By Curtis Franklin, PCWorld
The Internet promises unlimited connectivity, but such connectivity requires that computers and devices find one another through a common address plan. The current plan, in place since the late 1970s, is running out of open addresses, and a new scheme called IPv6 is being put in place to power the Internet's next stage of growth.
For small businesses that plan ahead, this shift can enhance computing security and application reliability and performance. But waiting until the last minute could leave you scrambling for costly equipment updates, missing an opportunity to turn a necessary change into a business boost.
IPv6 has been around and touted by the networking industry as "coming soon" for many years, yet there is no grand, worldwide launch date. Some parts of the world, notably Asia, and some Internet service providers (ISPs) and related companies, are leading others in the transition. Now, though, it's widely recognized that a day of reckoning is coming within the next couple of years as an increasingly critical IP address scarcity forces widespread changeover.
A variety of creative, if not always legitimate, fixes for limited address space already exist. Some large Internet carriers are beginning to "hide" a large network behind a small number of public IP addresses, using the Network Address Translation (NAT) scheme, as consumers and small businesses do. While this workaround provides Internet access for more devices, its complexity can hurt network performance. Other carriers, especially in developing countries, are conducting "black market" auctions of IP address blocks to desperate companies and carriers.
IPv4 formats Internet addresses in a quartet of numbers, such as 70.42.185.10. This is distinct from URLs, such as www.pcworld.com, that are converted to numeric IP addresses by a Domain Name System (DNS) server. A single URL may be tied to multiple IP addresses, or multiple URLs may point to a single address.
In 1998, the Internet Corporation for Assigned Names and Numbers (ICANN) ratified a new Internet Protocol, IPv6. It shifts to a 128-bit IP address space (each broken into hexadecimal groups), which means around 340 undecillion (340 times 10 to the 36th power) possible addresses, or billions of addresses for every living person. This expanded space is critical for the continued growth of the Internet.
IPv6-era routers and firewalls will provide greater protection against anonymous attacks, with much simpler and more reliable, secure connections for business computers moving financial and other sensitive data among servers and back offices.
Also, IPv6 will allow greater security and performance for business-critical applications, such as those that automate order placement and maintain customer billing and supplier relationships.
The greater control with IPv6 in how information is routed between computers could help small businesses and their ISPs to develop network performance and reliability that larger organizations and carriers now enjoy.
In addition, IPv6 will enable finer control of how rich media and critical applications perform on a network, and allow faster transactions over virtual private networks (VPN). IPv6 can boost VoIP or unified communications services because it improves quality of service (QoS), which allows certain types of network traffic, typically those sensitive to interruption, to get priority during heavy network use. A VoIP conversation or video Webcast on your network, for example, would get priority over a file transfer.
Building a checklist of every piece of network equipment and researching its IPv6 capability is a solid first step. Be especially vigilant when noting those systems with IPv6 "transition" capabilities versus those with full, built-in IPv6 compliance that you'll want for the long run.
If your small business uses the Internet mostly for e-mail and instant messaging, then making sure equipment is IPv6-compatible should suffice. If, on the other hand, your business has begun building cloud applications; has ties to supplier, partner, or customer applications over the Internet; or has relationships with large suppliers and customers--then planning now might prevent business-endangering Internet outages later.
In moving your business to IPv6, the major points of concern are your ISP; your network infrastructure; and the server, workstation, or device that is in the hands of the user. Issues at the ISP are important but largely out of your hands. When the ISP and network infrastructure are IPv6-capable, the workstations and servers will largely hop on board. Issues at the server, workstation, or device level are largely already dealt with by current Windows, Linux, and Mac operating systems, which can work with IPv6 addresses and networking. Windows 7, for example, includes IPv6 as a basic protocol that is set up and configured just as IPv4 is. It's the network infrastructure where most businesses will find the major issues.
If, within the last two years, your company purchased equipment for its network, including routers, switches, security devices, printers, photocopiers, or fax machines, it's very likely to be IPv6-capable. If the equipment is between two and five years old, it may have some IPv6 capabilities. If the gear is more than five years old, however, then its readiness is a crapshoot, and the switch to IPv6 is a strong reason to upgrade that equipment.
