The new IPv6 is a long-anticipated upgrade to the internet’s primary protocol, IPv4. It has a 128-bit addressing scheme that lets it support an order-of-magnitude more devices connected directly to the internet than IPv4’s 32-bit addressing. It also boasts autoconfiguration, end-to-end security and other enhancements.
Computerworld contacted several leading network-management vendors, and here’s what they had to say about their efforts to meet a mid-2008 US federal government deadline to support the new protocol.
Cisco has supported IPv6 in its IOS software since 2001. During the last two years, the company has begun developing support for the protocol in other management tools that its customers will need to move their network architectures to IPv6.
Cisco offers a free auditing tool called IPv6 Network Assessor that automates the process of figuring out which Cisco switches and routers are ready for IPv6 and which aren’t.
Cisco has also upgraded its CiscoWorks campus-management software to manage its IPv6-enabled layer 2 and layer 3 devices. The software offers limited support for IPv6: identifying address identification, management of some configurations and limited path tracing. However, CiscoWorks doesn’t offer the full set of features available in IPv4.
Cisco Network Registrar (CNR), a DNS and DHCP package, supports IPv6, including stateful and stateless configuration. Cable service providers are among the early adopters of IPv6-enabled Cisco Network Registrar.
Cisco also has an IPv6-enabled Network Analysis Module, which is a blade that sits in its switches and reports back to Cisco’s NetFlow traffic monitoring software.
“Over the next several years, you will see us really begin to strengthen our management product portfolio across the board just like we’re doing within our hardware platforms because we see it as a fundamental component of any IPv6 transition,” says Dave West, director of field operations at Cisco’s Federal Centre of Excellence.
West says one of the first things that network managers need for the transition to IPv6 is DNS and DHCP tools. That’s because IPv6 addresses are so long that network managers won’t be able to remember them and accurately type them into network management applications. Instead, network managers will use IPv6-enabled DNS and DHCP software for those tasks.
“The management products will mature as more devices support IPv6,” he says.
2. Network Instruments
Networks Instruments offers full IPv6 support in version 12 of its Observer family of network analysis and monitoring products. The new version, released in March, supports native IPv6, dual-stack IPv4 and IPv6 environments, and tunnelling.
“We’ve had native IPv6 filtering and decoding for three or four years,” says Charles Thompson, the company’s manager of sales engineering. “But with the release of Observer 12 in March, we’ve implemented support for IPv6 across our entire application. We’ve added IPv6 support for VoIP, for all of our expert-analysis functionality and all of our statistics.”
Thompson says all the functionality available for IPv4 is now available for IPv6. Next up for Network Instruments is adding features specific to IPv6.
“Once people start implementing additional features, it’s going to change the way we analyse the data,’’ he says. “We’re going to have to look more at the transport of the data than the data itself because IPSec will force us to do that.”
Thompson says customers were asking Network Instruments for IPv6 support. “The government space has some interest but also carriers and service providers that are going to be transporting IPv6,” he says.
EMC introduced support for IPv6 in Release 6.5 of its EMC Smarts IP Availability Manager.
“We did introduce support for IPv6 around dual-stack deployments, which we see as the most likely deployment for most enterprises to move to IPv6,” says Jonathan Reeve, technical product marketing manager for EMC’s resource management group. “Our solution supports the discovery and monitoring of IPv6.”
Reeve says EMC’s software discovers the IPv6 information using SNMP over IPv4 connections. “We monitor those IPv6 addresses using [internet control message protocol] V6,” he adds.
He says EMC’s IPv6 capabilities are “pretty similar” to its IPv4 functions.
Next up for EMC is supporting pockets of pure IPv6 networks.
“As we operationalise IPv6, there are going to be opportunities to do some things differently, such as autoconfiguration and autodiscovery,” Reeve says. “Some of those things may become easier to do.”
4. Network General
Network General has offered limited IPv6 support in its Sniffer products for many years, but the feature has had little use.
“I can count the number of IPv6 users on one hand,” says James Messer, director of technical marketing for the vendor.
Network General doesn’t support dual stack or tunnelling for IPv6. Nor does it let network managers evaluate how critical applications are running over a diverse network running IPv4 and IPv6. Those features are under development now.
In light of the federal government’s IPv6 mandate, Network General is re-
examining its IPv6 support to offer more detailed visibility into the performance and availability of IPv6 systems.
