Advice for migrating to IPv6 in an ISP environment

By Mansour Ganji - Senior Network Engineer

Vodafone New Zealand IPv6 Case Study

Migrating to IPv6 will make you ready for the next stage of the Internet. I was the principal network design engineer and member of the project team for deploying native IPv6 for all residential home users at Vodafone New Zealand two years ago. As an outcome of that project, IPv6 has been deployed for about 80% of residential home Internet users now. I believe adopting IPv6 is inevitable, and as an international technology company we were committed to providing our users with the latest technologies.

The graph below from APNIC Labs shows Vodafone’s IPv6 deployment rate and compares that with the rate of IPv6 adoption at the country level.

Adopting IPv6 is just like learning a new language. It’s not a matter of removing a word and replacing it with another. There are new structures to be learned and different ways of doing things to be tried. There are also changes to be made on mindsets of people who are directly using IPv6 or are engaged in delivering it. There are some concepts which are ingrained in IPv4 networks and are completely out of context in IPv6 realm. NATing for example is not a best practice in IPv6 networks. Every device will have a publicly routable IPv6 address. Fragmentation and re-assembly and also ARP are other examples that do not apply to IPv6. Once these differences are understood, replacing one protocol with the other is going to be much easier.

Migration Strategy

First, and maybe the most important step in deploying IPv6, is deciding on a migration strategy.There are multiple options that an ISP can choose based on their specific setup, number of users, IPv4 address space usage, etc. We decided to implement IPv6 in parallel to IPv4 in a dual-stack topology.

The next step for us was to decide how to allocate IPv6 addresses to end users. We needed to determine how big of a block would be allocated to each subscriber and how to break that down into individual /64 addresses to be used by internal devices.

Next, and another one of the most important steps, was a thorough testing of IPv6 with all the access technologies that we had for our subscribers. Here we faced multiple challenges which were specific to certain kinds of access setups.

And finally, the last step was deploying IPv6 in different network building blocks like international gateways, DNS, access and core platforms.

IPv6 and transparent caching

One specific lesson we learned during our IPv6 project is related to transparent caching. Caching is being used by many service providers and even enterprises to provide better experience for end users by caching the content closer to the user. Transparent caching is where this process is transparent from the users’ perspective. The user requests a piece content from Internet and the content is served by caching platforms, but the source and destination addresses are spoofed, so the user receives the content with the source IP address of the content on the public internet but doesn’t see cache involvement in delivering it.This can cause issues when using IPv6, because, in an IPv6 world, source and destination of a packet stream should be reachable using ICMP, so that when a device cannot forward the IPv6 packet it notifies the sender to send smaller packets. But with packets now using spoofed addresses, the ICMP messages won’t be able to reach the right device; and as a result it may break connections.  One workaround to the problem could be reducing the MTU of the minimum allowed by the IPv6 standard which is 1280 bytes. But in our case, we decided to keep the dynamic path MTU discovery and instead, bypass the caching platforms for all IPv6.

My Advice for You

When you first get started, try setting strategies on how to start allocating IPs. Without that, IPv6 allocations soon can lead into a messy situation which would be very hard to manage. Also, use IP address management platforms as far as you can. Managing IPv6 manually or using spreadsheets is not practical. You will want to pay special attention to DNS. With IPv6 in place everything should have a DNS record. You can’t expect people to remember the IPv6 string. Lastly, having ICMP allowed anywhere is very important. Otherwise, the path MTU discovery will not work, which leads to poor performance or even breaking the communication.

The best advice I can give you is to start deploying IPv6 right now. There’s no better time to start the process. Do not buy equipment that doesn’t support IPv6 anymore. In 2018 every piece of equipment must have IPv6 support. I recommend that you grow the IPv6 culture inside your organization by challenging everyone to know at least as much about IPv6 as they know about IPv4. Teach people fun ways to experiment with IPv6, and this will encourage them to keep using it.

POST WRITTEN BY:

Mansour Ganji

Senior Network Engineer
I’ve been working as a network engineer for about 14 years. Most of my experience has been in telecommunications and service provider environments. I’m currently working in Toronto Canada for Next Dimension Inc and have been in this position for more than a year now. Prior to that I’ve been with Vodafone at different roles like Senior Engineer, Principal Designer and Network Design Team Leader where we provided Internet and Connectivity to residential, enterprises and mobile users.
Any views, positions, statements or opinions of a guest blog post are those of the author alone and do not represent those of ARIN. ARIN does not guarantee the accuracy, completeness or validity of any claims or statements, nor shall ARIN be liable for any representations, omissions or errors contained in a guest blog post.