Monday, October 17, 2011
IPv6 improves security, but creates complications
Migrating to IPv6 is becoming a more important need for businesses, especially as IPv4 addresses are running out through most of the world.
According to a recent Pipeline report, the exhaustion of IPv4 addresses is easy to understand when looked at through the analogy of phone numbers. While an IP address and phone number are very different in nature, their core purpose is similar, as they both provide the foundation for a connection from one device to another.
In areas where the population is dense and changes often, it is not uncommon for new area codes to be added to a phone number system to address a rising quantity of numeric combinations. The same thing is happening with IPv4, as the growing number of connected devices has reached a point where the remaining IPv4 addresses will soon run out. This makes migration to IPv6 critical so that computing equipment can still communicate.
Improved security is one of the key benefits that comes along with the necessary transition to IPv6. The report said IPsec, an IP-based security technology that automatically encrypts all data transmitted through the network, is required when businesses work to develop networks to meet the IPv6 standard, according to the report. While IPv4 is capable of working with IPsec systems, it is not a required component of the technology. This gives IPv6 a significant security edge over the older protocol.
While IPv6 is becoming necessary and offers significant benefits, it also creates major complications in terms of compatibility. The report explained the greatest problem with IPv6 is that it is not interoperable with IPv4. The news source said running IPv6 and IPv4 together is like running a 64-bit operating system on 32-bit hardware. The gap between the two can be overcome, but it requires careful planning and management.
Overcoming the gap between IPv4 and IPv6 is critical, and a growing number of businesses are turning to dual-stack technology to accomplish this task. In many cases, dual-stack network setups create the equivalent of two separate network pipes. As a data packet enters the network, a gateway system identifies if it is coming from an IPv4 or IPv6 address, and sends it through the correct pipe. While this simplifies support for both protocols, it can split a network's bandwidth, creating performance complications.