Chapter 1. The Business Case
In this first chapter, I’ll discuss the business case and try to put it in a larger context than usual to open the discussion for new perspectives and opportunities. Resolving the business case discussions and putting the integration of IPv6 in the right context paves the way for you to actually focus on the demands of planning for a successful integration.
Many people hesitate to start the planning phase, probably because it often seems to be an insurmountable task, with challenges that are way too complex to even start thinking about it.
While it is true that integration in a larger network is not a no-brainer and takes a lot of time and careful planning, there is no need to panic or think that you can’t handle it. Every decent engineer who mastered the introduction of DHCP, VPNs, and NATs will also master the introduction of IPv6. The difference is that IPv6, as the transport protocol, touches every component in the network, so the complexity of integrating it comes from having to consider all the interactions between the different network components and services.
But the process can be broken down into single, doable steps, and you don’t have to complete them in three months if you start early enough. This book provides an outline to help you determine how you want to go about tackling it.
The Inevitable Business Case Discussion
The discussion around the lack of a business case for IPv6 is historically the most used good reason to avoid integrating IPv6. The root of this argument seems to lie in the combination of misunderstandings and a lack of context.
A business case addresses, at a high level, the business need that the project seeks to meet. It addresses the reasons for the project, the expected business benefits and risks, the options considered, and the expected costs of the project.
To define a business case, you must specify the parameters that qualify it, and what constitutes a valuable business case may differ depending on the corporate culture. In other words, what might qualify as a substantial business case in one corporate culture may not be considered a business case in another culture because the corporate values are different.
In general, we can say that IPv6 is part of evolving our infrastructure, evolving the network that transports all data— it is the future highway for our data. So asking for a business case for IPv6 is like asking for the business case of running a network. But running our businesses without using scalable, high performance networks is not really an option anymore. So there is not much choice, we must continue to invest in evolving our networks, just like we have done since the early days of running networks; otherwise, they will stop providing useful services for our businesses and hinder our competitiveness at some point in the near future.
The Human Capacity for Predictions and the Business Case of Evolution
Our business case calculations and the common opinion that IPv6 has no business case are based on expectations and predictions. What we think will be happening in three to five years is what we base our judgments on.
If we look at history, though, we see that our capacity for accurate predictions is pretty limited. Back in the early 1980s, studies were conducted to determine the likelihood that in the future there would be a computer on every desk of an organization. The results showed that this was very unlikely. But only a few years later, a computer on every desk was a reality, and soon people often had not just one, but multiple computers.
In the early 1990s, studies showed that it was highly unlikely that everyone would soon have a cell phone. After all, the early versions were heavy and looked like sewing machines. Only a few years later, however, schools had to prevent students from using their cell phones during lectures and exams because they were using them to exchange results with each other. And at the same time, nobody spotted the business case for SMS (text messages). It was mainly a leftover from development, and it simply wasn’t removed from production. Yet, SMS hit the world, became widely used overnight, and today is making gigantic profits for many organizations.
So are we good at making predictions and determining business cases? Obviously not. Did someone foresee the emergence and success of Google, Skype, Facebook, and Twitter? Was there a careful business case defined before these technologies were developed? It seems that services can become very successful even if we haven’t thought about a business case beforehand; and in fact, had the developers tried to make a business case for the aforementioned technologies, they may well have arrived at the conclusion that there wasn’t one and opted not to deploy the service.
This is how evolution works. Technology and science are an expression of the evolution of human consciousness. And because this is a collective factor, it is highly unpredictable. In the 1920s, for instance, it was a huge problem that more and more people were starting to use horses for transport. Initially, only the rich could afford traveling by horse, but soon everyone was using them. Trend analysts predicted that mankind would soon drown in horse dung. This was a serious concern, and nobody could think of a useful answer to this problem. The solution came from a very unexpected angle. It was the invention of the car, and it revolutionized not only the transportation system, but also the whole industry. This example confirms Albert Einstein’s assertion that “no problem can be solved from the same level of consciousness that created it.” Now we face new problems that have emerged from the invention of the car, and just like with the horse dung dilemma, we don’t really know how to solve them. Chances are, the true solution will come from an unexpected evolutionary angle again.
