william87 - Fotolia
It was the mid-1990s. Netscape ruled the fledgling world of Internet browsers, "Titanic" became the highest-grossing film to date, peace in the Middle East briefly seemed possible, and Dolly the sheep became the world's most adorable cloned mammal.
Amid all this, the Internet was just starting to wake up. The number of routes to IPv4 addresses on the Internet didn't even crack 50,000 until about 1998. So the idea that the pool of unallocated IP addresses could run out, or at least not be bandaged up one day with some form of network address translation, seemed laughable to many people, despite repeated warnings from industry groups. But just as so many assumptions from the 90s have since gone by the wayside -- Netscape who? -- so too has the notion that IPv4 could accommodate the rapid expansion of the Internet. IPv4 routes surpassed 500,000 earlier this year, according to the CIDR Report, which analyzes the BGP routing table. The available pool of unallocated IPv4 addresses has run out in Asia, Europe and most of Latin America, with North America's pool expected to be exhausted by early next year.
IPv6, which expands the size of IP addresses from 32 bits to 128 bits, solves this shortage in large part by offering such an exponentially larger number of addresses that experts say it would be nearly impossible to run out again. But skeptics have worried that bigger addresses -- and so many more of them -- would overwhelm routing tables and consequently cause routers to choke on the memory, forwarding and processing demands.
As more enterprises and service providers transition to IPv6, however, it appears this is a moment in networking when one plus one doesn't necessarily equal two. Although IPv6 addresses are bigger and the number of them is only going up, engineers who have run networks with the next-generation protocol say IPv6 is unlikely to overwhelm routing tables any time soon.
"The expectation was that it would be a major impact, when in reality we will not see that," says Ciprian Popoviciu, president and CEO of nephos6, a cloud- and IPv6-focused consultancy in Raleigh, N.C.
In fact, IPv4 may ultimately drag down routing performance, not IPv6. Most modern routers have enough ternary content-addressable memory (TCAM), a specialized type of memory in line cards that is responsible for forwarding packets at line rate, to support between 500,000 and 1 million IPv4 routes, says Owen DeLong, IPv6 evangelist at Hurricane Electric, an Internet backbone and colocation provider based in Fremont, Calif. IPv4 has now passed that lower threshold and continues to grow at a rate of several hundred to a couple thousand routes per month.
But many older routers, including Cisco's Catalyst 7600 Series, only have enough TCAM to support 512,000 routes. The global BGP tables hit that ceiling on Aug. 12, causing a number of websites across the Internet -- including Amazon, eBay and LinkedIn -- to suffer from significant outages or performance degradation. Simply adding more TCAM isn't always a practical solution due to how expensive it is, how much space it requires in routers and how much power it consumes, DeLong explains.
"What's really going to blow out the routing table is not IPv6. It's actually IPv4 run-out," DeLong says. "As that happens, IPv4 is going to get more and more fragmented as smaller and smaller chunks of address space get transferred around to try to plug holes in the dike … [and] IPv4 is going to get much harder to maintain."
IPv6 efficiency lies in aggregation
The ability to better aggregate routes is what many IPv6 proponents pinpoint as one of the main sources of the protocol's efficiency. Because unlike IPv4, which allows variable lengths for host and network identifiers, IPv6 was purposely designed to reserve a standard amount of space, 64 bits, for each portion of the IP address -- the network identifier and the interface identifier, which is the equivalent of a host identifier in the IPv6 world.
"This means we have consistency. All links, all networks everywhere, they're going to be 64 bits long," Popoviciu says. "And because you do this, as you move up in the hierarchy of networks from the access toward the core, you're able to now aggregate those /64s into tighter routes -- a /56, a /48, a /32 and so on."
Popoviciu, whose team has implemented and tested IPv6 for several large enterprises and service providers, found that as long as an organization has a well-managed environment, the routing table used for IPv6 on their networks was just 1.2 or 1.3 times the size of its routing table for IPv4.
"People were expecting it to be eight times, 10 times, 20 times -- orders of magnitude -- higher," he says. "The reason for this smaller number is that if you have a good IPv6 addressing plan, then you take advantage of high levels of aggregation in v6."
On the global Internet routing table, DeLong has also seen few signs that IPv6 addresses, despite being four times bigger than IPv4 addresses, are causing any problems.
"It's absolutely the opposite," he says. "Because IPv6 has a bigger address space, it allows us to issue larger blocks of addresses up front. So there's less fragmentation in the address space, which allows us to aggregate more prefixes in the routing table. If you look at the number of autonomous systems advertising IPv4 routes out there, the average is north of 10 routes per autonomous system, and in IPv6, that's closer to two. You actually get a dramatically smaller routing table."
