Archive for the ‘IPv6’ Category

The 3rd Slovenian IPv6 Summit was held last week in Ljubljana, Slovenia. At the summit, Erion’s David Holder gave a presentation showing how critical IPv6 training is for the successful deployment of IPv6.

Erion has provided IPv6 training for well over a decade and as a result has a wealth of experience in the delivery of IPv6 training. Over this period, Erion has trained many different types of personnel including, senior strategists, research and development engineers, software engineers, global standards experts, network managers, systems administrators and others. Our clients include many well-known companies, such as, 3Com, Atos Orign, Arbor Networks, Cisco, EMC, Frontporch, The International Telecommunications Union, Level 3, Orange and Research in Motion.

Over the previous twelve years of providing IPv6 training Erion has learned a number of key lessons. First and foremost we have learned how essential IPv6 training is even for the most experienced and knowledgeable delegates. Whilst IPv6 has much in common with IPv4, IPv6 is different in a number of critical ways. For some, a lifetime of experience of IPv4, has to be overturned in order to understand IPv6 properly. Training is key to this process. Examples of areas that must be understood properly are IPv6 addressing and IPv6 security.

IPv6 addressing is very different from IPv4 addressing. It is crucial that this is understood fully. In the presentation, Dr Holder showed how many different types of addresses there are in IPv6 and how this impacts on DNS and other services. Understanding which addresses should be used  and which addresses should not be used in DNS is very important in order to avoid name resolution issues causing problems that may give IPv6 a bad reputation. Problems are avoidable but a proper understanding of the issues involved is necessary. This was illustrated by the Case Study of Erion’s work with the Malaysian domain registry organisation in the migration of the .my country code top level domain (.my) to IPv6.

Many think that if they are not using IPv6 then there is no need to be concerned about IPv6 security. This is not the case. As Dr Holder pointed out, many are using IPv6 without being aware of it. This is because most modern operating systems have IPv6 enabled by default and many include transition techniques that provide an IPv6 connection to the IPv6 Internet over IPv4 even when they are behind multiple layers of NAT and firewalls. This means that so called “IPv4-only-networks” must be secured against attacks via IPv6. Therefore all organisations, even those with no IPv6 deployment, must understand and implement IPv6 security measures. In the presentation, Dr Holder showed how Erion provided IPv6 Security training and consultancy to the Malaysian Domain Registry in order for them to successfully past an IPv6 security audit by their national IPv6 auditor.

In conclusion, David Holder also related his personal experience of delegates on Erion’s IPv6 training courses and the benefits the training brought at many levels.

The presentation can be found at IPv6 Training Case Study IPv6 Enabling Malaysias .my Domain.

Further information on Erion’s comprehensive range of world-leading IPv6 training courses can be found at http://www.erion.co.uk/IPv6Training/.

Erion’s David Holder is to speak at this year’s SambaXP conference in Göttingen, Germany. The paper entitled “How to Implement Samba in IPv6 Windows Server 2008 and Windows 7 Networks” will provided detailed guidance on migrating heterogeneous networks to IPv6 using Samba. Details of the Samba XP agenda can be found at http://www.sambaxp.org/index.php?id=154.

Erion has been instrumental in the IPv6 enabling of the popular Windows and Unix integration open source package Samba. We were the first to successfully IPv6 enable the Linux CIFS client, Samba 3.2 and Samba4. In addition, we carried out the first IPv6 SMB connections between Samba and Windows Server 2008. Further information on Erion’s work with Samba and IPv6 can be found on our IPv6 blog at http://www.ipv6consultancy.com/ipv6blog/?cat=4.

SambaXP runs from 5th  May to 6th May 2010.

We are running our very popular 4 day Implementing IPv6 training course in London UK in April. This course covers all elements of IPv6 in detail. It is suitable for network managers, systems administrators and technologists who require in depth coverage of IPv6. The course includes comprehensive exercises that cover all aspects of IPv6.

For further details please see the course description at Implementing IPv6. If you wish to book on the course then contact us using this Contact Form.

In fact, Erion has provided IPv6 services for almost 12 years. Over this period we have a developed the world’s most comprehensive set of IPv6 training courses. We have provided IPv6 training and IPv6 consultancy services to companies across the globe including many of the world’s top companies and in particular to most of the world’s leading IT and communications companies.

During 2009, we saw a significant growth in interest in preparing for and deploying IPv6. This interest was greater than we have seen in any period in our twelve years of providing IPv6 services. This is an indication of how IPv6 is now becoming widely deployed. Many nations, global organisations and corporates now mandate the use of IPv6. As the final exhaustion of the IPv4 address space draws nearer, the IPv6 momentum will grow exponentially.

At Erion we have not stood still. We are continuing to grow our training course portfolio over and above our regular course updates. In 2010 we will be adding a number of new courses to our standard offerings. And don’t forget that we continue to offer modularised courses that can be delivered on-site and tailored to your specific requirements.

In addition to our training we are also further developing our IPv6 consultancy services. Our long experience of IPv6 deployment over many years has allowed us to develop a comprehensive IPv6 deployment methodology. This methodology draws on industry best practice in IPv6 deployment, programme and project management. Our consultants include those experienced not only in IPv6 but also in PRINCE and other methodologies.

