IPv6: safeguarding the Internet

Editorial Type: Technology Focus Date: 2015-11-01 Views: 1,968 Tags: Networking
Nathalie Künneke-Trenaman, IPv6 Program Manager at the RIPE NCC explains how to consider, plan, implement and manage a transition to IPv6

By now we should all know that IPv4 was designed with only 4.3 billion addresses and that worldwide these are running out. Putting it bluntly, failure to move to IPv6 and its 340 trillion, trillion, trillion addresses puts the future growth of the Internet in jeopardy.

This is a problem that demands our action, because the number of internet-connected devices is increasing at a dramatic rate. Cisco estimates that by 2020 there will be 50 billion devices online, and IPv4 can't accommodate 10 per cent of this.

In September 2015, the Regional Internet Registry for North America (ARIN) reached exhaustion. That is, no more IPv4 addresses to allocate, meaning that organisations can only obtain them by trading. Internationally it's a similar story though not as acute: APNIC, the RIPE NCC and LACNIC are all operating exhaustion policies and providing limited amounts of IPv4 against specific criteria. Only AFRINIC, serving the African continent, has significant stocks of IPv4 - but this is projected to reach exhaustion in April 2019.

Many organisations will consider if it's worth investing in IPv6 or to continue buying IPv4. According to Google, the global adoption rate for IPv6 is currently 9 per cent. It's hard to predict where the tipping point for mass adoption will be, but one determination will be when the cost of deploying IPv6 is cheaper than IPv4 trading. Purchasing IPv4 will only get more expensive, and once IPv6 establishes firmly IPv4 will dramatically lose value.

Another aspect to consider is the cost of new equipment and replacement cycles, as most new technology can dual-stack and run both IPv4 and IPv6 concurrently. This is essential as they don't speak the same language, so it doesn't actually cost anything to be future proofed. Remember, anyone running IPv4-dedicated networks will not receive any IPv6 traffic. This might be important if it means that your organisation may lose ground to rivals who are IPv6-ready.

Services such as CGNAT are options, but the Internet was designed on principles of openness and end-to-end communication. With CGNAT, some software, such as certain business-to-business communications tools, simply won't work because they need a unique IP address. Layering NATs will also create issues in the future with the growth of routing tables spiralling, requiring their own table of tables - and if anything breaks it will impact lots of people instead of just one.

In terms of implementing and managing an IPv6 roll-out, building a project plan is critical to the success of deploying any network. It should identify key stakeholders and affected systems. An inventory of hardware and software used across the organisation is essential so that you can check what is compatible with IPv6 and what needs to be replaced.

One of our colleagues at AFRINIC has produced a great example of how to prepare an IPv6 web server, which is summarised below:

• Perform audit of the web server infrastructure and ensure it supports IPv6
• Address recommendations from the audit
• Review web services security policy and update it to cover IPv6
• Create Quad A (AAAA) records in DNS infrastructure for the web server
• Configure IPv6 addresses on the web server
• If applicable configure IPv6 addresses on load balancers
• Configure web server software to accept and serve requests over IPv6
• Establish a test plan for this deliverable
• Test the web server against the test plan and address any issues
• Launch the service
• Update relevant documentation

There are clear benefits to preparing for and deploying IPv6 now. It's important to safeguard the future growth of the Internet, and with the proactive support of networking professionals, we can all play our part. NC