It is practically impossible and not particularly desirable to replace all your existing computing and networking equipment with IPv6 equipment at once. But what is expected from IT managers today is that when they buy new IT equipment during routine technology upgrades or while the business scales up, they can ensure that the equipment is IPv6-ready.
It’s high time for us to make way for IPv6 as the revolution has finally arrived in India. The Indian Registry for Internet Names and Numbers (IRINN) has begun issuing the next version of Internet addresses, ‘IPv6’, which would allow security agencies to identify each Internet user based on the different IP address given to them.
The Internet addresses under the present version IPv4 (Internet Protocol version 4) are limited and service providers often assign a single IP address to many users. “The number of IPv6 addresses available is enormous. ISPs (Internet Service Providers) can allocate an IP address to each of their users. People can be easily identified if they are using IPv6,” said Sanjaya, director, Services and Operations, APNIC, which is one of the five bodies authorised to issue Internet addresses, and is recognised by the IRINN for issuing IP addresses in India. So, now is the time for you to get ready for IPv6.
The Internet has become indispensable for business and governance, worldwide. Some reports claim that as many as 2 billion individuals connect to the Net every day. The enormous popularity and increasing adoption of the Internet has led to a shortage of Internet Protocol (IP) addresses needed to uniquely identify each device that accesses the Internet. Running out of Internet addresses would have disastrous worldwide consequences, as the ability to add and connect new devices would come to a halt. A new and much larger type of address known as IPv6 avoids this issue.
IPv6 has become a norm across the globe. But the IPv6 address is not compatible with the existing IPv4 structure. Further, it’s not possible or economically desirable to replace all networking equipment and all devices to IPv6 all at once. What’s needed are solutions that allow IPv6 to co-exist with the existing IP address type, IPv4, and for electronic information using one address type to be delivered to devices using the other.
Commenting on the beginning of the IPv6 era, Prem Nithin, business development manager, Borderless Networks, Cisco India, said, “If you look at things on the ground, the era of IPv4 is not yet over for enterprises. Most of the enterprise customers are seriously looking to have IPv6 deployed at their organisation but there is no compelling reason, yet, for them to do so. There is no deadline-linked need to have IPv6 as of today, because these enterprises are still content with IPv4. Having said that, I will not deny that they are looking for testing Ipv6 majorly, creating their applications accordingly and also incorporating it in their parallel set-up.”
Verticals like the BFSI and IT/ITes, which are large consumers of IT equipment, are seriously exploring IPv6 as an option. The BFSI sector, in particular, is doing that because of the mandate from the RBI. Till last year, they were only talking about IPv6 but RBI guidelines have now forced them to be IPv6 compliant by the end of March. So this sector is seriously looking at what are the dependencies when it comes to enabling IPv6 on the Internet, and what they will have to do on the application side, the networking side, for firewalls, routers and all the other things involving IPv6. We are aggressively involved with financial institutions in terms of helping them enable IPv6. Now what they do for their internal networks is something that has still not been taken up very seriously by them because their primary focus is to get their Internet apps working on IPv6. Their payment gateways, and Visa and Mastercard gateways have to be IPv6 ready. They will only turn their focus onto the internal aspects of the transition after they get the Internet edge on IPv4. They would then want to come out with a strategy as to what to do on the internal network. They will have two choices: they can either do a dual stack of IPv4 and IPv6 or they can get away with IPv4. These discussions have just started.
IT managers are one of the major target audiences for companies working on offering products that help transition from IPv4 to IPv6. K P Unnikrishnan, APAC marketing director of Brocade Communications, says, Transition from IPv4 to IPv6 is not something that can happen at one go. It has to be in stages, and IT managers have to be well prepared for it before they venture into it. Before an IT manager plans to take his company onto IPv6, he has to understand the technical aspects involved in this transition. IT managers are well aware of the fact that they have to be educated on both levels-at the technical level as well as the business level.
