Forgot your password?
typodupeerror
Networking Technology

Most Enterprises Plan To Be On IPv6 By 2013 167

Posted by samzenpus
from the get-on-the-wagon dept.
Julie188 writes "More than 70% of IT departments plan to upgrade their websites to support IPv6 within the next 24 months, according to a recent survey of more than 200 IT professionals conducted by Network World. Plus, 65% say they will have IPv6 running on their internal networks by then, too. One survey respondent, John Mann, a network architect at Monash University in Melbourne, Australia, said his organization has been making steady IPv6 progress since 2008. 'Mostly IPv6 has just worked,' he said. 'The biggest problem is maintaining forward progress with IPv6 while it is still possible to take the easy option and fall back to IPv4.'"
This discussion has been archived. No new comments can be posted.

Most Enterprises Plan To Be On IPv6 By 2013

Comments Filter:
  • by ravenspear (756059) on Wednesday July 27, 2011 @09:59PM (#36903548)

    If it were up to the IT professionals, more businesses would already be on it.

    They should have surveyed CFOs to see what percentage of businesses will budget anything for an IPv6 transition in the next 24 months.

    I'm an IT professional, but I'm not currently authorized to work on a transition of our network because I have a long list of things that was deemed more important by management.

    • indeed
    • by Kenja (541830) on Wednesday July 27, 2011 @10:02PM (#36903570)
      100% of CFOs said "What? Who are you? How did you get into my office?"
    • by gman003 (1693318) on Wednesday July 27, 2011 @10:42PM (#36903778)

      Sure, IT pros are probably more likely to want IPv6. But most of the survey questions were action ones - what have you done about IPv6? When a quarter say they've already started rolling out internal IPv6, and 13% more say they're done, that says a lot. The numbers are similar for web servers with public IPv6 - 20% have started, 13% are already done. It would appear that this is a technical problem that can be explained to the bosses easily: "I'm sorry, but the Internet is full. We need to upgrade to the new Internet if we want to add more stuff. We'll still work with the old Internet, so we won't lose customers, and we're only going to need to replace ___, ___ and maybe ___."

      • by game kid (805301)

        It would appear that this is a technical problem that can be explained to the bosses easily: "I'm sorry, but the Internet is full. We need to upgrade to the new Internet if we want to add more stuff. We'll still work with the old Internet, so we won't lose customers, and we're only going to need to replace ___, ___ and maybe ___."

        Boss: "The Internet is full!? Didn't we just buy a whole pack of 2Thz hard drives???"

        IT guy: "No, we just need to upgrade to IPv6 or we'll lose connections and Google hits. --and

    • by luizd (716122)
      Individual coherence makes collective incoherence.

      It is logical to not migrate as it costs and nobody uses it yet (but me). It does not add a think to your service, except if your end-user is a technical one (that for some reason, want IPv6). However, the logical "not migrate" movement creates a great incoherence when it introduces extra costs in order to overcome the lack of IPv4 when bad times comes. At that time, CFO will start to worry when the cost of IPv4 get skyrocketed.

      So, if you migrate now
      • by jm493 (532871)
        From now on, make sure every new bit of hardware/software you buy has IPv4 IPv6 feature parity. Won't cost you much if any extra. In 1 year, 25% of your gear will be IPv6-capable. In 2 years 50% etc. If you don't do that, in 2 years when you suddenly do need IPv6, there will be HUGE costs doing forklift replacement and re-testing of IPv4-only stuff you bought recently.
        The other thing is that IPv6 deployment takes time. You don't get to see the 2nd problem until you have found and fixed the first prob
        • by hairyfeet (841228)

          While that might be true in the corporate world in the consumer world it is the opposite. Take a look at Newegg, Tigerdirect, etc and what do you see? Nothing but IPV4 routers as far as the eye can see. Frankly the ONLY IPV6 router I've seen is the overpriced Apple one that is frankly overkill for 99% of the average home with features they'll never use!

          What I want to know is why the government hasn't put a big screeching halt to this "designed for the dump" eWaste being shipped in. We did it with TVs, makin

          • by gmack (197796)

            A lot of the manufacturers are sitting on IPv6 enabled firmware until the ISPs get farther along. I know Telefonica (Spain) is planning to remote reflash all of their customer side DSL modems with IPv6 capable firmware during their IPv6 rollout planned for later this year.

    • I'm an IT professional to and a consultant for an MSP.

      We're not looking forward to IPv6 for a number of reason.
      1. Very few products that support it.
      2. The layer switches, routers, and broadband modems that do are only 1st generation.
      3. Lack of IPv6 only infrastructure makes reliable VPN access next to impossible.
      4. Lack to support knowledge of IPv6 for many in-house IT departments. Admins included. This makes troubleshooting more difficult for lvl1 and some lvl2 support staff.

