McAfee Secure

Planning an IPv6 Network

Exam: Microsoft 70-646 - Windows Server 2008, Server Administrator

Configuration and implementation of IPv6 is a simple process. Planning for an IPv6 requires substantial input for the planning process is not simple. There are special features for every scenario. Generally speaking, deploPv6 may be done along with IPv4. A fundamentally IPv4 network, may have applications that need IPv6.

A network could be designed for a network for large companies having multiple sites and users running into thousands or for small organizations with a head office and a branch. Irrespective of the scenario, interoperability needs to be maintained with older functions and with IPv4. A network administrator cannot afford to ignore IPv4 even if a new IPv6 network has been set up. The process of planning an IPv6 network can be divided into the following three steps:

  • Analyzing Hardware Requirements
  • Analyzing Software and Application Requirements
  • Documenting Requirements
  • Analyzing Hardware Requirements

    The first step in the design process involves identification and a detailed analysis of the network that is required. Hardware components includes:

    • Faxes
    • Firewalls
    • Hardware load balancers
    • Intelligent NICs
    • Intrusion-detection equipment
    • Layer-3 switches
    • Load-balancing server clusters
    • Network interconnect hardware
    • Printers
    • Routers
    • Servers and services
    • Virtual private network (VPN) entry and exit points

    The above not being an exhaustive list, a network may need additional hardware devices.

  • Analyzing Software and Application Requirements

    From the viewpoint of software and applications, the area to be affected most by the version of IP being used is network management. It is important to take into consideration IPv6 operations and compatibility issues with regards the following:

    • Configuration management, such as DHCP and DHCPv6
    • High-level network management applications (typically third-party applications)
    • LOB applications
    • Network infrastructure management, such as WINS
    • Network management systems, such as systems based on Simple Network Management Protocol (SNMP)
    • Performance management systems
    • Security policy management and enforcement
    • Transition tools

    Considering the transition tools means determining the transition strategy to be employed. A new IPv6 network is an exception to this. Consideration has to be paid to devices that may be older and not able to support IPv6.

    While undertaking configuration management, it is important to decide if stateful or stateless configuration has to be used. In case of IPv6 it is important to configure every component on the network with a global unicast address. Virus filters, firewalls, spam filters and IP filters provide security, while end to end encryption is provided by IPSec. Peripheal zones can be configured in IPv6 networks as in the case of IPv4 networks.

  • Documenting Requirements

    The next and the last step to be taken is determination of requirements and documenting the needs. Some of the questions that need to be answered are:

    • Is there a requirement of external connectivity?
    • Are there multiple sites or is there a single site?
    • In case of multiple sites what is the geographical location of the sites?
    • How can information be secured over multiple sites?
    • Determining the IPv4 structure being used.
    • Assignment plan of IPv6 address available from the provider.
    • IPv6 services provided by the provider?
    • Delegation of prefix allocation in the enterprise.
    • Choosing between site-external and site-internal IPv6 routing protocols.
    • Is an external data center being used?
    • Use of multicast or anycast addresses.
    • Is a globally routable IP address required?

It is equally important to determine the working pattern, the support structure and the existing infrastructure in the organization. It is important to answer the following questions:

  • Who will own the network?
  • Is there a detailed asset management database that exists?
  • Are home workers supported?
  • Is there a requirement of IPv6 network mobility?
  • What is the enterprise policy with reference to geographical numbering?
  • Are there separate providers for different sites?

Documentation is a long and cumbersome process but is essential for knowing the requirements precisely and accurately. Once the requirements are determined the next step is to draw out and implement a project plan.