Prepare and Check
Introducing IPv6 to your network can be an interesting challenge. There are many technological aspects to familiarise yourself with, work on and implement. But most of all, IPv6 requires a change in mentality, and this often requires time because it involves dealing with the foundations we have all been relying on for the past twenty or so years.
Before you start, there are a series of steps you can take to make this whole process easier. Of course, everything begins with education. Making sure that your team understands the technology is the first step, especially when it comes to changing mentalities. Human mistakes can always occur, but if you have a well-trained team, nothing is insurmountable. This also helps eliminate the need to appoint a “specialist”, which can be a single point of failure, and makes your team resilient when problems arise in the network, regardless of their nature or which protocol they involve.
Another important step is to check the hardware and its available features. Of course, you want your network devices, such as routers and firewalls, to have the same features and to work exactly the same way as in IPv4, all without sacrificing performance. You can start by looking at the specific features implemented in your network and reading RIPE Document ripe-554, "Requirements for IPv6 in ICT Equipment", which can help you build a request for a quote from your current hardware manufacturer. Many early implementers found themselves using hardware that was “IPv6 certified”, just to discover that only half of the features, or even fewer, were actually implemented. The recommendation is to prepare a testing laboratory to try all the features before deploying them in the production environment, and also to give engineers a way to get familiar with the protocol.
IPv6 involves a much larger address space, so there’s the need to manage that space efficiently and in a scalable way. This is why we suggest working on an addressing plan from the very beginning. An addressing plan offers a way to deploy an efficient network that will eliminate the need for modifications in the foreseeable future. The first choice to make is about how much space to assign to customers or End Users, together with the amount of space to use for your own infrastructure. This requires a mentality change in respect to the size of the address space to assign to users, which can range from a /64 to a /48, with a /56 being the preferred size for homes and small offices and a /48 for businesses. You can find more information on addressing plans in that section [link to the addressing plans article]. Customers such as small to medium business will also have to develop an addressing plan, because handling a /48 and the massive amount of addresses and subnets involved is going to present some challenges at first.
You should ask your transit providers (or in general, the company or companies providing you with connectivity) to provide you with native IPv6. This is, obviously, an important milestone in the adoption of IPv6 – and one that should not be taken for granted. If this isn’t possible, there’s still a chance to use tunnels with organisations such as Hurricane Electric and SixXS, which even enable you to set up a BGP session with them to test IPv6 on the real Internet.
Last but not least, don’t forget about security. IPv6 changes the whole paradigm, because there is no NAT, and every device is exposed to the Internet without any form of inherent security. Moreover, with the “Internet of Things”, a lot of new devices will be connected to the Internet, such as light bulbs, thermostats and sensors, so there’s a whole new level of security to tackle.
When you feel confident about all the aforementioned aspects, and are ready to start, we suggest beginning with visible services like SMTP, WWW and DNS, then moving on to the core, and lastly the customers. This way, you can be sure that everything works before your customers start receiving IPv6 in their networks. You can, however, take intermediate steps and implement a transition mechanism. In fact, you could be forced to do so depending on how your network is configured, or because your hardware doesn’t support IPv6. There are many transition mechanisms to choose from, so depending on how your infrastructure is configured, you can focus on the one that best suits you. You can find a description of the most common transition mechanisms in that section.