Problem solve Get help with specific problems with your technologies, process and projects.

IPv6 renumbering

Renumbering IPv4 networks has always been a difficult job for network administrators. With IPv6 it becomes easier. The protocol's ability to support multiple addresses on a host enables a gradual conversion.

The bane of IPv4 network administrators has been "readdressing" projects. These are usually precipitated by mergers and acquisitions, or growth in the number of users or devices, or the number of sites, or changing network Service Providers, or changes in staff, where the new staff doesn't much care for the scheme the old staff laid out, for a variety of reasons, which range from getting rid of registered public addresses in the intranet that didn't belong to the company, to just wanting a cleaner network that is easier to summarize.

In these events, the rub has always been going through all your servers, which are inevitably statically addressed, and changing all their addresses, then changing DNS, and then making sure all the clients and applications were using the DNS hostnames like they are supposed to, and not the static IP addresses.

This process is fraught with outages and confusion, and can be expensive if applications have to be re-written. But not so for IPv6. As many administrators are finding out, as they implement IPv6, this protocol supports having multiple addresses assigned to the host. This is sort of like the old concept of "multinetting" (using "secondary addresses" in IOS) that put two subnets on the same broadcast domain, but it's substantially different in implementation, because one address can be "preferred" while the other can be "depreciated". It's also important to understand that these addresses are not assigned to each host statically, but by Router Advertisements, which have a duration or lifetime.

The combination of these two features, means a relatively painless migration path for IPv6 administrators, even though you still have to deal with DNS. But... there is one important thing to remember when planning your IPv6 address migration: don't reuse the old addresses until their original lifetime has passed. The corollary: don't set RAs longer than necessary. I.e. a few days or weeks are fine. There's no reason to set RAs for several months.

The reason for this is that routes continue to advertise the depreciated network address until the lifetime is over to let hosts -- that may have been powered down during the change -- know to use the new address. If you reuse the old addresses on another network somewhere, then the addresses will appear to come from both places, and your routers won't be able to sort out what traffic goes where.

Tom Lancaster, CCIE# 8829 CNX# 1105, is a consultant with 15 years experience in the networking industry, and co-author of several books on networking, most recently, CCSPTM: Secure PIX and Secure VPN Study Guide published by Sybex.

This was last published in July 2005

Dig Deeper on Network Infrastructure