IPv6forDummies PDF

IPv6
FOR
DUMmIES

INFOBLOX SPECIAL EDITION
These materials are the copyright of John Wiley & Sons, Inc. and any
dissemination, distribution, or unauthorized use is strictly prohibited.
IPv6 For Dummies, Infoblox Special Edition
Published by
John Wiley & Sons, Inc.
111 River Street
Hoboken, NJ 07030-5774
www.wiley.com
Copyright 2012 by John Wiley & Sons, Inc.
Published by John Wiley & Sons, Inc., Hoboken, NJ
No part of this publication may be reproduced, stored in a retrieval system or transmitted in any
form or by any means, electronic, mechanical, photocopying, recording, scanning or otherwise,
except as permitted under Sections 107 or 108 of the 1976 United States Copyright Act, without the
prior written permission of the Publisher. Requests to the Publisher for permission should be
addressed to the Permissions Department, John Wiley & Sons, Inc., 111 River Street, Hoboken, NJ
07030, (201) 748-6011, fax (201) 748-6008, or online at http://www.wiley.com/go/permissions.
Trademarks: Wiley, the Wiley logo, For Dummies, the Dummies Man logo, A Reference for the Rest
of Us!, The Dummies Way, Dummies.com, Making Everything Easier, and related trade dress are
trademarks or registered trademarks of John Wiley & Sons, Inc. and/or its affiliates in the United
States and other countries, and may not be used without written permission. Infoblox, the Infoblox
symbol, and other Infoblox product designations are trademarks of Infoblox Inc. All other
trademarks are the property of their respective owners. John Wiley & Sons, Inc., is not associated
with any product or vendor mentioned in this book.
LIMIT OF LIABILITY/DISCLAIMER OF WARRANTY: THE PUBLISHER AND THE AUTHOR MAKE

NO REPRESENTATIONS OR WARRANTIES WITH RESPECT TO THE ACCURACY OR
COMPLETENESS OF THE CONTENTS OF THIS WORK AND SPECIFICALLY DISCLAIM ALL
WARRANTIES, INCLUDING WITHOUT LIMITATION WARRANTIES OF FITNESS FOR A
PARTICULAR PURPOSE. NO WARRANTY MAY BE CREATED OR EXTENDED BY SALES OR
PROMOTIONAL MATERIALS. THE ADVICE AND STRATEGIES CONTAINED HEREIN MAY NOT BE
SUITABLE FOR EVERY SITUATION. THIS WORK IS SOLD WITH THE UNDERSTANDING THAT
THE PUBLISHER IS NOT ENGAGED IN RENDERING LEGAL, ACCOUNTING, OR OTHER
PROFESSIONAL SERVICES. IF PROFESSIONAL ASSISTANCE IS REQUIRED, THE SERVICES OF A
COMPETENT PROFESSIONAL PERSON SHOULD BE SOUGHT. NEITHER THE PUBLISHER NOR
THE AUTHOR SHALL BE LIABLE FOR DAMAGES ARISING HEREFROM. THE FACT THAT AN
ORGANIZATION OR WEBSITE IS REFERRED TO IN THIS WORK AS A CITATION AND/OR A
POTENTIAL SOURCE OF FURTHER INFORMATION DOES NOT MEAN THAT THE AUTHOR OR
THE PUBLISHER ENDORSES THE INFORMATION THE ORGANIZATION OR WEBSITE MAY
PROVIDE OR RECOMMENDATIONS IT MAY MAKE. FURTHER, READERS SHOULD BE AWARE
THAT INTERNET WEBSITES LISTED IN THIS WORK MAY HAVE CHANGED OR DISAPPEARED
BETWEEN WHEN THIS WORK WAS WRITTEN AND WHEN IT IS READ.
For general information on our other products and services, please contact our
Business Development Department in the U.S. at 317-572-3205. For details on how to
create a custom For Dummies book for your business or organization, contact info@
dummies.biz. For information about licensing the For Dummies brand for products or
services, contact BrandedRights&Licenses@Wiley.com.
Manufactured in the United States of America
10 9 8 7 6 5 4 3 2 1
ISBN 978-1-118-26401-0 (pbk); ISBN 978-1-118-26626-7 (ebk)
Publishers Acknowledgments
Some of the people who helped bring this book to market include the following:
Acquisitions, Editorial, and Media Composition Services
Development Senior Project Coordinator: Kristie Rees
Development Editor: Bill Sempf Layout and Graphics: Lavonne Roberts
Project Editor: Jennifer Bingham Proofreaders: Melanie Hoffman
Editorial Manager: Rev Mengle
Business Development Representative:
Karen Hattan
Custom Publishing Project Specialist:
Michael Sullivan
Chapter 1
Routing around IPv6 Basics
In This Chapter
Getting the most out of this book
Comparing IPv4 and IPv6
Understanding the need for IPv6
I Pv6 stands for Internet Protocol version 6, something that