For the car to be used widely, we needed better streets. Today we have an extended high-level street system in large parts of the world to enable transport for all the cars in use. Was there a business case for building all these streets? I guess nobody asked the question in this way; otherwise, we would probably not have our current street system.
Some creative developers designed IPv4 in the early 1970s. Their goal was to develop a protocol to connect a handful of computers. They managed to create a protocol that is the basic transport for our gigantic modern-day Internet (approximately 2 billion users in 2011, growing exponentially; up from 360 million in 2001). But these developers did not have anything like the Internet in mind. There was no business plan and no business case for the Internet. It just happened during the 1990s; the world picked it up and started using it on a widespread scale, from online ecommerce in the mid-1990s to today’s social networking and cloud services. And the IETF (Internet Engineering Task Force) responded to the market demand and developed all the extensions to IPv4 that we currently use.
Note
There was no business case for the Internet because evolution doesn’t need a business case. Evolution just happens without asking us.
And by the way, don’t think this is the end—evolution is also never-ending. For example, Vint Cerf, the “father of the Internet,” and one of the guys who developed IPv4 in those early days, is now working on standardizing the Interplanetary Communication protocol based on the Bundle Protocol (RFC 5050); first implementations are currently available and tests are being run. So, while we may think this sounds crazy because we’re focused on planetary issues like danger from atomic power, natural catastrophes, wars, and financial crisis, some visionaries are working on the future— with no business case, but fueled by evolutionary impulses.
The Internet has definitely reshaped our world, changed the way we communicate, impacted the way we approach business and education, broken down hierarchies, and established an important ingredient for globalization. It happened because we all jumped on the bandwagon, saw it as a useful tool, and started investing and participating in building and extending it. It is a global collective collaboration.
So what is the business case for IPv6? If you want, we can put it like this:
The business case for IPv6 is the continued use and expansion of the Internet.
Without the introduction of IPv6, the Internet cannot continue to grow now that the IPv4 address space is definitely exhausted. This means that everyone who uses and profits from the Internet has to do his part in helping integrate IPv6. Integration too will have to be a global collective collaboration. For some corporate cultures, this might be a sufficient business case.
But let’s go on and analyze the business case question in detail in a more practical context.
IPv6 Has No Immediate Business Case for Many
Corporations and organizations have maintained networks for many years. When we started maintaining them, mostly in the early 1990s, the networks were small and few were the tools we had available to manage them. Soon the number of network devices and the variety of network services were growing exponentially. At the same time, the requirements for management, administration, and security were increasing. When we started designing our IPv4-based networks, we did not have a real understanding of what lay ahead. But we learned while growing the networks and whenever we faced new challenges, we finally found solutions; and when public demand became obvious, the IETF developed all the useful extensions to the IPv4 protocol, such as DNS, DHCP, IPSec, and NAT.
With regard to the business case, we can say that the evolution, extension, and optimization of our network infrastructure always came at a cost. In other words, evolving our network has always been part of our returning budget—costs used to maintain a state-of-the-art infrastructure capable of running state-of-the-art services. We have to extend our infrastructure for more bandwidth constantly, as the services running on top continue to consume more bandwidth. We have to replace network devices in regular cycles, and when it comes to replacing core routers, this is usually a substantial cost factor. We also have to invest a lot into securing our networks and providing an infrastructure that can accommodate the demands of mobile users. And we constantly upgrade operating systems to newer versions, such as the currently ongoing migration from Windows Server 2003 to Windows Server 2008.
Do all these investments have a business case? What is the business case in upgrading a core router? What is the business case in upgrading a server operating system? Both do their job—they route or run services—so why should we invest in upgrading them?
The business case is not in the router or in the operating system. But we know that if we don’t upgrade to a current version, the devices or operating systems will perform poorly or fail at some point, or we won’t be able to run new services on top of them. This is a common case for Windows servers; Microsoft does a good job of keeping us all busy with constant upgrades by developing services and applications that don’t run on older infrastructures.
