draft-ietf-v6ops-ent-scenarios-00.txt   draft-ietf-v6ops-ent-scenarios-01.txt 
IPv6 Operations Working Group IPv6 Operations Working Group
Internet Draft Jim Bound (Editor) Internet Draft Jim Bound (Editor)
Document: draft-ietf-v6ops-ent-scenarios-00.txt Hewlett Packard Document: draft-ietf-v6ops-ent-scenarios-01.txt Hewlett Packard
Obsoletes: draft-pouffary-v6ops-ent-v6net-03.txt Obsoletes: draft-ietf-v6ops-ent-scenarios-00.txt
Expires: April 2004 Expires: July 2004
IPv6 Enterprise Network Scenarios IPv6 Enterprise Network Scenarios
<draft-ietf-v6ops-ent-scenarios-00.txt> <draft-ietf-v6ops-ent-scenarios-01.txt>
Status of this Memo Status of this Memo
This document is an Internet-Draft and is in full conformance with This document is an Internet-Draft and is in full conformance with
all provisions of Section 10 of RFC2026. all provisions of Section 10 of RFC2026.
This document is a submission by the Internet Protocol IPv6 Working This document is a submission by the Internet Protocol IPv6 Working
Group of the Internet Engineering Task Force (IETF). Comments should Group of the Internet Engineering Task Force (IETF). Comments should
be submitted to the ipng@sunroof.eng.sun.com mailing list. be submitted to the ipng@sunroof.eng.sun.com mailing list.
skipping to change at page 1, line 40 skipping to change at page 1, line 41
The list of current Internet-Drafts can be accessed at The list of current Internet-Drafts can be accessed at
http://www.ietf.org/ietf/1id-abstracts.txt http://www.ietf.org/ietf/1id-abstracts.txt
The list of Internet-Draft Shadow Directories can be accessed at The list of Internet-Draft Shadow Directories can be accessed at
http://www.ietf.org/shadow.html. http://www.ietf.org/shadow.html.
Abstract Abstract
This document describes the scenarios for IPv6 deployment within This document describes the scenarios for IPv6 deployment within
Enterprise networks. It will focus upon an Enterprise set of network enterprise networks. It will focus upon an enterprise set of network
base scenarios with assumptions, coexistence with legacy IPv4 nodes, base scenarios with assumptions, coexistence with legacy IPv4 nodes,
networks, and applications, and network infrastructure requirements. networks, and applications, and network infrastructure requirements.
These requirements will be used to provide analysis to determine a These requirements will be used to provide analysis to determine a
set of Enterprise solutions in a later document. set of enterprise solutions in a later document.
Table of Contents: Table of Contents:
1. Introduction................................................3 1. Introduction................................................3
2. Terminology.................................................5 2. Terminology.................................................5
3. Base Scenarios..............................................6 3. Base Scenarios..............................................6
3.1 Base Scenarios Defined.....................................6 3.1 Base Scenarios Defined.....................................6
3.2 Scenarios Characteristics..................................6 3.2 Scenarios Network Infrastructure Components................7
3.3 Base Scenario Examples.....................................8 3.3 Specific Scenario Examples.................................8
4. Support for Legacy IPv4 Nodes and Applications..............9 4. Support for Legacy IPv4 Nodes and Applications.............10
4.1 IPv4 Tunnels to Encapsulate IPv6...........................9 4.1 IPv4 Tunnels to Encapsulate IPv6..........................10
4.2 IPv6 Tunnels to Encapsulate IPv4..........................10 4.2 IPv6 Tunnels to Encapsulate IPv4..........................10
4.3 IPv6 communicating with IPv4..............................10 4.3 IPv6 only communicating with IPv4.........................11
5. Network Infrastructure Requirements........................10 5. Network Infrastructure Component Requirements..............11
5.1 DNS.......................................................10 5.1 DNS.......................................................11
5.2 Routing...................................................10 5.2 Routing...................................................11
5.3 Autoconfiguration.........................................11 5.3 Autoconfiguration.........................................12
5.4 Security..................................................11 5.4 Security..................................................12
5.5 Applications..............................................11 5.5 Applications..............................................12
5.6 Network Management........................................11 5.6 Network Management........................................12
5.7 Address Planning..........................................11 5.7 Address Planning..........................................12
6. Security Considerations....................................12 5.8 Multicast..................................................13
7. References.................................................12 5.9 Multihoming................................................13
7.1 Normative References......................................12 6. Security Considerations....................................13
7.2 Non-Normative References..................................12 7. References.................................................13
Document Acknowledgments.......................................12 7.1 Normative References......................................14
Authors-Design Team Contact Information........................13 7.2 Non-Normative References..................................14
Intellectual Property Statement................................14 Document Acknowledgments.......................................14
Full Copyright Statement.......................................14 Authors-Design Team Contact Information........................15
Acknowledgement................................................15 Intellectual Property Statement................................16
Full Copyright Statement.......................................17
Acknowledgement................................................17
1. Introduction 1. Introduction
This document describes the scenarios for IPv6 deployment within This document describes the scenarios for IPv6 deployment within
Enterprise networks. It will focus upon an Enterprise set of network enterprise networks. It will focus upon an enterprise set of network
base scenarios with assumptions, coexistence with legacy IPv4 nodes, base scenarios with assumptions, coexistence with legacy IPv4 nodes,
networks, and applications, and network infrastructure requirements. networks, and applications, and network infrastructure requirements.
