01. IPv6 transformation issues and overall transformation ideas
As national policies promote the deepening transformation and large-scale deployment of IPv6 during the "14th Five-Year Plan" period, more and more systemic problems have emerged during the IPv6 transformation process, as shown in Figure 1.
Figure 1 Various questions about IPv6 transformation
All IT software and hardware systems that communicate across devices need to handle IP addresses, and IPv6 adaptation is required in all fields. There is still a big gap between primary transition technologies such as tunneling and translation and the transformation goal of IPv6 single stack. As the large-scale deployment of IPv6 progresses, it is necessary to consider the IPv6 capabilities of the IT architecture from an end-to-end perspective. According to the IT architecture The current status of each field and the transformation technical route determine the order of transformation in each field, and ultimately achieve the unified goal.
For application developers, because they have been accustomed to highly encapsulated IPv4 function calls for a long time, they are not familiar with or pay attention to the bottom layer of the network protocol stack. Different developers have great differences in their understanding of IPv6 technology and the choice of technical routes. Therefore, unified IPv6 technology selection standards, application transformation standards, and application acceptance standards are formed through planning to guide developers in developing IPv6-related functions, thereby improving development efficiency and reducing subsequent operation and maintenance complexity.
02 IPv6 address planning method
IPv6 addresses are IPv6 technology and core carriers. Compared with IPv4 addresses, IPv6 addresses have characteristics such as long length, hexadecimal format, complex structure, and inconvenience to remember. In order to facilitate efficient management of IPv6 addresses, new IP addresses need to be considered. planning methods. The following principles are usually adopted.
◎ Hierarchical principle
IPv6 addresses establish a hierarchical relationship with network physical architecture/organizational architecture/business architecture to enhance logic. The hierarchical design helps reduce the size of the routing table and facilitates capacity planning and management.
◎ Semantic principles
Containing business type, location and other information in the address can help with operation, maintenance and troubleshooting. Try to use a multiple length of 4 bits to plan each segment of identification bits to enhance hexadecimal legibility.
◎ Continuous scalability principle
Addresses of the same business type should be allocated consecutively. The address has the ability to be easily expanded in terms of functions, capacity, coverage and other aspects. Make appropriate reservations considering future growth and new business needs.
◎ Easy management and control principle
IPv6 address planning is simple and intuitive, easy to manage, and should meet business QoS, security access control and other management requirements. as shown in picture 2.
Figure 2 IPv6 address planning method
Demand analysis is a necessary condition for IPv6 address planning, and needs to be analyzed from the business and management levels:
■Business needs analysis
Before IPv6 address planning, the current status of each business platform should be fully investigated to meet the needs of each business platform for IPv6 addresses, including address capacity demand analysis, business communication demand analysis, and existing IPv4 business demand analysis (in a dual-stack scenario, IPv6 Shares the same Layer 2 broadcast domain range as IPv4, that is, the same VLAN corresponds to one IPv4 and one IPv6 network segment).
■ Management needs analysis
Conduct demand analysis from the perspective of easy management and control of IPv6 addresses, including address identification type demand analysis and address level demand analysis. Address identification refers to the identification meaning of fields contained in IPv6 addresses, such as physical location, business type, network type, etc. Address level requirements need to consider factors such as IT architecture, organizational structure, routing management, traffic management, etc. that may affect the division of address levels.
As shown in Figure 3, the IPv6 address consists of the network part and the interface ID. The network part also includes the network prefix and subnet ID. The network part focuses on planning the subnet ID, level, and capacity. The planning of the interface ID part is mainly used for the refined management of network interconnection and host addresses in the future.
Figure 3 IPv6 address composition
As shown in Figure 4, identifiers with physical location attributes are ranked first to facilitate route summary and address prefix hierarchical management.
Figure 4 Customer A’s IPv6 address planning plan
As shown in Figure 5, in order to facilitate traffic management and security control based on different services on the network, the business category identifiers are ranked first, but the business attribute identifiers should not occupy too much space when they are ranked first, otherwise it will not be conducive to route summary. .
Figure 5 Customer B IPv6 address planning scheme
03. IPv6 transformation method of IT infrastructure
■ Current situation survey
Fully evaluate the ability of each part of the existing IT infrastructure to support IPv6 technology, and evaluate the ability of existing software and hardware to support IPv6 from the aspects of function, performance, business continuity, security, reliability, and scalability.
Figure 6 IT infrastructure dual-stack transformation process
■ Planning and design
Conduct technology selection based on the current situation survey results, formulate overall IPv6 transformation strategies and transformation plans, and guide IPv6 transformation planning and design in various areas of IT infrastructure, including software and hardware system architecture transformation planning, software and hardware equipment upgrade planning, etc.
