PDF version of this report
You must have Adobe Acrobat reader to view, save, or print PDF files. The
reader is available for free
download.
Enterprise Checklist
for IPv6 Readiness
Copyright 2019, Faulkner Information Services. All
Rights Reserved.
Docid: 00021199
Publication Date: 1902
Report Type: TUTORIAL
Preview
Internet Protocol version 6 (IPv6) is the next generation of the IP protocol
that is slowly succeeding IPv4. It provides easier administration, an
expanded addressing scheme, and tighter security. But the security benefits
can only be realized if configurations are made correctly and, overall, the
transition to IPv6 is a complicated and long process for enterprises to
carry out.
Report Contents:
- Executive Summary
- Description
- Current View
- Outlook
- Recommendations
- References
- Web Links
- Related Reports
Executive Summary
[return to top of this
report]
As of October 2018, IPv6 has reached over 25 percent of Internet traffic.1
Available for well over a decade, IPv6 has been deployed slowly due
to several factors.
First, there is a large embedded base of IPv4-compatible equipment and
applications.
Second, IPv4 has proven to be robust and versatile enough to satisfy
everyday enterprise applications.
Third, many enterprises approach the adoption of IPv6 with
trepidation. The implementation process is long and often expensive,
and the transition state, however temporary, in which IPv6 and IPv4 must
co-exist (the so-called “dual stack” state) forces security to be
maintained for both protocols, thus burdening administrators since there
are differences between how each must be protected. 2
With new IPv4 addresses being unavailable in most parts of the world,
enterprise officials should begin the transition to IPv6, a process that may
take years to complete. As a first step, the US National
Telecommunications and Information Administration (NTIA) suggests that
officials ask themselves the following questions:
- “In what way is this enterprise dependent on the Internet, and, in
particular, its ability to reach all current Internet users and
Internet-connected devices? - “Which lines of business are dependent on public Internet access and
use? - “Does the enterprise’s internal operation rely on Internet
technology? Does it use private IPv4 address space? If so, can it
continue to rely on IPv4 private addressing, or will it need to shift to
IPv6? - “Have plans been developed for implementing IPv6 in parallel with
IPv4? (The enterprise IT department may have already begun the planning
process.) How long will they take to implement? What are the operating
expenses (opex) and capital expenses (capex) costs? - “Is there an imminent crisis if additional IPv4 address space is no
longer available to the company? What options are available to respond? - “Are there test plans for verifying correct and reliable operation of
IPv6 Internet access with network service providers? With customers?
With vendors, suppliers, and partners? - “If the enterprise relies on assigning IP address space to customers,
what is the plan for introducing IPv6 in addition to IPv4, assuming the
IPv4 resources available to the enterprise are finite and will
eventually be exhausted? - “Is the enterprise prepared to serve a remote customer/user/partner
that is using IPv6 exclusively?”3
To aid enterprises in their IPv6 transitions, the NTIA has developed the
“IPv6 Readiness Tool for Businesses,” essentially a checklist in the form
of an Excel spreadsheet. The tool is available for free download from the
NTIA Web site.
Description
[return to top of this
report]
The United States has run out of new instances of the traditional types
of IP addresses, known as Internet Protocol version 4 (IPv4) addresses.4
This shortage has been a long time in the making, and it has been
approaching throughout the world. As a result, regulatory bodies years ago
began developing IPv6, whose structure permits many more addresses to be
assigned.
