IPv6 Migration Issues: Transition Techniques

ALTTC BSNL

Introduction Until IPv6 completely supplants IPv4, which

is not likely to happen in the foreseeable future, a number of so-called transition mechanisms are needed To enable IPv6-only hosts to reach IPv4 services To allow isolated IPv6 hosts and networks to

reach the IPv6 Internet over the IPv4 infrastructure

Node Types IPv4-only node

Implements only IPv4 & is assigned IPv4 addresses Doesn’t support IPv6

IPv6-only node Implements only IPv6 & is assigned only IPv6

addresses. Able to communicate with IPv6 only node & IPv6

enabled applications. IPv6/IPv4 node

Implements both IPv4 & IPv6 & is assigned both IPv4 & IPv6 addresses.

Transition TechniquesIPv6

A wide range of technique have been identified & implemented, basically falling into three categories.

(1) Dual- Stack techniques allows IPv4 & IPv6 to coexist in the same device & network

(2) Tunneling techniques allows IPv6 host to communicate over IPv4 infrastructure.

(3) Translation techniqes to allow IPv6 only devices to

communicate with IPv4 only devices

Transition MechanismIPv6

No fixed day to convert; no need to convert all at once.

Transition Options: Dual Stack

IPv6-IPv4 Tunnel

Translation (IPv4- only to IPv4- only)

IPv4 IPv6

DRIVER

APPLICATION

TCP/UDPIPv4 IPv6

IPv6 Network

IPv4IPv6 Network Tunnel

IPv4 Network

IPv6 Network

Translator

6/4 Dual Stack Hosts and Network

IPv6

This allows all the end hosts and intermediate network devices (like routers, switches, modems etc.) to have both IPv4 and IPv6 addresses and protocol stack.

If both the end stations support IPv6, they can communicate using IPv6; otherwise they will communicate using IPv4.

This will allow both IPv4 and IPv6 to coexist and slow transition from IPv4 to IPv6 can happen.

Dual stack is an integration method in which a node has implementation and connectivity to both an IPv4 and IPv6 network.

6/4 Dual Stack Hosts and Network

IPv6

IPv4

6/4 Dual Stack Hosts and Network

When both IPv4 and IPv6 are configured on an interface, the interface is considered dual-stacked.

IPv4: 192.168.99.1IPv6: 3ffe:b00:c18:1::3

ALTTC Dual Stack Router Connectivity

FE 1/47

Dual Stack Router

BSNL MPLS Network for IPv4 & IPv6 internet

2001:4490:fffc:d400::1/64

FE1/48

IPv6 Prefix

2001:4490:d930::/64

ALTTC LAN Gzb PE

P

P

172.24.165.237/30

2001:4490:fffc:d400::2/64172.24.165.238/30

FE1/4

IGW

Internet cloud

2001:4490:d930::500

IPv6 camera

LAN Pool 2001:4490:d930::/64

Alttc6.bsnl.co.in Web Server

2001:4490:d930::501210.212.90.6

20 Mbps link on OFC

Tunneling IP6 via IP4In order to reach the IPv6 Internet, an isolated host or network must be able to use the existing IPv4 infrastructure to carry IPv6 packets. This is done using a technique known as tunnellingThis allows encapsulating IPv6 packets in IPv4 packets so that IPv6 packet can be sent over an IPv4 only network.This will allow IPv6 only end stations to communicate over IPv4 only networks.

