We have already considered the experiences in the implementation of IPv6, and briefly mentioned possible challenges telecommunication operators might face at this stage. Let us consider them in more detail.
Is IPv6 implemented by the service provider?
The first issue to be addressed when creating the network or when modernizing it is the capabilities of the next level provider, if present, or the capabilities of the AS (autonomous system) the terminal telecommunication operator is connected to. Not all the providers have implemented IPv6 support in their network infrastructure; however it’s a matter of time.
Many providers still use obsolete network equipment. The principle is simple: equipment is working – so there’s nothing to worry about. Unfortunately, this is the most common mistake. The new hardware is created taking into account both the new technologies and the new safety criteria. In turn, equipment with the current (the last) firmware version when its manufacturer support is over (i.e. firmware release has reached its “end of life”) is not subject to software and hardware upgrade. It means that if the equipment isn’t able to handle IPv6 protocol, then it would be impossible to install and make it work properly any way. The thing is that the IPv4 address is 4 bytes in size, and IPv6 is 16 bytes correspondingly, that is, 4 times larger. Accordingly, that would take four times more memory, and for hardware platforms this is a luxury.
Network infrastructure. IPv6 + IPv4. DNS
Let’s say that the telecommunication operator already has its own IPv4 address space and wants to implement IPv6 as well. What equipment is needed?
There are several ways to implement IPv6 into existing infrastructure. The most common ways are the following:
- IPv4v6 Dual-Stack – dual (simultaneous) IPv4 and IPv6 support;
- NAT64 – translation of IPv6 address space to IPv4 ones or vice versa;
- IPv6 tunneling within existing IPv4.
Each way has both advantages and disadvantages, but IPv4v6 Dual-Stack is the most promising.
And what about DNS? Everything is simple there. The IPv4 address record for the domain name is a type A record. For IPv6, it was suggested to name the record type as A6, which was later renamed to AAAA.
The next challenge with the transition to IPv6 is the protocol support by the client equipment. Whereas the modern operating systems fully support IPv6, home routers, for example, might not support IPv6. And there are number of reasons for this:
- The client uses obsolete equipment and doesn’t want to spend money to replace the equipment that “is good enough”.
- User equipment manufacturers for some reason do not want to include IPv6 support on their hardware.
- IPv6 is supported, but it is unstable, or the client router software supports IPv6, but not the way it is implemented by the provider.
- The absence of user content in IPv6 networks.
We would like to focus on the third point. The client equipment manufacturer, for example TP-Link, has added IPv6 support in the latest models of its products. So it is enough to choose the type of WAN connection:
- statical IPv6 address;
- tunneling (Tunnel 6to4).
Unfortunately, not all the manufacturers are ready to provide such a choice to the client and in the best of cases are confined to tunneling and dynamic/static configuration, and in the worst cases – only to the dynamic one.
Regarding the unstable work mentioned above, please note that the client, by default, is given a subnet with the /64 prefix, which could contain 18446744073709551616 network addresses. The address space is large enough, however, in case of some manufacturers changing of the network prefix both upward (/63, /64) or downward (/61, /60) will result in unstable equipment operation.
The lack of content in IPv6 networks is mostly caused by the resource owners unwillingness to implement this protocol. Although many foreign organizations are already actively using it, the Russian have been slow to do it.
Why can’t one stop using the IPv4 address?
One can’t stop using the IPv4 address space for a long time. The reason is a slow transition to IPv6. The migration progress is shown on the graph below:
Theoretically, it is assumed that the size of the IPv4 addresses pool will be decreasing over time, while the IPv6 one will only be increasing.
In fact, the IPv4 address space is not yet exhausted, that is, the RIR (regional Internet registrars) have not completely exhausted the address space, so it looks like this:
The projected timelines for the IPv4 pool exhaustion are the following: for Africa – April 30, 2019, for Europe, the Middle East and Central Asia – the beginning of 2021. It is expected that the mass transition to IPv6 will begin after the complete exhaustion of available addresses and increasing the Internet users growth (including the Internet of things).
Problems of the legislation
In Russia, the Internet service provider is obligated to store the network access logs of its clients to the within three years according to the article 64 of the Federal Law “On Communications”. The IPv6 transition requires changes to be made to the statistics gathering. In particular, netflow data have to contain the IPv6 fields both in the destination address and in source address. This feature is available starting from the 9th protocol version. Also, the provider billing system and the SORM (Russia’s anti-hacking and surveillance system) would pose significant modifications.
Stingray Service Gateway and IPv6
IPv6 implementation specificity
In the Stingray SG current version, IPv6 support is activated in the DPI configuration file, where the IPv6 parameter should be set to 1:
The IPv6 network prefix size assigned to the client (it is /64 by default) also can be changed. It is enough to modify the following parameter within the configuration file:
Important! IPv6 support requires additional memory and processor resources, so if you do not assign the IPv6 addresses to your subscribers, then it is not recommended to enable IPv6 support in the DPI.
RADIUS and Stingray
Stingray Service Gateway supports the IPv4 and IPv6 subscribers addressing. In case of IPv4 subscribers, the response should contain the Framed-IP-Address attribute specifying the IPv4 address, and this address must match the one specified in the Access-Request. If the Framed-IP-Address values in the request and in corresponding response differ, then it is considered as an error.
The following attributes within the Access-Accept/Reject are supported for the IPv6 subscribers:
- Framed-IPv6-Address – specifies the subscriber Ipv6 address. This attribute value being set in the response have to match the value specified in the corresponding request.
- Framed-IPv6-Prefix – specifies the IPv6 subscriber network prefix. Both the size of the prefix and its value within the response have to match the ones specified in the request.
- Framed-IPv6-Pool – the pool name. Is an optional attribute. If this attribute is specified in the response, it will be transmitted within all the Accounting-Requests.
In case of IPv6, the response should always contain either one of the Framed-IPv6-Address attributes or the Framed-IPv6-Prefix ones (or both). In this case, the Stingray Service Gateway interprets the Framed-IPv6-Address attribute as a subnet prefix, without taking into account the least significant bits of the address (remember that the Stingray can handle only the equal sized prefixes specified by the ipv6_subnetwork parameter).
It should be noted that the Stingray Service Gateway developers provided opportunity of assigning IPv6 and IPv4 addresses to the subscriber, including private ones with further NATing.
Advantages of moving to the IPv6
The first and obvious advantage of IPv6-networks is the availability of a huge number of IP addresses. This means that any device connected to the Network can be assigned a “white” IP address. The provider is able to assign it (address) permanently for each subscriber and moreover to allocate entire subnets for each client. In industry, assigning an individual IP address for each sensor is possible, not to mention whole units.
What are the advantages an ordinary user gets by using IPv6? The “smart house” system and Internet of things will also be able to access the Internet, everything from a toaster to a home server. However, it is not necessary to use the cloud-based services of the manufacturer.
The second clear advantage is the feature to autoconfigure the interface, that is, an IP address can be assigned to the client not only by means of DHCPv6, but also using SLAAC (Stateless address autoconfiguration). The host itself can send an ICMPv6 request and, in turn, the routers receiving such a request send a response containing the information about the network prefix, the gateway address, the addresses of the recursive DNS servers, and so on.
The transition to IPv6 is inevitable. This is a long and complex process that cannot be expected to be done immediately. Unfortunately, at the moment for most users, the advantages of innovations are not so obvious. Mainly, one of the first countries or regions in transition to IPv6 are those where the lack of addresses is the most acute.