bluecat networks : ipv6 livre blanc - six things you need...

Six Things You Need to Know About IPv6


BlueCat Networks www.bluecatnetworks.com

Executive OverviewIPv6 is the next-generation Internet Protocol and is designated as the successor to IPv4, which has been the Internet’s main communication protocol for over 20 years. With IPv4 address space almost depleted, the move to IPv6 is necessary to allow the Internet – and the global economy it supports – to continue to grow.

The transition from IPv4 to IPv6 will be a significant network changeover and a milestone in the history of the Internet. The design, implementation and configuration of IPv6 networks will be a complex process, requiring significant changes to current communication systems and management processes. Not only will IPv6 involve a significant overhaul to existing infrastructure, it will also require a new approach to how IP address space is managed.

This white paper will look at what you need to know to get ready for IPv6 and dispel some of the common myths surrounding the new protocol. You will read about the business case for transitioning to IPv6 and the practical steps you need to take now to prepare. We will also discuss the role of IP Address Management (IPAM) in ensuring a smooth and successful transition.



Background – How Did We Get to This Point?Every device that connects to the network needs an IP address. The IPv4 protocol uses 32-bit addresses with a finite number of possible unique IPv4 addresses – about 4 billion. The world’s population is currently over 6.7 billion, a number that helps illustrate the reality of IPv4 exhaustion.

At the time IPv4 was developed in the 1970s, no one could have anticipated the explosive growth of IP networks and IP-dependent devices including smart phones and tablets. The enormous growth of IP networks and IP-enabled devices has now all but depleted the limited pool of IPv4 address space.

IPv6 uses 128-bit addresses, which greatly expands the pool of available IP addresses with more than 340 undecillion (undecillion = 1036) unique IPv6 addresses available. That is a very big number – about 50,000 trillion trillion addresses per person on the planet.

With the depletion of IPv4 address space, any new applications and services that have not yet been allocated an IPv4 address will have to support IPv6. In addition, network innovation will be increasingly centered on IPv6 and strategic IT initiatives such as cloud computing and virtualization will be built using the new protocol.

Unfortunately, IPv6 is not backwards-compatible with IPv4. This lack of backwards compatibility will create significant challenges for organizations as they move to IPv6.



1. IPv6 is Here Today – And You May Need to be Ready Sooner Than You Think

Myth: There is no business case for moving to IPv6 right now.

Reality: The business case is what you stand to lose if you do not move to IPv6, such as global connectivity with customers, prospects, partners and suppliers and the ability to leverage IPv6 advances and IPv6-dependent “killer apps” like cloud computing.

Contrary to popular belief, there is a business case for moving to IPv6 sooner than later. IPv6 is here and choosing to ignore it is not an option. Already there are geographies such as Asia Pacific that have deployed and are using IPv6. More importantly, IPv6 adoption is like a snowball rolling down a hill: with the exhaustion of IPv4 address space, the number of IPv6 users will rapidly gain momentum.

It is expected that Asia will run out of top-level IPv4 address blocks in August 2011. This means that IPv6 connectivity is of paramount importance for organizations in Asian markets – as well as for anyone who wants to do business with them. If your organization conducts business with Asian customers, partners or suppliers, IPv6 should be top-of-mind. IPv6 is also a primary concern for new and expanding organizations and businesses in emerging markets who will require IP addresses, as well as government agencies and groups that are mandated to support IPv6.

Organizations that start planning their transition now will be able to:

Maintain a global presence – We live in a global economy where the Internet as we know it today has been a common denominator for communication. Many parts of the world have already started the migration to IPv6. This has the potential to create two Internets – one in which users communicate via IPv4 and another in which users connect with IPv6. Organizations must adopt IPv6 alongside IPv4 for public-facing services such as corporate Web sites, email applications and DNS to avoid losing market share and connectivity with the rest of the world. Adopting IPv6 is necessary to reach the full breadth of Internet users.

Stay ahead of the competition – As IPv6 traffic grows, you must ensure that your Web site and other public-facing services are IPv6-ready to capitalize on business opportunities from IPv6-enabled customers and users. You will also be able to leverage IPv6 advances and emerging IPv6-dependent “killer apps” to differentiate yourself in the marketplace and stay ahead of your competition. For example, cloud computing shows tremendous promise, but its development and widespread adoption has been slowed by a lack of available IP address space under IPv4. IPv6 will provide the huge address space and infrastructure needed for tomorrow’s cloud computing applications. With built-in IPsec, IPv6 will allow organizations to ensure secure connectivity to a private cloud without the use of complex VPN solutions. Future cloud computing advances and new cloud-based services and business applications will be dependent on IPv6.



