Edge routers for IPv6 migration

Organizations today are too dependent on the Internet to experience any downtime when upgrading from IPv4 to IPv6.

But help is on the way.

The Internet Engineering Task Force (IETF) has defined several technologies that, when combined, can make the transition from IPv4 to IPv6 virtually seamless, while adding value and extending the capabilities of edge routers.

An edge router connects the "last feet" between a device and its connection to the Internet. It is the box that takes your Internet connection and makes it available to your systems connected on a LAN.

Many of today's edge routers include network address translation (NAT), which lets users conserve IP addresses. NAT substitutes a LAN system's TCP/IP address with that of the NAT router, making it appear as though there is only one system connected.

Despite saving space, however, NAT isn't trouble-free. With NAT, external users "see" your entire subnet as one computer, and this causes inherent problems.

For example, it makes it impractical to host multiple Web servers, each of which needs its own IP address. Multimedia and interactive Internet activities are also hard, sometimes impossible, to set up through a NAT router. And you can't nest NAT devices to create multiple subnetworks.

NAT, as generally deployed today, also limits the extensibility of VPNs; limits encryption and security; and, most importantly, does not play nicely at all in IPv6-based networks.

Since there is a massive installed base of IPv4-based hardware and software, the transition to IPv6 will only be possible if it is made simple. The IETF has published a series of documents that define a transitional edge router.

These specifications are:

6to4 (Connection of IPv6 Domains via IPv4 Clouds, RFC 3056) defines a methodology for encapsulating IPv6 packets for seamless transition over IPv4 backbones.

Building transitions

When you combine these documents with a little architectural glue, you get an environment that lets existing v4 systems communicate on a v6 backbone. An edge router with this complement of software would provide a very reasonable transition for exiting v4 clients.

If you add v4 IP Security (for VPN tunnels); a configurable, per-protocol firewall; an IPv6 router; autoconfiguration; multimedia services; and a Web-based interface to manage it all, you'll get an edge router that eliminates the shortcomings of today's NAT, plus a seamless way to migrate to the upcoming IPv6 Internet backbone. And you can eliminate many of today's networking headaches.

Benefits

For example, administrators can choose to hide or expose network elements such as Web servers and databases to general Internet users, regardless of their physical location. IP addresses can be duplicated on separate subnetworks, alleviating the need to manage IP addresses in a VPN. Users can have simultaneous access to the Internet and private VPN resources automatically.

Service providers can deliver access-point devices that provide scalable services to home users. They can also configure devices and services remotely from the head end, without rolling trucks.

End users would have seamless multi-media communications, and when the Internet transitions to IPv6, there would be no change required to the devices behind the edge router.

Finally, as IPv6 deploys to end nodes, no changes would be required at the edge routers.

---

Back to top

Preston is vice president and general manager of InterNetShare in Sunnyvale, Calif. He can be reached at davidpreston@internetshare.com.

IPv6 Primer
Check out our new primer page complete with overviews, resource sites, forums and a brand new 8 min audio primer.