IPv6 Benefits
For enterprises that choose to embrace IPv6, there are a number of
potential benefits:
- Addressing – The address field in IPv6 is 128 bits,
while IPv4 uses only 32 bits. IPv6 also provides three modes of
addressing – unicast, anycast, and multicast – while IPv4 only permits
unicast, where packets are sent to a specific address. Anycast
simplifies routing, and multicast permits the same message to be sent to
multiple hosts with a single address. - Configuration – One of the innovative benefits of
IPv6 is how it is configured. While IPv6 addresses can still be
configured manually or leased from a DHCP server, there is also an
automatic configuration utilizing Universal Plug and Play (UPnP). If an
unconfigured device tries to connect to a network that doesn’t offer a
DHCP server, the device can look at either the network’s router or the
other devices on the network and determine an address that would be
appropriate for it to use. This technique is referred to as link
local addressing. - Performance – The IPv6 protocol is designed so that
Internet backbone routers will have much smaller routing tables than
they have with IPv4. Instead of knowing every possible route, the
routing tables will include routes to only those routers connected
directly to them. The IPv6 protocol will contain the rest of the
information necessary for a packet to reach its destination. IPv6
reduces the number of header fields by eliminating unnecessary data and
expediting router handling. It is designed to make the protocol more
efficient by keeping overhead to a minimum. In IPv6, the required
components are moved to the front of the header. Optional
components are moved to an extension header. This means that if
optional components are not used, the extension headers are not
necessary, which reduces the packet size. - Class of Service – IPv6 provides a flow label to
identify data types for special treatment and also separates
congestion-controlled from non-congestion-controlled data to aid
transmission of isochronous data, such as multimedia streams. These
capabilities, although available in IPv4 through such mechanisms as
RSVP, are central to the IPv6 structure and will be available on any
conforming system. - Standardized QoS – The Quality of Service (QoS)
implementation is set up so that routers can identify packets belonging
on an individual QoS flow/packet basis. Routers will have the ability to
allocate the necessary amount of bandwidth to those packets based on the
flow/packet QoS instructions. Furthermore, QoS instructions are included
in the IPv6 packet header. This means that the packet body can be
encrypted, but QoS will still function because the header portion
containing the QoS instructions is not encrypted. - Mobility – Mobile IPv6 specifies routing support to
permit an IPv6 host to continue using its home address as it moves
around the Internet. Mobile IPv6 supports transparency above the IP
layer, including maintenance of active TCP connections and UDP port
bindings.
Feature |
Magnitude of Potential Benefits |
Timing Issues |
Likelihood of Occurrence |
Key Factors in Realizing Benefits of IPv6 |
---|---|---|---|---|
Increased address space |
Large |
No near-term shortage in US |
Medium/High |
Removal of Network Address Translation devices (NATs); growth |
Simplified mobility |
Large |
New applications will likely flow from Asian test markets |
Medium/High |
Growth/demand for new applications |
Reduced network administration costs |
Modest |
Cost may increase during transition |
Medium (in the long term) |
Removal of NATs |
Improved overall network efficiency |
Modest |
Efficiency may not improve until after large- scale transition |
Low |
Removal of NATs |
Improved QoS capabilities |
Modest/Small |
Few benefits in the near future |
Low |
Ongoing standardization and subsequent implementation of QoS |
IPv6 Readiness Tool for Businesses
To aid enterprises in their IPv6 transition planning – and ensure that
nothing “falls through the cracks” – the US Department of Commerce’s
National Telecommunications and Information Administration (NTIA) has
developed the “IPv6 Readiness Tool for Businesses,” essentially a planning
checklist in the form of an Excel spreadsheet. The tool is available as
a free download from the NTIA website.
The template encompasses topics such as:
- System impact
- Key stakeholders
- Associated costs
- Key risks
- Contingency plans
- Business exposure
The NTIA advises that, while comprehensive, “the template is not intended
to be exhaustive, as the ultimate level of detail is highly dependent on
an enterprise’s size and the complexity of their organization, their
business, and their infrastructure. Enterprises can modify the template as
they see fit, adding or removing line items as appropriate, and may choose
to use separate instances of the template across multiple business areas.”6
The following line items are offered as a preview of the IPv6 Readiness
Tool for Businesses
Technical staff
should survey and catalog all aspects of systems that may be impacted by
IPv6 deployment
- Internal/external IPv6 address space
- Corporate network support for IPv6
- Development or updating of policies for the use of IPv6 on corporate
networks
Identify
stakeholders within organization that need to participate in readiness
assessment
- Purchasing – Ensuring that all new network service
providers the company contracts with provide documented support for
IPv6. - Internal Application Developers – Identify
embedded/hard-coded reliance on IPv4 connectivity and IPv4 addresses. - Corporate Services – Identification of IP-connected
embedded devices or systems (microcontrollers, HVAC, etc.) not under the
control or management of the technical staff/IT team. - Website/Content Managers – Documented support for
IPv6 by Web hosting provider, if relevant. - Sales – Identification, documentation, and escalation
of IPv6 requirements from customers, as relevant. - Product Management – Development of internal and
externally-facing plans and timelines for the support of IPv6 within
relevant products and services. - Customer Service/Care – Identify requirements for
documentation, troubleshooting processes & tools, escalation paths,
etc., related to IPv6 support.
