Monday, May 21, 2012

IPv6 and Small Businesses

Trevor Pott thinks IPv6 is Bad news for small biz

nobody worried about the little guy. There are a lot more of us small and medium enterprises than big heavies. With IPv4 allocations gone we're facing having to adopt a protocol with some significant flaws [PDF]. Well, flaws for normal people; they're pretty much irrelevant if you have a big enough budget.

The elephant in the room is renumbering. In the IPv4 world, you have one internet addressable IP address and the rest of your network lives in a non-routable space. Your internal network is on the other end of a NAT firewall, subnetted and organized into something that makes sense for the local sysadmins. 
If you need to change your internet service provider for any reason, that's perfectly okay. Your external address changes, a few firewall rules are changed and life moves on. If you need to reorganize your address space internally, no problem! You execute the change, and the outside world is none the wiser. Simple, easy and convenient.

In an IPv6 world, this is a no-no. There is no NAT; it was deemed heretical by the priestly caste of network engineers running the holy church of the IETF. Blasphemers are chastened and belittled. So what are our options?

The official answer is a combo deal. You must accept that renumbering is the new order. If you change ISPs and your assigned block changes then you must have every single computer, switch, router, printer, and network-attached doodad change with it.

No more static addresses, not even for servers. Everything should be configured by DHCP or stateless autoconfiguration. Whereas in an IPv4 world you created firewall rules for servers (and the applications they ran) by IP, in an IPv6 world your firewall will still work because all your systems should have proper fully qualified domain names.


No comments:


Related Posts Plugin for WordPress, Blogger...