Article

Return to: Articles Index

TECHNOLOGY NEWS

IPv6: Any Closer to Adoption?

Neal Leavitt

For years, Internet engineers have said adopting IPv6 is important because the number of available IPv4 addresses is rapidly decreasing. However, IPv6 adoption is still minimal.

For years, Internet engineers have talked about the importance of adopting IPv6, the latest version of the Internet's primary communications protocol.

However, 16 years after the Internet Engineering Task Force (IETF) adopted IPv6, more than 99 percent of the Internet is still based on the older IPv4.

With about 2 billion Internet users worldwide—many utilizing multiple connected devices—and billions more possibly going online in the future, the IPv4 address supply will soon run out.

The Asia-Pacific Network Information Centre (APNIC), one of five regional Internet registries (RIRs) that allocate IP addresses to members in their geographic area, has almost exhausted its IPv4 addresses.

"It's just a matter of time before the remaining registries exhaust their address space, too," said Yahoo IPv6 evangelist Jason Fesler.

IPv6 provides many more Internet addresses than IPv4. Thus, proponents of the new protocol warn that the Internet could experience higher operation costs, less innovation, and more network complexity if IPv6 usage doesn't increase substantially over the next few years.

However, that hasn't occurred.

Network operators have been reluctant to switch to IPv6 for economic more than technical reasons, said Tom Coffeen, director of global network architecture for Limelight Networks, a content delivery network operator.

The lack of content available over IPv6 networks and the dearth of IPv6 clients have also made immediate adoption less appealing.

"Adoption has been seen as a risk- management initiative with little potential for a compelling return on investment," Coffeen said. "However, the recent exhaustion of IPv4 addresses should change that calculus for most operators."

RUNNING OUT OF IPv4 ADDRESSES

IP versions 0 through 3 were development versions of the Internet Protocol used between 1977 and 1979.

Ipv6 BrIeFING

In 1994, the Internet Engineering Task Force initiated development of the IPv6 suite of protocols, which were designed to replace IPv4. The IETF published the IPv6 standard in 1995.

Unlike IPv4, which has 32-bit addresses, IPv6 has 128-bit addresses. Thus, the new protocol increases the number of available IP addresses to 2128 (about 3.4 x 1038) from IPv4's 232 (about 4.3 billion).

IPv6 also offers other benefits. For example, the protocol specifies a new, simplified packet format designed to minimize header processing by routers.

In addition, support for the IP Security standard is mandatory in IPv6 but optional in IPv4. Another advantage is that IPv6 hosts can autoconfigure when connected to an IPv6 network.

And the protocol's large address space enables multiple levels of hierarchy and greater flexibility in addressing and routing.

In September 1981, the IETF released IPv4, which has 32-bit addresses and enables about 4.3 billion Internet addresses.

APNIC chief scientist Geoff Huston estimated the projected IPv4-address exhaustion date will be Feb. 12, 2012 for Europen networks; July 25, 2013 for African networks; Dec. 17, 2013 for the US, Canada, and some Caribbean islands; and Apr. 9, 2014 for Latin America and other parts of the Caribbean.

The rapidly increasing adoption of smartphones that connect to the Internet has accelerated this process, noted Alain Fiocco, senior director of architecture and marketing for Cisco Systems and head of the company's IPv6 program.

This has implications for business continuity and e-commerce, according to Danny McPherson, chief security officer with VeriSign, which provides Internet infrastructure services and operates two of the Internet's 13 root name servers.

Businesses that want to expand their networks and otherwise use more IP addresses, as well as ISPs that want to serve additional customers, will require the additional addresses that IPv6 provides, said John Curran, president and CEO of the American Registry for Internet Numbers (ARIN), an RIR.

This could be the case particularly for major ISPs in fast-growing economies, noted Syracuse University professor of information studies Milton L. Mueller.

Until IPv6 takes off, the prices of IPv4 addresses on the secondary market could skyrocket, said Shawn Morris, manager of IP development at NTT America.

IPv6 ADOPTION

Yahoo's Fesler estimated that only about 0.2 percent of Internet addresses are IPv6-based.

Nonetheless, most major backbone networks—such as those belonging to Amazon, Comcast, and Verizon—and some key router makers—like Billion Electric, Cisco, D-Link, Juniper Networks, and ZyXEL Communication—have deployed IPv6.

In fact, most enterprise and ISP network equipment sold during the past few years is IPv6 compatible, noted Leo Vegoda, number resources manager for the Internet Corporation for Assigned Names and Numbers' Internet Assigned Numbers Authority.

VeriSign's McPherson said his company has seen a fourfold IPv6 traffic increase over its infrastructure—to 0.9 percent of the total—in the past year.

"While it may seem like a small amount, 0.9 percent of [our average daily] 60 billion [Domain Name System (DNS)] queries is pretty significant," he noted.

ARIN's Curran added that the demand for IPv6 addresses from both ISPs and big companies jumped 50 percent from 2009 to 2010 and has continued rising this year.

WORLD IPv6 DAY

On 8 June 2011, nearly 400 organizations—including Akamai Technologies, Facebook, Google, Limelight Networks, and Yahoo— participated in a 24-hour global IPv6 trial.

The goal was to determine how well IPv6 would run on a large scale over an entire day. According to Curran, most end users didn't experience problems. "That's what we were hoping for," he said. "At the same time, it was a good learning experience."

NTT America's Morris said his company's network had no trouble handling the 80 percent increase in IPv6 traffic.

