Missing Link in ENTERPRISE NETWORKING






Blog


Tips for adding IPv6 to IPv4 networks

By: Ed Tittel and Kim Lindros | 15 June 2016

The IPv6 transition in your organization, more likely than not, involves bringing IPv6 into a mix that also includes IPv4. Here's a look at what that means and how to make it work.

The original title for this story was "Transitioning from IPv4 to IPv6," but when we started researching, we quickly realized that most organizations are adopting an outside-in strategy, rather than moving over from all-IPv4 to all-IPv6 deployments. This means that they're often taking steps to accommodate incoming and outgoing IPv6 traffic at the organizational boundary and translating between the two stacks, or tunneling one protocol over another, for internal access and use. The majority of internal clients and other nodes are using IPv4, with increasing use of IPv6 in dual-stack environments (environments that run IPv4 and IPv6 protocol stacks side-by-side).

IPv6 is the oldest "new technology" around

Experts have foreseen the exhaustion of IPv4 network addresses since the early 1990s, when it became clear that the partitioned 32-bit addressing scheme baked into IPv4 couldn't stretch infinitely. Though the four-billion-odd addresses that the IPv4 scheme supports seemed enormous at the time it was designed in the late 1960s and early 1970s, by the early 1990s it was clear that running out of addresses was inevitable.

In fact, while predictions called for this milestone to occur by September, 2011, the Internet Corporation for Assigned Names and Numbers (ICANN) didn't report the actual exhaustion of new IPv4 addresses until 2015, when it handed out its last remaining unclaimed blocks of Class C IPv4 addresses.

Running out of addresses shouldn't be a problem for IPv6 for some time, as its 128-bit address format enables assigning somewhere in the neighborhood of 6.67 *1023 addresses for each square meter of land on the earth's current surface. That's 6.197*1022 or 61,966,323,688,825,037,129,092.38 addresses per square foot of land, if you prefer the non-metric alternative for measuring area. Even with the looming Internet of Things, and the billions upon billions of devices it is envisioned to encompass, there's still plenty of room in a 128-bit address space!

IPv6 traffic slowly rising

Every year, a little more of the world's Internet traffic uses IPv6 instead of IPv4. But the ratio is climbing very, very slowly. Google's IPv6 traffic graph first inched above the 10 percent mark in January of 2016, and currently stands at between 11 and 12 percent in mid-May 2016. But most of that traffic comes from the developed world, with Belgium currently leading the pack at 41.8 percent. Switzerland, Germany, Greece, and Portugal fall in the 20-26 percent range. The U.S. is in the third tier at 18.6 percent, falling behind Luxembourg at 19.6 percent, but ahead of Ecuador, Estonia, Malaysia, Austria, and Japan, according to Akamai's State of the Internet).

IPv6 transitioning tools and technologies

To bring IPv6 into a mix that also includes IPv4, certain so-called "transition tools" prove necessary. The Internet Request for Comment (RFC) 1933 defines these capabilities as essential to any IPv6 transition:

  1. When upgrading hosts and routers to IPv6, they will retain IPv4 capability as well. This permits IPv6 to provide compatibility for IPv4 protocols and applications alike. Such hosts and routers are called dual-stack, because they run IPv6 alongside IPv4 in parallel.
  2. Hosts and routers all use the same name service, typically DNS, to obtain and manage information about which nodes are IPv6 capable.
  3. IPv6 formats can accommodate IPv4 addresses (the total IPv4 address space is roughly 4.3 * 109, so the whole shebang still leaves an extra 1.44 * 1013 addresses left over for other stuff for our first square foot of earth). In other words, IPv4 addresses also "work" for IPv6.
  4. You can transport IPv6 packets inside IPv4 packets to move IPv6 traffic across routers that don't support IPv6 protocols. This is called tunneling (it also works for IPv4 within IPv6, a capability that's not so important today but that becomes increasingly critical as IPv6 grows in share and eventually eclipses IPv4).

Some additional work is necessary to run a usable dual-stack environment. This includes proper setup and configuration of various IPv6 services to run in parallel with IPv4, particularly name services (DNSv6), dynamic host addressing (DHCPv6), directory services (such as Active Directory, NIS, and so forth, all of which must be updated and configured to represent and serve IPv6 addresses and information). It also includes using one of two standard formats to represent a 32-bit IPv4 address as a 128-bit IPv6 address (The compatible format stuffs 96 zeros in front of a standard 32-bit IPv4 address, while the mapped address technique works with the IP sockets API to create a common format for IPv4 and IPv6 addresses that includes a standard 16-bit FFFF mask ahead of the native IPv4 address). Various IPv4-to-IPv6 protocol translators (like those from IBM) also allow both types of compatible addresses to be used.

Where the Internet stands on IPv6 support

In terms of the four transition mechanisms described under the preceding heading, here's a status report:

  • All of the Internet core routers and infrastructure elements (today's real "information superhighway") is dual stack, as are most (90+ percent) of the edge routers and corresponding infrastructure elements. Companies that use their own boundary devices (or lease them or obtain them from a service provider) are also 90+ percent IPv6 capable with dual stack devices.
  • All current versions of the major client operating systems (Windows XP and better, MacOS 10.7 (Lion) and newer, iOS 4.1 and newer, and most Linux versions) support dual-stack capability (this Wikipedia chart shows a very complete collection of OSes and their IPv6 support ).
  • The commercial world is pretty solid all the way to the edges of the networks.
  • Consumers, very small businesses and home users - many of whom get their Internet boundary devices from service providers such as cable and telecommunications companies - lag somewhat behind. Even AT&T and Time Warner Cable (soon to become part of Cox) offer consumer grade support for IPv6 with less than blanket coverage. Excellent tunneling services are available, however, such as those from Hurricane Electric, a long-time IPv6 pioneer (and the sponsor of a useful series of free IPv6 certifications aimed at network professionals seeking to establish and improve on their IPv6 literacy).

What to do to get going on IPv6

In general, one's organization will already be partly prepared for the transition to IPv6, thanks to the ubiquitous use of modern client and server OSes that already include inbuilt dual-stack capability and infrastructure elements with similar capabilities.

Talk to your service provider to find out if they can handle IPv6 traffic entering and leaving your network. Then you'll need to set up, configure and deploy the Domain Name Service for IPv6 (DNSv6) and the Dynamic Host Configuration service for IPv6 (DHCPv6). And finally, you'll need to integrate IPv6 capability and data into your directory service environment(s), such as Microsoft's Active Directory, Network Information Service (NIS) and other equivalents, to ensure ready access to IPv6 information through existing channels for requesting and managing network access inside your firewalls.

Many organizations find it worthwhile to hire a networking consultant who specializes in helping with such transitions to make sure things go smoothly, to implement and test a pilot deployment, and then to assist with a production rollout.

After all that work, you'll be able to let IPv6 follow its inevitable course of eventually taking over network communications. That said, most experts expect IPv4 to stay in the picture for the foreseeable future so you can expect to live in a dual-stack world for quite a while yet.

This story, "Tips for adding IPv6 to IPv4 networks" was originally published by: CIO.


Copyright 2013 - 2016 ZOOM Technologies. All rights reserved.