Your handy IPv6 checklist

Feb. 3, 2011 is a date that will live in infamy — for some of us, anyway. That day marked the last time IANA will allocate a fresh /8 netblock to one of the Regional Internet Registries (ARIN, RIPE, and so on).

One could legitimately say that the Internet is indeed out of IPv4 addresses right now, but the pain won’t really be felt until the RIRs deplete their allocations and ISPs burn through what they’ve already been allocated. That date will vary depending upon what part of the world you live in. The Asia-Pacific region is slated to run out first, but everyone else is close behind. Getting a good old dotted-quad IPv4 allocation from your ISP is going to be a fun bedtime story you can tell your kids within the next year or two.

[ Behind the curve on IPv6? Matt Prigge shows you how to build your own IPv6 lab on the cheap with everyday materials. Check out both parts, and you’ll be right on top of the new protocol. | InfoWorld’s Peter Bruzzese suggests that users get their Windows networks IPv6-ready while they still can. | Keep up on the latest networking news with our Technology: Networking newsletter. ]

Introducing IPv6

Of course, as most technologies become overwhelmed by their own success, there’s usually a replacement around the corner that’s ready to jump in and save the day. In this case, that replacement is the much seen but rarely understood IPv6, and it’s been around since 1998. Talk about a slow walk into the spotlight.

Replacing IPv4’s theoretical maximum of about 4 billion addresses with about — wait for it — 340 trillion trillion trillion addresses, IPv6 will handily solve the address consumption problem. In case you’re having a tough time wrapping your mind around the number, that’s enough to give each human cell in your body an IPv6 address and still have some left for all of 34 trillion trillion other people’s cells. It’s safe to say the IETF working group that settled on a 128-bit address wanted to be fairly certain that we’d never have to go through this again.

Increasing the address space is by no means all that IPv6 does. IPv6 implements a raft of other changes over IPv4, including significantly more flexible multicast support, the elimination of broadcast (now just a type of multicast), autoconfiguration and renumbering support (with or without DHCP), a redesigned header and header extension mechanism, and a very sane hierarchal address format — to name a few.

All of that is very cool, but it’s also a fairly significant departure from what most of us are used to. Perhaps because of that variation, combined with generalized apathy, uptake of IPv6 among the Internet community has been extremely sluggish. As of this writing, only 8 percent of the active ASNs on the Internet are actually advertising routes to IPv6 networks, and a large portion of these are ISPs that form the backbone of the Internet. Only about 1.4 million DNS domain names include IPv6 AAAA name records (out of the 200 million-plus that exist). However, with the impending exhaustion of IPv4 address space, the transition will accelerate — quickly.

The IPv6 checklist

If you want to get started with IPv6, you’ll first need an operating system that supports the protocol. Fortunately, you have one. I can almost categorically say so because every Microsoft OS since Windows 2000, Linux kernel since 2.1.8 (1998), and Apple OS X since 10.3 (2005) has had at least some form of support for IPv6. Newer operating systems even have it enabled by default, so it’s probably turned on. Oddly enough, if you’re reading this on a smartphone with 4G service, there’s a pretty good chance you’re using IPv6 right now.

Next you’ll need an Internet connection that supports delivery of IPv6. This part is a bit trickier. Most subscriber Internet connections don’t yet support native IPv6, but that is starting to change (welcome to IPv6, Littleton Colorado!). Many tier 1 and tier 2 ISPs that might be delivering bandwidth to your corporate network will also deliver IPv6 if you ask for it, but chances are you haven’t yet. That’s OK — for our purposes, there’s an easier way that won’t require calling your ISP, replacing your cable modem (or your whole cable company), upgrading your firewall firmware, or hacking around in the configuration of your core router.

That easy way is through the use of an IPv6 tunnel. There are a multitude of different transitional technologies that exist to allow backward and, in a sense, forward compatibility between IPv6 and IPv4. To be precise, there is no real forward compatibility from IPv4 to IPv6 — a device attached to an IPv4 network that is only running an IPv4 networking stack cannot interact with an IPv6 network at all (though there are tunneling technologies that will allow IPv4 networks to reach each other through an IPv6 network).

However, since almost every device you’re likely to come across does have an IPv6 networking stack, you can run both IPv4 and IPv6 at the same time; this is usually referred to as a hybridized or dual-stack configuration. If the network you’re attached to isn’t already configured to handle IPv6 traffic (including routers, firewalls, and so on), you’ll need to build an IPv6 tunnel from your machine through the IPv4 Internet to somewhere else that can act as a gateway onto the IPv6 Internet.

You can use a number of free services to do this, but I’d recommend you try out Hurricane Electric’s free IPv6 tunneling service. It’s easy to sign up, and between Hurricane Electric’s FAQ and video tutorials, you shouldn’t have any trouble getting it to run on your own workstation or even on your router or firewall if it supports 6to4 tunnels. One large caveat is that your firewall must support NATing protocol 41 to use Hurricane’s service — some older models do not. In those cases, you’ll probably have to use a different service that supports “Teredo” UDP-based IPv6 tunneling.

Once you’re rolling along, you can run IPv6 traceroutes to get a feel for how it works and test it by hitting IPv6-only sites. If you’re a network admin with access to network hardware (or software) that can run BGP, as well as your own ASN, Hurricane Electric will allow you to advertise your organization’s IPv6 prefixes via their tunnel — also for free. This service can be more than just a testing and educational tool.

Now you’re ready for World IPv6 day

If you get a chance to set up your network before June 8, 2011, you’ll have a front-row seat for World IPv6 Day. On that day, a raft of major Internet organizations will turn on dual-stack IPv4/IPv6 connectivity on their front-line services in an effort to gauge the true penetration of IPv6 implementations and to help the Internet at large kick IPv6’s tires in production. Until then, I’ll be using Google at 2001:4860:800f::63. See you there!