Veronika McKillop and network engineers like her need to solve a big problem with an even bigger solution.
You see, the internet is running out of addresses, and it’s happening much faster than most people realize.
The fix for this problem is well known—Microsoft and other companies in the networking sector need to move from the Internet Protocol Version 4 (IPv4) addresses, to the new standard known as IPv6.
For those unfamiliar, IPv4 uses 32-bits for address space, providing around 4.3 billion addresses. “That seems like a very large number of addresses, but the world is running out of these quickly,” McKillop says.
McKillop, a principal service engineer on the Enterprise Design team in Microsoft Core Services Engineering and Operations (CSEO), is right in the middle of all this. She is the chairman and president of the United Kingdom’s IPv6 Council and has been working with universities and large service providers to tackle this challenge for 10 years. Just a few years ago she joined Microsoft to lead its IPv6 implementation.
The IPv4 depletion appeared as a top-level issue in 2011, when the Internet Assigned Numbers Authority (IANA) exhausted its pool. The addresses are allocated by IANA to five global regional Internet registries in blocks for routing efficiency. Since 2011, public IPv4 pools have been running out across all regions with the American Registry for Internet Numbers (ARIN) being depleted since late 2015.
One of the first times IPv4 availability challenges made mainstream headlines was in 2011, when Microsoft purchased public IP address blocks for $11.00 per address, signaling that further cost increases would happen.
“The prices have fluctuated since, and how have climbed to the $15-$20 range depending on the block size,” McKillop says. “This lack of available addresses has moved beyond being a technical problem.”
She says the internal networking team has been working hard to get the most out of the limited private IPv4 space which is quickly being depleted with the use of IoT, containers, and many virtualized environments.
“To counteract the limited space, we’re creating new network segments for devices and traffic types, but that adds complexity and difficulty in troubleshooting,” McKillop says.
In order to facilitate connectivity from private to public IPv4 as well as private to private IPv4, the networking team had to deploy Network Address Translation 44 (NAT44) in many places in the network, not only on the Internet.
“There is a risk that traffic leaks could happen from one environment to another using the same address space,” she says.
‘Duct tape and suffering—it’s in our DNA to fix things’
“We project that we will run out of private IPv4 space in late 2020 unless we do something about it soon, and most people aren’t aware of how much time and effort goes into engineering strategies to preserve IPv4 in the network,” McKillop says.
This new Internet Protocol standard can theoretically support somewhere around 340 undecillion addresses, more specifically, 340,282,366,920,938,463,463,374,607,431,768,211,456 addresses. Easily enough to take care of things for a while.
The beauty of IPv6 is not just in the greatly expanded address range, it can also improve routing efficiency, network operational simplicity by hierarchical addressing design, simpler application development (forget all STUN and Application Layer Gateways for NAT44) and improve application performance because traffic flows are unhindered by NAT when the traffic is IPv6 end to end.
CSEO is now undertaking a leading-edge project to implement an IPv6-only network inside Microsoft. While IPv6 has been running in the network backbone since 2011, it was first deployed on end user segments of the internal Microsoft network in the summer of 2016 as dual stack.
“This allowed us to get familiar with operating the network with IPv6 present, but it does not eliminate the IPv4 address depletion issue,” McKillop says. “This is not as simple as changing a few settings—when we remove IPv4 from the network, it will impact every single user and every device.”
This challenge appears in several places across the network environment.
“Clients need to be able to connect to the network, we use stateless address autoconfiguration (SLAAC) and Dynamic Host Configuration Protocol for IPv6 (DHCPv6) for addressing,” McKillop says. “There are gaps in the ability of certain devices to accommodate IPv6-only networks.”
Not to shame anyone, but a certain mobile operating system with more than 80 percent market share does not support DHCPv6, McKillop says.
“This creates design limitations for our internal wired and wireless networks, requiring placement of Reverse Domain Name Service Software (RDNSS) function on routers,” she says.
Another point to mention is that IPv4 and IPv6 are not exactly designed for interoperability. Picture a room full of people speaking two different languages. Depending on who wants to interact, a translator is required to facilitate conversation between the parties with different native tongues.
In the IPv6-only networking world, this is accomplished with Network Address Translation Gateways 64 (NAT64) and help of Domain Name System 64 (DNS64). If the IPv4 device wants to speak first, you must rely on special proxies, as NAT46 does not exist for IPv4. This adds work for the networking teams which need to consider the design of IPv6-only networks to maintain connectivity with the rest of the IPv4 world.
Applications have proven to be the biggest challenge in broad implementation.
“While the network part is easy, barring software bugs and old hardware, applications are the big unknown,” McKillop says. “Not just our own, but third-party applications that often claim IPv6 compatibility. When it comes to a real deployment, the experience is quite different.”
Microsoft’s adoption of IPv6 will certainly solve the company’s internal issues—the hope is it will also contribute to solving industry-wide issues along the way.
“Being one of the first enterprises to attempt full implementation of IPv6-only certainly has its challenges, but the outcome will give us the foundation for growth of our future network topologies and services, and will pave the path for other enterprises to follow,” McKillop says.
Stay tuned as we share more on our journey to an IPv6 only network.