Disruptive Potential of IPv6 Under Scrutiny at CableLabs

Richard Green, former CEO, CableLabs

Richard Green, former CEO, CableLabs

August 17, 2009 – With Comcast taking a leading role in driving implementation of the next-generation Internet Protocol known as IP version 6 there’s growing awareness in cable circles that advanced service implications of the technology should be factored into the industry’s strategic planning.

“My own view is the capabilities that are in IPv6 offer many new opportunities for us, and those opportunities are important,” says Richard Green, who recently retired from his post as CEO of Cable Television Laboratories. “So it’s incumbent on us to develop the network underpinnings to be able to use those tools.”

CableLabs included provisions for supporting IPv6 in its DOCSIS 3.0 specifications primarily to help MSOs like Comcast deal with the IP address exhaustion crisis that looms on the Internet horizon. According to the latest tabulations from the American Registry for Internet Numbers (ARIN), only about 11 percent of the total of approximately 2.7 billion addresses made available for public use under the 32-bit IPv4 numbering system remain to be assigned, leading to predictions that the address reservoir will be depleted as early as late 2011.

But there’s much more to IPv6 than a 128-bit numbering scheme that supports trillions of new addresses. Additional features intrinsic to implementing the protocol include security, automatic configuration, multicasting and mobility. “In addition to those,” says Latif Ladid, president of the IPv6 Forum, “another two dozen features are still to be discovered by engineers to allow them to re-think the Internet model from an end-to-end perspective.”

As things stand now with IPv6 moving into the market at a snail’s pace it’s very hard to plan for new business models enabled by the technology, because it’s anyone’s guess as to when it will become ubiquitous enough to make a difference. “It’s like a lot of technology,” Green says. “We’re not sure exactly what tools are going to apply and how they’re going to apply. So it’s a bit of wandering around in the dark.”

But, he adds, those tools have great potential to be disruptive to current service provider business models. “These are not just little ‘Y’s’ in the path,” he notes. “They’re big.”

Despite the sense of urgency conveyed by ARIN, the IPv6 Forum, governments and organizations around the world – and, as previously reported (February, p. 16), some experts say the exhaustion point is farther out on the horizon than these bodies claim – IPv6 implementation over networks has barely begun. According to a recent report from the Organization for Economic Cooperation and Development, only 1004 IPv6 addresses were added worldwide in all of 2008.

There are many reasons for this, starting with the costs and complexities attending the need to run or (“stack”) IPv6 streams on top of IPv4 streams, since IPv6 was not designed to be backward compatible with IPv4. Various approaches to streamlining this process have been offered to the IETF (Internet Engineering Task Force), including one from Comcast known as “Dual-Stack Lite,” which would have the effect of making IPv6 backward compatible by preserving all IPv4 connections while converting the entire backbone and access network packet transport system to IPv6.

Under this scenario legacy IPv4 devices and Web sites would connect with each other through IPv6 “tunnels” terminated at the user end on premises gateways that support both IP modes on the LAN side, thereby avoiding the need for a plethora of translators that would otherwise be required to convert IPv4 to IPv6 or vice versa. To avoid having to assign a new IPv4 public address from the increasingly depleted reserve to each dual-stack premises gateway the carrier would use a carrier-grade NAT (Network Address Translator) with a public Internet address to support multiple user gateways with private Internet addresses.

How cable operators decide to go about introducing IPv6 while supporting IPv4 in conjunction with deployment of DOCSIS 3.0 is crucial to the IPv6 provisioning process, notes Chris Busch, vice president of broadband technologies at provisioning software supplier Incognito. In Busch’s opinion cable operators would be better off to avoid bringing carrier grade NAT into play in the migration process by taking advantage of new gateway routers, now available in Asia, that perform the IPv4-to-IPv6 translation on the WAN interface.

“What I’m asking is, is it worth spending money on installing carrier-grade NAT hardware that might cost tens of thousands of dollars as a transition solution for end users who already have IPv4 addresses?” Busch says. Taking the approach recommended by Busch, carriers would provide gateways with IPv6 addresses to new sign-ups while allowing them to continue using legacy IPv4 devices on the LAN side of the gateway. Existing customers would retain their public IPv4 addresses. The additional cost for the new gateways, in the neighborhood of $50 per gateway for the firmware required to do the translation from IPv4 to IPv6, could be borne by the subscriber as part of the service fee. “The service provider shouldn’t take the cost of address conversion onto its balance sheet,” Busch says.

