IPv4 Will Never Die
AI created, human edited.
In a recent episode of Security Now, Steve Gibson and Leo Laporte dove deep into a fascinating analysis of why IPv6—the protocol that was supposed to save the Internet from running out of addresses—might never fully replace IPv4. Drawing from a recent APNIC Labs blog post by Chief Scientist Jeff Houston, they explored how the Internet has organically evolved to solve its problems in unexpected ways.
Twenty-five years ago, IPv6 was introduced with a simple promise: solve the Internet's looming address shortage by providing an astronomical number of unique addresses. The original IPv4 protocol's 32-bit addressing scheme allowed for roughly 4.3 billion addresses—a number that seemed impossibly large in the 1980s but proved inadequate in our modern connected world.
However, despite IPv4 addresses being officially "exhausted" over a decade ago, IPv6 adoption has been surprisingly sluggish. According to APNIC's measurements, only about one-third of Internet users can access IPv6-only services in 2024. Even more telling, U.S. adoption has remained completely flat since 2019, showing no growth whatsoever.
The discussion revealed two crucial technological developments that essentially solved the IPv4 address shortage without requiring a complete protocol transition:
1. Client-Side Solution: Network Address Translation (NAT)
- NAT allows multiple devices to share a single public IP address
- Despite purists' objections, NAT has become a fundamental part of Internet architecture
- Provides an unexpected security benefit by creating natural firewalls
- Effectively extends IPv4's addressing capacity by borrowing from the port number space
2. Server-Side Solution: Server Name Indication (SNI)
- Allows multiple websites and services to share a single IP address
- Works through the TLS handshake process
- Has transformed how we think about Internet Addressing
- Gibson noted that his own website, GRC, hosts 13 different services on a single IP address
Perhaps the most interesting insight from the discussion was how the Internet has evolved from an address-based system to a name-based system. As Gibson and Laporte discussed, what matters today isn't IP addresses but domain names. The DNS system has effectively become our new routing protocol, with TLS certificates providing authentication and security.
This shift has profound implications:
- Less than half of the top 1,000 websites even support IPv6
- There's little business incentive to invest in IPv6 infrastructure
- The transition to IPv6 is predicted to take until 2045, if it completes at all
Several factors suggest IPv6 might never completely replace IPv4:
1. No Compelling Benefits
- IPv6 isn't faster or more secure than IPv4
- The only real advantage is more addresses, which NAT and SNI have largely solved
- Implementation costs money with no clear return on investment
2. Working Solutions
- Current technologies effectively handle 20 billion connected devices
- NAT and SNI have proven to be robust and scalable solutions
- The Internet has evolved beyond needing end-to-end addressing
3. Market Reality
- U.S. IPv6 adoption has stagnated
- Major services see no urgent need to switch
- The transition costs outweigh the benefits for most organizations
As Gibson noted, "IPv4 will never die." Instead of a complete transition to IPv6, we're likely to see a continued hybrid approach where IPv4 and IPv6 coexist indefinitely. The Internet has proven once again that it can evolve and adapt to challenges in unexpected ways, often finding practical solutions that diverge from theoretical ideals.
The lesson here isn't about technical superiority but about the power of organic evolution in complex systems. Sometimes, the "right" solution isn't the one that wins—it's the one that works well enough and requires the least change from the status quo.
For more detailed technical discussions about Internet security and infrastructure, tune in to Security Now with Steve Gibson and Leo Laporte.