draft-ietf-v6ops-ent-scenarios-03.txt   draft-ietf-v6ops-ent-scenarios-04.txt 
IPv6 Operations Working Group IPv6 Operations Working Group
Internet Draft Jim Bound (Editor) Internet Draft Jim Bound (Editor)
Document: draft-ietf-v6ops-ent-scenarios-03.txt Hewlett Packard Document: draft-ietf-v6ops-ent-scenarios-04.txt Hewlett Packard
Obsoletes: draft-ietf-v6ops-ent-scenarios-02.txt Obsoletes: draft-ietf-v6ops-ent-scenarios-03.txt
Expires: December 2004 Expires: January 2005
IPv6 Enterprise Network Scenarios IPv6 Enterprise Network Scenarios
<draft-ietf-v6ops-ent-scenarios-03.txt> <draft-ietf-v6ops-ent-scenarios-04.txt>
Status of this Memo Status of this Memo
This document is an Internet-Draft and is in full conformance with This document is an Internet-Draft and is in full conformance
all provisions of Section 10 of RFC2026. with all provisions of Section 10 of RFC2026.
This document is a submission by the Internet Protocol IPv6 Working This document is a submission by the Internet Protocol IPv6
Group of the Internet Engineering Task Force (IETF). Comments should Working Group of the Internet Engineering Task Force (IETF).
be submitted to the ipng@sunroof.eng.sun.com mailing list. Comments should be submitted to the ipng@sunroof.eng.sun.com
mailing list.
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF), its areas, and its working groups. Note that Task Force (IETF), its areas, and its working groups. Note that
other groups may also distribute working documents as Internet- other groups may also distribute working documents as Internet-
Drafts. Drafts.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six
and may be updated, replaced, or obsoleted by other documents at any months and may be updated, replaced, or obsoleted by other
time. It is inappropriate to use Internet- Drafts as reference documents at any time. It is inappropriate to use Internet-
material or to cite them other than as "work in progress." Drafts as reference material or to cite them other than as "work
in progress."
The list of current Internet-Drafts can be accessed at The list of current Internet-Drafts can be accessed at
http://www.ietf.org/ietf/1id-abstracts.txt http://www.ietf.org/ietf/1id-abstracts.txt
The list of Internet-Draft Shadow Directories can be accessed at The list of Internet-Draft Shadow Directories can be accessed at
http://www.ietf.org/shadow.html. http://www.ietf.org/shadow.html.
Abstract Abstract
This document describes the scenarios for IPv6 deployment within This document describes the scenarios for IPv6 deployment within
enterprise networks. It will focus upon an enterprise set of network enterprise networks. It defines a small set of basic enterprise
base scenarios with assumptions, coexistence with legacy IPv4 nodes, scenarios and includes pertinent questions to allow enterprise
networks, and applications, and network infrastructure requirements. administrators to further refine their deployment scenarios.
These requirements will be used to provide analysis to determine a Enterprise deployment requirements are discussed in terms of
set of enterprise solutions in a later document. coexistence with IPv4 nodes, networks and applications, and in
terms of basic network infrastructure requirements for IPv6
deployment. The scenarios and requirements described in this
document will be the basis for further analysis to determine what
coexistence techniques and mechanisms are needed for enterprise
IPv6 deployment. The results of that analysis will be published in
a separate document.
Table of Contents: Table of Contents:
1. Introduction................................................3 1. Introduction................................................3
2. Terminology.................................................5 2. Terminology.................................................5
3. Base Scenarios..............................................6 3. Base Scenarios..............................................6
3.1 Base Scenarios Defined.....................................6 3.1 Base Scenarios Defined.....................................7
3.2 Scenarios Network Infrastructure Components................7 3.2 Scenarios Network Infrastructure Components................8
3.3 Specific Scenario Examples.................................9 3.3 Specific Scenario Examples................................10
4. Network Infrastructure Component Requirements..............10 3.4 Applicability Statement...................................12
4.1 DNS.......................................................11 4. Network Infrastructure Component Requirements..............12
4.2 Routing...................................................11 4.1 DNS.......................................................12
4.3 Configuration of Hosts....................................11 4.2 Routing...................................................13
4.4 Security..................................................11 4.3 Configuration of Hosts....................................13
4.5 Applications..............................................12 4.4 Security..................................................13
4.6 Network Management........................................12 4.5 Applications..............................................13
4.7 Address Planning..........................................12 4.6 Network Management........................................14
4.8 Multicast..................................................12 4.7 Address Planning..........................................14
4.9 Multihoming................................................12 4.8 Multicast..................................................14
5. Security Considerations....................................13 4.9 Multihoming................................................14
6. References.................................................13 5. Security Considerations....................................14
6.1 Normative References......................................13 6. References.................................................14
6.2 Non-Normative References..................................13 6.1 Normative References......................................15
Document Acknowledgments.......................................13 6.2 Non-Normative References..................................15
Authors Addresses .............................................14 Document Acknowledgments.......................................15
Intellectual Property Statement................................15 Author's Address...............................................16
Full Copyright Statement.......................................16 Intellectual Property Statement................................17
Acknowledgement................................................16 Full Copyright Statement.......................................18
Acknowledgement................................................18
1. Introduction 1. Introduction
This document describes the scenarios for IPv6 deployment within This document describes the scenarios for IPv6 deployment within
enterprise networks. It will focus upon an enterprise set of network enterprise networks. It defines a small set of basic enterprise
base scenarios with assumptions, coexistence with legacy IPv4 nodes, scenarios and includes pertinent questions to allow enterprise
networks, and applications, and network infrastructure requirements. administrators to further refine their deployment scenarios.