is about to impact everyone who uses the Internet. This
book will help you understand what IPv6 is, why its neces-
sary, what it does, and how it will impact you and your
organization.
So, what is the Internet Protocol? Its a set of international

communications rules that specifies the way small packets
of data are routed across networks. Each data packet con-
tains the two numeric addresses of its origin and destination
devices.
IPv6, or Internet Protocol version 6, is the newest way that

Internet devices talk to each other by specifying the two key
addresses: where the data packet comes from and where is it
going. IPv6 is the successor to Internet Protocol version 4 or
IPv4. (Yeah, they skipped IPv5 for reasons that are unimport-
ant, so just roll with it.)
Why IPv6? The main impetus behind the move to IPv6 is to

remedy the IPv4 address exhaustion problem. The explosive
growth of the Internet since 1981 has exceeded the address
capacity available in IPv4.
2 IPv6 For Dummies, Infoblox Special Edition
Understanding IPv6 is important because migrating your

organization to IPv6 is no trivial task. Aside from knowing
whats going on under the hood, youre going to want insight
on methodology, device selection, and testing. This book will
help.
About This Book

This book is designed to assist network specialists with the
processes involved in implementing IPv6 on their systems.
Included are facts about the IPv6 addressing system, details
about getting ready to make the change, and some sugges-
tions for getting started. We assume you have some knowl-
edge of contemporary networks and the Internet. This book
was written with and for Infoblox.
Icons Used in This Book

This book contains four icons helpful in identifying informa-
tion of special interest. To get the most out of this book, pay
attention to the paragraphs with these icons.
Give particular attention to this material.
This icon indicates technical information that may or may not

interest you, but its there if you want to learn it.
These paragraphs point out special tricks or techniques you

can use to do something faster or with greater ease.
Watch out! When you see this icon, read the information sev-
eral times to keep yourself out of trouble.
Chapter 1: Routing around IPv6 Basics 3
Introducing IPv6
Internet Protocol version 6 is the next addressing system
for Internet-connected devices. The explosive growth of the
Internet has exceeded the capacity of the 30-year-old stan-
dard, known as IPv4, to handle all the network tools, websites,
cell phones, and other devices that need unique addresses
out in the Wild Wild Web. IPv4 has been a very successful
standard with impressive durability. Not much else on the
Internet has lasted 30 years unchanged, so they must have
gotten a few things right when they designed it. However, the
massive growth in the number and types of devices that use
an Internet address has finally made a change necessary. IPv6
is that change.
IPv4 uses a 32-bit address, usually expressed as a group of

four address numbers from 0 to 255, which made around
4.3 billion addresses available. The vast majority of these
addresses have already been assigned to Internet service
providers. IPv6s 128-bit address provides for many times that
amount of addresses. To be exact, IPv6 will supply 2128 or 340
undecillion or 3.4x1038 addresses!
Defining IPv6
The 128-bit address in IPv6 is the most obvious differ-
ence from IPv4. Besides expanding the number of available
addresses, IPv6 also has a new packet format that cuts down
on packet header processing by routers, thereby increasing
efficiency.
The IPv6 packet in Figure 1-1 is made up of two parts: the

packet header and the payload.
??? Traffic Class Flow Label

Payload Length Next Header Hop Limit
Source Address
Destination Address
Figure 1-1: The IPv6 packet format.
The header consists of a portion with basic data required for

all packets (and may contain optional extensions for special
features). The header occupies the first 40 octets (320 bits)
of the IPv6 packet, and contains the source and destination
addresses, traffic classification options, a hop counter, and
a pointer for extension headers, if any. You will also find the
Next Header field, which points to the upper-layer protocol
that is carried in the packets payload.
The payload can have a size of up to 64 kilobytes without spe-

cial options, or can be larger with a Jumbo Payload Option in
a Hop-by-Hop Options extension header. IPv6 jumbograms
can be as large as 232 1 octet, and their use may improve
performance over high-MTU links.
Getting Some Statistics