■ Integration testing
Build a test environment to verify the feasibility of the planning and design, and simulate business system behavior for testing and verification.
■ Business migration
The migration will be implemented gradually and in batches according to the planning and design, and the original IPv4 business will be affected as little as possible.
■ Integrated verification
Test and verify the modified software and hardware systems to ensure that both IPv6 and IPv4 services are running normally.
For network IPv6 transformation in IT infrastructure, one or more transformation modes can be selected according to different scenarios:
Dual-stack mode: All software and hardware equipment of the IT infrastructure are transformed into dual-stack equipment, that is, the network, terminals, platforms, and application infrastructure all run IPv4 and IPv6 network protocol stacks at the same time, and a set of IT infrastructure processes IPv4 and IPv6 business data at the same time. .
The dual-stack model is suitable for scenarios where most existing IT infrastructure supports IPv6. Only one set of IT infrastructure needs to be maintained. The maintenance cost is low and the transformation is thorough, which facilitates smooth evolution to an IPv6 single-stack environment in the future. It is the most ideal IPv6 transformation model.
Tunnel mode: IPv6 data is encapsulated into IPv4 packets through network tunnel technology, which can realize the function of transmitting IPv6 service data across IPv4 networks. It is suitable for scenarios where the terminal side has completed IPv6 transformation and the backbone network cannot complete dual-stack transformation in a short period of time. Commonly used technologies include 6to4 tunnels, GRE tunnels, 6PE/6VPE tunnels, VxLAN tunnels, etc.
Address translation mode: Use dedicated network equipment to map and convert IPv4 and IPv6 addresses to achieve interoperability between IPv4 and IPv6 systems in the transitional stage of IPv6 transformation. It is suitable for scenarios where most existing IT infrastructure does not support IPv6 and cannot be transformed in a short period of time, but IPv6 access services need to be temporarily provided to the outside world. Commonly used technologies are NAT64 and SPACE6.
Analysis of actual deployment scenarios: In the selection process of IPv6 transformation technology for a certain customer network, the three transition technologies are not mutually exclusive. In the same network, different transition technologies can be selected in different areas/scenarios, such as data center network server partitioning. Dual-stack or tunnel (VxLAN) technology is usually used. Internet/outline partitions can use dual-stack or address translation technology, while WAN usually uses dual-stack or tunnel (6vPE, GRE, SRv6, etc.) technology. Campus access network scenarios are the most suitable. Dual stack technology is often used.
04 Application system IPv6 transformation method
IPv6 transformation is not only about transforming infrastructure, but more importantly, application systems also need to support IPv6. In actual IPv6 transformation projects, due to the different actual situations of customers, several problems are often encountered, as shown in Figure 7.
Figure 7 Common problems in IPv6 transformation of application systems
These problems will directly affect the efficiency, progress and quality of enterprise IPv6 transformation. In the actual transformation process, because it involves many fields and requires communication and collaboration from various departments, it cannot be achieved overnight. For large and medium-sized enterprises, it is necessary to establish a unified set of application transformation standards and implementation routes to guide, standardize and promote The application and transformation work of IPv6 is proceeding smoothly.
■ Transformation strategy
Principle: Determine the overall transformation plan based on the actual situation of the enterprise and industry best practices, and clarify the basic requirements and rules for the transformation batch and current period, such as transformation scope, transformation degree, time schedule, personnel organization and technical implementation methods, etc. . For a long time in the future, IPv4 and IPv6 will coexist, so it is recommended to adopt dual-stack technology implementation to achieve the purpose of maintaining a set of codes that is compatible with IPv4 and IPv6 client access logic.
Standards: Mainly used to unify the standards for acceptance of IPv6 application transformation, clarify the purpose and goals of each phase of transformation, what needs to be changed, what test acceptance requirements need to be met, etc., such as application dual-stack connectivity, functionality, compatibility, performance and other specific index. The formulation of transformation acceptance standards must not only meet industry regulatory standards, but also consider the actual situation of the enterprise itself.
Guide: Application transformation has a certain degree of universality. A general application transformation reference guide can be developed for common transformation points, including application code and application middleware common functions, to form an IPv6 transformation knowledge base. On the one hand, it can speed up the transformation efficiency, and at the same time, it can unify the transformation standards. It is especially suitable for enterprises that apply batch transformation and have relatively large personnel mobility.
