IPv6: When do you really need to switch?

IPv6: When do you really need to switch?

Summary: World IPv6 Day is here, and with it many ISPs, websites and manufacturers are now supporting IPv6, the next generation network protocol of the internet.

SHARE:
TOPICS: Networking
28

ANALYSIS - World IPv6 Day is here, and with it many ISPs, websites and manufacturers are now supporting IPv6, the next generation network protocol of the internet.

For many users, though, the questions of what, when and why still await answers.

Everyone in networking knows that they should be switching to IPv6. The Internet Engineering Task Force (IETF) realized that in 1994, when it predicted that IPv4's 4.3 billion addresses wouldn't be enough. Its answer was IPv6. With its 128-bit address space it can have up to 2^128 addresses — that's 40,282,366,920 billion billion billion usable addresses. Even an interstellar internet won't run out of numbers any time soon.

Meanwhile, back on Earth, the regional internet registries (RIRs) in charge of parceling out IP addresses are down to their last old-style IPv4 addresses. Indeed, the Asia Pacific Network Information Center (APNIC) ran out of IPv4 addresses in April 2011. RIPE NCC, Europe's RIR, will be the next to run out sometime in August. In North America, the last IPv4 address will be assigned in June 2013.

That will be the end of the road for new IPv4 addresses. Technologies like Network Address Translation (NAT) and Classless Inter-Domain Routing (CIDR) that let us run multiple devices behind a single IP address have won us some time, but while neither NAT nor CIDR will be going away soon, they can't delay the IPv4 famine any longer.

Not so straightforward

Yet a straightforward switchover can't happen because IPv4 and IPv6 aren't compatible protocols. Dual network stacks that support both protocols will be necessary for the foreseeable future.

Vint Cerf

Vint Cerf

Vint Cerf, one of the fathers of the internet and the man who takes responsibility for IPv4's "inadequate" number of addresses, told CNET News's Stephen Shankland in an interview that he'd "hoped for much earlier implementation [of IPv6]. "It would have been so much easier. But people had not run out of IPv4 and NAT boxes were around (ugh), so the delay is understandable but inexcusable. It is still going to take time to get everyone on board," Cerf said.

Another reason why IPv6 adoption has been so slow is the classic chicken-and-egg problem of which comes first, the technology or the users.

As Bob Hinden, co-inventor of IPv6 and a fellow with Check Point, the network security company, explains: "The problem that IPv6 solves is it provides a larger IP address space than IPv4. However, no one gets the full benefit of IPv6 deployment until everyone supports it. There was little incentive for organizations to adopt IPv6 as long as they could still get IPv4 addresses.

"In essence, organizations delayed investing in IPv6 until they absolutely had to. However, the pool of unallocated IPv4 addresses is close to being exhausted with the last block of free IPv4 addresses assigned on January 2011. IPv4 addresses are now much harder to get for most enterprises, and large blocks needed by ISPs are close to impossible to obtain. So now, organizations are waking up to the need to deploy IPv6, and we're seeing wider acceptance."

Who's on board IPv6 today?

How much wider acceptance of IPv6 is there really? Craig Sprosts, general manager of Fixed Broadband Solutions at Nominum, a network services company in Redwood City, California, has these findings from a survey of 67 ISPs, providing internet service to over 110 million US households. Nominum's survey "found that 97 percent of these companies have implemented or plan to implement IPv6; 23 percent have already done so, 35 percent plan to do so this year and 39 percent plan to do so in 2013 or later".

That sounds good, and there has been growth in IPv6 traffic. Hurricane Electric, an IPv6 ISP and backbone provider with a claimed 58.6 percent of the world's IPv6 networks, states that IPv6 internet traffic has grown over 150 percent since 2011's Global IPv6 Day.

No one gets the full benefit of IPv6 deployment until everyone supports it. There was little incentive for organizations to adopt IPv6 as long as they could still get IPv4 addresses. – Bob Hinden

On the other hand, Burt Kaliski, CTO of VeriSign (operator of the root DNS [Domain Name Service] servers and the .com and .net registries) says that while IPv6 DNS traffic has tripled over the last year, "we're not seeing a significant increase in the percentage of transactions carried over IPv6 for .com and .net and it has been relatively flat over the last year".

