IPv6 readiness is key as IPv4 peters out

IPv6 technology is a hot topic again, especially since experts expect IPv4 addresses to be exhausted by 2012.

IPv6 is nothing new. The warning signs have been there for years, and the U.S. government has been under a strict deadline to cut over to IPv6 by next year.

But still, most U.S. enterprises are dragging their feet when it comes to embracing the new Internet protocol. They worry about compatibility issues, costs and overall challenges when switching over from the familiar IPv4 to the new and sometimes intimidating IPv6.

But a host of experts say IPv6 is ready and companies need to educate themselves, consider their options and jump on the new technology before they're turned away at the door when v4 starts drawing its last breaths.

Loki Jorgenson, chief scientist with Apparent Networks, said there was a level of urgency on the part of companies investigating IPv6, but with the discovery of a host of v4 addresses that were not being used, it was back to business as usual and v6 was again put on the backburner.

"The urgency was off-set," he said.

Recently, though, interest in v6 picked up again when the American Registry for Internet Numbers (ARIN) announced that v4 addresses would be history by 2012. Jorgenson said ARIN recently changed its position from being neutral on IPv6 to actively encouraging it.

Jorgenson agreed with ARIN's estimation and said it could be just under five years before IPv4 addresses run out completely, but that projection is modest and made on the assumption that there won't be an IPv4 usage increase in the meantime. The five-year prediction is based on current usage rates, where ARIN doles out a certain number of IPv4 addresses per year. A usage increase could deplete the pool of addresses much sooner than anticipated.

"It's a very grey, slushy kind of boundary where [we don't know] how much time that buys us," Jorgenson said, again stressing that it could be some time in 2010 or 2011 when the pool of IPv4 addresses runs dry. Adding to that confusion, he said, is the possibility that companies and agencies that have hoarded an excess of IPv4 addresses could sell them off as the supply dwindles, creating a short reprieve from total depletion.

In a recent presentation at the Burton Group Catalyst Conference, John Curran, chairman of ARIN's board of trustees, said that 68% of v4 address space was allocated as of June. Of the remaining 32%, only 19% is openly available, while 13% is unavailable.

Curran said the dwindling address pool changes past estimations of address depletion. Several years ago, it was estimated that addresses would be gone by 2020 or 2025. About two years ago, that estimation changed to 2017. Now (as Jorgenson mentioned), 2012 seems more likely, Curran said during his presentation.

Curran joked that if v6 isn't widely implemented when v4 addresses run out, users who try to access the Web will be greeted with a sign that reads: "The Internet is full. Go away."

This means that enterprises will have to reach Web and mail services via v6, and future organisations will have no choice but to use v6 for such access.

"The goal is to make sure your edge going to the outside world is not only v4, but v6," Curran said.

Silvia Hagen, CEO of Sunny Connection AG and author of IPv6 Essentials, Second Edition from O'Reilly Media, agreed that depletion is not the driving force for IPv6 uptake but that many companies have fallen short on their v6 plans because they have other, more pressing concerns than what may or may not happen five years from now.

Hagen agreed that address depletion is the driving force behind IPv6 conversion.

"Companies simply have to understand there's no way around it," she said. "This prediction [of address depletion] is based on the assumption there is no increase in demand. But everybody has too much on their tables." She added that "anything that's not burning their skin already" falls by the wayside.

Lack of knowledge of IPv6 is scaring off many companies, Hagen said. They feel that the new technology will introduce problems that didn't exist with v4.

"You will have issues, but we've always had issues with IPv4," she said. "I think what's scaring people off with IPv6 is that [they] haven't really looked at it and they're using potential problems as an excuse."

Another problem with IPv6 is that there isn't a one-size-fits-all plan. Companies will have to find what works for them.

"There is not just one scenario you can apply to everybody," she said.

Jorgenson said that as v6 devices become available, companies should look into running a dual-stack model: networks that run both on v4 and v6, similar to a half-duplex/full-duplex deployment.

"Why do you ever need to fully cut over?" he asked. "I'm expecting that you're literally going to see v4 and v6 sitting on top of each other. We're not looking at a clean cutover from v4 to v6; v4 will never go away," he said. "We're going to see v4 and v6 supported going into the future."

Hagen agreed that many companies will choose a dual-stack model, which will ease the transition, but that will create an additional workload going forward because v4 and v6 will require two separate security concepts and two routing protocols.

