This week we’ve received the very first snow for this season here in the Stockholm area in Sweden. It’s time to go inside and hide until the first flowers show in the spring. During the long cold winter we can work on our networks, improving them and experimenting with new technologies like WebRTC. IPv6 is no longer a new technology, nor is it an addon to TCP/IP – it’s now an integrated part. A friend of mine at a large Internet provider has been able to get this into the corporate portfolio in a way so that all IP-based products now include IPv6 by default. If it’s IP or Internet – then it’s dual stack. So providers are moving, getting ready to deliver IPv6 and many already do. Are you ready? Let’s talk about IPv6 migration for the enterprise network!
Inside out or outside in
To simplify, there are two ways to migrate a company to IPv6. You can start with the outside servers, then move towards the core (I guess it’s the coffee machine) or start deep inside and move out. My personal view is that it is most important to get the Internet-facing services up on IPv6 and build experience. Meanwhile, as you buy new equipment and upgrade software on the internal network, you add IPv6 and let the network grow in an natural way. When you have confidence and all the systems in place, you’re ready to launch.
IETF guidelines for Enterprise IPv6 Migration
We’ve discussed these ideas earlier in the IPv6 Friday blog. The IETF has also spent a lot of time on producing a set of guidelines for the IPv6 migration, for groups ranging from network and application service providers to enterprise-wide networks. The Enterprise guidelines are still being worked on, but a draft in version 2 is published, dated September 15, 2012. The abstract defines the scope of the document:
“Enterprise network administrators worldwide are in various stages of preparing for or deploying IPv6 into their networks. The administrators face different challenges than operators of Internet access providers, and have reasons for different priorities. The overall problem for many administrators will be to offer Internet- facing services over IPv6, while continuing to support IPv4, and while introducing IPv6 access within the enterprise IT network. The overall transition will take most networks from an IPv4-only environment to a dual stack network environment and potentially an IPv6-only operating mode. This document helps provide a framework for enterprise network architects or administrators who may be faced with many of these challenges as they consider their IPv6 support strategies.”
It’s a rather comprehensive document, only 27 pages long, but contain a lot of valuable information and questions you need to ask in your IPv6 migration planning.
Migrate to the faster Internet – IPv6
The IETF is very clear about one of the reasons to migrate: Need for Speed. As carriers run out of IPv4 addresses, the only option is to provide translated or tunneled IPv4 and native IPv6 connectivity.
“The non-native IPv4 service may be NAT64, NAT444, Dual-stack Lite, or other transition technology, but whether tunneled or translated, the native traffic will be perform better and more reliably than non-native. It is thus in the enterprise’s interests to deploy native IPv6 itself.”
Demystifying some IPv6 security myths
There are still people who claim that IPv6 is more secure than IPv4. The authors are extremely clear on this topic:
“Some people believe that IPv6 is inherently more secure than IPv4 because it is new. Nothing can be more wrong.”
Instead, since it is a new protocol where everyone is building up the global knowledgebase every day, the lack of operational expertise is the biggest threat when deploying IPv6. Everyone needs to take training seriously.
This document is a very important document for everyone. I will leave you reading all the 27 pages in order to learn more and get some new input to your work with IPv6. See you next week!
/O