      What will happen in the future

      • by Bert64 (520050)

        1, Any web based applications support it by default if the webserver does (which all common ones do), you can still do dual stack internally for legacy cruft... i certainly wouldnt deploy anything new that didnt support ipv6, how much legacy cruft do you have which requires ipx/spx or appletalk?

        2, Routing hardware has been supporting ipv6 for a LONG time... Cisco introduced support for it in 2001 - 10 years ago, i would hardly call the current hardware "1st generation". Windows also gained production suppor

        • by sosume (680416)

          They should just have added an extra octet to IPv4. IPv6 is overly complicated, who wants to remember the internal IPv6 address range? sure, let's ping ::::::3e:1f:00:7a - oh wait, I have one colon too many.

          • They should just have added an extra octet to IPv4. IPv6 is overly complicated, who wants to remember the internal IPv6 address range? sure, let's ping ::::::3e:1f:00:7a - oh wait, I have one colon too many.

            Sadly, this does bring up a very valid point. A lot of 'peripheral' network equipment tends to get addressed by address directly (more out of habit and laziness on the IT admin part than anything, but one shouldn't underestimate that!). I work as a software developer in the MFP (think: networked office printer/scanner/fax/copier devices) industry. By customer request, all the software I create tends to show your list of devices by IP address first. Of course, both my software and the devices it works wi

            • by bbn (172659)

              There is nothing wrong with assigning your printer an address such as fd00::5. That is not too hard to remember is it?

            • They're too hard to remember as the parent points out.

              Really that all depends on how the particular address is assigned. Stateless autoconfiguration tends to lead to horrible addresses but you don't have to use it.

              Note that if your address has a large block of consecutive zeros you can replace them with a block of colons.

              IMO the two biggest problems with IPV6 are

              1: the transistion mechanisms were tacked on after the fact rather than being a core part of the spec.
              2: the only transition mechanism that works behind NAT does so by fighting the NAT rather than work

            • They should just have added an extra octet to IPv4. IPv6 is overly complicated, who wants to remember the internal IPv6 address range? sure, let's ping ::::::3e:1f:00:7a - oh wait, I have one colon too many.

              Sadly, this does bring up a very valid point. A lot of 'peripheral' network equipment tends to get addressed by address directly (more out of habit and laziness on the IT admin part than anything, but one shouldn't underestimate that!). I work as a software developer in the MFP (think: networked office printer/scanner/fax/copier devices) industry. By customer request, all the software I create tends to show your list of devices by IP address first. Of course, both my software and the devices it works with fully support both DNS and IPv6, so typing a hostname or IPv6 address will work, but if the customers don't set the devices up to USE these functions, we can't exactly force them.

              Of course, the 'local network' world can probably stick to IPv4 for a fair bit longer (or theoretically indefinitely) while the connections out then make use of IPv6; however as more people hear buzzwords like 'cloud', more and more previously 'internal' things are going to start having connections to the outside and there's a big potential for mess.

              Now, why don't people just happily type in IPv6 addresses? They're too hard to remember as the parent points out. Well, why don't they use DNS? Because doing so requires a DNS server (fine in bigger offices, but a bit overkill for a 10 person shop with only a couple of devices)

              Adding octets to the IPv4 format as the parent suggests would've been a much 'easier' transition for most people. Sure there's a lot that would need to have been considered, but it's probably not dissimilar to the amount required for consideration with the current IPv6 way of doing things.

              And yes, I'm aware one could theoretically write a complete IPv6 address with dotted quad style notation, but if no-one else does and the majority of software didn't support it, then doing so would be a bit dumb.

              And lots of software (for originally-valid reasons) wants IP addresses, and only aliases them internally to different host names. DNS cannot be relied-on. /etc/hosts *may* not be reliable. But if you have an IP address and can't hit it, you *KNOW* you have a networking/routing issue.

          • by growse (928427)
            You appear to fail to understand networking, IPv6, IPv4, routing and the scale of the problem that IPv6 is solving.
          • by bbn (172659)

            They should just have added an extra octet to IPv4. IPv6 is overly complicated, who wants to remember the internal IPv6 address range? sure, let's ping ::::::3e:1f:00:7a - oh wait, I have one colon too many.