These requirements will be used to provide analysis to determine a These requirements will be used to provide analysis to determine a
set of Enterprise solutions in a later document. set of enterprise solutions in a later document.
The audience for this document is the enterprise network team The audience for this document is the enterprise network team
considering deployment of IPv6. The document will be useful for considering deployment of IPv6. The document will be useful for
Enterprise teams that will have to determine the IPv6 transition enterprise teams that will have to determine the IPv6 transition
strategy for their enterprise. It is expected those teams include strategy for their enterprise. It is expected those teams include
members from management, network operations, and engineering. The members from management, network operations, and engineering. The
scenarios presented provide an example set of cases the Enterprise scenarios presented provide an example set of cases the enterprise
can use to build an IPv6 network scenario. can use to build an IPv6 network scenario.
To frame the discussion, the document will describe a set of To frame the discussion, the document will describe a set of
scenarios and characteristics for each scenario. It is impossible to scenarios and network infrastructure for each scenario. It is
define every possible Enterprise scenario that will apply to IPv6 impossible to define every possible enterprise scenario that will
adoption and transition. apply to IPv6 adoption and transition.
Each enterprise will select the transition that best supports their Each enterprise will select the transition that best supports their
business requirements. Any attempt to define a default or one-size- business requirements. Any attempt to define a default or one-size-
fits-all transition scenario, will simply not work. This document fits-all transition scenario, will simply not work. This document
does not try to depict the drivers for adoption of IPv6 by an does not try to depict the drivers for adoption of IPv6 by an
Enterprise. enterprise.
While it is difficult to quantify all the potential motivations for While it is difficult to quantify all the scenarios for an enterprise
enterprise network teams to move to IPv6, there are some cases where network team to plan for IPv6, it is possible to depict a set of
an abstract description is possible. The document presents three abstract scenarios that will assist with planning. The document
example motivations as a general use case. This model can be used to presents three base scenarios as a general use case to be used as a
define additional abstractions, for the Enterprise to define model as input for the enterprise to define specific scenarios.
scenarios to fit their requirements.
The first scenario assumes the Enterprise decides to deploy IPv6 in The first scenario assumes the enterprise decides to deploy IPv6 in
parallel with IPv4. The second scenario assumes the Enterprise conjunction with IPv4. The second scenario assumes the enterprise
decides to deploy IPv6 because of a specific set of applications the decides to deploy IPv6 because of a specific set of applications the
Enterprise wants to use over an IPv6 network. The third scenario enterprise wants to use over an IPv6 network. The third scenario
assumes an Enterprise is building a new network or re-structuring an assumes an enterprise is building a new network or re-structuring an
existing network and decides to deploy IPv6. The document then existing network and decides to deploy IPv6 as the predominant
defines a set of characteristics that must be analyzed. The document protocol within the enterprise coexisting with IPv4. The document
then provides several scenario examples using the characteristics to then defines a set of network infrastructure components that must be
depict the requirements. These are common Enterprise deployment cases analyzed.
to depict the challenges for the Enterprise to transition a network
to IPv6.
The document then discusses the issues of supporting Legacy functions The document then provides three specific scenario examples using the
network infrastructure components to depict the requirements. These
are common enterprise deployment cases to depict the challenges for
the enterprise to transition a network to IPv6.
The document then discusses the issues of supporting legacy functions
on the network, while the transition is in process, and the network on the network, while the transition is in process, and the network
infrastructure components required to be analyzed by the Enterprise. infrastructure components required to be analyzed by the enterprise.
The interoperation with legacy functions within the Enterprise will The interoperation with legacy functions within the enterprise will
be required for all transition except possibly by a new network that be required for all transition except possibly by a new network that
will be IPv6 from inception. The network infrastructure components will be IPv6 from inception. The network infrastructure components
will inform the Enterprise of key points of transition in their will depict functions in their networks that require consideration
networks that require consideration for IPv6 deployment and for IPv6 deployment and transition.
transition.
