Enterprise Checklist for IPv6 Readiness


Enterprise Checklist for IPv6 Readiness












PDF version of this report
You must have Adobe Acrobat reader to view, save, or print PDF files. The
reader is available for free
download.

Enterprise Checklist

for IPv6 Readiness

by Faulkner Staff

Copyright 2019, Faulkner Information Services. All
Rights Reserved.

Docid: 00021199

Publication Date: 1902

Report Type: TUTORIAL

Preview

Internet Protocol version 6 (IPv6) is the next generation of the IP protocol
that is slowly succeeding IPv4. It provides easier administration, an
expanded addressing scheme, and tighter security. But the security benefits
can only be realized if configurations are made correctly and, overall, the
transition to IPv6 is a complicated and long process for enterprises to
carry out.

Report Contents:

Executive Summary

[return to top of this
report]

As of October 2018, IPv6 has reached over 25 percent of Internet traffic.1
Available for well over a decade, IPv6 has been deployed slowly due
to several factors. 

Related
Faulkner
Reports
Drivers for Transitioning
to IPv6 Tutorial
IPv6 Readiness Worldwide Market

First, there is a large embedded base of IPv4-compatible equipment and
applications.

Second, IPv4 has proven to be robust and versatile enough to satisfy
everyday enterprise applications.

Third, many enterprises approach the adoption of IPv6 with
trepidation. The implementation process is long and often expensive,
and the transition state, however temporary, in which IPv6 and IPv4 must
co-exist (the so-called “dual stack” state) forces security to be
maintained for both protocols, thus burdening administrators since there
are differences between how each must be protected. 2

With new IPv4 addresses being unavailable in most parts of the world,
enterprise officials should begin the transition to IPv6, a process that may
take years to complete. As a first step, the US National
Telecommunications and Information Administration (NTIA) suggests that
officials ask themselves the following questions:

  1. “In what way is this enterprise dependent on the Internet, and, in
    particular, its ability to reach all current Internet users and
    Internet-connected devices?
  2. “Which lines of business are dependent on public Internet access and
    use?
  3. “Does the enterprise’s internal operation rely on Internet
    technology? Does it use private IPv4 address space? If so, can it
    continue to rely on IPv4 private addressing, or will it need to shift to
    IPv6?
  4. “Have plans been developed for implementing IPv6 in parallel with
    IPv4? (The enterprise IT department may have already begun the planning
    process.) How long will they take to implement? What are the operating
    expenses (opex) and capital expenses (capex) costs?
  5. “Is there an imminent crisis if additional IPv4 address space is no
    longer available to the company? What options are available to respond?
  6. “Are there test plans for verifying correct and reliable operation of
    IPv6 Internet access with network service providers? With customers?
    With vendors, suppliers, and partners?
  7. “If the enterprise relies on assigning IP address space to customers,
    what is the plan for introducing IPv6 in addition to IPv4, assuming the
    IPv4 resources available to the enterprise are finite and will
    eventually be exhausted?
  8. “Is the enterprise prepared to serve a remote customer/user/partner
    that is using IPv6 exclusively?”3

To aid enterprises in their IPv6 transitions, the NTIA has developed the
“IPv6 Readiness Tool for Businesses,” essentially a checklist in the form
of an Excel spreadsheet. The tool is available for free download from the
NTIA Web site.

Description

[return to top of this
report]

The United States has run out of new instances of the traditional types
of IP addresses, known as Internet Protocol version 4 (IPv4) addresses.4
This shortage has been a long time in the making, and it has been
approaching throughout the world. As a result, regulatory bodies years ago
began developing IPv6, whose structure permits many more addresses to be
assigned. 

IPv6 Benefits

For enterprises that choose to embrace IPv6, there are a number of
potential benefits:

