The current Internet addressing scheme IPv4 is already over 20 years old. The exponential growth of Internet users and devices will make the IPv4 scheme inadequate in the near future. Chandan Mendiratta, Principal Consultant, Cisco Systems (India) talks about IPv6, the new scheme which is expected to improve Internet scalability, security, and quality. by Soutiman Das Gupta

What are the limitations of IPv4?
IPv4 is supposed to allow 232 (approximately four billion) addresses. The IPv4 scheme uses node addresses which are allocated from a 32-bit space. This 32-bit address space is further classified to provision Class A, B, and C ranges. And these ranges constitute network part of 8, 16, or 24-bit with corresponding host part of 24, 16, and 8-bit depending on the number of expected hosts on a network. This led to inefficient use of the 232 possible addresses.

Many organizations automatically asked for Class A or B addresses and used up 224 or 216 addresses at each single assignment, even when they had a few host computers or many subnets with several computers on each. When two companies with Class A addresses merged, a lot of addresses were left unused and rarely re-claimed later. A network is designed to have a core, a distribution, and an access layer and we have to summarize at the different layers. There are chances that you cannot use addresses in a linear fashion. You have to divide them into different ranges. And when you do that you lose addresses.

How can you lose addresses with the IPv4 addressing scheme?
Since the IPv4 addressing scheme is based on binary, the 2x rule has to be maintained. So I can have 8 or 16 addresses and not 10. If I require nine hosts I will have to maintain a 16-host subnet and lose seven addresses. So although IPv4 offers around four billion addresses you can practically use only 240 million.

The IPv4 scheme was designed and released in 1980. Seventy four percent of the addresses are now in North America. By 2000, half of the available IPv4 address space had already been used. And this was two years ago. Since then, there has been rapid computerization in many parts of the world including India. The number of Internet users increase everyday and for many companies it has become an important aspect of the way it does business. And the number of PDA's and Internet-enabled mobile devices have also increased. There is a need for each user or device to have a unique identity.

What are the benefits of IPv6 to an enterprise?
The immediate benefit is a very large number of available addresses. It uses an address scheme made up of eight groups of 16 bits to define a 128-bit network address. The address can include hexadecimals, and uses a ':' (colon) as a delimiter. Every computer and device can have a unique address anywhere in the world if required.

IPSec is mandatory in IPv6. IPSec is a set of protocols used for encryption across links on the Internet. It was optional in IPv4 but is mandatory in IPv6. Security in IPv4 data communication existed mainly between two networks. Meaning, only the link between the routers at different locations was encrypted. With IPv6 it's compulsory to have IPSec at the client level on both sides. This creates a true end-to-end secure tunnel. Security will be from host-to-host rather than from network-to-network.

A client with an IPv4 address will have to use a DHCP (Dynamic Host Configuration Protocol) server every time it logs on to a network. IPv6 can allot permanent addresses which don't need to be resolved by a DHCP server. This creates a plug-and-play environment which simplifies management and administration.

The width of an IPv6 address header has been fixed at 40 bits to simplify the format. Whereas an IPv4 header can be either 20, 40, or 60 bits wide. QoS (Quality of Service) and traffic class services are very limited in IPv4. This is because there are only three bits available for this in IPv4. IPv6 will allow you to do a lot of classification and QoS in applications like VoIP. In IPv4 voice got high priority and data low priority. But how will you differentiate all voice traffic on the network? IPv6 can provide a more granular approach.

The new address scheme allows automatic address configuration and reconfiguration. It means that servers can re-number network addresses without accessing all clients. NAT (Network Address Translation) servers may no longer be required because there is no need to use private addresses. It also provides new unicast and multicast methods, and better routing capabilities for mobile devices. There is no broadcast in IPv6.

Will an enterprise save costs by switching to an IPv6 network?
Well, it will not cost anything to move to an IPv6 network. You will not have to buy new hardware and software. All OSs like Solaris, Red Hat, Unix, Novell, and Windows have IPv6 stacks built into its products. If it's an earlier version, updates should be available free. The same goes for device manufacturers. Earlier models of routers and switches can be easily IPv6-enabled with a software update.

You can perhaps save costs because you don't have to dedicate a box to act as a DHCP server and a NAT. You can utilize the servers for other tasks.

When an enterprise wants to migrate to IPv6, where should it start?
Enterprises should start at the edge. The computers and devices at the edge should have applications that use dual protocol stacks of IPv6 and IPv4. Since the ISP may not offer IPv6 right away you can still use the ISP's IPv4 cloud and create a tunnel (encapsulating mechanism) among your locations to run IPv6 applications. Starting from the edge you can slowly migrate the devices till the core. And pretty soon your ISP will start to support IPv6.

Will migration issues be the same for an enterprise and an ISP?
Migration issues will be different because ISPs and enterprises use different topologies. Enterprises will concentrate on how hosts talk to each other at a LAN level and how devices will talk when the network scales out. The issue will be whether there will be one tunnel of IPv6 through IPv4 or multiple tunnels.

The ISP will have to decide whether it wants only IPv6 in the backbone or does it want IPv4 and provide tunnels for IPv6. If it uses MPLS (Multiprotocol Label Switching), it has to decide whether to transport only IPv4 or both along with other protocols across India. Implementation issues will vary based on factors like these.

What are the migration issues?
There will be no large issues at all. There may be a few teething problems. Currently, the Internet is basically a big cloud of IPv4. When you implement IPv6 there will be small islands of IPv6. These islands will slowly become bigger and the IPv4 cloud will start shrinking. This may give rise to migration or co-existence issues.

But developers are working on this problem and have developed applications that will allow co-existence and automatically understand when to use IPv4 and when to use IPv6. The applications will implement a dual stack of IPv4 and IPv6 on the same protocol stack. A host supporting both protocols can communicate with both IPv4 and IPv6 nodes, and identify the packets as being IPv4 and IPv6. With a dual stack, existing IPv4 applications will work seamlessly with IPv6. So if a Web server using IPv4 fails and the backup server in another location uses IPv6, there will be no interruption in access.

Current network management platforms do not support IPv6. The vendor may provide the functionality free in the form of an update. Later versions of network management software will certainly support the new scheme.

IPv6 is out of the research phase and has been deployed successfully. There are around 800 sites that run IPv6 and interoperate with the IPv4 world. Commercial deployment has started in Japan. And most IP vendors have started to support the new scheme. It's a good foresight to migrate soon.

IPv6 benefits
Expanded addressing: An increase in the available addresses will allow many more devices to connect to the Internet and will enable the growth of Internet applications like VoIP.

Simplified header format: The new header format will improve routing efficiency.

Improved extension and option support: Implementations of header extensions will improve the ways in which routers process packets.

Flow labeling: Related packets may be treated as streams to improve reliability.

Improved authentication and privacy: Security measures are built into the IPv6 protocol.

Soutiman Das Gupta can be reached at soutimand@networkmagazineindia.com