Despite the much-anticipated depletion of public IPv4 addresses, adoption of network address translation (NAT) has led most enterprises to continue using IPv4 both internally and at the internet edge. But as companies refresh their networks and IoT begins to pick up steam, many network administrators are finally making the choice to incorporate IPv6 in their network in some capacity. Here are some fundamentals when it comes to an IPv6 transition.
How to read an IPv6 address
By far the most important skill in an IPv6 transition is simply understanding how to read an IPv6 address. While IPv4 and IPv6 addresses accomplish the same goal, they look drastically different. An IPv6 address is 128-bits long compared to just 32-bits for and IPv4 address. While IPv6 addresses use the same mask structure as IPv4 to differentiate the host bits from the network bits, –it's on a 128-bit scale.
Because IPv6 addresses are so much larger compared to IPv4, they use a different method to break each number down so it's more manageable. Each 128-bit address is broken down into eight groups of 16-bits that are represented in hexadecimal format. The eight groups are separated by a colon; for example:
This address is usable, but it’s still fairly large to work with. Thankfully, there are some tricks to condense it even further. For example, within each 16-bit segment, any leading zeros can be eliminated from the address. But remember, there must be at least 1 digit within each segment. Therefore, using our example, we can shrink our address to this:
And one last trick to fully condense an IPv6 address: you can eliminate one or more consecutive 16 bit groups that contain all 0's. So, in our example, the fully condensed IPv6 ends up looking like this:
IPv6 implementation strategies
Once you have a grasp of the basics regarding IPv6 addressing, the next step is understanding the different implementation approaches you can take to get IPv4 and IPv6 routing to operate either independently, side-by-side or in tandem. Three popular approaches are native IPv6, dual-stack and tunneling.
Native IPv6: This method completely abandons IPv4 in favor of a network that is addressed and routed in IPv6. While this may be the end goal for many organizations, it's not practical in 2017. The reason for this is that you'll undoubtedly run into situations where devices or network components are not IPv6 compatible without significant hardware or software updates.
Dual-stack: A popular way to prepare for the eventual transition to a native IPv6 network is to run both IPv4 and IPv6 on your network in tandem. This is known as a dual-stack architecture. The idea is to use IPv6 when you can, and fall back to using IPv4 when necessary. It’s a good way to test the IPv6 waters on an enterprise network.
Tunneling: The idea behind IPv6 tunneling is to run IPv6 natively on some parts of your network, while encapsulating IPv6 packets and tunneling them through an IPv4 native network in areas where IPv6 cannot be implemented. This method is popular in very large enterprises where it's too much effort to go completely native IPv6 or to run a dual stack.
IPv6 at the internet edge
While running IPv6 on internal networks is a fantastic goal to have, running both IPv4 and IPv6 at the internet edge provides more tangible benefits. Eventually, there are going to be internet users that only communicate using IPv6. This is especially true with mobile devices. Consequently, you will need to make sure your publicly accessible resources are reachable using both IPv4 and IPv6.
In order to prepare your internet services, you need to know how to address public resources for IPv6, including edge services such as websites, DNS, email and VPNs. Methods for making these services ready for IPv6 include address translation, load balancers, reverse web proxies, and proxy through the use of content delivery networks (CDNs).