Building the Enterprise Case for IPv6-Only
At some point in your IPv6 journey you start to talk with other adopters and discovery some shared truths. There are many, but you will find that one of them is that dual-stack has its challenges. You will hear myself and others say at conferences, technical talks and in blog posts and articles that dual-stack is the practical way forward for IPv6 adoption. And it’s a fact-of-life for many if not most enterprises that dual-stack is the only manageable path forward given the IT culture of IPv4 and resistance to rapid change.
Still, many organizations will face challenges as they move forward with dual-stack. So let’s talk about those to have full transparency.
To be honest, I haven’t done the comparison calculations of costs and impact versus moving to IPv6-only (as there are so few shops who have moved that direction it is hard to get good data) but I can imagine the effort and costs aren’t that much different. So why do we tell everyone to go for dual-stack? I suppose it is a pragmatic answer. People already know IPv4 and telling them to walk away completely is a very difficult idea to introduce without inspiring some sort of wild eye look for terror from those in the room.
Let’s walk through the challenges and determine if we can keep the problems to a minimum.
If we stick to technical details, then the following items will be problematic for dual-stack:
- Consuming 2 to 4 times as many resources on networking equipment depending on how IPv6 is implemented
- Potential high to complete CPU consumption for poorly implemented IPv6 solutions
- Reducing by 2 to 4 times memory space in networking equipment if no upgrade is done prior to implementing IPv6
- Potentially increasing your logging data storage requirements by 1.5 to 2 times for logging stateful translation requirements
- Doubling the firewall rules you will have to maintain
- Doubling the logging rules you will have to maintain
- Refactoring all your scripts and regular expressions to match network address prefixes and blocks you maintain
- Subscribing to unique geo-location services if your current service has poor IPv6 data
- Between 1.5 to 2 times as many DNS queries (in aggregate) on the network
- Between 2 to 3 times as many TCP session requests related to web traffic, both http and https which are the most common
It can be argued that many of these are onetime costs and not recurring burdens of doing dual-stack. Also, even if you were to adopt IPv6-only you would have to do much of this technical work regardless.
If we talk around the human capital investment the following will be problematic over time:
- The number of helpdesk tickets where a root cause or weird behavior will grow with likely no resolution except to say it fixed itself or went away
- The training for helpdesk staff to understand the nuance of troubleshooting dual-stack will be substantial and likely ongoing
- The shift in tools will require retraining and potentially modifications by your operations team to accommodate your dual-stack needs
- Articulating the business value and advantages of dual-stack will become harder over time (twice the work for the same outcome)
- Technical debt incurred with IPv4 design will continue into a dual-stack design and will require people to fix or address it (now or later)
- Engineering, developers, QA and other technical staff will have to increase their knowledge, testing and development skills around dual-stack specific problems and behaviors (like Happy Eyeballs)
- Teams that are not technical will suddenly have to understand more how dual-stack might impact their partnering solutions or SaaS applications they use
- Teams in different geography and availability of IPv6 might have to work through understanding if they are in a part of the organization that has or does not have dual-stack available
- Executive and management teams will be unsympathetic to dual-stack related problems if they impact business systems – things should just work
- Financial costs over time of supporting dual-stack will likely not make it past a 2 to 3-year time horizon making maintenance and operation difficult
As you can see, dual-stack while still the most feasible option for many if not most enterprises, isn’t without its challenges. The reality for most organizations will be, the faster they can get to a single protocol the easier their life becomes. This means that adopting IPv6 is only part of the solution. Moving to IPv6-only is actually a practical goal to help you save resources, time and reduce problems. It sounds strange but IPv6-only really does solve these core problems with dual-stack.
Different segments of the market are taking a different approach to this. Mobile wireless providers have gone all in with IPv6 and simply provide scalable translation services if needed for IPv4. Content providers realize they need to provide access for both protocols and cannot escape dual-stack. Home consumer will be migrated to IPv6 over time for the simple reason their primary providers don’t have enough IPv4 to hand out (same as the mobile wireless providers). But for enterprise, the burden that either dual-stack or IPv6-only imposes seems too high at this point and therefore adoption is poor. I don’t see this mentality changing anytime soon unfortunately. I do understand why so many are unwilling to add IPv6 but I hope that enterprise they understand that the market is moving to IPv6 with or without them. That being said, I believe there will be some motivators for adoption of IPv6 and potentially consideration for IPv6-only. I will leave that to another article.
The message here is to plan carefully and try and capture all the costs and impacts that dual-stack may have on your organization then consider if there is a path directly to IPv6-only. In any case, having a more complete picture will help you plan, budget, and articulate why IPv6-only might be the right path for your company.
You can find me on twitter as @ehorley and remember…
IPv6 is the future and the future is now!