current Internet addressing scheme IPv4 is already over
20 years old. The exponential growth of Internet users
and devices will make the IPv4 scheme inadequate in
the near future. Chandan Mendiratta, Principal
Consultant, Cisco Systems (India) talks about IPv6,
the new scheme which is expected to improve Internet
scalability, security, and quality. by Soutiman Das
are the limitations of IPv4?
IPv4 is supposed to allow 232 (approximately four billion)
addresses. The IPv4 scheme uses node addresses which
are allocated from a 32-bit space. This 32-bit address
space is further classified to provision Class A, B,
and C ranges. And these ranges constitute network part
of 8, 16, or 24-bit with corresponding host part of
24, 16, and 8-bit depending on the number of expected
hosts on a network. This led to inefficient use of the
232 possible addresses.
Many organizations automatically asked for Class A or
B addresses and used up 224 or 216 addresses at each
single assignment, even when they had a few host computers
or many subnets with several computers on each. When
two companies with Class A addresses merged, a lot of
addresses were left unused and rarely re-claimed later.
A network is designed to have a core, a distribution,
and an access layer and we have to summarize at the
different layers. There are chances that you cannot
use addresses in a linear fashion. You have to divide
them into different ranges. And when you do that you
How can you lose addresses with the IPv4 addressing
the IPv4 addressing scheme is based on binary, the 2x
rule has to be maintained. So I can have 8 or 16 addresses
and not 10. If I require nine hosts I will have to maintain
a 16-host subnet and lose seven addresses. So although
IPv4 offers around four billion addresses you can practically
use only 240 million.
The IPv4 scheme was designed and released in 1980. Seventy
four percent of the addresses are now in North America.
By 2000, half of the available IPv4 address space had
already been used. And this was two years ago. Since
then, there has been rapid computerization in many parts
of the world including India. The number of Internet
users increase everyday and for many companies it has
become an important aspect of the way it does business.
And the number of PDA's and Internet-enabled mobile
devices have also increased. There is a need for each
user or device to have a unique identity.
What are the benefits of IPv6 to an enterprise?
immediate benefit is a very large number of available
addresses. It uses an address scheme made up of eight
groups of 16 bits to define a 128-bit network address.
The address can include hexadecimals, and uses a ':'
(colon) as a delimiter. Every computer and device can
have a unique address anywhere in the world if required.
IPSec is mandatory in IPv6. IPSec is a set of protocols
used for encryption across links on the Internet. It
was optional in IPv4 but is mandatory in IPv6. Security
in IPv4 data communication existed mainly between two
networks. Meaning, only the link between the routers
at different locations was encrypted. With IPv6 it's
compulsory to have IPSec at the client level on both
sides. This creates a true end-to-end secure tunnel.
Security will be from host-to-host rather than from
A client with an IPv4 address will have to use a DHCP
(Dynamic Host Configuration Protocol) server every time
it logs on to a network. IPv6 can allot permanent addresses
which don't need to be resolved by a DHCP server. This
creates a plug-and-play environment which simplifies
management and administration.
The width of an IPv6 address header has been fixed at
40 bits to simplify the format. Whereas an IPv4 header
can be either 20, 40, or 60 bits wide. QoS (Quality
of Service) and traffic class services are very limited
in IPv4. This is because there are only three bits available
for this in IPv4. IPv6 will allow you to do a lot of
classification and QoS in applications like VoIP. In
IPv4 voice got high priority and data low priority.
But how will you differentiate all voice traffic on
the network? IPv6 can provide a more granular approach.
The new address scheme allows automatic address configuration
and reconfiguration. It means that servers can re-number
network addresses without accessing all clients. NAT
(Network Address Translation) servers may no longer
be required because there is no need to use private
addresses. It also provides new unicast and multicast
methods, and better routing capabilities for mobile
devices. There is no broadcast in IPv6.
Will an enterprise save costs by switching to an
it will not cost anything to move to an IPv6 network.
You will not have to buy new hardware and software.
All OSs like Solaris, Red Hat, Unix, Novell, and Windows
have IPv6 stacks built into its products. If it's an
earlier version, updates should be available free. The
same goes for device manufacturers. Earlier models of
routers and switches can be easily IPv6-enabled with
a software update.
You can perhaps save costs because you don't have to
dedicate a box to act as a DHCP server and a NAT. You
can utilize the servers for other tasks.
When an enterprise wants to migrate to IPv6, where
should it start?
should start at the edge. The computers and devices
at the edge should have applications that use dual protocol
stacks of IPv6 and IPv4. Since the ISP may not offer
IPv6 right away you can still use the ISP's IPv4 cloud
and create a tunnel (encapsulating mechanism) among
your locations to run IPv6 applications. Starting from
the edge you can slowly migrate the devices till the
core. And pretty soon your ISP will start to support
Will migration issues be the same for an enterprise
issues will be different because ISPs and enterprises
use different topologies. Enterprises will concentrate
on how hosts talk to each other at a LAN level and how
devices will talk when the network scales out. The issue
will be whether there will be one tunnel of IPv6 through
IPv4 or multiple tunnels.
The ISP will have to decide whether it wants only IPv6
in the backbone or does it want IPv4 and provide tunnels
for IPv6. If it uses MPLS (Multiprotocol Label Switching),
it has to decide whether to transport only IPv4 or both
along with other protocols across India. Implementation
issues will vary based on factors like these.
What are the migration issues?
will be no large issues at all. There may be a few teething
problems. Currently, the Internet is basically a big
cloud of IPv4. When you implement IPv6 there will be
small islands of IPv6. These islands will slowly become
bigger and the IPv4 cloud will start shrinking. This
may give rise to migration or co-existence issues.
But developers are working on this problem and have
developed applications that will allow co-existence
and automatically understand when to use IPv4 and when
to use IPv6. The applications will implement a dual
stack of IPv4 and IPv6 on the same protocol stack. A
host supporting both protocols can communicate with
both IPv4 and IPv6 nodes, and identify the packets as
being IPv4 and IPv6. With a dual stack, existing IPv4
applications will work seamlessly with IPv6. So if a
Web server using IPv4 fails and the backup server in
another location uses IPv6, there will be no interruption
Current network management platforms do not support
IPv6. The vendor may provide the functionality free
in the form of an update. Later versions of network
management software will certainly support the new scheme.
IPv6 is out of the research phase and has been deployed
successfully. There are around 800 sites that run IPv6
and interoperate with the IPv4 world. Commercial deployment
has started in Japan. And most IP vendors have started
to support the new scheme. It's a good foresight to
Expanded addressing: An increase in the available
addresses will allow many more devices to connect to
the Internet and will enable the growth of Internet
applications like VoIP.
Simplified header format: The new header format
will improve routing efficiency.
Improved extension and option support: Implementations
of header extensions will improve the ways in which
routers process packets.
Flow labeling: Related packets may be treated
as streams to improve reliability.
Improved authentication and privacy: Security
measures are built into the IPv6 protocol.
Das Gupta can be reached at firstname.lastname@example.org