Wireless Networks Thread, IPv6 - How quickly will we need to comply? in Technical; The BBC's version of the story BBC News - Web giants promote new IPv6 internet address system
Becoming IPv6 compatible ...
8th June 2011, 10:27 AM #1
IPv6 - How quickly will we need to comply?
The BBC's version of the story BBC News - Web giants promote new IPv6 internet address system
What's the impact for schools then? How quickly will we need to move?
Becoming IPv6 compatible is a slightly more complicated task for corporate internet users.
Bringing their systems up to standard will typically involve investing in and installing new networking systems.
8th June 2011, 10:35 AM #2
As an end user, we don't really need to move very quickly at all. We are limited by our LEA/RBC connections in most cases. Even then, when they do change they will no doubt support IPv6->IPv4 NAT.
My guess will be that most areas will have roll-out programs at some point, co-ordinated by LEA ICT departments. Personally, I've sat down and had a look at what I need to do and started making a plan to implement it internally. As it stands though, a good amount of our equipment won't support IPv6 (our VOIP phones don't at the moment, nor do some of our printers, network scanners etc...). So, until I can be sure everything is IPv6 compatible, I'll be sticking with IPv4 internally anyway.
8th June 2011, 10:39 AM #3
Some of us work in private schools... no LA to direct or help us!
8th June 2011, 10:44 AM #4
Several years at least, ISPs are dragging their feet hugely on this and you can keep 4 inside for most things at this point. We've been buying gear with support v6 for the past few years and so short of the core which is the case of a firmware upgrade we could switch over very easily. We won't need to for another couple of years at least even if the all singing/dancing fibre to the school stuff shows up on schedule.
8th June 2011, 10:53 AM #5
I would do as local has and at least get a plan or audit what you have & if it can do IPv6. I have heard of some ISPs transferring over to IPv6 internally and this causing problems to some customers. This was mainly companies who had VLAN or proxy systems set up either with the ISP or to pass through them so I doubt it would effect a school yet but forewarned is forearmed.
8th June 2011, 10:57 AM #6
Eventually ISP's will or should start to migrate towards IPV6, at which point I'm sure they'll provide instructions on re-configuring routers etc. In theory we could all continue to run IPV4 internally forever - its not like any of us are going to max out the availible private IP blocks.
Originally Posted by elsiegee40
As IPV6 adoption becomes more widespread it'll be much easier to impliment, at the moment I'm sure most of us couldn't consider it for various reasons - we probably all have non-IPV6 compatible devices floating around
Also there are plenty of us on here working in private schools - who needs an LA when the time comes(if it ever does) we'll get it sorted one way or another
8th June 2011, 10:58 AM #7
With the size and (lack of) complexity of my network, I very much doubt I have anything that is v6 compliant. However, we are looking at some big changes (for us), replacing all the PCs to run Win7 and possibly going wireless, so it is something we need to factor in.
8th June 2011, 11:10 AM #8
Definatly keep it in mind when buying new equipment. I'd imagine you'll find that things simply fall into place though, by the time you need to impliment IPV6 all non compliant devices will probably have been scrapped(6+ years?) or be on their way out.
8th June 2011, 11:11 AM #9
Even we should have got rid of our antiques in 6 years (says she crossing her fingers!)
Originally Posted by Jamman960
8th June 2011, 11:46 AM #10
Our talk at the edugeek conference covered (a little) v6 stuff. I think the slides are online here EduGeek Conference June 2011 in Preston « (James Evans) EduTech's Blog (the LUNS talk).
But yeah, the advice is basically, audit what you have and when buying new equipment, make sure it is v6 compatible so that when the "time comes" you can support it. Might also be worth finding out if your current ISP/provider offers any v6 or has a roadmap to do so (in the case of LEAs, I'd imagine the info will filter down to you eventually).
8th June 2011, 12:16 PM #11
IPv6 is a commonly used term to scare people. In reality, even in the longest PC life cycles in education, you won't *need* IPv6 compliance until a PC you've just bought now is out of life. Out of all the members on this board, I would imagine only 0.01% have 100% IPv6 readiness from their internet network/PC/Mac to their ISP. A huge majority is still tunnelled through IPv4. Windows 7 and 2008 support it out of the box, so anything put in place now will theoretically already be compliant with the possible exception of network infrastructure. I know full well that EMBC need to replace the routers in a majority of shools in Northants for it to have any bearing and that won't be happening for a while yet.