Using the scenarios, characteristics, and examples in the document an Using the scenarios, network infrastructure components, and examples
Enterprise can define a scenario. Understanding the legacy functions in the document an enterprise can define its specific scenario
and network infrastructure components required, the Enterprise can requirements. Understanding the legacy functions and network
determine the network operations required to deploy IPv6. The tools infrastructure components required, the enterprise can determine the
and mechanisms to support IPv6 deployment operations will require network operations required to deploy IPv6. The tools and mechanisms
Enterprise analysis. The analysis to determine the tools and to support IPv6 deployment operations will require enterprise
mechanisms to support the scenarios is the next document for the analysis. The analysis to determine the tools and mechanisms to
Enterprise network. support the scenarios will be presented in subsequent document(s).
2. Terminology 2. Terminology
Enterprise Network - An Enterprise Network is a network that has Enterprise Network - A network that has multiple internal links,
multiple links, a router connection to a one or more router connections, to one or more
Provider, and is actively managed by a Providers and is actively managed by a network
network operations entity. operations entity.
Provider - A Provider is an entity that provides Provider - An entity that provides services and
services and connectivity to the Internet or connectivity to the Internet or
other private external networks for the other private external networks for the
Enterprise Network. enterprise network.
IPv6/IPv4 - A node or network capable of supporting both IPv6 Capable - A node or network capable of supporting both
IPv6 and IPv4. IPv6 and IPv4.
IPv4 only - A node or network capable of supporting only IPv4 only - A node or network capable of supporting only
IPv4. IPv4.
IPv6 only - A node or network capable of supporting only IPv6 only - A node or network capable of supporting only
IPv6. IPv6. This does not imply an IPv6 only
stack, in this document.
3. Base Scenarios 3. Base Scenarios
Three base scenarios are defined to capture the essential abstraction Three base scenarios are defined to capture the essential abstraction
set for the Enterprise. Each scenario has assumptions and set for the enterprise. Each scenario has assumptions and
requirements. This is not an exhaustive set of scenarios, but a base requirements. This is not an exhaustive set of scenarios, but a base
set of general cases. set of general cases.
Below we use the term network infrastructure to mean the software,
network operations and configuration, and the methods used to operate
a network in an enterprise.
3.1 Base Scenarios Defined 3.1 Base Scenarios Defined
Scenario 1: Enterprise with an existing IPv4 network wants to deploy Scenario 1: Enterprise with an existing IPv4 network wants to deploy
IPv6 in parallel with their IPv4 network. IPv6 in conjunction with their IPv4 network.
**Note To V6ops WG: Would a network topology map be useful here?
Assumptions: The IPv4 characteristics have an equivalent in Assumptions: The IPv4 network infrastructure used has an equivalent
IPv6. capability in IPv6.
Requirements: Don't break IPv4 network characteristics Requirements: Do not disrupt existing IPv4 network infrastructure
assumptions with IPv6. IPv6 should be equivalent or assumptions with IPv6. IPv6 should be equivalent or
"better" than the ones in IPv4, however, it is "better" than the network infrastructure in IPv4,
understood that IPv6 is not required to solve every however, it is understood that IPv6 is not required to
single problem. solve current network infrastructure problems,
not solved by IPv4. It may also not be feasible to
deploy IPv6 on all parts of the network immediately.
Scenario 2: Enterprise with an existing IPv4 network wants to deploy a Scenario 2: Enterprise with an existing IPv4 network wants to deploy a
set of particular IPv6 "applications" (application is set of particular IPv6 "applications" (application is
voluntarily loosely defined here, e.g. peer to peer). voluntarily loosely defined here, e.g. peer to peer).
The IPv6 deployment is limited to the minimum required to The IPv6 deployment is limited to the minimum required to
operate this set of applications. operate this set of applications.
**Note To V6ops WG: Would a network topology map be useful here?
Assumptions: IPv6 software/hardware components for the application Assumptions: IPv6 software/hardware components for the application
are available. are available, and platforms for the application
are IPv6 capable.
Requirements: Don't break IPv4 network operations. Requirements: Don't disrupt IPv4 network infrastructure.
Scenario 3: Enterprise deploying a new network or re-structuring an Scenario 3: Enterprise deploying a new network or re-structuring an
existing network, decides IPv6 is the basis for network existing network, decides IPv6 is the basis for
communication. most network communication, to coexist with IPv4.
**Note To V6ops WG: Would a network topology map be useful here?
Assumptions: Required IPv6 network components are available, or Assumptions: Required IPv6 network infrastructure is available, or
available over some defined timeline. available over some defined timeline, supporting the
enterprise plan.
