Ready for IPv6?

As the world runs out of IPv4 numbers, the next generation offers more functionality anyway
SSN Staff  - 
Thursday, November 1, 2007

Sometime in 2010, by most estimates, someone is going to request a block of IP addresses from the American Registry for Internet Numbers, only to be told, "sorry, we're all out." That person will still be working in Internet Protocol version 4, and just about all of the four billion IP addresses possible in IPv4 will have already been allocated.
"We'll have little pieces of space left," said ARIN president and chief executive officer Ray Plzak, "but we won't have big bunches of space left. The minimum allocation size is 254, and we won't be able to meet that."
So, will there be riots in the streets outside the ARIN offices, where North America goes to register for the addresses that allow network devices to be accessible to the Internet as a whole? Probably not. If all goes well, the large part of the networking world will have adopted IPv6 as its new standard, and with it gained 16 billion-billion (that's 2 to the 128th power) new numbers, along with new standards for data encryption and device accessibility.
"I don't see any kind of impending disaster or red flag day when everybody's going to have to make a short order switch over to IPv6," said Dave Twinam, engineering manager for Cisco's physical security business unit. "Your typical American university has the amount of [IPv4] address space that all of China does. But it is an issue in Asia, where they're really driving for the adoption of IPv6."
What does adopting IPv6 mean? Essentially, manufacturers of routers, switchers, and network devices like computers, IP cameras, and, yes, IP refrigerators, have to make their products IPv6 compatible, and "manufacturers could probably make [current] products IPv6 aware without requiring new hardware," said Twinam. "It's primarily a software function.
"The major operating systems of the world all support IPv6 already," he noted.
But moving to IPv6 isn't just about getting more addresses. "It will change the capabilities of what networks can do," said Derek Tanguay, Americas president at Pacom Systems, a manufacturer of IP access control devices. "You'll be able to add more nodes, for lack of a better term, whether it's a door sensor or a camera. Everything will be networkable; there won't be any more limitations on sub-netting. That should help the market in the future. Whether that will be in the next six months I don't know; I'm envisioning more like 36 months down the road."
Pacom's next generation of panels will support IPv6, and will be available in 2008. Current platforms from Pacom already support it.
Axis Communications earlier this year released its 243SA Video Server, which supports IPv6. Fredrik Nilsson, general manager for the Americas at Axis, said IPv6 is going to become a lot more important in a hurry. "There's been a shortage of addresses for the last five, even 10, years, but that's largely been solved with different technologies for port forwarding and other address translation protocols," he said. "There have been a lot of Band-Aid technologies put in place."
However, with the number of IP devices increasing much more rapidly, "soon everything's going to be on a network," he said, "and there's going to be a huge shortage" of IPv4 numbers.
Also, Nilsson emphasized the added security features IPv6 offers, and its ability to make installation easier. Both of these qualities should appeal to the small- to medium-sized installer and integrator.
"IPv6 has inherent hooks in the protocol that are engineered to encrypt the traffic," Cisco's Twinam explained, "so I would expect that to be very popular. Why not make that traffic more secure by encrypting the traffic? As it's built in, it's going to be a lot easier for the installer to accomplish."
"You can do that with IPv4," emphasized Bob Beliles, Cisco's senior manager, market management, physical security, "it's just not as easy and the performance impact on the devices is higher with IPv4."
Further, rather than an installer having to manually configure a new network by assigning IP addresses to all of the different devices, IPv6 offers an auto-configure functionality that eliminates much of this work. "Today," said Twinam, "if you're an installer and you don't already have close ties with the network administrator, you may be at the whim of the network administrator to get the appropriate address space. In IPv6, you power on the device and it already has the IP address. You just power it on, and by the nature of it having an IPv6 protocol stack, it can automatically acquire an IP address and be visible to the network."
This, everyone agreed, should save installers time and money in the installation process. However, not everyone is on board with the autoconfiguration. There is a great debate in the IT world over whether it isn't better to use DHCPv6, which provides stateful address-configuration, where DHCPv6 servers pass out IP addresses and service information to clients and that information is managed by the IT administrator. This, goes the argument, offers more control and visibility of the network.
Twinam doesn't buy it, though. "As long as they've thought about autoconfigure in the first place, you can over-ride the self-configure if you want to," he said. "All the major manufactures have that ability."
In short, said ARIN's Plzak, "If we're talking about the security industry, where there are a lot of sensors, to be able to put an address on every one of those sensors and network them all back to a monitoring system--that's something IPv6 is ideal for. If they want this to be operational for a long time, and not have to upgrade later, they need to use the IPv6 protocol. You've just got so much space; you can address so many sensors."
Everyone interviewed agreed that anyone with working knowledge of IPv4 would only need about a day or two of training to get up to speed on IPv6. These training sessions are offered by Cisco, Native6, ITdojo and a number of IT distributors and consulting firms. Even SIA recently, on Oct. 3, held a webinar on the impact of IPv6, though it didn't exactly drill down into installation details.
The key, said Cisco's Beliles, is that "v6 is coming. If you learn about it sooner than later, when the time comes to implement it, you're ready. If you do not understand the technology, you'll have a learning curve issue and it may not come at a time that's good for you. It's function of when you want to pick up and learn it. All that there is to argue is when that time is going to come."
One date to look for: The Office of Management and Budget has mandated that all federal agencies transition their network backbone to IPv6 by June 2008. If you're working with the government, you need to get up to speed on IPv6 by next summer, at the latest.
Also, Beliles said, "it's a question to ask of your suppliers: 'Will this product support IPv6?' Not that that's the ultimate decider, but it's something to think about. Do they have a plan or a roadmap or a vision for getting to IPv6? If they don't understand the technology, that might be an indication that there are some challenges there."