Building network automation solutions

9 module online course

Start now!

Enterprise IPv6: still not ready for prime time

Almost a year ago I wrote a blog post listing various enterprise networking devices from Cisco lacking IPv6 support. As Jessica Scarpati found out (quoting, among other sources, my articles), not much has changed in the meantime and Cisco is not the only myopic company. For example, according to her article, Riverbed spokesman has “declined a request to discuss how the WAN optimization vendor will help customers with IPv6 migrations, saying the company was not ready to speak publicly about its strategy.” No wonder enterprises are not rushing to join the IPv6 crowd (although there’s no excuse for not having an IPv6-enabled public web site).

To make matters worse, there’s another roadblock to enterprise IPv6 deployment: MPLS VPN services supporting native IPv6 are still rare (and in most cases you can’t have any other routing protocol but EBGP).


  1. 2001:420::/32 addresses have been hitting our v6-enabled web sites lately, so it looks like *someone* at Cisco is using IPv6.
  2. It is possible to reach Cisco Web using IPv6:
  3. Sure. Nobody is saying Cisco (as a company) has any problems with IPv6. Their routers, switches and firewalls work as expected and I would expect no less from their (usually great) IT organization ... unfortunately some business units were asleep at the wheel.
  4. I'm -7 so it isn't only the company that is myopic. ;-)
    It is difficult I think to get the timing right and you could equally argue that it is the fault of the network operators not putting their money where their mouth is.
    That be as it may, I think everyone in the network industry and I certainly know that we in cisco are taking the transition to IPv6 seriously and doing our absolute best to close any feature or platform gaps there are.
  5. First of all, I'm honored that you've stopped by my blog!

    I 90% agree with you - Cisco (the routing & switching company) did a lot to push & promote IPv6 and support its early adopters and I know all you've been a market leader in this space for years (if not for decade or longer).

    Unfortunately, recent additions to Cisco (the corporatopolis), primarily in the Enterprise space, don't seem to share your enthusiasm and commitment. This causes significant problems to those people that also want to do their absolute best and provide IPv6 content.

    The worst offender (from this perspective) is ACE load balancer, but I'm also wondering how an enterprise is supposed to protect itself against web/HTTP-over-IPv6 attacks considering that Ironport still does not support IPv6. By not deploying IPv6?

    As for the SP space: yet again, I absolutely agree with you.
  6. I have been trying to get a simple questions answered that is very apropos for this topic with Cisco gear 'supporting' IPv6:

    When can I see OSPFv3 authentication in SXI (6500) and SG (4948E/4900M) family?

    How can Cisco claim production IPv6 code since 2001 when I cannot even authentication my routing sessions?
  7. Yeah, most enterprise engineers are very fluent in IS-IS and migrating to another L3 protocol AND another routing protocol at the same time makes perfect sense :-P
Add comment