Show 21 – IPv6 for the Win! Part 2

What You’ll Hear

This week on the Packet Pushers podcast, Greg and Ethan continue an IPv6 technical deep-dive with Matt Ryanczak, Network Operations Manager at ARIN (where they’ve been running IPv6 since 2003) and Jan Bervar from NIL who has done several enterprise IPv6 deployments.

This is part 2 of 2.  In case you missed it, part 1 was posted here.

  • Running dual-stack IPv4 and IPv6 on my network scares me!  Should I be scared?
  • How long have vendors been including IPv6 features in their operating systems?
  • There’s a useful DNS trick in a dual-stack environment: you can run an IPv4 name server to serve up IPv6 addresses.
  • What routing protocol considerations does IPv6 bring to the table?  Is OSPF still OSPF?  What does my BGP configuration look like?
  • Did you know that you can exchange IPv6 BGP routes via an IPv4 BGP neighbor?  Not that you’d want to normally…but you could.
  • Do we really have a globally connected IPv6 Internet at this time (late 2010)?
  • IPv6 transition challenges aren’t just technical: some carrier provisioning systems aren’t ready to accept IPv6 addresses as input.
  • We got used to IPv4 summarization when we were designing large internetworks.  Is summarization still a valid technique when using IPv6?
  • IPv6 access-lists and prefix lists: different or the same when compared to IPv4?  Mostly the same, but with some interesting quirks.
  • What systems that we find commonly connected to our networks are truly IPv6 ready? Juniper, F5, Brocade, etc.
  • Another neat transition trick possible with some load-balancers: present an IPv6 address as your virtual address, and use it to hide IPv4 hosts serving the content.
  • What’s the best way to connect IPv6 islands when all you’ve got is IPv4 transit between them?  Tunnels (the duct tape of the Internet) are one way, but with the same old challenges:  MTU, PMTUD, and fragmentation.
  • What is the performance penalty when pushing IPv6 traffic through switching silicon optimized for IPv4? Probably a lot while the vendors ramp up.
  • When planning an IPv6 deployment, don’t forget to make sure your applications are ready for IPv6.  Many applications are not expecting anything other than an IPv4 address – will they break when fed an IPv6 address?
  • Go and do it! Time is of the essence.  IPv4 address space will be gone in 2011.  If you as a network engineer aren’t playing with IPv6 now, you’re putting your business at a disadvantage.

Feedback

Follow the Packet Pushers on Twitter (@packetpushers | Greg @etherealmind | Dan @rovingengineer | Ethan @ecbanks), and send your queries & comments about the show to [email protected].  We want to hear from you!

Ethan Banks
Ethan Banks, CCIE #20655, has been managing networks for higher ed, government, financials and high tech since 1995. Ethan co-hosts the Packet Pushers Podcast, which has seen over 2M downloads and reaches over 10K listeners. With whatever time is left, Ethan writes for fun & profit, studies for certifications, and enjoys science fiction. @ecbanks
Ethan Banks
Ethan Banks
  • Carl Von Hassel

    Any idea what effect IP(v)6 has on routing table memory requirements? I connect to the Internet off two ISPs each connected by a Cisco ASR 1002 router. Each router runs the full BGP routing table and a fully loaded ASR 1002 runs at over 80% memory utilization. If I add IP(v)6 routes would that significantly effect my memory utilization?

    Also at what point do you foresee it to be mandatory for enterprises to implement IP(v)6? Thanks again for your podcast.

  • http://www.nil.com Jan Bervar

    Currently, the full Internet IPv6 routing table has something like 2500 prefixes, which is peanuts compared to v4 and should not cause any issues with your current setup. Also, you can just run a default route in an active/backup setup (and/or optionally do some classic AS path length filtering) when the table grows past your memory constraints (in a few years or so… ;).

    As for the "mandatory" question: when the first content that you critically require is ipv6-only, or when the first critical customer of yours is ipv6-only. I would guesstimate that to be 2-4 years from now, depending on the availability and feasibility of local and remote ISPs' v4-v6 translation/transition mechanisms… Go dual stack before that, and you will not depend on ISPs at all. And remember that doing things at the last moment when the **** hits the fan usually does not result in an aesthetic infrastructure solution…

  • http://none Salender

    This was one of the best show. Could you clarify if we have to do a /64 for our subnets? We received a /48 from our ISP and now we have to divide it. I cannot find if it is MANDATORY or not…
    Thanks

  • Keith Tokash

    Ethan! Excellent series. I'm trying to get the v6 ball rolling at work and I was excited to find a few old hats just round-table discussing their experiences.

    • http://packetpushers.net Ethan Banks

      Yep, I learned a lot in that show myself. Hoping to be able to share some of my own real-world experiences over the next year.

  • Lauren Malhoit

    I was just going through our SAS70 compliance report and noticed that it has a section on making sure folks are using NAT on their firewall to hide IPs. I know you guys mentioned PCI does that as well.

  • Pingback: Show 33 – IPv6 It All Comes Down to Money — Packet Pushers

7ads6x98y