Photo by .reid.
The impending exhaustion of IPv4 addresses just got a step closer as APNIC (the Asia/Pacific organization in charge of IP address allocation) has issued their last addresses. Technically, they still have some addresses in reserve but these are for use only for organizations that need them within their IPv6 infrastructure and will only be doled out in very small chunks (/22 size chunks, or 1024 addresses).
I mentioned this back in February, how the top level manager of all things IP (ARIN) allocated their last blocks to APNIC. It was expected that APNIC would last until at least summer but they got used up much quicker than expected. It doesn't look good for the other regional registries, they will probably all be exhausted by the end of 2011.
So, what's a sys admin to do? Well, you can read through the excellent tutorial from Michael Pietroforte at 4sysops. It's pretty short and to the point and should put you at ease about the complexity of IPv6 (as it did for me).
The other thing you can do is wait. Not necessarily the most prudent thing to do in the world, but not the worst either. The programmer's procrastination mantra is "Why do today what you may not have to do tomorrow?" The truth of the matter, and the reason that IPv6 uptake has been slow, is very simple. It's an economic reality that people aren't going to move until the cost of not switching is higher than the cost of switching. An IPv6 migration costs time and money and that comes at the expense of other things that need to be done within a network. Future costs are still a bit nebulous at this time and so are hard to factor into ones decision making process.
It's not like Y2K where there was a set-in-stone drop-dead date and the non-tech world was fully aware of it and putting on pressure. Also, as has been shown in the past, there are technical solutions that will probably keep IPv4 alive (on life support) for a considerable time. As the costs of those solutions continue to climb, they will eventually meet the slowly dropping cost if IPv6. When they meet there may be a tipping point and some will be left scrambling. Even then, it may still be cheaper to wait and scramble. That's just one of the risks in living in a dynamic tech world.
So, from the trenches, where do you stand? What have you already done and what are you planning to do about IPv6?
Photo by heyjoewhere...
Back in July when I wrote about 5 Things This Procrastinating System Administrator has Learned I was pretty skeptical about the dire need to move to IPv6. I still am, but in the mean time I've been seeing stories about how some companies have been moving in pieces over to IPv6 and seeing how the move is going to eventuate. Everything Sysadmin has a good post on Successful IPv6 Projects which I think does a good job of outlining some strategies.
As I said before, I think that IPv6 was designed to avoid backward compatibility in a misguided strategy to get people to move over wholesale from IPv4. Whether this is true, or if there really are insurmountable technical limitations to backward compatibility, it doesn't change the fact that transitioning is difficult. Very difficult. Because of this, you don't see anyone drinking the whole jug of Kool-Aid and ditching v4 altogether. Instead, what you see are projects that transition to v6 with new devices or networks or with pieces that won't impact existing v4 users.
This is a good strategy because in doing so existing networks need to be upgraded to support the new standard in order to access the upgraded pieces. With a business case made, and a well scoped project defined, then an upgrade of a small piece of the network touches everything and gets the whole network ready to move. Since the real issue with v6 comes in interconnectivity outside of your network (read: Internet) being ready to flip the switch to v6 while still running v4 is really all you can, and need, to do for now.
At some point there are going to be two Internets, one that is v6 only and one that is still v4. There will be a lot of the Internet that can handle both but it can safely be considered the v4 'net. Once there is a critical mass on the v6 only side then any network which can't access it will be left in the dark ages. I still think we're very far away from that point, but now's a good time to start working on getting that little piece upgraded. Look for success stories out there, such as those on the Everything Sysadmin blog, to get some ideas of what pieces you can work on.
Photo by dhepnar
I've been following the story of IPv6 for a while now, and I've been following it like I believe most system administrators have been. Which is the standard waiting-for-when-I-have-to-drop-everything-and-get-it-implemented way. I'm sure that this attitude makes some people unhappy, after-all we're running out of IPv4 addresses and I'm keeping us from solving the problem. If we all took the time now to get things switched over then we could avoid IP Addressageddon.
