This is a brief document describing various issues with regards to IPv6 covering a high level description of the reasons for IPv6, the alternatives and some star-gazing.

To understand what IPv6 is about it is important to understand the current state of play in the internetworking world.

History :

In the early days of internetworking, there was a number of routable protocols, with various features and addressing schemes, the dominant protocol is currently IPv4 (commonly known as TCP/IP).

IPv4 has 32 bit addresses, which theoretically provides for approximately 2^32 addresses (4,294,967,296 addresses). In practice, this is not achievable, as in order to allow routing to occur the networks are divided up into subnets, and those subnets are then allocated to address range users, who further subdivide them.

The end result of this is that although the four billion possible addresses are more than enough, because of the requirements of subnetting and allocation, the actual available address space is much less. Various theories exist that describe the way in which the address space is carved up, and it appears that around 30% of the actual address space is actually usable.

Further, as IPv4 has spread in the 1990's, medium and large corporations have required large chunks of address space. There simply aren't enough network allocations to go around, and for convenience and necessity organisations have used a chunk of IP addresses that are reserved for private use. These chunks of address space are described in RFC 1918. This has lead to a situation where many medium and large organisations now have overlapping addresses. This makes internetworking them difficult, as in order to connect IP networks together, they must have unique address ranges.

A number of solutions have been applied in the last few years. The main alternatives are NAT (Network Address Translation) and to renumber sections of these entities networks to allow unambiguous routing to occur. NAT has serious drawbacks[1], and renumbering is often expensive and involves network disruption.

The internetworking community foresaw this in the early 1990's, and a number of solutions were proposed. Considerable discussion in 1993 saw the settlement of the internetworking community on a proposal that has been named IPv6. It is also sometimes refereed to as IPng (IP the next generation).

While the primary aim of IPv6 is to provide sufficient address space to carry the internetworking world well into the next century, it also was seen as an opportunity to overcome some of the shortfalls of IPv4 that had been discovered as it was deployed on a large scale. The modern Internet is running as its core networking protocol a protocol that is effectively an experiment. That it works as well as it does is an enormous credit to the original architects who designed it.

How does IPv6 help?

IPv6's biggest immediate benefit is that the address space is considerably larger. Where IPv4 has 32 bits for an address, IPv6 has 128 bits. This leads to a theoretical maximum of 2^128 (3.4 x 10^38) addresses. Assuming the worst network allocation efficiencies (approximately 10% is usable) that leaves 3.4 x 10^37 addresses. This number of addresses should be sufficient to take the human race into space, with every grain of sand on earth with its own IP address. It will suffice to say that address depletion will not be an issue. NAT will no longer be necessary, ridding the internetworking world of a difficult to support and costly Band-Aid solution.

One of the major problems with the current Internet is the complexity of the Internet routing tables. As the Internet has grown, it has placed enormous demands on the core routing infrastructure. In the early days there was no need for hierarchical routing, and the address allocation scheme was set up in such a way that any routes could be added into the core routing system. This has lead to vastly complex routing tables and enormous loads on the InternetÆs routing infrastructures. IPv6 attempts to reduce the impact of this problem by using a structured network address allocation scheme, described in [2]. Additionally, IPv6 attempts to close several security holes by building in authentication and encryption at the packet level, using IPsec as a defined part of the protocol. It provides much improved support for Quality of Service (QoS) and traffic management when compared to IPv4. The IANA has a draft document outlining the various components of the case for IPv6 in [3].

So what does IPv6 mean to the Corporate World?

IPv6 benefits the Corporate world in a number of important ways. Firstly it removes the need for RFC 1918 address use, which allows companies to merge, buy, sell and grow without having to undertake expensive and complex projects to merge networks together with NAT and renumbering.

It also provides more efficient routing within and without of corporate networks, and provides defined, standard QoS support as well as authenticated and secure standardised network packets. Additionally IPv6's support for automatic address allocation allows simplified desktop workstation configuration, in much the same way as AppleTalk users simply had to plug their new machines in and they were connected.