No matter how you measure it, IPv6 traffic is still a tiny fraction of the global internet traffic.

Indeed, Leslie Daigle, chief internet technology officer of the Internet Society, confirms that the goal for World IPv6 Day was to provide only one percent of users with IPv6 access. This "is enough traffic to demonstrate that access providers are well advanced in their actual deployment plans. With that, and the fact that content providers are turning on IPv6 and leaving it on for this year's challenge, we have the basis for our statement that: this time it's for real; after June 6 2012, IPv6 is the new normal for Internetworking".

Why only one percent? It's because the Internet Society knows most people aren't ready yet. Daigle explains: "The goal is to reach one percent by June. In many cases, users may need to upgrade or replace hardware and software, such as operating systems or home routers, to use IPv6. Over time, as users upgrade, IPv6 adoption will increase without any changes in the ISP's service or equipment."

So why should you upgrade?

With less than one percent of internet connectivity, you may not find the case for upgrading to IPV6 compelling.

Yet, while the traffic may not be there yet, major websites are moving to dual-stack network solutions. Erik Nygren, chief architect for Akamai, a content delivery network (CDN) company, says: "Akamai has IPv6-enabled over 50 major websites belonging to over 20 of the world's largest web companies that participated in last year's World IPv6 Day event. The company anticipates traffic levels will continue to increase as more customer sites dual-stack in the period following this year's World IPv6 Launch where over one-third of the top 30 registered sites by Aklexa rank will be using some of Akamai's IPv6 services."

Nygren continues: "As of May 18 of this year, over 700 US government sites across 21 agencies were permanently dual-stacked using Akamai's services as the company continues to help their customers meet the US federal government mandate (PDF) requiring all public-facing government sites to be enabled for IPv6 by the end of September 2012."

With Facebook, Google and Yahoo also moving to IPv6 there will be sites that IPv6-enabled users can reach. Of course, they'll still be able to reach them by IPv4 as well. As Sampa Choudhuri, a Cisco small business marketing manager, recently blogged, "Your current network running IPv4-based devices won't be obsolete for some time."

However, as John Curran, president and CEO of the American Registry for Internet Numbers (ARIN), North America's RIR, explains: "World IPv6 Launch Day is a lot larger than people understand. IPv6 is the single largest upgrade in the history of the internet. It's not a small decision for the major content providers to turn on IPv6 and leave it on. Going forward, internet users will be forced to go through transition gateways to reach businesses that do not similarly upgrade by adding IPv6 connectivity, with the result being slower connections and services for their customers."

Those transaction gateways, which slow down traffic, already exist. Alain Fiocco, Cisco's Senior Pv6 Program Director, says, "For a real-world example of IPv6's impact on business-to-consumer services, look to online banking. While a common web service, online banking is actually a complex application that, delivered through IPv4, is bogged down jumping translation hurdles to reach an IPv6 household. Therefore, an IPv4 bank risks losing customers [that] consider a speedy, complex and rich online experience an integral part of the business relationship."

For businesses working with other businesses, Fiocco thinks the need is even greater. "Other industries — particularly in B2B — don't have a choice. Manufacturing companies with partners in IPv4-exhausted regions (eg, China, Vietnam) have already made the switch," he says.

Tom Coffeen, IPv6 evangelist for InfoBlox, a US network services company, agrees. "Given the exhaustion of IPv4 in Asia (with Europe to follow in a few weeks) many newly connected (and all future) internet users will be requesting content from IPv6-enabled devices," he says. "Companies are becoming more aware of the risk to competitive advantage brought on by failing to make their public-facing (ie, internet available) content over IPv6. As a result, the logical scope of IPv6 adoption for most companies will be to get their content online via IPv6.

Increased customer loyalty, higher network efficiency and reduced costs can all be powerful byproducts of the IPv6 transition. – Craig Sprosts, Nominum

"Specifically, for many organizations this will mean configuring one or more web servers with IPv6," Coffeen continues. "In most cases this will be done on the same servers that currently support IPv4, leading to a 'dual-stack' configuration. Of course, the supporting network segment, router and/or firewall will need to support IPv6 as well. Companies that rely on web hosting or a CDN will need to make sure those service providers support IPv6."

