While you expect to have an IPv4 address assigned to your location, you may be surprised to find an IPv6 address assigned to you as well. Why would both types be assigned to you at the same time though? Today’s SuperUser Q&A post has the answer to a curious reader’s question.
Today’s Question & Answer session comes to us courtesy of SuperUser—a subdivision of Stack Exchange, a community-driven grouping of Q&A web sites.
Image courtesy of Ministerio TIC Colombia (Flickr).
SuperUser reader AJS14 wants to know why he has IPv4 and IPv6 public addresses assigned to his home network:
For my home network, my public IP address “displays” as IPv4 on some websites, yet as IPv6 on others. I have read this SuperUser thread and understand that it is possible for my Internet service provider to have assigned me one of each type.
- What is the purpose of assigning one of each type to me?
- Can disabling IPv6 from within Windows on a local host guarantee that only an IPv4 address is used from that computer? I ask as I have read about security concerns in relation to certain VPN protocols used in combination with IPv6.
Why would IPv4 and IPv6 public addresses be assigned to the same home network?
SuperUser contributor Bob has the answer for us:
What is the purpose of assigning one of each type to me?
Ideally, we should be moving towards greater IPv6 rollout due to IPv4 exhaustion. However, a lot of servers still do not support IPv6. There are many workarounds, none particularly great, but they generally involve tunneling through an intermediate server that can translate between the two. Your ISP provides you with an IPv4 address for compatibility reasons.
What many ISPs do now is implement CGN, where many people share a single “public” IPv4 address. There are many reasons why this is a bad thing(1), but it is necessary simply because there are not enough IPv4 addresses to go around. This is why we need IPv6, and probably why your ISP provides it.
Can disabling IPv6 from within Windows on a local host guarantee that only an IPv4 address is used from that computer?
Yes, however, this is generally not a good idea. Alternatively, you can disable IPv6 at the router level, which is a bit better, but again this is not a great idea. We cannot continue to use IPv4 forever.
I ask as I have read about security concerns in relation to certain VPN protocols used in combination with IPv6.
That is typically due to broken VPN clients and configurations. It is getting better now, though. If you do not use VPNs, it will not affect you. If you do use one, you should do some research first to see if it supports IPv6 correctly (modern VPNs should by now). One of the biggest issues was with VPN clients ignoring IPv6 entirely, so IPv6 connections bypassed the VPN, but hopefully that has gotten better now that there is more attention focused on the issue (see also: IPv6 security vulnerability pokes holes in VPN providers’ claims).
(1) For example, one of the consequences of CGN is that home users can no longer reliably host a server. Traditional NAT was bad enough (and again a consequence of the IPv4 shortage), but with CGN port-forwarding it is also no longer possible. There are techniques for working around it, such as NAT hole-punching, but they require external servers and will not always work depending on the service required. Having a unique IPv6 address works around this limitation.
Have something to add to the explanation? Sound off in the comments. Want to read more answers from other tech-savvy Stack Exchange users? Check out the full discussion thread here.