Prudent investments in networking and other infrastructure are not just an expense—they often result in improved capabilities and a foundation for future innovation. Public cost of network capacity per megabit has continued to drop over time, enabling new services such as broadband video and distributed high-performance computing. And another important point to note is that all these investments can only make sense when viewed with a perspective longer than just six months or a year.
Likewise, IPv6 is not an application or a service that needs a business case. It is part of our infrastructure, it is the highway over which we can run our services, just as routers are part of that highway. So the introduction of IPv6 is the next natural step in evolving our infrastructure to be compatible with new services. And I guarantee that applications and services will be developed that will run only on an IPv6 network, because they use new features of the protocol that cannot be run on an IPv4 network. Microsoft has already started that trend by delivering DirectAccess as part of a Windows 7 license, which provides VPN functionality at no extra cost but uses IPv6 exclusively.
So the business case is not in IPv6, the business case is in applications and services that will soon require IPv6, or need so many IP addresses that IPv4 can’t handle them anymore. And by the way, don’t wait until your customers ask for IPv6, because they probably never will. They will ask for services, and those services might just happen to require an IPv6 infrastructure. Or your CEO may suddenly ask for a new and cool ecommerce application, or a new collaboration tool that happens to use IPv6 features—and he’ll probably want it implemented in three months.
Integrating IPv6 under time pressure creates many disadvantages. High costs and unnecessary risks are the consequences. You lose the opportunity to learn as you go, to carefully plan, evaluate and test. By integrating IPv6 you lay the foundation for your next generation network. Take your time to do it carefully. By delaying the adoption of IPv6 for too long, you are putting your company’s competitiveness at risk.
The integration of IPv6 in a more complex network can take three to five years if you want to do it in a risk-free and digestible way, with enough time to carefully build, secure, and manage a robust network and educate your team before that network encounters critical user traffic. You shouldn’t wait until your customer or your CEO asks for these IPv6 applications.
IPv6 Has an Immediate Business Case for Some
There are also several sound, leading indicators that IPv6 is part of our future, specifically in the areas of standards that require IPv6 for the delivery of new services. Based on the industry-developed standards, new services are starting to emerge in the areas of content delivery, mobility, and industrial networking.
The most current versions of all major computer operating systems have IPv6 installed and enabled by default.
IMS (IP-Multimedia Subsystem) was originally developed by the mobile broadband standard organization 3GPP. IMS was designed to deliver Internet protocol multimedia service to mobile users, and has been adopted as a core component within cellular, fixed telecoms, and cable network providers. It requires IPv6 support. The seamless delivery of voice, data and video through IMS has been adopted my many of the international cellular LTE network and handset providers to address increased content variety, reliability, availability, and service quality. Companies that are stuck on proprietary convergence protocols may end up at a competitive disadvantage. Content providers are tuning their systems to more easily supply services over IMS-based networks.
DOCSIS 3. 0 (Data Over Cable Service Interface Specification version 3.0), developed by CableLabs, is enabling traditional cable television operators to deliver a full spectrum of voice, data, and video services at previously impossible levels. IPv6 support is required in the DOCSIS 3.0 specifications. Implementation of DOCSIS 3.0 gives cable companies a competitive advantage over legacy wired broadband providers, enabling them to offer services ranging from VoIP to multiband, high-definition television to Internet speeds over 100 Mbps through channel bonding.
The “Internet of Things” is becoming a reality with new IPv6-based standards supporting massive deployments of IPv6 RF sensor networks, such as the millions of Pacific Gas and Electric (PG&E) smart electrical meters.
IPv6 is enabled on the computers we are buying and the services we will depend on. There may be no immediate return on investment (ROI) for your organization, but failure to act now may leave some organizations in the land of yesterday, unable to compete or operate efficiently going forward.
What You Lose If You Don’t Invest in IPv6
We can turn the business case question around and ask: what do we lose if we don’t invest in and plan for IPv6?
We will face extra costs and risks due to having an outdated infrastructure. Managing, securing, and extending an IPv4 infrastructure will become more and more costly, and state-of-the-art applications with high-performance requirements may not work well.
We may not be able to integrate new applications and services because they may require IPv6 features and won’t work in an IPv4 network.
We can lose markets and customers due to outdated services. If we wait too long, we put our company’s competitiveness at risk.
