With the number of IPv4 addresses almost completely depleted, the implementation of IPv6 has become a priority for many organizations. However, it is not all that feasible to just switch everything over to IPv6 without some type of transition. This article takes a look at the methods that can be used to transition to IPv6 from IPv4.
IPv6 Transition Methods
There are a couple of main methods that can be used when transitioning a network from IPv4 to IPv6; these include:
- Dual Stack - Running both IPv4 and IPv6 on the same devices
- Tunneling - Transporting IPv6 traffic through an IPv4 network transparently
- Translation – Converting IPv6traffic to IPv4 traffic for transport and vice versa.
The simplest approach when transitioning to IPv6 is to run IPv6 on all of the devices that are currently running IPv4. If this is something that is possible within the organizational network, it is very easy to implement. However, for many organizations, IPv6 is not supported on all of the IPv4 devices; in these situations other methods must be considered.
Most people with some networking knowledge are familiar with the concept of tunneling; a given packet is encapsulated into a wrapper than enables its transport from a source to destination transparently where it is decapsulated and retransmitted. There are a number of different tunneling methods that exist for IPv6, many that are integrated as part of Cisco and other manufactures certification tests. The following list shows the different available tunneling methods:
- Manual IPv6 Tunnels – A manually created IPv6 tunnel is configured between two routers that each must support both IPv4 and IPv6. Incoming traffic that is destined for networks on the other side of the tunnel is encapsulated on the source router and tunneled through IPv4.
- Generic Routing Encapsulation (GRE) IPv6 tunnels – GRE is a protocol that was developed by Cisco and for the purposes of IPv6 tunneling operates and is configured very much the same as manual tunnels. GRE itself is able to be used to tunnel over a diverse number of network layer protocols other than IPv4. When dealing with IPv6, a GRE tunnel can be used to tunnel IPv6 over IPv4 or IPv4 over IPv6. As with manual tunnels, when configuring GRE tunnels both the source and destination must be manually configured and each must support both IPv4 and IPv6.
- 6to4 Tunnels – As the name suggest a 6to4 tunnel allows IPv6 to be tunneled via IPv4. Unlike the previously discussed tunneling methods, the 6to4 method is automatically set up using the 2002::/16 IPv6 address space. The IPv4 address for the edge routers is embedded in an IPv6 address that is created.
- IPv6 rapid deployment (6rd) – The 6rd method was derived from the 6to4 method but allows the implementer to use the IPv6 block that was assigned to it.
- IPv4 Compatible Tunnels – The IPv4 Compatible tunneling method is very similar to 6to4 tunneling; both provide a mechanism to tunnel IPv6 over IPv4. The major difference is how the IPv4 address is embedded inside the IPv6 address that is used by the edge device. IPv4 Compatible tunnels have been depreciated but are still covered in some certification exams (including the current Cisco ROUTE exam).
- Intra-Site Automatic Tunnel Addressing Protocol (ISATAP) Tunnels – Again, like the other tunneling mechanisms, the ISATAP method transport IPv6 traffic over IPv4; unlike other methods the ISATAP method is intended for use inside a site and not between two dual stacked edge devices. Communications between IPv6 hosts is handled through a central IPv6 capable device.
Unlike the above discussed tunneling methods, a translation method provides a way to translate IPv6 to IPv4 traffic and vice versa. When using translation, the traffic is not encapsulated but is converted to the destination type (be that IPv4 or IPv6). There are two methods that are typically used with translated IPv6 networks; these include:
- Network Address Translation—Protocol Translation (NAT-PT) – The NAT-PT method enables the ability to either statically or dynamically configure a translation of a IPv4 network address into an IPv6 network address and vice versa. For those familiar with more typically NAT implementations, the operation is very similar but includes a protocol translation function. NAT-PT also ties in an Application Layer Gateway (ALG) functionality that converts Domain Name System (DNS) mappings between protocols.
- NAT64 – One of the main limitations to NAT-PT was that it tied in ALG functionality; this was considered a hindrance to deployment. With NAT64 also came DNS64, both of which are configured and implemented separately; when these were defined and accepted the use of NAT-PT was depreciated. NAT64 offers both a stateless and stateful option when deploying, the later that keeps track of bindings and enables 1-to-N functionality.
One of the most important parts of implementing IPv6 is being able to gracefully transition from IPv4. This in itself is a giant undertaking and cannot simply happen in a short amount of time. The methods discussed in this article can each be used as options when beginning an IPv6 deployment and should each be looked over for applicability depending on the specific requirements of an organization. Hopefully the information contained within this article will provide the reader a starting point to this process.