These requirements will be used to provide analysis to determine a Enterprise deployment requirements are discussed in terms of
set of enterprise solutions in a later document. coexistence with IPv4 nodes, networks and applications, and in
terms of basic network infrastructure requirements for IPv6
deployment. The scenarios and requirements described in this
document will be the basis for further analysis to determine what
coexistence techniques and mechanisms are needed for enterprise
IPv6 deployment. The results of that analysis will be published in
a separate document.
The audience for this document is the enterprise network team The audience for this document is the enterprise network team
considering deployment of IPv6. The document will be useful for considering deployment of IPv6. The document will be useful for
enterprise teams that will have to determine the IPv6 transition enterprise teams that will have to determine the IPv6 transition
strategy for their enterprise. It is expected those teams include strategy for their enterprise. It is expected those teams include
members from management, network operations, and engineering. The members from management, network operations, and engineering. The
scenarios presented provide an example set of cases the enterprise scenarios presented provide an example set of cases the enterprise
can use to build an IPv6 network scenario. can use to build an IPv6 network scenario.
To frame the discussion, the document will describe a set of To frame the discussion, the document will describe a set of
scenarios and network infrastructure for each scenario. It is scenarios and network infrastructure for each scenario. It is
impossible to define every possible enterprise scenario that will impossible to define every possible enterprise scenario that will
apply to IPv6 adoption and transition. apply to IPv6 adoption and transition.
Each enterprise will select the transition that best supports their Each enterprise will select the transition that best supports their
business requirements. Any attempt to define a default or one-size- business requirements. Any attempt to define a default or one-
fits-all transition scenario, will simply not work. This document size-fits-all transition scenario, will simply not work. This
does not try to depict the drivers for adoption of IPv6 by an document does not try to depict the drivers for adoption of IPv6 by
enterprise. an enterprise.
While it is difficult to quantify all the scenarios for an enterprise While it is difficult to quantify all the scenarios for an
network team to plan for IPv6, it is possible to depict a set of enterprise network team to plan for IPv6, it is possible to depict
abstract scenarios that will assist with planning. The document a set of abstract scenarios that will assist with planning. The
presents three base scenarios as a general use case to be used as a document presents three base scenarios as a general use case to be
model as input for the enterprise to define specific scenarios. used as a model as input for the enterprise to define specific
scenarios.
The first scenario assumes the enterprise decides to deploy IPv6 in The first scenario assumes the enterprise decides to deploy IPv6 in
conjunction with IPv4. The second scenario assumes the enterprise conjunction with IPv4. The second scenario assumes the enterprise
decides to deploy IPv6 because of a specific set of applications the decides to deploy IPv6 because of a specific set of applications
enterprise wants to use over an IPv6 network. The third scenario the enterprise wants to use over an IPv6 network. The third
assumes an enterprise is building a new network or re-structuring an scenario assumes an enterprise is building a new network or re-
existing network and decides to deploy IPv6 as the predominant structuring an existing network and decides to deploy IPv6 as the
protocol within the enterprise coexisting with IPv4. The document predominant protocol within the enterprise coexisting with IPv4.
then defines a set of network infrastructure components that must be The document then briefly reviews a set of network infrastructure
analyzed. components that must be analyzed, which are common to most
enterprises.
The document then provides three specific scenario examples using the The document then provides three specific scenario examples using
network infrastructure components to depict the requirements. These the network infrastructure components to depict the requirements.
are common enterprise deployment cases to depict the challenges for These are common enterprise deployment cases to depict the
the enterprise to transition a network to IPv6. challenges for the enterprise to transition a network to IPv6.
The document then discusses the issues of supporting legacy functions The document then discusses the issues of supporting legacy
on the network, while the transition is in process, and the network functions on the network, while the transition is in process, and
infrastructure components required to be analyzed by the enterprise. the network infrastructure components required to be analyzed by
The interoperation with legacy functions within the enterprise will the enterprise. The interoperation with legacy functions within
be required for all transition except possibly by a new network that the enterprise will be required for all transition except possibly
will be IPv6 from inception. The network infrastructure components by a new network that will be IPv6 from inception. The network
will depict functions in their networks that require consideration infrastructure components will depict functions in their networks
for IPv6 deployment and transition. that require consideration for IPv6 deployment and transition.
Using the scenarios, network infrastructure components, and examples Using the scenarios, network infrastructure components, and
in the document an enterprise can define its specific scenario examples in the document an enterprise can define its specific
requirements. Understanding the legacy functions and network scenario requirements. Understanding the legacy functions and
infrastructure components required, the enterprise can determine the network infrastructure components required, the enterprise can
network operations required to deploy IPv6. The tools and mechanisms determine the network operations required to deploy IPv6. The tools
to support IPv6 deployment operations will require enterprise and mechanisms to support IPv6 deployment operations will require
analysis. The analysis to determine the tools and mechanisms to enterprise analysis. The analysis to determine the tools and
support the scenarios will be presented in subsequent document(s). mechanisms to support the scenarios will be presented in subsequent
document(s).
2. Terminology 2. Terminology
Enterprise Network - A network that has multiple internal links, Enterprise Network - A network that has multiple internal links,
one or more router connections, to one or one or more router connections, to one or
more more Providers and is actively managed by a
Providers and is actively managed by a network operations entity.
network
operations entity.