Want proof that IPv6 is necessary? Check out these factoids.
Internet World Statistics tells us there were 1.25 billion

Internet users and 1 billion Internet connections at the start
of 2008. In dramatic contrast, projections for 2012 predict 2.5
billion Internet users and more than 5 billion connections. A
major component of the growth in addresses is the prolifera-
tion of mobile phones and tablets, each of which has at least
one address (and oftentimes more than one).
Those projected 5 billion connections already outstrip the

4.3 billion addresses provided by IPv4. The resulting shortage
can be partially overcome by Network Address Translation
(NAT) but not completely.
Solving Tomorrows
Problems Today
Although the last batches of IPv4 addresses have already gone
out for assignment, folks are still getting along just fine with-
out IPv6 right now in 2012. However, at the rate of increase of
addressable devices, that will not remain true for very long.
Creating a globally unique system of addressing in which

every device has an address all its own without having to
depend on a NAT server will result in dramatic changes in
todays networks and may prove essential on tomorrows
networks.
Breaking down the New

Address Format
IPv6 has an impressive list of features, the main one being its
128-bit address space. By contrast, IPv4, the current system,
is only 32 bits. The 128-bit address is most commonly broken
up into two parts: a 64-bit network prefix and a 64-bit unique
interface identifier. The address is written in eight groups of
four hexadecimal digits separated by colons. This compara-
tively monstrous address can be abbreviated as shown in
Figure 1-2 by either omitting the leading zeros or replacing
groups of four zeros with a double colon.
An IPv6 address (in hexadecimal)
2001:ODB8:AC10:FE01:0000:0000:0000:0000:
Zeros can be omitted

2001:DB8:AC10:FE01::
0010000000000001:0000110110111000:1010110000010000:1111111000000001:
0000000000000000:0000000000000000:0000000000000000:0000000000000000:
Figure 1-2: Decomposition of an IPv6 address into its binary form.
The packet header and the process of packet forwarding have

been greatly simplified in IPv6, making packet processing by
routers considerably more efficient despite the doubling of
the size of the packet header. The longer addresses simplify
the allocation of addresses, enable efficient route aggregation,
and permit implementation of special addressing features.
The standard size of a subnet in IPv6 is 264 addresses, the
square of the size of the entire IPv4 address space. Thus,
actual address space utilization rates are small in IPv6, but
the large subnet space and hierarchical route aggregation
improve network management and routing efficiency.
Discovering Other IPv6 Features

The new address format brings a whole host of new features,
both potential and realized, including the following:
Integrated network security. IPsec is a mandated, baked-

in part of the protocol.
Simplified address assignment. Fixing the size of the
host identifier portion of an address to 64 bits has stan-
dardized the IPv6 subnet size, and automatically forms
the host identifier from link layer media addressing
information.
Easier network renumbering. Changing the prefix
announced by a few routers can renumber an entire
existing network for a new connectivity provider because
the host identifiers can be independently self-configured
by a host.
Elimination of the need for NAT. Network Address
Translation was created and implemented specifically
to deal with the shortage of IPv4 addresses.
Integrated multicasting. Also supported in the new pro-
tocol are new multicast solutions, including embedding
rendezvous point addresses in an IPv6 multicast group
address, which may simplify the deployment of inter-
domain multicast solutions.
IPv6 Adoption Basics

To help give you a big picture take on migrating to IPv6, heres
a short overview of the major steps involved in the process.
IPv6 is on its way because the Internet is running out of

addresses, and try as you might, you simply cant avoid
adoption.
If you havent started your cutover process yet, youre in

good company, but dont put off planning your adoption much
longer. Governmental agencies are already adopting IPv6 by
mandate, and your partners and others are very likely doing
so as well, which means that communicating with any of them
will become increasingly difficult if you dont adopt.
To develop a comprehensive adoption plan, follow these

steps:
1. Create a planning group. You need representatives

from all branches of your organization, and they
should help set realistic expectations for their indi-
vidual departments.
2. Decide who needs adoption the most. You should
adopt in phases, starting with the most independent
sector of your organization, and work out the bugs in
one place before moving on to the next.
3. Choose technology. You can examine a variety of tran-
sition technologies to determine which one or which
combination is right for your organization, including
tunneling (automatic, configured, or automated),
dual-stack, and translation.
4. Look at what you have. You should determine what