Requirements: Interoperation and Coexistence with IPv4 network Requirements: Interoperation and Coexistence with IPv4 network
operations and applications are required for network infrastructure and applications are required for
communications. communications.
3.2 Scenarios Characteristics 3.2 Scenarios Network Infrastructure Components
This section defines the characteristics that exist for the above This section defines the network infrastructure that exist for the
Enterprise scenarios. This is not an exhaustive set of above enterprise scenarios. This is not an exhaustive list, but a
characteristics, but a base list that can be expanded by the base list that can be expanded by the enterprise for specific
Enterprise. The characteristics components are presented as questions deployment scenarios. The network infrastructure components are
that the Enterprise must determine as part of defining the scenario. presented as functions that the enterprise must analyze as part of
The answers to these questions will identify actions that are defining their specific scenario. The analysis of these functions
required to deploy IPv6. will identify actions that are required to deploy IPv6.
Characteristic 1 - Providers for External Network Operation Network Infrastructure Component 1
Enterprise Provider Requirements
- Is external connectivity required? - Is external connectivity required?
- One site vs. multiple sites? - One site vs. multiple sites?
- Leased lines or VPN? - Leased lines or VPN?
- IPv4 existing address ownership (Provider based addresses vs. - How many global IPv4 addresses are available to the
Provider independent addresses)? enterprise?
- Multi-homing? - What is the IPv6 address ownership plan available
- Do ISPs offer IPv6 service? from the provider?
- Will clients be Multihomed?
- Does the provider offer any IPv6 services?
- What site external IPv6 routing protocols are required?
- Is there an external data-center? - Is there an external data-center?
Characteristic 2 - Enterprise Application Analysis Network Infrastructure Component 2
Enterprise Application Requirements
- List of applications in use? - List of applications in use?
- Which applications must be moved to support IPv6 first?
- Can the application be upgraded to IPv6? - Can the application be upgraded to IPv6?
- Can the application support both IPv4 and IPv6? - Will the application have to support both IPv4 and IPv6?
- Do the enterprise platforms support both IPv4 and IPv6?
- Do the applications have issues with NAT v4-v4 and NAT v4-v6?
- Do the applications need stable IP addresses?
- Do the applications care about dependency between IPv4 and IPv6
addresses?
Characteristic 3 - Enterprise IT Department Operations Analysis Network Infrastructure Component 3
- Who "owns"/"operate" the network: in house, outsourced? Enterprise IT Department Requirements
- Who "owns"/"operates" the network: in house, or outsourced?
- Is a Tele-commuter work force supported? - Is a Tele-commuter work force supported?
- Is inter-site communications required? - Is inter-site communications required?
- Is network mobility used? - Is network mobility used or required for IPv6?
- IPv4 addressing plan? - What are the requirements of the IPv6 address plan?
- IPv4 addressing assignment procedure (DHCP vs. manual)? - What will be the internal IPv6 address assignment procedure?
- Internal IPv4 routing protocols used? - What site internal IPv6 routing protocols are required?
- External IPv4 routing protocols used? - What will be the IPv6 Network Management policy/procedure?
- IPv4 Network Management policy/procedure? - What will be the IPv6 QOS policy/procedure?
- IPv4 QoS policy/procedure? - What will be the IPv6 Security policy/procedure?
- IPv4 Security policy/procedure? - What is the IPv6 training plan to educate the enterprise?
- List of "network operation" software that may be impacted by IPv6? - What network operations software will be impacted by IPv6?
- DNS - DNS
- Management (SNMP & ad-hoc tools) - Management (SNMP & ad-hoc tools)
- Enterprise Network Servers - Enterprise Network Servers Applications
- Mail Servers - Mail Servers
- High Availability Software for Nodes - High Availability Software for Nodes
- Directory Services - Directory Services
- Are all these software functions upgradeable to IPv6? - Are all these software functions upgradeable to IPv6?
- If not upgradeable, then what are the workarounds? - If not upgradeable, then what are the workarounds?
- Do any of the software functions store IP addresses? - Do any of the software functions store, display, or
- List of "network operation" hardware that may be impacted by IPv6 allow input of IP addresses?
- Other services (e.g. NTP, etc.........)
- What network hardware will be impacted by IPv6
- Routers/switches - Routers/switches
- Printers/Faxes
- Firewalls - Firewalls
- Intrusion Detection
- Load balancers - Load balancers
- VPN Points of Entry/Exit - VPN Points of Entry/Exit
- Security Servers - Security Servers and Services
- Printers
- Network Interconnect for Platforms - Network Interconnect for Platforms
- Intelligent Network Interface Cards - Intelligent Network Interface Cards
- Network Storage Devices - Network Storage Devices
- Are all these hardware functions upgradeable to IPv6? - Are all these hardware functions upgradeable to IPv6?
