The Second Internet by Lawrence Hughes - HTML preview

PLEASE NOTE: This is an HTML preview only and some elements such as links or page numbers may be incorrect.
Download the book in PDF, ePub, Kindle for a complete version.

Chapter 9 – IPv6 Related Organizations

There are quite a few international and national level organizations involved in making this transition from the First Internet to the Second Internet work. This chapter lists the most prominent ones, but does not claim to be comprehensive.

9.1 – Internet Governance Bodies

The first group of organizations helps govern the Internet. There is no Internet Corporation, or any U.N. Internet Authority. The Internet is something quite different from the kinds of entities most people are familiar with. Its ownership and management is as decentralized and trans-national as the physical implementation of the Internet itself. For example, what country is the Internet located in? All of them!

Anyone who really wants to can join one of these organizations, and the various groups address a variety of aspects of creating the standards that others use to build the hardware and software that make up the physical Internet. Other groups help manage resources, such as domain names, or Internet addresses. Others help resolve disputes and set policies that help the millions of owners of the various pieces of the Internet to get along and be willing to continue voluntarily connecting their networks to each other. Some national governments try to control or regulate the Internet, or the content on it, but the highly decentralized nature of it, and the difficulty of even pinning down what jurisdiction something on the Internet happened in, makes such control difficult at best. Any country whose people are forbidden access to the Internet are missing out on things that allow those who do have access to run circles around them competitively. It would be like a blind person and a fully sighted one having a sword fight, or a race between someone on foot, and someone in a Ferrari. It would all be over in seconds. China has had a very difficult time trying to maintain strict authoritarian communist rule, while enjoying the economic benefits of access to the Internet. They have tried to deploy what some call “the great firewall of China”, but there are many ways for people who understand the technology to gain access to those parts of it China doesn’t want their people to see. If they are really good they can do it without their government even being able to detect it.

So who is in charge? The easy answers are no one or everyone. It is possible to identify some organizations that clearly are in charge of some aspects of the Internet. Most of them are heavily involved in trying to help the users of the Internet survive a looming disaster (the depletion of the IPv4 address space), and migrate smoothly and safely to the wonderful new promised land, the Second Internet.

9.1.1 – Internet Corporation for Assigned Names and Numbers (ICANN)

ICANN was formed in 1998, as a not-for-profit public-benefit corporation. Participants all over the world help keep the Internet secure, stable and interoperable. ICANN does not try to control content on the Internet, stop spam or control access to the Internet. It does do the following things:

* Oversee the generic Top Level Domain (gTLD) names, and the country code Top Level Domain (ccTLD) names. The also oversee authorization of Internationalized Domain Names (IDNs) in various languages and scripts.

*     Oversee operation of the DNS Root Servers

*     Draw up contracts with each Domain Name Registry

*     Oversee IANA (Internet Assigned Numbers Authority)

* Publish all corporate documents, bylaws, financial information, major agreements, policies, operating plan and strategic plan, at http://www.icann.org/en/documents/

* Hold monthly meetings of the ICANN board to address issues and set policy. The minutes of each meeting are made publically available at http://www.icann.org/en/minutes/.

9.1.2 – Internet Assigned Numbers Authorities (IANA)

One of the key organizations with regards to both the old IPv4 addresses and the new IPv6 addresses is the Internet Assigned Numbers Authority (IANA). You can find their website at www.iana.org. They do the following things:

* Oversee the DNS Root Zone (creation and management of the generic TLDs and ccTLDs), as well as the int domain registry (for international organizations) and the arpa zone. The arpa TLD has several very important parts of DNS under it, such as the reverse zones for both IPv4 (in- addr.arpa) and IPv6 (ip6.arpa), plus the ENUM E.164 zones (e164.arpa). Some parts of these reverse hierarchies can be delegated to ISPs or even to end-user organizations, but IANA is in charge of the overall structure.

* Maintain the Interim Trust Anchor Repository (ITAR) for those parts of the Internet’s domain space that has already been signed with DNSSEC. This is a temporary role until such time as the root of the entire domain space is signed. This is where you can find the public keys needed to verify DNSSEC signatures for signed DNS zones.

* Perform the top level management of IPv4 addresses. IANA allocates giant blocks of IPv4 addresses (called “/8s”) with about 16.7 million addresses each, to the five Regional Internet Registries for the world, AfriNIC, APNIC, ARIN, LACNIC and RIPE NCC. As of this writing only 20 “/8” blocks are left to allocate (about 7.8% of the original 256). As we reach the “end days” for IPv4, the IANA will be the first to run out. They already have a plan for this. When they get down to five remaining “/8” blocks, they will allocate one of those to each of the five RIRs, and then close shop (as far as allocation of IPv4 addresses goes). This will probably happen on or before September 2011, by best current estimates. The RIRs will probably run out within six months after that. When they’re gone, they’re gone.