equipment and software is already IPv6-ready, what
needs upgrading or updating, and what needs to be
replaced.
5. Find help. You can get help from vendors and from
IPv6 specialists, such as Infoblox, whose vast set of
migration resources are available to assist you with
adoption questions.
Dont lose sight of the fact that the greatest impact of IPv6
adoption will be at the network infrastructure level, although
anything connected to IT, whether virtual or physical, will be
affected.
Chapter 2
Getting Ready to Change
In This Chapter
Impacting enterprise with IPv6
Getting the band together
Making a to-do list
C hanging a transport protocol should not be undertaken

lightly, regardless of the size of your organization. Some
planning has to take place, the more focused and thought out
the better so this chapter is geared to helping you plan
your planning.
How Is Implementing IPv6

Going to Affect Me?
Visibly, the way you use the Internet wont change at all. Your
web browsers will look the same, your e-mail will look the
same, and your file transfers will look the same.
The difference is under the hood, at the network layer. If

youre in charge of providing service, troubleshooting prob-
lems or helping people troubleshoot problems, installing
network equipment, managing those who worry about net-
works, or writing programs that use the network, youll need
to understand the basics because the change to IPv6 will have
significant impact on these functions.
Laying Out the Business Case

Imagine if the electric grid changed from AC to DC, and the
electric utility ran a second set of lines to your business. You
could run both services for a while, but eventually, one by
one, the stations providing AC power would be turned off
until there was no more AC power being provided at all, and
the only service youd be able to run would be DC.
That is exactly what is happening with Internet protocols.

IPv6 and IPv4 are mutually exclusive. Although they run over
the same lines, the computers and routers that speak IPv6 are
not able to communicate with devices that speak IPv4.
So the business case for IPv6 is that, eventually, the only new
routers youll be able to buy will be IPv6 routers. If you have
an IPv4 network, one day in the not-distant future you wont
find parts available anymore.
More alarming will be the fact that as government, business,

and consumer networks change from IPv4 to IPv6 and gov-
ernment is already under a conversion mandate there will
be no one left to talk to. Why not? An IPv6 machine doesnt
send packets that are understandable by an IPv4 device.
Setting Up the Team

Migrating from IPv4 to IPv6 is a team effort and we dont
mean just the IT department. It takes a village to make this
change, and communication is key. Someone from every
major branch at your organization should be involved to
create a comprehensive team.
Make sure the team composition is cross-functional, and lay

out demonstration events and pilot programs so that when
full cutover occurs and deployment is company-wide, you
have worked out the kinks and troubleshot all the problems
with all divisions in the company.
Dont underestimate a vendor presence. Your normal network

provider, Internet service provider, or a migration specialist
(like Infoblox) can be crucial to getting answers to questions
and to achieving success with your IPv6 adoption.
Chapter 2: Getting Ready to Change 11
Building an IPv6 Address Plan

Once a team is together, you need to set expectations. The
best way to do this is to ask your group some pertinent lead-
ing questions, such as these:
What IPv6 strategy will we implement?

How will we continue to support IPv4?
What will the effects of cutover be on our network
infrastructure?
What parts of our existing infrastructure can we reuse?
What upgrades and replacements will be necessary?
Where will IPv6 integration begin in our organization?
How should we initiate IPv6 integration?
What services will we designate as pilot programs and in
what order?
What resources can we call upon for assistance with
planning and executing cutover?
How will our branch facilities and data centers be
affected?
Can we make the cutover invisible to customers?
The answers your team provides to these questions will serve

as good, solid, foundational material for team members to
take back to their individual departments for setting realistic
expectations. Knowing what to expect as the cutover pro-
ceeds is key to heading off troubles. So take the time to get
the answers to these fundamental, key questions right.
Figuring Out Whats Ready Now