Besides, as Nominum's Sprosts notes, since "the transition from IPv4 to IPv6 is a necessity to keep the internet running and growing" you might as well make the best of it. "Operators, content providers and enterprises should not ignore the powerful business benefits associated with the 'new' internet. Things like increased customer loyalty, higher network efficiency and reduced costs can all be powerful byproducts of the IPv6 transition," Sprosts says.

In short, there are business reasons for starting your IPv6 move.

When should you upgrade?

"When? That's the 2^128-address question," says Cisco's Fiocco. "As more and more consumers switch to IPv6 — AT&T, Comcast, Time Warner and other service providers now bring new households online via IPv6 as a matter of course — it would make sense for businesses to provide services and content via IPv6 sooner rather than later."

Owen DeLong, Hurricane Electric's IPv6 evangelist, agrees. "The sooner you start, the better you can plan/prepare. Plan on adding IPv6 to your existing capabilities and maintaining dual-stack for several years." He also warns, "Expect to have to touch everything in your network." That isn't easy.

Security in particular needs careful consideration, with IPv6 adding a whole new interface to the internet to manage and monitor.

As Chris Smithee, Strategic Solutions Architect with Lancope, a network performance and security company, explains: "For those looking to transition from IPv4 to IPv6, it is important to know that it does not happen with a flip of a switch. There are certain steps that need to be taken to guarantee success during the switch."

Smithee continues: "To start the transition, many may decide to run dual-stack networks, which allow for the operation of both IPv4 and IPv6 environments across the same hardware, ensuring no disruption to service delivery. During this process, it is paramount that organizations implement network monitoring technologies.

"Technologies like flow-based monitoring and other network monitoring tools allow IT professionals to gain visibility into upgrade points and observe application behavior. Though many organizations may not see the IPv6 light, it has never been more important to make the switch, in tandem with using available technologies, to preserve the integrity and security of today's computing infrastructure."

That also means making sure your network equipment vendors can deliver the goods. Chris Crotteau, senior technical engineer at Network Hardware Resale, US-based sellers of second-hand network gear, warns: "Describing a device as IPv6 capable does not necessarily imply that the unit has the needed IPv6 features called for by any particular deployment; that a device can process IPv6 traffic at the same rate as IPv4 traffic; or that the system has sufficient resources available to simultaneously process IPv4 and IPv6 traffic."

Though many organizations may not see the IPv6 light, it has never been more important to make the switch. – Chris Smithee, Lancope

Fiocco, however, suggests that your equipment may be up to the job. "If you bought edge routers or security devices within the last three-four years, saddling up for IPv6 is probably as easy as a software update." Otherwise, you're looking at a refresh of your IT infrastructure.

So, according to Fiocco, "The bottom line: if your client is on IPv6, it's in your business's best interest to switch. And with AT&T alone projecting five million [US] households [on IPv6] by the end of 2012, alongside explosive 4G growth, chances are many clients and consumers are getting there, if they are not already."

While IPv6 may still be a trickle today, it's soon going to be a flood, and the sooner you start making the change the better.

Remember, we really are almost out of IPv4 addresses, and by 2013, most new internet services and websites in Asia, Europe and North America will be only reachable by IPv6.

Related stories:

It's World IPv6 Day: here's what you need to know

3 things to know about IPv6 as World IPv6 Day approaches

It’s official: Asia’s just run out of IPv4 Addresses IPv6: It’s the end of the Internet as you know it, and I feel fine

Facebook enabling IPv6 on beta site next month

First IPv6 Distributed Denial of Service Internet attacks seen

Topic: Networking

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

28 comments
Log in or register to join the discussion
  • someone was on drugs.

    IPv6 is not bandwidth efficient.

    It would of been better is IPv6 was 48bit or 64bit. Or the first 4-8bits of the IP would specify how long the ip address is, that way it can scale with over time. Think for every packet, 96bits is wasted. UPD packets from the DNS server become complicated.

    So IPv6 will slow down the internet, add latency, eat extra power, consume bandwidth.


    Can't wait !