- If not, what are the workarounds? - If not, what are the workarounds?
- Do any of the hardware functions store IP addresses? - Do any of the hardware functions store, display, or
allow input of IP addresses?
- Are the nodes moving within the enterprise network?
- Are the nodes moving outside and inside the enterprise
network?
Characteristics 4 - Enterprise Network Management System Network Infrastructure Component 4
Enterprise Network Management System
- Performance Management Required? - Performance Management Required?
- Network Management Applications Required? - Network Management Applications Required?
- Configuration Management Required? - Configuration Management Required?
- Policy Management and Enforcement Required? - Policy Management and Enforcement Required?
- Security Management Required? - Security Management Required?
- Management of Transition Tools and Mechanisms? - Management of Transition Tools and Mechanisms?
- What new considerations does IPv6 create for Network - What new considerations does IPv6 create for Network
Management? Management?
3.3 Base Scenario Examples Network Infrastructure Component 5
Enterprise Network Interoperation and Coexistence
- What platforms are required to be IPv6 capable?
- What network ingress and egress points to the site are
required to be IPv6 capable?
- What transition mechanisms are needed to support IPv6
network operations?
- What policy/procedures are required to support the
transition to IPv6?
- What policy/procedures are required to support
interoperation with legacy nodes and applications?
This section presents a set of Base Scenario Examples and is not an 3.3 Specific Scenario Examples
This section presents a set of base scenario examples and is not an
exhaustive list of examples. These examples were selected to provide exhaustive list of examples. These examples were selected to provide
further clarity of Base Scenarios within an Enterprise of a less further clarity for base scenarios within an enterprise of a less
abstract nature. abstract nature.
Example Network A: Example Network A:
A distributed network across a number of geographically separated A distributed network across a number of geographically separated
campuses. campuses.
- External network operation. - External network operation.
- External connectivity required. - External connectivity required.
- Multiple sites connected by leased lines. - Multiple sites connected by leased lines.
skipping to change at page 8, line 54 skipping to change at page 9, line 37
configuration. configuration.
- The DHCP server to update naming records for dynamic desktops uses - The DHCP server to update naming records for dynamic desktops uses
dynamic DNS. dynamic DNS.
- A web based tool is used to enter name to address mappings for - A web based tool is used to enter name to address mappings for
statically addressed servers. statically addressed servers.
- Network management is done using SNMP. - Network management is done using SNMP.
- All routers and switches are upgradeable to IPv6. - All routers and switches are upgradeable to IPv6.
- Existing firewalls can be upgraded to support IPv6 rules. - Existing firewalls can be upgraded to support IPv6 rules.
- Load balancers do not support IPv6, upgrade path unclear. - Load balancers do not support IPv6, upgrade path unclear.
- Peer-2-Peer Application and Security supported. - Peer-2-Peer Application and Security supported.
- IPv4 Private address space is used within the enterprise.
Example Network B: Example Network B:
A bank running a large ATM network supporting an order of magnitude A bank running a large network supporting online transaction
number of transactions per second, with access to a central database processing (OLTP) across a distributed multi-sited network, with access
on an external network from the ATM network: to a central database on an external network from the OLTP network:
- External connectivity not required. - External connectivity not required.
- Multiple sites connected by VPN. - Multiple sites connected by VPN.
- Multiple sites connected by Native IP protocol. - Multiple sites connected by Native IP protocol.
- Private address space used with NAT.
- Connections to private exchanges.
Applications in the enterprise: Applications in the enterprise:
- ATM transaction application. - ATM transaction application.
- ATM management application. - ATM management application.
- Financial Software and Database. - Financial Software and Database.
- Part of the workforce is mobile and requires access to the
enterprise from outside networks.
Internal Network Operation: Internal Network Operation:
- Existing firewalls can be upgraded to support IPv6 rules. - Existing firewalls can be upgraded to support IPv6 rules.
- Load balancers do not support IPv6, upgrade path unclear. - Load balancers do not support IPv6, upgrade path unclear.
- Identifying and managing each nodes IP address.
Example Network C: Example Network C:
A Security Defense Network Operation: A Security Defense Network Operation:
- External network required at secure specific points. - External network required at secure specific points.
- Network is its own Internet. - Network is its own Internet.
- Network must be able absorb ad-hoc creation of sub-Networks. - Network must be able to absorb ad-hoc creation of sub-Networks.
- Entire parts of the Network are completely mobile. - Entire parts of the Network are completely mobile.