Reduce costs and risk during the transition – Start planning now to avoid pitfalls and align IPv6 adoption with your technology lifecycle. Implement IPv6 connectivity in tandem with other ongoing IT initiatives such as the rollout of new hardware in order to reduce costs and risk.

Organizations need to be aware that there are real business benefits to transitioning to IPv6 and real business costs and risks to delaying.

2. Now is the Time to Start Planning Your Transition to IPv6

Myth: IPv6 users currently represent a tiny percentage of Internet users. My organization may need to think about IPv6 down the road, but there is no urgency to start adopting the new protocol today.

Reality: IPv6 has already been adopted across many parts of the globe. With the exhaustion of IPv4 address space, the percentage of users connecting to the Internet via IPv6 will only increase. Start planning for IPv6 now to stay ahead of the curve.

While it is true that IPv6-only Internet traffic represents a small amount of all Internet traffic today and the changeover to a pure IPv6 Internet will not happen overnight, organizations are mistaken if they think they have all the time in the world to transition to IPv6. IPv6 address allocation is on the rise and more widespread deployment of IPv6 networks will soon follow now that IPv4 space is depleted. So how much time do you have? The sources below provide guidance on the recommended timeline for adopting IPv6:

• Gartnerpredictsthat,“By2015,17%ofglobalInternetuserswillbeIPv6,with 28%ofnewInternetconnectionsrunningtheprotocol”(Source:Gartner 2011 MarketScope for DNS, DHCP and IP Address Management).

• TheAmericanRegistryforInternetNumbers(ARIN),theNorthAmerican Regional Internet Registry, has issued a warning to all organizations that they must support IPv6 traffic externally by January 1st, 2012.

• TheExecutiveOfficeofthePresident(OfficeofManagementandBudget –OMB)hasmandatedthatUSgovernmentagenciesmustupgradepublic- facing servers and services including Web, email, DNS and ISP services with native IPv6 support by the end of fiscal year 2012 (September 30, 2012). The OMBmandatesthatinternalclientapplicationsthatcommunicatewith public Internet servers and supporting enterprise networks must be upgraded by the end of fiscal year 2014.

Organizations should not underestimate the amount of time and effort required to adopt IPv6 within the enterprise. IPv6 is not something you can just switch on overnight. As with any large-scale technology initiative, advanced planning is required to ensure a smooth, seamless and cost-effective transition.



3. IPv6 Is About More Than Just IP Address Space

Myth: My organization already has enough IPv4 address space to support network and business growth, so we do not need to look at IPv6.

Reality: IPv6 is a next-generation protocol that brings new features and functionality that is not available with IPv4. IPv6 opens up opportunities for organizations to exploit new features to improve quality of service, lower costs and enhance security.

Much of the public discussion around IPv6 has focused on the massively expandedaddressspacethatthenewprotocolprovides.BecauseIPv6providesso many IP addresses, every IP-enabled device will be able to have its own IP address to operate in public space. Sensor networks and RFID inventory tracking systems are just a couple of the many applications that will benefit from IPv6 and its expanded address space.

ButIPv6isaboutmorethanjustaddressspace.Thenext-generationprotocolfeatures many advances over IPv4 that promise to enable new classes of mobile and embedded applications and services. Key IPv6 advances include:

Feature

Address families

Extension Headers

Jumbo frames

Neighborhood discovery

Path MTU discovery

Multicast improvements

IP mobility

Simplified routing

Quality of Service (QoS)

Security

Benefit

Headers support extensions and options such as authentication and encapsulation

Unicast, anycast and multicast capabilities

Enhanced streaming video capabilities

Find the closest instance of a resource

In IPv6, path MTU discovery is delegated to the end points to increase e�ciency and avoid IP fragmentation

Enhanced multicast support with vastly increased address space and more e�cient mechanisms

Enhanced support for mobile IP addresses and IP-enabled mobile devices

Simplified packet header and packet forwarding process for more e�cient end-to-end routing

Flow labeling capability for QoS

Extensions for authentication and security, and built-in IPsec mandatory for all IPv6 devices



Despite the reluctance of some organizations to move to IPv6, there are many compelling reasons why IPv6 cannot come soon enough. IPv4 has shown its age in meeting the demands of today’s Internet and the ever-growing number of IP-dependent devices. The new IPv6 protocol is designed to increase network performance, simplify management, enhance security and extensibility and make true peer-to-peer connectivity possible. With IPv6, organizations have a tremendous opportunity to use the protocol’s new features and functionality to optimize their networks. There is also the prospect to take advantage of new IPv6-enabled applications and services that will change the way we communicate and do business.

