One area which may create problems for enterprises wishing to deploy IPv6 is application conversion. Some conversions may be quite simple, while strategies for others will need to be carefully considered and may take time. One of our goals at Industry Network Technology Council (INTC) is to help enterprises receive the proper training needed to ensure application conversion is not a roadblock to deploying IPv6.
Furthering Our Work
In 2020, we received a grant through ARIN’s Community Grant Program to support us in furthering our work to provide training to enterprises who are lagging in IPv6 adoption, specifically focused on application conversion. We have created a survey to be completed by enterprises (private, managed networks) so that we can help by writing best practices or strategies for the issues that many organizations face. Our focus here is on the migration process itself rather than the steady-state. That is, it will likely take many years to completely switch from an IPv4-only network to an IPv6-only network. The changeover itself may be difficult or create problems, and may well be the reason that many organizations have resisted the switch to IPv6.
The Survey is Still Open
We have received an excellent response to our survey thus far, so thank you to all who have participated. If you have a private, managed IP network, you can still help us by taking the survey at the link below. We will present the results of this survey in our next blog, as well as during our presentation at the ARIN 48 Public Policy and Members Meeting. Please note, survey results will remain anonymous.
How to think about IPv6 Application Conversion Survey: https://www.surveymonkey.com/r/INTCIPv6ApplicationSurvey
Top 10 Considerations for IPv4 to IPv6 Application Conversion
Below is a snapshot of the types of topics we covered in the survey and a checklist of the top ten items enterprises should consider while converting applications to IPv6:
1. Application Hosting/Access/Platforms
- As Marshal McLuhan said many years ago, “The medium is the message.” The platform itself dictates the ways that the application will be converted, the security mechanisms that are available, and the potential problems.
- How does your organization host, use, or access applications?
2. Internet Access
- As with the previous question, depending on the nature of the application and the ways to access the application, the security mechanisms available and the potential problems differ.
- How do you access the public Internet and applications on the public Internet?
3. Internet Proxy
- And if your organization allows Internet access, do you use Internet forward or reverse proxies?
4. Stand-Alone Socket Applications
- The cost or feasibility of application conversion is highest for applications that the enterprise has written themselves and are stand-alone programs. Such programs can provide great functional value, and maybe even give a business advantage!
- How many stand-alone socket applications does your organization have?
5. IP Address Embedding
- IP addresses can be embedded and used in surprising places. This can lead to much time needed to find, convert and test such applications. For example, some applications, such as FTP, embed IP addresses in their protocol exchange. This is often handled perfectly well by Extended Passive Mode (EPSV), but an old FTP client may not support EPSV mode. IP addresses may also be used inside TLS certificates in the Alternate Subject Name or ID Field. Applications, such as MQSeries, have a client configuration that has an IP address. Some organizations give a unique IP address to each application, for example, within an IBM mainframe. This can help with workload balancing as well as disaster recovery. But it will also lead to significant time needed for conversion.
- Where does your organization embed IP addresses?
6. Operational Changes
- The operational aspects of applications may involve hard-coding or embedding IP addresses. This can lead to much time needed to convert as well as time to test. Some organizations have operational or other procedures/scripts to manage applications that embed or use IP addresses. These may be manual or automated procedures. These procedures may invoke or connect with other applications to send emails, alerts, SNMP traps, etc. Some examples include bat files, .sh scripts, automated operations, automated message interception, and screen scraping.
- Which procedures does your organization use in normal production sites?
7. Disaster Recovery, Mirroring, or Hot/Cold Standby (DRMHCS)
- Many of the operational aspects of applications also apply to Disaster Recovery, Mirroring, or Hot/Cold Standby sites. If the organization has hard-coded or embedded IP addresses in these procedures, then they will need to convert and test them as well. Such procedures may be used to do the disaster recovery or backup itself.
- Which procedures does your organization use outside normal production sites?
8. Customized Screens
- Applications used by network operations or diagnostics groups may display IP addresses. This will lead to the time needed to reformat the screens.
- Does your organization have customized screens for viewing vendor-provided products?
9. Multi-Tier Topology
- An enterprise (private, managed network) may have multiple tiers of servers/equipment/clusters. For example, it may have a firewall cluster, load balancers, or database servers. These may use IP addresses in their configuration to point to the members of the group or cluster rather than using DNS names. Changing these will require time to configure and test.
- Does your organization have clusters, database servers, or load balancers that are configured with IP addresses?
10. Business Partners
- One of the hardest and most time-consuming problems to conquer arises if the enterprise has external clients or business partners who must also convert. Their schedule and priorities may not match yours.
- Does your organization have many external clients who you do not control?
We would once again like to thank all who have taken the time to complete our survey and encourage any other individuals at organizations with private, managed networks to take it as well. We look forward to sharing the results with you soon and working to ensure application conversion is not a roadblock to deploying IPv6.
The post Top 10 IPv4 to IPv6 Application Conversion Considerations for Enterprises appeared first on Team ARIN.
Read more here:: teamarin.net/feed/