Wednesday (6 June 2018) is the sixth anniversary of ‘World IPv6 Launch’, and during this week APNIC is marking the occasion with a series of IPv6-themed posts on the APNIC Blog, including research, success stories, opinions, and more.
Migrating to IPv6 will make you ready for the next stage of the Internet. I was the principal network design engineer and member of the project team for deploying native IPv6 for all residential home users at Vodafone New Zealand two years ago. As an outcome of that project, IPv6 has been deployed for about 80% of residential home Internet users now.
I believe adopting IPv6 is inevitable, and as an international technology company, we were committed to providing our users with the latest technologies.
The graph below from APNIC Labs shows Vodafone’s IPv6 deployment rate and compares that with the rate of IPv6 adoption at the country level.
Figure 1: Vodafone’s IPv6 deployment rate compared to IPv6 adoption at country level. Source: APNIC Labs
Adopting IPv6 is just like learning a new language. It’s not a matter of removing a word and replacing it with another. There are new structures to be learned and different ways of doing things to be tried.
There are also changes to be made on mindsets of people who are directly using IPv6 or are engaged in delivering it. There are some concepts that are ingrained in IPv4 networks and are completely out of context in the IPv6 realm.
NATing, for example, is not a best practice in IPv6 networks. Every device will have a publicly routable IPv6 address. Fragmentation and reassembly and also Address Resolution Protocol (ARP) are other examples that do not apply to IPv6.
Once these differences are understood, replacing one protocol with the other is going to be much easier.
First, and maybe the most important step in deploying IPv6, is deciding on a migration strategy. There are multiple options that an ISP can choose based on their specific setup, number of users, IPv4 address space usage, and so forth. We decided to implement IPv6 in parallel to IPv4 in a dual-stack topology.
The next step for us was to decide how to allocate IPv6 addresses to end users. We needed to determine how big of a block would be allocated to each subscriber and how to break that down into individual /64 addresses to be used by internal devices.
Next, and another one of the most important steps, was a thorough testing of IPv6 with all the access technologies that we had for our subscribers. Here we faced multiple challenges that were specific to certain kinds of access setups.
And finally, the last step was deploying IPv6 in different network building blocks like international gateways, DNS, access and core platforms.
IPv6 and transparent caching
One specific lesson we learned during our IPv6 project is related to transparent caching.
Caching is being used by many service providers and even enterprises to provide a better experience for end users by caching the content closer to the user. Transparent caching is where this process is transparent from the users’ perspective. The user requests a piece content from the Internet and the content is served by caching platforms, but the source and destination addresses are spoofed, so the user receives the content with the source IP address of the content on the public Internet but doesn’t see cache involvement in delivering it.
This can cause issues when using IPv6 because, in an IPv6 world, source and destination of a packet stream should be reachable using ICMP, so that when a device cannot forward the IPv6 packet it notifies the sender to send smaller packets. But with packets now using spoofed addresses, the ICMP messages won’t be able to reach the right device; and as a result, it may break connections.
One workaround to the problem could be reducing the MTU of the minimum allowed by the IPv6 standard, which is 1280 bytes. But in our case, we decided to keep the dynamic path MTU discovery and instead, bypass the caching platforms for all IPv6.
My advice for you
When you first get started, try setting strategies on how to start allocating IPs. Without that, IPv6 allocations can soon lead to a messy situation, which would be very hard to manage.
Also, use IP address management platforms as far as you can. Managing IPv6 manually or using spreadsheets is not practical.
You will want to pay special attention to the DNS. With IPv6 in place, everything should have a DNS record. You can’t expect people to remember the IPv6 string.
Lastly, having ICMP allowed anywhere is very important. Otherwise, the path MTU discovery will not work, which leads to poor performance or even breaking the communication.
The best advice I can give you is to start deploying IPv6 right now. There’s no better time to start the process.
Do not buy equipment that doesn’t support IPv6. In 2018, every piece of equipment must have IPv6 support.
I recommend that you grow the IPv6 culture inside your organization by challenging everyone to know at least as much about IPv6 as they know about IPv4. Teach people fun ways to experiment with IPv6, and this will encourage them to keep using it.
Original post appeared on Team ARIN Blog.
Mansour Ganji is a Senior Network Engineer at Next Dimension Inc. Prior to that, he was a Senior Engineer, Principal Designer and Network Design Team Leader at Vodafone New Zealand.
The views expressed by the authors of this blog are their own and do not necessarily reflect the views of APNIC. Please note a Code of Conduct applies to this blog.