- All nodes on the network can be mobile (including routers) - All nodes on the network can be mobile (including routers)
- Network True High-Availability is mandatory. - Network True High-Availability is mandatory.
- Network must be able to be managed from ad-hoc location. - Network must be able to be managed from ad-hoc location.
- All nodes must be able to be configured from stateless mode. - All nodes must be able to be configured from stateless mode.
Applications run by the Enterprise: Applications run by the Enterprise:
- Multimedia streaming of audio, video, and data for all nodes. - Multimedia streaming of audio, video, and data for all nodes.
- Data computation and analysis on stored and created data. - Data computation and analysis on stored and created data.
- Transfer of data coordinate points to sensor devices. - Transfer of data coordinate points to sensor devices.
skipping to change at page 9, line 48 skipping to change at page 10, line 35
- All packets must be secured end-2-end with encryption. - All packets must be secured end-2-end with encryption.
- Intrusion Detection exists on all network entry points. - Intrusion Detection exists on all network entry points.
- Network must be able to bolt on to the Internet to share - Network must be able to bolt on to the Internet to share
bandwidth as required from Providers. bandwidth as required from Providers.
- VPNs can be used but NAT can never be used. - VPNs can be used but NAT can never be used.
- Nodes must be able to access IPv4 legacy applications over IPv6 - Nodes must be able to access IPv4 legacy applications over IPv6
network. network.
4. Support for Legacy IPv4 Nodes and Applications 4. Support for Legacy IPv4 Nodes and Applications
The Enterprise network will have to support the coexistence of IPv6 The enterprise network will have to support the coexistence of IPv6
and IPv4, to support legacy IPv4 applications and nodes. The and IPv4, to support legacy IPv4 applications and nodes. This means
Enterprise user has the following choices for that coexistence to that some set of nodes will have to be IPv6 capable. The enterprise
consider today. user has the following choices for that coexistence to consider
today.
4.1 IPv4 Tunnels to Encapsulate IPv6 4.1 IPv4 Tunnels to Encapsulate IPv6
IPv6/IPv4 nodes want to communicate using IPv6, but an IPv4 Internal IPv6 capable nodes want to communicate using IPv6, but an IPv4
router is between them. These nodes could also be Mobile nodes on a Internal router is between them. These nodes could also be Mobile
visited network. nodes on a visited network.
4.2 IPv6 Tunnels to Encapsulate IPv4 4.2 IPv6 Tunnels to Encapsulate IPv4
An IPv4/IPv6 node wants to communicate with a legacy IPv4 node and is An IPv6 capable node, on an IPv6 link within an IPv6 routing domain,
on an IPv6 only link and routing domain. wants to communicate with a legacy IPv4 application.
4.3 IPv6 communicating with IPv4
An IPv6 only node wants to communicate with an IPv4 only node.
In cases where the IPv6 host cannot be a dual stack, in order to 4.3 IPv6 only communicating with IPv4
continue support of communications with IPv4 nodes an IPv4/v6
translator is required. Introduction of such translator will prevent
usage of end-to-end security and application carrying embedded IP
addressing information.
**Note to V6ops WG: Should we discuss porting of applications too in An IPv6 capable node wants to communicate with an IPv4 service, but
the legacy section? the node is operating as IPv6 only. In order to continue support for
communications with IPv4 services an IPv6 to IPv4 translator or IPv6
proxy is required. Introduction of such software may prevent usage
of end-to-end security and applications carrying embedded IP
addressing information. Bi-directional establishment of connections
might be difficult to achieve.
5. Network Infrastructure Requirements 5. Network Infrastructure Component Requirements
The Enterprise will need to determine what network infrastructure The enterprise will need to determine what network infrastructure
components require enhancements or to be added for deployment of components require enhancements or to be added for deployment of
IPv6. This infrastructure will need to be analyzed and understood as IPv6. This infrastructure will need to be analyzed and understood as
a critical resource to manage. a critical resource to manage.
5.1 DNS 5.1 DNS
DNS will now have to support both IPv4 and IPv6 DNS records and the DNS will now have to support both IPv4 and IPv6 DNS records and the
Enterprise will need to determine how the DNS is to be managed and enterprise will need to determine how the DNS is to be managed and
accessed, and secured. accessed, and secured. The range of DNS operational issues are out
of scope for this work. Users need to consider all current DNS IPv4
**Note to V6ops WG: Should we get into other DNS issues? operations and determine if those operations are supported for IPv6.
However, DNS resolution and transport solutions for both IP protocols
are influenced by the chosen IPv6 deployment scenario. Users need to
consider all current DNS IPv4 operations and determine if those
operations are supported for IPv6.
