven’t already. If IPv6 support is critical to you, we recommend CyberGhost. Otherwise, pick the provider that best strikes a balance between security and features suited to you.
Sign up for our newsletter
to get the latest on new releases and more.
All that aside, if your hardware, ISP and VPN support IPv6, there’s no harm in using it. Just keep in mind that IPv6 websites are the minority. There’s no need to worry about IPv6 just yet, though. There isn’t a switch to be flipped that’s going to make everyone’s internet go away. ISPs and infrastructure companies, such as Cloudflare, will do most of the heavy lifting for consumers.
As the world slowly moves away from the venerable IPv4 that has served us for so long, be assured that the benefits of an IPv6 internet are worth the effort. Hopefully, we’ve helped clear the air about it and explain why the transition needs to happen. Leave us a comment or a tweet and tell us what you think about IPv6. Thanks for reading.