We may not be able to introduce new services because they require an unusually high number of IP addresses (for instance, sensor and remote control systems being developed in many different industries including health care, automotive industry, disaster prevention, and many others).
We may soon have limited global connectivity because now that the IPv4 address space is exhausted, Internet growth will happen over IPv6.
We may not be able to communicate with newer customers, partners, and suppliers that are on new IPv6-only networks.
Customers expecting or demanding IPv6-compatible or IPv6-enabled products and services may turn to our competitors for their needs. This possibility is acutely reflected in the 2009 update to the procurement requirements of the United States Federal Acquisition Regulation, which stipulates that “Internet Protocol Version 6 (IPv6) compliant products be included in all new information technology (IT) acquisitions using Internet Protocol (IP).”
If we wait until time pressure is high, we will lose the opportunity to integrate IPv6 with careful planning and with a step-by-step integration. High risks and unnecessary costs are associated with this approach—not only unnecessary costs in deployment, but also unnecessary and recurring operational costs for the administration of a poorly designed network. The step-by-step approach provides the opportunity to learn as we go and to take advantage of lessons learned.
For long-term business planning, it’s important to note that any investment in IPv4 is an investment in an end-of-life technology and must be migrated at some point. An investment in IPv6 is an investment in future technology. And yes, in the beginning it is more difficult, because we have to build knowledge and experience, but we’ll eventually have to do this anyway. So why not start today?
Where Does Time Pressure Come From?
It is still a widely held perception that there is no immediate pressure to migrate to IPv6. There’s also a persistent misbelief that if you have enough IPv4 addresses for your corporate devices, you don’t need to integrate IPv6, even as of February 3, 2011, the date on which the depletion of the global IANA IPv4 address pool was announced.
So let’s look at the situations that can create time pressure for you. Anticipating these situations will help you plan your integration accordingly so you can avoid having to deploy IPv6 without adequate preparation.
- Lack of IPv4 addresses
Even if you think you still have enough IPv4 addresses, this can change upon a closer analysis. On one hand, more and more applications and services need always-on IP connectivity. On the other hand, enterprise environments consist of more and more overlays running on the same infrastructure. Desktop access, WLAN access, VoIP service, thin client, environment instrumentation (sensors), business specific services (healthcare devices). Each overlay needs its own IP address space and structure to simplify operations, yet this implies a less efficient use of the internal address space. These factors led several organizations to run out of the private IPv4 address space (RFC 1918) today. Also, if you want to introduce IPv6 with the dual-stack approach, where devices need both an IPv4 and an IPv6 address, it will work only if you implement it while you still have enough IPv4 addresses. While IPv4 addresses are still available internally, the dual-stack approach can ensure that both IPv4-only and IPv6-only sites and services are reachable from the enterprise’s network natively, without disruption and without the potential problems of a NAT or translation-based services between endpoints.
- When a customer or your CEO wants a new application or service that requires IPv6
If new applications make use of IPv6’s advanced features (such as extension headers) or Mobile IPv6’s advanced features, they will not run on an IPv4 network. So if you have a strong business requirement to introduce such an application, you might face a critical situation if you have not prepared for IPv6. This scenario will force you to integrate IPv6 without the necessary preparation, an optimal address plan design, or the required understanding of networking, security, and management concepts specific to IPv6. And you will have production traffic on an IPv6 network that you didn’t have enough time to test thoroughly.
- Internet growth
From the day on which the IPv4 space is definitely depleted—which already happened in the APNIC region and will be happening sometime in 2011 for the ARIN and RIPE region—Internet growth will mostly be IPv6-only. Because of the quickly increasing number of Internet users with IPv6-only Internet access, your reach is limited if you support only IPv4. You could use translation and NAT techniques (and ISPs will probably do this due to lack of alternatives), but this approach will not provide an optimal Internet performance and lacks the advantages of a true end-to-end connectivity, including meaningful access statistics for your web services. So offering your Internet content and all your connection points over IPv6 offers clear advantages. The Internet grew from approximately 360 million users in 2000 to more than 2 billion in 2011.[1] The growth rate in 2010 was approximately 300 million users.