4. IPv6 is Different from IPv4

Myth: IPv6 is pretty much the same as IPv4, so adopting IPv6 should not be an issue.

Reality: IPv6 networking concepts are very different from IPv4. There will be a learning curve for adopting IPv6 – and IPv4 expertise will not guarantee IPv6 success. Do not under-estimate the effort required. Start planning now to avoid IPv6 deployment headaches and pitfalls.

IPv6 is an entirely new and, for most, unfamiliar protocol. Its adoption will bring new challenges and a steep learning curve. IPv6 addresses and networking concepts differ from IPv4 is several significant ways:

Length of IPv6 addresses – IPv6 addresses are 128-bits long (four times longer than IPv4 addresses) and are represented in hexadecimal, a format that is not human-friendly. For IT staff and network administrators accustomed to easily managing and memorizing IP addresses, the length of IPv6 addresses will be a major challenge.

Multicast – Unlike IPv4, IPv6 networks are not limited by broadcast. IPv6 multicast allows for the creation of larger, flatter networks that will need to managed and tracked differently than with IPv4.

Multiple IPv6 addresses per interface – Another management consideration is the number of possible IPv6 addresses per interface. Not counting any multicast addresses, three to four IPv6 addresses may be required per IPv6 interface.

Multiple IP protocols per client (IPv4 and IPv6)–BecausethetransitionfromIPv4 to IPv6 will be gradual, organizations will need to manage “dual-stacked” IPv6 and IPv4 networks in parallel. A single client may have both an IPv4 and an IPv6 address associated with it, creating new management challenges.

Size of IPv6 address space – IT staff and network administrators will need to keep track of thousands or even millions of IPv6 addresses. With such an enormous address pool, IPv6 simply cannot be tracked on a spreadsheet – finding a specific address in a seemingly endless list of IPv6 addresses in Excel would be like finding a needle in a haystack. Everyday tasks such as determining the next available network will become anything but trivial.



In addition, with IPv6 networks, there are no more static IP addresses, network boundary calculations are more difficult and more advanced subnetting is required.BecauseIPv6issodifferentfromIPv4,organizationsareencouragedtostart working with IPv6 now to build their internal expertise and attain a comfort level with the new protocol and the technologies required to support and manage it such as DNS, DHCPv6, stateless address auto-configuration and IP Address Management (IPAM).

5. Management is Essential for IPv6 Success

Myth: Organizations can continue to manage their IP address space with IPv6 the same way they have always done with IPv4.

Reality: IPv6 is not human-friendly and will require automated IP Address Management solutions to lessen the burden of management. Traditional methods of managing IP space with spreadsheets, homegrown applications or by memory will not scale to accommodate IPv6.

The transition to IPv6 will require IP Address Management (IPAM) solutions that automate common administrative task and insulate network administrators from the complexity of defining, allocating and managing IPv6 blocks, networks and addresses.

Without IPAM, organizations will be unable to cope with the added complexity of IPv6. An IP Address Management (IPAM) solution offer capabilities for controlling, automating and managing IPv6 address space and name space.

Key IPAM capabilities for IPv6 include:

• End-to-endIPv6AddressManagementincludingroutingprefixesforglobal unicast, subnet ID’s and interface ID’s• IPv6DNSmanagement–includingAAAAandtheIPv6.ARPAreversespace• IPv6DHCPmanagement–statelessoptionsupport(throughdiscovery)for address assignment• IPv6networkdiscoverytoinventoryyourIPv4andIPv6networksand resources• ParallelmanagementofIPv6,IPv4anddual-stackednetworksanddevices

With an IPAM solution in place, organizations can more easily discover existing IPv4/IPv6 space, model new IPv6 networks and track dual-stacked IPv4/IPv6 systems – key success factors for IPv6 adoption.

Since IPv6 addresses are more complicated than IPv4 and are no longer human-friendly, IPAM will be an indispensible technology for planning, implementing and managing IPv6 and dual-stacked IPv4/IPv6 networks.



6. IPv6 Requires a Roadmap

Myth: Most of the burden of ensuring IPv6 connectivity lies with my Internet Service Provider (ISP). There is not a lot that needs to be done internally to implement IPv6 within the enterprise.

