IPv6 transition may catch IT shops by surprise: Ask the Expert podcast

The switch from IPv4 to IPv6 reaches beyond your network and into the cloud. Is your data center ready for the IPv6 transition?

The countdown to the IPv6 transition looms with June 6 designated as World IPv6 Day, the date when several of the largest content websites will switch to the larger address space. Companies just starting in on the switch from IPv4 to IPv6 could probably use a few pointers on how to make the IPv6 transition as smooth as possible.

I'm Erin Watkins, assistant site editor with SearchDataCenter.com and with me today to talk about the IPv6 transition is Pete Sclafani, Chief Information Officer (CIO) with 6connect, a network automation provider located in California. Pete, welcome and thanks for joining me.

Play now:
Download for later:

Title here

  • Internet Explorer: Right Click > Save Target As
  • Firefox: Right Click > Save Link As

Pete Sclafani: Hi Erin, thanks for having me.

Watkins: What are some key differences between IPv4 and IPv6?

Sclafani: The key differences are technical, but with some interesting operational side effects. Other than the greatly increased address space – from 32 to 128 bits – you now have the introduction of letters into IP address notation. The result is that you now have a much more complex notation and IP addressing schema, so be prepared for more subnet calculations – and your spreadsheets probably aren't going to cut it anymore.

Watkins: What should data center IT staff be doing to prepare for the IPv6 transition?

Sclafani: One of the most important prep steps is getting a handle on your IPv4 space and understanding what is on your network both behind your firewall and in your various cloud footprints. The majority of companies are managing their IPv4 environments with a combination of spreadsheets, Post-it notes and reactive management — with a sprinkle of luck.

Doing any prep work for IPv6 has to also lay the groundwork for a proactive organization. That can be tough to do when your network engineers are firefighting and may not have the bandwidth to think strategically about implementing best practices for IPv6. 

IT staff can start small with just getting a handle on their current IPv4 space and the devices on their network. If they have a process or automation platform this is hopefully an easy exercise, but before repeating the mistakes of your legacy v4 network, it pays to understand the context of your current environment.

Watkins: What are some common obstacles and consequent workarounds to make the IPv6 transition?

Sclafani: One common obstacle is IPv6 compatibility. With some gear that is deployed, you may have surprises in IPv6 support or even limited support. Since IPv6 support is often relegated to a checkbox on a datasheet, it can really make it tough to find vendor products that actually support IPv6 correctly. We see this all the time in the application side. Vendors claim an application is now IPv6 compatible, but all they did was add a text box to the graphical user interface (GUI) for storing an IPv6 address.

So depending on your IPv6 transition readiness, you may have to train everyone from network, to systems, to storage staff and even application developers.

One approach to compatibility is "tunneling" – where IPv6 traffic is routed through an IPv4 network – or "Teredo." This situation comes up when IPv6 traffic has to pass through IPv4-only endpoints. 

The impact also stretches outside the enterprise: for cloud applications, you will now have two methods of connectivity to manage – IPv4 and IPv6.

Pete Sclafani

Watkins: What impact will the IPv6 transition have on enterprise IT shops?

Sclafani: One of the most obvious impacts is going to be on their front-end Web presences and integration with other applications. Managing these aspects will impact servers, networking, storage, DNS, etc. Given that many IT groups have been functioning in silos for so long, IPv6 will serve as a significant project that affects multiple departments.

The impact also stretches outside the enterprise: for cloud applications, you will now have two methods of connectivity to manage – IPv4 and IPv6. They can be run concurrently, of course, but you can also run IPv6-only networks or v4-only. It just creates more complexity in your network.

As IPv4 depletion becomes more pronounced and IPv6-only services become a necessity, enterprises will see an increase in services hosted behind network address translation (NAT), carrier-grade port address translation (PAT)and tunneling

On the security side, for the typical enterprise, NAT is a way of life, so bringing IPv6 management behind the firewall goes beyond the typical one to one NAT and firewall access control lists (ACLs). In addition, the more complex IPv4 network topologies will require some creative solutions to deal with VPNs, authentication mechanisms and IP address tracking and management.

Third, you have internal addressing. With many devices already having IPv6 enabled – especially with the increasing trend to bring your own device (BYOD) – IPv6 is most likely on your network already, and you may not even know it. You could even be running 6in4 tunnels and to your infrastructure it looks like you are running v4 traffic only. The problem here is that the scanning and management tools you use to manage your internal IP space are built on IPv4 mindsets and don't scale well when working subnets that number in the quintillions. 

Watkins: What, if anything, will happen to those running IPv4 when IPv6 becomes the norm?

Sclafani: As IPv4 space runs out, and when it is gone completely, there will be many hosts out on the Internet that only have an IPv6 address.  This means that some sort of technology must be used that allows a v4 only host to communicate with a v6 only host, or else they won't be able to talk at all.  

Depending on the scenario, there are many different methods for encapsulating IPv6 into IPv4, or vice versa.  These methods are referred to as tunneling, and depending on how they are implemented, go under several different names.  Some common methods used are Teredo – enabled by default in Windows 7 and Vista – 6to4 and 6in4.  There are also methods for proxying v4 to v6 that come with some of the downfalls and hacks to get around firewall NAT on v4 networks.  If some method isn't in place to allow v4 and v6 hosts to communicate, the older v4 hosts will not be able to talk to v6 hosts at all. That's a bad thing.

Watkins: So basically what you're saying is that when this happens, anybody still running IPv4 is going to have a lot of errors on their websites?

Sclafani: On previous IPv6 days you could see the dropoff. IPv4 simply can't see IPv6 sites anymore. What happens is your DNS tries to find the next one down the list, v4, but it tries v6 first. You may be able to get to a site, but it will take 3 or 4 seconds longer just to get the request back. You may think something's broken – there're performance issues that come up now. When my DNS requests a website, the lookup needs to be very quick or else the whole thing breaks down.

Effectively, they're two different languages and you can't just speak one – you have to speak both. Either you talk both at the same time or have some sort of translator, but having a translator in the middle introduces other issues.

Dig Deeper on Data center budget and culture

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.