steps to prevent data breach
Bitbuy Canada - Where Canadians buy and sell digital currency. Via: techdaily.ca | #crypto #bitcoin #stocks #blockchain #dogecoin @ Unsplash

ipv4 DNS vs ipv6 DNS

The basics of DNS

DNS stands for Domain Name System. DNS’s primary function is to convert IP addresses into hostnames (alphabetic name) within a local network, and vice versa (Kralicek 2016,). Because DNS converts IP addresses into hostnames (alphabetic names) within a local network, it is essential to the Internet’s success. DNS is essential for users to navigate the Internet with numeric (IPv4) and hexadecimal (IPv6) addresses. Users find it easier to remember hostnames that are usually made up of easily-remembered words. Amazon.com is an example of such a hostname. Amazon.com has 205.251.242.103 as an IPv4 address. The hostname of Amazon.com can be easier to remember for humans than the IPv4 addresses. It is common to need to remember many web addresses. DNS is therefore essential. DNS is a global network of databases that resolve IP addresses and supports internet traffic. DNS can be used with IPv4 or IPv6.

IPv4

In the 1970s, IPv4 was invented. IPv4 addresses are 32-bit numeric characters that can be used to generate approximately 4.3 billion possible combinations of numbers. As shown in the Amazon.com example, 32-bit numbers have four digits separated with periods. Each number can have a value between 0 and 255. IPv4 is a classful network architecture. Although there are five types, only three of them are used frequently by hosts on networks. Large organizations, such as large governments, large universities, and large businesses, use Class A network addresses. Organizations and companies of a mid-sized size use Class B network addresses. Small businesses, home offices, and organizations use Class B network addresses (Panek 2020).

IPv6

In the 1990s, IPv6 was developed. Because of the increasing number of devices that need addresses, IPv6 was necessary. IPv6 is the successor to IPv4.

IPv4, which replaced IPv4, solved the problem of address exhaustion by using 128-bit instead of 32-bit addresses. The larger address space allows IPv4 to provide exponentially more addresses (3.4 undecillion) (Kralicek 2016). IPv6 addresses can be divided into eight groups, each containing four hexadecimal numbers. Each hexadecimal number can represent four bits. The preferred form of x is x.x.x.x.x.x.x.x.x.x.x.x.x.x.x.x Each x can be represented as a 16-bit section using up to four hexadecimal numbers, separated by colons (Cisco Press 2017, 2017).

There are some advantages to IPv6 over IPv4

IPv6 offers some advantages over IPv4. When IPv4 was first created in 1970, security was not as important as it is today. While IPv4 needed security to be introduced, IPv6 is designed with native security built-in. IPv6 uses IPSec to ensure data transmission across the network is secure.

IPv6 also eliminates the need to use Network Address Translation (NAT). The NAT for IPv4 method is used to manage the limited number of IP addresses available. NAT works with routers located between two networks. It converts private addresses from a local network into globally unique addresses that can then be forwarded to other networks. NAT allows only one address to be advertised by the router connecting the network to the outside. NAT translates packets received from the outside world to ensure they reach the right device. IPv6 solves the issue of limited address space and eliminates the need to use NAT. Because NAT is removed from a network, it eliminates a point for failure. NAT removal can also lead to a reduction in processing, which could result in higher data transmission speeds and greater efficiency.

IPv6 offers configuration advantages over IPv4. IPv4 network administrators can manually assign IP addresses, or use Dynamic Host Configuration Protocol (DHCP). DHCP allows temporary IP addresses to automatically be assigned from a pool. After the “IP Lease” ends, the IP addresses are returned to the pool for reassignment. IPv6 allows IP addresses automatically to be assigned by Stateless IP Address Autoconfiguration, (Hagen 2014). SLAAC allows a device to automatically get its IP address when it is added to a network.

IPv4 allows broadcast transmissions while IPv6 can support multicast. Broadcasting is sending data packets to all users of a network, without them having to address each packet individually and without requiring a response. A broadcast is sent to IPv4 using a broadcast address. IPv6 is capable of multicast. Multicast sends data directly to predetermined hosts by adding host addresses to multicast groups. (Juniper 2021). Multicast is more efficient than broadcast because the senders can choose who gets the transmission. Multicast is more efficient than broadcast because nodes in the network don’t have to listen continuously for and/or receive broadcast traffic.