On the vendor side, many major networking companies are designing and producing IPv6-compatible products. Hexago, for example, has been working with IPv6 for roughly 10 years, according to Bruce Sinclair, the vendor's CEO. Since Hexago released its Gateway6 product three years ago, it has been helping companies migrate from v4 to v6.

Sinclair said there are several ways to make the transition. The first is to go dual-stack with both v4 and v6 in production as two separate networks. Second, companies can take the tunnelling approach, where traffic essentially jumps over the nodes that haven't been converted. Last is translation, which is using a product on an edge or device basis to make v4 and v6 compatible.

"The migration is not going to happen overnight," Sinclair said. "There are going to be compatibility and interoperability issues."

Hexago makes the Gateway6, a product that buys time and saves money as companies transition from v4 to v6. Gateway6 provides IPv6 connectivity over IPv4 wireline or wireless networks. IPv6 applications and services can be deployed over existing networks without forklift infrastructure upgrades. The appliance uses standards-based tunnelling to provide access from a backbone to the edge of the network.

"It's pretty clear that the ROI for doing IPv6 as an enterprise just isn't there yet," Sinclair said, citing one reason companies may not be jumping on the v6 bandwagon just yet. "They don't feel the pain of not being able to expand. And most people think going to IPv6 means changing everything, and that can be scary."

Sinclair said a v6 transition is not as complicated as many companies fear. The way Hexago eases the transition is by basically putting IPv6 within IPv4 packets. It avoids running two networks like a dual-stack model and gets companies on the right track for a pure IPv6 environment.

"The deadline now is crystallised," he said. "The point is: When are you going to be able to get your last IPv4 address? Without it, you can't open that new sales office or store."

Network General, another vendor that is developing IPv6-compatible products, said some of the IPv6 delay can be attributed to lack of education or misinformation. At the same time, when companies evaluate v6 and begin to use it, "they don't want to mess it up," said Network General's director of technical marketing James Messer.

"I don't think enterprise customers are aware of the advantages," he said. "They just know they'd get more addresses."

But there's more to it than just addresses, Messer said. Security is tighter, thanks to IPsec coming as standard, and there are routing and switching improvements, such as protocol prioritisation.

Messer said that most enterprises are sitting tight on IPv6 because IT shops have many projects going on, and since IPv6 isn't immediately necessary, it takes a back seat. Still, he said, starting soon with a dual-stack approach will ease the switch.

"There's a legacy there; it's always going to be there," he said.

Many vendors -- Network General, Cisco and a host of others -- are making IPv6-aware products that have been ready to be put into production for a while, Messer said.

"We've all heard the term IPv6, but I don't think we've all known what it meant," he said, suggesting that companies should keep a keen eye on v6 and study it.

He said companies should ensure that applications and supporting services are v6-ready for the day when it's time to cut over.

Hagen also stressed the need to be prepared, because as accurate as estimations of address depletion can be, things can change in a moment.

"It's about getting ready for the moment you really need it," she said, suggesting that companies devise a strategy now to head off problems early on.

Jorgenson echoed Hagen and said, "This is a point in which it stops being theoretical and becomes planning. If you're planning ahead like a good grasshopper, you'll still pay attention. And others will start to pay attention."

And while IPv6 presents some challenges, Jorgenson said, there aren't any true warning flags so far.

"It doesn't pose any specific problems other than that it's a new technology," he said.

It could pose minor security and management problems, however, as users get up to speed. Also, there have been some difficulties with Microsoft Vista, but Microsoft has been actively working on alleviating those problems.

"IPv6 is bleeding-edge right now," Jorgenson said, adding that the June 2008 deadline for government agencies to have v6 deployed is acting as a catalyst for enterprises to follow suit, despite not having a deadline.

He added that vendors can also help ease users into IPv6.

"The simplest thing [for a vendor] to do is support everything," he said. "Why make network managers choose? It creates more headaches."

Overall, Jorgenson recommends that companies start planning now to have IPv6 ready in a two- to five-year timeframe. If a company is v6 capable now, it should start experimenting to get its feet wet, then devise a fuller implementation plan and schedule.

"My direction would be that they start to develop their own perspective and their own plan," he said. "Determine how much name-space they will use and how depletion will affect them. If you haven't got the appropriate questions in your head, the answers are irrelevant."

 

Dig deeper on Introduction to networking

-ADS BY GOOGLE

SearchStorage.com.au

SearchSecurity.com.au

SearchCIO

SearchCIOMidmarket

SearchCompliance

Close