            No you have several colons too many. Let me remove some of them for you and that address can in fact be pinged:

            baldur@pkunk:~$ ping6 -c1 ::3e:1f:00:7a
            PING ::3e:1f:00:7a(::3e:1f:0:7a) 56 data bytes

            --- ::3e:1f:00:7a ping statistics ---
            1 packets transmitted, 0 received, 100% packet loss, time 0ms

            Maybe go learn a bit about the subject before complaining?

        • by tlhIngan (30335)

          2, Routing hardware has been supporting ipv6 for a LONG time... Cisco introduced support for it in 2001 - 10 years ago, i would hardly call the current hardware "1st generation". Windows also gained production support in 2001 (XP), and other systems had it around the same time or earlier.

          I was mucking around with L3 switches because I needed to test IPv6 routing with some software I wrote (part of the network stack - I needed to make sure traceroutev6 and pingv6 worked). The first switch I got said it had s

          • Without question, you want to continue using a firewall even with IPv6. It's really about protecting client machines and servers against any exploits in the wild.

            Say you've got hundreds of Windows boxes behind a network. Now lets say they're all communicating over IPv6 and your network is the target of DOS exploit, injection, whatever. Worse yet, you're unsure how many and who's machines have already been patched with the latest security updates the previous morning. With a managed firewall capable of deep-

      • by iserlohn (49556)

        As a CCIE, I can assure you that IPv6 is well supported on all network products, many security products, and all server platforms for 5-10 years now. The problem is the people making decisions in the enterprise. There is no hope if you look that way, cause the people that end up in those positions usually in the past have shoulders that look like Mount Everest - the risk aversion is unbelievable, even when they have to live with mediocre and often breaking solutions, they still find it easier just to patch

      • by ckaminski (82854)
        Are you serious? Cisco and others have supported ipv6 in their routers for YEARS - since Cisco iOS 10.0 at the least.
  • Who did they ask? (Score:3, Interesting)

    by bobstreo (1320787) on Wednesday July 27, 2011 @10:17PM (#36903640)

    2013? Seriously?

    Who would be going to these sites?

    I'm guessing about .1% of ISP's will be able to support native V6 by then...

    Or maybe when they were asked respondents thought they were answering something about a new version
    of Intellectual Property.

    • I'm guessing about 99% of ISP's will be able to support it considering the government requires it. There aren't too many successful ISP's in the US of any size that don't do significant business with the government.
      • by jroysdon (201893)

        Doesn't mean they upgrade/replace all their routers right now. They just upgrade their backbone and put in new routers for IPv6 support and move .gov customers over. Existing customers just stay on the old crud until they complain, and then use the same method - new routers for IPv6 customers. That's VZN & AT&T's present MO.

    • by arkenian (1560563)
      Gotta move the content first. The government should offer porn sites a gratis transition/upgrade if they'll go IPV6 only ;)
    • by PhreakOfTime (588141) on Thursday July 28, 2011 @02:11AM (#36904798) Homepage
      Since it was Network World, of the IT/Mac/PC World fame(infamy), I consider these results to be about as accurate as a 2yr old calculating the speed of light.
    • by mjwx (966435)

      2013? Seriously?

      Who would be going to these sites?

      I'm guessing about .1% of ISP's will be able to support native V6 by then...

      1% of US telco's perhaps. 3 out of the 4 of Australia's biggest Telco's are running or rolling out IPv6 in a dual stack configuration (IPv4 and IPv6 run concurrently).

      Willing to bet that Europe is the same and Asia is way ahead of us.

    • I'm guessing about .1% of ISP's will be able to support native V6 by then...

      We're use a little-known ISP named "Qwest". I asked about native IPv6 last week on a conference call, and the engineer replied, "oh, sure! When do you want to turn it up?" He needs to verify that all the equipment along our routes was ready to go before we make an appointment to go live, but they're actively rolling out IPv6 capability to their customers who want it.

  • by geekmux (1040042) on Wednesday July 27, 2011 @10:42PM (#36903772)

    "...Plus, 65% say they will have IPv6 running on their internal networks by then, too."

    OK, you almost had me at upgrading corporate web servers (comprising of usually only a handful of machines serving that purpose), but do you honestly expect me to believe that 65% of corporate IT budgets are suddenly and magically going to prioritize an IPv6 transition, as they sit comfortably behind their NAT-enabled firewalled environment, the same environment that will continue to work with zero change?

    Talk about going from zero to bullshit in 4.2 seconds. If corporations haven't been listening about the impending "doom" around IPv4 for the last decade, they sure as hell aren't going to start that suddenly now.

  • and what does IPV6 do for inside network any way let any on the web have a open IP to any printer / pc on the network? VS some kind of NAT like setup?

    Most inside networks are under some kind of port blocking / firewall system. Also what about all the old printers / hardware / apps / os's that can't do IP V6?

