February 2012 Archives

It's a question we should all ask.

For the average IT user or network manager it's a significant point to actually consider. For a managed services company such as SAS Group, based down in an actually leafy bit of "greater" Crawley, it's a fundamental question to ask.

Charles Davis, CEO of SAS believes the IP world is reaching crisis point.

He points out that the number of addresses for IPv4 has long been predicted to run out soon arguing that, meanwhile, our readiness to move over to IPv6 looks increasingly unlikely to happen any time soon. Conventional wisdom among many analysts said that the industry wouldn't be ready for the switch until 2015. Personally, based on the indicators he sees every day, Davis thinks it could be even more distant.

But - and this is a big but (no pun intended for American readers) - the world IS running out of IPv4 addresses. This means that two of the current booms in technology he identifies, cloud computing and the" Internet of Things", might not be sustainable. You can't have an Internet of Things, Davis argues, if the 'things' in question (gadgets) can't get on the Internet. They simply won't be able to without an IP address, and all the IP addresses available under the old system are rapidly being used up.

Davis believes that, while it might all sound a bit "Mad Max", the IP crisis does bear some of the hallmarks of an apocalypse. For example, there are some alarming inequalities in the way resources are being shared out, he notes with just 20% of the world owning the majority of IP addresses. Hardly ideal...  India, for example, - which when I last looked at my globe is quite a large country (with rapid IT deployment) has only three Class B address ranges (i.e. 130,000 addresses). In contrast as Davis points out, just one US IT company alone, HP, can trump that with its two class A IP address ranges (i.e. 32,000,000 addresses). Could this lack of infrastructure restrict the growth of the BRICs (Brazil, Russian, India and China) he asks, therefore, and will the developing nations become frustrated at their lack of, well, development?

In circumstances like these, Davis can see drastic measures being taken, such as... companies actually getting round the negotiation table and talking to each other. Perhaps some decisions will be taken sooner and innovative solutions will be dreamt up to free up more addresses.

Davis points out, it wasn't as if it were planned. Yes, it was a class issue, but only in the sense that the early allocation of IPv4 addresses was based on IP class allocation. This was in the days when the eventual exhaustion of the IPv4 ranges was not seen as an issue, like many things IT. So the allocation that took place seemed appropriate at the time. As a result, large amounts of address space were unused.  Indeed, some estimate that as many as 80% of allocated addresses are not currently in use.  

The cloud computing lobby, too, will be exerting pressure for the IP crisis to be resolved. For cloud computing to work, you need certain conditions, one of which is perfect communications. Optimum communications, in turn, could be dependent on the adoption of IPv6.

This brings Davis onto another aspect of the next version of IP, which he believes nobody has really given much air time to as yet. With IPv6 giving companies complete visibility over the movements and browsing habits of smart phone and laptop users, it could become a marketing manager's dream.

If only we had the same perfect information about the migration from IP4 to IP6... (watch this space).

"M" might stand for Murder in the London theatre world, but the ultimate "M" word in IT has to be "Migration".

Apply this word to the challenge that is moving from IPv4 to IPv6 and you can probably hear the howls of despair and mistake them for an attempted murder. There are, however, some fundamental tools/advanced features of IPv6 that are designed to ease this process. These have been adopted to a lesser or greater degree by different vendors, so it's worth noting the availability of these features when shopping around for IPv6 assistance and future proofing.

We'll start with three absolutely fundamental ways to manage your IP addresses and how these work in a migratory environment.

NAT: NAT (Network Address Translation) has became a pretty fundamental tool for alleviating the issues with limited IPv4 address spaces, with most companies enabling it on their network gateways and other devices. So how to transition this to IPv6. First, there is what is known as Carrier Grade NAT (AKA Large Scale NAT) whereby Carriers/ISPs can allocate multiple clients to a single IPv4 address, standardising behaviour for IPv4 NAT devices and the applications running over them, using features such as "fairness" mechanisms - user allocated port quotas and the like. 

We also have specific transition technologies such as NAT 64. This is a mechanism to allow IPv6 hosts to communicate with IPv4 servers. The NAT64 server is the endpoint for at least one IPv4 address and an IPv6 network segment of 32-bits. The IPv6 client embeds the IPv4 address it wishes to communicate with using these bits, and sends its packets to the resulting address. The NAT64 server then creates a NAT mapping between the IPv6 and the IPv4 address, allowing them to communicate.

DNS: As with the 64-bit version of NAS, we also have a 64-bit version of DNS. The IPv6 end user's DNS requests are received by the DNS64 device, which resolves the requests.

If there is an IPv6 DNS record (AAAA record), then the resolution is forwarded to the end user and they can access the resource directly.

If there is no IPv6 address but there is an IPv4 address (A record), then DNS64 converts the A record into an AAAA record using its NAT64 prefix and forwards it to the end user. The end user then accesses the NAT64 device that NATs this traffic to the IPv4 server.

Dual Stacks/DS-Lite: An obvious feature to look for is dual-stack support where all IPv4 and IPv6 features can run simultaneously. In addition there is DS-Lite (Dual Lite Stack) which enables incremental IPv6 deployment, providing a single IPv6 network that can serve IPv4 and IPv6 clients. Basically this works using IPv4 (tunneled from customer's gateway) over IPv6 (carrier's network) to a NAT device (carrier's device allowing connection to IPv4 Internet, which can also apply LSN/CGN). Because of IPv4 address exhaustion, Dual Lite Stack was created to enable an ISP to omit the deployment of any IPv4 address to the customer's on-premises equipment, or CPE. Instead, only global IPv6 addresses are provided. (Regular Dual-Stack deploys global addresses for both IPv4 and IPv6.)

I've recently been in conversation with a number of network product vendors - from Cisco to Infoblox - users and test equipment vendors, with respect to what must be the ultimate in "let's sweep it under the carpet and forget about it for a while" IT topics and that is IPv6.

With the last of the public IPv4 address allocation now long gone and the Far East already deploying IPv6 big time, the reality is that we do all need to start thinking about moving from the "4" to the "6", albeit gradually in most cases. And with LTE around the corner in the mobile world, that being pure IP-based, how many new IP addresses will suddenly be demanded? And where are they going to get allocated from?

In the States recently and having a casual natter with Infoblox' Steve Garrison, Steve was saying how many companies still carry out IP Address Management (IPAM) using Excel spreadsheets (got to be in the "Top 10 misuses of a spreadsheet"). So how will they cope with the complexities of deploying IPv6?

Another worry, from a conversation with F5 Networks and others that dabble in L4-7 data "mucking about" is the potential performance hit when moving from IPv4 to IPv6. This is something that (quelle suprise!) vendors don't openly talk about, but F5 has seen up to 50% performance hit on some rival products (tested internally) when moving from IPv4 to IPv6 and generally reckons its own see up to 10% performance loss in the same circumstances. This claim was substantiated in talks with other vendors large and small, such as with a newly acquired load-balancing client of ours, Kemp Technology.

So, on the basis that someone has to do something about it, we are launching an IPv6 performance test program, with a view to developing what is effectively an ongoing buyers guide/approved list for companies to short-list their potential IPv6 related procurements with. 

Over the next few days we'll be looking at some of the key elements of IPv6 deployment - think in terms of something akin to the Top 10 Considerations when moving to IPv6. Because, sooner or later, we're all going to have to do it...