With more than a decade of research and development in IPv6 networking, Brocade has developed a non-disruptive set of solutions to completely transition or simultaneously support both IPv4 and IPv6 protocols. To address the needs for security and manageability, often overlooked by many networking vendors, Brocade supports extended security features for IPv6, as well as embedded sFlow technology.
What Is IPv6?
IPv6 was first developed in 1995, primarily to increase the number of unique addresses available for identifying devices that connect to the Internet. At some point, the previous address model, called IPv4, was going to be exhausted. Today, as cell phones, smart phones, pads, laptops, and desktop computers, and other electronic devices proliferate worldwide, the use of Internet addresses has skyrocketed. As of February 2011, the last unassigned IPv4 address blocks were allocated to the regional entities responsible for address distribution in their geographies. Clearly, more and more devices on the Internet will be using IPv6.
IPv6 is not backward-compatible with IPv4, so devices using IPv4 cannot directly communicate with devices using IPv6, and vice versa. The Internet will have to independently route IPv4 and IPv6 traffic (likely for decades) and there will also have to be ways to ensure the electronic data contained in IPv4 and IPv6 packets can seamlessly flow between IPv4 and IPv6 devices.
Integrated Enterprise and Service Provider Solutions for Merged IPv6 Services
As service providers and enterprises add IPv6 devices to their networks, it is imperative that the networks are designed to efficiently support the simultaneous use of both IPv4 and IPv6. To support this, Brocade has developed a set of dual-protocol networking solutions with embedded support for the high-speed switching and routing of independent IPv4 and IPv6 traffic on the same router, as well as IPv6/IPv4 transition mechanisms. In addition, Brocade provides a set of IPv6 security and management features that support highly efficient and easier-to-operate dual-stack environments.
Brocade offers one of the industry's most complete families of IPv6 unicast, anycast, multicast, and transition protocols. These products include hardware-based, wire-speed IPv6 switching and routing products; software-upgradeable systems for IPv6 switching and routing; and software-based IPv6 management feature upgrades. Brocade intends to support both enterprise and service provider IPv6 dual-stack environments, and continues to help governments and industries worldwide in their transition to IPv6.
Dual-Protocol Network Transition Methodologies
Many of the early discussions on IPv6 focused on the benefits versus IPv4, and recently on the applications that will drive the adoption of IPv6. But events have shifted the discussion, as the DoD and other worldwide governmental agencies have made public statements not only endorsing IPv6, but mandating that equipment be IPv6-ready. Because of these events, and market forces (especially in Asia), it is now clear that IPv6 will become the dominant protocol over time. The question is how to build networks that effectively support both IPv4 and IPv6 devices, and network infrastructure when IPv4 will still be around for some time.
Clearly the transition to IPv6 must allow IPv4 devices to coexist with IPv6. There are a range of options available that support migration from IPv4 to IPv6. One option is for IPv6 traffic to be tunneled over IPv4 networks. This allows IPv6 devices to talk to other IPv6 devices. However, this does not provide a way for IPv4 and IPv6 devices to talk to each other. This requires a gateway so IPv4 and IPv6 devices can directly communicate with each other. There are a number of methods for providing this gateway service.
IPv6 NAT64 Gateway: The Brocade ServerIron ADX Series enables IPv4 networks to interoperate with IPv6 networks via a simple and standards-based NAT64 gateway. This enables both IPv4 clients to communicate with IPv6 networks, as well as new IPv6-based clients to communicate with traditional IPv4 networks–all without requiring forklift upgrades to existing infrastructure.
IPv6 SLB Gateway: The Brocade ServerIron ADX Series also allows existing IPv4 applications to be advertised via an IPv6-based Virtual IP (VIP) service. Existing servers and applications can then be slowly migrated to IPv6 on their natural upgrade cycles. The ServerIron ADX application delivery switches load-balance traffic destined to an IPv6 VIP among IPv4 application servers, enabling application servers to be upgraded to support IPv6 at an evolutionary rate.
Regardless of these technologies and methodologies, many organizations are looking for core networking equipment that provides scalable, high-performance, highly reliable IPv4 and IPv6 support. As they upgrade their networks, they must be able to support both IPv4 and IPv6 switching and routing in high-speed hardware, they must have embedded support for IPv6 transition technology, and they must have underlying support for the security and manageability services needed to ensure the operational viability of their networks.