If you require any information regarding our services please do not hesitate to contact us using the web-site contact form.

Finally, we wish you a very Happy New Year and a successful and prosperous 2010!

The board of ARIN (American Registry for Internet Numbers) has written to all the CEO’s of organisations that hold IPv4 address resources in the America’s region to notify them of the impending exhaustion of IPv4 addresses. In the letter ARIN warns that “…Internet Protocol version 4(IPv4) addresses are running out…” and that “At the current rate of consumption, IPv4 will be depleted within the next two years”.

With this notice ARIN has joined the many organisations world-wide that been recommending immediate action on migrating to IPv6 as a result of the impending exhaustion of IPv4 addresses. These include the other regional IP address registries, governments, the EU, OECD and industry bodies such as the IPv6 Task Force. 

A copy of the letter can be viewed here.

Erion Ltd, the leading IPv6 training and consultancy company, presented a case study on a large scale IPv6 migration at the IPv6 Implementers Conference last week in Mountain View, CA.

Erion’s David Holder described how Erion worked with Malaysia’s domain registrar MYNIC to enable the country code domain name for Malaysia. The presentation “Case Study: IPv6 Enabling Malaysia’s .my Domain”, showed how a carefully planned program of training and consultancy from Erion led to a successful deployment of IPv6 on MYNIC’s DNS servers and infrastructure.

Holder began by reminding delegates of how important name services are to the Internet and to the deployment of IPv6. He showed how problems with name services can reflect badly on IPv6 deployments and that it is therefore essential that great care is taken to ensure that name servers are correctly migrated to IPv6. He covered issues such as the potential for large DNS UDP packets to require the use of EDNS0 and how this has implications for firewalls and intrusion detection systems.

The presentation continued by reviewing the changes necessary in any DNS system in order to support IPv6 and some of the difficults that migration to IPv6 presents to DNS administrators.

A number of presentations during the conference had commented on the importance of adequate IPv6 training during IPv6 deployments. Holder said that in his experience IPv6 training is essential to any IPv6 deployment. He went on to show how Erion put together a tailored IPv6 training program for MYNIC based on Erion’s world-leading and extensive portfolio of IPv6 training courses and modules.

Holder described modifications made to MYNIC’s DNS servers and network in order to support IPv6. He also showed how Erion carried out an IPv6 audit of MYNIC’s network, servers and DNS configuration. Finally he demonstrated the IPv6 enabled .my domain and MYNIC’s IPv6 enabled reseller web-site.

As a result of Erion’s work MYNIC was accredited and certified for IPv6 network connectivity and for IPv6 security by Malaysia’s national IPv6 acreditation body.

Finally, Holder commented on some statistics taken by Erion that show how many companies have IPv6 enabled name servers, web servers and mail servers. The statistics included, MYNIC resellers, Fortune 100 companies and FTSE 100 companies. Holder said that whilst 73% of ccTLDs are IPv6 enabled very few resellers of domain names in their countries are. This does not mean that it is impossible to get IPv6 enabled domain name registered in these countries all it means is that a manual process may be required in order to get IPv6 glue into the ccTLD domain. In the case of Fortune 100 and FTSE 100 companies only 4 in each have IPv6 addresses for their name servers, 2 in each have IPv6 addresses for their web servers and none have IPv6 addresses for their mail servers.

Dr Holder’s talk can be downloaded here.

Erion is a world-leading IPv6 services company that has been providing IPv6 training and IPv6 consultancy for over a decade. Erion has extensive experience in IPv6 on a range of platforms and environments, including Windows, Unix, Linux and Cisco IOS. More information on Erion’s IPv6 training courses can be found at http://www.ipv6training.com and on Erion’s IPv6 consultancy services at http://www.ipv6consultancy.com.

The UK’s Engineering professional body, the Institute of Engineering and Technology (IET) recently covered the status of IPv6 in it’s Engineering and Technology (E&T) magazine. In the article entitled IPv6 Crosses the Line, Erion’s David Holder comments on the need to move to IPv6, “The idea was that people would have already transitioned to IPv6 over the last five years, but that has not happened meaning that migration is now more painful”.

IPv6 Crosses the Line, illustrates how IPv6 has become widely adopted with a number of recent examples, including the Beijing Olympics which used IPv6 networking. However, the key point of the article is that whilst IPv6 is ready and is widely implemented in some countries, there remains an urgency to adopt the protocol before the depletion of IPv6 addresses becomes critical.

Another important point made by the article is that the cost of implementing IPv6 need not be large. In many cases equipment and operating systems already support IPv6 it is simply a case of “turning it on”. The main cost is likely to be in training.

Erion’s David Holder comments on the article, “I agree that for many companies the most significant cost is likely to be IPv6 training. It is important to remember that network specialists, security specialists and system administrators require IPv6 training now. Without it they will not be able to manage properly current operating systems and network devices that include IPv6 support. In particular, security staff need to understand how to secure networks for IPv6 now, not in the future. IPv6 traffic is already on many corporate networks even if an organisation has not migrated to IPv6.”