  • Addressing – The address field in IPv6 is 128 bits,
    while IPv4 uses only 32 bits. IPv6 also provides three modes of
    addressing – unicast, anycast, and multicast – while IPv4 only permits
    unicast, where packets are sent to a specific address. Anycast
    simplifies routing, and multicast permits the same message to be sent to
    multiple hosts with a single address.
  • Configuration – One of the innovative benefits of
    IPv6 is how it is configured. While IPv6 addresses can still be
    configured manually or leased from a DHCP server, there is also an
    automatic configuration utilizing Universal Plug and Play (UPnP). If an
    unconfigured device tries to connect to a network that doesn’t offer a
    DHCP server, the device can look at either the network’s router or the
    other devices on the network and determine an address that would be
    appropriate for it to use. This technique is referred to as link
    local addressing.
  • Performance – The IPv6 protocol is designed so that
    Internet backbone routers will have much smaller routing tables than
    they have with IPv4. Instead of knowing every possible route, the
    routing tables will include routes to only those routers connected
    directly to them. The IPv6 protocol will contain the rest of the
    information necessary for a packet to reach its destination. IPv6
    reduces the number of header fields by eliminating unnecessary data and
    expediting router handling. It is designed to make the protocol more
    efficient by keeping overhead to a minimum. In IPv6, the required
    components are moved to the front of the header. Optional
    components are moved to an extension header. This means that if
    optional components are not used, the extension headers are not
    necessary, which reduces the packet size.
  • Class of Service – IPv6 provides a flow label to
    identify data types for special treatment and also separates
    congestion-controlled from non-congestion-controlled data to aid
    transmission of isochronous data, such as multimedia streams. These
    capabilities, although available in IPv4 through such mechanisms as
    RSVP, are central to the IPv6 structure and will be available on any
    conforming system.
  • Standardized QoS – The Quality of Service (QoS)
    implementation is set up so that routers can identify packets belonging
    on an individual QoS flow/packet basis. Routers will have the ability to
    allocate the necessary amount of bandwidth to those packets based on the
    flow/packet QoS instructions. Furthermore, QoS instructions are included
    in the IPv6 packet header. This means that the packet body can be
    encrypted, but QoS will still function because the header portion
    containing the QoS instructions is not encrypted.
  • Mobility – Mobile IPv6 specifies routing support to
    permit an IPv6 host to continue using its home address as it moves
    around the Internet. Mobile IPv6 supports transparency above the IP
    layer, including maintenance of active TCP connections and UDP port
    bindings.
Table 1. Analysis of Major IPv6 Features5

Feature

Magnitude of Potential Benefits

Timing Issues

Likelihood of Occurrence

Key Factors in Realizing Benefits of IPv6

Increased address space

Large

No near-term shortage in US

Medium/High

Removal of Network Address Translation devices (NATs); growth
in number of end-to-end and other applications

Simplified mobility

Large

New applications will likely flow from Asian test markets

Medium/High

Growth/demand for new applications

Reduced network administration costs

Modest

Cost may increase during transition

Medium (in the long term)

Removal of NATs

Improved overall network efficiency

Modest

Efficiency may not improve until after large- scale transition

Low

Removal of NATs

Improved QoS capabilities

Modest/Small

Few benefits in the near future

Low

Ongoing standardization and subsequent implementation of QoS
“flow label” field.

IPv6 Readiness Tool for Businesses

To aid enterprises in their IPv6 transition planning – and ensure that
nothing “falls through the cracks” – the US Department of Commerce’s
National Telecommunications and Information Administration (NTIA) has
developed the “IPv6 Readiness Tool for Businesses,” essentially a planning
checklist in the form of an Excel spreadsheet. The tool is available as
a free download from the NTIA website.

The template encompasses topics such as:

  • System impact
  • Key stakeholders
  • Associated costs
  • Key risks
  • Contingency plans
  • Business exposure

The NTIA advises that, while comprehensive, “the template is not intended
to be exhaustive, as the ultimate level of detail is highly dependent on
an enterprise’s size and the complexity of their organization, their
business, and their infrastructure. Enterprises can modify the template as
they see fit, adding or removing line items as appropriate, and may choose
to use separate instances of the template across multiple business areas.”6

The following line items are offered as a preview of the IPv6 Readiness
Tool for Businesses

Technical staff
should survey and catalog all aspects of systems that may be impacted by
IPv6 deployment

  • Internal/external IPv6 address space
  • Corporate network support for IPv6
  • Development or updating of policies for the use of IPv6 on corporate
    networks

Identify
stakeholders within organization that need to participate in readiness
assessment

  • Purchasing – Ensuring that all new network service
    providers the company contracts with provide documented support for
    IPv6.
  • Internal Application Developers – Identify
    embedded/hard-coded reliance on IPv4 connectivity and IPv4 addresses.
  • Corporate Services – Identification of IP-connected
    embedded devices or systems (microcontrollers, HVAC, etc.) not under the
    control or management of the technical staff/IT team.
  • Website/Content Managers – Documented support for
    IPv6 by Web hosting provider, if relevant.
  • Sales – Identification, documentation, and escalation
    of IPv6 requirements from customers, as relevant.
  • Product Management – Development of internal and
    externally-facing plans and timelines for the support of IPv6 within
    relevant products and services.
  • Customer Service/Care – Identify requirements for
    documentation, troubleshooting processes & tools, escalation paths,
    etc., related to IPv6 support.

