Widespread IPv6 adoption is proportionate to IPv6 measurement initiatives, which characterize, map, and better understand the use and deployment of IPv6. In many respects, IPv6 is no different than IPv4, while in others we find significant differences and, often, need to develop new measurement tools and techniques specific to IPv6.
Residential deployments provide one fundamental example of the difference between IPv4 and IPv6.
The typical IPv4 residential customer is assigned a single public IPv4 address from their provider’s space; additional machines reside in a private intranet and the Customer Premises Equipment (CPE), or router, provides network address translation (NAT).
In contrast, the CPE for an IPv6 residential customer is a true router, with a point-to-point IPv6 network between the CPE and the provider’s router, as well as a separate public IPv6 sub-network for the customer’s hosts. This changes our notion of the network ‘edge’ — the CPE in IPv4 is effectively an end-host, while the CPE in IPv6 is a router.
In our recent PAM 2020 paper, “Discovering the IPv6 Network Periphery“, we at the Center for Measurement and Analysis of Network Data and Naval Postgraduate School, define a new term for IPv6 CPE and routers at the edge: the IPv6 network periphery.
How does this deployment of IPv6 impact third-party measurements of the Internet?
One immediate result is that a traceroute, frequently used by operators for debugging as well as researchers for network mapping, provides much more ambiguous results.
A traceroute to a random destination address in the customer’s IPv6 network is unlikely to reach a machine (the customer’s subnet is typically at least a /64), which results in a series of non-responsive hops (the “*”‘s seen in a non-complete traceroute). But, a traceroute may die (be blocked or filtered) within the provider’s network, or even within the core of the Internet. Thus, it is unclear whether the last responsive hop is indeed the IPv6 periphery or not.
As part of our research, we use an algorithm for discovering the IPv6 periphery via large-scale measurements using the Yarrp high-speed topology prober. The results reveal significant numbers of IPv6 addresses unknown to previous topology studies: we found 64M unique IPv6 addresses, 99% of which were in neither of the two topology mapping campaigns we use to initialize our algorithm.
In addition to discovering previously undiscovered portions of the IPv6 Internet, our periphery discovery algorithm enables new insights into IPv6 deployments. For instance, IPv6 prefix size delegated by service providers to their customers can be inferred by observing contiguous blocks of address space with the same periphery address. While several RFCs and BCPs have prescribed a variety of standard allocation sizes from /48 to /64, these recommendations have changed over time and current guidance states that there is no one-size-fits-all prefix size to be delegated to end sites.
Using the data collected during our study, the following figures show three service providers with very different prefix size delegation policies. We note that the prefix sizes delegated from these three /48s need not be the only size allocated by these providers; in fact, differently-sized prefix allocations to different classes of customer by the same provider appears to be a common deployment scenario as well.
In the first figure, a probe was sent to a random IID in each of its constituent /64s; the y-axis represents the 7th-byte-value, and x-axis represents the 8th byte of the address probed. Each colour in the figure represents a different responsive address; in this example, we see that the /48 is divided into 256 /56 networks, which show up as differently coloured horizontal bands.
In the second example, we see that the first /49 is divided into /60s, while the second /49 is still unallocated or potentially allocated to a single customer, although the allocation of prefixes that do not fall on a nibble boundary has been discouraged.
In the final example, traces to each /64 in the /48 resulted in over 51,000 unique periphery addresses, implying that this prefix is both subnetted at a /64 granularity, and is approaching being completely allocated to customers. Unallocated /64s respond with the same periphery address, which appears as light blue in the first /49.
These three figures demonstrate but one insight into the IPv6 Internet we gain by discovering and analysing the IPv6 network periphery. We invite curious readers to watch our PAM presentation and read the full paper. We welcome your comments and questions below.
Erik Rye is a researcher with the Center for Measurement and Analysis of Network Data (CMAND) at the Naval Postgraduate School (NPS) in Monterey, California. His interests include network measurement, and security and privacy topics.
The views expressed by the authors of this blog are their own and do not necessarily reflect the views of APNIC. Please note a Code of Conduct applies to this blog.