Time to Get Serious About IPv6
April 4th, 2016
If you work with networking systems, you’ve probably, by now, at least heard of IPv6, the next-generation Internet Protocol. And you probably haven’t done much else with it, either. Many commercial businesses haven’t. In 2011, the Internet Authority for Names and Addresses (IANA) allocated the last IPv4 address blocks (the addressing scheme and protocol most people just call “IP”) to the Regional Internet Registries (RIRs). Earlier this fall, the American Registry of Internet Numbers (ARIN), the RIR for the Americas, announced that its remaining inventory of IPv4 address blocks had reached zero.
While the 2011 milestone for IANA was largely read as a sign of what was coming, it had little direct impact on, really, anyone in the enterprise world. But the ARIN announcement marks a significant change in the future of Internet connectivity in the US and the rest of the world. At this point, it is effectively impossible to request IPv4 address space directly from ARIN, which means that any new IPv4 allocations that a company may need will be bound to one of their ISPs, limiting portability and forcing a strong dependence on that provider. Providers are getting increasingly stingy with their allocations as well, since the ARIN well has run dry and they are now drawing down their own remaining inventory of address space to fulfill customer requests, which limits their own ability to expand their customer base.
Aside from the challenges of getting new IPv4 space, the lack of IPv6 deployment in the enterprise threatens the continuity of global reachability on the Internet. As the last drops of IPv4 space are allocated, a day will come in the near future when an ISP can no longer issue IPv4 space to a new customer. At this point, some businesses and/or consumers will be forced to use IPv6 for their Internet connectivity. The impact of this will be far-reaching, as IPv4 and IPv6 are not natively interoperable. The IPv6-only entities on the Internet will not be able to communicate with the IPv4-only entities on the Internet. This may interrupt communications and commerce.
So, the time to act is now, but how do we start? Here are a few ideas for an approach:
1) The first step is gaining some familiarity with IPv6 in general so that you (as your company’s network engineer) have some idea of how the protocol works and how it differs from IPv4 (there are some significant differences). There are good resources available from Wikipedia and Cisco covering the protocol basics, drivers, and approaches to deployment.
2) Start experimenting with IPv6 on a very small scale. Hurricane Electric provides the tunnelbroker.net service, which provides free IPv6 addresses and services over a tunnel across the IPv4 Internet. These tunnels can even terminate right on your laptop or home router. I’ve been running IPv6 from my home network for years via the Tunnel Broker service. Example configurations are provided for nearly every OS, and a free certification track is available to assist you in getting familiar with the terms, concepts, and operation of IPv6.
3) Identify your organization’s initial IPv6 deployment goals and develop a business case. While all enterprises will eventually need to have complete IPv6 implementations, many choose to get started by enabling their Internet edge and public-facing services (such as web servers) with IPv6 as a first step. This ensures that services your organization provides to the world (particularly its customers) are accessible even from IPv6-only clients. Developing a business case surrounding IPv6 can be a little tricky, since the primary reason to deploy it is that “we have to” in order to support sustained growth and continuity of the Internet. This article from Forbes (published around the “official” IPv6 World Launch in 2012) lists some better articulations of that point.
4) Assess your organization’s IPv6 readiness. Deploying IPv6 in your organization may require some software, hardware, operating system, or application upgrades. IPv6 address space will need to be obtained from an ISP or directly from ARIN. Service providers will need to be queried for their IPv6 readiness (most common business-grade ISPs are ready for IPv6 at this point). Most of your endpoint operating systems have supported IPv6 for at least the past decade, but older networking equipment or security platforms could need an update or refresh to handle IPv6 without exhausting their resources. H.A. Storage Systems can help you with this readiness assessment.
5) Develop a plan. This IPv6 deployment plan will include the deployment strategy (such as edge-first, dual-stack versus proxy, internal LAN native transport versus tunneling, etc.), an addressing plan (such as the use of provider assigned or provider independent addresses, subnet numbering plan, addressing and network services like DHCP versus IPv6 SLAAC, DNS, etc.), and all necessary upgrades to support your IPv6 deployment. Again, a trusted and experienced partner like H.A. Storage Systems can assist you with this.
6) Pilot and deploy IPv6. Once you’ve validated the readiness of your network to deploy IPv6 according to the deployment plan you’ve developed, you’re ready to start selectively deploying and testing IPv6. This can be done first on the network infrastructure itself, and then on the endpoints. Because IPv6 has no dependencies on IPv4, and the two protocols will coexist for many years, IPv6 deployment can be done very incrementally and does not require any sort of a “hard cutover.” This makes extensive testing over a period of time somewhat easier. After the successful pilot, IPv6 can be enabled on a broader scale to meet the deployment goals you established earlier in the process.
7) Expand the deployment. Once you’ve gotten IPv6 started in your organization’s network, expanding the deployment to include WAN connections, VPNs, and your network’s access layers will come naturally and quickly become more comfortable.
Although it was common back in the 1990’s to run multiprotocol networks (such as IPv4 and IPX or AppleTalk), we’ve enjoyed a rather homogenous world with regard to the network-layer protocol for the last 15 years or so. However, in order to support the growth of the Internet and ensure global connectivity is maintained end-to-end for your organization and its customers, vendors, and business partners, IPv6 will become a necessity. Let’s meet this new challenge head-on by starting our IPv6 deployments before it’s too late, and not get caught in an avoidable emergency.