    OIh ya, what is my IPv6 IP? Well I don't remember, and even if I knew, it would be easy for me to screw up typing it out. SO there goes troubleshooting with someone over the phone !


    It pisses me off when my ISP assigns me a confusing ipv4 thats hard to remember, but IPv6? not a chance. I have to know hex code now just to type my IP out. WTF. what is wrong with 8bit.8bit.8bit.8bit.8bit.8bit why 6 groups of 16bit?

    THe creators of IPv6 are out to lunch. And they love to suck up bandwidth !


    Oh ya, IPv6 on a mobile device is a very bad move, do to limited bandwidth. Thing AT&T is bitching now, wait until IPv6 for mobile comes up, and everyone bandwidth usage goes up and consumers have to pay more for less :(


    So, routing will slow down. DNS will slow down. loads on servers will slow down. power usage will increase. data usage will increase. latency ill increase. your monthly bill will increase. ANd the list will go on and on and on. ANd for those who rely on streaming service. well UDP packets will get complicated, so expect some lag. ANd IPv6 on dial up, not a chance haha, that would be so so so so slowwww.

    Since everything is migrating to LTE, if anyone noticed that 3G networks are slow, and starting to make EDGE look fast. so last thing we need is IPv6 over mobile to make 3G even slower.


    IPv6 is suppose to make it easier for devices to communicate over the internet by assigning an IP per device and not needing NAT. So devices will be totally exposed to the internet for that to work unless there is a transparent firewall on the system, that inspects packets and that imposes a policy (you can only talk to me while I am talking to you unless i use upnp to punch holes) but that makes htings complicated as devices do not work with upnp so well, at least with NAT you knew you were behind a firewall and if transparent the device may or may not know that the transparent firewall works with upnp. SO this comes down to devices being totally exposed to the internet, and makes it for a hackers dream come true.
    ShqTth
    • Oh boy . . . talking about being on drugs . . .

      Oh boy . . . talking about being on drugs . . .

      "IPv6 is not bandwidth efficient."

      IPv6 supports jumbograms, which have far more data per header than normal IPv4 packets. You can actually get a far better header/data ratio with IPv6 than with IPv4.

      "Think for every packet, 96bits is wasted."

      You're concerning yourself with 12 bytes (16 if you had bothered to do research). Out of thousands (theoretically billions in the case of jumbograms). It's not gonna make a noticeable difference.

      Assuming you force your IPv6 connection to keep the same MTU (usually 1500 or so), your connection is going to be 0.8% slower. You're not going to notice. And it's unlikely that IPv6 devices will keep the smaller MTUs anyways, since they can handle larger packets more easily.

      "why 6 groups of 16bit?"

      Less digits. Do the letters, A, B, C, D, E, and F confuse you somehow?

      And actually, IPv6 has more features for saving bandwidth than IPv4 - the net result should be a faster connection, not a slower one.

      "IPv6 is suppose to make it easier for devices to communicate over the internet by assigning an IP per device and not needing NAT. So devices will be totally exposed to the internet . . ."

      No, they'll still be using NAT. Thanks to the security protections it provides, I seriously doubt NAT is going away with the introduction of IPv6.

      "ANd for those who rely on streaming service. well UDP packets will get complicated, so expect some lag."

      Actually the exact opposite. Flow labels and jumbograms will allow for far more efficient streaming.

      I suggest doing more research. A lot more changed than simply the size of the IP address.
      CobraA1
      • RE: Oh boy, ....

        Thanks CobraA1 for a chuckle. After a couple days of dealing with this clusterf--- of a software package; I was in serious need of some humor.

        Obviously, someone did not do their homework, now did they? I don't claim to be a networking guy, and trying to wrap my brains around IPv6, but I do see some benefits to it. Just by the judicious issuance of prefixes, routing tables can be so much smaller. After all, we are starting from scratch in terms of IPv6 address assignment.
        fatman65536
        • no nat

          Not to mention no more nat-ing.. :)
          tnycman
    • The security nonsense

      Yes ipv6 provides each device with a globally reachable Ipv6 address, the question really should be if NAT is so safe as people claim it is. There are so many holes one need to puch in a ipv4 firewall at the router to allow traffic using ipv4 and NAT, as NAT is nothing more then a way to extend ipv4 life by using one globally reachable ipv4 address for many devices behind the NAT router. It breaks a whole lot of protocols (case in point SIP), that rely and were designed for direct connections. The translations needed to make NAT work, also break security, most notably ipsec, as the router needs to change packets and change destination or source for the packets to flow correctly between two endpoints that are behind a NAT firewall, of course this means a true ipsec communication cannot occur, as the package is being tampered by a third party (the nat firewall).