Provider - An entity that provides services and Provider - An entity that provides services and
connectivity to the Internet or connectivity to the Internet or
other private external networks for the other private external networks for the
enterprise network. enterprise network.
IPv6 Capable - A node or network capable of supporting both IPv6 Capable - A node or network capable of supporting both
IPv6 and IPv4. IPv6 and IPv4.
IPv4 only - A node or network capable of supporting only IPv4 only - A node or network capable of supporting only
IPv4. IPv4.
IPv6 only - A node or network capable of supporting only IPv6 only - A node or network capable of supporting only
IPv6. This does not imply an IPv6 only IPv6. This does not imply an IPv6 only
stack, in this document. stack, in this document.
3. Base Scenarios 3. Base Scenarios
Three base scenarios are defined to capture the essential abstraction Three base scenarios are defined to capture the essential
set for the enterprise. Each scenario has assumptions and abstraction set for the enterprise. Each scenario has assumptions
requirements. This is not an exhaustive set of scenarios, but a base and requirements. This is not an exhaustive set of scenarios, but a
set of general cases. base set of general cases.
Below we use the term network infrastructure to mean the software, Below we use the term network infrastructure to mean the software,
network operations and configuration, and the methods used to operate network operations and configuration, and the methods used to
a network in an enterprise. operate a network in an enterprise.
At this time it is assumed for the base scenarios that any IPv6
node is IPv6 capable.
3.1 Base Scenarios Defined 3.1 Base Scenarios Defined
Scenario 1: Enterprise with an existing IPv4 network wants to deploy Scenario 1: Wide-scale/total dual-stack deployment of IPv4
IPv6 in conjunction with their IPv4 network. and IPv6 capable hosts and network infrastructure.
Enterprise with an existing IPv4 network wants to
deploy IPv6 in conjunction with their IPv4 network.
Assumptions: The IPv4 network infrastructure used has an equivalent Assumptions: The IPv4 network infrastructure used has an
capability in IPv6. equivalent capability in IPv6.
Requirements: Do not disrupt existing IPv4 network infrastructure Requirements: Do not disrupt existing IPv4 network
assumptions with IPv6. IPv6 should be equivalent or infrastructure assumptions with IPv6. IPv6
"better" than the network infrastructure in IPv4, should be equivalent or "better" than the
however, it is understood that IPv6 is not required network infrastructure in IPv4, however, it
to is understood that IPv6 is not required to
solve current network infrastructure problems, solve current network infrastructure problems,
not solved by IPv4. It may also not be feasible to not solved by IPv4. It may also not be feasible
deploy IPv6 on all parts of the network immediately. to deploy IPv6 on all parts of the network
immediately.
Scenario 2: Enterprise with an existing IPv4 network wants to deploy Scenario 2: Sparse IPv6 dual-stack deployment in IPv4 network
a infrastructure. Enterprise with an existing IPv4
set of particular IPv6 "applications" (application is network wants to deploy a set of particular IPv6
voluntarily loosely defined here, e.g. peer to peer). "applications" (application is voluntarily loosely
The IPv6 deployment is limited to the minimum required defined here, e.g. peer to peer). The IPv6
to deployment is limited to the minimum required to
operate this set of applications. operate this set of applications.
Assumptions: IPv6 software/hardware components for the application Assumptions: IPv6 software/hardware components for the
are available, and platforms for the application application are available, and platforms for the
are IPv6 capable. application are IPv6 capable.
Requirements: Do not disrupt IPv4 infrastructure. Requirements: Do not disrupt IPv4 infrastructure.
Scenario 3: Enterprise deploying a new network or re-structuring an Scenario 3: IPv6-only network infrastructure with some
existing network, decides IPv6 is the basis for IPv4-capable nodes/applications needing to
most network communication, to coexist with IPv4. communicate over the IPv6 infrastructure.
Enterprise deploying a new network or
re-structuring an existing network, decides IPv6
is the basis for most network communication.
Some IPv4 capable nodes/applications will need
to communicate over that infrastructure.
Assumptions: Required IPv6 network infrastructure is available, or Assumptions: Required IPv6 network infrastructure is available,
available over some defined timeline, supporting the or available over some defined timeline,
enterprise plan. supporting the enterprise plan.
Requirements: Interoperation and Coexistence with IPv4 network Requirements: Interoperation and Coexistence with IPv4 network
network infrastructure and applications are required network infrastructure and applications are
for required for communications.
communications.
3.2 Scenarios Network Infrastructure Components 3.2 Scenarios Network Infrastructure Components
This section defines the network infrastructure that exist for the This section defines the network infrastructure that exists for the
above enterprise scenarios. This is not an exhaustive list, but a above enterprise scenarios. This is not an exhaustive list, but a
base list that can be expanded by the enterprise for specific base list that can be expanded by the enterprise for specific
deployment scenarios. The network infrastructure components are deployment scenarios. The network infrastructure components are
presented as functions that the enterprise must analyze as part of presented as functions that the enterprise must analyze as part of
defining their specific scenario. The analysis of these functions defining their specific scenario. The analysis of these functions
will identify actions that are required to deploy IPv6. will identify actions that are required to deploy IPv6.
Network Infrastructure Component 1 Network Infrastructure Component 1
Enterprise Provider Requirements Enterprise Provider Requirements
- Is external connectivity required? - Is external connectivity required?
- One site vs. multiple sites and are they within different - One site vs. multiple sites and are they within
geographies? different geographies?
- Leased lines or VPNS? - Leased lines or VPNs?