    • Old hardware aside, nothing is stopping you from using private IPv6 addresses inside your network as a pseudo-nat.
      • by jroysdon (201893)

        Many propose doing both. If you don't obtain PI IPv6 space from your RIR, I would highly suggest this. All internal-to-internal traffic should use your private IPv6 addresses, and the public IPv6 addresses are used just for accessing outside your networks. The advantage to this is that only your public facing services and routers have to be renumbered when you change ISPs. All your internal networking stays the same.

    • Why do you assume that you wouldn't have a firewall for your internal network, even if it's publicly-routable? People have a bad habit of conflating NAT and security...

      Every host on the Internet is "supposed" to be able to directly address every other host, but for firewalls of course. A flat address space simplifies things tremendously.

      Imagine if your network printer worked from Starbucks, because it was just one fixed address on the Internet. Or you could bookmark your TiVo's web interface without any por

      • by mikkelm (1000451)

        People don't have a bad habit of conflating NAT and security. NAT provides a basic, stateful firewall, and that most certainly /is/ security, incidental or not. IPv6 likely won't bring us all back to the happy days of full end-to-end connectivity, but rather popularise the stateful firewall sans the NAT in CPEs.

    • by smash (1351) on Thursday July 28, 2011 @01:05AM (#36904584) Homepage Journal

      If you're a business, it allows you to MERGE NETWORKS or talk between two discrete LANs in a far more convenient manner. If you've ever had to support the situation where say, you want to talk between a corp network running on 10.0.0.0/8 and another corp also using 10.0.0.0/8, you'll understand the brain damage that IPV4 NAT brings to the table.

      Ditto for home users trying to VPN into your network when they're using 10/8 or another one of the private networks on their LAN that you happen to have employed inside your LAN as well.

      IPV4 is broken and needs to die.

    • by tlhIngan (30335)

      NATv6 exists. As does NAT-PT (which actually does translation so IPv4-only can access IPv6-only and vice-versa).

      I don't see why we can't have NATv6 routers now - I like the fact that my internal network numbering doesn't change whenever my ISP decides to give me a new prefix. So I don't get end-to-end connectivity. I don't care - even if I did, I'd stick a firewall in front and it'll break end-to-end connectivity anyways.

      • NAT-PT was officially deprecated the last I looked (see: http://www.ietf.org/rfc/rfc4966.txt [ietf.org] ), but I would be interested in a list of products that support it as I have a few IPv4 clients that will NEVER see a native IPv6 stack written for them.
  • how many management tools / VPN don't do IPV6?

    • It probably won't matter. IPv4 is likely to coexist for a long while yetespecially on intranets. IPv6 gives access to places that are too new to have been able to get an IPv4 public address.

  • They have lot's networking stuff but no place to set IPV6 addresses.

  • if this is about internal websites, then it's a good effort, but who really cares.

    if this is about external websites, then again it's a good effort, but ...

    where's the upgrade plan/strategy for the people who will want to access these ipv6 websites?

    my isp has no plan/strategy how to upgrade to ipv6 afaik. and I am afraid to ask.

  • by Sycraft-fu (314770) on Wednesday July 27, 2011 @11:30PM (#36904054)

    There are a lot of devices out there that cannot handle IPv6. Not only is it not feasible to just tell everyone "Oh go replace it," not all of them are cheap things that get replaced often. Some are things that are around many a year.

    What we need is a good 4 to 6 NAT standard, and to try to get ISPs on board with that. You have the modem/bridge/router work all IPv6, but run an IPv4 DHCP server. Have it hand out addresses that aren't used, maybe in the experimental range since it won't even step on old IPv4 NAT with that, and reserve another section internally for its use. It then internally handles all the translation. An IPv4 device requests a site that request goes to the DNS server in the router, which goes out and gets the AAAA record. It then maps the IPv6 IP to one of its internal IPv4 IPs for the IPv4 devices. The IPv4 device has no idea what is going on, traffic works just as it always has.

    Until we get something like that going, there is going to be a large scale adoption problem. Nobody wants to go IPv6 only because doing so cuts off IPv4 sites. Nobody with IPv4 needs to go IPV6 since everything supports v4.

    A 4 to 6 NAT system would be a real boon for ISPs since it would alleviate address space concerns. Hell customers could have static IPv6 addresses no problem. Would be worth their while to do, as address space becomes more scarce, and nobody would mind because everything would just keep working.

    • by jroysdon (201893)

      Uhm, you've missed the "Enterprise" topic here. SOHO has it's own problems, sure. However, most major vendors have had router and firewall support for some time.

