IPv6 Migration

  • The Altruism of IPv6

    Disclosure:  I am one of the world’s biggest fans of, and greatest advocates for, IPv6.  In the words of rapper 50 Cent, “I love it like a fat kid loves cake.”  Anyone I have ever been able to corner in a room knows this to be true.  That being said… I just finished reading [yet […]

  • ITdojo’s v6 Vertex #4: A Brief Explanation of IPv6 Address Types

    v6 Vertex – A Brief Explanation of IPv6 Address Types

    ITdojo’s v6 Vertex is an ever-expanding set of quick tips and useful advice for using IPv6 in your network.

    People who have been using IPv4 for some time know that there are three basic address types that are commonly discussed:  unicast, broadcast and multicast.

    When it comes to address types IPv6 offers us some of what we already know and then takes things a step further.  In this article I offer a quick, concise explanation of each IPv6 address type.

  • IPv6 Training on East Coast Oct. 8 – 11

    Coming up on October 8, 2013, we will be running our IPv6: Understanding, Analysis & Implementation training course here at our Virginia Beach facility. Let’s face it, the implementation of IPv6 is inevitable and will effect every enterprise network on the planet eventually. The protocol is already being deployed worldwide! IPv6 allows for increased address […]

  • Why Hasn’t Everyone Moved To IPv6?

    We spotted this interesting IPv6 article this morning written by Angus Kidman at Lifehacker and wanted to share it with you. Here’s an excerpt: “We’ve known for decades that the available pool of IPv4 address was eventually going to dry up, but despite numerous warnings usage of its successor IPv6 is still minimal. Why haven’t […]

  • Pushing Firewall Admins into an ICMPv6 Frame of Mind

    ITdojo IPv6 TrainingPath MTU discovery (PMTUD) is far from a new concept to IT folk.  A sending node sets the Don’t Fragment bit in its IPv4 header which is the nodes way of telling any router along the journey to the packet’s destination that it may not fragment the packet into smaller parts.  The router, being an obedient device, honours the instructions in the packet and, when the exit interface does not support the size of the packet, it drops it (rather than fragmenting it).  Now, it is polite, but not required, for routers to tell you when they do such things.  The router that dropped your unfragmentable packet can (should) send you back an nice ICMP message that effectively says, “…just wanted you to know that the packet you just sent was too big to go out my interface so I dropped it.  The biggest MTU I can handle on that interface is ____________ bytes.  If you want to you can try again with an MTU no bigger than that.”.  This ICMP message originates from the router that dropped your packet and is sent back to you (also note that routers can be configured to quietly discard the packets, sending you no ICMP Packet-too-Big message).  The problem we have had for years is that firewall administrators, who live in a perpetual state of fear of all things ICMP, frequently disable ip unreachable packet generation on routers and also block most, if not all, incoming ICMP traffic from the Internet.  This was a problem in IPv4 which can provide for some interesting troubleshooting scenarios.  Disabling IP unreachables (using the ‘no ip unreachables’ command on Cisco routers) is considered a security best-practice even though it is widely known to cause PMTUD issues.  The problem persists in IPv6 and is arguably worse.

  • The 600-lb Gorilla Sitting on the Shoulders of IPv6

    ITdojo IPv6 TrainingI can sum it up with one sentence:  IPv6 costs money, it does not make it.

    But the long ago the world received the commandment from the ether:  Migrate!

    Migrate …and pay for it yourself with no immediately obvious capacity for a return on the investment.  And we wonder why the migration is almost 20 years in the making…

  • Peeking Into the Future of IPv6 at Home

    I’ll wager that 99% of people who read this from home are coming to me through an IPv4 NAT device that is only a few short steps from where they are sitting. NAT and IPv4, for reasons I understand yet still loathe, just go together these days. I’ll save my  un-ending rant against NAT for another day but suffice to say I look upon NAT with contemptuous regard; a healthy respect for what it allows us to do but utter dislike for what it is at the same time. Call me conflicted.

  • Chief Information Officers Council – Roadmap Toward IPv6 Adoption for the Federal Government

    Just last week (July 12, 2012), the Chief Information Officers Council released this updated version of the Roadmap Toward IPv6 Adoption for the Federal Government to help with the upcoming deadlines for September of 2012 and September 2014. It highlights the history as well as the government’s vision for IPv6. To read the original article […]

  • A Life Without NAT

    Network Address Translation – A Black Mark on IPv4’s Name

    Why do people use Network Address Translation?
    Because they always have, that’s why. “That’s the way we’ve always done it” is one of the dumbest reasons we do things. It precludes continued thought and absolves us the responsibility to think about why we are doing something. Network Address Translation (NAT) has been a bellwether of the Internet world for so long that many of us can’t remember a time without it. Many in the business rally around its role as a mechanism of security in our networks, “hiding the internal network” from the outside world. When presented in such a light it certainly sounds compelling. Being hidden from the evil, nasty outside world? Yeah! I-want-to-go-to-there.