Unfortunately, there's no "IPv6-ready" sticker program in place for hardware. You'll have to check a product's administration program and look for IPv6 features, or ask each vendor about existing or upgraded IPv6 capabilities and, if necessary, begin to plan software or firmware updates.
Even if your infrastructure or ISP is not IPv6-capable, it may begin working with IPv6 addresses from workstations or servers using one of the IPv4-to-IPv6 transition protocols (including 6to4, Teredo, 6over4 and ISATAP) available on major operating systems. Each of these "dual-stack" protocols will, in one form or another, wrap IPv6 addresses within IPv4 packets; that's fine for a transition, but it's not a long-term solution because of security and stability concerns.
If you keep a piece of IPv4-only equipment, someday it won't be able to talk to the rest of the network because two different addressing schemes are at play--kind of like trying to use a telephone number to send a piece of paper mail.
You must check firewalls, intrusion prevention systems, DNS servers, and other security and service appliances for IPv6 compliance, as well. A firewall can easily blGoogle (ipv6.google.com) and YouTube (ipv6.youtube.com), for example, are available for new protocol searching and surfing now and make easy-to-remember test cases for IPv6 capability from your network.
While the transition will not be free or smooth for every company, the benefits of an IPv6 Internet outweigh the costs. Begin now, taking inventory, and then build a plan for the switch; that way, your company will be in position to take the next IP step without a major stumble.
The Internet promises unlimited connectivity, but such connectivity requires that computers and devices find one another through a common address plan. The current plan, in place since the late 1970s, is running out of open addresses, and a new scheme called IPv6 is being put in place to power the Internet's next stage of growth.
For small businesses that plan ahead, this shift can enhance computing security and application reliability and performance. But waiting until the last minute could leave you scrambling for costly equipment updates, missing an opportunity to turn a necessary change into a business boost.
IPv6 has been around and touted by the networking industry as "coming soon" for many years, yet there is no grand, worldwide launch date. Some parts of the world, notably Asia, and some Internet service providers (ISPs) and related companies, are leading others in the transition. Now, though, it's widely recognized that a day of reckoning is coming within the next couple of years as an increasingly critical IP address scarcity forces widespread changeover.
What Is IPv6?
In 1981, the only computers with Internet access were part of military or research organizations. In this 8-bit environment, the 32-bit address space offered by Internet Protocol version 4 (IPv4) seemed unlimited, allowing nearly 4 billion possible addresses (2 to the 32nd power) for connected devices. Fast-forward nearly 30 years and millions upon millions of Internet users later, and the end of available addresses is in sight. Once all the addresses are assigned, then, in theory, no new device can be attached to the Internet.A variety of creative, if not always legitimate, fixes for limited address space already exist. Some large Internet carriers are beginning to "hide" a large network behind a small number of public IP addresses, using the Network Address Translation (NAT) scheme, as consumers and small businesses do. While this workaround provides Internet access for more devices, its complexity can hurt network performance. Other carriers, especially in developing countries, are conducting "black market" auctions of IP address blocks to desperate companies and carriers.
IPv4 formats Internet addresses in a quartet of numbers, such as 70.42.185.10. This is distinct from URLs, such as www.pcworld.com, that are converted to numeric IP addresses by a Domain Name System (DNS) server. A single URL may be tied to multiple IP addresses, or multiple URLs may point to a single address.
In 1998, the Internet Corporation for Assigned Names and Numbers (ICANN) ratified a new Internet Protocol, IPv6. It shifts to a 128-bit IP address space (each broken into hexadecimal groups), which means around 340 undecillion (340 times 10 to the 36th power) possible addresses, or billions of addresses for every living person. This expanded space is critical for the continued growth of the Internet.
IPv6 Benefits
IPv6 benefits will include a level of security baked into the protocol. IPv4 was designed for an "age of innocence" with a small Internet population. IPv6 is for a bigger, more cynical age, so it carries capabilities for verifying addresses and known identities, and establishing trust between routers. It should become harder, for example, for criminals to use "address spoofing" attacks, where Websites or e-mail messages misrepresent where they come from.IPv6-era routers and firewalls will provide greater protection against anonymous attacks, with much simpler and more reliable, secure connections for business computers moving financial and other sensitive data among servers and back offices.
