In part one we discussed the background related to the industry momentum around going IPv6-only. We also received some sage advice from Ungleich Glarus CEO, Nico Schottelius, and covered his lessons learned in their IPv6-only journey.
In part two, we will continue the dialogue with two other leaders in the industry, LinkedIn and T-Mobile, and summarize what all of this can do for you in your IPv6 transition.
LinkedIn’s Goal to Remove IPv4
Most readers are familiar with the professional networking company LinkedIn. They currently have over 700 million registered members from 150 countries. Serving their user base takes a significant amount of compute capacity, and LinkedIn operates its own datacenters in multiple U.S. locations (as well as one overseas). At the 2017 North American IPv6 Task Force Summit (coincidentally hosted by LinkedIn), Franck Martin, Chairman of LinkedIn’s IPv6 in the Datacenter Working Group, made a splash by announcing their intention to build an IPv6-only datacenter. I recently caught up with Franck to get an update on LinkedIn’s IPv6 activities.
First, some background on LinkedIn’s network. They were a relatively early adopter of IPv6. Back in 2013, they enabled IPv6 on their email platform, and in 2014 they activated the protocol on their web servers. The primary driver behind their dual-stack deployment was the forecasted depletion of their RFC 1918 address space. Another driver, however, was the added benefit that IPv6 was, in many cases, faster than IPv4. Since dual-stacking their website seven years ago, the amount of IPv6 traffic handled by LinkedIn has steadily increased to the point where it is currently the majority.
In 2017, Franck noted that LinkedIn’s platform was dual stack on the front end but some of the back-end communication was still using IPv4. In the years since, their infrastructure has been fully upgraded to support IPv6. This work has created a solid platform for LinkedIn, as well as third-party applications used by partners, which now must support both IPv4 and IPv6. The ultimate goal of turning IPv4 off has not yet been achieved, but there has been significant progress adopting IPv6 nonetheless.
It is also important to note that LinkedIn’s network and compute priorities have evolved over the past few years. In 2016, they were acquired by Microsoft. Until recently, LinkedIn’s network remained independent. In 2019, however, LinkedIn and Microsoft publicly announced a multi-year project to migrate their compute workloads to Azure. Franck’s recent focus has been working with LinkedIn’s parent company, Microsoft, to ensure that Azure provides a suitable dual-stack environment that can seamlessly communicate with the current LinkedIn datacenters.
Even if some goals take longer than anticipated to achieve (turning IPv4 off for example), vision and leadership are still invaluable. Franck notes that because of their IPv6 implementation efforts, LinkedIn’s network is in a much better position today than even a few years ago and is able to rapidly adapt and accommodate future requirements. He touts that being an early adopter has already paid dividends. When Apple announced in 2015 that IPv6 support will be required for all iOS 9 apps, LinkedIn was already in compliance: They required zero effort to meet the mandate. Vision and planning do have their benefits.
Franck is always open to provide recommendations for other organizations deploying IPv6. He stresses that workforce training is key. (See Ed Horley’s post on Why an Investment in IPv6 Training Will Pay Off.) And not just the network group. Franck refers to three towers: hardware, software, and network, all of which need to be included in training and implementation efforts. Involvement is also needed from the security team to account for IPv6 in their practices and testing.
He recommends working with vendors early in the IPv6 planning process. LinkedIn is a large company with significant influence, but this point is still valid for smaller organizations. Also, a suitable lab or test environment is indispensable in ensuring proper functionality in your environment, regardless of vendor feature claims. In other words, do not blindly trust vendors: test, assess, and verify.
Finally, be ready to adapt if priorities change. This was the case when LinkedIn announced plans to migrate from operating their own datacenters to using Microsoft Azure.
Turning IPv4 off is still a goal of LinkedIn, and the current dual-stack environment is a step in that direction. Below is a summary of IPv6 benefits and lessons learned with recommendations from LinkedIn.
|IPv6 Lessons Learned and Recommendations||IPv6 Benefits|
|Training is key–including non-network silos that need to be involved in IPv6 deployment||Increased performance|
|Ensure the security team plans for and manages IPv6||Elimination of layers of NAT (performance and simplicity)|
|Do not blindly trust vendor claims of compliance: test, assess, and verify||Positions network to comply with external requirements – for example Apple’s iOS 9 IPv6-only mandate|
|Work with partners and/or any parent companies on IPv6 readiness and integration||Globally unique addresses do make integration much easier|
|Be ready to adapt to changing priorities||Faster to market, less technical debt and effort|
|Early adoption has its benefit – for example, after Apple’s IPv6 mandate LinkedIn did not have to perform any work to comply with it|
T-Mobile’s IPv6-only Wireless Network
During the 2017 North American IPv6 Task Force Summit, T-Mobile’s Stephan Lagerholm gave an excellent presentation and demonstration of their IPv6-only subscriber network. This stood out from the other presentations at the event in that T-Mobile was not just talking about eliminating IPv4, they had already done it. It was a testament to the fact that mobile communications providers like T-Mobile, and their peers, have been leaders in IPv6 deployment.
These companies realized years ago that limited public IPv4 and RFC 1918 addressing does not provide enough space to operate and grow their business. For this reason, cellular carriers are consistently at the top of the list for IPv6 adoption. A good resource to view the completeness of IPv6 deployment is https://www.worldipv6launch.org/measurements/. This tool displays the percentage of traffic to major dual-stack sites from various BGP Autonomous Systems. Out of the 350 organizations tracked, T-Mobile tops the list (at the time of this writing – the values are fluid) with 94% IPv6 deployment. (The value was 84% back in 2017.)
