This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
sjni01
MVP Diamond
MVP Diamond
2 weeks ago

How to Understand and Approach IPv8 if It Becomes a Standard?

Hi CheckMate Community,

While the world is still adopting IPv6, some visionaries are already exploring what could be the next revolution in networking: IPv8. It’s not an official standard yet; there is a draft. 

This would be the way to interpret it so that you can preliminarily understand what IPv8 might handle:

Conceptual IPv8 Header (Experimental/Research):

Field Size (conceptual) Purpose / Description
Version / Protocol Type 4-8 bits Indicates IPv8 version and protocol/subprotocol type.
Source Address variable (128–256 bits) Modular address including location, identity, and optional permissions.
Destination Address variable (128–256 bits) Modular address for routing and access control.
QoS / Priority 8-16 bits Specifies traffic priority, quality of service, or special routing instructions.
Security / Authentication variable Optional fields for encryption, integrity checks, and identity verification.
Mobility / Routing Metadata variable Information for node mobility, multi-path routing, or decentralized network handling.
Extension / Optional Headers variable Can include additional features like service metadata, tokens, or microservice tags.
Payload Length 16-32 bits Length of the actual data payload.
Checksum / Integrity 16-32 bits Ensures header and payload integrity.

 

The latest update just over a week ago in April 2026, but it aims to rethink how we connect, integrating anonymity, advanced security, full mobility, and even native digital identity into the protocol itself.

What does Check Point think about this? 

In the cybersecurity world, the introduction of a new protocol always raises questions: how will it impact firewalls, threat detection, and policy management?

And here’s a key point:

From a development and hardware perspective, if IPv8 moves beyond a draft and becomes a public standard, Will current devices adapt easily through software/firmware updates?

Or will existing hardware be challenged, prompting a major infrastructure refresh? 

To view this video, you must Accept and consent to the use of cookies.

How will it impact routing, Layer 2, Layer 3, Layer 4, etc.? 

It’s a great question for both internal and external networks, and basically for any service or microservices architecture. However, what has Check Point thought about this? It would be very interesting to know.

Would history repeat itself?

We already saw how IPv6 adoption left many legacy devices behind or required significant upgrades. 

IPv8 is a reminder that the future of the Internet could be smarter, more secure, and far more flexible than we ever imagined.

 What do you think?

A natural evolution, or a disruptive shift too big for today’s infrastructure? 

This is information I have been researching. If I am mistaken about anything, please feel free to correct me. The goal is to contribute and learn in a friendly way from what you might observe.

With this post, I’m trying to send a message to the internal team responsible for Check Point, to anticipate the arrival of something as significant as this if it is ever adopted, and to see if, as a community, we might be prepared. Thank you for the space.

Regards

6 Replies
PhoneBoy
Admin
Admin
a week ago

To provide some historical context, IPv6 was initially defined by RFC 2460 at the end of 1998.
There wasn't any real pressure to move to IPv6 until we actually ran out of IPv4 addresses in January 2011.
I don't think we're going to run out of IPv6 addresses anytime soon.
Given this history and absent some other market driver, I don't see businesses embracing it.

sjni01
MVP Diamond
MVP Diamond
Monday
In response to PhoneBoy

Thanks for your feedback, PB. It will always be useful!!

0 Kudos
Bob_Zimmerman
MVP Gold
MVP Gold
Tuesday
In response to PhoneBoy

The drive behind "IPv8" was low adoption of IPv6. The only mention of IPv6 in the draft is "IPv6 [RFC8200] addressed address exhaustion but did not address management fragmentation. After 25 years of deployment effort IPv6 carries a minority of global internet traffic.", which is insane.

The "IPv8" draft has clear signs of being LLM slop rather than a serious proposal. For example, the second sentence is "Every manageable element in an IPv8 network is authorised via OAuth2 JWT tokens served from a local cache.", and that's wildly impossible. How are you supposed to make a DHCP8 request if you have to be authorized via a JSON Web Token to get any access to the network?

Finally, it's published at the same level as draft-meow-mrrp-00, and should be taken just as seriously.

sjni01
MVP Diamond
MVP Diamond
yesterday
In response to Bob_Zimmerman

Remember that it's a draft and could be updated, beyond your comments, we should try answer the questions mentioned on the post, if later this draft or any other proposal is adopted, it would be important to fix how legacy, new and future appliances are going to operate.

Bob_Zimmerman
MVP Gold
MVP Gold
yesterday
In response to sjni01

Strictly, IPv8 is already allocated. It was the P Internet Protocol, which was merged into the Simple Internet Protocol in 1993. SIP was IP protocol version 6, and eventually became what we know today as IPv6. Version 7 was assigned to TP/IX, and 9 was assigned to TUBA. SIP, TP/IX, PIP, and TUBA were all candidates to become IPv6.

The "IPv8" draft which is making the rounds uses 64-bit addresses (and ties ASNs to addressing in ways which will never work in practice). Your mention of 256-bit addresses makes me think you got some information about China's proposed IPv9. That's the only mention of 256-bit addressing I ever remember hearing about.

sjni01
MVP Diamond
MVP Diamond
yesterday
In response to Bob_Zimmerman

Excellent Feedback, IPv6 covers 128 bits, and now you’re talking about 256 bits. It sometimes feels like humanity is obsessed with assigning identifiers even to every grain of sand. In 20 years, someone might be updating this post talking about 512-bit systems or even more, because every day we see innovations that require more bandwidth, mapping, and scale.

I’m making a slightly bold prediction here; I might be wrong, but it could happen. It’s fascinating to see what others think about this.

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    CheckMates Events