One of the transition mechanism for IPv6 is 6to4. This is an automatic mechanism which encapsulate IPv6 packets inside IPv4 packets. The packets are sent to relays which are located around the world. A list of these public relays are available at:

http://www.bgpmon.net/6to4.php?week=4

How these relays work?

They use the same technology as for the DNS: anycast. The IPv4 relay is always at 192.88.99.1 on 192.88.99.0/24 network, and this network is advertised via BGP to the rest of the world. It means your 6to4 client will look for the closest (in terms of BGP network) relay. All the relays advertise the same route, therefore your closest router may see a few routes to the various relays in the world and will choose the closest, the same way your client choose the closest DNS root server.

So your 6to4 device will encapsulate an IPv6 packet via IPv4 to the closest relay. This relay will convert it to IPv6 send it and get the answer back. The IPv6 address is well defined and is part of the 2002::/16 network. Similarly the relay will advertise this route on the BGPv6 network, so the packet can come back this way. Or via the closest on IPv6 network 6to4 relay. Communications can be quite asymmetric with 6to4.

Format of an 6to4 IPv6 address
2002:IPv4 address of your 6to4 client:00:MAC-48 derived address of your IPv6 device
16bits:32bits:16bits:64bits=128bits

If you are an ISP get a 6to4 relay in place

It seems a lot of devices offer 6to4 out of the box, and sometimes unknown to the user. Because the list of public relays are limited, it is important that ISPs, looking at offering IPv6, set their own relay. The relay does not need to be public, BGP allows to advertise routes to some networks only. So an ISP could make their relay known only to their customers. This would improve user experience, and also allows the ISP to control the relay. 6to4 is not a bad method, but MTU configuration could be quite a challenge when you don't fully control the network.

Vodafone Fiji Limited has taken a step forward towards the Internet Protocol Version 6 (IPv6) by purchasing gear that supports IPv6.

This was confirmed by Vodafone Information Technology Manager Ateen Kumar who said the transition would bring about changes to how the company operated, however plans to transit were yet to be decided on.

He said once IPv6 was implemented by Vodafone Fiji, they would need to build the knowledge of managing IPv6 addresses and IPv6 IP routing.

He said people in the Pacific were not concerned thus very little action to transit to IPv6 will be taken as a result.

Mr Kumar added that in the Pacific, he saw Internet Service Providers implementing IPv6 after three or more years while some businesses are still not aware of it's importance and benefits.

“Because there is sufficient IPv4 at the this point in time, the issue will arise when more addresses are required. This will leave Internet Service Providers no choice but to implement IPv6,” Mr Kumar said.

He said as for the telecommunications field, implementing IPv6 would bring about major changes which should be managed well since customers would need to support IPv6 on their devices such as broadband modems etc.

People will benefit once IPv6 is implemented as there is an abundant supply of IP addresses to allocate to all customers, devices and servers on the World Wide Web.

The transition from IPv4 to IPv6 will be slow unless there are external driving factors pushing deployment in the Pacific says Digicel Chief Technology Officer Eugene O'Shaughnessy.

He said in the next 6 to 12 months he sees no progress in the transition from IPv4 to IPv6 since more awareness was needed on the benefits and advantages of it.

“Aside from increased address space, not many people in Fiji and the Pacific Islands care about mobility, auto configuration etc. IPv6 will benefit us by increasing space and allow all manner of devices to have public static IP addresses,” Mr O'Shaughnessy said.

He said even though all Digicel's equipment are IPv6 capable they did not have any current plans to transit to IPv6 yet.

Mr O'Shaughnessy said businesses in the Pacific were not aware about the importance of IPv6 and how to adapt to it as a result there will be a very slow transition to IPv6.

Pacific Islands Telecommunications Association is positive that Fiji will follow global trends and transit from IPv4 to IPv6 sooner rather than later.
PITA's manager Fred Christopher says people in the Pacific are well aware and informed on the benefits and advantages of IPv6 especially network operators who need IP addresses.

He said IPv4 addresses are still operating globally and therefore network operators would need to operate both IPv4 and IPv6 if they upgrade to IPv6.