To get an update on T-Mobile’s experience operating an IPv6-only network I caught up with Senior Engineer Ben Bittfield. Ben arrived at T-Mobile via Sprint after their merger last year, and he notes that both networks had a similar architecture. T-Mobile may have led the way in large-scale IPv6 deployments, but customers still needed access to the legacy Internet. To support cases where applications are still relying on IPv4, T-Mobile utilizes a combination of NAT64 and 464XLAT. Ben notes that it was a huge boon for the protocol when Apple mandated IPv6-only support for apps in iOS 9 and beyond. This move by the one of the primary smart device producers has helped cellular providers in leading IPv6 deployments in an environment where operating IPv4 at large scale has significant challenges. There are still legacy apps and devices in use requiring the workarounds outlined above, but over time their need will diminish thanks to IPv6’s momentum in this industry.
Mergers and acquisitions often force companies to struggle with addressing conflicts as networks get integrated after the dust settles. Ben notes, however, that it was a tremendous benefit for both Sprint and T-Mobile to have IPv6-only subscriber networks after their $26 billion merger. “It made integration 100 times easier.” After such a major M&A event, it is difficult to put an exact value on simply plugging together the revenue generating networks of two major carriers with little to no pain. From an operational perspective there is no renumbering, no NAT, no complications–just routing… Priceless!
From his vantage point operating in an IPv6-only environment, Ben offers the following advice for others in their IPv6 deployments. First, fix the root cause of problems. At this point NAT64 and 464XLAT are relatively solid and mature, but there are still instances when mobile applications get hung up. This often involves apps that carry IP information at higher layers in the OSI stack. Though it may be quicker to implement a workaround, Ben recommends taking the extra time to remedy the core of the issue. This often requires reaching out to the app developer and working through the obstacle.
Like LinkedIn, he advocates working with key infrastructure vendors early in the planning process and to be sure to test their products. Deployment boundary cases can expose IPv6 bugs, and T-Mobile also noted that stress-testing equipment uncovered performance limitations. Eventually they were able to work with their partners to resolve these issues. But it was critical that these limitations were caught pre-production.
Ben also recommends preparing for flexibility on IPv6 address planning. He cautions that the first draft of an address plan is not always perfect, and it may be necessary to adapt or get assistance in this effort. Finally, do not be afraid to make mistakes. Like any IT endeavor, mistakes will happen. Learn from them and move forward.
Below is a summary of benefits and lessons learned with recommendations from a true leader in IPv6-only deployments.
|IPv6-Only Lessons Learned and Recommendations||IPv6-only Benefits|
|Take the time to solve the root cause of problems–resist the urge to implement workarounds||Simplicity of merger and acquisition network integration|
|Work with key infrastructure vendors and test their platforms, including performance testing||Scalability – the ability to operate a large, global network|
|Be prepared to adapt||Early adoption–better prepared for partner mandates (like Apple’s IPv6-only requirement)|
|Like in any IT initiative, mistakes will happen–but don’t be afraid to make them as long as progress is being made|
There has been a clear shift in industry thinking with respect to IPv6 implementation models from dual-stack to IPv6-only. Though many enterprises lag in IPv6 adoption, many other organizations have decided to forgo IPv4 altogether. For those willing to take this step, the recommendations and lessons learned from three pioneers in IPv6-only planning and deployment will assist in the journey.
It is no surprise that Ungleich Glarus, LinkedIn and T-Mobile trumpet overlapping benefits and lessons learned. It is often easy to find roadblocks that discourage a network architecture transformation–such as migrating to an IPv6-only network. But these companies have found a path that overcomes hurdles and progresses toward their objectives. It is important to keep in mind that all major IT projects present challenges. But with the proper vision, guidance, and mindset, aided by the knowledge from those that have come before, your goal can be obtained.
Though it may seem far-fetched today, most enterprises will eventually run into business drivers to adopt IPv6 and turn off IPv4. These may be noticeable immediately or they may take years or even decades to appear. The process of moving to IPv6-only will most likely occur as a gradual evolution rather than a forklift upgrade and flag day. For example, datacenters and IoT environments may require IPv6-only long before it makes sense for corporate desktops and laptops. Regardless, it is good to start thinking about and planning for this future now.
The table below summarizes the recommendations above.
|IPv6-Only Lessons Learned and Recommendations||IPv6-Only Benefits|
|Focus on IPv6 because IPv4 deployments are neither scalable nor sustainable||Reduced network complexity|
|Find workarounds to accommodate IPv4 if necessary||Can enable service providers to offer a less expensive service|
|Do not get bogged down in legacy software and tools–if a required application does not support native IPv6, find a modern replacement||Scalability and sustainability|
|Time mends problems–IPv6-only in 2021 is easier than 2016 and 2025 will be better than 2021||This is where the Internet is going; you are ready for the future today|
|Work with vendors and persuade them to support IPv6 if there are gaps||Increased performance|
|Do not be afraid to tinker with open source code and fix bugs||Positions network to comply with external requirements|
|Training is key–including non-network silos that need to be involved in IPv6 deployment||Globally unique addresses do make integration much easier|
|Ensure the security team plans for and manages IPv6||Faster to market, less technical debt and effort|
|Do not blindly trust vendor compliance: test, assess, and verify (functionality and performance)||Merger and acquisition network integration simplicity|
|Be prepared to adapt|
|Work with partners and and/or parent company on IPv6 readiness and integration|
|Be ready to adapt to changing priorities|
|Take the time to solve the root cause of the problem|
|Like any IT initiative mistakes will happen–but don’t be afraid to make them as long as progress is being made|
|IPv6 brings the fun back to networking|
Learning from others who have come before will assist you in your IPv6-only implementation effort. Won’t it be nice to one day disable IPv4 and operate in a much simpler, secure and more scalable IPv6-only world?