      • by kimvette (919543) on Thursday July 28, 2011 @01:06AM (#36904588) Homepage Journal

        What good is an enterprise system if SOHO customers can't reach their IPV6-hosted web sites?

        • by jroysdon (201893)

          Not everyone cares about SOHO users. No one is saying anyone should put up IPv6-only websites either. My point was that this article was about Enterprise plans for IPv6. Not ISPs, not SOHO users, not hosting.

          Enabling IPv6 now is going to allow other enterprises who enable IPv6 to connect to my enterprise employer natively, instead of going through NAT devices (be it 4to4 NAT, 6to4 NAT, or even 4to6 NAT).

          It will also allow my enterprise employer to connect natively over IPv6 to content provider services.

      • by acoustix (123925)

        Uhm, you've missed the "Enterprise" topic here. SOHO has it's own problems, sure. However, most major vendors have had router and firewall support for some time.

        While that is true I have several network printers that do not support IPv6 and I really don't want to replace them. As long as my print servers will take requests from IPv6 clients and push the print jobs to the printer using IPv4 I guess I won't have a problem.

    • More or less, ya. I expect to be running IPv4 and IPv6 in parallel for another 8 years at the very least. Back in my NT4 / Novell days, we had IPX/SPX running along side IPv4 for quite some time. If history is of any indication, this is just another cyclical repeat of that. Oh, and moving from 32bit to 64bit OS and app support has been other thorn in my side. Transitions always suck. Just part of the IT world we live in.

  • We're still missing two major components: Commercial IPv6 Web and Spam filters. Without that, I don't think you want to let your users lose on the IPv6 web or open up your MX to the new spammers.

    • by jroysdon (201893)

      s/lose/loose

      Anyway, you can deploy it for now on the low-hanging fruit:

      Get direct RIR allocation (don't wait around for your ISP). You'll be portable and never stuck to one ISP again (yeah, IPv6 makes renumbering easier, but it still isn't easy, and static addressing is not going to go way, get real).

      Tunnel and run BGP to HE with your edge routers and tell your ISPs your're shopping around for a better solution.

      Turn it up on your firewalls and most dns servers (leave at least one still ipv4-only in the cas

    • by kimvette (919543)

      All IPV6 needs for mass adoption is for a few pornographers to publish new content exxxclusively on IPV6.

    • There are appliances based on spamassassin and squid - both of which have handled ipv6 for at least a couple of years. Also a few seconds googling brings up a software solution from roaring penguin software that explicitly filters ipv6.
      • by jroysdon (201893)

        I've used sendmail + spamassassin and squid for years with IPv6 on a personal level. That's not the problem. The problem is the backend database support. While even Roaring Pengiun Software [roaringpenguin.com] supports IPv6, where do they get their database from? No major database/lookup service supports IPv6 yet. The same is true for Squid - where are you going to get your block lists and filters for IPv6 traffic when no one is selling it?

  • by 93 Escort Wagon (326346) on Thursday July 28, 2011 @12:47AM (#36904496)

    Most Enterprises Plan To Be On IPv6 By 2013

    Maybe I've just been unrealistic; but I assumed most of the NCC-1701 series, at least, were already running something more advanced than that.

    • by mjwx (966435)

      Most Enterprises Plan To Be On IPv6 By 2013

      Maybe I've just been unrealistic; but I assumed most of the NCC-1701 series, at least, were already running something more advanced than that.

      They couldn't even install fuses to stop the control panels from blowing out whenever the ship hit a little turbulence. They're probably still running a token ring.

  • by microbee (682094) on Thursday July 28, 2011 @01:42AM (#36904706)

    in two years.

    It's been the case since 10 years ago.

  • Slashdot are never going to do IPv6. Luckily we can have slashdot.org as IPv6 anyway using a public NAT64 server. I would link directly but slashcode does not have support for IPv6 literals in URLs (bug!). So here is a tinyurl to the IPv6 slashdot: http://tinyurl.com/3pwuq98 [tinyurl.com]

    By the way that URL should work for the majority of windows users. Your computer will automatically use a Teredo IPv6 tunnel to connect to it.

    The tinyurl is short for this: http ://[2001:778:0:ffff:64:0:d822:b52d]/ (but without the extra

  • "Most Enterprises Plan To Be On IPv6 By 2013"

    Yes, the Enterprise (NX-01) will stick with IPV4, but USS Enterprise (NCC-1701) and USS Enterprise (NCC-1701-D) will move on to IPv6.

  • Our product is going to require huge amounts of code churn to get IPV6 working. That's going to be ugly work on nasty legacy code...

Going the speed of light is bad for your age.

Working...