A reader, Phil, suggested an introductory IPv6 article for those who don't yet have much experience implementing the protocol. So I decided to write an article covering some of the most prominent advantages and disadvantages of IPv6 as compared to its predecessor. Before continuing, consider grabbing a copy of the IPv6 cheat sheet for handy reference.
Topics are split into two broad sections, design and configuration, for ease of digestion.
Pro: Much Larger Address Space
Admittedly, everyone already knows this, but it just feels wrong not to include it. However, contrary to popular claims, IPv6 does not give us a bajillion addresses for every grain of sand on the planet. In practice, the later 64 bits of the address will typically be used for host addressing for end-user prefixes, leaving "only" 64 bits for network addressing, which is still twice the length of both the network and host components of an IPv4 address. The obvious need for hierarchical address schemes guarantees that 99.999% of the host addresses available within a /64 prefix will not be used.
Pro: Virtually Unlimited Host Addresses per Prefix
What is the longest subnet mask that can be used to provide at least 12 subnets with at least 50 hosts each?
Remember that crap? IPv6 means no more subnetting word problems! Assuming the "standard" access prefix length of /64, a single prefix is able to address far more hosts than you would ever want to jam into a single prefix. The motivation behind /64 prefixes for end users is discussed under the configuration section of this article.
Pro: Stateless Autoconfig
IPv6 neighbor discovery (ND) supplants ARP and introduces the option for stateless automatic configuration in place of static IP addressing or DHCP (although both are still options under IPv6). Hosts configured for autoconfig (which is a default configuration on most platforms) automatically learn of the prefix(es) and router(s) present on the segment, and automatically address themselves as appropriate using EUI-64 addressing.
Con: Harder to Fit Prefixes on Topology Drawings
It sounds silly until you find yourself shrinking font sizes on topology drawings to the point where the text is barely legible. IPv4 addresses, with their cripplingly short length, were easy to overlay onto a topology drawing. Not so much with IPv6, even with the shorthand rules to remove extraneous zeros. The approach I've adopted is to number the link with the prefix (e.g. 2001:db8:0:42::/64), and number end points with only the host portion of the address (e.g. ::4).
Draw: No More IP Scanning
With 264 possible host addresses per /64 prefix, performing a ping scan to detect devices is futile. From a security perspective, this is a boon for mitigating the automated spread of worms and enumeration attempts. On the other hand, it obsoletes an accounting mechanism on which many administrators have come to rely. It also increases the value of DNS servers to attackers.
Con: Don't Forget to Enable IPv6 Routing
Not normally an issue, but this can lead to frustration if you forget.
Router(config)# ipv6 unicast-routing
I wonder how many decades it will be before we have to remember to turn off IPv4 routing...
Pro: Automatic Link-Local Addressing
Getting IPv6 up and running on an interface is as simple as issuing a single command:
Router(config)# interface f1 Demarc(config-if)# ipv6 enable Router(config-if)# ^Z Router# show ipv6 interface f1 FastEthernet1 is up, line protocol is down IPv6 is tentative, link-local address is FE80::21B:2AFF:FE02:523D [TEN] No Virtual link-local address(es): No global unicast address is configured Joined group address(es): FF02::1 FF02::2 ...
This enables link-local IPv6. Link-local addresses are unique only to the local link; packets destined for a link-local address can not travel further than one hop away from their origin. However, link-local addresses work fine for establishing routing protocol adjacencies with directly connected neighbors, for example.
Con: Typing Long Addresses
IPv6 prefixes can be difficult to memorize, especially if you need to deal with several assignments (for example, multiple /48s). IPv6 general prefixes are a convenient tool that allows an administrator to define and reference prefixes by human-friendly names.
Router(config)# ipv6 general-prefix MyGlobal 2001:db8:42::/48 Router(config)# interface f0/0 Router(config-if)# ipv6 address MyGlobal 0:0:0:10::1/64 Router(config-if)# do show ipv6 interface brief FastEthernet0/0 [up/up] FE80::C000:6AFF:FEC1:0 2001:DB8:42:10::1 ...
Pro: Easy-to-Type Prefix Lengths on IOS
Cisco IOS has historically required entry of subnet masks for IPv4 interfaces addresses in drawn-out dotted-decimal notation (despite CIDR notation having been around for over twenty years):
Router(config-if)# ip address 172.16.8.1 255.255.255.0
With IPv6, we can thankfully enter prefix lengths in CIDR notation:
Router(config-if)# ipv6 address 2001:db8:0:42::1/64
Pro: EUI-64 Addressing
Just like hosts, routers too can employ EUI-64 addressing for interface addresses. This is recommended only for prefixes where the router's address need not be readily identified, such as on access prefixes:
Router(config)# interface f1 Router(config-if)# ipv6 address 2001:db8:0:42::/64 eui-64 Router(config-if)# ^Z Router# show ipv6 interface f1 FastEthernet1 is up, line protocol is down IPv6 is tentative, link-local address is FE80::21B:2AFF:FE02:523D [TEN] No Virtual link-local address(es): Global unicast address(es): 2001:DB8:0:42:21B:2AFF:FE02:523D, subnet is 2001:DB8:0:42::/64 [EUI/TEN] Joined group address(es): FF02::1 FF02::2 ...
Feel free to share other pros and cons in the comments!