November 2005 Newsletter
p1.jpg
Intro
 

We are one month away from the US IPv6 Summit 2005 with the most powerful speakers we've ever seen assembled for an event focused on Internet technology. Please join us Dec. 6-9 at the Hyatt Regency in Reston, VA, for an amazing step forward in creating the IPv6 industry and strengthening the IPv6 community. See all the details at http://www.coalitionsummit.com. For those of you working for or in support of the U.S. federal government, you may also want to attend the Federal CIO IPv6 Workshop this Friday, Nov. 4.
This issue of 6Sense has inadvertently become mostly an in-house issue, as several articles, particularly those representing the views of people working with the U.S. government, are still being reviewed and are awaiting publication permission. 6Sense welcomes submissions from people who have contributions to make to the creation and strengthening of the IPv6 industry and international IPv6 community, and we invite you to share your unique insights with our readers. There is no money exchanged, but you may find yourself rewarded with an enhanced reputation and participation in a number of interesting conversations.
In this November 2005 issue of 6Sense:
Mark Bayliss and Chris Harz provide a historical context with interesting diagrams covering the legacy of the Internet
Bill Kine, of Spirent Federal, Grand Sponsor of the US IPv6 Summit 2005, illustrates concerns about dual stack performance.
Alex Ramia, of Panasonic, gives a futurist scenario for Internet over powerline and then a current context
Dale Geesey gives a charming overview of security issues, with glimpses into the future.
I give a much less charming, even downright sour, in parts, overview of the good, the bad, and the ugly of IPv6 in America.
We hope you enjoy this issue, and will join in the celebration of all things IPv6 this December.

IPv4/IPv6 Dual Stack Support Caveat Emptor
 

IPv6 is a revolutionary new protocol. Numerous innovative communications solutions will be enabled by this new protocol. However, as desirable as such a solution may be, it will be a long time before IPv6 will become the exclusive protocol of most major networks. Instead, an extended migration will take place over the next several years. During this transition period, IPv4 and IPv6 must peacefully coexist and even interoperate in large networks throughout the world.
There are three different networking philosophies for IPv4/IPv6 transitional mechanisms. Each has its own unique benefits and offsetting shortcomings. These are summarized below:
1. Translation: This transitional solution inserts a separate translation device between the IPv4 and IPv6 networks. The translator will convert IPv6 packets and addresses to IPv4 and vice versa.
Advantages: This allows true any-to-any communication between IPv4 and IPv6 resources.
Disadvantages: The translator clearly becomes a network bottleneck and a single point of failure. Furthermore, packet translation impacts many applications (such as data encryption) and creates some serious firewall and security challenges.
2. Tunnels: There are a handful of different proposals for ways to tunnel IPv6 traffic over (or through) IPv4 networks, and even some strategies for tunneling IPv4 traffic across an IPv6 network. In fact, the old 6Bone experimental network was based upon tunneling. Some proposals are based upon manually configured tunnels (an arduous process, I’m sure) and others advocate constructing the tunnels automatically. Tunnel brokers or servers are even suggested for some solutions.
Advantages: Tunneling effectively interconnects islands of IPv6 across the prevailing IPv4 infrastructure.
Disadvantages: Tunneling solutions do not allow IPv4 hosts to access IPv6 resources; instead the two protocols and networks remain entirely separate. Tunneling also adds a lot of complexity to the networks, and this in turn may have some serious operational implications. And, finally, tunneling may not be a truly scalable solution.
3. Dual Stacks: This option is based upon enabling network resources such as hosts, servers, routers and switches to support both versions of the Internet Protocol simultaneously.
Advantages: Dual stack support ensures any-to-any communications, regardless of the versions of IP.
Disadvantages: Dual stacks double the communications processing requirements of all of the network resources, and this leads to performance degradation.

Security Considerations for the New Internet
 

Security in Current Networks
The general view today is that users on the corporate intranet are considered trustworthy and users on the Internet are not. Most network and security administrators know this philosophy is not true, but given the complexity of their network and a lack of widely deployed network security protocols and tools, security architectures reflect this simplified philosophy. Boundaries are deployed around the Enterprise network creating an enclave with a firewall acting as the gate through which all traffic must pass. Unfortunately, this leaves the majority of the Enterprise’s internal resources vulnerable as it is not always possible to close off all “back doors” into the network and from attacks originating within the network.
A more realistic view of network security includes the need to worry about the vulnerability of resources within the Enterprise’s enclave due to internal malicious users, as well as from outside network connections. In many cases, robust security capabilities are not implemented on Enterprise networks due to excessive complexity, cost and management requirements. In the mix, it is sometimes forgotten that the Internet not only contains hackers, but customers and remote employees that need to connect to corporate resources. Generally thought of as a “Corporate” responsibility, users view security as someone else's concern and a necessary evil, which has grown into an “us-vs-them” mentality. Security is seen as a way to stop something from occurring – even advances in technology or work the company needs to accomplish, which may lead users to attempt to circumvent security policy to complete their work. This is not necessarily done with malicious intent, but from a lack of understanding or disconnect in the way security policy is developed.

