Missing Link in ENTERPRISE NETWORKING
By: Ed Tittel and Kim Lindros | 15 June 2016
The IPv6 transition in your organization, more likely than not, involves bringing IPv6 into a mix that also includes IPv4. Here's a look at what that means and how to make it work.
The original title for this story was "Transitioning from IPv4 to IPv6," but when we started researching, we quickly realized that most organizations are adopting an outside-in strategy, rather than moving over from all-IPv4 to all-IPv6 deployments. This means that they're often taking steps to accommodate incoming and outgoing IPv6 traffic at the organizational boundary and translating between the two stacks, or tunneling one protocol over another, for internal access and use. The majority of internal clients and other nodes are using IPv4, with increasing use of IPv6 in dual-stack environments (environments that run IPv4 and IPv6 protocol stacks side-by-side).
Experts have foreseen the exhaustion of IPv4 network addresses since the early 1990s, when it became clear that the partitioned 32-bit addressing scheme baked into IPv4 couldn't stretch infinitely. Though the four-billion-odd addresses that the IPv4 scheme supports seemed enormous at the time it was designed in the late 1960s and early 1970s, by the early 1990s it was clear that running out of addresses was inevitable.
In fact, while predictions called for this milestone to occur by September, 2011, the Internet Corporation for Assigned Names and Numbers (ICANN) didn't report the actual exhaustion of new IPv4 addresses until 2015, when it handed out its last remaining unclaimed blocks of Class C IPv4 addresses.
Running out of addresses shouldn't be a problem for IPv6 for some time, as its 128-bit address format enables assigning somewhere in the neighborhood of 6.67 *1023 addresses for each square meter of land on the earth's current surface. That's 6.197*1022 or 61,966,323,688,825,037,129,092.38 addresses per square foot of land, if you prefer the non-metric alternative for measuring area. Even with the looming Internet of Things, and the billions upon billions of devices it is envisioned to encompass, there's still plenty of room in a 128-bit address space!
Every year, a little more of the world's Internet traffic uses IPv6 instead of IPv4. But the ratio is climbing very, very slowly. Google's IPv6 traffic graph first inched above the 10 percent mark in January of 2016, and currently stands at between 11 and 12 percent in mid-May 2016. But most of that traffic comes from the developed world, with Belgium currently leading the pack at 41.8 percent. Switzerland, Germany, Greece, and Portugal fall in the 20-26 percent range. The U.S. is in the third tier at 18.6 percent, falling behind Luxembourg at 19.6 percent, but ahead of Ecuador, Estonia, Malaysia, Austria, and Japan, according to Akamai's State of the Internet).
To bring IPv6 into a mix that also includes IPv4, certain so-called "transition tools" prove necessary. The Internet Request for Comment (RFC) 1933 defines these capabilities as essential to any IPv6 transition:
Some additional work is necessary to run a usable dual-stack environment. This includes proper setup and configuration of various IPv6 services to run in parallel with IPv4, particularly name services (DNSv6), dynamic host addressing (DHCPv6), directory services (such as Active Directory, NIS, and so forth, all of which must be updated and configured to represent and serve IPv6 addresses and information). It also includes using one of two standard formats to represent a 32-bit IPv4 address as a 128-bit IPv6 address (The compatible format stuffs 96 zeros in front of a standard 32-bit IPv4 address, while the mapped address technique works with the IP sockets API to create a common format for IPv4 and IPv6 addresses that includes a standard 16-bit FFFF mask ahead of the native IPv4 address). Various IPv4-to-IPv6 protocol translators (like those from IBM) also allow both types of compatible addresses to be used.
In terms of the four transition mechanisms described under the preceding heading, here's a status report:
In general, one's organization will already be partly prepared for the transition to IPv6, thanks to the ubiquitous use of modern client and server OSes that already include inbuilt dual-stack capability and infrastructure elements with similar capabilities.
Talk to your service provider to find out if they can handle IPv6 traffic entering and leaving your network. Then you'll need to set up, configure and deploy the Domain Name Service for IPv6 (DNSv6) and the Dynamic Host Configuration service for IPv6 (DHCPv6). And finally, you'll need to integrate IPv6 capability and data into your directory service environment(s), such as Microsoft's Active Directory, Network Information Service (NIS) and other equivalents, to ensure ready access to IPv6 information through existing channels for requesting and managing network access inside your firewalls.
Many organizations find it worthwhile to hire a networking consultant who specializes in helping with such transitions to make sure things go smoothly, to implement and test a pilot deployment, and then to assist with a production rollout.
After all that work, you'll be able to let IPv6 follow its inevitable course of eventually taking over network communications. That said, most experts expect IPv4 to stay in the picture for the foreseeable future so you can expect to live in a dual-stack world for quite a while yet.
This story, "Tips for adding IPv6 to IPv4 networks" was originally published by: CIO.