EXPERT ADVICE
CYBERSECURITY
IPv6 Is Here: Thoughts for Migrating Your Health Care Organization BY MICHAEL JOHNSON AND JOSH GARVIN
F
or so long we’ve been accustomed to the IPv4 protocol. We’ve spent countless hours understanding the ins and outs of networking, subnetting and more based on IPv4 addressing. With the everchanging needs of our society, including more and more devices that require a connection to a network, the world is running out of available IPv4 addresses. Enter IPv6, the solution to IPv4 address exhaustion.
One of the main exciting differences between IPv4 and IPv6 is the available IP space. Where IPv4 had approximately 4 billion IP addresses, IPv6 has more IP addresses available than stars in the universe. The total amount of available IP Addresses in IPv6 is so large that it is hard to comprehend, it is best shown as 2128. That equals 340 undecillion IP addresses. A number that virtually guarantees that there will never be a shortage of available IP addresses. The reason IPv6 has more available IP addresses is due to bit size. With IPv4, the IP address contains 32 bits, broken into four 8-bit blocks separated by a period. IPv6 IP addresses contain 128 bits, made up of eight 16-bit blocks that are represented by hexadecimal (alphanumeric characters represented by A-F and 0-9) separated by colons. IPv6 packets have been updated to include a more streamlined header compared to IPv4. The header is designed to only
82
TECHNATION
JUNE 2022
Michael Johnson include the minimal amount of information needed to decrease the processing time a router needs to send your packets across the network. IPv6 no longer utilizes Address Resolution Protocol (ARP). ARP is replaced with an ICMP based Neighbor Discovery Protocol (NDP). NDP uses special IPv6 ICMP messages to find and resolve Layer 2 neighbor’s IPv6 addresses. NDP provides a simple way for hosts to learn the IPv6 addresses of neighboring devices within the same subnet as itself. This includes other hosts as well as routers in the local network. Subnetting in IPv4 is used to save IP space and segment your network. In IPv6, subnetting is configured and implemented within the network portion of the IP address itself. The last 16 bits of the 64-bit network address denote the subnet, this allows the use of 65,535
unique subnets. With 64 bits left for the host portion, variable limit subnet masking should no longer be required. In fact, using VLSM is not recommended and would cause failures in some built-in IPv6 features. There is no exact date when every network must be migrated to IPv6. However, some government and private organizations are setting their own deadlines to implement the newer protocol. In some rare cases, an organization may decide to never make the change to IPv6, using NAT protocols to publicly route the devices in their private network. When your organization migrates from IPv4 to IPv6, ensure your budget includes room for upgrading network appliances if necessary (e.g., routers, switches, firewalls, etc.). Make sure you’re considering IPv6 function as part of your internal equipment lifecycle planning reviews. When your organization begins to migrate; it will take time and a phased approached will likely be required. Dual stack, tunneling and translation are methods used to help provide that transition period. Dual stack environments use IPv4 and IPv6 protocols concurrently. With dual stack, every capable device on the network will have one of each type of IP address. The stack used for communication is determined by the protocol version returned with the DNS query responses. Tunneling provides IPv4 encapsulation on IPv6
WWW.1TECHNATION.COM