Moreover, he adds, use of NAT to assign private addresses to legacy customers might have implications for introduction of PacketCable 2.0 capabilities, which supports convergence across all fixed and mobile devices through adaptation of the cable domain to the IMS (Internet Protocol Multimedia Subsystem) architecture developed by the mobile industry’s 3GPP group. The complexities associated with this architecture require that end users have public addresses, Busch notes.

Further complicating the pace of global migration to IPv6 have been the missteps of some early adapters who, by virtue of poor structuring of security mechanisms and other problems, have made others wary of going down the same road. “Many new challenges will be brought on due to the slow and unprofessional adoption of IPv6, mainly in the security area,” warns IPv6 Forum’s Latif Ladid. “Hackers will again be smarter than the IP engineers with the adoption of IPv6.”

The IPv6 Forum has attempted to address this problem by setting up an “IPv6 Enabled Logo” program which runs tests on network operator and web site implementations of IPv6 and certifies the protocol has been properly implemented. “The IPv6 Enabled ISP Logo Program will support ISPs in verifying and validating the integration of IPv6 in their networks when refreshing or building their IPv6 Internet infrastructure,” Ladid says.

Beyond having to sort out how best to accommodate the transition to IPv6 the cable industry will have to come to grips with the enhanced capabilities of the protocol. Presently, far more devices are Internet connected than there are individual public addresses owing to widespread use of NAT to assign private addresses to any number of devices that are connected to a device that has a public Internet address. With IPv6 all devices would be directly connected to the Internet and, therefore, with each other, allowing for a much more wide open interplay of communications and applications than is possible today.

The built-in multicasting, automatic configuration and security mechanisms associated with IPv6 create an opportunity for content and applications suppliers to build new businesses around IPv6 servers capable of connecting millions of devices to a given stream while transmitting up to 5,000 streams simultaneously. This compares to IPv4 servers which, without the addition of a multicasting component, stream one stream to one user and support a maximum of about 500 streams per server.

In this brave new IPv6 world devices tuned into a given application would automatically discover each other and establish ad-hoc networks for content sharing, game participation and social networking irrespective of who their service providers are. The ability of any device to independently and securely connect directly to any content or e-commerce source and to be individually authenticated by that source could set in motion an entirely new approach to doing business over the Internet.

All of this isn’t as far off in the future as it might seem, notwithstanding the slow implementation of IPv6 in networks and on Web sites. That’s because consumer electronics suppliers have embraced IPv6 to future proof their devices as the ability to obtain new IPv4 addresses becomes a gating factor on market demand. New PCs equipped with Microsoft’s latest OS – Vista or its successor – support IPv6 as do new Apple computers and most smartphones.

In fact, the mobile implementation of IPv6 (Mobile IPv6) uses what is known as Routing Optimization, which allows a mobile node to talk directly to its peers while retaining the ability to move around and change the currently used IP address. The peer node learns a binding between the mobile handset’s permanent home address and its current temporary “care-of” address, which allows the packets to traverse a shorter route than the route taken in the legacy mode, where everything has to go through the home agent.

While there’s a security risk where a malicious host could set up false bindings to divert traffic to an attacker or flood third parties with unwanted traffic, many vendors are providing protections against this possibility in their implementations of Route Optimization. Thus, with the push well underway in development of app stores and third-party-to-end-user affiliations that are independent of service providers, the emergence of Mobile IPv6 represents a further advance toward a new framework for building business models that eventually will impact the fixed networking world as well as the points of convergence between the fixed and mobile broadband domains.

Meanwhile, Comcast continues to press forward with IPv6, having just recently demonstrated end-to-end network readiness for the transition to IPv6 at the North American Network Operators Group’s annual meeting in Philadelphia the week of June 16. At the same event, Comcast also announced the availability of national high-speed IPv6 transit for wholesale customers, such as web hosting companies, that connect to Comcast’s fiber network to transfer data to their customers.

The demonstration was “an important milestone in the testing and integration of IPv6 across Comcast’s network and systems in preparation for IPv6 addresses and content becoming more widely available in the future,” says John Leddy, senior vice president of network engineering at Comcast. “We are making our network fully IPv6 enabled so that Web-hosting companies, Internet sites and content providers that connect to Comcast’s Internet backbone to deliver content and services can do so using IPv4 and IPv6 protocols. It’s also an important step in being able to offer IPv6 address space in the future to Comcast customers who use our residential and business services.”

Comcast says it will be another year before the IPv6 service it demonstrated is commercially available. In the interim CableLabs will be putting more focus on what, if any steps need to be taken to facilitate optimal and revenue-generating uses of the new protocol in cable. “The leadership of the labs is thinking about that,” Green says.