A major part of your IPv6 plan will be defining the list of
things that need to be updated, altered, or outright replaced.
In many ways, this IPv6 changeover is reminiscent of the Y2K
event. Some devices have been IPv6-ready all along, and you
need to do nothing (or nearly nothing). Some will need config-
uration changes. Some will need new software. Some will have
to be sent to the recycler.
Your team will have to look at every device that touches the
network and make a determination as to its readiness. The
process sounds daunting, but if done systematically, it can go
smoothly. Here are some general guidelines that will make the
task easier:
Compatibility with IPv6 networking is mainly a software

or firmware issue.
Much of the older hardware that could be upgraded
should probably be replaced instead.
The American Registry for Internet Numbers (ARIN) sug-
gests that all Internet servers be prepared to serve IPv6-
only clients by January 2012. (This doesnt mean that the
servers themselves will be IPv6-only just that they can
serve requests from IPv6-only clients.)
Most personal computers running recent operating
system versions are already IPv6-ready.
Many applications with network capabilities may not
be ready, but can be upgraded with support from the
developers.
Java applications adhering to Java 1.4 (February 2002)
standards have support for IPv6.
Low-level equipment like network adapters and network
switches may not be affected by the change because they
transmit link layer frames without inspecting the contents.
Networking devices that obtain IP addresses or perform
routing based on the IP address do need IPv6 support.
Most equipment can be made IPv6-capable with a soft-
ware or firmware update if the device has sufficient stor-
age and memory space for the new IPv6 stack unless
the manufacturer has new hardware rather than software
or firmware updates available.
If the equipment manufacturer is out of business or has
no software updates available, or if the network stack is
implemented in permanent read-only memory, you must
replace the equipment in question.
Types of equipment that are typically not IPv6-ready
include: Voice over Internet Protocol devices, laboratory
equipment, printers, cable modem servers, and cable
modems.
Chapter 3
Making the Shift to IPv6
In This Chapter
Adding addresses
Triaging networking equipment
Finding help when needed
H aving your plan in place is very important, but plans are

no substitute for experience. Eventually youll need to
pull the trigger and implement your plan, and with IPv6 adop-
tion that requires no small effort.
In this chapter, we examine how to estimate the effort

involved, get materials together, and start project tasks. And
when you need more help, we give you some supportive infor-
mation about that, too.
Looking Ahead: Are You Behind?

Because many IPv6 devices have been available for a while
now and IPv4 addresses have nearly run out, it might seem
that youre so far behind the curve that making the change
will be a significant interruption to your organization.
Nothing could be further from the truth. Be assured that, with

the proper planning, youll still be in the forefront of the cutover
if you make the change soon. The fact is, you can accomplish
IPv6 adoption with little or no impact to existing services.
Heres a current snapshot of IPv6 adoption. In October 2010,

83 percent of the top-level domains on the Internet supported
IPv6 for accessing their domain name servers, and 69 percent
of the zones contained IPv6 glue records. Approximately
1.4 million domains or 1 percent had IPv6 address records
in their zones. Of all the networks in the global BGP routing

table, only 7.2 percent had IPv6 support as of that date.
Mobile phones represent a major source of change in the IPv6

space. All those phones are publically addressed, so they use
up large numbers of IP addresses. Also, the change from 3G to
4G is a big deal 4G implements Voice over Internet Protocol
(VoIP) service, which requires IPv6 in the mobile space. As
carriers change, their entire networks must support IPv6.
BitTorrent, Xbox Live, and other peer-to-peer technologies

implement IPv6 in order to avoid the limitations created by NAT.
(IPv4 uses NAT to cut down on the number of addresses used.)
Every major operating system in current use supports IPv6.

Microsoft Windows has supported it since XP/Windows 2000.
Mac OSX, Linux, and BSD, all have full-featured, mature IPv6
stacks.
So the good news is that, since IPv6 was initially defined more
than a decade ago, you probably have lots of IPv6-enabled
software and hardware under your control already. More
good news: Only a small fraction of global networks have
deployed IPv6 to date. So youre not really behind.
The bad news is the longer you delay IPv6 adoption, the
greater the risk to your organization for disruption and
unforeseen costs.
Getting IPv6 Addresses

As with IPv4, distribution of IPv6 global unicast addresses
is handled by the American Registry of Internet Numbers
(ARIN). Although it used to be true that only Internet Service
Providers could get IPv6 blocks, now the rules are such that
anyone who is eligible for an IPv4 address allocation is like-
wise eligible for an IPv6 address allocation.
Allocation of IPv6 is covered in chapter six, section five of

the Number Resource Policy Manual. (You might take a shot at
reading it if you have trouble sleeping.) Essentially, it works
the same as IPv4.
You can request an allocation of addresses if:
You have a previous IPv4 allocation that is justified

under current rules for IPv4.
Chapter 3: Making the Shift to IPv6 15
Youre presently set up to use both IPv4 and IPv6 with
your current Anonymous System number.
You can make a decent technical argument to ARIN for a
deployment of numbers for your organization. (We cant
imagine many things that wouldnt fall into this category.
With so many more zeros in the number of available
addresses, we think ARIN can afford to be gracious.)
Making Use of Existing