- If multiple sites, how is the traffic exchanged securely? - If multiple sites, how is the traffic exchanged
securely?
- How many global IPv4 addresses are available to the - How many global IPv4 addresses are available to the
enterprise? enterprise?
- What is the IPv6 address assignment plan available - What is the IPv6 address assignment plan available
from the provider? from the provider?
- What prefix delegation is required by the Enterprise? - What prefix delegation is required by the Enterprise?
- Will the enterprise be multihomed? - Will the enterprise be multihomed?
- What multihoming techniques are available from the provider? - What multihoming techniques are available from the
provider?
- Will clients within the enterprise be multihomed? - Will clients within the enterprise be multihomed?
- Does the provider offer any IPv6 services? - Does the provider offer any IPv6 services?
- What site external IPv6 routing protocols are required? - What site external IPv6 routing protocols are required?
- Is there an external data-center to the enterprise, such as - Is there an external data-center to the enterprise,
servers located at the Provider? such as servers located at the Provider?
- Is IPv6 available using the same access links as IPv4, - Is IPv6 available using the same access links as IPv4,
or differently? or different ones?
Network Infrastructure Component 2 Network Infrastructure Component 2
Enterprise Application Requirements Enterprise Application Requirements
- List of applications in use? - List of applications in use?
- Which applications must be moved to support IPv6 first? - Which applications must be moved to support IPv6 first?
- Can the application be upgraded to IPv6? - Can the application be upgraded to IPv6?
- Will the application have to support both IPv4 and IPv6? - Will the application have to support both IPv4 and IPv6?
- Do the enterprise platforms support both IPv4 and IPv6? - Do the enterprise platforms support both IPv4 and IPv6?
- Do the applications have issues with NAT v4-v4 and NAT v4-v6? - Do the applications have issues with NAT v4-v4 and
NAT v4-v6?
- Do the applications need globally routable IP addresses? - Do the applications need globally routable IP addresses?
- Do the applications care about dependency between IPv4 and IPv6 - Do the applications care about dependency between IPv4
addresses? and IPv6 addresses?
- Are applications run only on the internal enterprise network? - Are applications run only on the internal enterprise
network?
Network Infrastructure Component 3 Network Infrastructure Component 3
Enterprise IT Department Requirements Enterprise IT Department Requirements
- Who "owns"/"operates" the network: in house, or outsourced? - Who "owns"/"operates" the network: in house, or
outsourced?
- Is working remotely (e.g., through VPNs) supported? - Is working remotely (e.g., through VPNs) supported?
- Is inter-site communications required? - Is inter-site communications required?
- Is network mobility used or required for IPv6? - Is network mobility used or required for IPv6?
- What are the requirements of the IPv6 address plan? - What are the requirements of the IPv6 address plan?
- Is there a detailed asset management database, including - Is there a detailed asset management database, including
hosts, IP/MAC addresses, etc.? hosts, IP/MAC addresses, etc.?
- What is the enterprise' approach to numbering geographically - What is the enterprise' approach to numbering
separate sites which have their own Service Providers? geographically separate sites which have their own
- What will be the internal IPv6 address assignment procedure? Service Providers?
- What will be the internal IPv6 address assignment
procedure?
- What site internal IPv6 routing protocols are required? - What site internal IPv6 routing protocols are required?
- What will be the IPv6 Network Management policy/procedure? - What will be the IPv6 Network Management
policy/procedure?
- What will be the IPv6 QOS policy/procedure? - What will be the IPv6 QOS policy/procedure?
- What will be the IPv6 Security policy/procedure? - What will be the IPv6 Security policy/procedure?
- What is the IPv6 training plan to educate the enterprise? - What is the IPv6 training plan to educate the enterprise?
- What network operations software will be impacted by IPv6? - What network operations software will be impacted by IPv6?
- DNS - DNS
- Management (SNMP & ad-hoc tools) - Management (SNMP & ad-hoc tools)
- Enterprise Network Servers Applications - Enterprise Network Servers Applications
- Mail Servers - Mail Servers
- High Availability Software for Nodes - High Availability Software for Nodes
- Directory Services - Directory Services
- Are all these software functions upgradeable to IPv6? - Are all these software functions upgradeable to IPv6?
- If not upgradeable, then what are the workarounds? - If not upgradeable, then what are the workarounds?
- Do any of the software functions store, display, or - Do any of the software functions store, display, or
allow input of IP addresses? allow input of IP addresses?
- Other services (e.g. NTP, etc.........) - Other services (e.g. NTP, etc.........)
- What network hardware will be impacted by IPv6 - What network hardware will be impacted by IPv6?
- Routers/switches - Routers/switches
- Printers/Faxes - Printers/Faxes
- Firewalls - Firewalls
- Intrusion Detection - Intrusion Detection
- Load balancers - Load balancers
- VPN Points of Entry/Exit - VPN Points of Entry/Exit
- Security Servers and Services - Security Servers and Services
- Network Interconnect for Platforms - Network Interconnect for Platforms
- Intelligent Network Interface Cards - Intelligent Network Interface Cards
- Network Storage Devices - Network Storage Devices
skipping to change at page 8, line 54 skipping to change at page 10, line 4
- Configuration Management Required? - Configuration Management Required?
- Policy Management and Enforcement Required? - Policy Management and Enforcement Required?
- Security Management Required? - Security Management Required?
- Management of Transition Tools and Mechanisms? - Management of Transition Tools and Mechanisms?
- What new considerations does IPv6 create for Network - What new considerations does IPv6 create for Network
Management? Management?
