IPvX: Better than IPv6?
IPv6 is coming, but it is difficult and expensive to implement because
it is not backwards-compatible with IPv4. This page explains the
problem and a proposed solution: IPvX. This is a fantastic proposal
from Bill Chimiak that may save us all from a large expense of time and
money, and spare us from a whole new set of security problems.
I think this is a billion-dollar idea. It will save an immense amount of
money, and make fortunes for people who successfully implement and market
it.
IPv4 Header
Here's the IPv4 header we all know and love. All the routers, servers,
firewalls, etc. expect to see packets in this format now. (Figure from
openwall.com)
As indicated in this diagram, IPv6 changes this header. That's a big problem.
Larger image
See that "options" field in the IPv4 header? That's there to make it flexible,
so future developments won't make IPv4 obsolete. Why not use it?
IPv6 Header
Here's the IPv6 header.
It has many virtues, but as you can easily see,
it is completely different from an IPv4 header, so legacy devices won't
have any clue how to process it.
Is is really necessary to make all our existing devices obsolete just to get
128-bit addresses?
Larger image
IPvX Header
Why not do it this way? Package the 128-bit addresses in the options section
of a normal old IPv4 header! That's what the options section is for, after
all!
The resulting packet is still an IPv4 packet, but it also contains 128-bit
addresseses. Legacy devices can
interpret it as IPv4 and use it correctly, and newer devices can find the
128-bit addresses in it and use them instead.
Larger image
Legacy Devices
This means you can just keep using your old IPv4 devices!
You can even send IPvX traffic through IPv4 infrastructure with
no problem, like this. No NAT or encapsulation or conversion of any
kind is required. It just works!
Think of all the money and time that will save!
For More Information
For a complete explanation of IPvX, read the draft RFC.
You can email Bill Chimiak, the author of the draft RFC, at w.chimiak@ieee.org.
You can email Sam Bowne at sbowne@ccsf.edu.
Help Wanted
Right now, this is just a fantastic idea. We need help to make it real.
Here are the immediate needs:
- Criticism: if this is a bad idea, we need to know that.
- Promotion: please help spread the word! We want everyone who cares to
find out this idea quickly.
- Coding: There aren't any devices ready to use this system yet. We need
to program end devices and routers so we can start experimenting with it.
I would imagine the place to start would be to program a Linux IPvX router
and client, hopefully followed quickly by a Windows port. Maybe a Python
module would suffice for now.
Credits
IPv4 and IPv6 header figures from http://www.openwall.com/presentations/IPv6/
IPvX header figure from Bill Chimiak
Thanks to the people at DEFCON 2010 who asked "Why isn't IPv6 backwards-compatible
with IPv4?" That was an excellent question!
Bill Chimiak wrote the draft RFC, so he did all the technical work. Sam
Bowne wrote this summary description page.
Comments
Name: Sam
Thanks to @ethicalhack3r for suggesting a comments section.
Name: Sam Bowne
Dan Goodin from The Register found this out:
A noted expert in BGP and other backbone operations, says IPvX is \"completely intractable,\" mainly because high-speed routers already use IPv4 options fields for special purposes. He said something called RSVP is just one example.
He said IPvX would require huge chunks of today\'s hardware infrastructure to be replaced and hence would defeat the whole idea behind its adoption.
At first glance this looks like a real problem. Bill may have some solution, however. I\'ll update this when I know more.
Modified 8-25-10 10:00 am PST
Comment form removed 2-24-14 9:44 am