Welcome back. In the first half, we covered some of the benefits and advantages of the coming switch from IPv4 to Ipv6. But even though it’s necessary and inevitable, the switch will not necessarily be easy. In this article, I will be discussing the challenges involved in migrating and organizational considerations that should be taken before migrating.
CHALLENGES INVOLVED IN MIGRATING TO IPv6
Replacement of Existing Infrastructure
The migration to IPv6 would require a lot of changes in IP addressing .Changes may also be required on the existing hardware and software.
- Hardware Changes: In some cases, hardware needs to be upgraded. This can be especially onerous in the case of certain types of specialty hardware and/or embedded systems that have not been maintained for many years and simply continue to function. This can be particularly challenging for smaller and mid-sized providers in established economies, where infrastructure already exists and replacing it will be expensive.
- Software Changes: The challenges are similar to the hardware challenges, but can be even more difficult because, in some cases, there are applications that were developed internally by people who have long since left the organization and nobody dares touch the code (if they even know where the source is). Some applications were initially developed to function on the ipv4 platform. Migrating to IPv6 might cause some issues.
Migration Challenges with Legacy System Issues
Legacy systems can be defined basically as older systems. They likely are missing some common functionality from current technology, but still exist because they perform a key or important function for the organization just fine, so there is no reason to replace them. With IPv6 migration, there may be a reason now. When an organization migrates to IPv6, any device on the network needs to be able to have an IPv6 address, along with its existing IPv4 address (a technique known as dual-stacking). If the device cannot utilize a v6 address, it will eventually cause conflicts and problems in not being able to be found or communicate properly. It is possible to temporarily force it to use v4 only, but once the network continues to evolve and migrate further towards IPv6, it will progressively lose more and more communication with the network until it is gone.
Core Knowledge of IPv6 Addressing and Protocols
One major concern of moving from IPv4 addresses to IPv6 address is the elaborate and different addressing structure of IPv6. For many network administrators, this will be a quite challenging and tasking. skill and a thorough knowledge of IPv6 will be required, as redesigning the network and reallocating IPv6 addresses to the devices can get really complicated. The protocols used in IPv6 also are different from the ones used in IPv4. For instance in IPv4, OSPF is used, but in IPv6, OSPFv3 is used.
This is a very crucial and essential aspect of the migration. It will not be easy to justify the need for migration, say to the CFO (chief financial officer) of a company, who will require a lot of convincing as to why the company should move from the existing infrastructure to another infrastructure, thereby causing them to part with more dollars. Cost includes not only monetary assets, but also personnel and time. The migration to IPv6 will usually require all three, but more so of personnel and time. A large amount of planning will be needed to get through the project as quickly as possible and have everything working at the end. With planning come the people required to perform that function. Any monetary cost may include new equipment or servers (as the existing equipment’s may not support IPv6 or would require an upgrade to enable it support IPv6 fully).
MIGRATION AND DEPLOYMENT STRATEGIES
When IPv6 development and initial deployment began in the 1990s, most of the world’s existing networks were already built on IPv4 infrastructure. Presently most of the internet runs on IPv4. As a result, it was observed that there was going to be a need for ways to transport IPv6 over IPv4 networks, and also IPv4 over IPv6 networks.
In migrating to IPv6, there are various strategies and techniques that can be adopted. The transition from IPv4 to IPv6 is not meant to be a radical one, since most of the functions that work on IPv4 can be maintained on IPv6.
Dual Stack Technique
Dual stack is one possible migration technique; it involves running both IPv4 and IPv6 at the same time end to end. This requires enabling all applications to be aware of both the IPv4 and IPv6 protocol stacks and end-to-end network running both stacks. Any communication data from an IPv6 application on end host will be interpreted by the IPv6 protocol stack in the network layer and will send out with Ether type as 0x86DD. The edge router, on receiving it, will understand it as IPv6, based on the Ether type, and it will be treated accordingly with IPv6 protocol stack. The same continues end to end and both the IPv4 and the IPv6 clouds will communicate only among themselves. No intercommunication between IPv6 and IPv4 is possible with dual stack technique
Tunneling in a general sense means “encapsulating traffic”. More specifically, the term usually refers to the process of encapsulating traffic at a given layer of the OSI seven-layer model within another protocol running at the same layer. Therefore, encapsulating IPv6 packets within IPv4 packets and encapsulating IPv4 packets within IPv6 packets are both considered tunneling. Some of the methods of tunneling are listed below
Tunneling Types and Methods:
- * Manual 6to4 tunneling
- * IPv6 over IPv4 GRE tunnels
- * Automatic 6to4 tunnels
* ISATAP tunnels
Manual 6to4 Tunneling
This tunnel type is point-to-point in nature. There is no special requirement for the IPv6 address configuration on tunnel interface except that both should be on same subnet and the end points should be reachable via IPv4. Configuring a manual IPv6 over IPv4 tunnel is almost identical to configuring an IPv4 GRE tunnel; the only difference is setting the tunnel mode. This technique, which is one of the initially used mechanisms, is least preferred these days due to the scalability issue.
