IPv6: Strategi Migrasi IPv6

From OnnoWiki
Revision as of 09:18, 3 December 2022 by Onnowpurbo (talk | contribs) (Created page with "Sumber: https://www.6connect.com/resources/six-steps-to-ipv6/ ==IPv6 Migration Challenges== Migrating your organization to IPv6 will take time and effort, but can be made mu...")
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

Sumber: https://www.6connect.com/resources/six-steps-to-ipv6/

IPv6 Migration Challenges

Migrating your organization to IPv6 will take time and effort, but can be made much easier with reasonable planning. Tools like IPAM will become standard, but it will also greatly depend on your own knowledge of your system, and how thoroughly you planned. There are several factors to consider when planning your migration.

Hardware and Software Compatibility

You must ensure that your existing equipment, especially core communication equipment that connects your network to everything else and itself, must be able to support IPv6. This could be as simple as a patch or firmware upgrade, or could require completely new hardware or software. If it is critical and needed, better to know now rather than find out when it doesn’t work. However, as of 2020, all major operating systems support IPv6. If you are managing internally developed or commercially sources software applications, you may have another element to deal with as IPv6 may not be supported in the application itself. You may need to look at upgrading your software and/or allocating resources to address shortcomings regarding compatibility.

IPv6 Address Length and Volume

Next comes the IPAM to assist and manage the IPv6 addressing scheme. IPv6 is in hexadecimal and incredibly large, which translates to not user friendly. Even network administrators and those very familiar with managing computers and networks will likely find it difficult, eventually causing errors and cascading problems throughout. The length of the addresses will also cause problems for DHCP and DNS services, meaning they will need to be able to handle IPv6 naming and addressing (DHCP6 has already been determined to be preferred). IPAM can not only handle the large volume and length of addresses but also integrate into DHCP and DNS services to help manage them as well. The strategy for handling this new protocol is using metadata options for defining allocation pools, while also having a robust API/GUI option for different roles in your organization.

IPv6 Address Interface

IPv6 addressing has also changed from IPv4, and administrators must understand this change in case multiple addresses are ever required on an interface, as well as familiarize themselves with new vocabulary. There are many new types of addresses that are similar to what we know today. As a brief description, global unicast indicates a unique public address. Local unique private IP addresses are unique private unicast addresses. Local link addresses are similar to non-routable IPv4 addresses and do not leave the network. Finally, the local loopback in IPv6 is defined at “::1″. Overall it is the same functionality, only on a much larger scale. How it is written is among the major differences that tend to intimidate organizations.

Dual-Stacking with IPv4 and IPv6

Dual-stacking means running IPv4 and IPv6 in the same network. It gives IPv6 compatible devices the choice of which to use, and while still limited to the number of IPv4 addresses available, has the benefit of having an IPv6 deployment ready for migration. This is the environment that organizations will likely run prior to completely migrating over to IPv6. There are other options such as “6to4″ that transmits IPv6 over IPv4 but have the same limitation of number of IPv4 addresses without an IPv6 deployment ready. Tunneling will also solve the problem of communication, but their masking of traffic causes problems to go unseen until it is too late. There is no requirement to run both IP versions either, but as a reminder from earlier, using only one will likely cause some kind of disruption and loss of connectivity at some point with the Internet and customers. Why not get ahead and make sure your business is in a place to capture that opportunity?

How Exactly Does IPAM Fit Into All This

IP Address Management (IPAM) is a solution that manages IP addresses on a network. It can determine what is available, used, and show ways to consolidate them. More importantly, it is robust enough to handle the huge size of IPv6 addresses. This alone is a major factor in IPv6 migration, but it also integrates with and combines DNS and DHCP services by having the ability to provide nearly any view imaginable that deals with IP addressing, especially the huge length and volume of IPv6, offering significant time and effort savings over manual, homemade, or spreadsheet solutions not designed to handle these new functions. Let’s examine some specific areas where IPAM will assist in IPv6 migration more closely, along with six steps in getting to IPv6.

Step 1 – Discover Your IP Network

The first step, and notable IPAM feature, is discovery. IPAM is able to first determine the scope of IPv4 existing, used, and available on the network through use of an automated tool. It can also conduct a thorough inventory of the nodes on the network (nodes being PC, printer, anything plugged into the network). This will allow IPAM to determine what is IPv6 ready, enabled, and incompatible. Details from this inventory would include what needs to be upgraded or replaced in regards to hardware and software. The final phase of discovery deals with DHCP and DNS, ensuring they are IPv6 compatible and able to resolve and distribute IPv6 addresses. The goal of IPAM discovery is knowing what your network looks like, and its capability regarding IPv6 for better or worse so plans can be made now, not later when downtime becomes far more likely. The challenge with IP network discovery functions is that it requires ready access to your entire network to be effective. It is important to also evaluate more scalable options. Ideally, an IPAM system would integrate with an existing network monitoring system to populate IP and device data. If possible, the IPAM system should have an option to integrate with RIRs and routing devices to further understand what IP blocks are being accounted for on the network.