“Tunneling with IPv6 is already happening with a number of operators doing this to get an operating experience with IPv6. There are cost elements to change and with IPv6 now inherent in new equipment manufactured, the issue of cost with equipment may not be significant,” Mr Christopher said.

He said the world has become more closer with the Internet and the main important aspect for people nowadays is access. Mr Christopher said if people did not upgrade to IPv6, the rest of the world will, thus less and less access to the Internet and no access to a number of services provided on the Internet.

In 2003, PITA brought Asia Pacific Network Information Centre (APNIC) to Fiji to raise awareness on IPv4 address depletion, since then there have been workshops and training held at technical level to equip members with necessary knowledge and skills to deploy IPv6.

One year left

We have just passed a milestone, there is only one year left of IPv4 allocations from IANA to the Regional Internet Registries: APNIC, ARIN, RIPE, LACNIC, AfriNIC. The Regional Internet Registries RIR will need a few more months to allocate their available resources to ISPs, and some more months from the ISPs to the end users. What is left in the IPv4 pool is a bit dirty as these are addresses that have been in use, against recommendations, on internal networks. There has been some studies to see how dirty this space is. It will not mean the end of the Internet in one year, but certainly users will select their ISPs/Collocation Centre in function of which one can provide them with address space. There could be address space trading and any kind of other oddities.

What has to be done?

Migrate to IPv6 is the solution. Adding NATs (using private IP space behind one public IP address), is like wasting money in an old car. There is a lot of misconception out there about the difficulty of implementing IPv6, but it is damn easy, on the client side that is. Enabling your client to surf the Internet on the IPv6 takes about 5mn. You configure your router internal interface with an IPv6 address and let the router advertise the new network. No need of DHCP, static IP, etc... The internal computers will pick it up, self configure and start to go IPv6. Add a filtering rule on the router to avoid the Internet to connect to your internal computers and you are as safe as with a NAT.

Where is the difficulty?

The difficulty is in configuring your servers to serve to IPv6 clients. I recommend to disable IPv6 on your servers, have a bit of fun with your IPv6 clients on your internal network, and then enable one by one your servers to work over IPv6. You need to make sure your software will listen on IPv6 addresses and you don't have any special code/script/database that won't understand the new IPv6 format. If your engineers are using IPv6 on their desktop they will become more familiar with it, and think about the implementation of it in code, all naturally.
So yes it is moving in two steps: clients first, servers later.!

Why IPv6 did not pick up early

IPv6 has been here for the last 10 years, but I think the trigger on the adoption of IPv6 was IETF 71, March 9-14, 2008; Philadelphia, PA, USA. At this meeting it was decided to do a one hour long IPv4 outage. Participants will have no other choice than to use IPv6 strictly to surf the Internet. They would be able to see what works, what does not work, what can be fixed with workarounds, and what's left to do... It was at that time that ICANN put the IPv6 glue in the root servers, so it was now possible to query the DNS with IPv6 only. You can retrieve an IPv6 address using the IPv4 DNS stack, it is not an issue, and as machines are dual stack (IPv4 and IPv6) they can use either stack to do their DNS queries but IPv6 has to be able to stand on its own ground. The other event was Google provided http://ipv6.google.com for people to have a site to go to and test their configuration. Since then Google has migrated all their services to IPv6 (including YouTube!). Netflix has done the same and many others are following. It means once you enable IPv6 on your network, you see a lot of IPv6 traffic. First all your clients will self configure to IPv6 (see above) second there are many popular IPv6 sites out there. It does not grow slowly.

Where are we in Fiji and the rest of the world.

We went around and asked the various stakeholders what were their plans for IPv6. So far the response have been interesting but not surprising, everyone says they have to, but no one has a definitive, well thought, plan. It is a bit of let's see attitude. We are still waiting for answers from FINTEL, Vodafone and Digicel. I think in the coming year we will see an exponential IPv6 uptake as the word spreads that it is easy to enable your client network to IPv6. Europe and Asia are quite in advance on IPv6 deployment, but the USA lags behind, and as the USA and the Silicon Valley leads in IT innovation, until they move to IPv6 there will be still this wait and see attitude. Once the Silicon valley goes IPv6, expect a snow ball effect. There is a lot of noise on IPv6 there already like the IPv6 panel by the San Francisco bay Area Chapter of the Internet Society or the Google IPv6 implementators conference

The coming year will be very quite interesting...

