IPv6 - Action Required

You might be forgiven if you were not aware that 6th June 2012 was World IPv6 day. I might forgive you again if you said “what’s that”?

On this day major ISPs and web companies came together to together to permanently enable IPv6 for their products and services. Prior to this on 6th June 2012 marked a trial period where major ISPs and web companies conducted a global-scale test of IPv6, with the likes of Goolge Yahoo and Facebook enabling IPv6 on their main website for 24 hours. The purpose of the event was to motivate organisations across the industry to prepare their services for IPv6 in light of the diminishing IPv4 address space.

At this point you might be asking what is IPv6 and why should I care. The Internet Protocol (IP) version 4 is one of the foundations of the modern Internet. You may have heard of the phrase “ubiquitous connectivity” or “internet of things” which essentially refers to the wide availability of connectivity and a plethora of connected devices from laptop, smart phones, tablets to TVs. The internet of things is reliant upon the IP addresses and we are running out of IPv4 addresses. IPv6 is adoption is necessary for continued growth and stability of the Internet and to realise this vision.

This article is intended to convince you to deploy IPv6 or argue over the pros/cons of IPv6. It is however, intended to convince you that you cannot simply ignore IPv6. Even if you have plenty of IPv4 addresses or are not a ISP or major web company and have no plans to deploy IPv6 – you still need to plan for IPv6 if only for two reasons; interoperability and security.

IPv4 Challenges

It is helpful to understand what some of the issues are with IPv4. Whilst this is a simplification of the IPv4 challenges, at a high-level there are three key issues.

• The exhaustion of the IPv4 address space
• Routing scalability and stability
• The problem of end-to-end interoperability / communications.

Each of these is discussed in turn below.

What does IP address exhaustion actually mean?

In the few years the issue of IPv6 address exhaustion has received considerable attention in the press. However, there has been confusion over what this really means, with some comparing this to the “Y2K” problem.

The IP address space is managed by the Internet Assigned Numbers Authority (IANA) globally, who in turn allocates blocks of address space to five regional internet registries, which are responsible in their designated territories for assigning address space to organisations.

In February 2011, IANA allocated the last remaining IPv4 address blocks to the regional registries. So in general by exhaustion, we mean there will be no more addresses left to allocate to organisations. Various different models have been used to project the effective point of exhaustion (i.e. when the RIR have assigned the addresses allocated to them by IANA to end users/ organisations). One model developed by Geoff Huston (chief scientist at the Asia Pacific Network Information Centre RIR) predicts this will occur in October of this year (http://www.potaroo.net/ispcol/2012-08/EndPt2.html).

Routing scalability and stability

As of August 2012 there are approximately 440,000 entries in the Border Gateway Protocol (BGP) routing table.  While you can purchase bigger routers to handle such a large routing table, the large table size has an impact on the speed of convergence when there are updates to routing topology.

While this problem isn’t directly addressed by IPv6 it’s worth mentioning here since there are some differing views on whether the routing scalability problem will be improved or made worse. On the one hand some point to the current policies for the allocation of IPv6 addresses and the hierarchical architecture of IPv6 addresses which allows ISPs to use aggregation of network addresses to provide efficient and scalable routing. The counter argument is that the IPv6 routing architecture is the same as the IPv4 architecture but with substantially larger address space and therefore this will only add to the problems. Another issue is that many organisations are multi-homed to two or more ISPs for resilience. The use of multi-homing (at least using the current methods) will prevent the aggregation of addresses.

End-to-end interoperability/ communications

In the early 1990s the Internet saw huge growth and it was recognised that demand for IP addresses would outstrip demand. In response, the IETF started work on a new version of the protocol, at the same time; a number of short term stop-gap measures were implemented to delay exhaustion. On such stop-gap measure was Network Address Translation (NAT).  NAT allows non-unique private addresses to be used within a network and mapped to a unique public IP address; thus allowing organisations to conserve public address space. Unfortunately, NAT also creates problems for applications especially those that require end-to-end connectivity such as peer-to-peer applications, Voice and Video over IP etc.

Why doing nothing is not an option

At first it may seem as though there is no real need to do anything at all as:

• Stop gap measures such as NAT and virtual hosting can conserve address space requirements; 
• There may also be a perception that only ISPs need be concerned as they will need to be able to grow their customer base;
• You may have sufficient unused public address space to meet demands;
• A number of organisations were allocated large blocks of addresses but do not actually need such allocations. It has been suggested by some industry commentators that a market may be created for the transfer of IPv4 addresses and provide another option for addressing demands.

However, regardless of how much free address space you posses or if you don’t plan to deploy IPv6 careful planning is still required as:

• There are no long term viable solutions to the address exhaustion problem. The transition from IPv4 to IPv6 is expected to be a gradual migration and may even take decades. Therefore technology procurement decisions need to consider IPv6 migration in order to minimise costs in the future.
• ISP decisions to deploy stop-gap measures such as Large Scale NAT, will impact IP based applications and therefore user experience. While many applications have been adapted to work through a single NAT, they are likely to break through double-NAT solutions as LSN/ NAT-444. Customers are unlikely to be able to differentiate between problem with the service provider network and the application itself.
• Troubleshooting issues with applications through multiple layers of NAT will be at best extremely difficult. 
• Purchasing IP address space from another organisation may not actually be desirable as you will also ‘inherit’ the reputation of the address space (i.e. if a spammer previously used a particular block of addresses). Although there have been a few cases where IPv4 addresses have been purchased, there is no guarantee on how high the prices go. This may also create problems from a routing perspective as several ISPs validate address space holdings with RIRs and therefore the space may not be globally routable. Furthermore, given that the transfer of addresses is likely to exacerbate problems with the explosion of the routing table size, it is very likely that such transfers may be prohibited by RIRs.
• Even if you’re not deploying IPv6 you need to think about IPv6 security.  Some operating systems are now shipped with IPv6 switched on by default and transition mechanisms such as Teredo enabled. If a platform supports IPv6 you need to think about IPv6 security because it is another potential attack vector.