■ Transformation process
In the entire IPv6 application system transformation life cycle, the following transformation process is recommended:
Research and demand analysis: In this link, it is necessary to conduct a comprehensive review of the application system to understand the current situation. This includes sorting out the types/versions of the software and hardware infrastructure it relies on, sorting out the system logical architecture, sorting out the relationships between components, sorting out the calling relationships between the system and external systems, and sorting out IP-related configuration files/codes. Configuration and function sorting, etc. Before the investigation, basic IPv6 training and publicity is also needed for all relevant personnel so that they have a basic understanding of IPv6 knowledge.
Solution design and verification: Once the basic research is completed and the scope of the application system that needs to be modified is clarified, the solution design and verification of the non-universal components can be carried out, especially for some older versions or open source components, upgrade verification, or procurement, Replace new components and update the verification results to the application transformation reference guide as the IPv6 application transformation knowledge base.
Application modification and testing: All IP-related functions in the application code need to be modified. The transformation process needs to be coordinated with the infrastructure transformation, and testing and verification should be carried out in the test environment according to the acceptance standards, such as testing functions, performance and compatibility through client single stack, dual stack, domain name, etc. to ensure that the application transformation cannot affect the Stable operation of the original business.
System online: After the transformation test is completed, the application needs to be online. The premise is that the infrastructure on which the application system's production environment depends has been transformed.
As shown in Figure 8, a summary of best practices for IPv6 transformation projects.
Figure 8 Best practices for IPv6 transformation of application systems
05
Thoughts on next steps
■ IPv6+ new technology exploration
Native IPv6 technology has the advantages of massive address space, plug-and-play, mobility support, and high scalability. It accelerates the upgrade of IPv6 next-generation Internet and develops enhanced "IPv6+" networks. Through large-scale commercial deployment of IPv6 and "IPv6+" Innovate to improve network capabilities, drive the integrated development of networks and services, empower the digital transformation of industries, and comprehensively build a "new base" for the digital economy, digital society, and digital government. As shown in Figure 9.
Figure 9 IPv6+ technology evolution route
IPv6+1.0 network programming capabilities: Through technological system innovation, we will build "IPv6+" network open programmability capabilities, focusing on the development of SRv6 to replace the basic features of the traditional MPLS (Multiprotocol Label Switching, Multiprotocol Label Switching) network, with rapid service provisioning and flexibility. Path control uses its own advantages to simplify the service deployment of IPv6 networks.
IPv6+2.0 user experience guarantee: Improve user experience guarantee through intelligent operation and maintenance innovation. Network slicing/flow detection/new multicast/intelligent lossless and other technologies bring improved computing power, visual experience and optimal experience. The focus is on the development of new applications for 5G and cloud. Improving the experience of these applications requires the introduction of a series of new innovations, including but not limited to network slicing, flow detection, new multicast and intelligent lossless networks.
IPv6+3.0 application-driven network: Develop application-driven networks through business model innovation. On the one hand, with the further integration of cloud and network, more information interaction needs to occur between cloud and network, and network capabilities need to be more openly provided to the cloud to achieve application awareness and instant invocation. On the other hand, as multi-cloud deployment accelerates, networks need an open multi-cloud service-oriented architecture to achieve cross-cloud collaboration and rapid unified provisioning and intelligent operation and maintenance of services. IPv6 is undoubtedly the most advantageous medium, and the deep integration of cloud and network will also bring important changes to the digital transformation of thousands of industries in the future.
Based on their own business needs and scenarios, enterprises can further combine IPv6 with other technologies on the basis of IPv6 Ready to develop enhanced "IPv6+" networks. For example, IPv6+ segment routing provides rapid service provisioning, and IPv6+5G realizes end-to-end network slicing, providing differentiated network service levels. IPv6+ losslessly achieves zero packet loss in Ethernet networks, ensuring a deterministic experience in the data center. IPv6+AI realizes automatic deployment throughout the network life cycle and automatic fault location. IPv6+ application awareness provides experience guarantee for key services, stimulates business innovation, changes business models, and increases revenue and efficiency.
■ Summary of IPv6 systematic transformation
For large and medium-sized enterprises, IPv6 transformation is a systematic project and a process of continuous evolution based on overall planning and top-level design. It cannot be accomplished overnight, otherwise it will affect business continuity. In addition, enterprises may need to reorganize the procurement, development, and business launch processes to ensure that IPv6 support is a necessary condition when launching new R&D applications or purchasing external applications. At the same time, the enterprise's own application monitoring and operation and maintenance management systems themselves also need to support the IPv6 protocol.
Finally, in the actual transformation process, resources with experience in both infrastructure and application transformation are often needed to plan, promote and solve various problems in the IPv6 transformation process from a global perspective.