Equipment
The next step after getting IPv6 address space is to determine
how IPv6-ready you already are and what you need to work
on. Youll have to work with vendors to decide what can be
updated, what can be upgraded, and what needs to be replaced.
You should check the life cycles of those devices that require
updates or upgrades because your IT planning schedule might
call for them to be replaced within the current budget or
they may be scheduled for next years budget. In either case,
replacement is a better choice than updating or upgrading
anything with a limited lifespan.
Modifying the Environment

for IPv6
You will probably need to change your network management
and deployment tools to handle IPv6 addresses. If you have
a network automation solution, you can easily generate the
appropriate addresses, subnets, and VLANs for each router
using a consistent numbering schema, and then generate the
router configuration changes and deploy them.
And if youre planning to do these processes manually, per-

haps its the appropriate moment to evaluate the time and
cost savings an automated network management solution
would provide. You can benefit from the automation and
control in your current IPv4 network now and be much more
ready for eventually implementing IPv6.
With each set of router configuration changes, running

diagnostic and validation tests is critical to ensure that no
adverse effects on the network will result from such changes.
Troubleshoot and resolve any problems that occur before
moving on to the next set of changes.
Getting Help
You could try to achieve an IPv6 implementation on your own.
Reading this book is a good first step. But your chances of
successfully implementing a seamless transition are greatly
enhanced if you get help from people who have had substan-
tial experience with IPv6 adoption.
Thats where Infoblox comes in. Their specialists have the

IPv6 adoption expertise to help you move your network to
the next-generation protocol safely, swiftly, and without head-
aches. And they do it with an eye toward minimizing operat-
ing costs and support requirements.
Infoblox stands ready to assist you with any or all of the

phases of your IPv6 adoption journey:
Implementation strategies: Infoblox helps you determine

which strategies will best enable IPv6 in your network
without disrupting your IPv4 network.
Network evaluation: Infoblox helps you determine what
your current network strengths and weakness are rela-
tive to IPv6.
IPv6 deployment: Infoblox assists you in preparing your
network for IPv6-readiness phase by phase, including
helping you to make necessary configuration changes (as
well as testing and troubleshooting new configurations),
conducting pilot tests during each discrete deploy-
ment throughout your enterprise, and shepherding you
through all phases of your IPv6 adoption strategy.
Post-adoption IPv6 optimization: Infoblox will also be
with you after you accomplish significant IPv6 adoption
to make sure that the network is running optimally and
that any problems are addressed and solved as they
happen (and sometimes even before they occur!).
Chapter 4
Ten (Okay, Eleven)
Questions About IPv6
Answered
In This Chapter
Alleviating anxieties
Transition technologies
Taking the first step
I Pv6 is a seismic changeover thats been a long time

coming. This chapter discusses ten questions plus a
final big one that we hear a lot, from anxieties about the
cutover process to specialized transition technologies that
can ease you though IPv6 adoption. The answers should help
your thinking about IPv6 and its ramifications.
What If We Arent Ready

to Change?
Reluctance to change is typical and understandable. The key
to overcoming this reluctance is to identify what specifically
is holding you back. For the subject at hand, most often its
a lack of understanding of whats involved in IPv6 adoption.
Hopefully, this book will fill in many of those knowledge gaps.
But, remember: the longer you wait, the greater the risk to
your organizations business continuity, business agility, and
even competitive advantage.
Additionally, more and more of your business partners will

be converting to IPv6 in the near future, thereby making it
increasingly more difficult to communicate with them. And if
you do business with governmental agencies, youre already
playing catch up.
The Internet is moving forward with IPv6 adoption out of

necessity, and organizations that delay will find themselves
increasingly isolated and will incur greater costs and risks in
trying to keep IPv4 viable.
Where Do We Look for More

Information (And Get Help)?
Infoblox.com has a series of white papers and recorded web-
casts to tell you more than you probably want to know about
IPv6. Their IPv6 Center of Excellence offers an abundance
of resources and insights, from the highly technical to the
general overview. Surveys, methodologies, best practices,
questions, and answers you pick your area of interest, and
Infoblox will help you expand your own expertise in all mat-
ters IPv6-related.
How Will IPv6 Adoption Impact