Yes, it's going to happen. No, you won't be affected until you've retired/gotten bored of education/been priced out of your own job/no longer care.
My personal worry over it is security - IPv6 opens a HUGE can of worms on that side of things. My IRC network is taking it all with a pinch of salt currently for that reason, and any IRC network of note with full IPv6 support is battling daily to make it work. The same would apply to educational networks - filtering, site blocking, proxy blocking, anonymous TOR nodes etc. I'd actually be interested in seeing what LEA's/educational ISP's have in mind for that, and might bring it up at our next meeting
8th June 2011, 12:19 PM #12
There's nothing to stop you having a play with Hurricane Electric's tunnel service - s'free and legit.
Originally Posted by elsiegee40
Hurricane Electric Free IPv6 Tunnel Broker
8th June 2011, 12:47 PM #13
IP6 support on the PC side is easy even now, XP even supports IP6 and it is a couple of comand lines or maybe 15 clicks to switch it on. The biger issue is the interfaces on things like network printers, IP cameras, and the core issue is infact the core (switching and routing of IP6).
The things that will push IP6 forward are new tech like DirectAccess (assuming they ever make it easily configurable) and things like that which are just a nightmare to do without it. Assuming it is implemented properly it should actually make security better as many of the loopholes, workarounds and hacks that are implemented to shoehorn more hosts into IP4 are no longer required. For instance it would be possible to do end to end IPSEC encrypted communications from one host to another without it needing to be opened up, readdressed and checked to make sure that it is not tripping up by duplicatiing address spaces on each side of the link.
It will take time for people and software to get this stuff right though and that will be after the glacial ISPs get their stuff up to date and able to implement it, especially here. By the time it is widely avalible to most and is actually required it will be much easier.
Our IP6 connectivity at the moment is limited to direct local traffic as our core is not IP6 so the servers can all talk to each other quite happily over IP6 but as our ISP does not even have plans for IP6 yet upgrading our core seems pointless at this point. The new fibre network which may or may not be a farce should support it though so it makes sense to prepare where it does not cost any more or does not cost that much more.
8th June 2011, 02:41 PM #14
In terms of the security ramifications - yes it needs thinking about, but it shouldn't be as big a perception shift as many may think. Yes your edge hosts may all be assigned 'global' addresses, but there will still be a border router on your network with a firewall. Just because it isn't NATing doesn't mean it isn't firewalling out all the same malicious ports/performing all the same traffic analysis as it was with v4. It just means that if you make a mistake in your border firewall rules, your edge hosts are more susceptible to being accessible from the outside (as obviously old v4 privates aren't globally routeable which provided a belt and braces to firewall misconfiguration). I see it as a benefit though. NAT does nothing but slow networks down (NAT processing is a lot more expensive than optimised routing) and cause end-to-end connectivity problems. With v6 there is just no need for NAT.
8th June 2011, 03:00 PM #15
I wasn't referring quite so much to security as per direct access, but I meant via proxy anonymisers. Filtering out spoofed IPv4 addresses is (now) relatively simple, however IPv6 makes spoofing an IP literally as easy as it is to spoof a mac which has an absolute ton of ramifications. Unless it's sorted out, it's likely that spam email will multiply, botnets will become (and already are) extremely difficult to track, trace and nullify and as a direct result of that user infection levels will increase too.
It's not something I'm looking forward to dealing with.
By DaveP in forum IT News
Last Post: 10th May 2011, 12:24 PM
By edutech4schools in forum Windows Server 2000/2003
Last Post: 29th January 2011, 09:04 AM
By timbo343 in forum Wireless Networks
Last Post: 26th May 2010, 02:08 PM
By Geoff in forum Wireless Networks
Last Post: 5th September 2006, 03:13 PM
Users Browsing this Thread
There are currently 1 users browsing this thread. (0 members and 1 guests)