1 / 29

Why You Can’t Ignore IPv6

Why You Can’t Ignore IPv6. Presented by Kirk Coviello VP of Support Services, Digital West Networks, Inc. Agenda. What is IPv6 and how does it differ from IPv4? Why do I need to deal with IPv6 now? What should I do about IPv6? How should I go about deploying IPv6?.

abba
Download Presentation

Why You Can’t Ignore IPv6

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Why You Can’t Ignore IPv6 Presented by Kirk Coviello VP of Support Services, Digital West Networks, Inc.

  2. Agenda • What is IPv6 and how does it differ from IPv4? • Why do I need to deal with IPv6 now? • What should I do about IPv6? • How should I go about deploying IPv6?

  3. What is IPv6?How does it differ from IPv4?

  4. What is IPv6? • New numbering scheme for the Internet • Think of the phone book: www.yahoo.com = 98.139.127.62 • Now, imagine an Area Code Split…

  5. How does IPv6 differ from IPv4? • IPv4 Address Range – a 32-bit length divided into 4 “octets”: 0.0.0.0 -> 255.255.255.255 • Sample IPv4 Address: 72.29.161.199

  6. How does IPv6 differ from IPv4? • IPv6 Address Range – 128-bit length divided into 8 hexadecimal groups • Sample IPv6 Address: 2001:48C0:1001:0009:0000:0000:00ac:58ce 2001:48C0:1001:0009:0:0:00ac:58ce 2001:48C0:1001:0009::00ac:58ce

  7. How does IPv6 differ from IPv4? • Total “available”* IPv4 addresses: 4,294,967,296 • Total “available” IPv6 addresses: 340,282,366,920,938,463,463,374,607,431,768,211,456 – 340 “undecillion”!!! (*- not all of these are “usable”)

  8. IPv6: Bigger, Better, Leaner, Faster • More address space! • Built with future features in mind (Multicast and QOS) • Smaller routing tables • Smaller header • Elimination of Network Address Translation

  9. A Brief Primer on NAT:

  10. A Long Time Ago in a Laboratory Far, Far Away… • IP was originally meant for sharing data, not protecting it • The Internet was a “closed open” network • IPv6 was in development before NAT • NAT will be unnecessary in the long term

  11. Why do I need to deal with IPv6 now?

  12. IPv6 Has Real Benefits • Quality of Service (QOS) is better • Simplified header = faster processing • Scalability (larger # of addresses) • Simpler to subnet (consistent /64 parcels) • IPv6 is already here…

  13. You’re soaking in it already!

  14. Can’t Sleep, Hackers Will Eat Me…

  15. IPv6, Your Firewall, and You: • IPv6 includes auto-discovery protocol • IPv6 can tunnel over IPv4 • IPv6-aware routers will pass this traffic -unless prevented • Documented cases exist of IPv6 “conversations” entering networks via the Internet based on Toredo and other tunneling protocols

  16. What should I do about IPv6?

  17. Please Don’t Do This:

  18. Other Options? • Turn OFF IPv6 everywhere? No. • Turn ON IPv6 everywhere? No. • Run out and apply for IPv6 space? • Change to an ISP that offers IPv6? Maybe…

  19. Network Administrators: Get RILED About IPv6! • Review – IPv6 Technology • Investigate – Your network topology • Learn – Wireshark or other tools • Evaluate – Your security policies and options for internal and external IPv6 • Deploy – IPv6 where it makes sense

  20. How should I go about deploying IPv6?

  21. Divide and Conquer… • External resources need IPv6 first • Internal resources WILL need it eventually • Start querying your software vendors NOW about IPv6

  22. Dual-Stack for Your Convenience: • Concurrent IPv4 and IPv6 inevitable • Multiple IPv6 transition mechanisms: (Teredo, ISATAP, 6to4, 6in4, 6over4, etc.) • DNS Records at Digital West started advertising IPv6 over a year ago

  23. PPPPPPP… • Plan to adopt now so that you’re not forced to later • Check with your ISP to see what they are doing with IPv6 • Check with your hardware vendors: • Routers (SOHO devices not IPv6-aware) • VoIP PBX/Phones • Print Servers

  24. Why You Don’t Want IPv4 Forever • Sites and applications with native IPv6 may not behave well with NAT • Future Internet resources will have IPv6-only • Connectivity issues due to double or triple NAT (latency/troubleshooting)

  25. Double NAT = Double Jeopardy c:\>tracert linode.com -d Tracing route to linode.com [67.18.186.61] over a maximum of 30 hops: 1 <1 ms * <1 ms 10.43.51.252 2 1 ms <1 ms <1 ms 10.45.253.33 3 <1 ms <1 ms <1 ms 10.62.254.251 4 20 ms 23 ms 45 ms 192.118.32.52 5 47 ms 20 ms 85 ms 207.232.60.250 6 54 ms 24 ms 79 ms 212.143.8.69 7 7 ms 79 ms 11 ms 212.143.8.209 8 89 ms 110 ms 108 ms 212.143.12.75 9 143 ms 240 ms 94 ms 212.143.14.154 10 244 ms 179 ms 95 ms10.50.1.1 <- Private IP address on the Internet 11 176 ms 80 ms 190 ms 195.66.225.105 12 174 ms 164 ms 157 ms 70.87.255.217 13 187 ms 185 ms 186 ms 70.87.253.189 14 189 ms 194 ms 195 ms 70.87.253.18 15 187 ms 188 ms 190 ms 70.87.253.126 16 187 ms 185 ms 185 ms 70.87.254.78 17 186 ms 184 ms 187 ms 67.18.186.61 Trace complete.

  26. Digital West - What We Learned • Plan ahead • Review vendor bug submissions • Document needed steps for activation/deactivation of everything in test environment • Test after hours! • Test more with end users – after hours!

  27. Vigilance Required • Once IPv6 is deployed, don’t ignore IPv4 • Leaving IPv4 in place eternally widens your footprint • Take the next step – talk to your IT Department or IT Consulting firm – questions are in your packet!

  28. Know That You Are Not the First:

  29. Questions?

More Related