IPv6: a crisis and a strategy Dave Northey Microsoft Ireland
Dec 14, 2015
IPv6: a crisis and a strategy
Dave NortheyMicrosoft Ireland
IPv4 Address Pool Depletion
19911992
19931994
19951996
19971998
19992000
20012002
20032004
20052006
20072008
20090
50
100
150
200
250
300
Allocations Remaining
NAT (RFC 1631, May 1994) and CIDR (RFC 1517, Sep 1993) Introduced
Average 12 allocations per year since 2003
26 blocks remaining (Oct 2009)
IPv6 Deployment rate“Only two percent of respondents have migrated to IPv6 across their entire organization.”
“Forty percent of those with no migration plans don’t see any compelling benefits to do so.”
“73 percent say there is insufficient ROI to proceed.”
http://btdiamondip.com/resources/whitepapers/
“There is no business case for IPv6”
Business Drivers for IPv6
Application Development.NET and IPv6 reduce application development time which saves money
Platform for New SolutionsIPv6 supports scenarios that are too complex to work well in IPv4
Secure Seamless ConnectivityNew ways to keep users connected and secure data in motion
Data CollectionAll data will become available over IPv6, making mashups more
valuable
Platform for New Solutions
• Hardest to implement• Requires extensive
knowledge of IPv6• Custom built solutions• Tie technologies together– IPv6 + GPS– IPv6 + RFID
• ~ 200K IPv6 sensors• Building Automation Control Networks– HVAC– Fire Detection/Suppression– Lighting– Security– Temperature/Humidity– People Count– Nearby weather
• Goals of reducing energy costs/CO2 emissions
IPv6 BACNet
• 30% energy reduction
• Paid off construction cost of building site in 5 years
IPv6 BACNet Results
Windows Peer to Peer Fundamentals
Windows Communication Foundation
ASP.NET SQL/Data COM/COM+
Web ServicesCommunicate Transaction MessagingDiscoveryIdentity
Compact Framework
C#VB J#C++ …
IPv6 Ready!!
Remote AccessSituation Today Windows 7 Solution
New network paradigm enables same experience inside & outside the officeSeamless access to network resources increases productivity of mobile usersInfrastructure investments also make it easy to service mobile PCs and distribute updates and polices
Difficult for users to access corporate resources from outside the officeChallenging for IT to manage, update, patch mobile PCs while disconnected from company network
HomeOffice Home
DirectAccess
Office
DirectAccess Server
Compliant Client
Compliant Client
IPsec/IPv6
Data Center and Business Critical Resources
NAP / NPS Servers
Internet
Intranet UserEnterprise
Network
Intranet User
IPsec/IPv6
IPsec/IPv6
Assume the underlying network is always insecure
Redefine CORPNET edge to insulate the datacenter
and business critical resources
DirectAccess
Tunnel over IPv4 UDP, HTTPS, etc.
Security policies based on identity, not location
“It’s not what IPv6 does,it’s what it enables;
it’s what can be built on top of it”
What can you do to prepare for IPv6?
• Start planning now – Identify blockers to IPv6 deployment, plan is to remove
those blockers• Create a test lab• Talk to hardware/software providers about IPv6
support; tell them it is important to you• Even if you don’t want to deploy IPv6 today, you
need to start testing and planning today• Dual stack all web servers• Prepare for a rough ride in the next couple of years