Erion have been providing world leading IPv6 training and consultancy for over ten years. Our comprehensive range of IPv6 training courses covers all aspects of the technology its deployment and management. Erion’s courses cover a wide range of platforms and operating systems.

The full article is at http://kn.theiet.org/magazine/issues/0821/ipv6-crosses-the-line-0821.cfm.

IPv4 address depletion stories have seen prominent coverage in UK papers in recent weeks. Vint Cerf (one of the “fathers of the Internet”) is quoted warning of the impending exhaustion of IPv4 addresses. The papers covering this story include leading UK papers such as The Times, the Daily Telegraph, the Guardian and the Daily Mail.

Whilst there is nothing new in this story it is a significant that it is now getting publicity in the daily papers. The depletion of IPv4 addresses was predicted many years ago and the solution, IPv6, has been around for over a decade. The increased interest in IPv6 has come as people have begun to realise that IPv4 addresses will be exhausted very soon (around 2010).

Another interesting aspect of these articles are the comments that they have attracted on the paper’s web-sites. These comments illustrate that many still believe the common misunderstandings and misconceptions about IPv6. The usual suspects are to be found on these web-sites for example; “NAT will solve the problem”. Without globally addressable IPv4 addresses you cannot implement NAT. In order to attach to the IPv4 Internet a networking using NAT must at some point employ at least one globally routable IPv4 address. So the depletion of IPv4 addresses will make it difficult to continue to deploy NAT. Furthermore, NAT is not a desirable solution. NAT breaks end-to-end connectivity and stops a number of protocols from working. In addition NAT is difficlut to manage and has resilience and performance issues.

As we approach the final depeletion of IPv4 addresses it is important that the need to deploy IPv6 is taken seriously. The increased awareness of the problem is a healthy sign. But it is only the start. We now need to see government, business and individuals planning for and implementing IPv6.

Erion’s David Holder presented at the Global IPv6 Summit in Taiwan today. His talk entitled IPv6 Enabling Unix/Linux and Windows Integration provides a summary of the status of IPv6 in heterogeneous environments and included a case study on IPv6 enabling Samba the world’s leading Windows - Unix/Linux integration package.

Much progress has been made in the IPv6 enabling of Samba. However, many commercial integration products and products built on Samba technology (such as NAS boxes) remain IPv4 only.

The Global Summit included presentations from many of the leading players in IPv6 from around the world. It was particularly interesting to see the significant progress that has been made in the deployment of IPv6 in recent months.

Dr Vint Cerf (Google) gave a video presentation to the conference. Vint Cerf has famously likened the depletion of the IPv4 address space to running out of oil.

“Running out of IP addresses is like running out of oil”, Vint Cerf, 2004.

Tony Hain (Cisco) showed just how close we are to running out of IPv4 addresses. He and others predict the exhaustion of the central pool of IPv4 addresses will occur between 2009 and 2011. He showed that in the final stages of address exhaustion there will be a rush for the remaining address space thereby speeding up the process of address depletion.

In order to manage the final stages of the depletion of the IPv4 address pool regional registries (RIRs) are modifying their address policies. Miwa Fujii (APNIC) summarises the recent APNIC meeting in New Zealand and the key policy changes that were made there. In particular, two important polices seek to improve the management of IPv4 address space. One reserves an address block for the IPv6 transition. This policy seeks to avoid the situation where there are no IPv4 addresses left for use with IPv6 transition technologies making migration to IPv6 even harder. Another policy immediately reserves one block for each regional registrar so that each registrar will have at least one block assigned to it when all other blocks have been assigned.

One effect of both of these policies is that they allocate some of the remaining pool of IPv4 addresses. This means that the predicted date for the central address pool to be deleted has been brought nearer. Despite this, no one is likely to argue that these policies are anything other than a good idea.

The conference was a resounding success. It is clear that the take up of IPv6 is increasing and that the world is becoming aware of the need to migrate to IPv6 before all of the IPv4 addresses have finally been assigned.

MYNIC (the administrator of Malaysia’s .my domain) switched on IPv6 on their domain name servers for the first time at the weekend. Malaysia now joins the growing number of country codes whose DNS is IPv6 enabled.

MYNIC’s Lai Heng Chong, said “We have successfully migrated two of our DNS servers to IPv6″. Mr Heng Chong went on to say that their DNS changes will be submitted to IANA this week.

Erion provided MYNIC with IPv6 training and consultancy during the migration to IPv6. MYNIC staff attended Erion’s Implementing IPv6 and Securing IPv6 training courses, on-site in Malaysia at MYNIC’s offices in Seri Kembang. Erion also provided on-site IPv6 consultancy on configuring IPv6 and securing MYNIC’s servers and network for IPv6.

Erion’s David Holder said, “Erion is very proud to have been a part of Malaysia’s migration to IPv6. It was a pleasure to work with the MYNIC team on this important project”.

For further information on Erion’s IPv6 services in Malaysia and elsewhere please contact David Holder on david.holder@erion.co.uk or +44(0)131 2026317 or visit Erion’s web-site at www.erion.co.uk.