Martin Levy, head of network strategy at CloudFlare, a website security and acceleration company based in San Francisco that also provides an IPv6 gateway service, points out that Internet routers running IPv4 and IPv6 will need to store two separate address tables. But thanks to the ability to better aggregate IPv6 routes, the newer protocol is highly unlikely to become a memory hog.
"At the moment, we don't need as much v6 memory because the global v6 routing table is tiny by comparison to v4," he says. "It's tiny not only because of some efficiency done in the routing world but also because every IP address that you have routed in the v6 world can represent an enormous number of machines. Therefore, you can get away with a lot less routed entries."
In comparison, the variable lengths of host and network identifiers in IPv4 enabled organizations to chop up various blocks of addresses as needed. It's a mechanism that became handy as the pool of unallocated IPv4 addresses dried up, but it also made route aggregation difficult.
"You end up with this large, wide spectrum of routes of all sizes that you have to store in your routing table," Popoviciu says. "Everybody is trying to tweak and twist and use small chunks of address space here and there -- whatever is left over, however they can organize it. In order to ensure reachability to all these islands, they have to advertise what are sometimes very, very long networks. This overpopulates the Internet [routing] tables."
It's like comparing older cities built on farmland to those designed on modern grid systems, he adds. In the former, you'd have to know the exact name and location of each street you want to find, whereas the patterns in a grid system enable you to make certain assumptions, such as knowing that 5th Street is unlikely to be in the same neighborhood as 125th Street.
"If you're a cop trying to find the right way around the city, now you don't have to store all the names in your head. You kind of have an idea that if it's a three-letter street with this number, and it's southwest, then it's in this quarter. If it's five letters, it's in this quarter, and so forth," Popoviciu says. "That's the kind of aggregation you can do [with IPv6]."
IPv6 performs equal to (or better than) IPv4
On discussion boards and mailing lists across the Internet, some disagree that IPv6 is critical to survival, let alone harmless. They point out that regional Internet registries have actually reclaimed some IPv4 address blocks and that enterprises still rely on NAT for security-related purposes. But proponents say any concerns about router performance are mostly unfounded.
"Yes, there's a cost," counters CloudFlare's Levy. "But in theory -- and there are purists that would argue against this, and I'm going to turn around and say they're being pedantic -- you can move a v6 packet through network infrastructure at about the same speed and with the same level of resources that you can move a v4 packet."
"The ‘pedantic' part is that the v6 packet is bigger," Levy continues. "Why? Because the address is bigger. You need to interpret more bits before deciding where to send it; therefore, the pedantic answer is, ‘No, v6 is actually going to take more effort than v4.' And pedantic people are correct. But at some point in time, you've got to just go ‘Come on, guys. This is a little too much.' Because at the highest level, they're the same. That was the design."
While the memory demands, forwarding speeds and CPU utilization in IPv6 are generally equal to that in IPv4 in most of the enterprises routers, Popoviciu says, he also notes it's important to press vendors on those specifics because some merely aim for IPv6 readiness -- not performance and scale parity.
Due to the way IPv6 has been designed, John Jason Brzozowski, fellow and chief IPv6 architect at Comcast, says he's observed IPv6 traffic sometimes outperform IPv4 on Comcast's network. Comcast, which recently announced it has enabled its entire broadband network to support dual-stack connectivity, runs the world's largest native IPv6 deployment.
"We're not prepared to quantify that [observation of IPv6 performance] at the moment, but … the logical thinking there is [that] as the routing tables continue to grow and v4 continues to be exposed to the possibility of transition technologies like carrier-grade NAT, those two lines are growing further and further apart," Brzozowski says.
Over time, that means IPv6 performance will continue to outpace IPv4, he explains.
"Even if v6 stands still, it will still look better," Brzozowski says. "I think there will be an opportunity to optimize it. But at a bare minimum, it'll still be better."
However, that's all contingent on having a carefully planned addressing architecture.
"Start working on your IPv6 address plan early," Popoviciu says. "You need time to get it right for your organization."
- Versa Networks Secure Cloud IP –Versa Networks
- IP Networking Comparison Guide for the Transformational Enterprise –Juniper Networks, Inc.
- Overview: TELoIP SD-WAN Technology –TELoIP Inc.
- Bringing Next-Generation Performance and Efficiency to Your Network –TELoIP Inc.