Please note that IPv6 is not the exclusive concern of the enterprise IT
department; it affects Purchasing, Sales, and other departments that
conduct Internet-related business.
Current View
[return to top of this
report]
IPv6 is increasingly being adopted, but technical challenges have kept the
transition process moving forward at a measured pace. According to data last
updated September, 2018, the countries with the highest adoption rates are
as follows:7
- Saint Barthelemy – 51.2 percent
- India – 50.6 percent
- United States – 47.3 percent
- Belgium – 45.1 percent
- Germany – 39.1 percent
- Greece – 36.5 percent
- Vietnam – 35.1 percent
- Malaysia – 34.2 percent
- Taiwan – 28.7 percent
- Japan – 28 percent
But a large number of countries have not adopted IPv6 in significant
numbers, including Spain (2.1 percent), Russian Federation (5.6
percent), and Italy (3.3 percent).
As described below, three primary factors are driving the adoption of
IPv6.
New IPv4 Addresses Have Run Out
Today, in most parts of the world, new IPv4 addresses are no longer
available. There is, however, a market for used IPv4 addresses, which are
sold by brokers. But prices for these recycled addresses are rising. This
rise in costs is encouraging the adoption of IPv6. As Matt Larson, CTO of
cloud performance management company Dyn, explains, “We’re nearing the point
where the cost of obtaining sufficient IPv4 space outweighs the
accommodations necessary to just use IPv6.”8
Data Center Virtualization
Today’s enterprise data center is overcrowded, hosting dozens of servers
connected by miles of cable. Many of these servers are single-purpose
systems, serving the needs of a single operating system, information
system, user application, or user community. As such, servers are often
underutilized and over-resourced, considering the requirements they place
on power utilization, air conditioning, floor space, and IT support
services. Server virtualization is the process of dividing a physical, or
real, server into multiple virtual servers, or virtual machines.
Since each virtual machine is capable of performing the functions of a
real server, the number of real servers may be substantially reduced.
While virtualization conserves floor space and energy (among other
savings), the virtual machine structure increases the number of
addressable devices, which, as analyst Johnny Bass observes, “[leaves]
many data center operators to either be creative with their IPv4
addressing, or deploy IPv6 sooner. Preexisting devices need to be
transitioned to IPv6. The data center needs to be able to support clients
from either stack [IPv4 or IPv6], until there is a time that IPv6 is the
prevalent layer 3 protocol.”9
The Internet of Things
The Internet of Things encompasses a range of technologies that enable
data communications between machines. At its most basic, it involves four
simple machine-to-machine functions:
- Collection – Select data is extracted from “Machine
A,” a temperature sensor, for example. - Transmission – The data is forwarded from Machine A
– via a wired or wireless connection – to “Machine B” for analysis. - Assessment – The data is evaluated by Machine B to
determine what, if any, action should be taken (for example, the room
temperature – as recorded by the temperature sensor (Machine A) – may be
too high). - Reaction – Machine B initiates the appropriate
response, either activating the HVAC unit, or alerting a human operator.
In the first instance, Machine B would interact directly with the HVAC
system, essentially starting a second machine-to-machine transaction.10
The goal of The Internet of Things is to make every individual machine
“addressable” and, therefore, capable of communicating and interacting
with every other machine. The Internet of Things is greatly increasing the
number of devices on the Internet and is therefore creating the need for
many more IP addresses.
