Addressing the business needs for IPv6 for the enterprise.
Jan 20th, 2022
A lot of articles about IPv6 talk about the scarcity of IPv4 addresses and how we're "running out." What about the enterprise, though? Why should enterprises consider the move to IPv6 when they have all the private addresses they seem to need?
Back in 2014 I had just started working for Cisco in what used to be called the Insieme business unit. We had just GAd ACI (Application Centric Infrastructure) which is still one of Cisco's solution for SDN (Software Defined Networking) in the Data Center. I would go around presenting the benefits of ACI to customers, prospects, and partners, and I remember the part of the presentation that always got the most attention no matter who was in the room: policies no longer had to be permanently glued to IP addresses. This was a hard concept to swallow for many, because that's just the way it had always been done. This device at this IP address gets these policies. Entire architecture models were designed based on this one concept.
This one seemingly simple capability of being able to assign policies based on other identity information actually meant that technology would now have the freedom and flexibility to adapt to the needs of the business. We can move people and devices around more easily, they aren't beholden to proximity necessarily, we can even go to market faster. However, even though this all sounds great, SDN has still only been adopted by about 15% of enterprises according to a report on SDN Adoption by Verizon published in November of 2021.
This is almost the exact story of IPv6, except that IPv6 has been around even longer, it makes multicloud and IoT adoption easier, and it has a lower adoption rate (when removing outlier organizations like Amazon and Twitter). Companies which have made the move to IPv6 are generally running it using a dual stack architecture, meaning they are running both IPv4 and IPv6 and likely for their internal IP addressing they're still mostly using IPv4 and the legacy protocols that go along with it.
As with any "new" technology, change is difficult. I'm not being glib when I say that. There are hundreds, if not thousands of dependencies to consider when making large architecture changes and any sort of migration project always runs the risk of downtime which can affect revenues and increase costs. Essentially for higher adoption rates, generally the ROI needs to be greater than the risk. Let me rephrase that, the perceived ROI needs to be greater than the risk. If we continue to only talk about the scarcity of IPv4 addresses, while enterprises are humming along with their current IPv4 addresses, then it appears that the ROI is quite small.
When we only talk about the technology drivers for a project, we'll also continue to see low adoption rates. So let's talk about how IPv6 technology gives us the flexibility to adapt to business needs.
If you're running an enterprise network, there's no doubt you've been planning and running multicloud, edge, and IoT projects. While there are certainly technology drivers for these projects, likely if you're doing any one of these three things, it's to give your employees and customers the best experience when using your platforms and services. Experience is not limited to uptime. It entails offering the best performance, zero-trust security, latest services and features, and even required compliance. We can no longer keep up with our competitors by just running a data center at HQ and a few colos (colocation data centers).
All of this can be done with IPv4, you're doing it already. However, IPv6 offers the end-to-end encryption that we have to provide work-arounds for achieving with IPv4. More important, though, is the sheer size of the address space you'll get with IPv6. When you pick up a /32 IPv6 address space you get 65,536 /48 subnets which you can dole out without having to worry if you're going to run out. Spinning up containers in the cloud, adding new building controls or security devices, or even passing out IP addresses to people working at a branch location or from home is no longer a concern. You might be thinking that we're just talking about IP address scarcity again, but it's really about the administrative savings and risk reduction of never having to re-IP anything again especially as we embrace more multicloud and SASE architectures.
Does your company do a lot of M&A? I guarantee that your IT organization spins a lot of operation cycles on designing new IP schemas every time a new company is acquired. Imagine if Alpha company acquires Beta. Both companies are using /24s in the 10.x.x.x subnet. Someone is going to have re-IP. Now imagine that Alpha has also decided to acquire Gamma. Guess which private IP addresses Gamma uses. That's right, the same ones, because those are the ones that every enterprise uses. So, is Beta going to re-IP again, or perhaps Gamma is going to. Either way, it's a lot of work that could be avoided by using IPv6 which gives us totally unique addresses to use, so there's no need to worry about overlap and because of this there's also no need to use address translation.
Are you in an industry that actually relies on the performance of a network? Perhaps you work for a company that specializes in high frequency trading or you work for a gaming company that serves out peer-to-peer style games. IPv6 outperforms legacy protocols in connection times, jitter, and because there isn't a need to do what's called Network Address Translation (NAT) your packets will actually flow faster. NAT was developed to allow one or more private IPs to be translated to a public IP to communicate over the internet. This conserved public IP addresses, which we all know are running out, and also saved on some cost of purchasing public IPs.
IPv6 doesn't require NAT because there isn't the same concept of private or public IPs as in IPv4. There is such a thing as Unique Local Addresses in IPv6 which aren't routed over the internet, but we'll save that for another blog.
The above are just a few of the business drivers which will have you looking at IPv6 for the enterprise. As I stated before, these migrations aren't easy. If you're looking for some help to track and measure your IPv6 migration project check out our whitepaper on IPv6 migration or contact us any time.