IPv6 and Power Line Technology
 

Rupert walked across the oak threshold of his front door and a familiar female voice greeted him as if emanating from the walls — "Hello Rupert, welcome home. Should I indicate you are available or offline?" Rupert responded "Offline, and include my private list please."
Rupert placed his keys on the tray beside the hall lamp and walked into the kitchen. He went to the fridge and perused the display on the fridge panel, scanning the list of available meals he could conjure out of the meager contents inside. The milk was expired, the eggs were on the verge of hatching, however, the panel suggested the vegetables could provide a decent salad.
Rupert growled something unmentionable at the flashing message symbol on the screen. Before he touched the icon, he knew what the message was. Only billing or 911 messages got through his offline state, and he could not remember the last time an emergency message had flashed there. He touched the icon and the screen popped up and played his video email. "Rupert Widlow, your grocery account is past due. Your grocery delivery has been suspended until we receive your payment. If you would like to pay your bill now, press the 'pay now' key and it will automatically debit the amount from your bank account." Rupert pressed the key while his stomach growled its encouragement. A welcoming ding acknowledged his transaction and a new delivery date flashed on his screen. "Great, right after work" he said.

The good, the bad and the ugly of IPv6 in America
 

The Good, The Bad and The Ugly was a 1966 film made by Italian director Sergio Leone starring Clint Eastwood (the Good) and other guys who went on a three-hour treasure hunt for $200,000. Internet Protocol version 6 is a 1998 technology created by smart guys in the Internet Engineering Task Force that has gone on a seven-year treasure hunt that some think will lead to a trillion dollar industry. The Japanese government, for instance, believes that IPv6 products and services will be worth $1.55 trillion in 2010, and will grow from there. In that context, the $200 million investment that the Japanese government has made, which supports about 300 people working full time on Japan's IPv6 transition, can be seen as a very minimal price of admission to be the leading IPv6 power.
Over the past 18 months I've written over a dozen articles and published nearly 100 stories related to IPv6. Virtually all the articles by others have been objective. In this article, I'd like to provide a subjective viewpoint, and challenge other writers to elucidate their own visions of what they think is going well with respect to IPv6, what could be better, and what's seriously broken or wrong. These articles don't have to be limited to the US – they can be about other countries, or even the global community. I'm sure that such lists will have many elements in common, and some elements of difference. You may find some of the opinions below to be objectionable (especially if you are in one of the "No Show" industries). I apologize in advance if your feelings are hurt, but ask that you try harder to get your company, agency, industry or country moving faster with respect to IPv6 adoption. Just as it's each citizen's "civic duty" to prepare for hurricanes and natural disasters, according to Dept. of Homeland Security Secretary Michael Chertoff, I think it's each American company's civic duty to start implementing IPv6. IPv6 is ready NOW, and if the US isn't equal to Japan, it's mostly because executives have not taken action to get their companies going on this. I think of Fred Wettling at Bechtel: he's taking action to move his company to IPv6 without asking for a big subsidy or hand-out to do so, because he's done his homework and knows IPv6 is inevitable. If you are reading 6Sense, you know the same thing, so unless Fred Wettling or someone like him is already handing out IPv6 baseball caps at your company, you need to take a deep breath, and take Wettling-sized steps toward making your company IPv6-capable. I hope that the following points can help you in crafting verbal carrots and sticks to prod your company, even if grudgingly, in the IPv6 direction.

The Genesis of the New Internet
 

As we start presenting the New Internet, IPv6, to a wider audience, we've started getting more general questions. When we start comparing IPv6 to IPv4, we hear the question, "But what is IPv4? Where did all this start?" This is one of a series of background articles in answer to that question.
To understand the present Internet, and some of its strengths and limitations, it is useful to remember the time when it was created, in the 1960s, at the height of the Cold War, when there were two Superpowers in the world, both with enough nuclear might to kill each other several times over. Vast armadas of tanks, missiles and other military equipment were lined up facing each other across the East German border, each commanded by generals worried that the other side would "get the jump" on him – that his side would be the victim of a surprise attack. This was before the advent of personal computers, distributed processing, or widespread use of satellite links.
Communication was by relatively few lines that passed through even fewer nodes – which were vulnerable to attack. Computing was done via centralized hosts, each of which ran on proprietary systems – in other words, if one headquarters computer center were to be knocked out by a missile, another could not step in to take its place, and every headquarters downstream of that center would be left in the dark, information-wise, wondering whether a sky full of missiles was headed its way, and whether it should launch its forces first.
v6 Transition Now Offers IPv6 Transition Services
IPv6 Summit, Inc., organizers of the US IPv6 Summits for the last three years and publishers of 6Sense, now offers a wide range of training, consulting and implementation support services to make the transition to IPv6 a reality for your organization. We have assembled a team of IPv6 experts and partners into v6 Transition, providing a complete set of solutions to your meet your IPv6 transition planning and implementation requirements.