IPv6 over IPv4 GRE Tunnels
GRE (generic routing encapsulation) protocol is one tunneling protocol that encapsulates one network layer protocol inside the other. As with a manual 6to4 tunnel, this is a point-to-point static tunnel that needs to be configured between two end points that are dual stacked with IPv4 as core-facing and IPv6 as CE-facing. In this case, IPv6 is the passenger protocol that traverses over IPv4 as the carrier protocol, with a GRE header added. GRE tunnels provide two options that the other tunnel types do not—namely, encapsulating traffic other than IPv6 and support for IPsec. Like the manually configured variety, GRE tunnels are designed for point-to-point operation. With IPv6 as the passenger protocol, typically these tunnels are deployed between edge routers to provide connectivity between two IPv6 “islands” across an IPv4 cloud. Configuring GRE tunnels for transporting IPv6 packets over an IPv4 network is not too difficult.
Automatic 6to4 Tunnels
A 6to4 border router that is dual-stacked with an IPv4-facing core and an IPv6-facing CE treats a core-facing IPv4 infrastructure as a non-broadcast multi-access (NBMA) link. Having said that it treats the IPv4 core as an NBMA link, we need some automatic way to identify the peer connected to NBMA link. A special format IPv6 address, also known as a 6to4 address, which is an IPv4 address embedded in an IPv6 address with 2002::/16 as a prefix is allotted by IANA. This 6to4 address comprises a format prefix: 001, TLA value: 0x0002, NLA value: IPv4 address to make it a 2002:v4-address::/48. A 6to4 border router will look into its IPv6 routing table to identify the next hop to reach the other IPv6 domain. This next hop address will be a6to4 address from which the other border router’s IPv4 address will be extracted. Now a IPv6 packet will be encapsulated with an IPv4 header with Protocol number = 41 (which is the same as a manual 6to4 tunnel) with the destination as an IPv4 address extracted from a 6to4 address. Since the tunnel is point-to-multipoint in nature, IGP is not possible over the tunnel and so it has to rely on either static routing or BGP to reach IPv6 sites in other domains.
ISATAP (intra-site automatic tunnel addressing protocol) is another mechanism to transport IPv6 traffic over an IPv4 infrastructure. As with the automatic 6to4 technique, ISATAP treats core-facing IPv4 infrastructure as an NBMA link and so has a special format IPv6 address like the automatic 6to4 technique. Therefore, like 6to4, ISATAP tunnels support point-to-multipoint operation natively and determine the destination on a per-packet basis. However, the method they use for determining the addressing for hosts and the tunnel interface differs from 6to4 tunnels. Otherwise, ISATAP and automatic 6to4 tunneling are very similar. ISATAP develops its addressing scheme using this format: [64-bit link-local or global unicast prefix]:0000:5EFE:[IPv4 address of the ISATAP link]. The ISATAP interface identifier is the middle part of the address, 0000:5EFE. One other key difference in ISATAP tunnels is important to know: By default, tunnel interfaces disable router advertisements (RA).
Although it is not technically a tunneling protocol, one of the methods of interconnecting IPv6 and IPv4 networks is a mechanism known as network address translation-protocol translation (NAT-PT), defined In RFCs 2765 and 766 (obsoleted by 4966). NAT-PT works by performing a sort of gateway function at the IPv4/IPv6 boundary. At that boundary, NAT-PT translates between IPv4 and IPv6. This method permits IPv4 hosts to communicate with IPv6 hosts and vice versa without the need for those hosts to run dual protocol stacks. Much like NAT and PAT (NAT overloading) for IPv4, NAT-PT supports static and dynamic translations, as well as port translation.
The IPv6 protocol Is an extremely useful protocol. But, as we can see, we are still far away from a large full-scale deployment. A couple of companies are already exploring IPv6. For companies that want to migrate, one major question that should be answered is “What is the benefit to my company of migrating to IPv6?”
IPv6 for R&S CCIE Candidates by Johnny Bass
CCIE Routing and Switching guide by Wendell Odom, Rus Healy, Denise Donohue