IPv6 Is Not an All-or-Nothing Proposition

You don't have to switch directly from IPv4 to IPv6

I have recently met many people who are under the impression that an organization must transition directly from IPv4 to IPv6. Thankfully, this is not the case. You can run IPv4 and IPv6 side-by-side during the interim stage of migration. Only after a long period of running both will you eventually be able to start to disable IPv4. A decade or more from now, IPv6 may be the only network-layer protocol used.

Today, most enterprise networks use IPv4 as their only network-layer protocol. Even though there are IPv6-capable nodes on our networks, those nodes predominantly use IPv4 for their communications. In fact, most operating systems now come with IPv6 capabilities enabled by default. These dual-protocol nodes use operating with IPv4-only because there is no local router sending out ICMPv6 Router Advertisement (RA) messages to activate those IPv6 stacks and give them global addresses. When you are ready to deploy IPv6 you will configure your router to tell the dual-protocol nodes that they are now on an IPv6-enabled network.

If you had to make a direct migration from IPv4 to IPv6 then everything in your environment would need to be fully IPv6-capable before you could switch. That would be much like a hot-cut to a completely new protocol. Network engineers know that hot-cut situations represent increased risk to an organization's business critical applications. The reality is that it would take many years before everything in the environment was fully IPv6-capable and it would also take an astronomical amount of planning to make that immediate transition. This is not to mention that when your organization switches to IPv6, the rest of the Internet, your business partners and customers would all need to switch to IPv6 at the same time. There is no "flag-day" to transition to IPv6 so we must have a gradual migration.

IPv6 was created along with a variety of transition techniques. The IETF protocol architects design IPv6 transition methods to ease the pain of changing network layer protocols. These transition techniques fall into three categories: dual-protocol, tunneling, and translation. The dual-protocol technique is pretty simple to understand; systems run both protocols until eventually every system is "bilingual". Tunneling techniques encapsulate the IPv6 packets within IPv4 headers to get the IPv6 packets to traverse an IPv4-only network. Tunneling adds protocol overhead, requires more administrative effort to maintain, and adds complexity. Translation techniques try to facilitate an IPv4-only host communicating with an IPv6-only host. Unfortunately, many things get lost in translation between these protocols and many applications may not work well with translation.

This long list of transition techniques often confuse people new to IPv6 as they try to figure out which technique is best for their company. It is as if there are too many choices and people end up in a state of indecision and not making progress with IPv6. The IETF has given us many options for specific situations and corner cases, but many of those techniques will not be used by most organizations. Instead, it is better to "dual-stack where you can, tunnel where you must, and avoid translation if at all possible".

The one downside to operating a dual-protocol environment is that you must operate and maintain two networking protocols, two addressing schemes, two sets of DNS records, two firewall policies, etc. Organizations will want to reduce the amount of time they are in the dual-protocol migration stage as there will be higher operational costs doing all this work to maintain two protocols. However, dual-stack is the simplest translation strategy and it is the strategy that the current Internet service providers and content providers are using. The dual-protocol transition technique gives time for Internet systems, your business partners and customers to move to IPv6 at their own rate. Most enterprises will also choose this technique to allow for a slow and steady IPv6 deployment.

Hopefully this clears up the confusion some people have regarding IPv6. Thankfully we do not have to make a complete switch to IPv6 all at once. Dual-protocol is the preferred migration strategy, but this technique should not allow your organization to put off migrating to IPv6. We must all be starting our IPv6 deployments so that the Internet systems and its connected organizations are moving toward IPv6 at the same pace. Many enterprises may not want to be the first organizations migrating to IPv6, ISPs and content providers are among the first to deploy IPv6. Your organization will want to start migrating to IPv6 today, if you haven't started already, and you certainly do not want to be the last to transition to IPv6.


Join the Network World communities on Facebook and LinkedIn to comment on topics that are top of mind.

Copyright © 2012 IDG Communications, Inc.