Please note that IPv6 is not the exclusive concern of the enterprise IT
department; it affects Purchasing, Sales, and other departments that
conduct Internet-related business.

Current View

[return to top of this
report]

IPv6 is increasingly being adopted, but technical challenges have kept the
transition process moving forward at a measured pace. According to data last
updated September, 2018, the countries with the highest adoption rates are
as follows:7

  • Saint Barthelemy – 51.2 percent
  • India – 50.6 percent
  • United States – 47.3 percent
  • Belgium – 45.1 percent
  • Germany – 39.1 percent
  • Greece – 36.5 percent
  • Vietnam – 35.1 percent
  • Malaysia – 34.2 percent
  • Taiwan – 28.7 percent
  • Japan – 28 percent

But a large number of countries have not adopted IPv6 in significant
numbers, including Spain (2.1 percent), Russian Federation (5.6
percent), and Italy (3.3 percent).

As described below, three primary factors are driving the adoption of
IPv6.

New IPv4 Addresses Have Run Out

Today, in most parts of the world, new IPv4 addresses are no longer
available. There is, however, a market for used IPv4 addresses, which are
sold by brokers. But prices for these recycled addresses are rising. This
rise in costs is encouraging the adoption of IPv6. As Matt Larson, CTO of
cloud performance management company Dyn, explains, “We’re nearing the point
where the cost of obtaining sufficient IPv4 space outweighs the
accommodations necessary to just use IPv6.”8

Data Center Virtualization

Today’s enterprise data center is overcrowded, hosting dozens of servers
connected by miles of cable. Many of these servers are single-purpose
systems, serving the needs of a single operating system, information
system, user application, or user community. As such, servers are often
underutilized and over-resourced, considering the requirements they place
on power utilization, air conditioning, floor space, and IT support
services. Server virtualization is the process of dividing a physical, or
real, server into multiple virtual servers, or virtual machines.
Since each virtual machine is capable of performing the functions of a
real server, the number of real servers may be substantially reduced.
While virtualization conserves floor space and energy (among other
savings), the virtual machine structure increases the number of
addressable devices, which, as analyst Johnny Bass observes, “[leaves]
many data center operators to either be creative with their IPv4
addressing, or deploy IPv6 sooner. Preexisting devices need to be
transitioned to IPv6. The data center needs to be able to support clients
from either stack [IPv4 or IPv6], until there is a time that IPv6 is the
prevalent layer 3 protocol.”9

The Internet of Things

The Internet of Things encompasses a range of technologies that enable
data communications between machines. At its most basic, it involves four
simple machine-to-machine functions:

  1. Collection – Select data is extracted from “Machine
    A,” a temperature sensor, for example.
  2. Transmission – The data is forwarded from Machine A
    – via a wired or wireless connection – to “Machine B” for analysis.
  3. Assessment – The data is evaluated by Machine B to
    determine what, if any, action should be taken (for example, the room
    temperature – as recorded by the temperature sensor (Machine A) – may be
    too high).
  4. Reaction – Machine B initiates the appropriate
    response, either activating the HVAC unit, or alerting a human operator.
    In the first instance, Machine B would interact directly with the HVAC
    system, essentially starting a second machine-to-machine transaction.10

The goal of The Internet of Things is to make every individual machine
“addressable” and, therefore, capable of communicating and interacting
with every other machine. The Internet of Things is greatly increasing the
number of devices on the Internet and is therefore creating the need for
many more IP addresses.