Tunneling IP6 via IP4

IPv6 HeaderExtensionHeaders

Upper Layer Protocol Data Unit

IPv6 HeaderExtensionHeaders

Upper Layer Protocol Data Unit

IPv4 Header

IPv6 Packet

IPv4 Packet

Tunneling IP6 via IP4

Tunnel

Packet Delivery over the tunnel

IPv6 node A sends packet to IPv6 node B–Routed internally to router A

Router A sees destination network B is reachable over tunnel interface–Encapsulates IPv6 packet in IPv4 packet(s)–Sends resulting IPv4 packet(s) to router B–Delivered over existing IPv4 Internet infrastructure

Router B decapsulates IPv6 packet from payload of received IPv4 packet–Packet routed internally in network B to node B–Node B receives the IPv6 packet

Tunneling is an integration method in which an IPv6 packet is encapsulated within another protocol, such as IPv4. This method of encapsulation is IPv4. Includes a 20-byte IPv4 header with no options and an IPv6

header and payload Requires dual-stack routers

IPv6 Tunneling

IPv6

IPv4 IPv6

IPv6

Tunneling Configurations Router-to-Router Host-to-Router and Router-to-Host Host-to-Host

IPv4 or IPv6 Infrastructure

IPv4 Infrastructure

IPv6 over IPv4 Tunnel

IPv6/IPv4 Router IPv6/IPv4 Router

IPv6Node

IPv6Node

IPv4 or IPv6 Infrastructure

Router-to-Router Tunneling

In the router-to-router tunneling configuration, two IPv6/IPv4 routers connect two IPv6-enabled infrastructures over an IPv4-only infrastructure

IPv4 Infrastructure

IPv6/IPv4 IPv6IPv6/IPv4 Router

IPv6 over IPv4 Tunnel

Node A Node BIPv4 or IPv6 Infrastructure

Host-to-Router and Router-to-Host Tunneling

In the host-to-router tunneling configuration, an IPv6/IPv4 host that resides within anIPv4-only infrastructure uses an IPv6-over-IPv4 tunnel to reach an IPv6/IPv4 router.

Host-to-Host TunnelingIPv4 Infrastructure

IPv6/IPv4Node

IPv6/IPv4Node

IPv6 over IPv4 Tunnel

In the host-to-host tunneling configuration, an IPv6/IPv4 node that resides within an IPv4 only infrastructure uses an IPv6-over-IPv4 tunnel to reach another IPv6/IPv4 node that resides within the same IPv4-only infrastructure.

Tunneling IP6 via IP4Two Types of Tunneling Configured: Automatic

6to4 (RFC 3056) ISATAP Teredo

Tunneling IP6 via IP4 Configured

Require manual configuration at both ends Very easy to setup & configure Good from a management prospective

ISP configure all tunnels so is in control of its deployment

Manual tunnel do not scale well as it requires separate tunnel configuration for each isolated Ipv6 network destination

Tunneling IP6 via IP4

Configured A configured tunnels require manual configuration of the local & remote tunnel end pointsDual stack end pointsBoth IPv4 & IPv6 addresses configured at each end

Tunneling IP6 via IP4 Automatic Tunnel

◦ An automatic tunnel is a tunnel is a tunnel that does not require manual configuration.Tunnel end points for automatic tunnel are determined by routing infrastructure (e.g. use of routes, tunnel interfaces, next hop address destination IPv6 addresses).Ex.

◦ Tunnels created on demand without manual intervention

Automatic Tunnel 6to4:

Used for unicast communication between IPv6/IPv4 host & IPv6 capable sites across the IPv4 internet when 6 to 4 routers have public addresses.

Fully Automatic, No administrator effort per tunnel Tunnelled packet automatically Route efficiently to the destination network

(following best IPv4 path) Unlike manual tunnel, 6to 4 tunnels are not point to

point , they are multipoint tunnels IPv4 is embedded in the IPv6 adress to find the other

end of the tunnel. Address format is 2002:IPv4 address::

6to 4 Tunnel Feature

6to4 Tunnel

6to4 Tunnel

Automatic Tunnel ISATAP (Intra Site Automatic Tunnel

Addressing Protocol) Designed to provide IPv6 connectivity between IPv6 nodes

within IPv4 based intra-network that does not have IPv6 router.

