| technology | networking - Jon Welling
3 IPv6 Migration Strategies
"The sky is falling! The sky is falling!", Chicken Little screams at his IT department after watching that amazing news expose that the internet is doomed. You see, Chicken Little just learned that we are running out of IPv4 addresses.
In fact, we've already run out.
What Chicken Little doesn't realize is that the world also has IPv6. IPv6 isn't a well-known thing outside of the IT industry, but it's something we are all going to have to deal with eventually. At some point, we will all have to migrate to IPv6. So here are three IPv6 migration strategies to ensure your IP migration transitions smoothly.
Why Should You Migrate to IPv6?
There are a lot of risk factors with not migrating your business to IPv6. Let's list a few of those here:
- You may not be able to communicate with other customers or networks eventually.
- You may require IPv6 for public-facing websites soon.
- Using IPv4 will require more NAT appliances which can degrade network speed and complicate network architecture.
- Your business may not be able to expose more services publicly due to the limited amount of public IPv4 addresses.
Why Do We Need IPv6?
According to Google, there are 4,294,967,296 total IPv4 addresses. That is it. There cannot mathematically be any more. Of course, that sounds like a lot until you realize there is a global population of 7.9 billion people. That's more than twice the IPv4 addresses we have available. We can't even assign a single IPv4 address to every person in the world. That's not including the multiple devices they might have or businesses that have multiple computers per person, too.
Likewise, some IPv4 address blocks are closed off for use. For instance, the United States military owns millions of IPv4 addresses that aren't available to the general public. IBM, Google, Microsoft, Facebook, and Apple have their own blocks of IPv4 addresses, too. That makes that pool of 4.2 billion IPv4 addresses even smaller.
Of course, it's not that simple, is it? We have developed workarounds for our IPv4 issue. One of the biggest tools we use is something called NAT (network address translation). By using NAT, a single public IPv4 address can serve an entire household. Internet service providers also use a form of Nat as well. So, traffic going into and out of ISP networks don't necessarily have their own public IPv4 address, either.
We have gotten by with using such techniques. In fact, we have significantly extended the use of IPv4 because of that. It was predicted that the entire world would need to migrate to IPv6 in 2010, but almost 12 years later and we still largely depend on IPv4. Nonetheless, the time will come that we all need to migrate to IPv6, and starting that process sooner then later is better for everyone.
So, let us discuss three different IPv6 migration strategies.
Not doing anything to migrate to IPv6 is a legitimate strategy in some cases. There could be various reasons why:
- Your business has equipment that is not IPv6 compatible
- The business case for migrating to IPv6 isn't strong enough
- The network architecture of your business is not complicated or demanding enough to require IPv6
Whatever the reason might be, sometimes businesses just don't need to migrate to IPv6. This is especially true for small businesses. Small businesses may not require anything more than a NAS, a simple server, a handful of laptops, and an internet connection.
For this example, the internal network could continue using their IPv4 address scheme while their router uses NAT to translate their ISP connection to IPv6 (assuming their ISP supports IPv6). Some ISPs are already doing this. For instance, Comcast will default to IPv6 for most of its network currently. In this scenario, moving a business to IPv6 just happens naturally.
Upgrade The Edge
We have gotten to a point where many applications, services, and hardware components now support IPv6. Transitioning edge services and devices shouldn't be too much of an issue providing your enterprise has kept up to date. So, migrating just the edge of a network is possible.
This means only utilizing IPv6 for things like:
- Email servers
- Web servers
With this strategy, businesses can take a phased approach to migrating to IPv6. The edge of the organization’s network, along with external-facing services and devices, needs to migrate to IPv6 before the rest of the internal network. This approach lets you do that.
Businesses may still need to use a NATing strategy in this case. Using NAT is not a terrible idea, though. NAT has more uses than expanding IPv6. For instance, it can hide the internal topology of a network. It can also be used as a security measure. So, businesses probably do not want to totally eliminate NAT.
With a phased approach, organizations can take the time to simplify their implementation of NAT. It also allows them a chance to keep a secure IPv4 network in place for devices, services, or applications that are required but do not support IPv6.
Implement IPv6 Translations or Proxies
One solution you could take is to implement translation or proxy services at the edge of a network. These services could sit between the gateway and the rest of the network or somewhere within the network itself. There are a few ways to do this.
For instance, an application layer gateway or proxy can sit inside of the network. When an IPv4 application attempts to communicate with an IPv6 device or application or attempts to send data outside of the network, this application layer gateway or proxy would terminate the IPv4 connection and establish an IPv6 connection in its place.
Creating a translation service is a last resort strategy, though. It is better to implement a proxy instead. Proxies are more versatile and can have far fewer edge case issues.
There are plenty of free, open-source solutions that businesses can use as a proxy as well:
- Apache with the mod_proxy module installed
There are plenty of paid solutions, too. Microsoft PortProxy is a good choice for Microsoft-based businesses. IBM WebSphere is another common solution, too.
Migrating to IPv6
These are only three examples of how migrating to IPv6 can be made easier. There are lots of different solutions and strategies out there. Read this article as a primer. The migration path from IPv4 to IPv6 can be tricky. Each business will need to analyze their use cases and carefully inventory the capabilities of their software and hardware before making this migration. Only after the inventory process is completed can a business create a proper migration plan from IPv4 to IPv6.