Understand the different implementations of IPv6 and Verisign’s role.
IPv6 is the next generation Internet Protocol address standard intended to supplement and eventually replace, the IPv4 protocol most Internet services use to transact on the Internet today. The resources on this page can help you understand the different implementations of IPv6 and Verisign’s role.
From content providers to network backbone operators, enterprise decision makers across the Internet are grappling with the question of how to prepare themselves for IPv6. While multiple strategies have been employed to stretch IPv4 space as much as possible, the truth is that this space is finite and nearing its capacity.
Verisign has positioned itself ahead of the curve by incorporating IPv6 into the company’s infrastructure. We have already ensured that the Domain Name System (DNS) zones that are critical to the functioning of the Internet are IPv6-ready.
There are four approaches to movement towards native IPv6:
Deciding which strategy to employ will depend on a company’s priorities, but many enterprises, including Verisign, have selected the dual-stack approach. For Verisign, a dual-stack IPv6 implementation is defined as providing responses to requests over both IPv4 and IPv6 networks through the same device. Dual-stacking reduces the need for redundant equipment, is progressive and is a smaller footprint to monitor. Read about these strategic approaches and more in the white paper Transitioning to IPv6: Verisign’s Insights
Below are some answers to frequently asked questions about the IPv6 transition.
IPv6 is the next generation Internet Protocol address standard intended to supplement and eventually replace, the IPv4 protocol most Internet services use to transact on the Internet today. IPv6 preparedness is increasingly urgent as the Internet Assigned Numbers Authority (IANA) pool for available IPv4 addresses is already exhausted. With a 32-bit IPv4 address space, the number of total IP addresses is limited to approximately 4.3 billion, a number that seemed more than sufficient at the time that IPv4 was developed in the early 1980s. However, in a world with over a billion Internet users and literally billions of Internet-connected devices, the available IPv4 address space has proved to be insufficient. IPv6 solves this address scarcity problem by using 128-bit addressing, creating a massively larger number of addresses (the actual number is typically described as 2 to the 128th power - or '340 trillion trillion trillion' -- widely believed to be more than the Internet will need for decades). While the technical foundations of IPv6 are well established in the Internet standards development community, significant work remains to deploy and begin using IPv6 capabilities, continually refining interworking and transitional co-existence with IPv4 and providing a platform for continued growth and innovation on the Internet.
The growth and evolution of the Internet will be enhanced by IPv6; also, the security, stability and growth related to IPv6 will not compromise expectations users have of the Internet today. IPv6 aims to provide a more densely connected infrastructure with the ultimate goals of improving user confidence in the Internet.
IPv5 was an experimental streaming audio/video protocol named "Internet Streaming Protocol," that dates all the way back to 1979. It was created by a group of engineers to transmit video, audio and simulations over the Internet, but it never really took off. Regardless of its popularity, the protocol was given the designation IPv5 and as a result, the next-generation Internet protocol could not take the name and is thus called IPv6.
Gartner estimates the cost of completely transforming a typical enterprise's IT environment from IPv4 to IPv6 to be approximately six per cent of the enterprise's entire annual IT budget. The ongoing costs, once transformation has occurred, will amount to approximately one per cent of the IT budget in subsequent years, compared with the costs if the enterprise had continued with IPv4. The cost of simply establishing an IPv6 Internet presence is more modest, at approximately USD 500,000 for a typical Internet gateway point, with ongoing costs of around ten per cent of that amount.
Deploying IPv6 will create new vulnerabilities for network operators. For example, the Internet will have more translation devices that can attract distributed denial-of-service attacks or be single points of failure. Also, network operators will have less visibility into Internet traffic patterns, so it will be harder for them to find threats like botnets. According to Gartner, although IPv6's security capability as a protocol are comparable to those of IPv4, not only is IPv6 support in security products and services incomplete, but IPv6 security has not been "field proven." Testing has revealed vulnerabilities with IPv6 implementations (for example, the IPv6 stack in the Windows OS), which were not present in IPv4 implementations. As IPv6 is deployed more widely, implementations will come under attack that will almost certainly reveal more "zero-day" vulnerabilities. Therefore, in the short term, deploying applications using IPv6 represents a higher security risk than deploying them using IPv4.
According to Gartner, organisations needing many millions of new public IP addresses in the next 3-5 years will need to deploy IPv6. This group will include ISPs with growing customer bases, especially those in emerging markets, cable TV providers and mobile operators with growing populations of smartphones and voice over IP. Gartner recommends that all categories of organisations should aim to establish an IPv6 Internet presence. The timing for this will depend on the importance to the enterprise of reaching the growing number of IPv6 endpoints on the Internet. For most enterprises, this will not be later than 2014. Organisations with business models that are heavily dependent on reaching a broad Internet audience, especially in emerging markets and mobile users, should already have an established IPv6 Internet presence now.
Today, many networks, services and products are not IPv6 ready, so only IPv4 addresses can reach them. This excludes the currently small audience of IPv6 users from accessing those networks and websites. Network operators need to invest in new hardware and software that will enable IPv6 addresses to reach their networks and websites, but these upgrades take time and have significant costs, so many are taking a wait-and-see approach before implementing these upgrades. As the pool of allocated IPv4 addresses gets smaller and IPv6 traffic continues to grow, there will be more urgency to implement infrastructure upgrades to IPv6 to mitigate potential customer service and revenue loss issues that may arise by excluding IPv6 users.
Many devices built in the last five years have support for both IPv4 and IPv6 and will probably not be impacted in the dual-stacked v4/v6 environment that will likely evolve as more and more network operators begin implementing support for IPv6 alongside their v4 infrastructure. However, as wide-scale adoption of IPv6 takes off, users with older devices and hardware that only support IPv4 may not be able to reach certain destinations supported by IPv6-only networks.