Tag Archives : IPv6 security March 2010

IPv6 – Is 2010 the year of the big plunge?

By: Carlos Morales -

IPv6 is one of the biggest topics of hallway conversations at the Austin, TX NANOG conference last week ranking right up there with “what I did last night” and “did you try the barbeque from xxxx?”

The questions on many people’s lips are “What are you doing with IPv6″ and “when are you rolling it out?” 

This is a change from past meetings I’ve attended where IPv6 was talked about but it clearly wasn’t foremost on most people’s minds.   This year, most folks seem to be doing a lot more thinking and planning around IPv6.  I spoke to a smattering of ISPs, content providers and eyeball (MSO and DSL) networks and all were along the path of putting an IPv6 framework in place – peering agreements being reviewed, IPv6 network technology being analyzed or implemented, costs being analyzed.    

The heavy IP address users, the content providers and the eyeballs, are the ones that will drive the mass migration.   They see the signs of IP address exhaustion and see the wall coming; the countdown timers show that IANA will run out of space in 576 days and estimates say that the RIRs will run out of space in ~ 2.5 years.  One challenge is that ARIN is still handing out IP address blocks with little to no resistance.   This ensures business continuity but it also makes it so that some people, particularly those responsible for the bottom line,  don’t perceive the gravity of the situation and hold back major IPv6 initiatives.  The evidence of IPv4 exhaustion is so overwhelming that it is only a matter of time before the objections are overcome and major IPv6 initiatives begin across the Internet community.

The other traditional objection to IPv6 migration was that vendors did not support it.  That’s not the case anymore.  Most vendors are delivering now on IPv6 roadmaps.  There’s definitely not the extent of technologies and tools that there are for IPv4 but providers now have choices.   

That brings me back to NANOG where lots of folks are talking to each other to find out who is doing what, when.  IPv6 requires extensive cooperation between providers and customers so unlike other technologies, mass adoption is a mandate for it to be successful.  Aside from the cost of moving to IPv6, there’s considerable nervousness within the community about moving forward because of the unknowns involved in IPv6.  Complexity, training, performance, security and interoperability are all major factors in the fact that the mass IPv6 migration hasn’t happened even after over 15 years of availability and after it became clear that the ultimate exhaustion of IPv4 space was imminent.

The analogy I can think of is that the Internet community is a set of people crowded onto a long pier.  The community is now taking up most of the pier and it will soon be filled.   The folks on the peer can jump in the water and get endless room.   There are some known challenges with jumping: the water is cold, some of the people don’t swim very well and they know that they’ll get their clothes wet.  There are a number of unknowns:  What else is in the water that can hurt me?  Will a fellow swimmer latch onto me and make me drown, is there a strong current that’ll carry me away?    Sure, some folks are in the water already but they waded in from the shore and most are only ankle or knee deep.  Only a small handful are over their heads.  Eventually, everyone is going to jump in the water but everyone is waiting for someone else to take the first plunge. 

In September 2009, my colleague Craig Labovitz reported that IPv6 still represents much less than 1% of all Internet traffic.  Is 2010 the year that we see the first mass migration and we start seeing a more significant amount of IPv6?   From what I’m hearing here at Nanog, it just might be…

For those who are considering the plunge, a report was just published by NIST about the considerations when deploying IPv6.