dcsimg

Hurray! IPv6 Day is Almost Here

By Pam Baker

(Back to article)

The alarm sounded: IPv4 was running out of IP addresses. To fix the problem, IPv6, the next generation of routing, came to be with plenty of fanfare about its nearly unlimited number of addresses and additional security. There is even an official day for fanfare, “World IPv6 Day” tomorrow on June 8 (hence the timing of this article!).

A bunch of Internet giants including Google, Facebook and Yahoo, will celebrate the day by enabling IPv6 on their main services for the whole 24 hours. It’s a day to go gaga over the impending switch over or at least to feel more confident about it ... not that there’s any choice really.

“The transition to IPv6 is not a potential issue, but a guaranteed reality,” said Peter Newton, director of Product Management, Business Products at Netgear. “The only issue is how fast that transition will take place and how painful will it be.”

Fortunately, the IPv6 transition is not a ticking time bomb with a hard deadline. Companies and consumers “will be able to manage their transition from IPv4 to IPv6 with NAT translation and dual-stack capable equipment to create an orderly, productive shift,” said Newton.

The transition should pick up speed after the hoopla on June 8 but, for the most part, few folks will notice much difference during the shift. However, at some point, equipment and software upgrades will become a necessity for pretty much everybody.

“Consumers and small businesses need to open a dialogue with their Internet service provider (ISP) about providing IPv6 services,” advised John Curran, president and CEO of the American Registry for Internet Numbers (ARIN), the organization in charge of managing address space in the U.S., Canada, and parts of the Caribbean. “Mail, web, and application servers must be reachable via IPv6 in addition to IPv4.

“If they have not already, consumers and small businesses need to ensure equipment, software and operating systems are IPv6 compatible and should impose IPv6 compatibility requirements on their vendors and service providers."

The funny thing is that most consumers and small businesses are likely to be using IPv6 enabled equipment already. It’s smart to check for that before running out to buy more equipment.

In the short term, service providers will feel the most pain as they need to procure more IPv4 addresses and convert their installed base of modems and networking gear to IPv6 capable gear, said Newton. “The real winners of this change will take advantage of the latest generation of networking gear to improve their efficiency and operational capabilities, giving them an advantage over their slower competitors.”

The bottom-line is that the faster companies and consumers make the switch the better off all will be.

More secure?

But will the switch to IPv6 really leave anyone any safer?

“In some aspects, IPv6 is considered more secure than IPv4 due to some built-in security capabilities, mainly the inclusion of IP Security,” explained Sharon Besser, VP of Technology at Net Optics. “Yet, IPv6 security uses the same methods to forward and route packets across the network as IPv4. In addition, the upper-layer protocols and applications that transport the application data are mostly unaffected.”

By contrast, IPv4 had no native security but security has been cobbled onto it over the years. Still, security issues linger. For example, network address translation (NAT) allowed businesses and households to share a single IP address for multiple devices. While such band-aids extended the life of IPv4, it also served to mask the bad guys; making detection, protection and prosecution all the more difficult.

“The good news is that IPv6 solves this problem. It allows for a virtually limitless allocation of identity on the Internet,” said Joe Yeager, a product manager at Lancope. “Not only can everyone have a unique identity on the Internet, all of their devices from their phones to their tablet PC’s to their toasters can be identified; perfect for security.”

“Currently, the two protocols have equivalent security,” said Curran. “As a basis of comparison, IPv6's best improvement is adding more bits for addressing (128 bits) over IPv4 (32 bits).”

There is a fly in the transition lube that is worrying security experts, however: large scale NAT (LSN), also called carrier-grade NAT (CGN). “For the security market, the changes IPv6 brings about are mostly good,” said Yeager. “The slow adoption rate, on the other hand, is not so good. Because the pressure from IPv4 address exhaustion is building faster than the cut-over can happen, technologies like LSN are being considered.”

Basically instead of one company or one household being behind a single IP address, LSN allows for literally thousands of customers to be behind a single IP address.

“Imagine you share the same identity on the Internet with thousands of random strangers,” said Yeager. Major websites such as Facebook and Google may have no other recourse after a malicious attack but to block that IP address, and thereby block you and the thousands of other people using it, he warned.

For a more complete explanation of the LAN issue, check out Facebook's IPv6 day page.

A prolific and versatile writer, Pam Baker's published credits include numerous articles in leading publications including, but not limited to: Institutional Investor magazine, CIO.com, NetworkWorld, ComputerWorld, IT World, Linux World, Internet News, E-Commerce Times, LinuxInsider, CIO Today Magazine, NPTech News (nonprofits), MedTech Journal, I Six Sigma magazine, Computer Sweden, NY Times, and Knight-Ridder/McClatchy newspapers. She has also authored several analytical studies on technology and eight books. Baker also wrote and produced an award-winning documentary on paper-making. She is a member of the National Press Club (NPC), Society of Professional Journalists (SPJ), and the Internet Press Guild (IPG).