VA Tech is one of the few institutions in the US that runs a full production, dual stack IPv4/IPv6 network. We’ve been running this dual stack network since 2005. All of Google, Facebook traffic goes out through IPv6 first. We haven’t experienced any major malfunctions in our IPv6 network since we went live with it. So why are people hesitant to implement it? Let’s take a look at some misconceptions.
1. No one can memorize those long IP addresses. Tens of thousands of network clients on our campus use native IPv6 daily for real applications. They usually don’t realize it and probably don’t care. The important thing is that it works. Users don’t care about IP addresses. They refer to a service by its name, for example, Google, Facebook, Scholar (our course management system).
2. Client configuration is a lot of work. In fact, you don’t have to do anything to most client systems. Windows, Macs, Unix/Linux system all have native IPV6 support enabled by default. Almost all browsers(Firefox, IE, Safari, etc.) will utilize an IPv6 network layer in preference to IPv4. If the client host has a global IPv6 address and the target server (the host name in the URL) has a AAAA DNS record, i.e., the name resolves to an IPv6 network, then the browsers attempt to connect to the target via IPv6. If the connection fails because IPV6 isn’t enabled then the connection reverts to IPv4. So, nothing has to be done to configure a client system to run in the IPv6 environment. If you want to make a service IPv6 capable, you simply add a Quad-A (AAAA) DNS record for the service. Viola! Your service is now IPV6 capable on an IPv6 net. Need to back the service off of IPv6? Remove the Quad-A DNS record. Service access reverts to IPv4.
3. Disable IPv6. Sean Siler, Microsoft IPV6 program manager stated in his presentation at the 2013 SANS IPv6 Summit that you should NOT disable IPv6 on Windows systems because Microsoft couldn’t guarantee that Windows would run properly without IPv6 support. Also, just because you aren’t running IPv6 nets doesn’t mean IPv4 can’t run. 6-to-4 tunnels allow IPv6 traffic to be encapsulated in IPV4 packets. See http://en.wikipedia.org/wiki/6to4 for details.
Bringing an IPv6 network online is a standard network management problem. You’ll need to do the normal address block registration, figure out how to parcel your subnets, configure all of your routers/switches, etc. When those tasks are completed, switch it on.
We’ll talk more about IPv6 in future articles.