CNET también está disponible en español.

Ir a español

Don't show this again

HolidayBuyer's Guide
Tech Industry

Commentary: What to do with IPv6?

While the limited number of available IP addresses is a primary concern for IPv6 advocates, they have other arguments for migrating from IPv4. One example is security.

Commentary: What to do with IPv6?
By Forrester Research
Special to CNET
July 28, 2003 12:00 PM PT

By Stan Schatt, Vice President, Forrester Research

While the limited number of available IP addresses is a primary concern for IPv6 advocates, they have other arguments for migrating from IPv4. One example is security.

IPv6 requires the use of IPSec. Today, the widespread use of network address translation in conjunction with IPv4 requires work-arounds if IPSec is to be used. IPv6 could facilitate the more widespread use of security-sensitive applications, especially wireless applications, since they could use IPSec. Another benefit of IPv6 is its plug-and-play capabilities, which include auto-configuration and Anycast address support. The result is the ability to deploy large numbers of simple IP-enabled devices without the need for configuration.

Because there is built-in multicast support for IPv6, advocates point to its ability to handle next-generation real-time video applications. Advocates point to IPv6's simpler header, which reduces fields from 12 to 8 and no longer requires routers to perform packet fragmentation.

Though IPv6 advocates point to superior quality of service, there are no standards in place, so there is no such tangible benefit. There are more IP addresses available in IPv6, but most large companies in the United States already have enough IP addresses.

Those that do need more addresses can use private addresses internally and NAT externally. Use of RFC 1918 compliant unregistered IP addresses is another approach. While IPv6 advocates point to better security, many U.S. companies use a combination of RADIUS servers and a combination of CHAPS and PGP protocols for authentication and encryption.

Should U.S. companies migrate to IPv6?
There are clients with very specific needs who should start planning the migration process to IPv6 as soon as possible. They include the following groups:

• Companies whose contracts with the U.S. Department of Defense comprise a significant source of revenue.

• Companies with major divisions in Asia, particularly in Japan, China or Korea.

• Supercomputer centers that focus on manipulating large graphical models.

• Universities and medical schools with large volumes of graphical data.

• Industrial research labs--particularly industries such as pharmaceuticals, where large graphical models comprise a significant portion of overall data traffic.

IPv4 and IPv6 are not compatible, and there are significant differences in the two protocols' packet headers. While newer switches and routers support IPv6, companies must take a close look at older equipment, which will not be compatible.

Related story

As much of the world nears an Internet address crunch, North America stands as an island apart, threatening to fragment plans for the biggest overhaul of the Web in decades.

While IPv6 protocol stacks are much readily available than a year ago, there are still potential problems for enterprises that have to support a variety of platforms including handheld devices.

The migration process
The world will remain predominantly IPv4 for several more years. It is likely to take until 2009 for even half of all Internet traffic to consist of IPv6 packets. For those Giga clients that do need to plan their migration strategy, the two most viable solutions for creating an environment of co-existence between the two protocols is a dual protocol stack and a tunneling approach. A dual-stack approach at the edge of a network would mean using host devices that run IPv6 and IPv4 simultaneously. This approach is useful for applications that must communicate with both IPv4 and IPv6 devices.

A second approach is to encapsulate IPv6 packets for transport over an IPv4 network. An IPv4 header is added to the IPv6 packet. Routers at the tunnel end points are configured with both IPv4 and IPv6 addresses. The IETF has specified two types of tunnels: configured and automatic. A configured tunnel is created manually by building a virtual link (tunnel) between two IPv6 routers. With automatic tunnels, end points are automatically determined using IPv4-compatible IPv6 addresses as specified in RFC 2373.

© 2003, Forrester Research, Inc. All rights reserved. Information is based on best available resources. Opinions reflect judgment at the time and are subject to change.