Network Infrastructure Component 5 Network Infrastructure Component 5
Enterprise Network Interoperation and Coexistence Enterprise Network Interoperation and Coexistence
- What platforms are required to be IPv6 capable? - What platforms are required to be IPv6 capable?
- What network ingress and egress points to the site are - What network ingress and egress points to the site
required to be IPv6 capable? are required to be IPv6 capable?
- What transition mechanisms are needed to support IPv6 - What transition mechanisms are needed to support
network operations? IPv6 network operations?
- What policy/procedures are required to support the - What policy/procedures are required to support the
transition to IPv6? transition to IPv6?
- What policy/procedures are required to support - What policy/procedures are required to support
interoperation with legacy nodes and applications? interoperation with legacy nodes and applications?
3.3 Specific Scenario Examples 3.3 Specific Scenario Examples
This section presents a set of base scenario examples and is not an This section presents a set of base scenario examples and is not an
exhaustive list of examples. These examples were selected to provide exhaustive list of examples. These examples were selected to
further clarity for base scenarios within an enterprise of a less provide further clarity for base scenarios within an enterprise of
abstract nature. a less abstract nature. The example networks may use the scenarios
depicted in 3.1 and the infrastructure components in 3.2, but there
is no direct implications specifically within these example
networks. Section 3.1, 3.2, and 3.3 should be used in unison for
enterprise IPv6 deployment planning and analysis.
Example Network A: Example Network A:
A distributed network across a number of geographically separated A distributed network across a number of geographically
campuses. separated campuses.
- External network operation. - External network operation.
- External connectivity required. - External connectivity required.
- Multiple sites connected by leased lines. - Multiple sites connected by leased lines.
- Provider independent IPv4 addresses. - Provider independent IPv4 addresses.
- ISP does not offer IPv6 service. - ISP does not offer IPv6 service.
- Private Leased Lines no Service Provider Used - Private Leased Lines no Service Provider Used
Applications run by the enterprise: Applications run by the enterprise:
skipping to change at page 9, line 38 skipping to change at page 10, line 50
- Java applications. - Java applications.
- Collaborative development tools. - Collaborative development tools.
- Enterprise Resource Applications. - Enterprise Resource Applications.
- Multimedia Applications. - Multimedia Applications.
- Financial Enterprise Applications. - Financial Enterprise Applications.
- Data Warehousing Applications. - Data Warehousing Applications.
Internal network operation: Internal network operation:
- In house operation of the network. - In house operation of the network.
- DHCP (v4) is used for all desktops, servers use static address - DHCP (v4) is used for all desktops, servers use
configuration. static address configuration.
- The DHCP server updates naming records for dynamic desktops uses - The DHCP server updates naming records for dynamic
dynamic DNS. desktops uses dynamic DNS.
- A web based tool is used to enter name to address mappings for - A web based tool is used to enter name to address
statically addressed servers. mappings for statically addressed servers.
- Network management is done using SNMP. - Network management is done using SNMP.
- All routers and switches are upgradeable to IPv6. - All routers and switches are upgradeable to IPv6.
- Existing firewalls can be upgraded to support IPv6 rules. - Existing firewalls can be upgraded to support IPv6
- Load balancers do not support IPv6, upgrade path unclear. rules.
- Load balancers do not support IPv6, upgrade path
unclear.
- Peer-2-Peer Application and Security supported. - Peer-2-Peer Application and Security supported.
- IPv4 Private address space is used within the enterprise. - IPv4 Private address space is used within the
enterprise.
Example Network B: Example Network B:
A bank running a large network supporting online transaction A bank running a large network supporting online
processing (OLTP) across a distributed multi-sited network, with transaction processing (OLTP) across a distributed
access multi-sited network, with access to a central database
to a central database on an external network from the OLTP network: on an external network from the OLTP network.
- External connectivity not required. - External connectivity not required.
- Multiple sites connected by VPN. - Multiple sites connected by VPN.
- Multiple sites connected by Native IP protocol. - Multiple sites connected by Native IP protocol.
- Private address space used with NAT. - Private address space used with NAT.
- Connections to private exchanges. - Connections to private exchanges.
Applications in the enterprise: Applications in the enterprise:
- ATM transaction application. - ATM transaction application.
- ATM management application. - ATM management application.
- Financial Software and Database. - Financial Software and Database.
- Part of the workforce is mobile and requires access to the - Part of the workforce is mobile and requires
enterprise from outside networks. access to the enterprise from outside networks.
Internal Network Operation: Internal Network Operation:
- Existing firewalls can be upgraded to support IPv6 rules. - Existing firewalls can be upgraded to support
- Load balancers do not support IPv6, upgrade path unclear. IPv6 rules.
- Identifying and managing each nodes IP address. - Load balancers do not support IPv6, upgrade
path unclear.
- Identifying and managing each node's IP address.
Example Network C: Example Network C:
A Security Defense Network Operation: A Security Defense, Emergency, or other Mission
Critical network operation:
- External network required at secure specific points. - External network required at secure specific points.
- Network is its own Internet. - Network is its own Internet.
- Network must be able to absorb ad-hoc creation of sub-Networks. - Network must be able to absorb ad-hoc creation of
- Entire parts of the Network are completely mobile. sub-networks.
- All nodes on the network can be mobile (including routers) - Entire parts of the network are completely mobile.
- Network True High-Availability is mandatory. - All nodes on the network can be mobile
- Network must be able to be managed from ad-hoc location. (including routers)
- All nodes must be able to be configured from stateless mode. - Network high-availability is mandatory.
