In 2007 the IETF deprecated the NAT-PT translation solution (RFC4966) because translation was considered harmful. Less than two years later translation it is back in the IETF and back with force. During the 75th IETF meeting in Stockholm this week translation was one of the big topics and one of the topics with a great sense of urgency. The replacement for NAT-PT is now called NAT64 and offers a translation between IPv6 and IPv4 in much of the same ways as NAT-PT. There are of course differences to address the major issues that were brought up when NAT-PT was deprecated but it doesn’t address the issue with translation being in issue in general and that it might create some of the problems we are seeing today with NAT.
NAT64 is combined with DNS64 to create the complete translation package to allow IPv6 clients to access IPv4 servers. One major issue with NAT-PT was the fact that it broke DNSSec. This has been address with DNS64 which moves the generation of IPv6 addresses into the clients trusted domain.
In addition to NAT64 there are other translation solutions that are more focused on translating IPv4 to provide a greater IPv4 address independence by increasing the use of private IPv4 addresses. This was also considered bad just a few years ago but is now part of the central discussion with the IETF. Large scale NATs, or carrier grade NATs as they were called before people realised that NAT would never become carrier grade, are requested by some operators who aren’t concerned by the operational issues of running large private networks. Other translation proposals such as DS-lite try to run IPv4 on top of IPv6 in order not to have to care about IPv4 addressing.
All this translation is scary but some of it is inevitable as we quickly are getting close to the end of IPv4 and everybody agrees that we need to maintain supports for IPv4 clients at the edge one way or the other. Let’s just hope that the more sensible approaches as DS-lite prevail or we might end up with tons of nested NATs and no IPv6 and no more peer to peer communication.

Asia Regional Conference organized by the Internet Society (ISOC) in collaboration with the Asia Pacific IPv6 Task Force and the National Advanced IPv6 Centre of Excellence just concluded in Kuala Lumpur, Malaysia on the 20th of July 2009.

The key messages that came out of this event were

1. IPv6 is not the next generation technology but the current technology
2. There is no killer application for IPv6, the internet is the killer application
3. IPv6 Business Case – if you want to stay in business start enabling dualstack networks

More information about the conference is at:
http://www.isoc.org/isoc/conferences/inet/09/kualalumpur.shtml

Julian Vincent

Well it’s official, our new company gogo6 is up and running!  In a deal that took six long months to complete, gogo6 is taking over from where Hexago left off.  You’ve probably heard the saying, “it’s a marathon, not a sprint.” Well in the case of IPv6 it’s a long distance relay race, not a marathon.

When Hexago was founded it was believed the migration to v6 was only a few years away.  It was believed that the path there was v4 -> dual stack -> v6.  But when the network engineers lost their drawn out battle with the bean counters, migration elegance was forever lost to practical coexistence and the tenets upon which Hexago was built needed to change – to be broadened.

So the baton is now passed to gogo6.  A fresh company with a new point of view, where everything we do is about solving the hard problems around creating v6 interoperability in a world running low on v4.  Besides expanding our product line, expect us to tighten up the go6 community so everyone involved can benefit from each other’s experience in their pursuit of v6.

Now that the buyout from management is complete, we are starting up with the energy, vision and experience necessary to cross the v6 finish line.  Hope to see you there.

Bruce Sinclair, gogo6 CEO
bruce@gogo6.com

A few years ago we exhibited at the GSMA Mobile Asia Congress in Macau.  We reasoned that the increased popularity in smart phones would drive the mobile operators to require an IP address in every handset.  This internal conclusion was supported by discussions with our Japanese customers with large mobile networks on the difficulties of managing overlapping addresses in “ten” networks and the work that was going on at the 3GPP standards committee on the requirement of IPv6 for IMS implementations.  It all made sense. 

With me I had my new iPhone 1.o.  I purchased it on a recent trip to NY and had it cracked so it worked on one of our local operator’s 2.5G networks.  With it I could demo a cool service that used proxying/reverse proxying to allow v4 handsets to take advantage of v6 addressing for NAT traversal into private home networks.  We were at the mobile show in Asia where smarter than average phones were being used in daily life, we had a nice booth with a good location, there was an exploding market, we solved a real problem and the standards committees were behind us.  The stage was set.

Unfortunately it turned out to be one of the slowest (and consequently most expensive) shows we attended.  The problem was that no one knew what an IP address was let alone an IPv6 address.  “It’s required access the Internet” I’d say.  Keith our guy in Hong Kong, would say, “It’s like a phone number for the Internet”.  Didn’t matter.  Whether explained in English or Cantonese the look would be the same, starting out with puzzlement that lead to glazed over eyes upon further explanation and finally distraction when they saw their next target in the exhibit hall.  It seemed that there was no money in this Internet thing for phones.  The demographic at the show wasn’t thinking beyond the next quarter or two. 

Fast forward two and a half years and with the iPhone 3G S, Android, Pre and thousands of cool mobile apps and it seems like the logic is finally playing out.  Good report and investigation from Derek Morr’s blog at CircleID on Verizon’s mandated IPv6 support for their next gen smart phones.  Problems are the same, swap LTE for IMS and a further diminished IPv4 pool and we are now seeing business lead the way in mobile space but do you think they’ll know what an IP address is this year in Hong Kong?

Bruce Sinclair

Here’s a presentation on IPv6 Tunnel Brokers given at ARIN XXIII in San Antonio last month.  Other interesting presentations can also be found on this page, including one from Alain Durand on DS Lite which has been getting a lot of attention lately. 

