10
Copyright © 2011 Qwest. All Rights Reserved. Not to be distributed or reproduced by anyone other than Qwest entities. All marks are the property of the respective company. 5/11 WP111504 IP VERSION 6 Technical information on IPv6 to help you better understand the important issues and benefits for your business. Internet Protocol version 6 (IPv6) is the successor to the current IPv4 Network layer protocol in use today as the foundation for almost all Internet communication. When IPv4 was introduced in 1981, it was believed that the approximately 4.3 billion addresses would last for the foreseeable future. However, during the late 1980s, when the Internet began to experience explosive growth, it was clear a next- generation addressing method would need to be created. Some steps were taken to slow down the use of IPv4 addresses and enhance the scalability of IP networks in the 1990s, including the adoption of CIDR (Classless Inter-domain Routing) and NAT (Network Address Translation). In 1998, IPv6 was created as the long term solution to IPv4 address exhaustion. In February 2011, IANA (the Internet Assigned Numbers Authority), allocated their last /8 blocks of IPv4 addresses to the Regional Internet Registries (ARIN, RIPE, APNIC, LACNIC, AFRINIC). It’s anticipated that as early as mid-2011, APNIC could be fully exhausted of IPv4 addresses, with the other registries to follow into late 2011 and 2012. IPv4 address exhaustion - 1995 to 2012

Ipv Technical White Paper Wp111504

Embed Size (px)

DESCRIPTION

 

Citation preview

Page 1: Ipv Technical White Paper Wp111504

Copyright © 2011 Qwest. All Rights Reserved. Not to be distributed or reproduced by anyone other than Qwest entities. All marks are the property of the respective company. 5/11 WP111504

IP VERSION 6

Technical information on IPv6 to help you better understand the important issues and benefits for your business.

Internet Protocol version 6 (IPv6) is the successor to the current IPv4 Network layer protocol in use today as the foundation for almost all Internet communication. When IPv4 was introduced in 1981, it was believed that the approximately 4.3 billion addresses would last for the foreseeable future. However, during the late 1980s, when the Internet began to experience explosive growth, it was clear a next-generation addressing method would need to be created. Some steps were taken to slow down the use of IPv4 addresses and enhance the scalability of IP networks in the 1990s, including the adoption of CIDR (Classless Inter-domain Routing) and NAT (Network Address Translation). In 1998, IPv6 was created as the long term solution to IPv4 address exhaustion.

In February 2011, IANA (the Internet Assigned Numbers Authority), allocated their last /8 blocks of IPv4 addresses to the Regional Internet Registries (ARIN, RIPE, APNIC, LACNIC, AFRINIC). It’s anticipated that as early as mid-2011, APNIC could be fully exhausted of IPv4 addresses, with the other registries to follow into late 2011 and 2012.

IPv4 address exhaustion - 1995 to 2012

Page 2: Ipv Technical White Paper Wp111504

Copyright © 2011 Qwest. All Rights Reserved. All marks are the property of the respective company. 5/11 WP111504

IPv6 vs. IPv4 - Addressing

The most important enhancement of IPv6 compared to IPv4 is the much larger address space that’s available with IPv6. Where an IPv4 address consists of 32 bits, IPv6 addresses are 128 bits long. This equates to about 340 undecillion unique addresses with IPv6 compared to about 4.3 billion for IPv4. IPv6 addresses are written in hexadecimal format using eight groups of 16-bit hex values separated by colons:

2001:0db8:0000:0000:0000:0000:0000:0001

IPv6 addressing basics:

1. IPv6 addresses have two logical parts: a 64-bit network/subnet prefix and a 64-bit host address/interface ID. (The host address can be automatically generated from the interface MAC address.)

2. The 128-bit IPv6 address can be abbreviated with the following rules:

a. Rule one: Leading zeroes within a 16-bit value may be omitted.

b. Rule two: A single occurrence of consecutive groups of zeroes within an address may be replaced by a double colon.

There are three broad classifications of IPv6 addresses based on networking methodologies:

1. Unicast - Identifies each network interface. An IPv6 packet sent to a Unicast address is delivered to the interface identified by that address.