Step 2 – Plan Your IPv6 Implementation

The next step is planning using the IPAM discovery information and policies that you are using internally. These plans can be as simple as tests, or full-blown projects for deployment. From the discovery, they can include what to purchase for upgrade or replacement of hardware or software, training classes to support administrators and users, or a high-level complete organizational requirements plan. The main idea though is to determine what must be changed or modified, and how best to accomplish these tasks for the least time and cost. As suggested earlier in this document, integrating IPv6 migration into existing technology plans removes the need to do things twice, which reduces both time and cost immediately, and implements the migration over a period of time. This will also include teams and roles designed specifically to accomplish these tasks, tackling the overall migration as a team with a structure. If planning is done effectively, IPAM will be able to assist when it is complete by tracking IPv6 the same way it did with IPv4 except for the details of hardware and software. It will know where the IPv6 networks are, its DHCP ranges, and be able to show them logically. It is important to note that this piece of IPAM is rather technical and works best with expertise. If resources are not available in your organization, it is best to work with an IPAM expert and solution provider. It is far better to add a small cost now rather than a large one later.

Step 3 – Model Your New Dual-Stack Network

Now with the discovery and modeling done, we’ll use IPAM to create a model of the migration. This will determine how IPv6 will look on your network when completed. It is important to use modeling to determine the impact in implementing IPv6 addresses onto the network, which may require changes to routers, interfaces, security policies, and so on. IPAM tools will assist in mapping IP data to business logic such as departments, priorities, or infrastructure using visual maps and models of the potential new infrastructure. Specific functions will include creating /64 and /128 networks and updating DNS, and creating/segmenting IPv6 address blocks. A test or lab environment is highly recommended during this phase to avoid any damage or downtime to the production network. Using metadata will be key to this modeling stage, so understanding how your organization uses/needs to use IP space is helpful. This may include how that data ties into billing/CRM/ERP systems as part of provisioning processes.

Step 4 – Map IPv4 and IPv6 Together

With modeling complete and a good idea of how IPv6 will be implemented into the network, it is time to map. This means mapping IPv4 devices to their IPv6 addresses and vice-versa. IPAM’s role in this arena is assisting in visualizing the current IPv4 network and the proposed IPv6 network together dual-stacked. In order to track the dual-stacked devices on the network, you still require a single common entity between the v4 and v6 addresses for the device (MAC and DNS hostname work well), of which IPAM can capture MAC addresses automatically. In this way, IPAM creates a single point at which hosts can be tracked, although they still utilize two different addresses. During this phase of implementation, organizations can also change their IP scheme if they like, since the addresses are being mapped at this time anyway. However, be very careful if readdressing the scheme is chosen at this time. Problems can occur if everything is not mapped correctly, and especially if the network ends up with two separate address schemes that do not correlate. The key to this phase being successful is ensuring that your IPAM platform is able to understand objects as discrete entities with multiple interfaces. This way you can have a device with multiple interfaces and multiple IPs on each interface. This will reduce confusion and ensure that you have a cohesive view of everything which is key for not only getting your network running, but keeping it that way.

Step 5 – Implement the Plan, Model, and Mapping

With the planning phases complete, it’s time to implement dual-stacking. The main components here are utilizing all the IPAM information up to this point and following the plan to a successful implementation. Of course, no one can ever plan for everything, and there could be errors despite the most careful planning, or unforeseen circumstances can arise. IPAM is ready to assist here as well by quickly configuring new IPv6 address segments, which should work automatically due to IPv6 DNS being part of the implementation. Otherwise, this will need to be done manually. After implementation, it is important to check network features to ensure they are working properly. Items such as security policies and other IPv4 specific dependent systems may need to be modified to address any connection or vulnerability issues.

Step 6 – Manage Your New Dual-Stacked Network

All projects and deployments require maintenance, and this one is no different. Continuing to use IPAM to track and manage IPv6 addressing and networking will reduce the excessive time and effort required to manage the dual-stacked network, and the IPv6 network itself. By using some of the same tools used in the implementation process, it will also be useful for troubleshooting a multitude of problems from general connectivity to security and policy compliance issues. Integrating DNS and DHCP services with IPAM will also serve to provide even more information through the IPAM solution, furthering its importance and functionality for your organization.

In Summary

IPv6 is here. As of 2018, all five RIRs have run out of IPv4 addresses. Waiting to address IPv6 carries significant risk to the organization in lost communication and potential lost revenue and customers. It is only prudent to start planning now for the future. Luckily, it is not as difficult as it seems, and with careful planning IPv6 migration and implementation can be smooth and easy.

Performing this task though will still require time and effort on the part of the organization. The network must be analyzed and planned for an IPv6 network. IPAM can assist with this by using several automated tools, views, and other integrated network features to perform numerous tasks. These include discovering how IPv6 will fit into the existing network, what needs to change, how it will look before and after implementation, and even assist in future management. While not absolutely required for IPv6 to work or migrate to it, IPAM is highly recommended for your organization to take advantage of IPv6 quickly and effectively, with minimal interruption, and maximum efficiency.




Referensi