Comcast Inaugurates IPv6 Trial Supporting Dual-Stack Access

John Brzozowski, distinguished engineer & chief architect for IPv6, Comcast

John Brzozowski, distinguished engineer & chief architect for IPv6, Comcast

February 25, 2011 – Fred Dawson, Editor – The cable industry’s implementation of IPv6, the next generation in IP addressing, moved a significant step forward in January with Comcast’s announcement it had become the first service provider to employ what is known as Native Dual Stack on an operating DOCSIS network in North America.

What this means is that 25 IPv6-enabled users in Littleton, Colo. can now access content and services natively over both IPv6 and IPv4, says John Brzozowski, distinguished engineer and chief architect for IPv6 at Comcast. Writing in a recent blog on the company’s Web site, Brzozowski adds, “As a result, they do not need to use any tunneling or translation solutions, including Network Address Translation (NAT); they can access IPv6 and IPv4 directly at high speed in an unencumbered fashion.”

While Comcast has long been running Dual Stack over its backbone network, moving Dual Stack to the access side has been a more difficult undertaking where modems must be equipped to operate in Dual Stack mode, provisioning mechanisms must be in place to deliver IPv6-based service and the plethora of back-office and network components tied to broadband services and features, including the all-important DNS (Domain Name System) servers, must all be equipped to work with IPv6 addresses. Given that the IPv6 addressing system with its 128- digit field as compared to the 32-digit field of IPv4 is completely incompatible with IPv4, the challenges to introducing IPv6 on a wide scale are immense.

“This achievement is a key demonstration and ongoing test of our ability to offer Native Dual Stack Internet services leveraging our production DOCSIS 3.0 network,”Brzozowski says. He describes the development as “a tremendous milestone for Comcast, cable operators, DOCSIS technology, and the Internet community at large.”

Helping things along is the fact that support for IPv6 was built into the DOCSIS 3.0 protocol, which means all 3.0 modems and CMTSs (cable modem termination systems) are equipped to operate in Dual-Stack mode. If a dual-stacked network device such as the CMTS queries the name of a destination and the DNS gives it an IPv4 address (a DNS A Record), the CMTS sends IPv4 packets. If the DNS responds with an IPv6 address (a DNS AAAA Record), it sends IPv6 packets.

On the customer premises side, when the IPv6-capable 3.0 cable modems provision in IPv6 they use stateful DHCPv6 (Dynamic Host Configuration Protocol for IPv6) to acquire their IPv6 address, which is basically how modems provision with IPv4. The cable modem can provision itself for IPv4, IPv6 or Dual Stack mode, where it gets both an IPv4 and IPv6 address to support all types of devices on the premises network. Recently, CableLabs extended DOCSIS 2.0 specifications to accommodate upgrades of 2.0 CMTSs and modems to support IPv6 and Dual Stack as well.

Comcast is using CMTS and cable modem equipment from ARRIS to connect the Littleton trial customers along with home networking equipment from Apple, Brzozowski says. “We will broaden the trial to include other vendors soon,” he adds.

Brzozowski says Comcast will soon be expanding its Dual-Stack testing to other cable systems in other parts of the country. But even as it broadens Dual-Stack operations to the point of commercial rollouts the MSO will have more to accomplish in a forthcoming Phase 3 of its IPv6 implementation.

That’s because there’s one essential drawback to Dual Stack as a migration strategy, which is that for every IPv4 device connected by an IPv6 subscriber, there has to be a new IPv4 address provisioned, given the fact that there is no IPv6 NAT to use for extending private addresses to IPv4 devices, which is standard practice with use of multiple devices by any given customer in the IPv4 realm. IPv6 dispenses with NAT because, with over 300 trillion trillion trillion address combinations available, every device can be given its own address with no fear of running out.

This means that Native Dual Stack will last just so long as an ISP has IPv4 addresses to hand out. Of course, the imminent exhaustion of IPv4 addresses is what prompted implementation of IPv6 in the first place. Thus, Dual Stack is not to be seen as a way to prolong address exhaust but rather as the best way to prepare for the eventual cutover to a predominantly IPv6 mode of operations while assuring there will be support for legacy IPv4 devices for some time to come.

Phase 3 for Comcast will involve implementation of what is known as Dual Stack Lite, a mode of preserving IPv4 addresses in Dual-Stack operations developed by Comcast and now under consideration as a standard at the Internet Engineering Task Force. DS Lite provides a means by which all IPv4 traffic destined for IPv6-addressed customers is delivered over stateless IPv6 tunnels using what is known as Carrier Grade NAT to assign private addresses behind a single IPv4 address across multiple users on the network. This solution, now in development as an IETF standard, would require that new customers who receive IPv6 addresses be equipped with gateways that perform this tunneling, avoiding the need to implement NAT for IPv4 devices at the customer premises.

Comcast and the non-profit group Internet Systems Consortium (ISC) have released open source Address Family Transition Router (AFTR) software to facilitate service providers’ implementation of DS-Lite. AFTR, the heart of the IPv4-IPv6 CGN translation process, operates in conjunction with another new element, the DS-Lite Basic Bridging BroadBand element (B4), which resides in each IPv6 gateway device as the tunneling point for sending IPv4 traffic through the IPv6 network to the translation center.

Obviously there’s a long way to go for Comcast, let alone other cable companies, which are in various stages of moving along the path Comcast has taken, but with the benefit of using what the MSO has learned to expedite their own evolution. CableLabs has been a key part in facilitating the process, assisting with development of advanced modem standards, selecting migration strategies best suited for cable and conducting interoperability events to help ensure vendors are keeping pace with developments.

Meanwhile, with the depletion of new IPv4 addresses imminent, time to prepare is shrinking rapidly. At the beginning of 2009 the total number of addresses available for allocation through the Internet Assigned Number Authority (IANA) pool represented about 12 percent of the 2.7 billion addresses originally allocated for public use. At the start of 2010 the percentage was down to 10 percent, and by midyear it had dropped to six percent. According to statistics supplied by IANA, there were more new addresses issued in the first half of 2010 than there were in all of 2009.

IANA hands out address blocks to various regions of the world, where allocation to ISPs and other entities is handled by regional administrators. ARIN, the American Registry for Internet Numbers, says it will exhaust its share of IANA-supplied IPv4 addresses for North America as of March 2012, at which point it will be impossible for ISPs to obtain new ones. Then it becomes a matter of how many addresses each ISP has in reserve as to when their individual supplies will run out.