QoS (Quality of Service) is another distinguishing factor between IPv4 & IPv6. QoS can be used to manage traffic so that specific applications are guaranteed performance. QoS is used for bandwidth-intensive applications such as Voice Over Internet Protocol (VOIP). VOIP allows phones to communicate over the internet, replacing traditional Plain Old Telephone Service phones (POTS). Low data transmission performance (i.e. Voice quality can be affected by low data transmission performance (i.e., jitter or latency) for VOIP. IPv4 packets include QoS data. Routers can be configured to prioritize important traffic (like VOIP traffic). IPv6 comes with built-in QoS.

Differences between IPv4 and IPv6 DNS

DNS is not affected by the IPv4-IPv6 switch. IPv6 will allow users to enter the same hostnames and the IP address will be resolved automatically in the background. This is just like IPv4. Configuring IPv6 DNS is very similar to configuring IPv4 DNS.

Two types of DNS lookup zones are used: Reverse Zone and Forward Zone. Forward lookup zones convert the hostname to an IP address. Reverse lookup zones convert the IP address to the hostname. Forward lookup zones in IPv4 are represented by ‘A Records’. A Record can only hold 32-bit IP addresses. DNS needed to find a way to accommodate larger IP addresses since IPv6 addresses are 128 bits. The solution was to introduce the ‘AAAA (Quad A), record (Liu 2011, 2011). Berkely Internet Domain (BIND), which is open-source software, is widely used to manage DNS servers. BIND currently supports IPv6 as well as ‘AAAA’ Records. Reverse zone lookups convert hostnames into the IP address. IPv6 uses IP6.ARPA to perform reverse zone lookups (Pete 2004). ARPA stands for Address and Routing Parameters Area. IPv4 also uses the IP4.ARPA domain to perform reverse lookup functions.

IPv6 DNS Advantages

IPv6 DNS has the primary advantage that it allows for all of the IPv6 benefits over IPv4. These include ample address space, elimination of NAT, configuration benefits, multicast enablement, and QoS.

IPv6 DNS has another advantage: it is safer than IPv4 DNS.

IPv6 DNS Disadvantages

IPv6 DNS has a disadvantage. It is not compatible with IPv4. Because the IPv6 rollout takes many years and is slow, DNS servers must be able to respond to both IPv6 as well as IPv4 requests. This will result in lower efficiency until the IPv6 transition is complete.

Subnetting may be lessened by IPv6. Subnetting is used often in IPv4 to divide networks and increase the efficiency of the available IP space. System administrators might reduce subnetting because IPv6 has an exponentially greater number of IP addresses. Subnetting can also reduce unnecessary web traffic. Subnetting that is less frequent would lead to a higher traffic load on DNS servers.

IPv6 doesn’t require or allow NAT. Therefore, any security feature in NAT does not apply to IPv6. NAT hides IP addresses and port numbers within the network to prevent them from being visible to the outside. This could be considered a disadvantage because IPv6 doesn’t allow it. This is because hiding internal network IP addresses is not considered a strong security feature.

IPv6 uses SLAAC, as mentioned, to automatically assign IP addresses. The IPv6 end nodes can choose their IP addresses using SLAAC. The problem is that DNS servers must still have reverse DNS records for IP addresses selected with SLAAC. However, these records are not accessible to DNS servers (Internet Society 2014). This issue is not relevant anymore as many solutions have been suggested and implemented to overcome it.

What IPv6 may change the way that networks use DNS

IPv6’s IPv6 benefits of eliminating NAT, increased IP space and the proliferation of connected IoT devices will result in massively higher traffic to DNS servers. This will likely mean that the DNS server infrastructure must be able to handle the increased traffic. This will require more storage and processing power. A DNS hierarchy is a tree that contains managed zones and root servers at its top. There are more than 600 root servers worldwide, though there are only 13 IPv4 root server addresses. Additional root server addresses may be implemented in response to increased internet traffic and the elimination of IPv4 limitations.

Previous articleTips to Avoid Becoming a Social Engineering Victim
Next article23 Top Cybersecurity Frameworks
Evangeline Christina is a Cyber Security Enthusiast, Security Blogger, Technical Editor, Certified Ethical Hacker, Author at Cyberspecial.net. Previously, he worked as a security news reporter in a reputed news agency.