Delivering Core IPv6 Services for Dual-Protocol Networks
In order to meet the needs of the growing number of operators that are upgrading their networks to support new services like IPv6, Brocade provides ASIC-based high-performance IPv6 forwarding, full IPv6 routing, and transition technology to support dual-protocol networks. To address the needs for security and manageability, often overlooked by many networking vendors, Brocade supports extended security features for IPv6, as well as embedded sFlow technology. The sFlow IPv6 features in Brocade enterprise-class FastIron edge and chassis products, as well as in Brocade MLX Series and Brocade NetIron products, provide capabilities for network-wide visibility. This technology is important to successfully monitor, manage, and secure both IPv4 and IPv6 traffic and ensure smooth operation of the services and applications for both protocols.
The Brocade FCX Series, MLX Series, FastIron, and NetIron product families support hardware-based IPv4 and IPv6 switching. The key to this technology is that both IPv4 and IPv6 forwarding is done using an advanced hardware-based dual-stack architecture, delivering wire-speed packet forwarding. For enterprise aggregation and core density and performance, the Brocade BigIron RX family of products provides high-speed IPv4 and IPv6 routing and switching. For highly scalable operator environments, the Brocade MLX Series and NetIron families support Brocade Direct Routing, which provides large-scale hardware-based routing with the capacity to support many copies of the entire Internet routing table in hardware.
To control the high-speed data plane, the Brocade IronWare operating system supports a range of both unicast and multicast IPv4 and IPv6 routing protocols. This includes:
For service providers, it is critical that their network equipment have high-density port configurations, be extremely reliable and resilient, and support high-speed IPv6 forwarding. In addition, supporting protocols like IS-IS, PIM-SSM, and BGP-4+ are needed to ensure that new services are delivered reliably and managed efficiently.
In addition to the routing protocols, embedded support for IPv4-to-IPv6 transition software must be provided as part of the edge and core infrastructure. This is especially important in enterprise environments where new IPv6 devices must coexist with existing IPv4 devices and networks nodes. To this end, Brocade provides three different types of tunneling to facilitate the migration to IPv6 in an IPv4 world. This includes 6to4, as well as both configured and automatic tunnels.
It is in the area of access control and security where enterprises and network operators frequently have little visibility or control of their operations. To provide for this control, Brocade IronWare provides IPv6 protocol VLANs, which allow the creation of separate IPv4 and IPv6 broadcast domains. IronWare also supports wire-speed extended IPv6 Access Control Lists (ACLs). This includes the ability to identify traffic based on source/destination IP address, IP protocol type, TCP/UDP port, IP precedence or ToS values. This also allows selective ACL logging and can scale up to 64,000 ACLs per packet processor and over one million for the total system.
Embedded sFlow for Network-Wide Visibility
Brocade has extended its scalable, ASIC-based, wire-speed sFlow (RFC 3176) monitoring and accounting solution for use in an IPv6 network. This feature allows enterprises and service providers with IPv6 traffic to gather a variety of sophisticated network statistics and information for capacity planning and real-time monitoring purposes. The data collected using sFlow can be used to help in the transition from IPv4 to IPv6. For capacity purposes the data can assist in deciding where additional IPv6 infrastructure should be installed, it can help with IPv6 application awareness, as well as to validate service levels and priorities, and assist in security audits.
Brocade: The IPv6 Network Solutions Provider
To meet the growing need to provide operators with core networking equipment that supports high-performance, feature-rich IPv4 and IPv6 switching and routing, Brocade FCX Series, MLX Series, ServerIron ADX Series, FastIron, and NetIron products support high-speed IPv6 packet forwarding, deliver IPv6 routing and security features, offer sophisticated tunneling options, and provide extended sFlow technology for managing, monitoring, and auditing IPv6 traffic. Together, these products provide a unique foundation that allows enterprises and operators to deliver merged, interoperable, high-performance IPv4 and IPv6 services.
Next-generation networks require an overall architecture evolving to accommodate new technologies that support the growing numbers of users, applications, and services. IPv6 is designed to be more robust, dramatically increase the pool of global IP addresses, simplify network administration, resolve security and mobility issues, and improve Quality of Service (QoS).
The transition from the IPv4 protocol to the IPv6 protocol represents a significant challenge to service providers, hosting services, and other companies. They must find ways to accommodate end users and Customer-Premises Equipment (CPE) devices that may be using either protocol. This white paper examines four transition technologies. Brocade is offering its customers a transition path to the new wave of Internet technologies while continuing to utilize customers’ existing infrastructure.