Also, IPv6 will allow greater security and performance for business-critical applications, such as those that automate order placement and maintain customer billing and supplier relationships.
The greater control with IPv6 in how information is routed between computers could help small businesses and their ISPs to develop network performance and reliability that larger organizations and carriers now enjoy.
In addition, IPv6 will enable finer control of how rich media and critical applications perform on a network, and allow faster transactions over virtual private networks (VPN). IPv6 can boost VoIP or unified communications services because it improves quality of service (QoS), which allows certain types of network traffic, typically those sensitive to interruption, to get priority during heavy network use. A VoIP conversation or video Webcast on your network, for example, would get priority over a file transfer.
First Steps
As with the lead-up to Y2K (remember that?), vendors and service providers will do most of the heavy lifting. ISPs will lead consumers, while large corporations will have teams dedicated to the change. A small business will have to ensure that all network equipment and software is ready, updated, and switched over at the same time when IPv6 comes. Planning ahead will help prevent interruptions to the critical connections that take place via the Internet. It will also allow you to buy equipment and services at negotiated, well-reasoned prices rather than on an emergency, cost-is-no-object basis.Building a checklist of every piece of network equipment and researching its IPv6 capability is a solid first step. Be especially vigilant when noting those systems with IPv6 "transition" capabilities versus those with full, built-in IPv6 compliance that you'll want for the long run.
If your small business uses the Internet mostly for e-mail and instant messaging, then making sure equipment is IPv6-compatible should suffice. If, on the other hand, your business has begun building cloud applications; has ties to supplier, partner, or customer applications over the Internet; or has relationships with large suppliers and customers--then planning now might prevent business-endangering Internet outages later.
In moving your business to IPv6, the major points of concern are your ISP; your network infrastructure; and the server, workstation, or device that is in the hands of the user. Issues at the ISP are important but largely out of your hands. When the ISP and network infrastructure are IPv6-capable, the workstations and servers will largely hop on board. Issues at the server, workstation, or device level are largely already dealt with by current Windows, Linux, and Mac operating systems, which can work with IPv6 addresses and networking. Windows 7, for example, includes IPv6 as a basic protocol that is set up and configured just as IPv4 is. It's the network infrastructure where most businesses will find the major issues.
Support an Internal IPv6 Infrastructure
As more carriers and ISPs begin offering IPv6 addresses and services, it will become easier to justify making the move to IPv6, and it is at this point that infrastructure issues will begin to loom large.If, within the last two years, your company purchased equipment for its network, including routers, switches, security devices, printers, photocopiers, or fax machines, it's very likely to be IPv6-capable. If the equipment is between two and five years old, it may have some IPv6 capabilities. If the gear is more than five years old, however, then its readiness is a crapshoot, and the switch to IPv6 is a strong reason to upgrade that equipment.
Unfortunately, there's no "IPv6-ready" sticker program in place for hardware. You'll have to check a product's administration program and look for IPv6 features, or ask each vendor about existing or upgraded IPv6 capabilities and, if necessary, begin to plan software or firmware updates.
Even if your infrastructure or ISP is not IPv6-capable, it may begin working with IPv6 addresses from workstations or servers using one of the IPv4-to-IPv6 transition protocols (including 6to4, Teredo, 6over4 and ISATAP) available on major operating systems. Each of these "dual-stack" protocols will, in one form or another, wrap IPv6 addresses within IPv4 packets; that's fine for a transition, but it's not a long-term solution because of security and stability concerns.
If you keep a piece of IPv4-only equipment, someday it won't be able to talk to the rest of the network because two different addressing schemes are at play--kind of like trying to use a telephone number to send a piece of paper mail.
You must check firewalls, intrusion prevention systems, DNS servers, and other security and service appliances for IPv6 compliance, as well. A firewall can easily blGoogle (ipv6.google.com) and YouTube (ipv6.youtube.com), for example, are available for new protocol searching and surfing now and make easy-to-remember test cases for IPv6 capability from your network.
While the transition will not be free or smooth for every company, the benefits of an IPv6 Internet outweigh the costs. Begin now, taking inventory, and then build a plan for the switch; that way, your company will be in position to take the next IP step without a major stumble.
No comments:
Post a Comment