Connecting state and local government leaders
In a world of 18-month software lifecycles, the Internet Protocol is an anomaly. The IP Version 4 stack now running on your agency's desktop and server systems predates even networked PCs.
Version 6 will make it possible for more nodes to link to the Internet
By Pete Loshin
Special to GCN
In a world of 18-month software lifecycles, the Internet Protocol is an anomaly. The IP Version 4 stack now running on your agency's desktop and server systems predates even networked PCs.
But IPv4 has managed to scale up along with the Internet as it grew from a few dozen government research sites into a global network now approaching 100 million nodes. The IP version was published in 1981 as a Defense Department standard known as Request for Comments 791 and has needed a face-lift for some time.''
Users have been hearing about the next version, IPv6, formerly called IPng (for IP next generation), mostly because of IPv4's address squeeze.''
IPv4 uses 32-bit addresses, which set an upper limit of about 4 billion addressable nodes'a high estimate because IPv4 allocates addresses inefficiently. Network addresses are getting scarcer as the Internet continues to expand, but an even more pressing problem is how to cope with the explosive growth in Internet routing tables.'
'
As more networks link up to the Net, the number of routes a backbone router must track in some cases exceeds 140,000 entries. The bigger the tables, the more they hamper the backbones in moving Internet traffic.
Current IPv4 network addresses fall into three categories. Class A includes only a few networks'a maximum of 126'but they can have as many as 16 million nodes. The 16,000 Class B networks can each address up to about 65,000 nodes. Class C network addresses are the most common'about 2 million, each capable of addressing 254 nodes. The class structure severely limits IPv4's ability to handle growth.
Breaking away''
A temporary remedy called Classless Interdomain Routing (CIDR) breaks the class system and makes large groups of Class C networks resemble a single network entity so that only one routing table entry is necessary, not thousands.
Another quick fix, network address translation (NAT), lets networks use as many addresses as they need internally, but they can access the outer world only through an address gateway box. From the outside, it all appears to be a single standalone system. NAT is a cheap way to finesse the address space shortage, but it poses problems for firewalls, other applications and outside users who want access to internal hosts.
IPv6 eliminates the address shortage by using 128-bit addresses. It gets around the routing table issue by aggregating addresses. Its streamlined header and design refinements fix nagging issues such as network autoconfiguration, mobile IP, IP security, fragmentation, source routing and the very large packets known as jumbograms.
The IPv6 specification was published in December 1998 as the Internet Engineering Task Force's RFC 2460.
To see graphically how an IPv6 address is assembled, visit the Web site at playground.sun.com/pub/ipng/html/ipng-main.html.
IPv4 addressing lacks specificity; it's like indicating a person's location as Mali or Paraguay or Queensland. Each router must process the full IPv4 address and match it up against a routing table.
In contrast, IPv6 aggregates addresses into big groupings that get more specific as they go along. The first few bits of an address might indicate, say, South America. The packet would go to a router serving South America, which might see Bolivia in the next few bits and forward the packet to Bolivia's router. From there, the packet might go on to La Paz and then to its final destination.''
IPv6's global aggregation architecture splits addresses into two parts. The high-order 64 bits identify the network, and the low-order 64 bits identify the node.''
A format prefix gives the type of IPv6 address. Next comes a top-level aggregation entity, likely to be a country or a large carrier, followed by 8 bits reserved for future growth. Then comes another aggregation entity, likely to be a large company or Internet provider, and finally a site-level aggregation entity, probably assigned by the entity above it.'Such addresses are far more efficient to route across backbones. The upper limit of no more than 8,192 top-level aggregators pares down the size of backbone routing tables.
The IPv6 header eliminates IPv4's length, identification, flag, fragment offset, header checksum, options and padding fields. Because IPv6 headers are all the same length, no length field is necessary. IPv6 prohibits fragmentation except between end nodes, so the identification, flag and fragment offset fields go away, too.'
IPv6 options are handled in separate extension headers, and options no longer clutter the main header. IPv4's type-of-service field changes into the traffic class field, and the time-to-live field becomes the hop limit field. A flow label field supports IPv6 packet sequences that require the same routing treatment, such as video streams.
The simplified, standard-sized IPv6 header also makes routing easier for packets with special options. IPv4 forces routers to sense and handle all special packets, such as those using IP Security encryption and authentication. But IPv6 routers can ignore the end-to-end options and process only those relevant to the routing process.
IPv4 still works and should do so for some time. But as we run out of address space, more and more organizations' networks are making do with less and less. And the routing table explosion is only going to get worse. Security is always a concern for government, and IPv6 will make implementing an IP security architecture much easier without the performance impact suffered by IPSec over IPv4. IPv6 also can handle automatic node configuration and tools for supporting mobile users.
No pain, no gain
Although any upgrade brings pain, the good news is that IPv6 will arrive gradually. There is no cutover date, and vestiges of IPv4 probably will remain with us forever.''
You can build in connectivity through IPv6/IPv4 protocol gateways and tunnels. No need to implement the new protocol on every system at once'and there's no effect on interoperation with legacy systems. You need not hurry unless you are running out of IPv4 addresses and have no way to get more, or unless you need a IPv6-specific feature.''
For example, the Dynamic Host Configuration Protocol automatically configures approved nodes. IPv6's stateless autoconfiguration, spelled out in RFC 2462, lets unknown nodes query the nearest autoconfiguration server for basic network configuration.''
If you do need such features immediately, IPv6 is available free in any Linux operating system distribution.
As for the downside, IPv6 adoption is competing for resources against the year 2000 problem. It also faces resistance from North American Internet providers, most of whom have all the network addresses they need and do not want to deal with an upgrade.'' Compelling applications such as streaming audio and video probably are what will bring IPv6 to a desktop PC near you.
Pete Loshin, of Arlington, Mass., is the author of several books about networking protocols.
NEXT STORY: PTO wants no net downtime