Most of the participating organizations used dual stacking, with their networks running both IPv4 and IPv6. That way, a computer that couldn't connect via IPv6 could do so via IPv4.

STANDING IN THE WAY

IPv6 adoption faces several noteworthy challenges.

For example, said Arbor Networks president Rob Malan, "The little things will be the problem, such as figuring out why a customer's DNS doesn't work with IPv6, having trained people that can configure firewall policies, and troubleshooting IPv6 routing."

"The additional complexity for network operations teams is also significant," he added.

Measuring IPv6 adoption is difficult. No single agency or stan- dards group has comprehensive statistics about how much Inter- net traffic is based on IPv6 or IPv4. Explained Yahoo's Fesler, "There's no single point in the Internet to do measurements."

There are also significant dif- ferences in the two protocols' underlying technology. Enabling IPv6 is thus more demanding than simply flicking a switch, noted APNIC's Huston. "There is a required invest- ment in technology, operational process, and skill sets for providers," he said.

Added Fesler, problems could occur if a user has a firewall that doesn't understand and tries to block IPv6 traffic. However, he noted, the number of people this could affect is small and steadily shrinking.

Also, he pointed out, improvements in OSs and Web browsers are quickly making this a nonissue.

No IPv6 backward compatibility with IPv4

The headers of IPv4 and IPv6 packets are significantly different. For this and other reasons, the two protocols don't interoperate.

Thus, to serve both types of networks, service providers will need to run dual stacks.

Adopting Ipv6

As adoption of IPv6 takes off, users with older devices and other hardware that support just IPv4 might not be able to reach destinations supported by IPv6-only networks.

If IPv6 isn't adopted widely, the lack of IPv4 addresses will close the Internet to start- ups, explained Chief Scientist Geoff Huston of the Asia-Pacific Network Information Centre. APNIC is one of five regional Internet registries that allocate IP addresses to members in their geographic area.

"That is going to allow incumbents to dictate the terms and conditions of competition," Huston said.

The only alternative to IPv6 that supports continued network growth is to have many devices within a network share an external IP address.

To do this, organizations must use network-address-translation equipment. NAT boxes translate the private address that a device has within an organization into a public address for use on the Internet.

However, many Internet experts say NAT isn't a good solution to the IPv4 address shortage.

They say this approach adds complexity to and can reduce the performance of enterprise networks. Purists say NAT equipment breaks the Internet's end-to-end nature, keeping users from communicating directly with one another without intermediate devices altering their packets.

"NAT more or less constrains user applications to talk only to servers and not directly to other user devices," said Matt Levine, director of engineering for Akamai Technologies, which operates a content-delivery network.

NAT disrupts the direct, point-to-point connections that make popular real-time applications like streaming possible.

Also, the technology deployed on a large scale is expensive to operate, noted Yahoo IPv6 evangelist Jason Fesler.

Said Ed Moyle, senior analyst for market research firm Security Curve, "The infrastructures will have to exist side-by-side for the next few years. Meanwhile," he added, "users running only IPv4 won't be able to reach parts of the IPv6 Internet as it grows."

Security concerns

The migration from IPv4 to IPv6 will present security challenges.

Low IPv6 demand has kept security companies from developing many features for the technology, said Lawrence Orans, research director with market-research firm Gartner Inc.

Over years of heavy use, experts have found and fixed numerous problems with IPv4. IPv6 is 16 years old but hasn't been widely implemented. It thus might still have security issues to deal with, according to Fesler.

Organizations that run dual- stack IPv4-IPv6 architectures will face complexity that could yield significant security problems. For example, firewall users will have to create separate sets of rules for both types of traffic.

While transitioning from IPv4 to IPv6, organizations are using various approaches—including tunneling and multiprotocol label switching—to translate from one protocol to the other.

According to VeriSign's McPherson, each translation process potentially creates a vulnerability. For example, when users tunnel IPv6 traffic to IPv4 networks, they utilize a virtual private network. However, McPherson said, a VPN to a network beyond the originator's control could result in either security exposure or unauthorized data access.

IPv6 brokenness

IPv6 brokenness occurs in tunneled or dual-stack deployments when the system tries to use unreliable or faulty IPv6 connections rather than properly functioning IPv4 connectivity.

Users have to wait for each IPv6 connection to time out before the system tries making an IPv4 connection. This causes slow webpage loading.

A goal of World IPv6 Day was to gauge how big an issue this could be. "The meltdown predicted by the pessimists didn't occur," said Cisco's Fiocco.

Yahoo's Fesler predicted that IPv6 adoption will increase by 30 to 45 percent during the next three years.

APNIC running out of IPv4 addresses will probably drive further IPv6 adoption in the Asia-Pacific region, which could encourage more implementation globally, said Security Curve's Moyle.

However, noted Syracuse Univer- sity's Mueller, "Unless radical new applications are developed that take advantage of IPv6's greater address space, not much will change. These new apps will probably have to wait until there is more adoption."

And, he added, "Anyone who migrates to IPv6 still must run IPv4 to maintain compatibility with those who don't migrate. This means that expanding networks will still need new IPv4 addresses."

Neal Leavitt is president of Leavitt Communications (www.leavcom. com), a Fallbrook, California-based international marketing communica- tions company with affiliate offices in Brazil, China, France, India, and the UK. He writes frequently on tech- nology topics and can be reached at neal@leavcom.com.