By Timothy Rooney, Director Product Management, BT Diamond IP
With the recent announcement that the Internet Assigned Numbers Authority (IANA) has allocated its last remaining IPv4 address space to the Regional Internet Registries (RIRs), time is running out on availability of new IPv4 address space allocations. And many network engineers and managers are left considering their options.
As this remaining address space is allocated, enterprises will — in the not too distant future– have no choice but to implement IPv6 for Internet-accessible web or email servers. Any newly-formed organization or those that require additional address space after this time will be “IPv6-only” organizations.
This may not seem like a big issue, given the plentiful private IPv4 address space. But consider this — as this population of IPv6-only organizations and users grows, will they be able to reach your websites and email?
To serve this population, which will grow rapidly as more IP-based public and private applications are deployed, implementation of IPv6-addressable Internet servers is imperative.
Besides implementing IPv6 on Internet-facing servers, enterprises should take heed regarding IPv6 addresses already in use internally. Many popular operating systems, including Microsoft Windows and Linux, natively support IPv6 addressing. A major feature of IPv6 is address autoconfiguration, which enables a device to identify the subnet address to which it is attached by virtue of router advertisement messages. As well, it appends its self-derived Interface Identifier to this subnet address to fully compose a unique IPv6 address unbeknownst to network administrators.
Autoconfiguration may provide a convenience for users initializing on a network. However, it runs counter to network admission control (NAC), a strategy for reviewing and approving the assignment of addresses to devices. The scope of autoconfigured IPv6 devices can be constrained to a local link by disabling the autoconfiguration option in router advertisements or by disabling router advertisements altogether, until you consciously deploy IPv6 on the given link.
We’ve written several white papers on this issue to help network engineers and managers prepare and understand the options. The IPv4-IPv6 Co-Existence white paper is geared to enterprise planners while the Service Provider IPv6 Deployment Strategies paper is focused on service provider options.
Also, exclusively for SecureThinking readers, we plan to give away a copy of my book, IP Address Management Principles and Practice. To enter to win a free copy of the book, please answer the following questions and submit them back to us through the comment area below:
Does your company have any plans to support IPv6?
- Not in the near future
- In the next 3 years
- Sometime in the future
What key services is your company looking at for IPv6 at the moment?
- Training
- Project Management
- Assistance in setting up a test lab
- Other (please specify)
Rank the information on IPv6 that you are most interested in:
- Security
- Interoperability
- Fundamentals on how it all works
- IPv6 Address Management
- Other (please specify)