- IPv6 is running on your network now
Many people do not understand that IPv6 is enabled on all new business and home computers sold in the last few years. Microsoft Windows Vista, Windows 7, Windows Server 2008, MAC OS X, Linux, Android, AIX, HP-UX, and others are generating IPv6 traffic on corporate and home network segments around the world. Some operating system implementations of IPv6 include the installation and automatic activation of transition mechanisms such as tunneling or translation. There are two potential unintended consequences if these are not managed properly: poor application performance associated with unneeded DNS entries, and potential security risks.
The first two items in this list (lack of IPv4 addresses, and customer or corporate demand) are not really predictable, so your best option is to prepare for IPv6 anyway so you will be ready when the time comes. Before you can actually deploy IPv6, you need to allow for a long planning phase, so my recommendation is to get that done as soon as possible. During planning, you will get a good picture of what’s required for the different parts of your network, so you can define milestones and timelines for deployment. The moment when you really need IPv6 might be different for different parts of your network, so it’s important to have a clear picture of what integration involves. You can easily resolve the risks associated with the fourth item (IPv6 currently running on your network) if you understand how IPv6 works and can make a few simple configuration adjustments.
Opportunities of IPv6 Integration
Just as we can choose to label half a glass of water “half full” or “half empty,” we can choose to complain about the IPv6 features we don’t like, or focus on the opportunities and master the challenges IPv6 presents. There are quite a few opportunities, so let’s identify them.
When you ask people who manage IPv4 networks, “what would you change in your network design if you could start all over with all the operational experience you have today?” you get very interesting answers. Most people have a whole list of things that haven’t proven to be so clever over the years, and they have many ideas for how they could improve their addressing plan or other network designs.
This is the opportunity that IPv6 offers. With many years of experience running IP networks, we now have the chance to design our future IP network with IPv6 and its advanced features. To seize this opportunity, we must take all our operational experience, include it in our new concepts, and add the possibilities that the new and extended features of IPv6 offer. You can achieve this only if you plan ahead while there is time, and even more importantly, only if everyone involved in the planning has been given a thorough education and the opportunity to play with IPv6 in the lab to understand its implications.
Specifically, you have the opportunity to create new concepts and designs for the following:
Addressing
Network and routing
Network management
Security
The importance of this opportunity can be expressed in cost. If you create useful designs, you improve performance and make network maintenance, administration, and troubleshooting much easier and less expensive. Useful designs save yearly returning operational cost. For example, if you consider security when creating an address design, you can optimize the address format for optimal performance in processing ACLs (access control lists) in security devices. When your designs have clear rules, they are easier to enforce and make management and troubleshooting more efficient.
How to Save Money when Integrating IPv6
When you’re working on a high-level implementation plan (discussed in Chapter 2) and determining the order of the steps to complete, it’s important to consider what other IT projects are planned for the next three to five years.
When I ask customers this question, I often get answers such as:
We will move our data center in 12 months.
We will redesign our DMZ in two years.
We will evaluate new core routers next year and plan deployment for the year after.
We will have to replace our mainframes in 2013.
We will migrate our clients to Windows 7 next year.
We will introduce VoIP next year.
We plan to use cloud services.
We will outsource our backbone (or other services).
If you run all these projects without considering IPv6, you’re wasting a lot of money. If you move your data center without accounting for IPv6, you will probably touch it all again soon after. If you evaluate new core routers without clear requirements for IPv6 support, you may choose a model that will not support your IPv6 integration optimally. Because a router is a high-end IPv4-optimized router and costs a lot of money doesn’t mean it is also a high-end IPv6 router with all the features you need. Asking for IPv6 support for a core router is not sufficient; you have to be much more specific about what features are required to support your transition plan. And to be able to be more specific, you need a high-level implementation plan. The same is true for security devices such as firewalls or intrusion-detection systems. Most customers’ core router environment has a life cycle of more than five years. If you buy new core routers next year, chances are really low that you won’t have to enable IPv6 during their lifetime.
If you redesign your DMZ without understanding how you will design security for a dual-stack network, you may find later that you would have done it differently had you known about the requirements for IPv6. So, again, you can save money if you consider IPv6 right from the beginning. The same rule goes for all other possible projects on this list, such as introducing Windows 7, Windows Server 2008, or any other service.
