Monthly Archives: April 2014

When should I start planning for an IPv6 deployment? – Article #2

In IPv6 Article 1 we explored the current rate of adoption globally for IPv6, and made the conclusion that yes, its real and will be mainstream within 4 years. This raises the obvious question of “when do I need to start planning?” & of course, the answer is “it depends”

  1. How big is your enterprise will determine how long an implementation may take – you can work backwards from there…
  2. Where do you need v6 initially – the edge, the core? there are several common deployment models that depend on your specific needs?
  3. What IPv6 services do you see yourself offering to your clients, or your own business?
  4. Do you have the base requirements in place i.e. addressing plans, IPv6 prefixes, V6 policies and standards?
  5. How complex is your environment – do you have dual ISP connectivity for example and will need a highly available provider independent address space to route?

The above are a few of the questions you will need to answer in the early stages of planning.

A good place to start is with point 4 – which is essentially proper planning. A lot of organisations sort of skip this step which of course will lead to a broken implementation and higher costs down the line. Some of the elements required here should be;

  1. Apply for your v6 prefix from your RIR, and your BGP ASN if you will need one (hint, get one)
  2. Design your v6 IP schema and address plan – sounds simple? its not…
  3. Update your IPV4 Security Policies to include this new Protocol. IPv6 schemas can be used to enforce policy on bit matching or this could be a good time to start considering your next-gen firewalling strategy, based on user authentication policy enforcement and move away from static and hard to scale / manage IP address based policies.
  4. Determine your v6 standards, and create a procurement checklist to ensure all new network devices can transport v6 as needed (think PIM-v6, OSPFv3 ,BGP address-families etc.)
  5. Plan for the network services that will need to be enabled as well, this will cover at least IPv6 DNS & DHCP services

If you cant tackle that yourself, as you probably wont have the skills yet – then go get yourself some consultancy to get you going – it will be worth the investment in the long run.

There’s a lot to cover to even go over the high level steps and considerations for your long term IPv6 deployment strategy – in the next article we will assume your planning is completed and take a look at how you can roll V6 out in a controlled manner.