- Network must be able to be managed from ad-hoc
location.
- All nodes must be able to be configured from stateless
mode.
Applications run by the Enterprise: Applications run by the Enterprise:
- Multimedia streaming of audio, video, and data for all nodes.
- Data computation and analysis on stored and created data. - Multimedia streaming of audio, video, and data for
all nodes.
- Data computation and analysis on stored and created
data.
- Transfer of data coordinate points to sensor devices. - Transfer of data coordinate points to sensor devices.
- Data and Intelligence gathering applications from all nodes. - Data and Intelligence gathering applications from all
nodes.
Internal Network Operations: Internal Network Operations:
- All packets must be secured end-2-end with encryption. - All packets must be secured end-2-end with encryption.
- Intrusion Detection exists on all network entry points. - Intrusion Detection exists on all network entry points.
- Network must be able to bolt on to the Internet to share - Network must be able to bolt on to the Internet to share
bandwidth as required from Providers. bandwidth as required from Providers.
- VPNs can be used but NAT can never be used. - VPNs can be used but NAT can never be used.
- Nodes must be able to access IPv4 legacy applications over IPv6 - Nodes must be able to access IPv4 legacy applications
network. over IPv6 network.
3.4 Applicability Statement
The specific network scenarios selected are chosen to depict a base
set of examples, and to support further analysis of enterprise
networks. This is not a complete set of network scenarios.
Regarding Example Network C, though this is a verifiable use case,
at this time the scenario defines an early adopter of enterprise
networks transitioning to IPv6 as a predominant protocol strategy
(e.g. IPv6 Routing, Applications, Security, and Operations),
viewing IPv4 as legacy operations immediately in the transition
strategy, and at this time may not be representative of many
initial enterprise IPv6 deployments. Each enterprise planning team
will need to make that determination as IPv6 deployment evolves.
4. Network Infrastructure Component Requirements 4. Network Infrastructure Component Requirements
The enterprise will need to determine what network infrastructure The enterprise will need to determine what network infrastructure
components require enhancements or to be added for deployment of components require enhancements or to be added for deployment of
IPv6. This infrastructure will need to be analyzed and understood as IPv6. This infrastructure will need to be analyzed and understood
a critical resource to manage. The list in this section is not as a critical resource to manage. The list in this section is not
exhaustive but are the essential network infrastructure components to exhaustive but are the essential network infrastructure components
consider for the enterprise before they begin to define more fine to consider for the enterprise before they begin to define more
tuned requirements such as QOS, PKI, or Bandwidth requirements for fine tuned requirements such as QOS, PKI, or Bandwidth requirements
IPv6 as examples. The components are only identified here and the for IPv6 as examples. The components are only identified here and
details of the components will be discussed in the analysis document the details of the components will be discussed in the analysis
for enterprise scenarios. Where there are references at this time document for enterprise scenarios. Where there are references at
for a component they are provided. this time for a component they are provided.
4.1 DNS 4.1 DNS
DNS will now have to support both IPv4 and IPv6 DNS records and the DNS will now have to support both IPv4 and IPv6 DNS records and the
enterprise will need to determine how the DNS is to be managed and enterprise will need to determine how the DNS is to be managed and
accessed, and secured. The range of DNS operational issues are out accessed, and secured. The range of DNS operational issues are out
of scope for this work. Users need to consider all current DNS IPv4 of scope for this work. Users need to consider all current DNS
operations and determine if those operations are supported for IPv6. IPv4 operations and determine if those operations are supported for
However, DNS resolution and transport solutions for both IP protocols IPv6. However, DNS resolution and transport solutions for both IP
are influenced by the chosen IPv6 deployment scenario. Users need to protocols are influenced by the chosen IPv6 deployment scenario.
consider all current DNS IPv4 operations and determine if those Users need to consider all current DNS IPv4 operations and
operations are supported for IPv6 [DNSV6]. determine if those operations are supported for IPv6 [DNSV6].
4.2 Routing 4.2 Routing
Interior and Exterior routing will be required to support both IPv4 Interior and Exterior routing will be required to support both IPv4
and IPv6 routing protocols, and the coexistence of IPv4 and IPv6 over and IPv6 routing protocols, and the coexistence of IPv4 and IPv6
the enterprise network. The enterprise will need to define the IPv6 over the enterprise network. The enterprise will need to define
routing topology, any ingress and egress points to provider networks, the IPv6 routing topology, any ingress and egress points to
and transition mechanisms they wish to use for IPv6 adoption. The provider networks, and transition mechanisms they wish to use for
enterprise will also need to determine what IPv6 transition IPv6 adoption. The enterprise will also need to determine what IPv6
mechanisms are supported by their upstream providers. transition mechanisms are supported by their upstream providers.