This week we migrated our Zimbra mailsever to send and receive email over IPv6.

While Zimbra does not officialy supports IPv6, the underlying component to send and receive email, postfix, supports IPv6 for a long time. The process is therefore to modify the postfix config to enable IPv6. However Zimbra rewrites the various components configuration files, therefore you cannot edit them directly. You edit /opt/zimbra/conf/zmmta.cf and add the line in the mta section

POSTCONF inet_protocols all

like in the example below:

...
  POSTCONF virtual_transport LOCAL postfix_virtual_transport
  POSTCONF inet_protocols all
RESTART mta
...

As s zimbra user, restart the mta:

zmmtactl restart

Additionally, we modified the MTA mynetworks parameter. This cannot be edited directly from the GUI. The GUI checks that you enter a valid IP address, but checks only for IPv4.

You can do that directly as the zimbra user:

zmprov modifyserver seine.avonsys.com zimbraMtaMyNetworks '127.0.0.0/8 x.x.x.x/x [::1]/128 [xxxx:xxxx:xxxx::x]/48'

Where [xxxx:xxxx:xxxx::x]/48 is your IPv6 network.

All is explained on Zimbra forum and on Zimbra Bugzilla

We then modified our MX record to point to our machine which will have both a A (IPv4) and AAAA (IPv6) record. Dual stack clients usually prefers IPv6 over IPv4.

The last part was to get the rDNS set up. Mail servers are using the reverse DNS to check there are linkage between the IP that sends email, the machine it claims to be and the domains used in the email itself. Basically, when a server receive a connection, the sender will identify itself via the EHLO or HELO command: 'HELO seine.avonsys.com'. The sender would be connecting from a specific IP: 2001:df0:67::129, the receiver check via the rDNS what hostname is associated with this IP.

dig -x 2001:df0:67::129
;; QUESTION SECTION:
;9.2.1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.7.6.0.0.0.f.d.0.1.0.0.2.ip6.arpa. IN PTR

;; ANSWER SECTION:
9.2.1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.7.6.0.0.0.f.d.0.1.0.0.2.ip6.arpa. 604800 IN PTR	seine.avonsys.com.

You can see the format of the rDNS for IPv6. You reverse the full IPv6 address (add the 0 where they should be):

2001:0df0:0067:0000:0000:0000:0000:0129

Now the issue, is that there are very little IPv6 enabled DNSBL. A DNS Blocking List, is a DNS which answers in codes in the range 127.0.0.x for any IP which is deemed unsafe to receive email from. First few DNSBL operators have IPv6, second, bind the popular DNS software is rarely used for such task as it is not optimized for this specific problem, instead people use rbldnsd which till recently was not IPv6 compatible, finally the sheer size of the database to store all these invalid IPs may be too much to handle (There are techniques to not consider all IPv6 addresses possible).

One such IPv6 DNSBL (and may be the first one) is VIRBL, at the moment we have no information on how to make it work with Zimbra for IPv6, but stay tuned.

A study by RIPE shows the level of SPAM on IPv6, but human sighting of SPAM on IPv6 tends to show that the SPAM does not originate from an IPv6 host, but from an IPv4 machine, and then relayed by a dual stack IPv4/IPv6 email server. Surely, things will change.

Overall, it is easy to configure a mail server on IPv6, relatively safe as the level of SPAM is not at the levels of SPAM on IPv4, and the second line of defense which are content based filters are not affected by the connected IP.

Now, we will gain experience on the practice of having SMTP over IPv6.

In May this year Avonsys was amongst other Information Technology companies that attended the Web 2.0 Expo which was held in San Francisco.

The Web 2.0 Expo is an annual event which gathers web developers, innovators, companies and individuals who are the next generation on the web under one roof to showcase their products.

The Web 2.0 Expo provides a platform that enables developers or IT specialists to connect with other individuals who are also focusing on Software as a Service and web-based technologies.

Two senior executives from Avonsys attended the Web 2.0 Expo bringing back many exciting stories of the events that unfolded during the three busy days of the expo.