ISATAP connects dual-stack nodes, isolated within an IPv4-only network To exchange IPv6 traffic with each other (host ISATAP) To exchange traffic with the global IPv6 Internet

ISATAP is ideal when dual stack node are sparsely deployed in the site

Automatic Tunnel Teredo

Teredo is a tunneling mechanism that allows nodes located behind NAT devices to obtain global IPv6 connectivity

Automatic Tunnel Teredo is needed for

home users with PCs with non-routable addresses

Protocol 41 tunneling not supported by many DSL modems

Protocol 41 tunneling requires routable address on PC

IPv4 Network

IPv4 Network

Teredo Server and Relays

www.lockheedmartin.com

www.kame.net

`

IPv4

IPv4

NAT router (no prot41 support)

Address used to aid in Transition form IPv4 to IPv6 6 to 4 Address

The 6to4 address is base on the prefix■ 2002: WWXX:YYZZ /48 ■ Where WWXX:YYZZ is the colon hexadecimal representation of a public IPv4 address (w.x.y.z) assigned to a site or host on the IPv4 Internet. An example of a 6to4 address

2002:836b:1:25:2aa:ff:fe53:ba63. In836b:1 is the colon hexadecimal version of 131.107.0.1.

Address used to aid in Transition form IPv4 to IPv6

ISATAP Address assignment and host-to-host, host-to-router,

and router-to-host automatic tunneling technology ISATAP addresses:

[64-bit prefix]:0:5EFE:w.x.y.z Example of a link-local ISATAP address is

fe80::5efe:192.168.4.92 ISATAP ISATAP treats an IPv4 infrastructure as a single link Used for unicast traffic across an IPv4 intranet

Address used to aid in Transition form IPv4 to IPv6

Teredo addresses Teredo addresses, defined in RFC 4380, are based on the prefix 2001::/32. Teredo address prefixes are used to create global IPv6 addresses for IPv6/IPv4 nodes that are connected to the IPv4 Internet, even when they are located behind network address translators (NATs).example of a Teredo address is

2001::ce49:7601:2cad:dfff:7c94:fffe.

IP6-IP4 TranslationThis allows communication between IPv4 only and IPv6 only end stations.

The job of the translator is to translate IPv6 packets into IPv4 packets by doing address and port translation and vice versa.

IP6-IP4 TranslationThis allows communication between IPv4 only and IPv6 only end stations.

The job of the translator is to translate IPv6 packets into IPv4 packets by doing address and port translation and vice versa.

FordABCD:BEEF::2228:7001

Assigned pool120.10.40/24

Marvin120.140.160.101

1. Packet 1 Source: ABCD:BEEF::2228:7001 Port 3056Dest: Prefix :: 120.140.160.101 Port 23

2. Packet 2 Source: 120.10.40.10 Port 1025Dest: Prefix :: 120.140.160.101 Port 23

4. Packet 4 Source Prefix :: 120.140.160.101 Port 23Dest: ABCD:BEEF::2228:7001 Port 3056

3. Packet 3 Source: 120.10.40.10 Port 23Dest: Prefix :: 120.140.160.101 Port 1025

Translation

Transition MechanismIPv6

Pace University 36

Naming Services

DNS must be included in transition strategy Resolving Names:

◦ IPv4 specifies “A” records◦ IPv6 specifies “AAAA” records

Applications should be aware of both records

Will require development update and thorough testing

Tools like “Scrubber” by Sun make it easy

Pace University 37

Naming Services

Querying DNS server

Host AIPv4 OnlyNetwork

DNS server

1 1

1

2 2

2

Host BIPv6 OnlyNetwork

Host CDual Stack

Network

Need an “A” recordfor www.yahoo.com

Need an “AAAA”record for

www.yahoo.com

Need all records forwww.yahoo.com

Query response216.109.117.206

Query response2001:dc80:e100:164b::2

Query responseA= 216.109.117.206

AAAA= 2001:dc80:e100:164b::2

Cost estimates are primarily based on likely development and deployment Scenarios.

H/w, software, services and other miscellaneous expanses.

Each organization/or user throughout the internet will incur some cost in transition

Primarily in the form of labor and capital expenditures.

Expenditure will vary greatly across and within stake holder groups depending on their existing infrastructure and IPv6 related needs.

