IPv6 and You (and me)

A whole lot of articles have been written about IPv6. I'm just now starting to take seriously the importance of knowing it, as more and more sites are predicting the impending depletion of public IPv4 addresses. My take, and I'm certainly not unique here, is that it will be more important at the Internet edge than on internal corporate networks.

I think that internal networks will run parallel IPv4 and IPv6 for a long time. I think the IPv4 stack will be used for almost all internal communication, while IPv6 will start to get used for communication to Internet-based IPv6-enabled hosts.

If I were a company, I would start to bug my ISP for a block of IPv6 addresses to tinker with. Set up the routers and the Internet firewalls for starters. Put an IPv6-only test server or two on a service network and see about getting them functioning. Once some of those tests are done, see if you can get a few hosts on the internal network connecting to that server using IPv6.

One of the problems, at least for a lot of small/medium-size Cisco customers I know, is having layer-3 switches that support IPv6. Many customers of this size rely on the IP routing capabilities of switches such as the 3560 and 3750. Even the base image is capable of static routing (as well as RIP and EIGRP stub). However, to route IPv6, one needs to upgrade them to Advanced IP Services, a significant cost. So, what are the options?
  • Don't allow IPv6 on the internal network.
  • Cough up the money to upgrade all switches doing routing to Advanced IP Services.
  • Hang a router or routers off a "core" switch that can route IPv6 between VLANs; this isn't viable if any kind of hierarchical scheme is in place.
  • Take the opportunity to replace the hardware for all switches doing routing to a model that supports IPv6.
Then of course you have to assign the addresses. You can use the IPv6 stateless address autoconfiguration (SAA), but that doesn't give out information like DNS server addresses, etc. Perhaps it could be used for servers where you statically assign its DNS servers, but leave the rest to SAA. If this is done, certainly care needs to be taken because my understanding is that the 64-bit prefix is combined with the 64-bit interface identifier. If this is the case, the server's address would change if the MAC address of the NIC changed. So then perhaps static addresses are better. But wait, IPv6 has a slick built-in feature for magically renumbering a network. I must still ponder this... Obviously clients can just use DHCPv6 or a SAA in combination with DHCPv6...

I've written enough now to prove how much more I have to learn. The process goes on...

Cheers.
at
Labels:

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

Previous working directory in Windows Command Prompt

Using bash in *nix has a handy feature: If you are in one directory and you switch to another one, you can use   cd -  to go back to the pr...