32 industrial automation asia | August 2008 | Software & Networks

Transistion Strategies IPv4 To IPv6

Considering a migration from IPv4 to IPv6 should include addressing the current environment, end users and the controlled steps to IPv6 deployment. By Timothy Rooney, director of product management, BT Diamond IP

While deployments of IPv6 networks have increased over recent years, especially in Asia and Europe, interest in IPv6 in North America has been lacklustre. Focus has intensified recently, however, especially among large service providers and government organisations. IPv6 provides a number of advanced features, though many of these have been retrofitted to IPv4. Nonetheless, the massive increase in address space is indisputably unique to IPv6 and represents the crowning objective for IP-addresshungry organisations.

The Challenges

Unfortunately, this increase in address space comes at the cost of different address formats and notations, which affect not only network layer routing, but also applications that display IP addresses. Organisations with existing IPv4 networks seeking to implement IPv6 face challenges in identifying impacts, planning the transition and executing the migration to IPv6.Given the common organizational reliance on external communications for partner l inks, home-based employees and Internet access for email, web browsing, etc, an overall plan should be compiled addressing the current environment, end users and the controlled steps to IPv6 deployment.

When we discuss migration, we’re referring to an initial state of an IPv4-only network to which IPv6 nodes and networks are  added or overlaid over time, resulting in an IPv6-only network, or more likely, a predominantly IPv6 network with continued IPv4 support.

Migration Technologies

A variety of technologies are available to facilitate the migration to IPv6. These technologies include the following basic categories:

• Dual stack – support of both IPv4 and IPv6 on network devices.

• Tunneling – encapsulation of an IPv6 packet within an IPv4 packet for transmission over an IPv4 network.

• Translation – address or port translation of addresses such as via a gateway device or translation code in the TCP/IP code of the host or router.

Implementation of the selected migration strategy(ies) will require effective coordination of the following:

• IPv4 and IPv6 network and subnet allocations, existing and planned.

• Address assignment strategies for IPv4 and IPv6: static, autoconfiguration, DHCP for IPv4 and IPv6.

• DNS resource record configuration corresponding to appropriate name resolution to address(es) for desired tunneling or translation.

• Compatible client/host and router support of selected migration technologies, including translation and/or tunneling and application considerations.

• Deployment of translation gateway(s) as appropriate.

Dual-Stack Approach

The dual-stack approach consists of implementing both IPv4 and IPv6 protocol stacks on devices requiring access to both networklayer technologies, including routers, other infrastructure devices and end-user devices.

Such devices would be configured with both IPv4 and IPv6 addresses, and they may obtain these addresses via methods defined for the respective protocols as enabled by administrators. For example, an IPv4 address may be obtained via DHCPv4, while the IPv6 address may be autoconfigured. Implementations may vary with dual-stack approaches with respect to the scope of the stack that is shared versus what is unique to each IP version. Ideally, only the network layer would be dualised, using a common application, transport and data link layer. This is the approach being implemented in Microsoft Vista, the latest Microsoft desktop operating system. This contrasts with the Microsoft XP implementation, which utilised dual transport and network layers, requiring, in some cases, redundant configuration by administrators of each stack. Other approaches may span the entire stack down to the physical layer, requiring a separate network interface for IPv6 vs. IPv4. This approach, while contrary to the benefits of a layered protocol model, may be intentional and even desirable, especially in the case of network servers with multiple applications or services, some of which support only one version or the other.

Tunneling Approaches

A variety of tunneling technologies has been developed to support IPv4 over IPv6 as well as IPv6 over IPv4 tunneling. These technologies are generally categorised as configured or automatic. Configured tunnels are predefined, whereas automatic tunnels are created and torn down ‘on the fly.’ In general, tunneling of IPv6 packets through an IPv4  network entails prefixing each IPv6 packet with an IPv4 header (Figure 3). This enables the tunneled packet to be routed over an IPv4 routing infrastructure. The entry node of the tunnel, whether a router or host, performs the encapsulation. The source IPv4 address in the IPv4 header is populated with that node’s IPv4 address and the destination address is that of the tunnel endpoint.

The protocol field of the IPv4 header is set to 41 (decimal) indicating an encapsulated IPv6 packet. The exit node or tunnel endpoint performs decapsulation to strip off the IPv4 header and route the packet as appropriate to the ultimate destination via IPv6.

Automatic Advantage

As mentioned previously, tunnels are either configured or automatic. Configured tunnels are predefined by administrators in advance of communications, much as static routes would be preconfigured. Configuration of the respective tunnel endpoints is required to configure the device for when to tunnel IPv6 packets, i.e., based on destination, along with other tunnel configuration parameters that may be required by the tunnel implementation, such as maximum packet size (sometimes called MTU or maximum transmission unit). An automatic tunnel does not require pre-configuration. Tunnels are created based on information contained in the IPv6 packet , such as the source or destination IP address. The following are examples of automatic tunneling techniques:

• 6to4 – automatic router-to-router tunneling based on a particular global address prefix and embedded IPv4 address.

• ISATAP – automatic host-to-router, router-to-host or host-to-host tunneling based on a particular IPv6 address format with inclusion of an embedded IPv4 address.

• 6over4 – automatic host-to-host tunneling using IPv4 multicasting.

• Tunnel Brokers – automatic tunnel setup by a server acting as a tunnel broker in assigning tunnel gateway resources on behalf of hosts requiring tunneling.

• Teredo – automatic tunneling through NAT firewalls over IPv4 networks.

• Dual-Stack Transition Mechanism – enables automatic tunneling of IPv4 packets over IPv6 networks.

 Translation Approaches

Translation techniques perform IPv4-to-IPv6 translation (and vice versa) at a particular layer of the protocol stack, typically the network, transport or application layer. Unlike tunneling, which does not alter the tunneled data packet, translation mechanisms do modify or translate IP packets commutatively between IPv4 and IPv6. Translation approaches are generally recommended in an environment with IPv6-only nodes communicating with IPv4-onl y nodes. In dual-stack environments, native or tunneling mechanisms are preferable.

 Application Migration

The de facto application programme interface (API) for TCP/IP applications is the sockets interface originally implemented on BSD UNIX (on which BIND was also originally implemented). The sockets interface defines programme calls to enable applications to interface with TCP/IP layers to communicate over IP networks. Microsoft’s Winsock API is also based on the sockets interface. Both sockets interfaces have been modified to support IPv6’s longer address size and additional features.

In fact, most major operating system providers have implemented support for sockets or Winsock including Microsoft (XP SP1, Server 2003, Server 2008), Solaris (8+), Linux (kernel 2.4+), Mac OS (X.10.2), AIX (4.3+) and HP-UX (11i with upgrade).

The updated sockets interface supports both IPv4 and IPv6 and provides the ability for IPv6 applications to interoperate with IPv4 applications by use of IPv4-mapped IPv6 addresses.

Migration Decisions

There is certainly no shortage of technology options when considering a migration from IPv4 to IPv6. Having many options is good, but can be confusing. Selecting the right path will depend on your current environment in terms of end-user devices and operating systems, router models and versions, as well as key applications, budget and resources, not t o mention schedule constraints.

About the company…

BT Diamond IP is a leading provider of software and appliance products that help customers manage complex IP networks. The company’s next-generation IP management solutions help businesses more efficiently manage IP address space across mid-to-very large sized enterprise and service provider networks. Their cable firmware management solution helps broadband cable operators automate and simplify the process of upgrading and maintaining firmware on deployed DOCSIS devices.