Outlook
[return to top of this
report]
Internet technology and the marketplace will continue transitioning to IPv6
– the only questions are about when and about what bumps will occur along
the way. Mobile technology will play a major role in pushing the adoption of
the new version of the protocol. Two examples of this influence are the
following:
- Apple’s mobile platform, iOS, supports the use of IPv6 much more than
did previous versions of the platform. According to one analysis, new
iOS versions will use IPv6 for 99 percent of all connections, compared
with at most 50 percent for older versions.11 - The use of IPv6 on mobile phones will likely increase more quickly
than will the overall market. One sign of this is that the proportion of
mobile traffic being sent through IPv6 has risen to more than 50
percent.12
In general, the industry has been slow to adopt IPv6 due in part to the fact
that network address translation is delaying the transition. Carrier
networks and ISPs have been the first groups to start deploying IPv6 on
their networks. As of September 2018, Comcast has its network at 65 percent,
and AT&T has its network at 66.7 percent. Just under 30 percent of the
Alexa Top 1000 website are supporting IPv6.13
Recommendations
[return to top of this
report]
A good way to begin the transition process is for an enterprise to assess
its current network. “First, [an enterprise] must perform a readiness
assessment prior to any implementation to evaluate and analyze their
existing infrastructure,” says Brendan Ziolo of Nokia. “The readiness
assessment needs to include a thorough inventory check to ensure support
for IPv6 by the DNS provider, the network, servers, and all other
associated equipment. The assessment should also include a review of all
vendors to ensure that the IPv6 features correspond.”14
Once a readiness assessment is performed, an organization can create an
implementation plan. One of the best guides to developing such a plan is
the NIST’s “Guidelines for the Secure Deployment of IPv6,” which does the
following:
- Details how factors such as the “ballooning popularity” of
Internet-connected devices, especially smart phones and tablets, are
depleting the number of IPv4 addresses. - Describes the features of IPv6 and related security impacts.
- Provides a comprehensive survey of mechanisms to deploy IPv6.
- Suggests a deployment strategy for a secure IPv6 environment.
The publication is available for free download from the NIST
website.
Another helpful guide is the technically detailed “Some Design
Choices for IPv6 Networks,” published by the Internet Engineering
Task Force.15
Finally, the transition to IPv6 is not just about technical tactics but
also about IT governance. “The CIO really needs to be able to articulate
how IPv6 can help the mission…being able to articulate it and champion
it across the organization,” explains Ivor D’Souza of the NIH’s National
Library of Medicine.16 “To the extent that the CIO can do that,
that’s where you get success.”
References
[return to top of this
report]\
1 Google IPv6 statistics.
https://www.google.com/intl/en/ipv6/statistics.html. February, 2019.
2 “IPv6 Security.” IPv6 Now.
3 “About the IPv6 Readiness Tool.” National Telecommunications
& Information Administration. April 8, 2011.
4 Iljitsch van Beijnum. “It’s Official: North America Out of
New IPv4 addresses.” Ars Technica. July 2, 2015.
5 “Technical and Economic Assessment of Internet Protocol
Version 6 (IPv6).” US Department of Commerce. February 17, 2006.
6 “About the IPv6 Readiness Tool.” National Telecommunications
& Information Administration. April 8, 2011.
7 “IPv6 Adoption Visualization.” Akamai. September, 2018.
8 Matt Larson. “What You Need to Know about IPv6 in 2016.” NetworkWorld.
December 21, 2015.
9 Johnny Bass. “IPv6 in the Data Center: Trends and Cisco
Configurations.” Global Knowledge Training. 2013:2.
10 “What Is M2M Communications?” M2M Communications.
11 Stephen Lawson. “IPv6 Will Get a Big Boost from iOS 9,
Facebook Says.” CIO. September 14, 2015.
12 Mat Ford. “Major Mobile US Networks Pass 50% IPv6 Threshold.”
World IPv6 Launch. August 19, 2016.
13 Keith Shaw. “What is IPv6, and Why Aren’t We There Yet?” Network
World. February 15, 2018.
14 Brendan Ziolo. “Managing The IPv6 Transition in the
Enterprise.” NetworkComputing. August 12, 2016.
15 P. Matthews and V. Kuarsingh. “Some Design Choices for IPv6
Networks.” Internet Engineering Task Force. October 19, 2015.
16 Aaron Boyd. “Three Tips: How to Move to IPv6.” Federal
Times. September 1, 2015.
Web Links
[return to top of this
report]
- US National Telecommunications and Information Administration: http://www.ntia.doc.gov/
- US National Institute of Standards and Technology: http://www.nist.gov/
[return to top of this
report]