Page 3: Ipv Technical White Paper Wp111504

Copyright © 2011 Qwest. All Rights Reserved. All marks are the property of the respective company. 5/11 WP111504

2. Anycast – Identifies a set of interfaces. An IPv6 packet destined for an Anycast address is delivered to one of the interfaces identified by the address, usually the nearest one to the source.

3. Multicast - Identifies a group or set of interfaces that may belong to the different nodes. An IPv6 packet delivered to a Multicast address is delivered to the multiple interfaces.

Note: Unlike IPv4, broadcast addresses are not implemented in IPv6.

Each IPv6 address has a scope, which specifies in which part of the network it is valid and unique. There are reserved IPv6 addresses used for specific purposes:

• ::/128 An IPv6 address with all zeroes in it is referred to as an unspecified address and is used for addressing purposes within a software.

• ::1/128 This is called the loop back address and is used to refer to the local host. An application sending a packet to this address will get the packet back after it is looped back by the IPv6 stack. The local host address in IPv4 was 127.0.0.1.

• 2001:db8::/32 This is a documentation prefix allowed in the IPv6. All the examples of IPv6 addresses should ideally use this prefix to indicate that it is an example.

• fec0::/10 This is a site-local prefix offered by IPv6. This address prefix signifies that the address is valid only within the local organization. Subsequently, the usage of this prefix has been discouraged by the RFC.

• fc00::/7 This is called the Unique Local Address (ULA). These addresses are routed only within a set of cooperating sites. These were introduced in the IPv6 to replace the site-local addresses. These addresses also provide a 40-bit pseudorandom number that reduces the risk of address conflicts.

• ff00::/8 This prefix is offered by IPv6 to denote the multicast addresses. Any address carrying this prefix is automatically understood to be a multicast address.

• fe80::/10 This is a link-local prefix offered by IPv6. This address prefix signifies that the address is valid only in the local physical link.

Advantages of IPv6 over IPv4

The benefits of IPv6 over IPv4 are largely dependent on each end-user or enterprise applications. In general, the following table is a comparison of some features of IPv6 and IPv4:

Benefit IPv6 IPv4

More Addresses 3.4×1038 = 340 undecillion addresses. 4.29 x 109 = 4.2 billion addresses.

Simplified Network Addressing

IPv6 networks provide auto-configuration capabilities (SLAAC).

Networks must be configured manually or via DHCP.

Network Address Translation (NAT) Demise

Direct addressing is possible due to the extensive address space. The need for NAT is effectively eliminated.

Widespread use of NAT allows a single NAT address to potentially mask thousands of non-routable addresses, compromising end-to-end integrity.

Page 4: Ipv Technical White Paper Wp111504

Copyright © 2011 Qwest. All Rights Reserved. All marks are the property of the respective company. 5/11 WP111504

Improved Security IPSEC is built into the IPv6 protocol. IPSEC was originally designed for IPv6 and back ported for IPv4. The elimination of NAT makes IPSEC simpler and more efficient.

Fragmentation IPv6 routers do not perform fragmentation, done only by the hosts.

Fragmentation and reassembly occurs at the router = inefficient use of resources and degraded performance.

Minimum MTU 1280 Bytes 576 Bytes

Path MTU Discovery Highly recommended Not widely used

Control Protocols Single Control Protocol: ICMPv6 Multiple Control Protocols: ARP, ICMP, IGMP

Transitioning to IPv6

While the much larger IPv6 numbering system is meant to one day completely replace IPv4, this will take many years to accomplish. In the meantime, much of the Internet will run IPv4 and IPv6 simultaneously. This is necessary to ensure all users, regardless of the protocol version they are using, will be able to interact with all content on the Internet. New network deployments or applications that have IP addressing requirements beyond the current available IPv4 supply will ultimately be required to deploy IPv6 only networks due to the pending exhaustion of IPv4 address space.

It’s equally important that businesses and organizations make their services and online content available to both IPv4 and IPv6 users to ensure maximum visibility is maintained. Until IPv6 completely replaces IPv4, there are numerous transition and translational methods available to enable IPv6-only hosts to reach IPv4 content and services, allow isolated IPv6 hosts and networks to reach the IPv6 Internet over the existing IPv4 infrastructure, as well as allowing IPv4 hosts to reach IPv6-only content and services.