He adds, “As end users, IT managers will come across several product and service providers offering IPv6 solutions. So you need to be well informed technically, academically and on the business frontenough to select a solution. The deployment has to be done phase-wise. So, one cannot really make a judgement on the investment required for this job. Nobody does a 100 per cent shift, end-to-end. With an investment of US$ 50,000 to 100,000 you can start implementing IPv6 deployment in a phased manner in your company.”
Things you must consider when migrating to IPv6
It is practically not possible, or desirable, to replace all your existing computing and networking equipment with IPv6 equipment at once. But what is expected from IT managers is that when they buy new IT equipment during regular technology upgrades or while the company is scaling up, they can ensure that the new equipment is IPv6-ready.
Migrating to IPv6 is as much of a business decision as a technical one. So when you decide on when to and how to migrate to IPv6, you should conduct both a business analysis and a technical analysis. While you are doing the technical evaluation, it is important to understand the options being offered and also evaluate which ones suit your business better. We have listed some of these technical options below.
ISP-provided IPv6 network address translation services
If you do not want to convert any of your existing Ipv4 routers to IPv6-compliant ones right away, you can still communicate with your customers and suppliers. Unnikrishnan emphasises, “Firms can rely on ISPs that offer network address translation (NAT) services to keep them connected to IPv6 devices outside their own network. NAT can be thought of as a special forwarding service that can read one type of IP address and figure out what the corresponding address is for the other type. Since the applications that many companies rely on to run their businesses are using IPv4 in the data centre and campus (LAN), there is no pressing need to migrate, as long as they can continue to connect to their customers and suppliers over the Internet via an ISP-supplied NAT service.”
Dual-stack routers come to the rescue of all IT managers looking to get IPv6-ready without a major investment. All they need to ensure is that the new network routers they purchase are capable of operating with both IPv4 and IPv6 address types. This is called dual stack. Unnikrishnan says, “In this case, networking protocols are layered in a stack like a cake. At the routing layer, the equipment can handle IPv4 or IPv6 address types and traffic; hence, they are dual-stack routers. This does not mean that the routers translate IPv4 addresses into IPv6 or vice versa. It only means that the equipment can connect to independent IPv4 and IPv6 networks simultaneously. An important consideration is that the amount of work done by dual-stack routers increases substantially. Therefore, higher performance equipment should be specified to ensure it can keep up with the combined workload of IPv4 and IPv6 traffic.”
This is yet another process that enables companies to become IPv6 ready without much effort. According to a white paper from Brocade Communications, “Tunnelling allows an envelope using one address type to be put inside another that uses a different address type. For example, an envelope using IPv6 addresses can be put inside an envelope that uses IPv4. This envelope can then be routed over an existing IPv4 network. At the destination router, the outside IPv4 envelope is discarded, and the IPv6 envelope is used to forward the electronic information to an IPv6 device. This can also work the other way, by putting IPv4 envelopes inside IPv6 envelopes. Although tunnelling can be used to move incompatible envelopes across dissimilar networks, this approach complicates network design and management, and can create unexpected security holes, so it has to be carefully designed.”
Network Address Translation (NAT)
This method involves address translation between the IPv4 and IPv6 address types. This is a method worth trying because not many Web applications and IP telephone signalling protocols support IPv6 addresses, as of now. Unnikrishnan says, “Companies that leverage the Internet heavily, or have a large investment in IP telephone systems, will need to maintain the IPv4 information used by these applications and devices to ensure that existing monitoring and management tools do not break. Investing in NAT at the application layer, instead of just a dual-stack router, preserves the substantial investment in monitoring, business intelligence and management tools that many applications use, and which companies depend on for their competitive advantage. With NAT, they can communicate with customers and suppliers, regardless of which IP protocol is used, and can better manage the cost and risk of rebuilding a large part of their business applications and existing IPv4 networks.”
The author is senior assistant editor at EFY.