Vista's IPv6: Not an easy upgrade
- 07 September, 2007 08:16
If you think migrating to IPv6 is as simple as upgrading to Microsoft Windows Vista, think again.
Vista is the first operating system from Microsoft that automatically installs and enables IPv6, the long-anticipated next generation of IPv4, the Internet's main communications protocol. Even the biggest proponents of Vista, however, say enterprise customers will find rolling out the software's IPv6 capabilities is difficult and time-consuming.
That's why Microsoft executives are urging corporate network managers to start testing Vista's dual-TCP/IP-stack IPv6 implementation, which supports both IPv4 and IPv6 traffic, at least a year before putting it on a production network.
"This is a large upgrade. We're really looking at a lot of different moving parts. It's not just a matter of flipping a switch and everything works," says Sean Siler, IPv6 program manager for Microsoft. "Not everything supports IPv6 throughout the entire network infrastructure. You have to make sure you have the right management tools and the right security tools. It's a good thing to do a network inventory."
Chris Mitchell, Microsoft's group program manager responsible for the implementation of TCP/IP in Windows, says if network managers don't spend enough time familiarizing themselves with all the changes in IPv6, they'll fail to take advantage of the protocol's benefits.
"It's easy to say that IPv6 gives you a larger address space and everything else works the same," Mitchell says. "As a practical matter, that's not the way it is. If you do that, you will potentially repeat some of the limitations of IPv4."
IPv6 features a virtually limitless address space. IPv4, on the other hand, supports about 3.4 billion IP addresses, which are being exhausted rapidly. When all IPv4 addresses have been handed out, service providers and enterprises will need to support IPv6 on their networks.
IPv6 also has IPSec built-in security and supports autoconfiguration of network devices. Another benefit: The end-to-end connectivity it provides will enable many new applications, such as wireless, mobile streaming multimedia and data-intensive mash-ups.
Microsoft is taking a long-term view with regard to migrating its business customers to IPv6. The company says all its enterprise-class software will support IPv6 by the next major release. "IPv6 is the future, and we want to make sure that it is supported in the product sets we build," Siler says. "We wanted to make sure that Windows as a platform would provide all the connectivity that our customers are going to need today and in three to five to seven years."
Both Windows Vista and Windows Server 2008 support IPv6 by default and prefer IPv6 to IPv4. While IPv6 is enabled automatically on the Vista client software, network managers must choose to route their networks via IPv6 or IPv4. "Once a network manager makes the decision to go to IPv6, they would make a conscious effort to start routing IPv6 through one of several different methods, and they can start enabling one small subnet at a time," Siler says.
Microsoft responds to Vista's IPv6 problems
Although Vista's IPv6 stack has been on the market for only eight months, early adopters already are reporting some problems with it, particularly with printing and network management applications.
Microsoft says these sorts of glitches are normal, given the scale of the upgrade to IPv6. "If you go back to the late '90s, when people were replacing their IPX networks with TCP/IP, the kind of problems they were having are no different than the kinds of problems you're hearing about anecdotally," Mitchell says. "Sometimes the only way to get things up and running was uninstalling TCP/IP. We don't expect any of our customers to have a plug-and-play experience, because of the nature of what IPv6 is."
Mitchell says network managers probably will run into interoperability problems between Vista and network-attached printers that don't support IPv6. Configuration problems also will be common, he predicts. "There are going to be a lot of questions about how to configure routers and switches around IPv6," he says. "It's nothing unusual. We run into those kinds of problems with IPv4, and this is a new protocol."
Microsoft says several of its enterprise customers including the U.S. Department of Defense and Bechtel are testing Vista's IPv6 capabilities in their labs. So far these companies have run into the kinds of configuration problems common with a protocol upgrade, Microsoft says.
"We haven't run into any show-stoppers," Siler says. "The biggest questions we see deal with configuration. They deal with, how is this feature working and why does my machine always have an IP address. It's a matter of understanding the technology better and how to control it."
Third-party certifications for Vista
A few third parties have verified Vista's IPv6 capabilities. For example, the Defense Department's Joint Interoperability Test Center has certified Vista as IPv6-capable.
Vista testing is ongoing at the University of New Hampshire Inter Operability Lab (UNH-IOL), which ran a series of tests on Vista's IPv6 stack in June. The tests were run over Moonv6, the world's largest IPv6 test bed, which is operated by UNH-IOL.
UNH-IOL created and shared files using Vista's IPv6 software, Adobe's Dreamweaver Web-design tool and Microsoft's MeetingSpace collaboration software. UNH-IOL also tested Microsoft's Longhorn server's IPv6 software and its FTP features. "We proved that applications do work on top of Vista," says Erica Johnson, senior manager of software and applications at UNH-IOL. "All of the Vista testing was proved under dual-stack conditions, as well as IPv6-only."
UNH-IOL also printed documents from Vista's IPv6 software using printers from HP, Konica Minolta and Xerox. "How well Vista handles printing depends on . . . whether the printer company has capable drivers," Johnson says.
Although Johnson says the latest round of Moonv6 tests proved that important office applications will work with Microsoft's Vista's IPv6 implementation, she says it was difficult for the lab's IPv6 experts to get everything to work. "If you had zero knowledge of IPv6, you would have a hard time learning how to set up these servers," she says. "There's going to be a knowledge gap for network administrators and IPv6 developers. They're going to have a hard time setting up simple servers for an IPv6 network."
UNH-IOL continues to test Vista's IPv6 capabilities, but has not yet awarded the operating system its IPv6-ready logo. Other operating systems, including HP's version of Unix and Red Hat's version of Linux, were certified as IPv6-ready by UNH-IOL.
Johnson says that even if Vista passes the IPv6 certification, it won't make the transition to IPv6 any easier for corporate network managers. "The testing we do is interoperability testing, but that's not the exact topology as an office would have," Johnson says. Network managers are "going to have to make sure that each function or feature of their network is correctly enabled for IPv6. And security is going to be a big part of their testing."
Third-party testers and Microsoft executives agree that upgrading to Vista's IPv6 features is going to require a significant amount of training for IT executives. "Training is going to be the biggest stumbling block for any organization doing anything with IPv6," Siler says. "No matter how well your people understand IPv4, getting them up to speed on IPv6 is not a simple, overnight effort. You can't pick up a book, browse through it over the weekend and be an IPv6 master."
Microsoft executives say network managers will need to spend a significant amount of time getting hands-on experience with IPv6 and troubleshooting IPv6 problems before they're ready for migration.
"There's a fairly steep learning curve," Siler says. "Until people invest some time into getting up to speed on IPv6, network management tasks are going to be incrementally harder. . . . I would say that at a minimum somebody needs to be working with IPv6 for at least a year to feel comfortable with it and before they starting working with it in production."
Despite the amount of work involved in migrating to Vista's IPv6 stack, Microsoft officials say the protocol is worth the effort.
"We see tremendous value in IPv6. That's why we're using it internally," Siler says. "It's not just having billions of addresses. . . . Real end-to-end connectivity and end-to-end security" are among the big business values of IPv6.