The internet is a complex ecosystem of interconnected devices, and at its core is the Internet Protocol (IP). This protocol is currently in its second major incarnation (IPv6) but many are only familiar with IPv4. Even with the new IP version (IPv6) available for years, most traffic is still routed over IPv4. Why is this, and what implications does this have for website owners and visitors who rely on the availability of websites that use these internet protocols?
IPv4 suffers from a serious limitation in the way it’s designed to use 32-bit (2^32) addresses. Because of this, IPv4 is restricted to only 4,294,967,296 (4 billion) unique IP addresses. While that looks like an impressive number, every device that connects to the internet requires an IP address and the Internet of Things (IoT) is bringing more devices online at a faster pace than ever before. We live in a world with 7 billion people (and growing) – 4 billion addresses is not enough.
To address this limitation, the Internet Engineering Task Force (IETF) developed IPv6 to help us solve this problem. Instead of designing the protocol on a 32-bit system, they designed IPv6 on 128 bits (2^128).
This increases the available IP addresses to 340,282,366,920,938,463,463,374,607,431,768,211,456 (that’s 340 undecillion). This will hopefully give us the amount of IP addresses we need for a long time.
IPv4 Exhaustion vs. IPv6 Adoption
The primary concern with IPv4’s limitation has been based on the exhaustion of IPv4 and the adoption of IPv6. For years, the conversation has revolved around IPv6 being the future and the need to have it enabled everywhere. I can remember this argument going back to 2011. At the time the common theme was that “IPv6 was here” and we were “out of IPv4 addresses.” The truth of the matter is that we have been out of IPv4 addresses many times, but somehow the internet has survived multiple rounds of cleanups and reorganizations.
IPv6 was actually created back in 1998 (almost 20 years ago) and the adoption has been very slow. Personally, I am a big supporter of IPv6. Back in 2009, I built IPv6 into OSSEC as a way to “future-proof” it.
To continue this support, we’ve enabled IPv6 across all Sucuri properties and have been acting as an IPv6 > IPv4 proxies offering IPv6 addresses to all sites behind the Sucuri Firewall.
Major Site Adoption of IPv6
Interestingly enough, despite the need for more IP addresses, only 33% of the top 100 sites in the world have IPv6 enabled. Big properties like Bing, Twitter, Live, MSN.com, Amazon, Paypal, WhatsApp, Dropbox, and many others do not support it.
This is the IPv6 state of affairs when compared to the top sites in the world:
The majority of the sites that do support IPv6 are either behind Google (a major force in pushing for IPv6 adoption), or CDN providers that enable IPv6 for their customers by proxying back to the origin via IPv4 (including the Sucuri Firewall/CDN and CloudFlare). What this tells me is that as much as we might want it to be the future, it’s far from it. IPv6 is not something webmasters are using and configuring on their sites.
Reasons for Slow IPv6 Adoption Rate
One of the main arguments I hear about it revolves around performance, which we recently spent some time analyzing. I can’t help but feel that the real problem is not so much performance, as it is the general lack of interest. Nobody really needs IPv6 right now.
Currently, every IPv6 setup is dual stack (supporting both IPv4 and IPv6), so webmasters do not need to enable IPv6. As long as this configuration persists, there will be little, if any, incentive for webmasters to adopt and migrate. We are stuck in this wait-and-see game where until everyone is on IPv6, everyone will still need to have IPv4. Consequently, this makes for a very slow migration.
Below I’ve aggregated the top reasons that I hear when it comes to using IPv4 vs. IPv6:
- Nobody needs IPv6 right now.
- Once everyone is on IPv6, I will enable it.
- Lack of integration in normal utilities.
- Lack of IPv6 knowledge.
- Dual stack setup.
Recommendation to Webmasters
Taking this into consideration, we still strongly urge all webmasters to look into IPv6 and enable if possible. If your host already supports it, all you have to do is configure the AAAA record via your DNS. If you are using our firewall/CDN, you can enable it quickly by adding the AAAA record, even if your host does not support it.
IPv6 will only really take flight when the majority of sites start to use it, naturally making it easier for clients to fully move away from IPv4.
Is your website on IPv6? If not, why not?
If you are a customer of Sucuri, our firewall team will be happy to help you with migration if you submit a secure support ticket with your host/cPanel login information.