Cisco Acts to Slow IP Exhaust While Expediting Shift to IPv6

Mike Capuano, director, marketing, SP routing & switching, Cisco Systems

Mike Capuano, director, marketing, SP routing & switching, Cisco Systems

November 11, 2009 – Amid rising concerns that service providers are dragging their feet in the transition to the next generation version of the Internet Protocol, IPv6, Cisco System has taken steps that could extend the life of IPv4 while at the same time providing improved modes of migrating to IPv6 as smart grid and other new applications add new urgency to the transition agenda.

“The solution we’re bringing to market is focused on addressing IPv4 exhaust,” says Mike Capuano, director of marketing for SP routing and switching at Cisco. “It looks like we have a little less than 700 days left before we get to the last public address block for IPv4 around September 2011.”

The solution referenced by Capuano consists of enhancements to Cisco’s CRS-1 core routing and ASR aggregation service edge routers that are designed to take some of the urgency out of IPv4 exhaust while simplifying network operators’ ability to transition to IPv6. With regard to extending the life of IPv4 addresses, the new hardware module Cisco has introduced for these routers allows operators to set up millions of private IPv4 addresses from IPv4 public address termination points at each the router.

“Effectively what this does for the first step toward IPv6 migration is it takes what used to happen in the home with public-to-private IPv4 addressing and enables that at the core and edge,” Capuano explains. “Now instead of a carrier having to allocate 100 IPV4 addresses to serve 100 different subscribers, it can allocate one. The 100 new subscribers all get private IPv4 addresses. By taking Network Address Translation (NAT – the standard use for assigning private addresses to a single public address) into the network at scale, we can slow down address exhaust.”

While Cisco has long been beating the drums for the transition to IPv6, the fact is carriers have been slow to react to the warnings. The upshot is that, with less than two years to go before IPv4 public addresses run out under current utilization procedures, only about “one percent of the Internet is on IPv6,” Capuano says. Indeed, according to the Organization for Economic Cooperation and Development, only 1004 IPv6 addresses were added worldwide in all of 2008.

IPv6 uses a 128-bit numbering system to support trillions of trillions of possible public addresses in contrast to IPv4, which supports just a few billion. Moreover, with IPv6, all devices would be directly connected to the Internet and, therefore, with each other, allowing for a much more wide open interplay of communications and applications than is possible today.

Beginning some time ago, tech strategists envisioned a transition period when service providers would take a “dual-stack” approach by “tunneling” either IPv6 or IPv4 traffic to end points and then translating the tunneled traffic at those points to the other type of address. This is still the gameplan, Capuano notes, but “the whole premise of that approach was we’d have started awhile back and today we’d be at least 50 percent of the way to IPv6. Where we really need to be is at that 50 percent point, but, because we’re not, we’re bringing this carrier-grade large-scale NAT (LSN) capability into play.”

Scaling to LSN is essential, he adds. “With traditional NAT the largest scale happens at the local head quarters router,” he says. “One of these carrier grade service engine modules can do up to 20 million translations.”

There are also major benefits when it comes to maintaining consistent security performance, he adds. “You can do this from an appliance perspective, but by integrating into the core router you know security policies are the same and being enforced consistently on any flow,” he explains.

Capuano insists this solution won’t serve to encourage carrier to procrastinate further in the transition process. “Based on what our customers are telling us, everybody is moving now,” he says. “For example, all the largest cable companies get it.”

Capuano says the new Cisco router enhancements also help resolve some of the problems with IPv4-to-IPv6 migration by enabling dual-stack tunneling in either IPv4-over-IPv6 or IPv6-over-IPv4 mode in conjunction with LSN capabilities across the entire routing and switching infrastructure. As previously reported (September, p. 15) Comcast has said it will launch an IPv6-based wholesale transport service in another year or so with support for translation to IPv4 at end points.

