Internet Protocol (IP) is the “language” and set of rules computers use to talk to each other over the Internet. The existing protocol supporting the Internet today - Internet Protocol Version 4 (IPv4) - provides the world with only 4 billion IP addresses, inherently limiting the number of devices that can be given a unique, globally routable address on the Internet. The emergence of IPv6, providing the world with an exponentially larger number of available IP addresses, is essential to the continued growth of the Internet and development of new applications leveraging mobile Internet connectivity. Although the information technology (IT) community has come up with workarounds for this shortage in the IPv4 environment, IPv6 is the true long-term solution to this problem.
Federal government agencies should prepare for the future of networking and Internet technology by enabling their networks to support IPv6 addresses and data packets. There are many considerations when introducing any emerging technology into an organization’s infrastructure. Therefore, this type of transition should be done methodically and mindfully, with full awareness of the benefits, challenges, and caveats surrounding the technical implementation of IPv6. This document outlines many of these benefits, challenges, and caveats, and provides Federal government agencies with IPv6 transition “best practices” which can be used to inform agency IPv6 transition planning and the adoption of IPv6 into their IT infrastructure.
2. HISTORY OF IPV6
In August of 2005, the Office of Management Budget issued Memorandum M-05-22, “Transition Planning for Internet Protocol Version 6 (IPv6)”, establishing the goal of enabling all Federal government agency network backbones to support the next generation of the Internet Protocol Version 6 (IPv6) by June 30, 2008.
The memorandum requires the agency’s network backbone to be ready to transmit both IPv4 and IPv6 traffic, and support IPv4 and IPv6 addresses, by June 30, 2008. Agencies must be able to demonstrate they can perform at least the following functions, without compromising IPv4 capability or network security:
• Transmit IPv6 traffic from the Internet and external peers, through the network backbone (core), to the LAN.
• Transmit IPv6 traffic from the LAN, through the network backbone (core), out to the Internet and external peers.
• Transmit IPv6 traffic from the LAN, through the network backbone (core), to another LAN (or another node on the same LAN).
The requirements for June 30, 2008 are for the network backbone (core) only. IPv6 does not actually have to be operationally enabled (i.e. turned on) by June 30, 2008. However, network backbones must be ready to pass IPv6 traffic and support IPv6 addresses. Applications, peripherals, and other IT assets which are not leveraged in the execution of the functions mentioned above are not required for the June 30, 2008 deadline. Agencies are expected to verify this new capability through testing activities. They are also required to maintain security during and after adoption of IPv6.
In support of these goals, OMB Memorandum 05-22 identifies several key milestones and requirements for all Federal government agencies. These requirements are:
- By November 15, 2005
• Identify an IPv6 agency lead
• Complete inventory of IP-aware hardware devices in network backbone
- By February 28, 2006
• Develop a network backbone transition plan for IPv6
• Complete an IPv6 progress report
- By June 30, 2006
• Complete inventory of IP-aware applications and peripherals with dependencies on network backbone
• Complete an IPv6 transition impact analysis
- By June 30, 2008
• Complete network backbone transition to IPv6
3. IPV6 OVERVIEW
IPv6 is the next generation protocol for the Internet, designed to support continued Internet growth in number of users and functionality. The current version, IPv4, was developed in the 1970’s and provides the basis for today’s Internet interoperability. IPv4 suffers some limitations that may be inhibitors to growth of the Internet, and use of the Internet as a global networking solution. IPv4 allows for as many as 232 (4,294,967,296) addresses. Although this seems like a very large number, it is much too small for tomorrow’s Internet. Considering the population of the Earth is approximately 6.6 billion people, with IPv4 we can not even afford to give a single IP address to every person on the Earth.
IPv6 has been under development by the Internet community for over ten years and is designed to overcome these limitations by greatly expanding available IP address space, and by incorporating features such as end-to-end security, mobile communications, quality of service, and system management burden reduction. The true transition of the global Internet from IPv4 to IPv6 is expected to span many years. During this period of transition, many organizations introducing IPv6 into their infrastructure will operate in a dual-stack environment supporting IPv4 and IPv6 concurrently, possibly for the foreseeable future. There is not a one-size fits all transition strategy for IPv6. The incremental, phased approach allows for a significant period where IPv4 and IPv6 can co-exist using one or more transition mechanisms to ensure interoperability between the two protocol suites.
4. IPV6 FEATURES AND BENEFITS
The evolution of the IPv6 protocol represents the work of many different Internet Engineering Task Force (IETF) proposals and working groups, and represents several years of effort. IPv6 was designed to build on the existing features of IPv4 and provide new services and capabilities. The rationale is to:
• Extend the IP address space enough to offer a unique IP address to any device.
• Enable stateless IP auto-configuration and improved “plug and play” support
• Provide support for network address renumbering.
• Enable mandatory implementation of IP Security (IPsec) support for all fully IPv6-compliant.
• Improve support for IP Mobility.
Listed below is an overview of several features and benefits IPv6 is intended to provide.
• Larger address space – IPv6 increases the IP address size from 32 bits to 128 bits. Increasing the size of the address field increases number of unique IP addresses from approximately 4,300,000,000 (4.3×109) to 340,282,366,920,938,463,463,374,607,431,768,211,456 (3.4×1038). Increasing the address space to 128 bits provides the following additional potential benefits:
o Enhanced applications functionality –Simplifies direct peer-to-peer applications and networking by providing a unique address to each device.
o End-to-end transparency – The increased number of available addresses reduce the need to use address translation technologies
o Hierarchical addressing – The hierarchical addressing scheme provides for address summarization and aggregation. These approaches simplify routing and manage routing table growth.
o Auto-configuration – Clients using IPv4 addresses use the Dynamic Host Configuration Protocol (DHCP) server to establish an address each time they log into a network. This address assignment process is called stateful auto-configuration. IPv6 supports a revised DHCPv6 protocol that supports stateful auto-configuration, and supports stateless auto-configuration of nodes. Stateless auto-configuration does not require a DHCP server to obtain addresses. Stateless auto-configuration uses router advertisements to create a unique address. This creates a “plug-and-play” environment, simplifying address management and administration. IPv6 also allows automatic address configuration and reconfiguration. This capability allows administrators to re-number network addresses without accessing all clients.
o Scalability of multicast routing – IPv6 provides a much larger pool of multicast addresses with multiple scoping options.
5. IPV6 HEADER FORMAT AND ADDRESSING
The IPv6 header has been streamlined for efficiency (Figure 2). The new format introduces the concept of an extension header, allowing greater flexibility to support optional features. Fields in the IPv6 header are:
• Version: 4-bit Internet Protocol version number, value = 6.
• Traffic Class: 8-bit traffic class field, similar to type of service in IPv4.
• Flow Label: 20-bit flow label, used to identify traffic flow for additional control on quality of service.
• Payload Length: 16-bit unsigned integer, length of the IPv6 payload.
• Next Header: 8-bit selector, used to identify the type of header immediately following the IPv6 header.
• Hop Limit: 8-bit unsigned integer, decremented by 1 by each node that forwards the packet. The packet is discarded if Hop Limit is decremented to zero.
• Source Address: 128-bit address of the originator of the packet.
• Destination Address: 128-bit address of the intended recipient of the packet.