ipv6 business and deployment challenges

IPv6 : Business and deployment challenges

Copyright 2011 NIL Ltd. Security tag: INTERNAL of 5

Overview

From the inception of the IPv6 protocol, the primary goal was to understand the main shortcomings of IPv4 and improve on those issues

in a new protocol. The uptake of the protocol has been very slow over the years due to the development of intermediate technologies that

optimized the (re)use of existing addressing.

A turning point in this history was reached early in 2011, when the Internet Assigned Numbers Authority (IANA) announced depletion of

the IPv4 address pool. From that point, the regional Internet registries (RIRs) had only their previously assigned allocations to hand out to

local Internet registries (LIRs).

Building a business case for adoption of IPv6 was not a task to be taken lightly. As a consequence, only Internet Service Providers and

educational institutions attempted adoption in their core networks and peering points. Today, however, we’re seeing the first real

business cases building up, with mobile Service Providers offering high-speed Internet access (3G and 4G) via smartphones and mobile

devices. The growth of mobile devices has been increasing steadily, and mobile Service Providers are faced with the technical challenge

of how to provide access.

This article focuses on IPv6 deployment challenges in the Service Provider and enterprise spaces.

Article

Development of technologies for address optimization and reuse has seriously slowed the deployment rate of IPv6, Network Address

Translation (NAT) being the most infamous example. NAT allows multiple devices to use local private addresses within a network while

sharing one or more global IPv4 addresses for external communications. NAT was developed for two main situations:

• When a network's internal IP addresses cannot be used outside the network

• When internal addressing must be kept private from the external network

The fact is that NAT was - and still is - required to deploy IPv6 gradually, and yet it appeared to eliminate the need for IPv6 altogether. The

possibility of translation and reuse of existing IPv4 addressing meant that Service Providers and enterprises alike found a suitable

technology to minimize new IPv4 allocation requests to their respective RIRs. However, the large-scale introduction of NAT greatly

increased the complexity of bidirectional communication.

IPv6 Features and Benefits

IPv6 was designed to build on and improve the existing features of IPv4 and to introduce new capabilities:

• Larger address space - IP addressing increased to 128 bits, greatly increasing the total amount of unique address space.

• End-to-end transparency – Due to the increased amount of available addressing, the need for translation technologies has

been reduced.

• Automatic configuration for “plug and play” support.

• Enabling implementation of IP Security (IPSec) – IPSec extension headers provide integrity, authentication and privacy services.

• Improved support for IP mobility – Enabled support for mobile device users to keep a permanent IP address while roaming in

foreign networks.

Slow Adoption of IPv6

Despite all the years of “preaching” that the eventual arrival of IPv6 was inevitable, there was little movement in adoption until 2009. The

IANA IPv4 depletion in early 2011 finally made it clear that there is no turning back. Each of the RIRs has been given its last /8 address

block, and it’s only a matter of time until the last RIR runs out of address space. (Presumably this will be AfriNIC, as shown in Figure 1.)



Figure 1 : IPv4 depletion statistics and predictions

Source : http://www.potaroo.net/tools/ipv4/index.html

Figure 2 shows the increasing number of IPv6 prefixes being announced on the Internet. Exponential growth is seen from 2009 onward

and is likely to continue.

Figure 2 : IPv6 global prefix announcements and number of Autonomous Systems (ASs) announcing IPv6 prefixes

Source : http://www.ipv6actnow.org/info/statistics/#alloc

Although many Service Providers requested their IPv6 allocations years ago, others only recently started announcing their respective

prefixes and implementing IPv6 in their core network and peering points. Global IPv6 traffic still amounts to a fairly small percentage of

the total Internet traffic; however, it is increasing at an incredible pace and will continue to do so in the coming years.

Building a Business Case?

Typically a reasonable business case was the hardest to build for IPv6 adoption. Companies have found several reasons why adoption

was very slow:

• No business need.

• Not enough content available.

• Infrastructure incompatibility

• Lack of vendor support.



• Peering partner or ISP does not support IPv6.

• Risk of transition.

• Total cost of transition.

• Security concerns and feature parity compared to IPv4.

• Lack of knowledge.

To succeed in this task, changes need to be made to address at least the first point of the areas mentioned above.

Service Provider Challenges

In the space of smartphones and portable mobile devices, growth has been enormous (depending on the country). Successful

penetration of high-speed Internet access (3G and 4G) has redefined the user experience.

Due to the increasing number of mobile devices with high-speed access, SPs have been faced with a serious challenge: providing each

mobile device with the ability to access the Internet (that is, providing a unique IP address for each device).

Two approaches are common:

• Providing each mobile device with a public IPv4 address. This solution is sound and proven; however, the fact that IANA and RIRs

are out of IPv4 addressing prevents this approach from being viable long-term, due to the growth in smartphone numbers. RIRs are

reluctant to grant new allocations due to scarcity or even complete depletion of available addresses.

• Providing each mobile device with a private IPv4 address and translating it to access the Internet. SPs with depleted public

address allocations have implemented a private addressing solution. This option enables the SP to meet growth demands, but it

greatly increases the complexity of the network due to the need for translation mechanisms, and it doesn’t introduce a long-term

solution.

Building a business case has become an easier task, as it’s only a question of directly translating lost revenue due to the inability of the

network to grow based on demands. Broadband Service Providers can build business cases with similar reasoning.

IPv6 becomes the only long-term solution with appropriate scalability to endure these increasing demands.