Various proposals have been offered to ease the costs of translation, including one from Comcast called “Dual-Stack Lite,” which would use premises gateways with dual IPv4 and IPv6 outputs so that IPv4 end points connected through tunnels of IPv4 over an all-IPv6 backbone would need no translation while the IPv6 traffic would go straight to IPv6-addressed equipment as well.

Another idea, essentially a variation on Dual-Stack Lite, would solve the translation cost problem while avoiding relying on NAT as a temporary fix by using IPv6 gateways with IPv4 outputs to support assignment of IPv6 addresses to all new customers while preserving the usefulness of their legacy devices. Of course, this approach requires 6-to-4 translation, but only requires translation for new customers with IPv6 addresses connected via the 6-over-4 tunnel while avoiding the need for any translation among the vast majority of customers still on IPv4.

Some of Cisco’s Linksys premises devices are designed this way, Capuano notes. “Our 6RD (v6 residential device) units support 6-over-4 tunneling and then provide you IPv4 outputs to support legacy devices,” he says.

While address exhaust represents by far the biggest impetus behind IPv6, new uses of IP-based network communications for machine-to-machine and smart-grid applications as well as previously reported mobile uses loom as potential major drivers. In general, automatic configuration and security enhancements tied to IPv6 serve to provide a means by which services requiring automation of communications among massive numbers of devices can be set up without running all the traffic through service providers’ core routing and provisioning centers.

IPv6 devices tuned into a given application can automatically discover each other and establish ad-hoc networks, which is essential to efficient machine-to-machine and smart-grid applications, notes Kittur Nagesh, director of service provider marketing at Cisco. “There are great productivity and security advantages tied to these capabilities, which create a tremendous opportunity for network operators,” Nagesh says. “There is a proliferation of Internet savvy devices in many, many verticals, so the time is right.”

For example, Nagesh notes that in California’s drought-ridden Central Valley, farmers have begun to use water sensors in the ground in conjunction with telemetry connections over 3G wireless networks. Because each device is individually addressed, sprinklers can be turned on at specific locations based on need, avoiding wasted water usage. and based on info turn on sprinkles.

In another example, NTT in Japan has put IPv6 multicasting capabilities to use in a unique network designed to deliver early earthquake warnings to regions threatened by a tremor. Such warnings, arriving seconds ahead of the spreading waves from the quake epicenter, tie into automated systems in ground and air traffic and other public safety operations to trigger life-saving reactions.

Security is a big area of interest in machine-to-machine applications, Nagesh says. In an IPv6-provisioned security grid the default data rate from cameras to central monitoring positions can be very low. When a door opens the data rate can be shifted to accommodate HD quality transmissions to capture whatever is happening at a given location.

Incremental management of energy usage across the wide grid and down to every home is probably the “Holy Grail” for IPv6 applications, Nagesh adds. With energy savings now a top national priority, incentives and regulations aimed at promoting the smart grid are likely to accelerate the long-delayed move to a smart grid, he notes.

But Nagesh acknowledges there’s a “chicken-and-egg problem” when it comes to manufacturers’ producing devices that are designed to work with IPv6 addresses. “Manufacturers are saying, why add the costs if nobody is doing it? The hardware and software for accommodating IPv6 are different. Applications vendors are thinking most devices are IPv4, so they’re developing applications accordingly.”

Getting around the chicken-and-egg dilemma entails implementation of migration strategies that exploit the types of capabilities Cisco is touting with its latest advances, Nagesh suggests, pointing to Verizon as a case in point. “I advise mobile operators that the best approach is the one Verizon is taking,” he says.

“Verizon fired the first shot by ordering that all LTE (Long-Term Evolution) devices be v6 compliant and making clear their network is going to v6 over time,” he explains. “They’re starting with the core, where everything operates in IPv6 and using translators at the edges to connect with the IPv4 end points. The edge routers and switches are v6 capable but they operate in v4 except where there are v6 end points, in which case they can directly address those in v6.”

Gateways will be part of the industry migration strategy, allowing legacy devices to operate in v4 behind v6 entry points, he adds. “This way applications developers can begin to build to IPv6, because the gateways and translators will be there,” he predicts.