Bruce

If you are new to IPv6 and looking for the fundamentals dished out in a palatable form, check out the 6deploy site’s e-learning package.  6deploy is a European project, partially funded by the EC, with a mission to provide operators and service providers with IPv6 training and support for deployments.  The site is dense, as many European funded projects usually are, which makes this package that much more appreciated.  This definitely belongs in our future IPv6 101 section.

Bruce Sinclair

A well written paper by the folks at DREN, the Defence Research and Engineering Network under the Defence Department’s High Performance Computing Modernization Program, can be found here: DREN Success Story. 

DREN, an early Hexago customer, is credited with having the first operating IPv6 network in the US government and this paper describes their real world experience in getting it operating and what they have identified as their six key factors of success.

DREN is leaps and bounds ahead of the US government OMB mandate which, among other things, dictated that by June 30, 2008:

“All agency infrastructures (network backbones) must be using IPv6 and agency networks must interface with this infrastructure. Agencies will include progress reports on meeting this target date as part of their EA transition strategy.”

Now, many US government departments and agencies interpreted this to mean flowing IPv6 packets between two core routers conveniently forgetting about the “interface with this infrastructure” part but not DREN.  They went above and beyond and ahead of schedule in their implementation and, in their words, “It is now time for federal stakeholders to travel the trail blazed by the DREN” or in my words “it is high time to get this party started”.

Bruce Sinclair

Anything to be aware of on layer 2 when activating dual stack ? IPv4 and IPv6 should after all peacefully and safely coexist on the same network as each version has a specific layer 2 ethernet type, 0×0800 for IPv4 while IPv6 responds to 0×86dd. The value of this field tells the node which layer 3 protocol follows in the ethernet frame. Is this new? Not really, this was defined in RFC 2464 (1) in December 1998, more than a decade ago. The IEEE Ethernet Field Registrar (2) issues and maintains the list (3) of allocated Ethernet types. And 0×0800, the IPv4 ethernet type, result of the venerable RFC894 (4), will be a quarter century old next month! This RFC defines a standard protocol for the ARPA – internet community (sic).

Remarkable how Ethernet has evolved and been widely adopted over this period extending its reach from LAN to MAN to WAN and from 10meg to 10gigE. One has to credit the IEEE for quite an efficient job as a standards body.

Over in the IP world, this month of March will see IETF 74 (5) meet in San Francisco and continue to ponder transitions, address translations, double translations, even carrier grade translations. In the meantime the IPv4 pool has shrivelled to 32 /8’s in IANA’s free pool and in Manila last week the policy session (6) at the APNIC meeting further looked at ways to cut the remaining IPv4 address pool in ever smaller pieces and even allocating them for shorter time frames to somehow delay the inevitable. The Regional Internet Registries now even have a mechanism to equitably share recovered, reclaimed and returned pieces of IPv4 address property. APNIC has even adopted a proposition on how to parcel out crumbs of the very last /8 they will get allocated.

A modern day Géricault might start painting the “Radeau du IPv4” . I felt reassured however by the growing number of IPv6 address allocations by RIR’s to local registries and ISP’s as we saw in the NRO update (7). Let’s just start using them a bit faster and pity the poor souls who will be left on the IPv4 raft .

Yves Poppe

March 2009

1. http://www.ietf.org/rfc/rfc2464.txt

2. http://standards.ieee.org/regauth/ethertype/type-tut.html

3. http://standards.ieee.org/regauth/ethertype/eth.txt

4. http://www.ietf.org/rfc/rfc894.txt

5. http://tools.ietf.org/agenda/74/calendar

6. http://www.apnic.net/policy/proposals/index.html

7. http://meetings.apnic.net/program/amm/pan-nro-stats.ppt

At Cisco Networkers (1)  in Barcelona earlier this week,  some of us saw a dragon try to wiggle out of its shell, provided you connected in IPv6 that is.  A smile to Kame (2), the turtle which only danced under a IPv6 caress.

Networkers 2009 saw more than 3000 attendants and a good complement of IPv6 presentations highlighted by a high powered plenary panel  on the status of IPv6. It was chaired by Pat Calhoun, Cisco CTO, with outside participation from Google, Archrock, Spacenet, the European Commission, Free.fr( 3) and Tata Communications.

Anything to remember from all this IPv6 talk early in this new year? Well, if you turn it on, they come, both endusers and traffic that is. Since Free (3) turned on IPv6 on their Freebox last year in France, more than 200,000 of their subscribers activated it.  Google sees growing numbers of IPv6 searches,  ISP’s see growing IPv6 traffic…

Granted, it’s still a trickle compared to IPv4,  but the chances to see the internet  facing collapse when running out of IPv4 addresses or  become clogged with NAT-plaque , are receding.   A growing number of ISP’s are upgrading their networks to assure the continuing health of the internet and their revenues, content is on its way as are new green field application domains.  Judging from the numbers who attended the IPv6 sessions this week, not too many really want to stay behind that much longer.

We have not  yet seen the full power of the Internet Dragon,  but this week, it was stirring under its shell.

Yves Poppe
February 2009

(1) https://www.cisconetworkers2009.com/eventlink/cybercafe/home.ww

(2) http://www.kame.net/

(3) http://www.free.fr/adsl/

Registration is available at http://meetings.apnic.net/

Promotional video is available on YouTube ie. http://www.youtube.com/watch?v=LNJXn2h8-Y0