“Having decodes is good, but that’s just a first step,” Messer says. Users want “very detailed information about the transmission of the IPv6 protocol and IPv6 applications going over the network at a very network-centric level.”
Network General says it is improving IPv6 support in all of its products, including its Sniffer network-traffic analysis tool, NetVigil; IT performance management solutions; and Visualiser troubleshooting tools.
Network General says network management tools will also need different security mechanisms because more traffic will be encrypted via IPSec. Network managers won’t have as much visibility into IPv6 traffic as they had in the past, so they will have to find other ways of gathering performance and availability information on networks, Messer adds.
5. IBM Tivoli
IBM’s Tivoli subsidiary intends to release versions of its Netcool/Omnibus event management and IBM Tivoli Network Manager software which support IPv6 in late 2007. Both products were originally part of Micromuse, which IBM acquired in 2006.
“We’ve been talking to our customers and asking them about their plans and requirements for IPv6,” says John Krachenfels, market management for Tivoli. “Because of the US government regulations that are requiring IPv6 starting next year but also because of customer feedback in Asia-Pacific and Europe, our customers wanted us to move to IPv6.”
IBM Tivoli’s new products will support dual-stack IPv6 and IPv4 environments but not the tunnelling of IPv6 traffic over IPv4 connections. “Omnibus will be capturing events from IPv6-based devices, and then send them to Network Manager,” Krachenfels says. “Network Manager discovers and maps a complete network environment and creates a topology view. Both products will be able to be hosted on dual-stack machines running IPv6 and IPv4.”
Jonathan Baggott, software engineer for Netcool products, says the IPv6 functions will be limited to IPv6 interface data, routing information and basic integration with Ethernet switching functions. “This still leaves potential grey areas in MPLS and with some enterprise-specific equipment,” he says. “The support is aimed at the standards and Cisco, so if a device supports them, it should at the least have its IPv6 interface information retrieved and routed correctly.”
Netcordia has started an initiative to support IPv6 on its NetMRI real-time network analytics appliance by June 2008. Terry Slattery, the company’s founder and CTO, sees promise in the IPv6 market. IPv6 is more than just an addressing change, he says.
“We expect it to bring a whole new set of problems with autoconfiguration,” he says. “DNS is going to be a lot more important. People are going to have to deal with great big long addresses... Also, you can’t do a ping sweep of a subnet because the addresses are too long. Scanning that 128-bit address space is not going to scale.”
Another big challenge for network management applications is being able to store IPv6 data, he says.
“The addresses take up four times more room than IPv4 addresses, so they’ll need more address space,” Slattery says. “The other interesting thing is they are going to need something for displaying 128-bit addresses. That’s a lot of screen real estate. I think the most useful way will be displaying a device name and then running the mouse over it to view the address in a shortened form.”
7. Apparent Networks
Apparent Networks expects to support IPv6 on its network assessment and optimisation tool by June 2008, the US federal deadline.
Loki Jorgenson, chief scientist, says it’s unclear how network management applications will exist in dual-stack environments.
“What we’re looking at is an extended dual-stack future, where there isn’t a serious driver to push people out of IPv4 to IPv6 for a clean cut-over,” he says.
“This raises all sorts of hairy questions. How does one think about a network that is part IPv4 and part IPv6 with hosts with dual stack interfaces? How do you construct logical diagrams in a way that allows you to confirm something operating at IPv4 is operating at IPv6? I don’t think there is a quick and easy answer.”
Another challenge for network management applications is handling IPv6 packets.
“Presentation is probably the trickiest one,” Jorgenson says. “How do you construct a network management process and support it with a particular view in a mixed IPv4 and IPv6 environment? We’re looking at that in particular.”
He says that support for IPv6 in the network core is further along than at the edge.
8. Network Physics
Network Physics, a provider of real-time performance-management appliances for converged networks, doesn’t support IPv6 and hasn’t committed to a particular time-frame for IPv6 support.
“We’ve been waiting a little bit to see the demand in the marketplace,” says Tom Tavel, the company’s chief architect. “There are downsides in dealing with the larger addresses, and we haven’t quite gotten started on that.”
The larger addresses will create storage issues for network management platforms like Network Physics appliances. “Potentially, there may be some interesting stuff there in IP addresses being easier to correlate to individual users,” he says.
Tavel says supporting IPv6 will create some challenges for Network Physics because of IPv6’s built-in support for IPSec. “Our product is passive monitoring of packets on the network,” he says. “To the extent that the transportation layer is encrypted, that’s going to be a problem for us.”