5.2 Routing 5.2 Routing
Interior and Exterior routing will be required to support both IPv4 Interior and Exterior routing will be required to support both IPv4
and IPv6 routing protocols, and the coexistence of IPv4 and IPv6 over and IPv6 routing protocols, and the coexistence of IPv4 and IPv6 over
the enterprise network. The enterprise will need to define the the enterprise network. The enterprise will need to define the IPv6
routing topology, and any ingress and egress points to provider routing topology, any ingress and egress points to provider networks,
networks. The enterprise will also need to define points of and transition mechanisms they wish to use for IPv6 adoption. The
transition mechanism to use within that routing topology. enterprise will also need to determine what IPv6 transition
mechanisms are supported by their upstream providers.
IPv6/IPv4 routers should be monitored to ensure the router has The choice of interior routing protocols have an impact on how the
routing tables will be handled: some such as OSPF will have the
ships-in-the-night, others such as ISIS are integrated. This has an
impact on the topology and the management of the network.
IPv6 capable routers should be monitored to ensure the router has
sufficient storage for both IPv6 and IPv4 route tables. Existing sufficient storage for both IPv6 and IPv4 route tables. Existing
network design principles to limit the number of routes in the network design principles to limit the number of routes in the
network, such as prefix aggregation, become more critical with the network, such as prefix aggregation, become more critical with the
addition of IPv6 to an existing IPv4 network. addition of IPv6 to an existing IPv4 network.
**Note to V6ops WG: Above is example of additional text we could add
to each component we list here. Are there other Routing issues?
5.3 Autoconfiguration 5.3 Autoconfiguration
IPv6 introduces the concept of stateless autoconfiguration in IPv6 introduces the concept of stateless autoconfiguration in
addition to statefull autoconfiguration. The enterprise will have to addition to stateful autoconfiguration. The enterprise will have to
determine the best method of autoconfiguration, for their network. determine the best method of autoconfiguration, for their network.
The enterprise will need to determine if they are to use stateless or
**Note to V6ops WG: Should we get into other autoconfiguration stateful autoconfiguration, and how autoconfiguration is to operate
issues? for DNS updates. The enterprise will need to determine how prefix
delegation is done from their upstream provider and how those
prefixes are cascaded down to the enterprise IPv6 network. The
policy for DNS or choice of autoconfiguration is out of scope for
this document.
5.4 Security 5.4 Security
Current existing mechanisms used for IPv4 to provide security need to Current existing mechanisms used for IPv4 to provide security need to
be supported for IPv6 within the Enterprise. IPv6 should create no be supported for IPv6 within the enterprise. IPv6 should create no
new security concerns for IPv4. new security concerns for IPv4. The entire security infrastructure
currently used in the enterprise needs to be analyzed against IPv6
**Note to V6ops WG: Should we get into other security issues? deployment effect and determine what is supported in IPv6. Users
should review other security IPv6 network infrastructure work in the
IETF and within the industry on going at this time. Users will have
to work with their platform and software providers to determine what
IPv6 security network infrastructure components are supported. The
security filters and firewall requirments for IPv6 need to be
determined by the enterprise. The policy choice of users for security
is out of scope for this document.
5.5 Applications 5.5 Applications
Existing applications will need to be ported to support both IPv4 and Existing applications will need to be ported or proxyed to support
IPv6. both IPv4 and IPv6.
**Note to V6ops WG: Should we get into other application issues?
5.6 Network Management 5.6 Network Management
The addition of IPv6 and points of transition will need to be managed The addition of IPv6 network infrastructure components will need to
by the Enterprise network operations center. This will affect many be managed by the enterprise network operations center. Users will
components of the network and software required on nodes. need to work with their network management platform providers to
determine what for IPv6 is supported during their planning for IPv6
**Note to V6ops WG: Should we get into other Management issues? adoption, and what tools are available in the market to monitor the
network.
5.7 Address Planning 5.7 Address Planning
The address space within the Enterprise will need to be defined and The address space within the enterprise will need to be defined and
coordinated with the routing topology of the Enterprise network. coordinated with the routing topology of the enterprise network. It
is also important to identify the pool of IPv4 address space
available to the enterprise to assist with IPv6 transition methods.
**Note to V6ops WG: Should we get into other Address Planning issues? 5.8 Multicast
**Note to V6ops WG: What other components are we missing? Enterprises utilising IPv4 Multicast services will need to consider
how these services may be presented in an IPv6-enabled environment.
First, the Multicast routing protocols will need to be considered;
those such as PIM-SM may operate similarly under either protocol, but
in IPv6 will need to support the Multicast Listener Discovery
protocol.