Our Software?
If youre writing line-of-business software that uses a contempo-
rary delivery system (like a web server) or a contemporary net-
work stack, the adoption of IPv6 probably wont have an impact.
On the other hand, if youre using IP numbers for logging,

you must take note of the increased space requirements.
IPv6 numbers are 128 bits four times larger than IPv4. If
youre hard-coding IP addresses in your software, you need to
change your code to use DNS names or pull the IP addresses
from a more easily changeable place, like a database.
Chapter 4: Ten (Okay, Eleven) Questions About IPv6 Answered 19
What Transition Options

Are Available?
Although IPv6 will fully supplant IPv4 eventually, total conver-
sion for the entire world will take some time. In the interim,
employ transition mechanisms to enable IPv6-only hosts to
reach IPv4 services, and also to allow isolated IPv6 hosts
and networks to reach the IPv6 Internet over the IPv4
infrastructure.
There are three principal IPv6 transition strategies that you

can choose from, or you may want to adopt a combination.
They include: tunneling, dual-stack, and translation (we dis-
cuss these options in the following sections). As you decide
among the three solutions, you should keep in mind: your
current network environment, the amount of IPv4 address
space you have, the amount of IPv6 traffic you expect to
accommodate in the near future, and the availability of IPv6
applications currently on your end systems, devices, and
appliances.
What Is Tunneling?
Tunneling is a short-term IPv6 transition strategy. It encapsu-
lates IPv6 traffic within IPv4 packets so they can be sent over
an IPv4 backbone, and allows packets of IPv6 end systems and
routers to communicate without the need to upgrade the con-
necting infrastructure.
In automatic tunneling, the routing infrastructure automati-

cally determines the tunnel endpoints. In configured tunnel-
ing, recommended for large and well-administered networks,
the tunnel endpoints are explicitly configured one of three
ways: manually by an administrator, or by the operating sys-
tems configuration mechanisms, or by an automatic service
called a tunnel broker. Automated tunneling is a compromise
approach that combines the ease of use of automatic tunnel-
ing and the deterministic behavior of configured tunneling.
What Is Dual-Stack?
A highly flexible strategy, dual-stack accommodates both IPv4
and IPv6 packets across the network, necessitating that all
network infrastructure devices operate both IPv4 and IPv6
protocol stacks according to each ones specific routing pro-
tocols. Dual-stack is a long-term solution but not a permanent
one, because eventually IPv4 will be tossed aside in favor
of IPv6.
Dual-stack is the most frequently recommended solution

for enterprise networks because theyre likely to see traffic
of both protocol types. Dual-stack is also recommended for
companies that want to deploy IPv6 on their internal network
infrastructures or that have IPv6-enabled devices provided
by their employees or guests on their networks. Similarly,
enterprises that are just getting started with IPv6 deployment
or are instituting lab trials or demonstration projects should
strongly consider a dual-stack strategy.
You do need to have enough IPv4 address space for all your
devices to do dual-stack. If a shortage of IPv4 addresses is
driving you toward IPv6 now, this wont be an option for you.
What Is Translation?
A comprehensive transition strategy, translation means both
providing IPv6 communication end-to-end and translating
intercommunication between the two protocols, either on the
host or on the router, with an application-level decision about
which protocol to employ.
The eventual goal with IPv6 is to completely replace IPv4

wherever possible, so translation should not be thought of
as an end game. But the reality is that most organizations
will have legacy devices that cant be upgraded but will need
to function over a TCP/IP network. Translation, then, func-
tions both as a good short-term transition technology and a
long-term means of supporting legacy systems that cant be
upgraded.
Chapter 4: Ten (Okay, Eleven) Questions About IPv6 Answered 21
How Will This Change the

