Monday, November 17, 2014

IPv6: The first step

I often hear comments like "Where do I start on IPv6?"; I have two answers.

Anyone can turn on IPv6 at home, and then go through the free IPv6 Certification at Hurricane Electric (HE). First, find out if your ISP offers native IPv6. If you can get native IPv6, make sure all of your equipment (cable or DSL modem, router, computer with recent OS) supports IPv6. IPv6 has been enabled by default for a while, but you still may have to enable it. If you can't get native IPv6, you can sign up with a tunnel broker to receive an IPv6 tunnel encapsulated in IPv4. (Hint: pick one that's geographically close to you; 6in4 recommended over 6to4.) I picked HE's, and then I went through their IPv6 Certification. Independent of how you get IPv6 at home, I recommend the HE IPv6 Certification as a good process to introduce yourself to IPv6. It won't seem large and daunting after this gentle introduction. If you're using a tunnel broker, the final step is to ask your ISP for native IPv6. Native IPv6 is typically faster, and yet service providers like to claim that there's no demand for it; prove them wrong, and ask for it. (This is an important step.)

Some of you will be thinking, "I'm an administrator; where should I start?" I can answer that too! Enable IPv6 on your internal monitoring server (like Nagios) first. You will want to monitor your IPv6, so you should start there so that you're prepared. I have enabled IPv6 at work; I started with the name servers at my boss' instruction, and then immediately added our internal Nagios server so I could monitor DNS on IPv6. Two administrators where I work have also enabled IPv6: the first who is experienced and appropriately cautious started with his internal Nagios server, and then his name servers; the other enabled IPv6 on various servers that seemed "easy" and doesn't know when IPv6 has gone down until someone files a ticket. Which administrator do you want to emulate? Personally, I don't like getting tickets from users about brokenness that I should have spotted first. So start with your internal monitoring server(s), then enable IPv6 on your name servers, and then announce those IPv6 addresses.

To review,

  • everyone
    1. Find out if you can get native IPv6 at home, and if so use it. If not, use a tunnel broker.
    2. Get IPv6 certification.
    3. Important: Call your ISP to request native IPv6 if they don't offer it yet.
  • administrators
    1. Enable IPv6 on your internal monitoring system(s).
    2. Enable IPv6 on your name servers.
    3. Ask your upstream name service to provide your IPv6 glue.

No comments:

Post a Comment