BlogIPv6 is simple

1. How to read IPv6 address. Example:

2001:0db8:0001:0005:0000:0000:1234:5678/48

2001:0db8:0001 — Site Prefix used for routing. Length of this field defined by prefix ( the value after "/" at the end ). In this case it is /48.

0005 — subnet

0000:0000:1234:5678 — interface identifier

Ther'a different types and scopes introduced in IPv6. But for your website you just need global IPv6 unicast one. Addresses starting with "2001:0db8" used for documentation only and not routed in the Internet.



2. Network Address Translation ( NAT ) almost never used in IPv6-enabled networks, since borders of LAN are blurred ( ther's no specification for NAT, but linux implements NAT64 ). Also you can use multiple local-link and global IPv6 addresses on one physical interface.



3. Most of operating systems prefer to resolve hostnames to IPv6 addresses. If you don't have IPv6 address already, some security enthusiast from your local network can start sending initial router solicitation messages to link-local multicast address. In this case your OS ( radvd daemon in Linux ) will try to obtain IPv6 prefixes from a fake router along with DNS and router configuration.
Since OS prefers to resolve domains to IPv6, most probably that web traffic will go through fake router, giving attacker possibility to capture your passwords.

The described mechanism called "SLAAC" and stands for "Stateless Address Autoconfiguration", which is mandatory according to standard ( RFC 2462 ).




Some ISPs has already stopped to issue IPv4 addresses. If you have a website, you can wider your audience by using IPv6.

19 May, 2015