Nodes wishing to utilise Source Specific Multicast (SSM) will need to
support Multicast Listener Discovery protocol v2 (MLDv2). In
addition, applications written for PIM-SM may need to be modified to
use SSM.
For inter-domain multicast, IPv6 has no equivalent of Multicast
Source Discovery Protocol (MSDP); alternative methods are being
designed within the IETF, e.g. by embedding the Rendezvous Point
address in the multicast group address.
For inter-domain use, sites may choose to migrate IPv4 multicast
applications to SSM, for which no reverse path discovery method is
required.
5.9 Multihoming
At this time, current IPv6 allocation policies are mandating the
allocation of IPv6 address space from the upstream provider. If an
enterprise is multihomed, the enterprise will have to determine how
they wish to support multihoming. This also is an area of study
within the IETF and work in progress.
6. Security Considerations 6. Security Considerations
This document lists scenarios for the deployment of IPv6 in This document lists scenarios for the deployment of IPv6 in
enterprise networks, and there are no security considerations enterprise networks, and there are no security considerations
associated with making such a list. associated with making such a list.
There will security considerations for the deployment of IPv6 in each There will security considerations for the deployment of IPv6 in each
of these scenarios, but they will be addressed in the document that of these scenarios, but they will be addressed in the document that
includes the analysis of each scenario. includes the analysis of each scenario.
skipping to change at page 13, line 26 skipping to change at page 15, line 26
Jim Bound (Editor) Jim Bound (Editor)
Hewlett Packard Hewlett Packard
110 Spitbrook Road 110 Spitbrook Road
Nashua, NH 03062 Nashua, NH 03062
USA USA
Phone: 603.884.0062 Phone: 603.884.0062
Email: jim.bound@hp.co Email: jim.bound@hp.co
Marc Blanchet Marc Blanchet
Hexago
2875 boul. Laurier, bur. 300
Ste-Foy, Quebec, Canada, G1V 2M2
EMail: Marc.Blanchet@hexago.com
Tony Hain Tony Hain
Cisco Systems
500 108th Ave. N.E. Suite 400
Bellevue, Wa. 98004
Email: alh-ietf@tndh.net
Paul Gilbert Paul Gilbert
Cisco Systems Cisco Systems
1 Penn Plaza, 5th floor, 1 Penn Plaza, 5th floor,
NY, NY 10119 NY, NY 10119
USA USA
Phone: 212.714.4334 Phone: 212.714.4334
Email: pgilbert@cisco.com Email: pgilbert@cisco.com
Margaret Wasserman Margaret Wasserman
Wind River Nokia
10 Tara Blvd, Suite 330 5 Wayside Road
Nashua, NH 03062 USA Burlington, MA 01803
USA US
Phone: 603.897.2067 Phone: +1 781 993 4900
Email: mrw@windriver.com EMail: margaret.wasserman@nokia.com
URI: http://www.nokia.com/
Jason Goldschmidt Jason Goldschmidt
Sun Microsystems Sun Microsystems
M/S UMPK17-103 M/S UMPK17-103
17 Network Circle 17 Network Circle
Menlo Park, CA 94025 Menlo Park, CA 94025
USA USA
Phone: (650)-786-3502 Phone: (650)-786-3502
Fax: (650)-786-8250 Fax: (650)-786-8250
Email:jason.goldschmidt@sun.com Email:jason.goldschmidt@sun.com
skipping to change at page 14, line 4 skipping to change at page 16, line 13
Fax: (650)-786-8250 Fax: (650)-786-8250
Email:jason.goldschmidt@sun.com Email:jason.goldschmidt@sun.com
Aldrin Isaac Aldrin Isaac
Bloomberg L.P. Bloomberg L.P.
499 Park Avenue 499 Park Avenue
New York, NY 10022 New York, NY 10022
USA USA
Phone: 212.940.1812 Phone: 212.940.1812
Email: aisaac@bloomberg.com Email: aisaac@bloomberg.com
Tim Chown Tim Chown
School of Electronics and Computer Science
University of Southampton
Southampton SO17 1BJ
United Kingdom
Email: tjc@ecs.soton.ac.uk
Jordi Palet Martinez Jordi Palet Martinez
Consulintel Consulintel
San Jose Artesano, 1 San Jose Artesano, 1
Madrid, SPAIN Madrid, SPAIN
Phone: +34 91 151 81 99 Phone: +34 91 151 81 99
Fax: +34 91 151 81 98 Fax: +34 91 151 81 98
Email: jordi.palet@consulintel.es Email: jordi.palet@consulintel.es
Fred Templin Fred Templin
 End of changes. 

This html diff was produced by rfcdiff 1.23, available from http://www.levkowetz.com/ietf/tools/rfcdiff/