Preferred transition mechanisms avoid translation and tunneling as much as possible:

• Dual stack

• Translation (NAT64, DNS64)

• Tunneling (6RD, ISATAP, Teredo, 6to4)

Translation and tunneling will be inevitable due to the fact that not all of the content is available on IPv6 currently. That said, large content

providers (Google, YouTube, Facebook, etc.) have working deployments for IPv6 access, and participated in the ISOC World IPv6 Day on

June 8, 2011 . The increase in IPv6 content will also push more and more SPs to adopt and provide customers with IPv6 service.

Enterprise Challenges

Compared to the Service Provider market, the enterprise market and public sector have not yet found a compelling event to help in

building a solid business case for IPv6 adoption. The question of “business need” is still open, and total cost and risks included in the

migration process still outweigh the benefits.

One example of an enterprise that has found the answer for the “business need” question is the manufacturing industry, with its

thousands of Ethernet-capable sensors and devices monitoring the production line. Stateless auto configuration enables sensors to

register state seamlessly, without additional configuration effort. This design makes the process of maintenance and support of failed

and newly added sensors an optimized task directly translating into cost reductions.

Educational institutions, on the other hand, have had sufficient incentive to experiment with the new protocol, gathering valuable

experience in the meantime. Universities and governmental education agencies have been very quick to adopt and implement the new

functionalities. Although lacking a real “business need,” implementation has mostly been accomplished through research-and-

development in the academic sphere. Research results have usually been implemented in a working scenario or proof of concept, thus

greatly advancing understanding of the protocol.

Slovenia as a Role Model

IPv6 adoption is measured by laboratories and agencies alike, and one of the outstanding countries in Europe for IPv6 adoption has been

Slovenia. The limited size of the market has enabled SPs to move in the direction of the future with amazing speed. Extensive work and

desire to improve the IPv6 progress was put forward by the go6 initiative (http://ipv6.go6.si/). go6 is a Slovenian IPv6 initiative, a

nonprofit organization whose main goal is to raise IPv6 awareness among SPs and enterprises alike. Thanks to this effort, all Slovenian

SPs (both mobile and broadband) have working implementations and already offer customers native IPv6 access. In the mobile space,

both Telekom Slovenije (the incumbent Telco operator in Slovenia, which recently merged with Mobitel) and Tus Telekom (a mobile



Service Provider) offer native IPv6 service to mobile users. Both mobile providers use two separate PDP contexts for IPv4 and IPv6

communication, and a NAT64/DNS64 solution is implemented for translation between IPv6- and IPv4-only content. The remaining

mobile SPs have mostly completed testing phases and will roll out commercial access by the end of 2011.

In the broadband Service Provider space, T2, Softnet and Amis are already offering commercial access to the native IPv6 network,

showing incredible agility and readiness to adopt. Deployment of IPv6-ready CPE devices is well under way, and it is only a question of time

until all CPE devices will be updated or exchanged to support native IPv6.

Figure 3 : RIPE measurement from World IPv6 Day.

Source : https://labs.ripe.net/Members/mirjam/ipv6-ripeness-update-and-methodology



Figure 3 shows a listing by country of IPv6 “ripeness,” where Slovenia has scored amazingly high with an incredible number of four-star

local Internet registries (LIRs). To achieve a one-star rating, a LIR must have received an IPv6 allocation or Provider-Independent (PI)

assignment. Additional information for ripeness criteria can be found at https://labs.ripe.net.

According to independent testing at http://www.vyncke.org/ipv6status/, Slovenia is also leading the world in IPv6-enabled website

deployment (based on August 2011 data).

NIL: IPv6 Enabler!

NIL is spearheading the Slovenian government’s initiative to enable its Internet-facing e-services for Slovenian citizens to operate over

IPv6. In the project, NIL is designing a solution that will enable the Slovenian government to deploy IPv6-based content quickly, even when

using legacy systems with minimal initial infrastructure investment, and with no change to existing applications supporting e-services,

such as the http://www.gov.si portal. The solution is built on network-based IPv4-IPv6 protocol translation services, which are designed

and implemented to satisfy scalability as well as stringent security and compliance requirements of the Slovenian government. With this

solution in place, the Slovenian government will begin executing a more long-term and native strategy to fully IPv6-enable their

applications and infrastructure.

In 2010, NIL implemented an IPv6 transition for an enterprise network and services. During the engagement, we performed an IPv6

readiness assessment of network infrastructure (routers, switches, wireless system), network services (firewalls, network IPS, VoIP,

server load-balancing), network management (AAA, provisioning, SIEM), infrastructure applications (DHCP, DNS), and several business

applications (groupware, messaging, IP telephony, file servers, web servers, etc.). Based on that assessment, we designed and

implemented an addressing plan and created a production dual-stack network based on the listed components. Where dual-stack

implementation was not feasible, we implemented network-based IPv4-IPv6 translation mechanisms to enable IPv4-only systems to be

reachable from IPv6 intranets and the Internet. Our implementation was based predominantly on technologies from Cisco Systems,

EMC/VMware, Microsoft and Linux-based systems.

These valuable experiences will enable NIL’s customers to minimize migration risks and keep business continuity as their highest priority

while implementing IPv6.

Further Outlook

Implementations of IPv6 will increase rapidly in the next few years, fueled mutually by SPs offering IPv6 services to mobile and residential

users, and increasing numbers of content providers offering their services over IPv6. The main content providers are already there, and

consistent pressure by SPs to offer native IPv6 will force smaller content providers to migrate eventually.

The fact that selected RIRs still have some free allocations or that private address space is available with the use of NAT should not be a

relief. IPv6 is here and cannot be avoided.

“You can either do a planned, careful migration, or you can do it in a panic. And you should know full well that panicking is more

expensive.”

Martin Levy, Hurricane Electric

ipv6 business and deployment challenges

Documents