For years, Internet Protocol Version 6 (IPv6) has been looming, basically waiting for adoption. It’s tested, proven, and in some places in production (e.g. US Department of Defense). The biggest benefits being its larger address space, built in security, Quality of Service, and more efficient data transmission.
We are now approaching the time where decisions need to be made, IPv4 address space is slated to run out in 2010 or 2011, so how should you approach IPv6 adoption?
As I see it there are two ways you can adopt the new IPv6. Either a planned approach where you have time to test and deploy it in a controlled manner, or as a reaction to circumstances, where you will end up fire fighting. Which you choose is going to depend on whether you want to maintain control over your IT Strategy and budget. If you want to do it in a planned manner, then the message needs to be “start now”.
There is one enterprise application that has the potential to be the killer IPv6 application; Microsoft DirectAccess. My view is that when your user community see it, they’ll want it because it makes their life a lot easier. You’ll want it too because it makes remote access easier and gives more control over mobile endpoints.
The options for IPv6 implementation will depend on how deep into the corporate network you want to go with adoption. Initially I see the transition technologies being good starting points.
- “Dual Stack”: Devices may operate with both IPv4 and IPv6 implementations to allow them to communicate with both types of hosts.
- IPv4/IPv6 Translation: “Dual stack” devices may be designed to accept requests from IPv6 hosts, convert them to IPv4, send the converted requests to the IPv4 destination and then process the return response similarly.
- IPv4 Tunnelling of IPv6: IPv6 devices that don’t have a path between them consisting entirely of IPv6-capable routers may be able to communicate by encapsulating IPv6 within IPv4. In essence, they would be using IPv6 on top of IPv4; two network layers. The encapsulated IPv4 packets would travel across conventional IPv4 routers.
The thing to realise about these three technologies is that they only support IPv6 hosts communicating with IPv4 hosts. There will still be no way for an IPv4 only host to communicate with an IPv6 only host. The result of this being that eventually everyone will need a migration plan to enable IPv6 for all hosts because at some point I would envisage that transition will enter a phase of hosts being IPv6 only.
Any mainstream desktop or server operating system released over the last 2-5 years almost certainly has Dual Stack capability.
Here are the top items I think need addressing before moving on to a live deployment:-
- Staff development – ensure the skills are in place to support the plans, from architecture and design, through implementation and operations. Even the service desk will need to understand the fundamental principles. No more “what’s your ip address” I fear!
- Architect the IPv6 network with the rigour and process that you would for IPv4
- Build a test network to the architecture plans – prove that it is going to deliver
- Build the service management and operations plans – test them on the test network
- Test, test, and test again. This is a big change, affecting all network services
- Some equipment is under different administrative authorities, with different priorities and deployment plans. Use the transition technologies to bridge gaps in IPv6 communication paths.
- The operation of a dual-stack network requires two independent networks to be managed at the same time. Make sure you have the resources to do this.
IPv6 is going to be a significant change, don’t start too late with your planning and be forced into a rushed implementation that will be very expensive in the long term.
Paul Squires – Head of Technical Consultancy – Itica Consulting – March 2010