getting serious about ipv6: go big or go home
Post on 21-Jul-2015
Embed Size (px)
About this sessionInfrastructure Track: IPv6Title: "Getting Serious About IPv6 - Go Big or Go Home"Audience: North America Enterprise Network Managers, Directors of IT and CTO's
You will learn:1. Why you need to move to IPv6 for your Enterprise2. Understand the impact to your business of staying on IPv4 only3. What to do next to get started with IPv6 in your Enterprise
Don't break the Internet - get moving on IPv6.
Getting Serious About IPv6
By Ed HorleyPrincipal Solutions Architect, Groupware Technology & Co-Chair of the California IPv6 Task ForceApril 2014
About meEd Horley@ehorley (twitter)
Author of Practical IPv6 for Windows Administrators from Apress
Co-chair of the California IPv6 Task Force
Annual MVP recipient since 2004
Why you need to pay attention to IPv6 now
In less than a year ARIN runs out of IPv4 addresses
This is what everyone talks about there are no more IPv4 addresses!
Honestly, this isnt why you need to pay attention to IPv6
The real reason you need to pay attention?
You already deployed IPv6...
you just didnt know it
For the majority of current OS flavorsIPv6 is enabled and on by defaultIPv6 is preferredThere are IPv6 transition technologies in WindowsThere is zeroconf capabilities in all the OSs using IPv6There are mDNS or LLMNR capabilities using IPv6
IPv6 & IPv4 on the same OS is called dual-stackIPv6 configures link-local address automaticallyIPv6 will connect with link-localIPv6 will dynamically build addressesIPv6 has several address mechanisms does your team know them?
For WindowsIPv6 transition technologies are on by default
If you deployed Windows Vista, 7, 8 or Server 2008, 2008R2, 2012 or 2012R2, congratulations!...
You deployed IPv6, you just didnt do any planningDo you understand the impact of turning IPv6 off?
Do you understand the impact of turning off IPv6 transition technologies?
Is your staff educated enough to know how to do either?
Does your company have compliance requirements?So how do you pass a compliance audit when you have a protocol running on your network you dont understand?
How educated is your staff on understanding IPv6? Would they know it if they saw it?Even if you think you have turned IPv6 off on your equipment, how often do you actually audit and check to see if it is running?
Do you perform network captures to understand what is or is not using IPv6?
Did you pause at all and think
It is easier to adopt and support IPv6 then to run away from or ignore it
It is less expensive in the long run too
BecauseYou will have purchased the right equipment to support IPv6 the first time
Your staff has the knowledge to manage and mitigate any issues with IPv6 (avoiding downtime)You have less concerns around compliance
You understand how your applications and services work over IPv6
Deploying new OSs with IPv6 support are not as difficult
Impact if I only stay on IPv4
The transition is going to be ugly, for everyoneFor service providers, they are starting to adopt and deploy IPv6But
They need to extend the life of IPv4 due to the slow adoption of IPv6They do this with Carrier Grade NAT or CGNBut
CGN breaks IPv4 uniquenessCGN exasperates IPv4 port exhaustion issuesCGN compounds stateful NAT issues
Your users will start experiencing things like:http://isoc.org/wp/ietfjournal/?p=262
What problems will my company see?First, it will be much harder for your employees to get public IPv4 addresses at home (DSL or Cable)
This will cause problems for VPN, VoIP, Video and Collaboration depending on how they are deployedSecond, as partners, 3rd parties and employees start getting IPv6 and you stay on IPv4, their connection will be proxied to you Because these sessions are proxied, you lose the ability to have end to end connectivity (IPv6 -> IPv6/v4 proxy -> IPv4)
This will financial impact your business and how productive your employees are
CGN is NOT a WIN, it is expensive and kicks the can down the road
IPv6 Subnetting Best PracticesStick to increments of 4!
You need to Get Serious about IPv6
How do I get started?
IPv6 Technical Resources
IPv6 Deployment Resources
At the current rate of acceleration, we can expect the majority of the Internet to be IPv6-enabled around the end of 2015.- Own DeLong, ARIN Advisory CouncilNo longer is IPv6 adoption "just around the corner." It's here.-Erik Nygren, Chief Architect for AkamaiAt MCI, we have made a full commitment to implement and deploy IPv6 during 2005. - Vinton Cerf, frm SVP MCI and currentChief Internet Evangelist for Google
What steps do I need to take?