ISPs has to incur largest transition cost.

Individual users will incur the minimum cost

Cost Estimation

The type of internet use or type of service being offered by each organization

The transition mechanism that the organization intends to implement( e.g tunneling. Dual-stack, translation, or a combination).

The organization-specific infrastructure comprised of servers, routers, firewalls, billing stems and standard and customize network etc.

The level of security required during the transition.

Timing of transition.

Factors influencing the Cost

• Description of stakeholder groups

Infrastructure vendors, Application vendors, ISPs and Internet users.

◦Infrastructure vendors : manufacturers of computer networking hardware (e.g.,

routers, firewalls, and servers) and systems software (e.g., operating system) that supply the components of computer networks. Major companies in this category include Microsoft, IBM, Juniper, Cisco, and Hewlett Packard.

Methodology

◦ Application vendors: include suppliers of e-mail, file transfer protocol (FTP) and Web server software, and database software, such as enterprise resource planning (ERP) and product data management (PDM) software. SAP, Oracle, and Peoplesoft are some of the largest companies in this group.

◦ ISPs are companies that provide Internet connectivity to customers, larger companies, some institutional users, and national and regional. e.g., BSNL, Tata telecommunication , AirTel, Vodafone, Idea etc.

◦ Internet users Corporate, institutional, and government organizations, independent users including small businesses and residential households.

Stakeholders

Stockholder Relative cost

Hardware software Labor

HW vendor Low 10% 10% 80%

Software vendor

Low /medium

10% 10% 80%

Internet user (Large)

Medium 10% 20% 70%

Internet user (small)

Low 30% 40% 30%

ISPs High 15% 15% 70%

Internet users incur approximately 90 percent of IPv6 transition costs. Vendors and ISPs account for the remaining costs.

Transition cost break down

item H/W, S/W & service providers

ISPs Enterprise users

laborsR&D M L

Train Networking /IT employees

H H H

Designing IPv6 transition strategy

M H M/H

Implementation transition

M M/H M/H

Others

Ipv6 address block L L L

Lost employee productivity

M M

Security intrusions H H

Inter operability issues

M M/H M/H

Overview of relative IPv6 cost

Cost Categories◦ Labor resources will account for the bulk of the transition costs

◦ Memory and hardware : Some additional physical resources, such as increased memory capacity for routers and other message-forwarding hardware.

◦ These expenses are treated as negligible in the cost analysis because it is quite small compared to the labor resources required.

◦ Labor resources needed for the transition are linked to three general business activities within the Internet supply chain—product development, Internet provisioning services, and internal network operations.

◦ other cost: Additionally, several other cost categories, such as network testing and standards and protocol development, span multiple business activities and thus several take holder groups.

Description Of Cost Categories And Estimation Approach

The penetration curves represent the estimated share of infrastructure products and applications that are IPv6 capable and the share of networks that are IPv6 enabled at a given time.

This implies that costs will be distributed over time as

stakeholders gradually engage in transition activities.

As networking staff are trained and the system is reconfigured.

Lower costs associated with testing and monitoring are then experienced after the enabling date.

Quantitative Estimation Approach

The penetration curves

likely deployment/adoption rates for the four major stakeholder groups. The infrastructure (Inf) and applications (App) vendors’ curves represent the path over which vendor groups will offer IPv6-capable products to customers.

The penetration of IPv6 is likely to be a gradual process and will probably never reach 100 percent of applications or users.

These four curves are the key penetration metrics for the cost analysis because they capture the timing of expenditures.

For vendors, R&D expenditures to integrate IPv6 into their products are the primary expenditure category associated with the transition from IPv4 to IPv6.

Penetration

Users’ Transition Costs Over Time

ConclusionIPv6

There is a large set of IPv6 transition tools available– No single ‘best’solution– Transition plan is likely to be site-specific

Current ‘best practice’is dual-stack deployment– Natural path via procurement cycles– Allows experience in IPv6 operation to be gained early

IPv6-only networks can be deployed

Thanks