Well, it's not as bad as all that. In my, admittedly limited, experience I have learned a few things which makes me a little less worried. Less worried, but still a bit worried.
1. The death of IPv4 has been greatly exaggerated.
Available IPv4 addresses were supposed to run out this year, but that date has been pushed back to 2011 despite a (somewhat) mad rush on addresses. The date will probably be pushed back again, but each time it does, the cost of not transitioning will increase. No one wants to be left without a chair when the music stops, but on the flip side, no one wants to spend time or money now when there still seem to be quite a few chairs left.
Personally, I think that IPv4 will be with us long until after the IPv6 transition is essentially complete and that some form of technology will keep it alive in the same way that there are still people on dial-up. In the same vein, though, there are good reasons to get off of dial-up.
2. Vendors are already there, so there's no excuse!
One thing that I hear from IPv6 advocates (zealots?) is that vendors are supporting IPv6 in droves and so it should be simple to move our networks over. IPv6 has been in Windows, Linux, various UNIX, and OS X for years (with hardware for about as long) what's the hold-up?
Well, implementing IPv6 at the vendor level is (not to put too fine a point on it) a helluva lot easier than at the system administrator level. It's nice having all of the pieces of the puzzle, but it's the job of putting them together that is the hard work.
3. IPv4 mapping could have been better.
I think that the IPv6 standards committee dropped the ball here. I get the feeling (and this is based solely on my impression, I haven't done enough research to verify) that IPv6 was designed to be as minimally compatible with IPv4 as possible. The idea seems to have been that by making it harder to move to v6 piecemeal it would make the transition happen faster. If that is the case, then I think that the opposite is the result. By increasing the cost of a slow rollout of v6 it made it more attractive to stick with v4 as long as possible.
I may be completely wrong on this, I will admit. There may be technical reasons why a move to v6 couldn't have been very smooth. But I'm thinking of NAT here. When NAT came out it was a godsend for many reasons, even though it was a kludge that has a whole new set of problems. It hit where it needed to, by allowing new nodes to be added with very little disruption to existing infrastructure. IPv4 mapping seems to be trying to provide a seamless move to v6 but either it's not as good as it could be or it has really bad PR.
4. IPv6 readability.
IPv6 addresses are hard to read. There, I said it, you can now come to confiscate my nerd credentials.
Really, though, I understand that v6 addresses are 4 times longer than v4 addresses and there's no way that they can be as easy to remember and work with. But the 4 octet scheme of v4 is so ingrained in sys admin culture that it seems crazy to depart from it so much with v6. Sure, eventually we'll all be thinking in v6 subnets and addresses but it's a big jump. I can't help but think that the v6 representation came out of academia instead of from the trenches.
5. Subnetting is still important.
When the move to v6 finally comes, don't give up all of the knowledge you've built up around subnetting. Sure, even the smallest v6 address allocation provides for 65536 subnets each with billions and billions of nodes. But that only takes care of part of the issues with subnetting today. It's still necessary, although easier, to understand where to divide subnets relative to physical routing. It'll be much easier, but not automatic.
IPv6 is inevitable, so let's all keep an eye on the bouncing ball. But don't panic just yet, the tipping point is still a ways away. It would be nice if the move to v6 was as easy as rolling out a new OS (even though that certainly isn't easy, but it is easier.) But it isn't, so we sys admins will continue to do what we always have done: Make it all work somehow.
Follow me on Twitter
We've been working with some clients on their upcoming requirements to support Internet Protocol version 6 (IPv6) compatible software. Over the past year I've fielded a ton of questions about why it's a good idea to be ready for IPv6. When I came across IT Dojo's piece (video) on the most common questions that they've received about IPv6, it brought back the past twelve months quite vividly.
It's a great video. It includes tips on shortening the new addresses as well as calming fears about co-existence between IPv4 and 6.
Video: Answers to five questions about IPv6