      Of course anyone that runs ipv6 now (including me) runs a perimeter firewall on their router, this will only pass packets along if the state of the packets make this a possibility, so unsocillicited packets will never reach any ipv6 devices behind the router, just as is the case with a nat firewall. At least with ipv6 the router doesn't have to change packets just to ensure delivery, which is of course a much much better approach.
      sjaak327
  • Is it really a problem?

    "Yet a straightforward switchover cant happen because IPv4 and IPv6 arent compatible protocols. Dual network stacks that support both protocols will be necessary for the foreseeable future."

    So what's the problem? Our machines are plenty capable of using dual stacks. Handling packets only takes a tiny amount of CPU and memory. It's not as if they really present some sort of issue. Unless you're a network engineer for a large corporation, dual stacks shouldn't be an issue.
    CobraA1
    • The problem is IP6 advocates are zealots.

      Which is why it's taken so long for it to get adopted. The idea of backward compatibility with IP4 was anathema to them.
      baggins_z
      • RE: The idea of backward compatibility

        I must agree, the failure to create some backwards compatibility was [b]a serious mistake[/b].

        From RFC 4291 (Feb 2006):

        [pre]
        2.5.5. IPv6 Addresses with Embedded IPv4 Addresses

        Two types of IPv6 addresses are defined that carry an IPv4 address in
        the low-order 32 bits of the address. These are the "IPv4-Compatible
        IPv6 address" and the "IPv4-mapped IPv6 address".

        2.5.5.1. IPv4-Compatible IPv6 Address

        The "IPv4-Compatible IPv6 address" was defined to assist in the IPv6
        transition. The format of the "IPv4-Compatible IPv6 address" is as
        follows:

        | 80 bits | 16 | 32 bits |
        +--------------------------------------+--------------------------+
        |0000..............................0000|0000| IPv4 address |
        +--------------------------------------+----+---------------------+

        Note: The IPv4 address used in the "IPv4-Compatible IPv6 address"
        must be a globally-unique IPv4 unicast address.

        [b]The "IPv4-Compatible IPv6 address" is now deprecated because the
        current IPv6 transition mechanisms no longer use these addresses.
        New or updated implementations are not required to support this
        address type.[/b]

        2.5.5.2. IPv4-Mapped IPv6 Address

        A second type of IPv6 address that holds an embedded IPv4 address is
        defined. This address type is used to represent the addresses of
        IPv4 nodes as IPv6 addresses. The format of the "IPv4-mapped IPv6
        address" is as follows:








        Hinden Standards Track [Page 10]

        RFC 4291 IPv6 Addressing Architecture February 2006



        | 80 bits | 16 | 32 bits |
        +--------------------------------------+--------------------------+
        |0000..............................0000|FFFF| IPv4 address |
        +--------------------------------------+----+---------------------+

        See [RFC4038] for background on the usage of the "IPv4-mapped IPv6
        address".

        [/pre]

        WRT to the text in bold, I must ask :"Why"?

        Perhaps there is a reason some networking guru can provide.
        fatman65536
      • Yeah, it does seem like there could have been a gradual evolution

        Standards groups are a necessary evil, but sometimes they are really evil!

        These IPv6 addresses are ugly, but after a couple of years working with them, they are becoming more familiar and comfortable to work with.

        If you design your address space properly, you can embed a lot of useful information into the IPv6 address which is useful when working with very large networks.
        otaddy
      • Note . . .

        "The 'IPv4-Compatible IPv6 address' is now deprecated because the
        current IPv6 transition mechanisms no longer use these addresses.
        New or updated implementations are not required to support this
        address type."

