With
the move to IPv6 imminent, enterprises need to re-work on their IT
infrastructure to support the new protocol
The Internet Society predicts
that IPv4 addresses allocated to Regional Internet Registries will run out this
year. When that happens, many new applications and services will only support
IPv6. Enterprises will be compelled to migrate from the well-known and universal
Internet Protocal version 4 (IPv4) to the newer IPv6 standard.
IPv6 is the successor to IPv4,
which has been the standard Internet communication protocol since 1981. IPv4
translates to a few billion addresses. While these addresses were adequate
during the years when the protocol was conceived, given the Internet growth
today, they will soon be exhausted.
IPv6 on the other hand increases
the number of available addresses to an amount large enough to support
addressing for the entire earth’s growing Internet population.
Organizations of all types are
feeling increasing pressure to migrate from IPv4 standard to IPv6 standard. Although the IPv6 standard
includes many important new features, such as increased security and
reliability, the world at large runs on IPv4. Making the switch from IPv4 to IPv6 is not a
task anyone with any significant investment in infrastructure wants to
undertake.
Why is the switch from IPv4 to
IPv6 difficult?
The reliance on IP addresses of
infrastructure to control, secure, route, and track everything from simple
network housekeeping to complying with complex governmental regulations makes
it difficult to simply flick a switch” and move from the old form of
addressing (IPv4) to the new (IPv6).
This reliance is spread up and
down the network stack, and spans not only infrastructure but the very
processes that keep data centers running smoothly. Firewall rules, ACLs,
scripts that automate mundane tasks, and application architecture are likely to
communicate using IPv4 addresses. Clients, too, may not be ready depending on
their age and operating system, which makes a simple cut over” strategy
impossible or, at best, fraught with the potential for technical support and
business challenges.
Possible migration scenarios
There are two possible scenarios
for a smooth, controlled migration strategy. Enterprises can either move the client
to IPv6 while keeping the servers on IPv4, or they can migrate servers to IPv6
while leaving the clients in an IPv4 environment. Moving the client to IPv6
requires all clients to be capable of attaching to the network via IPv6-enabled
pathways.
Most enterprises will find it
easier to begin migrating servers (applications) before client devices, simply
because the servers are completely under their control whereas devices are
often not.
In migrating servers, the gateway
appliance is placed between the servers and the clients, and an IPv6-capable
server network is added to the appliance/gateway. The result is that the network will have IPv4
on the front/client side of appliance, and both an IPv4 and IPv6 network behind
it.
Once the IPv6 network is
established, the servers can be moved over from the IPv4 network. As all client
devices in the future will be IPv6-based, it is imperative that enterprises
ensure that their infrastructure and applications are IPv6 capable.
Making the IPv4 to Ipv6 migration
seamless
The migration process may take
from a few months to a few years. The
interim solution of using a gateway appliance allows enterprises to continue
with business as usual while giving them time to build a new infrastructure and
rewrite applications to be IPv6-capable.
Today, appliances are available
as an IPv4 and IPv6 gateway. This is the
ideal solution as the appliance can operate seamlessly in the mixed IPv4 and
IPv6 environments.
It gives enterprises the freedom
to test, move and migrate their existing infrastructure at a controlled and
manageable pace. Enterprises can also
opt for a multi-function appliance that not only acts as a gateway but also,
provides application security, acceleration and high availability.
Typically, a gateway appliance is
situated between the clients and the servers to provide client
applications. Here, the appliance are
capable of providing high availability and
virtualization functions, making several physical servers with private IP
addresses look like a single entity with a virtual IP address. This virtualization capability provides the
company the opportunity to migrate either clients or servers to IPv6 networks
without changing everything all at once.
For a more dynamic data center
environment, deploying the gateway can provide the translation necessary to
enable the entire organization to communicate with IPv6 regardless of IP
version utilized internally.
The gateway translates between IP
versions rather than leveraging tunneling or other techniques that can cause
confusion to IP-version specific infrastructure and applications. Thus if an
IPv6 client communicates with the gateway and the internal network is still
completely IPv4, the gateway performs a full translation of the requests
bi-directionally to ensure seamless interoperation.
This allows organizations to
continue utilizing their existing investments – including network management
software and packaged applications that may be under the control of a third
party and are not IPv6 aware yet – but publicly move to supporting IPv6.
Vendors are also offering professional
service that will help organizations address their need to establish a presence
on the IPv6 Internet as new IPv6-only devices flood the market. These services are
designed to support a range of IPv6 initiatives, whether customers want to
transition internal infrastructure from IPv4 to IPv6, support dual stack
implementations, or provide continued support for legacy IPv4 applications.
By Anil Pochiraju, F5 Networks