What consulting opportunities exist?

While IPv6 is very similar in many ways to IPv4, it is not exactly the same, and it is not directly compatible with IPv4. What this means to us (and to our customers) is that a migration to IPv6 is not simply a matter of upgrading a few routers. A carefully managed migration strategy must be developed and integrated into existing networks. This will be a gradual process. IPv4 will not be going away in the short to medium term, and the integration of the IPv4 and IPv6 services will create a lot of opportunity for skilled and experienced network integration consultants. Additionally, the enhanced security features of IPv6 will be of benefit to clients and the implementation of IPsec and packet level authentication will improve overall network security and reduce the reliance on firewalls for some situations.

An opportunity exists to be an early (and thus, later, experienced) provider of IPv6 integration consulting services for most of the corporate world. In this industry, it is vital to follow growth areas, and it is my belief that IPv6 integration is going to be one of the major growth areas in our industry over the next five years.

Should we implement internally?

Yes. IPv4 and IPv6 can run on the same hardware and the same wires, just as most networking protocols can. It would be advised at this point to build a testlab of IPv6 equipment and connect to the 6bone[4] (www.6bone.net) to carry out interconnectivity testing. In terms of disruption, there should be minimal if any impact on existing IPv4 infrastructure. Firewall technology will probably require some alteration to allow IPv6 traffic to travel through it. It is my belief that a project should be commenced to design an implementation and eventual migration strategy.

What rate of market uptake is expected?

The rate of market uptake will depend on how well IPv6 is promoted, and how often companies merge, grow and change their network connections. It would be reasonable to assume that in 5 to 10 years the Internet and the corporate world will have converged and will all be running IPv6 with islands of IPv4 tunneling through the IPv6 backbones. Additionally further convergence of consumer electronic devices will probably see more and more devices with IP addressing requirements, of which only IPv6 can provide full connectivity at this point in time. When your fridge can tell your computer that you need to call a repair service because it is leaking, it will have done so using IPv6 as the base protocol. This is not as far in the future as it may seem. Sun's JINI technology, the various telcos etc are all betting the farm on convergence, and it's going to be very, very big.

What will the market be looking for?

Initially, there will be a demand for education and strategic direction. While the internetworking world has been familiar with the broad concept of IPv6, few organisations and individuals are really familiar with what the new protocol offers. Guidance, strategic planning and test implementations will be the initial demand. I have a test implementation plan which includes the development of an IPv6 testlab implementation at Hansen Corp (formerly EIS), and I think that many organisations will want this kind of service in the short term (for the next 3 years). In the longer term organisations will be looking for fully integrated IPv6 migration, which will include using the enhanced security and traffic shaping facilities provided.

How can we train our staff?

At the moment the best way to train staff in the IPv6 arena is to encourage staff members to use IPv6 on their home systems, and to build a testlab and make it available to staff. As with other technologies on the leading edge, the only way to learn at the moment is to get in and get grubby, and to share experiences. We need to be actively involved in alpha and beta testing for vendor products, freeware and so on, to gain experience with the invariable issues that will arise.

How can we promote ourselves as IPv6 experts?

We need to be visible on the 6bone, we need to be seen at conferences doing presentations and involved in technical BOAF (birds of a feather) sessions at conferences such as AUUG and QUESTnet. We need to promote IPv6 to IT managers at the organisations that we are currently working at, and have worked at in the past. We need to have a client site with a successfully running IPv6 network to provide references and also to allow us to rotate staff through to train them, and we need a working testlab and ideally a fully functional IPv6 network within e-Secure to showcase to potential clients.

Do we want to be IPv6 experts?

In the short term, yes. In 5 years, it'll be as prevalent and well known as IPv4 is now, and there'll be no major demand, but if we get in early, we have an opportunity to be market leaders in this field. Integrating security with network topology is one of our core businesses, and IPv6 is a security enhancement as well as a fix for many of IPv4's other limitations. We should be involved heavily as quickly as we can be.

References :