EducationYou, your staff and your partners need to understand IPv6 This means getting educated on IPv6
How to design, deploy, operate and maintain a network running IPv6You will also need to understand impacts of a dual-stack environment You will need to have an education plan and resources in place for staff
This does not happen overnight, start now!
Have a planOnce your staff is educated it is much easier to build a plan
A plan that is tailored to your business needs and requirements
A plan that accounts for what your business doesWithout a plan you will fail, especially if you deploy IPv6 without one
Your plan should include testing and validation of both network and apps
You will need a lab trust me on this one
Build a core teamYou will need people from every team
Because while IPv6 at first glance appears to be a networking only functionYou will quickly figure out that the application teams need to understand it
The database team will need to know it
The helpdesk will have to troubleshoot it, etc.
Understand the business impactsYou many have critical line of business applications that do not work with IPv6
Or partners in parts of the world might only have IPv6 as a protocol option
Understand what IPv6 impacts before it is a surpriseYou may have third party software or solutions that do not support IPv6
If the majority of your business is on the Internet then supporting IPv6 is critical
Are all your teams ready?
I still dont believe I will be using IPv6 anytime soon
If you are FINALLY migrating off Windows XP
What has taken you so long?!?!?
Windows XP EOS April 8, 2014
This means you are deploying a newer OS. So you WILL be dealing with IPv6
IPv6 is the future and the future is NOW!
Ed HorleyPrincipal Solutions ArchitectGroupware Technologyehorley@gw-mail.com
Co-Chair CAv6TFed@cav6tf.org@cav6tf - twitter
howfunky.com - email@example.com@ehorley - twitter
June 8 2011 World IPv6 DayTurn on IPv6 to test functionalityJune 6 2012 World IPv6 LaunchTurn on IPv6 and leave it onSignificant IPv6 Event
Name: Edward HorleyTitle: Principal Solutions Architect, Groupware Technology / Co-Chair of the California IPv6 Task Force Infrastructure Track: IPv6Title:"Getting Serious About IPv6 - Go Big or Go Home"Audience:North America Enterprise Network Managers, Directors of IT and CTO'sSession abstract:Have you been scratching your head wondering what this IPv6 thing is all about and how it might impact you? Have you seen an IPv6 address and wondered how in the world do I subnet that? Have you been praying to $deitythat you will get to retire before you ever have to deal with IPv6? Does your IT team have ANY experience with IPv6 at all?Face it, you don't know squat about IPv6 and it is 2013. IANA ran out of IPv4 in 2011, APNIC and RIPE effectively ran out in in 2011 and 2012 respectively and ARIN is due to run out in 2014. So, what is your IPv6 strategy? Do you have any idea what to do? Do you know why you should be planning, architecting and implementing IPv6 right away? Well, I think this session might be for you. The session starts with explaining the current status of IPv4 and IPv6. It covers the desperate measures that the industry is adopting to extend the life of IPv4 and how it will impact your businesses use of the Internet. Next I provide best practices for how to deploy IPv6, the gotchas and common mistakes you and your team will make along the way.Finally, I will wrap up with some resources and next steps to get your IPv6 adoption moving. You will learn:1. Why you need to move to IPv6 for your Enterprise2. Understand the impact to your business of staying on IPv4 only3. What to do next to get started with IPv6 in your Enterprise Don't break the Internet - get moving on IPv6.
**Key dates:IANA gave out the last allocation of IPv4 on Feb 3, 2011 - https://www.arin.net/announcements/2011/20110203.htmlAPNIC You can get details about the predicted dates at:http://www.potaroo.net/tools/ipv4/In summary (from 25-Feb-2014):Projected RIR Address Pool Exhaustion Dates: RIRProjected Exhaustion DateRemaining Addresses in RIR Pool (/8s) APNIC:19-Apr-2011 (actual)0.8029 RIPE NCC:14-Sep-2012 (actual)0.8392 LACNIC:07-Nov-20141.1094 ARIN:20-Feb-20151.3863 AFRINIC:23-Feb-20213.2166
Image licensed to Ed Horley from thinkstock under the image pack agreement. The agreement information is here:
Thinkstock Image Pack License Agreement Under the Thinkstock image pack license agreement, you have one year to download the images available through your image pack.