        Note that it doesn't say the transition mechanisms don't exist. It just says they don't use these special types of addresses.
        CobraA1
      • I would switch

        IN our corporation has been talks to switch to IPV6 for years, but nothing concrete, unless our competitions switch and we don't wanna stay "behind" in technology this wont happen.. But again he have hundreds of switches and routers and 10 of thousand of users.. Too much headache i guess..
        tnycman
    • Don't exxagerate.

      So what's the problem? Our machines are plenty capable of using dual stacks. Handling packets only takes a tiny amount of CPU and memory. It's not as if they really present some sort of issue. Unless you're a network engineer for a large corporation, dual stacks shouldn't be an issue.
      ======

      Well, I work as system architect for telcos, and we are going to be IPv6 for mobile devices. So the device could be IPv6 or IPv4, depending by network conditions. But, currently just a few of smartphones are able to really keep the pdpcontext on both stack. They support dual addressing, but not CoS switching.

      Let's say, everyone has its own problem to solve with the migration, that is why I pay my bills, but please don't pretend it is a seamless change, or that is trivial. It is not.
      Uriel Fanelli
  • but how-www?

    ok, so the article discusses the who what and when. but where is the "how"?

    how can i use my ipv6? how can i tell if i'm already on it?
    databaseben
    • It's up to the networking folks.

      It's up to the networking folks. Your average joe doesn't need to worry about it.

      Your OS likely already supports it. The only thing you may need to do is to replace your modem and router.
      CobraA1
    • It's a quick search..

      (to tell if you're already on it) you may do a search for ipv6-test, for example. Or, put www in front of it, and com afterward. It is fun to then compare results to the page available from your ISP, in my case Comcast. They may have their own test with, slightly 'happier' results for you.

      A step further would be to check your router configuration for ipv6 tab/area, and set it to an 'auto' setting. Maybe backup your router config prior to any changes, as some settings such as pass-through could leave you resetting your router. And, lastly, if you see no ipv6 referenced, there may be a router firmware upgrade available from the mfgr as well... it's up to you to decide to apply one at your own risk.

      As to 'how' to use my IPv6... as a consumer, the steps above are all you can do. If your router doesn't support it, you'll need one that does. If your ISP doesn't, advocate for it. As an IT pro within an organization with router authority, the steps are too numerous to state in a comment section - and you're likely already working on it (bald having pulled out your hair, vibrating from caffiene, blurred vision from lack of sleep, angry at decisions made at levels above you without consultation from 'underlings', and have a shortcut to a scientific calc on your desktop).
      TechNickle
  • Thanks, Steven,

    for this thoughtful and well-reasoned article. Most end users are not going to have to do anything, but it would be nice if someone could take a blowtorch to ISPs 'round the world....

    Henri
    mhenriday
  • all depends on how networks evolve

    in 2013 all companies will implement this system by more skillful in sitema TPv6.....
    Maria JosE©
  • a typo

    Steve, you got a typo:
    2^128=340,282,366,920,938,463,463,374,607,431,768,211,456
    So, the digit "3" is missing in front of your estimate.

    Checked that with dc:
    ~$ dc -e '1000o 2 128 ^p' | sed 's/\([0-9]\)\ /\1,/g'
    (and "dc -e '1000o 2 128 ^10 27^/p' ")
    eulampius
  • Maybe a coincidence

    But yesterday my business internet connection went down internally - we use MS SBS 2011 and ADSL. After frantically testing cables, switches and software/hardware the only thing that succeeded was moving our DHCP server to the ADSL modem rather than the SBS. I also noticed that we were getting IPV6 addresses for the DNS servers on SBS. My ADSL old modem unfortunately won't support IPV6 and I notice MS has info on how to make SBS use IP4 over IP 6, so I'm wondering if our server started with IPV6 and just couldn't get past the gateway.

    Anyway all working again, with me little the wiser ;-)
    tonymcs@...
  • Thanks SJVN

    Good article. Good step in preparing people for the future (lol, today?). While I don't always agree with you, I can say I do listen/compare/learn. This article lends credence to what I preach at work. Thanks.

    PS - I did send another ZDNet writer the idea for this story a month or so ago. Happy someone picked it up and did a good job reporting/explaining, or at least the contraversy.
    TechNickle