With this in mind, the Internet Engineering Task Force (IETF) has defined several mechanisms to allow co-existence between IPv6 networks and legacy IPv4 networks, as well as making the transition from IPv4 to IPv6. There are three broad categories that contain these transition mechanisms:

• Dual-stack IPv4/IPv6 • Tunneling • Protocol Translation

Page 5: Ipv Technical White Paper Wp111504

Copyright © 2011 Qwest. All Rights Reserved. All marks are the property of the respective company. 5/11 WP111504

Dual-Stack

Dual-stack nodes have the ability to send and receive both IPv4 and IPv6 packets. They can directly interoperate with IPv4 nodes using IPv4 packets, and also directly interoperate with IPv6 nodes using IPv6 packets. The dual-stack approach is the preferred method for phasing in IPv6 into existing networks. Procuring new devices or upgrading existing devices to support dual-stack greatly assists in providing a nimble environment for transitioning to IPv6.

Dual-stacked hosts connected to a dual-stack network enables networks to gradually migrate from IPv4 to IPv6 in a controlled manner, which allows legacy IPv4 applications and devices to operate side-by-side with newly transitioned IPv6 nodes on the same dual-stack network.

Tunneling

Unlike the dual-stack approach, tunneling encapsulates IPv6 packets inside IPv4 packets to be carried across an existing IPv4 infrastructure. Tunneling allows IPv6 endpoints or IPv6 “islands” to communicate with each other across an IPv4 network. There are two types of tunneling to enable the communication between those IPv6 endpoints, Automatic and Configured.

Automatic tunnels are dynamically created between the two endpoints. There are several methods of automatic tunneling including 6to4, Teredo, ISATAP and a hybrid of configured and automatic tunneling called Tunnel Broker. 6to4 is the most commonly used automatic tunneling method. In 6to4, tunnel endpoints are determined by using a well-known IPv4 anycast address on the remote side, and

Page 6: Ipv Technical White Paper Wp111504

Copyright © 2011 Qwest. All Rights Reserved. All marks are the property of the respective company. 5/11 WP111504

embedding IPv4 address information within IPv6 addresses on the local side. Note that does not facilitate interoperation between IPv4-only hosts and IPv6-only hosts but rather is a transparent mechanism used as a transport layer between IPv6 nodes.

(6to4 - http://en.wikipedia.org/wiki/6to4)

Configured tunnels, as the name implies, are tunnels that are explicitly configured by the network administrator.

Regardless of the tunneling method used, they should only be considered a temporary transition method and not as a permanent migration strategy to IPv6.

Protocol Translation

Translation services translate an existing protocol to another. It is anticipated that following the exhaustion of IPv4 addresses, new networks and hosts added to the Internet may have only IPv6 connectivity. In order to accommodate backwards compatibility to existing IPv4-only resources, IPv6 transition mechanisms need to be deployed.

The most common translation methods in use today are NAT64 and DNS64. With NAT64, the NAT64 server is the endpoint for at least one IPv4 address and a 32-bit IPv6 network (64:FF9B::/96). The IPv6 client embeds the IPv4 address and sends the packets to the resulting address. The NAT64 server then creates a NAT-mapping between the IPv6 and the IPv4 address, allowing them to communicate with each other.

Page 7: Ipv Technical White Paper Wp111504

Copyright © 2011 Qwest. All Rights Reserved. All marks are the property of the respective company. 5/11 WP111504

.

(NAT64 - http://en.wikipedia.org/wiki/IPv6_transition_mechanisms#NAT64)

DNS64 refers to a DNS server that when asked for a domains' IPv6 AAAA record, creates an AAAA record from the A record, if no AAAA record exists. The first part of the resolved IPv6 address points to an IPv6/IPv4 translator (NAT64 device) and the second part embeds the IPv4 address from the A record.

There are two issues with the DNS64 translation mechanism:

• It only works for cases where DNS is used to find the remote host address, if IPv4 literals are used the DNS64 server will never be involved, and therefore, no translation will take place.

• Since the DNS64 server returns records not specified by the domain owner, DNSSEC validation will fail.

Factors When Adopting IPv6

There are several factors to be considered prior to making the move into the IPv6 arena, such as:

• IPv6 address space – IPv6 address space can be obtained directly from a Regional Internet Registry (RIR) such as ARIN, RIPE, APNIC, LACNIC or AFRINIC. Addresses are also available from many Internet Service Providers.

