Nibbles & Bits

The Path to IPv6 Part 3

by | October 31, 2022

IPv6 is not a new protocol, but given the time that has passed since its initial release in 1998, it is natural to find that some things have changed along the way. Lessons have been learned, best practices have been updated, and with more and more production networks up and running around the world – we thought it would be a good opportunity for an IPv6 refresher.

In Part 1 of the Path to IPv6, we shared a presentation template for pitching the importance of starting your IPv6 transition to management. In Part 2, we provided some resources to guide the transition. In this part, we’ll highlight how IPv6 has changed over the last decade and address some myths/updates to IPv6 knowledge.

For Part 3, we invited two previous guests, Ed Horley, Co-Founder and CEO at HexaBuild, and Jeremy Duncan, IPv6 Architect and Managing Partner at Tachyon Dynamics, to give us their perspectives. If you stay to the end, we’ll also share some links to relevant content for further reading.

Question 1. IPv6 came out well over a decade ago – given your experiences, what would be the top change you have seen in IPv6 implementations from an operational perspective?

Ed: 

The most recent changes we have noticed has been:

    1. Allocation sizing requests
    2. Operational use cases

As for the shift in the size of allocations an organization should get, they are requesting larger allocations to accommodate all their needs. With the push towards bringing your own address for public clouds and SaaS providers, this means organizations need to plan around all the potential public cloud providers they might utilize and the size of the networks they may operate within each provider. It is easy to see justifying a /36 or even a /32 for each public cloud or SaaS provider you might have services running in. With that in mind, a /28 for larger enterprise organizations might look more reasonable, given you will also need to account for IoT, Edge, Zero Trust, and SD-WAN. For larger organizations, it would not be unreasonable to see /28 or even /24 requests happening from here on out.

For the new operational use cases, we are seeing more Fortune 1000, State, and Federal organizations adopting IPv6. For U.S. Federal organizations, they are moving towards IPv6-only network deployments due to the OMB M-21-07 mandate. The Fortune 1000 are adopting IPv6 in stages where it solves problems or addresses issues in their existing network today. For instance, if they are out of public IPv4 and also out of RFC 1918 address space. Or they are needing to interface with U.S. Federal agencies that will require IPv6 for some reason. IPv6 has moved beyond the mobile provider, home subscriber, ISP operational use case and wider adoption is starting to happen.

Jeremy:

I have seen the use case of migrating to IPv6 to help with overlapping RFC 1918 space being extremely prescient. Each Merger and Acquisition comes with overlapping clashes requiring one side or the other to either renumber their network, or create hundreds or thousands of static source/destination IPv4 NATs. Neither of these options are good or sustainable.  Having IPv6 previously integrated would never have this issue.

Question 2. Having experienced IPv6 deployments over the years, do you have a top tip for readers regarding how to present IPv6 internally? How has the approach (or your advice) evolved over time?

Ed:

It really is all about business use cases. That hasn’t changed at all. Perhaps the change might be that a larger portion of a company’s customers may be using IPv6 to connect to resources which could impact how you deploy and operate your services. If the majority of your customers are accessing your content from mobile devices, there is an actual advantage to using IPv6. This is a transition that has happened over the last decade and will accelerate as IPv4 becomes more costly and scarce as a resource for operators. Also, there are geographies around the world that IPv4 is particularly constrained versus the population. India, China, and other Asian countries along with South and Central America are going to have more IPv6 adoption due to this imbalance. This means that North America and Europe, who received the lion share of IPv4 early in the adoption process, may lag what the rest of the market is doing. Those that live and operate in the North American and European markets may therefore miss this global trend and not time their IPv6 adoption to accommodate all markets. They risk falling behind and then not being able to catch up. They will lose in specific markets as a result, which could have significant impact if their business plan was to expand into those geographies.

Question 3. Let’s talk specifics – what’s an aspect of IPv6 that has increased or decreased in importance in the last decade?

Jeremy: 

Mobile IPv6 (MIPv6), Network Mobility (NEMO), and Secure Neighbor Discovery (SeND) are all features that have become obsolete or decreased in significant importance in the last 10 years. The main reason: complexity. All these features require complex infrastructure and application changes to networks just now implementing a dual-stack IPv6 network.

Another area that has surprisingly decreased importance is the usage of various types of extension headers. IPv6 allowed for a new way to extend functionality with various applications to use Destination Options (DO), Hop-by-Hop Options, and even the Generic Extension Header – but none of them were embraced by the industry. So they have now been used for intermediate device security evasion techniques like rough router advertisement attacks that chain the DO and Fragment Header (FH) extension header to evade IPv6 Router Advertisement Guard on First Hop Security implementations.

Ed:

Increasing in importance is actual practical experience with IPv6 to know how to design, architect, and operate IPv6-only networks. Unfortunately, there are not enough higher education programs teaching IPv6, and if they are teaching it, it is not being practically used in the curriculum at all. Getting robust IPv6 education will be critical for adoption in enterprise and SMB as their core technical skill base is coming out of state colleges and universities. I would say the biggest decrease in importance is the automation transition and tunneling technologies. Proof of this is the fact that Microsoft turned off by default ISATAP, Teredo, and 6to4 in Windows. Companies are going dual-stack or IPv6-only with NAT64/DNS64 or SLB64/46 as solutions now.

As we conclude our discussion, we would like to take a moment to thank our guests, Ed and Jeremy, for sharing their tips and valuable insights. For more information and resources, check out our previous blogs on the Six Steps to IPv6 and Tools to Test and Verify IPv6 Setup.

“We decided to move our rather complex IP address and DHCP management process to ProVision and it has worked out great for us!! The team at 6connect were very flexible and went above and beyond to accommodate our requirements and helped to make the migration as smooth and hitch free as possible. Kudos to the team @ 6connect!”

Premkumar Subramaniam
Head of R&D
viewquest

“We are excited to be partnering with 6connect to leverage their technology and talent. We particularly admire their long-standing IPv6 contributions and their ability to service and support customers in this area, some who are the largest service provider in the world. The 6connect executive leadership team and technical team are great to work with and we look forward to many partnered projects to help customers address their Cloud, IoT and Security needs with IPv6. Automation, workflow and orchestration are critical to the success of most of these projects and 6connect is well positioned to help our mutual customers in those areas.”

Ed Horley
Co-Founder & CEO
HexaBulid

“Enterprises can struggle managing purposefully segmented DDI architectures with any agility. Our partnership with 6connect empowers customers with complex infrastructures to move faster to service the business while consolidating visibility and control over their estate.”

Andrew Wertkin
Chief Strategy Officer,
BlueCat

“6connect’s approach to automation addresses quite a few challenges with physical and virtual networks – how to improve the agility of your current network infrastructure without sacrificing reliability and adoption of future network technologies.”

Pär Lange
Investment Director
SwissCom

“A customer is looking for an integrated solution from a single vendor for both IPAM and DNS. Through the 6connect reseller program, Secure64 is able to offer the most secure DNS solutions married to a unique combination of IPAM and resource provisioning that customers want. It’s a marriage made in heaven.”

Mark Beckett
VP of Marketing
Secure64

“A huge benefit of working with the 6connect team is that they devoted a lot of resources to get our products integrated so we had the turnkey solution that we could take to market. It was very easy to work with their team to get product integrated and successfully launched.”

Mark Beckett
VP of Marketing
Secure64

You have IPv6!

You’re on IPv4.

Explore ProVision Suite

Resource Controller

DNS/DNSSEC

IPAM

DHCP Controller

Peering Controller

REST API

Talk to one of our Engineers

6connect