4.3 Configuration of Hosts 4.3 Configuration of Hosts
IPv6 introduces the concept of stateless autoconfiguration in IPv6 introduces the concept of stateless autoconfiguration in
addition to stateful autoconfiguration, for the configuration of addition to stateful autoconfiguration, for the configuration of
Hosts within the enterprise. The enterprise will have to determine hosts within the enterprise. The enterprise will have to determine
the best method of host configuration, for their network. The the best method of host configuration, for their network. The
enterprise will need to determine if they are to use stateless or enterprise will need to determine if they are to use stateless or
stateful autoconfiguration, and how autoconfiguration is to operate stateful autoconfiguration, and how autoconfiguration is to operate
for DNS updates. The enterprise will need to determine how prefix for DNS updates. The enterprise will need to determine how prefix
delegation is done from their upstream provider and how those delegation is done from their upstream provider and how those
prefixes are cascaded down to the enterprise IPv6 network. The prefixes are cascaded down to the enterprise IPv6 network. The
policy for DNS or choice of autoconfiguration is out of scope for policy for DNS or choice of autoconfiguration is out of scope for
this document. [CONF, DHCPF, DHCPL] this document. [CONF, DHCPF, DHCPL]
4.4 Security 4.4 Security
Current existing mechanisms used for IPv4 to provide security need to Current existing mechanisms used for IPv4 to provide security need
be supported for IPv6 within the enterprise. IPv6 should create no to be supported for IPv6 within the enterprise. IPv6 should create
new security concerns for IPv4. The entire security infrastructure no new security concerns for IPv4. The entire security
currently used in the enterprise needs to be analyzed against IPv6 infrastructure currently used in the enterprise needs to be
deployment effect and determine what is supported in IPv6. Users analyzed against IPv6 deployment effect and determine what is
should review other security IPv6 network infrastructure work in the supported in IPv6. Users should review other security IPv6 network
IETF and within the industry on going at this time. Users will have infrastructure work in the IETF and within the industry on going at
to work with their platform and software providers to determine what this time. Users will have to work with their platform and
IPv6 security network infrastructure components are supported. The software providers to determine what IPv6 security network
security filters and firewall requirements for IPv6 need to be infrastructure components are supported. The security filters and
determined by the enterprise. The policy choice of users for security firewall requirements for IPv6 need to be determined by the
is out of scope for this document. enterprise. The policy choice of users for security is out of scope
for this document.
4.5 Applications 4.5 Applications
Existing applications will need to be ported or provide proxies to Existing applications will need to be ported or provide proxies to
support both IPv4 and IPv6 [APPS]. support both IPv4 and IPv6 [APPS].
4.6 Network Management 4.6 Network Management
The addition of IPv6 network infrastructure components will need to The addition of IPv6 network infrastructure components will need to
be managed by the enterprise network operations center. Users will be managed by the enterprise network operations center. Users will
need to work with their network management platform providers to need to work with their network management platform providers to
determine what for IPv6 is supported during their planning for IPv6 determine what for IPv6 is supported during their planning for IPv6
adoption, and what tools are available in the market to monitor the adoption, and what tools are available in the market to monitor the
network. Network management will not need to support both IPv4 and network. Network management will not need to support both IPv4 and
IPv6 and view nodes as dual stacks. IPv6 and view nodes as dual stacks.
4.7 Address Planning 4.7 Address Planning
The address space within the enterprise will need to be defined and The address space within the enterprise will need to be defined and
coordinated with the routing topology of the enterprise network. It coordinated with the routing topology of the enterprise network.
is also important to identify the pool of IPv4 address space It is also important to identify the pool of IPv4 address space
available to the enterprise to assist with IPv6 transition methods. available to the enterprise to assist with IPv6 transition methods.
4.8 Multicast 4.8 Multicast
Enterprises utilizing IPv4 Multicast services will need to consider Enterprises utilizing IPv4 Multicast services will need to consider
how these services may be implemented operationally in an IPv6- how these services may be implemented operationally in an IPv6-
enabled environment. enabled environment.
4.9 Multihoming 4.9 Multihoming
skipping to change at page 13, line 11 skipping to change at page 14, line 42
enterprise is multihomed, the enterprise will have to determine how enterprise is multihomed, the enterprise will have to determine how
they wish to support multihoming. This also is an area of study they wish to support multihoming. This also is an area of study
within the IETF and work in progress. within the IETF and work in progress.
5. Security Considerations 5. Security Considerations
This document lists scenarios for the deployment of IPv6 in This document lists scenarios for the deployment of IPv6 in
enterprise networks, and there are no security considerations enterprise networks, and there are no security considerations
associated with making such a list. associated with making such a list.
There will security considerations for the deployment of IPv6 in each There will be security considerations for the deployment of IPv6 in
of these scenarios, but they will be addressed in the document that each of these scenarios, but they will be addressed in the document
includes the analysis of each scenario. that includes the analysis of each scenario.
6. References 6. References
6.1 Normative References 6.1 Normative References
[DNSV6] Durand, A., Ihren, J. and P. Savola, "Operational [DNSV6] Durand, A., Ihren, J. and P. Savola, "Operational
Considerations and Issues with IPv6 DNS", Work in Considerations and Issues with IPv6 DNS", Work in
Progress. Progress.
[CONF] Thomson, S., Narten, T., "IPv6 Stateless Autoconfiguration" [CONF] Thomson, S., Narten, T., "IPv6 Stateless Autoconfiguration"
RFC 2462 December 1998. RFC 2462 December 1998.
[DHCPF] Droms, R., Bound, J., Volz, B., Lemon, T., et al. "Dynamic [DHCPF] Droms, R., Bound, J., Volz, B., Lemon, T., et al. "Dynamic
Host Configuration Protocol for IPv6 (DHCPv6)" RFC 3315 July Host Configuration Protocol for IPv6 (DHCPv6)" RFC 3315 July
2003. 2003.
[DHCPL] Droms, R., "Stateless Dynamic Host Configuration Protocol [DHCPL] Droms, R., "Stateless Dynamic Host Configuration Protocol
(DHCP) Service for IPv6" RFC 3756 April 2004. (DHCP) Service for IPv6" RFC 3756 April 2004.