Network Infrastructure?
Although IPv6 deployment will reach out and touch every
corner of your organization that has any connection to IT,
both physical or virtual including laptops, desktops, mobile
devices, printers, applications, VPNs, WANs, sensors, control-
lers, cloud connections, and so on the network infrastruc-
ture is priority one. The greatest impact of the advent of IPv6
will be at the network infrastructure level.
Your network infrastructure will have to adapt to IPv6,

eventually.
What Are the Security

Risks for IPv6?
Some implementation strategies have security considerations.
Tunneling is an example. When using tunnels, the IPv6 traffic
is encapsulated in a single flow between networks, making it
hard to differentiate between traffic flows or to take actions
based on the real source and destination address. Security
processing for IPv6 moves from the network perimeter to the
IPv6 gateway, bypassing the firewalls and access control lists.
Attacks using 6in4 tunnels to get through a firewall have been
reported.
Also, the stateless address auto configuration (SLAAC) of IPv6

can create a threat for outbound security because it reduces
the strength of a perimeter security model. Although some
argue that NAT creates security by hiding internal addresses,
the Internet engineering community considers that logic
weak. Devices can trigger updates directly to the Dynamic
Domain Name System rather than limited updates to a trusted
server. Policies can eliminate these threats, but at a cost to
ease of operations.
Should We Convert Our Whole

Enterprise at Once?
You should adopt a phased deployment, starting with those
areas of your enterprise that are easiest to integrate and will
present the least complex deployment, especially focusing on
the most independent components of your organization.
In this phased approach, you should complete each phase

fully including component reconfiguration, partial deploy-
ment, testing, troubleshooting, and a repeat of those steps
until full implementation for that phase is achieved before
moving on to the next phase.
How Do We Take
the First Steps?
Actually, reading this book was a good first step. You should
ask others who will be making the IPv6 adoption journey with
you to review its contents, too. Remember, making a change in
a transport protocol is not a one-person job. You need help
lots of it. Start with those you work with, and then reach out
to vendors, suppliers, your Internet provider, and anyone who
has anything to do with your network.
Specialists at Infoblox would be happy to discuss ways they

can help you begin to move your organization through the
cutover process. They can assist you with transition strate-
gies, network assessments, and any questions you may have
about IPv6.

IPv6forDummies PDF

Uploaded by

Copyright:

Available Formats

IPv6forDummies PDF

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

IPv6forDummies PDF

Uploaded by

Copyright:

Available Formats

How will IPv6 change network infrastructure?

How will IPv6 change network infrastructure?

What are some security risks of IPv6?

What are some security risks of IPv6?

IPv6

INFOBLOX SPECIAL EDITION

LIMIT OF LIABILITY/DISCLAIMER OF WARRANTY: THE PUBLISHER AND THE AUTHOR MAKE

I Pv6 stands for Internet Protocol version 6, something that

So, what is the Internet Protocol? Its a set of international

IPv6, or Internet Protocol version 6, is the newest way that

Why IPv6? The main impetus behind the move to IPv6 is to

Understanding IPv6 is important because migrating your

About This Book

Icons Used in This Book

Give particular attention to this material.

This icon indicates technical information that may or may not

These paragraphs point out special tricks or techniques you

IPv4 uses a 32-bit address, usually expressed as a group of

The IPv6 packet in Figure 1-1 is made up of two parts: the

??? Traffic Class Flow Label

Figure 1-1: The IPv6 packet format.

The header consists of a portion with basic data required for

The payload can have a size of up to 64 kilobytes without spe-

Getting Some Statistics

Internet World Statistics tells us there were 1.25 billion

Those projected 5 billion connections already outstrip the

Creating a globally unique system of addressing in which

Breaking down the New

An IPv6 address (in hexadecimal)

Zeros can be omitted

Figure 1-2: Decomposition of an IPv6 address into its binary form.

The packet header and the process of packet forwarding have

Discovering Other IPv6 Features

Integrated network security. IPsec is a mandated, baked-

IPv6 Adoption Basics

IPv6 is on its way because the Internet is running out of

If you havent started your cutover process yet, youre in

To develop a comprehensive adoption plan, follow these

1. Create a planning group. You need representatives

4. Look at what you have. You should determine what

C hanging a transport protocol should not be undertaken

How Is Implementing IPv6

The difference is under the hood, at the network layer. If

Laying Out the Business Case

That is exactly what is happening with Internet protocols.

More alarming will be the fact that as government, business,

Setting Up the Team

Make sure the team composition is cross-functional, and lay

Dont underestimate a vendor presence. Your normal network

Building an IPv6 Address Plan

What IPv6 strategy will we implement?

The answers your team provides to these questions will serve

Figuring Out Whats Ready Now

Compatibility with IPv6 networking is mainly a software

H aving your plan in place is very important, but plans are

In this chapter, we examine how to estimate the effort

Looking Ahead: Are You Behind?

Nothing could be further from the truth. Be assured that, with

Heres a current snapshot of IPv6 adoption. In October 2010,