The Difference 
Between IPv4 and IPv6

by Leo Vegoda

IPv4 and IPv6 sound very similar and they were both developed to solve the same problem. But unless you’ve looked closely under the hood, it’s hard to know how they differ.

The Summary

• IPv6 has no address shortage, so all devices with internet access can have at least one, unique IP address.
• IPv6 address plans distribute subnets rather than individual addresses.

Read on to understand these differences. Plus, learn why you’ll need both for most networks for the next decade or more.

The Number of Addresses

Many of the practical differences between IPv4 and IPv6 are the result of the abundance of addresses in the new system. The widely-used but older system, IPv4, is a 32-bit address space. This defines the maximum number of unique addresses it can specify as 2³². It results in a system with about 4.3 billion addresses in total. Due to the way in which certain portions of the total number are set aside for specific, special uses, only 3.7 billion are available for ordinary internet use. That “use” of course is to identify unique devices on the network.

When the internet was developed there were relatively few devices on it. So, establishing a system with 4 billion nodes seemed downright extravagant. But the internet grew. Computing – and internet communication generally – spread. While there are “only” two people on the planet for every available address, most people with internet access use multiple addresses. Many people have smartphones, a work device, a smart TV, a home computer or tablet, and maybe more. Each of those uses at least one address and each service they connect to will use at least one, too. So, IPv4 addresses are carefully managed because there aren’t enough of them. No more are used than required. Excess capacity is sold because there is an acute shortage of them.

IPv6 is a 128-bit (2¹²⁸) address space. Due to the way in which such numbering systems work, that means the IPv6 system is almost incomprehensibly large. It’s about 79 octillion times bigger than IPv4. Put differently, IPv6 can support 340,282,366,920,938,463,463,374,607,431,768,211,456 unique IP addresses. Wrapping your mind around a number of that sort isn’t easy. Suffice it to say, the system can support trillions of devices. But a trillion internet nodes isn’t easy to picture, either. More visceral is the thought that there are more IPv6 addresses than there are atoms on our planet.

With that sort of abundant supply, thinking about the use of the resource changes. With IPv6, every LAN – WiFi network, server network, and so on – is the same size. They all get a /64 subnet, which has 18 quintillion unique addresses. Needlesstosay, this is splendid overkill. The distribution system essentially establishes a vast resource virtually everywhere, regardless of the proportion of the need. Where an IPv4 network at a small liberal arts college might deploy a /22 (1,024 addresses), IPv6 would lavish a /48 on it – that’s 65,536 /64 subnets.

This changes network administrators thinking considerably. By design. As they manage IPv6 /64s and the bigger blocks they come from, administrators don’t focus on the supply or on the assignment of individual addresses because there are such large numbers available. Instead, they want an address plan that is easy to manage as their network changes over time. The huge address space means that administrative ease is a specific policy goal in IPv6’s design, unlike IPv4. When large numbers of available addresses surround every use case, growth, change and reorganizing networks is less challenging.

When Chance is Safe

IPv4 sets aside about 17 million addresses for private use. This means the same address can be used a number of times but only within private networks where access doesn’t overlap via the internet. The same private addresses are used repeatedly on networks all over the world. But the walled garden element of their use is essential.

In IPv6, even private addresses are unique. A whole IPv6 /8 has been assigned for private IPv6 addresses. Just like in IPv4, these addresses aren’t available for use on the internet, just as internal addresses in private networks.

Their uniqueness is not even guaranteed with a registry. Instead, engineers rely on the huge size of IPv6 and randomness. Each network administrator randomly selects one of the trillion possible /48 prefixes reserved for private use.

So far, about one percent of the total IPv6 address space has been distributed. There should be enough IPv6 addresses for at least another century.

What Do They Look Like?

IPv4 and IPv6 addresses are represented in two slightly different human readable (base ten numeral) forms.

IPv4 addresses are written down in what is often known as ‘dotted decimal’ format. There are sections to the address. Each section shows an 8-bit value. These are presented as a decimal number. For instance, 203.0.113.79 is the human readable presentation of 11001011.00000000.01110001.01001111.

IPv6 addresses are much longer, so hexadecimal is used instead of decimal. This numbering system uses the decimal digits 0 through 9 and adds a, b, c, d, e and f. Colons are used as the section delimiter and each section is 16-bits instead of 8-bits. Sections where the values are all zeros can be compressed with a double colon.

These rules lead to some flexibility in how addresses could be represented, so engineers documented guidelines. Applying these guidelines reduces the chance of addresses being missed when searching configurations, spreadsheets, and network diagrams where addresses might be shown.

In the address 2001:db8::1 the letters in the second section are shown in lower case. Leading zeros are omitted and sections that are all zeros are compressed with the double colon. When fully expanded, that address would look like 2001:0db8:0000:0000:0000:0000:0000:0001.