[APPS] Shin, M-K., Hong, Y-G., Haigino, J., Savola, P., Castro, E., [APPS] Shin, M-K., Hong, Y-G., Haigino, J., Savola, P., Castro, E.,
"Application Aspects of "Application Aspects of IPv6 Transition" Work in Progress.
IPv6 Transition" Work in Progress.
6.2 Non-Normative References 6.2 Non-Normative References
None at this time. None at this time.
Document Acknowledgments Document Acknowledgments
The Authors would like to acknowledge contributions from the The Authors would like to acknowledge contributions from the
following: IETF v6ops Working Group, Alan Beard, Brian Carpenter, following: IETF v6ops Working Group, Alan Beard, Brian Carpenter,
Alain Durand, Bob Hinden, and Pekka Savola. Alain Durand, Bob Hinden, and Pekka Savola.
Authors Addresses Author's Address
Yanick Pouffary (Chair of Design Team) Yanick Pouffary (Chair of Design Team)
HP Competency Center HP Competency Center
950, Route des Colles, BP027, 950, Route des Colles, BP027,
06901 Sophia Antipolis CEDEX 06901 Sophia Antipolis CEDEX
FRANCE FRANCE
Phone: + 33492956285 Phone: + 33492956285
Email: Yanick.pouffary@hp.com Email: Yanick.pouffary@hp.com
Jim Bound (Editor) Jim Bound (Editor)
skipping to change at page 14, line 44 skipping to change at page 16, line 44
Paul Gilbert Paul Gilbert
Cisco Systems Cisco Systems
1 Penn Plaza, 5th floor, 1 Penn Plaza, 5th floor,
NY, NY 10119 NY, NY 10119
USA USA
Phone: 212.714.4334 Phone: 212.714.4334
Email: pgilbert@cisco.com Email: pgilbert@cisco.com
Margaret Wasserman Margaret Wasserman
Nokia ThinkMagic
5 Wayside Road One Broadway
Burlington, MA 01803 Cambridge, MA 02142
US (617) 758-4177
Phone: +1 781 993 4900 margaret@thingmagic.com
EMail: margaret.wasserman@nokia.com
URI: http://www.nokia.com/
Jason Goldschmidt Jason Goldschmidt
Sun Microsystems Sun Microsystems
M/S UMPK17-103 M/S UMPK17-103
17 Network Circle 17 Network Circle
Menlo Park, CA 94025 Menlo Park, CA 94025
USA USA
Phone: (650)-786-3502 Phone: (650)-786-3502
Fax: (650)-786-8250 Fax: (650)-786-8250
Email:jason.goldschmidt@sun.com Email:jason.goldschmidt@sun.com
skipping to change at page 15, line 42 skipping to change at page 17, line 40
Email: ftemplin@iprg.nokia.com Email: ftemplin@iprg.nokia.com
Roy Brabson Roy Brabson
IBM IBM
PO BOX 12195 PO BOX 12195
3039 Cornwallis Road 3039 Cornwallis Road
Research Triangle Park, NC 27709 Research Triangle Park, NC 27709
USA USA
Phone: +1 919 254 7332 Phone: +1 919 254 7332
Email: rbrabson@us.ibm.com Email: rbrabson@us.ibm.com
fi
Intellectual Property Statement Intellectual Property Statement
The IETF takes no position regarding the validity or scope of any The IETF takes no position regarding the validity or scope of any
intellectual property or other rights that might be claimed to intellectual property or other rights that might be claimed to pertain
pertain to the implementation or use of the technology described in to the implementation or use of the technology described in this
this document or the extent to which any license under such rights document or the extent to which any license under such rights might or
might or might not be available; neither does it represent that it might not be available; neither does it represent that it has made any
has made any effort to identify any such rights. Information on the effort to identify any such rights. Information on the IETF's
IETF's procedures with respect to rights in standards-track and procedures with respect to rights in standards-track and
standards-related documentation can be found in BCP-11. Copies of standards-related documentation can be found in BCP-11. Copies of
claims of rights made available for publication and any assurances of claims of rights made available for publication and any assurances of
licenses to be made available, or the result of an attempt made to licenses to be made available, or the result of an attempt made to
obtain a general license or permission for the use of such obtain a general license or permission for the use of such proprietary
proprietary rights by implementors or users of this specification can rights by implementors or users of this specification can be obtained
be obtained from the IETF Secretariat. from the IETF Secretariat.
The IETF invites any interested party to bring to its attention any The IETF invites any interested party to bring to its attention any
copyrights, patents or patent applications, or other proprietary copyrights, patents or patent applications, or other proprietary rights
rights which may cover technology that may be required to practice which may cover technology that may be required to practice this
this standard. Please address the information to the IETF Executive standard. Please address the information to the IETF Executive
Director. Director.
Full Copyright Statement Full Copyright Statement
Copyright (C) The Internet Society (2002). All Rights Reserved. Copyright (C) The Internet Society (2002). All Rights Reserved.
This document and translations of it may be copied and furnished to This document and translations of it may be copied and furnished to
others, and derivative works that comment on or otherwise explain it others, and derivative works that comment on or otherwise explain it
or assist in its implementation may be prepared, copied, published or assist in its implementation may be prepared, copied, published
and distributed, in whole or in part, without restriction of any and distributed, in whole or in part, without restriction of any
 End of changes. 

This html diff was produced by rfcdiff 1.23, available from http://www.levkowetz.com/ietf/tools/rfcdiff/