6Sense: Generating New Possibilities in the New Internet.
Produced by: IPv6 Summit, Inc.

IPv4/IPv6 Dual Stack Support
Caveat Emptor
by Bill Kine
Product Manager, Spirent Communications

Bill KineRIPv6 is a revolutionary new protocol. Numerous innovative communications solutions will be enabled by this new protocol. However, as desirable as such a solution may be, it will be a long time before IPv6 will become the exclusive protocol of most major networks. Instead, an extended migration will take place over the next several years. During this transition period, IPv4 and IPv6 must peacefully coexist and even interoperate in large networks throughout the world.

There are three different networking philosophies for IPv4/IPv6 transitional mechanisms. Each has its own unique benefits and offsetting shortcomings. These are summarized below:

1. Translation: This transitional solution inserts a separate translation device between the IPv4 and IPv6 networks. The translator will convert IPv6 packets and addresses to IPv4 and vice versa.

  • Advantages: This allows true any-to-any communication between IPv4 and IPv6 resources.
  • Disadvantages: The translator clearly becomes a network bottleneck and a single point of failure. Furthermore, packet translation impacts many applications (such as data encryption) and creates some serious firewall and security challenges.

2. Tunnels: There are a handful of different proposals for ways to tunnel IPv6 traffic over (or through) IPv4 networks, and even some strategies for tunneling IPv4 traffic across an IPv6 network. In fact, the old 6Bone experimental network was based upon tunneling. Some proposals are based upon manually configured tunnels (an arduous process, I’m sure) and others advocate constructing the tunnels automatically. Tunnel brokers or servers are even suggested for some solutions.

  • Advantages: Tunneling effectively interconnects islands of IPv6 across the prevailing IPv4 infrastructure.
  • Disadvantages: Tunneling solutions do not allow IPv4 hosts to access IPv6 resources; instead the two protocols and networks remain entirely separate. Tunneling also adds a lot of complexity to the networks, and this in turn may have some serious operational implications. And, finally, tunneling may not be a truly scalable solution.

3. Dual Stacks: This option is based upon enabling network resources such as hosts, servers, routers and switches to support both versions of the Internet Protocol simultaneously.

  • Advantages: Dual stack support ensures any-to-any communications, regardless of the versions of IP.
  • Disadvantages: Dual stacks double the communications processing requirements of all of the network resources, and this leads to performance degradation.

IPv6 may be an optimal long-term communications solution, but all of the short-term transitional alternatives, as indicated above, are far from perfect. So far, the market forces have mostly rejected the translation option due to its security and performance challenges. Many industry pundits advocate tunneling, but they cannot seem to agree on any particular tunneling mechanism. Therefore, this general option gets lots of wordplay and socialization, but very few actual tunneling implementations can be found in production networks. Instead, the vast majority of today’s mixed IPv4/IPv6 networks are based upon dual stack support.

Dual stacks typically reside in the network elements – routers and switches. Some servers also operate in dual stack modes, but those only tend to exist under exceptional circumstances. Dual stacks provide a lot of flexibility for network configurations since each version of IP operates independently. However, the downside to this solution is that the routers and switches are required to support two protocols instead of one. This directly impacts their CPU utilization, memory and forwarding capacity. In other words, there may be some severe performance implications associated with dual stack operations.

The first assumption that network administrators typically make when enabling dual stack support on their routers is that all protocols will be treated equally. This becomes their first mistake! Router vendors have had two decades to debug, optimize and accelerate IPv4 packet processing algorithms. Furthermore, all of their real-world trials and tribulations have been based upon IPv4. IPv6, on the other hand, is still in its infancy. Real-word experiences and protocol optimization are extremely limited.

The chart below compares the forwarding performance of a midrange edge router running dual stacks. The histograms indicate the frequency of a specific packet latency measurement. The upper graph clearly indicates that IPv4 latency is consistently measured at 200 microseconds. On the other hand, the lower graph shows that IPv6 packet latency (for identical packet sizes, types and distribution) is considerably greater and entirely unpredictable.

Dual stack support provides a convenient interim solution that can help networks migrate from IPv4 to IPv6. However, it is accompanied by a hefty price. Routers, switches and servers are forced to perform double duties as they try to process two protocols instead of one. The performance tax associated with dual stack operations can be severe. In fact, the additional overhead can impact IPv4 traffic and applications as well as IPv6.

The bottom line is that any IPv6 migration strategy, especially dual stack support, must be tested in your environment, with your applications and real network traffic. Extensive testing must be conducted prior to deploying a dual stack solution. Otherwise, your help desk will be overwhelmed by dissatisfied network users.