An executive said this year’s Web 2.0 Expo emphasized on the lack of specialized services that are being offered in the Pacific.

He said most IT-oriented companies in the Pacific are offering standard and not specialized services compared to Avonsys.

Attending the Web 2.0 Expo annually allows Avonsys to interact with their target market and also gives the company a chance to profile itself and its services on the West Coast of the United States of America.

The executive said one of their main activities during the Web 2.0 Expo was to explain to audiences the key services carried out by Avonsys.

This meant interacting with people who visited the Avonsys booth as well as other exhibitors and attendees in general, this year's Web 2.0 Expo saw a large amount of interest from providers of cloud computing infrastructure.

This indicated the growing popularity of cloud computing as a platform to offer services, replacing traditional on-premises software installation.

The Web 2.0 Expo 2010 was a success for all.

While the deployment of IPv6 is relatively easy it is still limited in the enterprise to the capability of the hardware. For instance lot of enterprise needs system with redundancy and failover mode. For instance Cisco ASA provides a firewall solution with hot standby capability. You place two boxes next to each others. the configuration of one will be sync to the other box. One box will be declared a Primary and the other Secondary. Once the primary is not any more detected by the secondary, the secondary picks up the IPs of the interfaces of the primary and act exactly like the primary. This is all well done using IPv4 addresses but the capability is not available in IPv6 until now with version 8.2 of the ASA OS.

There are still a lot of IPv4 functionalities that do not exist in IPv6 for lack of implementation. It means for many organisations, they have to move cautiously, or be aware they cannot offer the same level of reliability till they are able to upgrade their software. Until we can do in IPv6 what we do in IPv4 there will be still challenges to move to IPv6, and corporations don't like to find these issues the hard way.

Books that are targeted at managers, usually falls in the category of "self help" or airport readings. In my last travel I picked up the book by Susan Cramm "8 things we hate about IT - How to move beyond the frustrations to form a new partnership with I.T."

Susan Cramm has been the Chief Financial Officer (CFO) of Chevy's chain of Mexican Restaurants and Chief Information Officer (CIO) at Taco Bell. She now runs her consulting company specializing in leadership in Information Technology. The book draws on her experience on integrating IT at all levels in corporations.

Which manager has not been frustrated by IT people that consists of condescending techies who don't listen, and which IT specialist has not been frustrated by managers that treat IT professionals like untrustworthy servant genies?

The book is explaining why companies end up in this totally non-productive system, and on how to fix relations to best harness the technology for the benefit of the company strategy.

I highly recommend this read as well as Susan's blog at the Harvard Business Review. I only wish she would explore in her next book the relations that politics have with IT.

A decision made by the Commerce Commission earlier this month to offer interested parties access to the Southern Cross Cable directly is also a push start for the public to migrate to IPv6.
 
The sole bandwidth provider (FINTEL) must now accept applications from parties interested to access the cable directly and must connect them within six weeks.

In return, these parties will pay certain core maintenance fees to FINTEL.

Commission Chairman Doctor Mahendra Reddy said this move will not only ease access to the Internet but this would also see Information and Communication Technologies (ICT) penetrate through Fiji.

With increased ICT penetration, there are several benefits to the nation.

It will increase literacy levels, improve ease of education delivery, reduce the cost of doing business and contribute towards firms efficiency gains.
 
“Fiji is lagging behind in terms of the rapidly changing global technology and people are encouraged by this move to participate in a rapid changing world in which work and other activities are increasingly transformed by the access to developing technologies.”
 
Mr Reddy believes that the transition from IPv4 to IPv6, which has a vastly larger address space than IPv4 in Fiji will move slow due to two key reasons.

Firstly, the infrastructure for such transfer of technology is not readily available.

Secondly, education on the benefits of such transfer are also lacking amongst the users.

However, the new move by the commission will see more people in the country accessing the net at a cheaper rate within the next two years.
 
This will result in an increase in ICT penetration in the country which will increase economic activity and productivity in the country.
 
This move will also see more competition between Internet Service Providers and end users will benefit from this since prices will continue to decrease.
 
The decision marks the complete deregulation of the telecommunications market with Internet Service Providers by giving a chance to access the Southern Cross Cable network with immediate effect.