Lately we’ve been sharing with you the results of our recent IPv6 survey. First we took a look at why you decided to deploy IPv6 and who was involved. Next we examined some of the benefits of IPv6 and overcoming the challenges to IPv6 adoption. Then we reviewed some of the advice you said you’d give to others in the early stage of their IPv6 journey, and now we’re going to look at even more advice you’d give to your peers just getting ready to deploy IPv6 for themselves.
- Don’t plan IPv6 the same way you did IPv4. Take a step back and figure out how you would deploy the network if you had absolutely unlimited IPs
- Think through your addressing scheme carefully. Make sure it is scalable and well understood by administrators
- Scrub your technical research to eliminate outdated information. Do not assume the most popular search engine hit is the most recent way IPv6 is done
- Configure your networks in stages out to the customer/business
- Carefully consider how you will deploy IPv6 in the last mile (firewalls, DNS, DHCP, etc.)
- Plan your address space properly and logically in order to keep the routing table small
- Get your own address space and ASN so you can be provider independent
- Dual-stack is a mid-point, not an end state: plan all the way through IPv6-only (or at least, IPv6-only with translation at the edges). Put a good project manager on it
- Budget the funds to upgrade equipment if it doesn’t already support IPv6, don’t buy any new hardware without IPv6 support
- Stick with it and fix issues as they come up. Don’t just disable IPv6 because that happens to be a quick fix for an issue
- Make sure all devices are able to do dual-stack. Determine if you plan on using DHCPv6 or self-assigned. Go to as much training as possibly you can!
- Research your vendors and stress the importance of IPv6 integration into their products and services
- Find a good ISP with support for IPv6, write it in to vendor contracts
As you get going
- If it has an IPv4 address, give it an IPv6 address as well. It will save you time and money in the future.
- The network side of things isn’t that difficult if you have the right infrastructure. Providing key services such as DNS isn’t a problem either. Mail and web services work fine on dual stack systems but if you can separate them it makes finding inter-dependencies easier
- Watch closely for errors, and make sure you have a rollback plan. Your address plan will need to be rewritten at least once. Accept it, and start with plan A
- If you’re an ISP, learn how to do dhcpv6 prefix delegation
- For mobile IPv6 only+CLAT+PLAT, disable dns64
- Stop trying to NAT IPv6. Static routes are your friend
- Go for it! It is not that hard. You have to deal with it one way or the other because IPv6 is on your network. It comes enabled by default on most modern OSes. A planned deployment is not only more manageable, but access lists and firewall configurations (to prevent inside spoofing) are taken care of as well
Thanks to all of you who took the time to respond to our IPv6 deployment survey and share your thoughts and experiences with us. We enjoyed hearing more about where you are on your IPv6 journey, and we’ll be incorporating your feedback into our outreach efforts as we work toward the goal of increasing IPv6 uptake among all organizations that rely on the Internet for their business needs.