IPv6 deployment: Time for action?

A while ago I was asked to write an article about IPv6 training. I could just cover the training aspect, like what's offered (answer: not much) and whether someone can train the whole operations team like you could in the IPv4 or MPLS/VPN world (answer: no), but I wanted to understand whether anyone is really using IPv6 in a production network. I found a few academic networks (after all, there are about 2000 IPv6 prefixes assigned and someone should be doing something with them), but not much of what I would call a real production environment, which is a bad thing, as it looks like the IPv4 address space will get saturated in a few years.

Update 2010-03-12: Numerous commercial ISPs now offer native IPv6 connectivity, but they also face significant deployment challenges. You will find an overview of those in my Market trends in Service Provider networks workshop (register for the online webinar). Advanced backbone designs and configurations are explained in the Building IPv6 Service Provider core workshop (register for the online webinar).

My conclusions are summarized in the article I wrote for SearchTelecom.com. I still have mixed feelings about our ability to be IPv6-ready when needed (as well as when we'll need it). At the very least, if you're running an enterprise network, there's no need to rush (unless, of course, there are tax breaks or incentives on the horizon); unless you decide to deploy IPv6 internally (hopefully for a good reason), the first time you'll meet it is when you'll deploy dual stack on your public servers to avoid NATing to IPv6-only clients on the public Internet.

Of course, I can be completely wrong, in which case I would highly appreciate your corrections.

The list of all articles I wrote for SearchTelecom is available in the CT3 wiki.

8 comments:

  1. As an engineer on one of the 5 largest backbones in the world, I can tell you that IPv6 technology on the network side is stable and just works. We have been dual-stack for about 5 years. IPv6 from the network side is very simple. I will tell you though that there is very little demand for IPv6 service and even less traffic.

    ReplyDelete
  2. We are a small ISP and are running fully dual-stacked for 4 years now.

    We started because of a customers request. Right now we get more and more requests for internet-access using ipv6, but as shawn said, the traffic ist still marginally.

    ReplyDelete
  3. I was talking to a senior Cisco IPv6 guy recently, and he told me the first large production deployments of IPv6 will probably be in management networks. Specifically, he mentioned that Comcast is planning to deploy a native IPv6 management network, as they foresee needing upwards of 100 million addresses.

    ReplyDelete
  4. . . . and Microsoft has been pushing with the IPv6 stack since XP, and now it comes by default enabled on Vista and 2003 - I would expect 2008 to follow suit. Linux distros have IPv6 enabled since . . . forever?

    Time for enterprises to also say "hey, what the heck - we got it for free, let's leave it enabled and start running a trial - see how that goes".

    ReplyDelete
  5. I tried setting up an IPv6 tunnel on an 1801. The tunnel was set up and worked, but there were a couple of show stoppers:

    - IPv6 only works with what cisco refer to as legacy firewall; it does not work with Zone-Based Firewall

    - IPv6 does not work with BVI interfaces (you can't route bridged ipv6)

    ReplyDelete
  6. Thanks for all the comments. I had no doubt that dual-stack IPv6 works in the network core; after all, Cisco has a very long highly successful history of supporting multiple simultaneous protocols in the core :) I am also positive that if you run IS-IS + BGP and deploy IPv6 toward enterprise customers (i.e. leased lines or LAN attachment), there are no surprises.

    How about residential customers or SOHO offices? Anyone running IPv6 over DSL or cable? Dialup? IPv6 with AAA/Radius server? Production firewalls?

    And, last but definitely not least, we all know that the biggest hurdles will be the applications :(

    ReplyDelete
  7. I think for us the networkers we need to get our hands dirty and start playing with IPv6. I don't recommend using your production network for this but may be a separate Internet connection and setup a public IPv6 tunnel to begin your IPv6 adventure.

    I setup my home router and connected to a free IPv6 tunnel broker. They provided me with a /64 (yes, /64, no kidding) for my LAN and I formed IPv6 BGP peering with their IPv6 router over the IPv6 GRE tunnel. I also enabled IOS IPv6 firewall but as of the latest IOS (12.4(15)T1) only basic TCP, UDP, and FTP are supported. On the LAN side you setup stateless DHCPv6 and enable your Windows XP or Vista to be dual-stack or just IPv6 only (only Vista can do that). I am still a novice in IPv6 but I must tell you that I have learned something from this home-lab setup with a real IPv6 tunnel broker over the Internet.

    ReplyDelete
  8. Lots of IPv6 reading stuff:

    ECAI6 (European Conference on Applied IPv6) slides:

    http://www.guug.de/veranstaltungen/ecai6-2007/abstracts.html

    ReplyDelete

You don't have to log in to post a comment, but please do provide your real name/URL. Anonymous comments might get deleted.

Ivan Pepelnjak, CCIE#1354, is the chief technology advisor for NIL Data Communications. He has been designing and implementing large-scale data communications networks as well as teaching and writing books about advanced technologies since 1990. See his full profile, contact him or follow @ioshints on Twitter.