Avatar

Over two decades ago—an eternity in internet time—the most recent version of the Internet Protocol (IPv6) was approved that vastly increased the available number of IP addresses—the unique identifiers for each device connecting to the internet. Back then, the Internet Engineering Task Force (IETF) standards body realized that the immense growth of the internet and the number of devices connecting to it would “soon” exceed the available 32-bit format of IPv4 addresses—a mere 4.3 billion—and impede innovation and expansion of the internet for businesses, governments, and individuals.

IPv6 was designed to support 340 trillion trillion trillion—not a typo!—addresses using a 128-bit format. However, by that time the shorter IPv4 format for IP addresses was firmly programmed into network devices, applications, and business computer systems. While the address system was already showing signs of stress, a growing number of personal computers and smartphones would also require unique IP addresses. IT teams in business and government organizations were able to creatively deploy techniques that helped to extend the life of IPv4 addressing. Using Network Address Translation (NAT) software built into routers and firewalls, for example, enabled one public-facing IPv4 address to accommodate multiple devices within an enterprise network. Similarly, service providers were using Carrier-Grade NAT to expand the use of available IPv4 addresses for mobile devices.

However, while effective, these techniques were basically bandaids that made up for IPv4’s lack of address space. Using NAT, for example, obfuscates IP addresses within the enterprise network, making managing Access Control Lists (ACL) much more complex. Security is inhibited with NAT too because when hundreds of devices are sharing the same IPv4 address it’s difficult to apply security policies accurately or quarantine rogue devices without affecting all the other devices identified with the same IP address.

Adding to the crowded address space, there has been a massive increase in consumer devices connected to the internet, rising from 5 connected devices per household to 50 devices from 2015 to 2020. More recently, the rise in IoT, smart building OT, and cloud-native applications deployed in containers for scalability, has truly stressed IPv4 to the point where organizations are competing—and spending—to purchase tranches of IPv4 addresses just to keep operations running. The growing adoption of public and private 5G, Wi-Fi 6, and edge compute are enabling industries to connect more devices and industrial control systems that need even more unique IP addresses. All this activity has changed IPv6 from experimental to a requirement for new digital transformation projects.

To maintain the steady modernization of information systems, the need to transition to IPv6 is urgently apparent to organizations and governments around the world. India and China, with their enormous populations rapidly adopting digital technologies, are at the forefront of the transition to single-stack IPv6. Mobile operators who need to support millions of smartphones, all running containerized programs, have already quickly shifted to IPv6. The hyper-scale cloud providers have completed the transition of their internal data center operations to IPv6 while maintaining their interfaces to the internet to accommodate IPv4 addresses still in use in older devices, websites, and legacy applications. On the application side, Apple has required iOS and MacOS apps to be designed for IPv4 and IPv6. The US OMB has published a mandate for all Federal departments to plan and commit to the transition of at least 80% of IP-enabled assets on Federal networks operating in IPv6-only environments by the end of FY 2025.

After 24 years, the time has finally arrived for IPv6. This necessary transition in internet protocols once again demonstrates the embedded nature of networks that make everything work together, anywhere, anytime.

“After 24 years, the time has finally arrived for IPv6. This necessary transition in internet protocols once again demonstrates the embedded nature of networks that make everything work together, anywhere, anytime.”

Planning for Transition to IPv6 with Agile Practices

Cisco IT is Customer Zero for IPv6-only inside our networks. This means they are actively designing, testing, and building IPv6-only as part of the Cisco campus environment. Cisco IT is approaching this effort using agile practices in one campus building today so that they can experience, resolve, and learn about the potential hurdles our customers may face. For Cisco IT, one of the key reasons to convert to pure IPv6 is to enable an easier migration path from Virtual Machines to Containers for software applications. Another significant benefit being evaluated is the potential for adding an exploding number of IoT devices: sensors, cameras, and other smart building components, by leveraging IPv6 to simplify network access and zero-trust to streamline security.

Currently, most Cisco campus buildings and branches are running dual-stack IPv4/6 with opportunistic use of IPv6 on endpoints like laptops and mobile devices. As Cisco IT progresses through their agile transition plan, they intend to cohesively integrate holdover devices, such as badge readers, printers, and cameras.

Cisco’s Long-Term Commitment to IPv6

Even though IPv6 has been a standard for 24 years, many organizations were satisfied with the workarounds being used to overcome the IPv4 limitations. Why change a major part of the network infrastructure when it was working? As we explained in this post, with all the rapid changes and additions to the internet and enterprise networks—smart building systems, IoT for distributed manufacturing, hybrid work, and massive numbers of mobile devices—the status quo is no longer an option. Organizations that want to grow must consider transitioning to IPv6-only networks, eventually reducing, and then eliminating dual-stack IPv4/6 implementations. Cisco understands the need for the transition and all new development will be IPv6 ready. Cisco is committed to updating existing hardware and software solutions to support IPv6 end-to-end deployment across multiple domains including campus, data center, cloud, and internet. We are also providing security, management, and monitoring tools to customers to assist in planning the transition to IPv6 networks.

Stay tuned for future updates on Cisco’s transition to IPv6 and how it impacts decisions and timing for upgrading your network infrastructure.



Authors

Ravi Chandrasekaran

Senior Vice President, Engineering

Catalyst Engineering Group