Outlook

[return to top of this
report]

Internet technology and the marketplace will continue transitioning to IPv6
– the only questions are about when and about what bumps will occur along
the way. Mobile technology will play a major role in pushing the adoption of
the new version of the protocol. Two examples of this influence are the
following:

  • Apple’s mobile platform, iOS, supports the use of IPv6 much more than
    did previous versions of the platform. According to one analysis, new
    iOS versions will use IPv6 for 99 percent of all connections, compared
    with at most 50 percent for older versions.11
  • The use of IPv6 on mobile phones will likely increase more quickly
    than will the overall market. One sign of this is that the proportion of
    mobile traffic being sent through IPv6 has risen to more than 50
    percent.12

In general, the industry has been slow to adopt IPv6 due in part to the fact
that network address translation is delaying the transition. Carrier
networks and ISPs have been the first groups to start deploying IPv6 on
their networks. As of September 2018, Comcast has its network at 65 percent,
and AT&T has its network at 66.7 percent. Just under 30 percent of the
Alexa Top 1000 website are supporting IPv6.13

Recommendations

[return to top of this
report]

A good way to begin the transition process is for an enterprise to assess
its current network. “First, [an enterprise] must perform a readiness
assessment prior to any implementation to evaluate and analyze their
existing infrastructure,” says Brendan Ziolo of Nokia. “The readiness
assessment needs to include a thorough inventory check to ensure support
for IPv6 by the DNS provider, the network, servers, and all other
associated equipment. The assessment should also include a review of all
vendors to ensure that the IPv6 features correspond.”14

Once a readiness assessment is performed, an organization can create an
implementation plan. One of the best guides to developing such a plan is
the NIST’s “Guidelines for the Secure Deployment of IPv6,” which does the
following:

  • Details how factors such as the “ballooning popularity” of
    Internet-connected devices, especially smart phones and tablets, are
    depleting the number of IPv4 addresses.
  • Describes the features of IPv6 and related security impacts.
  • Provides a comprehensive survey of mechanisms to deploy IPv6.
  • Suggests a deployment strategy for a secure IPv6 environment.

The publication is available for free download from the NIST
website. 

Another helpful guide is the technically detailed “Some Design
Choices for IPv6 Networks,” published by the Internet Engineering
Task Force.15

Finally, the transition to IPv6 is not just about technical tactics but
also about IT governance. “The CIO really needs to be able to articulate
how IPv6 can help the mission…being able to articulate it and champion
it across the organization,” explains Ivor D’Souza of the NIH’s National
Library of Medicine.16 “To the extent that the CIO can do that,
that’s where you get success.”

References

[return to top of this
report]\

1 Google IPv6 statistics.
https://www.google.com/intl/en/ipv6/statistics.html. February, 2019.

2 “IPv6 Security.” IPv6 Now.

3 “About the IPv6 Readiness Tool.” National Telecommunications
& Information Administration. April 8, 2011.

4 Iljitsch van Beijnum. “It’s Official: North America Out of
New IPv4 addresses.” Ars Technica. July 2, 2015.

5 “Technical and Economic Assessment of Internet Protocol
Version 6 (IPv6).” US Department of Commerce. February 17, 2006.

6 “About the IPv6 Readiness Tool.” National Telecommunications
& Information Administration. April 8, 2011.

7 “IPv6 Adoption Visualization.” Akamai. September, 2018.

8 Matt Larson. “What You Need to Know about IPv6 in 2016.” NetworkWorld.
December 21, 2015.

9 Johnny Bass. “IPv6 in the Data Center: Trends and Cisco
Configurations.” Global Knowledge Training. 2013:2.

10 “What Is M2M Communications?” M2M Communications.

11 Stephen Lawson. “IPv6 Will Get a Big Boost from iOS 9,
Facebook Says.” CIO. September 14, 2015.

12 Mat Ford. “Major Mobile US Networks Pass 50% IPv6 Threshold.”
World IPv6 Launch. August 19, 2016.

13 Keith Shaw. “What is IPv6, and Why Aren’t We There Yet?” Network
World. February 15, 2018.

14 Brendan Ziolo. “Managing The IPv6 Transition in the
Enterprise.” NetworkComputing. August 12, 2016.

15 P. Matthews and V. Kuarsingh. “Some Design Choices for IPv6
Networks.” Internet Engineering Task Force. October 19, 2015.

16 Aaron Boyd. “Three Tips: How to Move to IPv6.” Federal
Times. September 1, 2015.

[return to top of this
report]

[return to top of this
report]