The problem with IPv4 addresses and why there are none anymore

Jonas Poenicke

The problem with IPv4 addresses and why there are none anymore

Have you ever heard that IPv4 addresses are slowly but surely running out or have already run out? The topic is more topical than ever and IPv6 is already on everyone’s lips. But what exactly does this mean for you and your company? What is the significance of IPv6 in terms of cybersecurity?

In this article we would like to explain what IP addresses are exactly, where the difference between IPv4 and IPv6 addresses lies and what exactly the scarcity of such addresses is all about. Why are there not an infinite number of them, and where exactly is the problem with a changeover from IPv4 to IPv6?

It’s time to address the whole issue and raise awareness. So if you’ve had little to no exposure to IP addresses so far, this article is especially important. And if you already know about this, but don’t quite understand why IPv4 addresses are finite and thus run out, then you should also read on to inform yourself accordingly.

What exactly is an IP address?

IP is the abbreviation for Internet Protocol. This, in turn, is a type of instruction or rule set that dictates to devices the format of the data being transmitted. Each device in the network therefore receives its own IP address. This is necessary to make it appropriately identifiable and addressable. Only with an IP address is it clear which device is currently being controlled and what information it is assigned.

The IP addresses themselves are represented as a combination of four number blocks. So something like “111.222.333.444” or even “1.2.3.4”. You cannot select the IP address yourself. This is assigned to you by your Internet Service Provider (ISP) when you dial up to the Internet.

Everything you then do on the Internet is handled by the ISP, which forwards this to your IP address. A fixed IP address rarely exists in Germany, as many providers work with dynamic IP addresses, i.e. they assign you a free IP address every time you dial up to the Internet. Servers are often exceptions here.

Furthermore, certain address ranges are reserved for private networks and cannot be accessed through the Internet, e.g. the range 192.0.0.0 to 192.255.255.255. There are a few more differences here, but they quickly become a bit too technical and complicated. So let’s leave it for the moment with this rudimentary explanation of IP addresses.

Why are IPv4 addresses becoming scarce?

When Internet Protocol version 4 was invented, the Internet as we know it today was still quite far away. It was not even conceivable that it would find such widespread use in everyday life and work. Thus, those responsible assumed that 32-bit addressing would be sufficient, allowing a total of 4,294,967,296 different IP addresses.

But that was over 40 years ago , and since then the Internet has evolved and changed at breakneck speed. Just like mankind, whose number is over 7 billion. Since everyone now uses the Internet, usually with multiple devices, connections or households, the logical conclusion is that 4,294,967,296 IP addresses are simply not enough for everyone in the world. Not even if everyone really only needed a single IP address.

Because this was apparent about ten years after IPv4 was invented, work on IPv6 began in 1993. With IPv6, 340 sextillion (2 to the 128th power) IP addresses can be represented. So a number that can actually be called sufficient, even for the entire human race with multiple devices. In contrast to 32-bit addressing, 128-bit addressing is now used for IPv6 addresses.

What is the difference between IPv4 and IPv6 addresses?

The biggest difference can be found in the length and type of presentation. At least for the layman. IPv4 and IPv6 addresses therefore look completely different. If we look at the two addresses in direct comparison, it immediately becomes clear where the differences are to be found.

IPv4 address 192.168.0.1

IPv6-Adresse 2001:0db8:85a3:08d3:1319:8a2e:0370:7344

IPv4 addresses are specified in four decimal blocks, IPv6 addresses use hexadecimal notation and use eight blocks.

The technical advantages, on the other hand, are rooted in the possibilities of IPv6. The protocol can do much more than IPv4 and can handle autoconfiguration, multicast addressing, and simultaneous connection to multiple devices in the network, among other things. So it’s more future-oriented and more in line with the current needs of Internet usage.

What about the security of IPv6 addresses?

As a security company, we are also interested in the security of IP addresses. It is good that IPv6 has already been developed with a focus on the highest possible security. IPSec (IP Security), for example, is an integral part of IPv6. This integrates several IETF security protocols to guarantee authentication and data authenticity.

IPSec ensures confidentiality, integrity, and authenticity. On top of that, additional signature keys that become possible with IPv6 make ownership proofs for fixed IPv6 addresses possible.

IPv6 addresses and the changeover from IPv4

The fact is that IPv4 is a very old protocol that is now neither up to date nor available in the required numbers. So IP addresses from IPv4 are simply running out and the successor is primarily trying to remedy the situation. It’s a bit like when the IBAN was introduced and the classic account numbers were abolished. It simplified everything, but the number was more complicated for many people to remember.

This is similar for IPv4 and IPv6. With IPv6, everything gets better, more practical, and more technologically mature. At the same time, the IP address itself as an IPv6 address is significantly less readable than its predecessor. But if you don’t work with it all the time, you won’t notice any great changes. And in general, the advantages can also be convincing in the end, so that the new technology is almost always desired.

The only advantage of IPv4 is that all networks have been very much designed and optimized for it. So IPv4 still has advantages in the meantime and occasionally, simply because it is a widely used standard. Switching from IPv4 to IPv6 is a lengthy process and, as an established standard, it is unrealistic to expect all Internet-enabled devices to be fully converted to IPv6 in the near future. As an interim solution, it is therefore possible to tunnel IPv6 packets into IPv4 in order to be able to use nodes that only support IPv4. Google provides a very interesting graph of IPv6 adoption between 2008 and today among Google users.

In the long term, IPv6 will probably replace IPv4. IPv6 is now being taken into account, especially in the development of new network components.

Photo of author

Jonas Poenicke

My name is Jonas Poenicke and I have been traveling throughout Germany and beyond for AWARE7 as a speaker for IT security since 2018. I also work with the pentesting team and take on sales tasks as well as organizing live hacking talks.