November 13th, 2006
The truth about the IPv6 transition
Just about everyone in the IT business has heard the promises of IPv6. Why continue leasing Class A blocks to individual companies when most companies have to beg for a Class C block of 256 IP addresses?Many have read that IPv6 will solve everything from spam to security to saving the Internet. But has anyone read the fine print on what an IPv6 transition will encompass and what it actually buys? To understand where we are with the current Internet IP addressing scheme, let us start with a telephone system analogy.
Everyone knows that a telephone in North America has 10 decimal digits which theoretically supports 10 billion devices but in practice it's far less than that because of the way area codes are broken down. The reality is that there really aren't enough phone numbers to give every company and organization a large pool of phone numbers and those who have blocks of phone numbers pay for the privilege. As a result, many organizations don't have enough public phone numbers for every telephone in their organization so they use private phone extensions that are typically 3 to 5 digits long. This means that a single public phone number can translate to 100,000 (counting from 0 to 99,999) phones in the case of a 5 digit extension.
In the current world of IPv4 networking, the same kind of scarcity exists and many companies simply can't afford to buy large blocks of IP addresses nor are there enough IP addresses to go around. NAT (Network Address Translation) was created to allow a single public IP address to support hundreds or even thousands of private IP address. This is analogous to the private telephone extension scheme in the previous paragraph where a public phone address is translated to many private phone addresses.
But a lot of people don't like the use of NAT because they were initially hard to deal with just like a lot of people don't like the use of telephone extensions. NAT has a tendency to break things like VoIP (Voice over IP) and VPN (Virtual Private Networking) technology which lead to many headaches. But in recent years, VoIP and VPN technologies have matured and gotten smart enough to work around the intricacies of NAT. Technologies like Skype and STUN have fixed the NAT issues for VoIP. Technologies like NAT-T and SSLVPN have made VPN NAT issues a thing of the past. But many people still yearn for the day that NAT itself will be a thing of the past and IP addresses will be as abundant as the number of atoms in the oceans and the IPv6 address standard was created. IPv6 has four times the number of digits as IPv4 and has a pool size of 34 with 37 zeros behind it which is a massive number. But before we sing for joy, let's see what it takes to get to the promised land.
Let us imagine that telephone companies started offering a new telephone service that used a 40 decimal digit phone number which is practically limitless. You'll need brand new telephones for it and you'll need to replace all your phonebooks and personal address books. The catch is that you can't call any 10 digit telephones. If by chance you actually want to call any of the other billion people on the planet, you'll have to also set up and pay for a traditional 10 digit telephone number. Don't be surprised if the thickness of the phone book doubled since it now lists everyone's 40 and 10 digit telephone numbers. You will also need some extra equipment and some changes in your infrastructure to translate the new phone signals in to the old phone signals since the existing public phone infrastructure doesn't always support the new phone signals. That may slow performance down but it's probably a small price to pay for such a massive pool of phones, or is it?
This 40 digit telephone system is just an example I made up, but it's the perfect analogy to IPv6 and the nightmare of a transition some Governments are headed for. An IPv6 migration will involve upgrading all applications, hosts, routers, and DNS infrastructure. Anyone who moves to IPv6 will have to bear the burden of backward compatibility and the idea that those who move to IPv6 first will leave everyone behind is nonsense. Who in their right mind would move to a network without the ability to talk to the old network where the rest of the world lives? Any organization moving to IPv6 will also have to maintain a complete IPv4 infrastructure parallel to the new IPv6 infrastructure along with all the transitional technologies that make NAT issues look like a walk in the park.
What about the support issues? Has anyone checked what it's going to take to teach the helpdesk staff how to troubleshoot basic networking problems with a dual IPv4/IPv6 stack? Does the networking staff understand what 6to4, Teredo, and ISATAP is and how they work let alone the helpdesk? Anyone who has worked for the helpdesk knows what it's like to have to call out IP addresses to an end user on the phone. Has anyone ever tried to call out and explain 23DF:84FA:5423:3300:2341:CB3S:384A:042B over the phone to another engineer let alone an end user?
The primary benefit of going to IPv6 if we get past all the IPv6 hype is that it practically offers a limitless supply of IP addresses which leads some to think that the need for NAT would end. But is ending the use of NAT really that important? Many IPv4 companies with abundant supplies of IPv4 addresses at their disposal still choose to use NAT as a way of masking their internal network topology as a form of security so what is the business case for migrating to IPv6? IPv4 is kind of like prime real-estate where the short and simple IP addresses are and where everyone lives and it's not going away even if a majority of organizations have successfully transitioned to IPv6. Those who migrate to IPv6 will bear all the costs of upgrading and maintaining dual compatibility while those who do nothing and remain on IPv4 will bear none of the costs. If anything, waiting will only result in fewer application compatibility problems and cheaper/simpler transition technologies in the future.
If it ever gets to the point where IPv4 addresses are running low and address rationing starts, there is absolutely no reason that a company couldn't be perfectly happy with a block of 32 public IP addresses for the main site and a single public IP address for branch offices. Even something like www.google.com with tens of thousands of servers only needs a single public IP address per physical site with modern load balancer technologies.
Furthermore, do corporations like GE or Apple actually need 16.8 million public IP addresses just because they registered early when they don't use most of them publicly? Since IP address leases are worth a lot of money between 10 cents to a dollar per IP per year in smaller lease increments, companies hogging Class A (Class A = 16.8 million block of IPv4 addresses) leases could be compensated for the trouble of being forced off those blocks. Why continue leasing Class A blocks to individual companies when most companies have to beg for a Class C block of 256 IP addresses? If a company hogged 16.8 million IPv4 addresses, why not chop them down to 65 thousand IP addresses, offer them some shared revenue from the recovered IP addresses to pay for the transition costs to private IP address and call it even. Heck, we can even offer them a block of 4.3 billion IPv6 addresses as a bonus. Just get rid of Class A leases and we'll all be saying "what IPv4 shortage" 20 years from now.
George Ou is Technical Director of ZDNet. See his full profile and disclosure of his industry affiliations.
| 11/14/06