When it comes to introducing a completely new service, such as VoIP, you must ask another important question: is it possible to integrate this new service as IPv6-only right from the beginning? If the answer is yes—and it could be, in the example of VoIP—this has several advantages. One is that if you go the IPv6-only route right from the beginning, you don’t have to touch it again in this regard. It runs on the future technology. Why spend time on testing and implementing it with IPv4 if you can afford to go IPv6-only right away? The other advantage is that it may free up or save IPv4 addresses that you might need for other purposes or in the event that you run out of your internal IPv4 address space.
Your opportunity to save money with your IPv6 integration lies in aligning it with other IT projects, with your regular product life cycles and in considering IPv6 in all your vendor and product evaluations and vendor and supplier contracts. So turn on IPv6 in your head, and whatever you do in your network from this point forward, do it with IPv6 integration in mind.
When You Outsource
I have one very important recommendation with respect to outsourcing contracts. If you sign an outsourcing contract that will run for 5 or even 10 years, you’d better make sure to address the IPv6 support question. Having your high-level implementation plan worked out already will be an important part of requesting the specific IPv6 support you need and will help you define the right SLAs (service-level agreements) for IPv6.
Companies that outsource everything tend to think that they don’t need to care because it’s their supplier’s job. But you may want to make sure that the supplier is aware of the situation and has a roadmap that meets your needs. He needs to understand the requirements coming from the public space with IPv6-only users on the Internet. He should also be able to provide your public services as dual-stack services with a good IPv4 and IPv6 performance, and also be aware of the requirements for any applications you might introduce that need IPv6 support in the internal network. Failing to do so can severely limit your services or create high-cost and high-risk transitions. And for sure, if you want to add IPv6 services during the lifetime of the contract, it’ll cost a lot more than if you include it right from the beginning.
Summary
We can summarize this chapter with these three facts:
IPv6 is inevitable.
We don’t know exactly when time pressure comes for us.
It will take us several years to deploy IPv6 in all our networks.
The best strategy you can choose is to plan early, start walking the walk toward your future network, and plan for a meaningful roadmap and milestones that align with other projects and product lifecycles—and do it all while you’re not under any time pressure. To get started, read on to Chapter 2, which covers strategy and planning. Remember, every long journey starts with the first step.
Quote
As a lead-in to Chapter 2 about planning, I offer this quote from Fred Wettling, Bechtel Fellow, who is the sponsor for IPv6 deployment within the Bechtel Corporation. Bechtel is one of the earliest global enterprises to implement IPv6, with its initiative starting in 2005.
Prudent organizations will constantly assess and adapt to changes in technology. On a macro level, we are seeing key trends that will be enabled by or impact the use of technology. These trends include urbanization and demographic changes, new patterns of mobility, new consumption patterns, increased levels of individualizations, a more knowledge-based economy, the digital lifestyle, convergence of technologies, and ubiquitous intelligence. IBM’s “Smarter Planet” concept describes a world that is more instrumented, interconnected and intelligent.
The ability to connect people, information, and services on a unified basis has been made possible through the Internet as seen in the flood of new Internet-based products and services in the last two decades. IPv6 is an important part of the continued growth of the Internet in many perspectives. First, the increasing number of things connected to the Internet is exceeding the available IPv4 addresses. The Internet of Things is becoming a reality. Second, new products and services are enabled by technologies that use IPv6 or require IPv6 support. Third, IPv6 is already enabled or running in any organization that has purchased a new computer or mobile device with a current operating system within the last couple of years. Finally, in the near future, some people, information, and services will only be available by using IPv6.
IPv6 technology in commercial products and services are much better than they were a few years ago, but many still do not have the needed IPv6 support. From this perspective, any IPv6 implementation may be directly or indirectly influenced by others. Awareness of this constraint in important in IPv6 planning, but should not hamper the start of work where IPv6 functions are working properly. Each organization should assess the inevitable need to manage IPv6-enabled devices and services for its internal operation and connection with others. The IPv6 implementation will take time, and it’s not too early to start now.