Reality: Implementing IPv6 connectivity within the enterprise will not be a trivial undertaking. IPv6 readiness requires a roadmap and should be planned and implemented in phases to avoid business or service disruptions and to minimize transition costs.

While your ISP will play a role in ensuring your IPv6 connectivity (and you will need to evaluate your ISP’s IPv6 support), the implementation of IPv6 within your enterprise will require considerable time and effort on the part of your internal IT staff. You will need to assess your IPv6 readiness, update or replace IP-aware devices or products, add new hardware components and deploy IPv6-capable DNS and DHCP core services.

Prior to implementation, you will also need to plan and model your IPv6 networks and review your security policies and systems to determine whether modifications are needed for IPv6. The goal is to make the transition to IPv6 as smooth and seamless as possible for end users and customers.

ToprepareforIPv6,Gartnerrecommendsthatenterprisesshouldconductaninventory of existing IPv4 addresses and utilization, assess current IPv6 readiness and develop an IPv6 road map focused on communicating with external IPv6 endpoints (Source: Internet Protocol Version 6: It’s Time for (Limited) Action – December 2010).



The six phases of IPv6 readinessAn IP Address Management solution can bring a structured, best practice approach to your IPv6 roadmap, helping you implement IPv6 readiness in manageable phases. The chart below outlines the six phases of IPv6 readiness and how IPAM supports each phase.

Phase How IPAM Helps

Automatically discover all IPv4 and IPv6 resources on your network to prepare for IPv6 and identify potential security gaps.

Plan your IPv6 environment based on a deep understanding of your existing networks and addresses that are already in use.

Create and model IPv6 blocks and networks including local and global unicast address space for optimal design. Add IPv6 hosts and define IPv4, IPv6 or dual addresses for each host.

Map IPv6 networks and addresses to existing IPv4 devices and track dual-stacked IPv4/IPv6 hosts by DNS name, MAC address or device.

Deploy IPv6-enabled DNS hosts and create the necessary IPv6 AAAA records and corresponding NAPTR records alongside existing IPv4 DNS data.

Simplify the management of IPv6 and dual-stacked environments with a cohesive, business-centric view of your entire naming and addressing infrastructure.

Discover

Plan

Model

Map

Implement

Manage



Summing Up The move to IPv6 is inevitable. IPv6 will require infrastructure changes and a new approach to how IP address space is managed. With careful planning and management, organizations can ensure a smooth and seamless transition to this next-generation protocol. To help ease the transition to IPv6, organizations should look at IP Address Management as a key part of their IPv6 roadmap. Organizations that put an IPAM solution in place today will be well-positioned and equipped to successfully plan and implement IPv6 whenever they are ready. Not only does IPAM play a critical role in the early planning phases of an IPv6 readiness initiative, it also simplifies the ongoing management of IPv6 and dual-stack environments, enabling organizations to reduce transition and management costs and risks. With IPAM, organizations can more rapidly realize the many business and technical benefits of IPv6.

©2011.BlueCatNetworks,theBlueCatNetworkslogo,theProteuslogo,IPAMAppliance,theAdonislogo,AdonisaretrademarksofBlueCatNetworks,Inc.Microsoft,Windows, and Active Directory are registered trademarks of Microsoft Corporation. Any product photos shown are for reference only and are subject to change without notice. All other product and company names are trademarks or registered trademarks of their respective holders. Printed in Canada.

About BlueCat NetworksBlueCatNetworksisaleadingproviderofsmart,simple,scalableIPAddressManagement(IPAM)solutions.With tightly integrated IP core services, our software solutions give organizations the power to centrally manage “everything IP” in their network from a single pane of glass. The result is a dynamic network that is more resilient, cost-effective and easier to manage. Ratedinthehighest“StrongPositive”categoryintheGartner2011MarketScopeforDNS,DHCPandIPAddressManagement,BlueCatNetworks’feature-richandfuture-readysolutionshavehelpedGlobal2000companiesand government agencies reduce costs and solve today’s most critical IT challenges – from accelerating the rollout of new services and optimizing core services in the branch office to data center virtualization and consolidation. We also help organizations manage growth and change by easing the transition to new technologies such as IPv6 and DNS Security (DNSSEC). www.bluecatnetworks.com

The IPAM Intelligence Companywww.bluecatnetworks.com/microsoft

bluecat networks : ipv6 livre blanc - six things you need...

Documents