Our team at Imperial College London is spearheading the institution’s programme to implement Internet Protocol version 6 (IPv6) to make sure it has enough unique IP addresses to support education and research in the future - and careful planning is keeping costs down.
IPv6 is the future
The Internet Protocol provides internet-enabled devices with unique addresses so they can communicate with one another. For many years it has been clear to the network services community that the protocol’s current IP version (IPv4) will run out of available addresses as people acquire more and more devices. It’s a pressing issue but IPv6 gives us a practical solution that offers many trillions of potential addresses, compared with just four billion or so offered by IPv4.
At Imperial, we started experimenting with IPv6 in 2003. Although we hadn’t got to a point where we were about to run out of IPv4 addresses, with 'bring your own device (BYOD)' becoming more popular and the Internet of Things (IoT) making it possible to connect more site services like light sensors, CCTV and swipe card readers to the internet, we knew it wouldn’t be long before we did.
Researchers and students will benefit
IPv6 offers our users better connectivity and a better experience of our online services, so we are rolling it out across the institution, working on it gradually to take advantage of procurement cycles and minimise risk. When equipment is due for upgrade or replacement, we specify that new equipment must be IPv6-enabled.
So, for example, in 2006 we enabled the core network and in 2010 we took advantage of the IPv6 option available for our connections to the Janet Network. The following year the college websites moved to IPv6 and by 2015 all major infrastructure had followed.
An early focus was our high-energy physics department because it communicates with CERN and other research institutions that are moving rapidly towards using IPv6 exclusively. IPv6 doesn’t just offer more IP addresses – it also has technical enhancements that increase security and handle data packets more efficiently, improving performance and supporting innovation and collaborative working.
At the moment we are running a dual stack system (with the two internet protocols operating alongside each other) across our production, guest and BYOD networks. Before the COVID-19 pandemic we gathered data on how much of our traffic was using IPv6 compared with IPv4 and it varied widely across our various services – around 40% of all our internet traffic happened over IPv6, and around 80% of the traffic in high-energy physics. For some internal services such as home directories and research data store, traffic is almost exclusively IPv6. We are experimenting to work out how (and when) we can turn IPv4 off without causing disruption to services.
Turning off the legacy system
The ‘patch’ solution that’s being widely used to conserve IPv4 addresses involves using limited global IPv4 addresses with network address translation (NAT); it consolidates multiple IP addresses into a single public one to keep public IP addresses available, but the NAT layer can make response times slower. The difficulty is a particular issue for students and staff working overseas in locations where they are already connecting to us via several NAT layers. It can make some services unworkable. This is more pressing now that so many people have gone home to study – and may stay there when travel restrictions ease.
The same difficulty will also affect network users in the UK as IPv4-based applications deploy more and more layers of NAT to preserve IP addresses. Already, more than 35% of UK network traffic is IPv6. An increasing number of our UK-based users will be using access networks like BT and Sky in their homes that support IPv6 and, increasingly, networks that are moving towards IPv6 only – for example, mobile networks like EE. What’s more, most will have devices that are IPv6-enabled already. It is important for us to provide connectivity that matches what they expect at home.
For Imperial, turning off IPv4 will reduce complexity and cost, but we are treading carefully. We have already done it in our high-performance computing (HPC) environment where it was relatively easy because it is a closed system that is easy to control. Elsewhere in the college it’s harder because some devices may not support IPv6 or may be using IPv4 even though they don’t need to – and it may not become apparent until we try. We are assessing feasibility and analysing data from a hall of residence, as one of the few places where there is currently sufficient activity. The results will inform what we do next.
David Stockdale is a senior network engineer at Imperial College London and a member of the UK IPv6 Council alongside our own Tim Chown. Don’t miss their talk about IPv6 at Networkshop49. Networkshop49 is an online event running from 27–29 April 2021. Booking is now open - free to Jisc member organisations.