• IPv6 connectivity (native or tunneled) – Native connectivity via dual-stack or a dedicated connection is needed in order to access IPv6 services and content. Alternately, tunneled service can be obtained from many providers, although should only be considered on a temporary basis.

• Operating systems, software, and network management tool upgrades – IPv6 support should be considered when procuring new network hardware or software.

• Router, firewall, and other hardware upgrades – New hardware purchases may be required to support both IPv4 and IPv6, or firmware updates to support both may be needed.

Page 8: Ipv Technical White Paper Wp111504

Copyright © 2011 Qwest. All Rights Reserved. All marks are the property of the respective company. 5/11 WP111504

• IT staff and customer service training – It’s important that network administrators, IT staff, Engineering planning and design staff, and ultimately, the end user are trained in the use and support of IPv6. Self-training and formal training should be considered.

Qwest and IPv6

Qwest has been involved with IPv6 since 1999, when we acquired our first IPv6 address allocation from Abilene in the form of a /35. Today, we’ve obtained two /32 networks from ARIN in addition to another /32 from APNIC in order to roll out IPv6 services to our customers and within the network infrastructure.

In 2000, Qwest built an IPv6 test network using both Native and Tunneled connectivity across multiple PoP’s across the country to gain experience with operating an IPv6 network, as well as provisioning and supporting beta customers for the IPv6 trial.

When moving from the dedicated IPv6 test network to a production network in 2007 and 2008, the decision was made to go with the dual-stack design across the existing IPv4 infrastructure, thereby making the end design for IPv6 exactly the same as IPv4 and providing a seamless transition by not requiring separate interfaces for IPv4 and IPv6 services. Several objectives were developed to ensure a phased, controlled approach in order to allow systems and the network to evolve, such as:

• Enable IPv6 on the production IP backbone in order to provide transit IPv6 services • Enable IPv6 equivalents of existing IPv4 enterprise services

Internet Port – Public IPv6 connectivity to on-net and peer networks Private Port – IPv6 Layer 3 VPN

• Gain operational experience to minimize both operational and capital costs as well as gain developmental experience to support applications on IPv6

Page 9: Ipv Technical White Paper Wp111504

Copyright © 2011 Qwest. All Rights Reserved. All marks are the property of the respective company. 5/11 WP111504

• Provide services to meet government mandated IPv6-ready dates • Implement IPv6 so as not to affect or degrade the performance of the existing IPv4 network and

services

Today, the Qwest Edge, Core and Border routers are IPv6 enabled in nearly every IP PoP location for end-to-end v6 connectivity across the Qwest backbone and beyond, with more being added every week. Our native IPv6 connectivity for end-users ranges from T1 to Nx10GigE port speeds on both the public Internet and Private MPLS VPN services, using dedicated and dual-stack access methods.

The Qwest DNS platform is also IPv6 enabled to support the IPv6 AAAA records, as well as the QwestControl portal for customer circuit management.

Conclusion

The exhaustion of IPv4 addressing is inevitable and no longer a matter of “if”, but rather “when” they will become no longer available. Enterprises and organizations must begin to weigh the impacts of that exhaustion with their own system and network migration timelines to ensure a seamless transition and continued availability to both IPv4 and IPv6 only users.

Page 10: Ipv Technical White Paper Wp111504

Copyright © 2011 Qwest. All Rights Reserved. All marks are the property of the respective company. 5/11 WP111504

Why Qwest

Qwest is committed to the evolution of IP services to IPv6, whether in a public or private network environment, as well as the potential in the benefits that IPv6 can bring. We have invested time, money and effort into testing the features and capabilities of IPv6 and will continue to do so as we continue to roll out additional IPv6 capabilities and services throughout the Qwest Global Network. Qwest is ready to help you gain the benefits of IPv6 using our experience and talent to make the transition easy and complete. Qwest Professional Services can conduct an assessment of your IPv6 needs, plan the transition, and implement the change for you. Contact a Qwest sales representative for complete details.

References:

• Wikipedia - http://en.wikipedia.org/wiki/IPv6 • IPv6.com - http://www.ipv6.com • ARIN – http://www.arin.net