Address versus Prefixes

IPv4 was designed around managing individual address assignments. IPv6 was designed around managing network prefix assignments. A “prefix” is  the number given to identify the network. For instance, the network 192.168.0.0/16 has ‘192.168’ identifies the network.

The number of bits in a network prefix lets you know how many addresses – or smaller prefixes – it has within it. There are 32-bits of IPv4 space, so if 24 are used for the prefix, that leaves eight for addresses. There are 256 addresses in a /24 network prefix because 2⁸ is 256. People tend to use the terms network ‘prefix’ and ‘block’ interchangeably. A network prefix provides a block of smaller networks or addresses.

IPv4 CIDR slash notation shows network length and available addresses

Blue boxes identify the 24 bits dedicated to identifying the network. The green boxes show the 256 sequential network addresses available in this /24 network.

We could refer to an individual IPv4 address as a /32 and an individual IPv6 address as a /128. Both address types use the same CIDR ‘slash notation’ to communicate the size of the network.

There’s no point in specifying the number of addresses in IPv6. All the numbers are just too big. Instead, the goal is to know how many /64 LANs are available in each part of the network.

When developing an addressing plan for an access network, the goal is to understand the number of subscribers that each part can connect. A similar approach is used for the different parts of an enterprise or academic network.

IPv6 CIDR Slash notation shows number of smaller networks available[1] 

Most access networks assign each consumer subscriber a /56. This gives each subscriber 256 /64 LANs. Enterprise subscribers typically get a /48, which gives them 65,536 /64 LANs[2] [3] . This is a huge number of almost inexhaustible LANs. This choice means these networks should not have to renumber in the future, when new use cases for networks arise.

Autoconfiguration

When networks were new, computers were expensive and rare, so configuring a new device was something an engineer would do when it was set up. But computers are much cheaper and more mobile now, so manually configuring IP addresses isn’t practical. Engineers developed protocols to automate address configuration on both IPv4 and IPv6 networks. This can be done in two ways in IPv6.

The Dynamic Host Configuration Protocol (DHCP) lets any device connecting to an IPv4 network request an address. The DHCP controller answers with an address and other configuration information, like where the device should send DNS queries.

The DHCP controller assigns addresses with a lease. The lease could be an hour, a day, or longer, depending on the needs of the network. When the lease expires, the device must either request a renewal, or stop using the address.

A version of DHCP, called DHCPv6, does the same kind of thing for IPv6 networks. It can assign addresses to devices and send them configuration information. DHCPv6 also allows subordinate networks to request a prefix from a controlling network. For instance, a newly connected cable subscriber’s router can request a prefix delegation from the cable network.

As with IPv4, the prefix delegation needs to be renewed periodically. The device on the subordinate network sends a ‘Renew’ message to the DHCPv6 controller to extend the lease.

But not all networks are managed. IPv6 Stateless Address Autoconfiguration (SLAAC) is the protocol that can be used for unmanaged, or lightly managed, networks. It is designed for small networks of a few machines attached to a single uplink.

Devices can self-assign an address based on the network prefix and unique identifier, like a pseudo-randomly generated hardware address. These are combined to form the full IPv6 address.

NAT versus Privacy Addresses

Why would engineers recommend that devices configure themselves with a pseudo-random identifier when creating an IPv6 address?

In most cases, IPv4 internet connections are mediated through a Network Address Translator (NAT). Most devices get a private address, which is only unique on that network. The NAT rewrites the address in each data packet. In most cases multiple devices used by multiple people are hidden behind a small number of unique addresses.

NAT use grew for a variety of reasons. While privacy was never a particular goal of NAT deployment, address translation can have a blurring effect in some situations.[1]  This is because many different devices and users can be hidden between a single address.

But IPv6 addresses were originally designed to be formed with 64-bits coming from the network and 64-bits coming from the hardware address of the device’s network card. These are called MAC addresses and they are supposed to be globally unique.

Having a unique identifier would leave a trail that could easily be used to correlate seemingly unrelated activity. For instance, a work laptop used at an office, a home, an airport, a passenger jet, and a hotel would leave a trail identifying the device – and likely user –  if they consistently used personal services, like social media.

All major IPv6 implementations now use temporary addresses. These are regenerated every few hours.

Neither NAT or temporary addresses provide complete privacy. They just blur the identity of users a bit.

Summary

IPv4 and IPv6 are very similar because IPv6 is a newer version of the Internet Protocol. But there are several key differences.

• IPv4 addresses are carefully managed because there are just 3.7 billion for the whole world. IPv6 addresses are plentiful, so managing the number of subnets is what is important. Administrative ease is one of IPv6’s defined policy goals.
• Both IPv4 and IPv6 use the same CIDR slash notation to show how many bits are used by the network. But all IPv6 LANs are 64-bits, so the slash notation is used to describe the number of subnets.