* Perform the top level management of IPv6 addresses. They perform the same basic allocation function with IPv6 addresses that they have done for many years with IPv4 address. The main difference is that there are a lot more IPv6 addresses. They allocate giant chunks of IPv6 addresses to the RIRs as needed. It is unlikely that IANA will ever run out, so long as there is something recognizably TCP/IP. There are enough IPv6 addresses just in the 2000::/3 block marked for allocation for every human alive today to get over 5,000 of the standard allocation blocks, which are “/48”s. Each “/48” is large enough for the biggest organization on earth.

* Manage AS numbers. AS stands for Autonomous Systems. It refers to complete networks at the top level of the routing hierarchy. Below the AS level, Interior Gateway Routing Protocols are  used (e.g. RIP2, EIGRP, etc). At the AS level, Exterior Gateway Routing Protocols are used (e.g. BGP4 and BGP4+). Each Autonomous System network has a unique number. They have been using 16 bit numbers (which allowed 65,536 possible ASes). Just like with IPv4, we are running out of AS numbers, so they are in the process of changing to 32 bit AS numbers. That is causing some issues, but nothing like the issues related to changing from 32 bit IPv4 addresses to 128 bit IPv6 addresses. There is no worldwide “32 bit AS Number” Forum, or any need for one. The people affected are fairly savvy technically, and are simply making the changeover quietly.

*     Allocate and assign IPv4 and IPv6 multicast addresses

*     Allocate and assign IPv6 anycast addresses

*     Allow people to reserve and register port numbers and other assigned numbers related to Internet protocols

IANA is heavily involved in promoting the adoption of the IPv6 protocol throughout the world. They know how close they are to the bottom of the barrel with IPv4 addresses. They encourage the Regional Internet Registries to promote the adoption of IPv6, and each of them is doing this.

9.1.3 – Regional Internet Registries (RIRs)

There are five top level Registries directly below IANA, who set address allocation policy for their region and allocate blocks of both IPv4 and IPv6 addresses to ISPs and other interested parties. One way to obtain addresses is to join one of the registries and apply for addresses. Some regional registries charge for these, others provide them free. You can only obtain addresses from the registry in the region where you reside, or where the HQ of your organization is based.

Each Regional Internet Registry provides the following services for Internet users in their part of the world:

*     IPv4 and IPv6 address space allocation, transfer and record maintenance

*     Autonomous System number allocation, transfer and record maintenance

*     Provide online directories of registration transaction information (WHOIS database)

*     Provide online information about routing (Internet Routing Registry)

*     Management of reverse DNS for addresses assigned by the RIR

*     Hold periodic meetings and elections

*     Perform education and training on relevant topics (such as IPv6)

* Maintain policy discussions on e-mail lists, conduct public policy meetings, and publish policy documents on their website

The three largest RIRs (ARIN, RIPE NCC and APNIC) are all aggressively advocating for adoption of IPv6. Like IANA, they know how many addresses are left, and how rapidly they are being allocated. They know that the “end times” for IPv4 allocation are near. All are strongly encouraging the ISPs and organization that obtain addresses from them to begin adoption of IPv6 now. If the major oil companies told people that there was not going to be any gas for new cars made after a certain date (less than two years off), there would be a mad scramble to create and sell cars that ran on something else. This is just as big a deal, and according to OECD, will have very serious economic consequences for every country and organization that has not prepared for the end of IPv4 allocations.

The five Regional Internet Registries and their coverage areas are:

9.1.3.1 – American registry of Internet Numbers (ARIN) – www.arin.net

ARIN provides services to Internet users in North America (including the United States, Canada plus many Caribbean and North Atlantic islands).

ARIN runs an IPv6 Wiki at www.getipv6info.info. This site includes book reviews, self education, IPv6 presentations and documents, survey results, planning information, management tools, etc.

On 7 May 2007, the ARIN Board of Trustees passed the following resolution:

RESOLUTION OF THE BOARD OF TRUSTEES OF ARIN ON INTERNET PROTOCOL NUMBERING RESOURCE AVAILABILITY

WHEREAS, community access to Internet Protocol (IP) numbering Resources has proved essential to the successful growth of the Internet; and,

WHEREAS, ongoing community access to Internet Protocol version 4 (IPv4)

numbering resources cannot be assured indefinitely; and,

WHEREAS, Internet Protocol version 6 (IPv6) numbering resources are available and suitable for many Internet applications,

BE IT RESOLVED, that this Board of Trustees hereby advises the Internet community that migration to IPv6 numbering resources is necessary for any applications which require ongoing availability from ARIN of contiguous IP numbering resources; and,

BE IT ORDERED, that this Board of Trustees hereby directs ARIN staff to take any and all measures necessary to assure veracity of applications to ARIN for IPv4 numbering resources; and,

BE IT RESOLVED, that this Board of Trustees hereby requests the ARIN Advisory Council to consider Internet Numbering Resource Policy changes advisable to encourage migration to IPv6 numbering resources where possible.

Implementation of this resolution will include both internal and external components. Internally, ARIN will review its resource request procedures and continue to provide policy experience reports to the Advisory Council. Externally, ARIN will send progress announcements to the ARIN community as well as the wider technical audience, government agencies, and media outlets. ARIN will produce new documentation, from basic introductory fact sheets to FAQs on how this resolution will affect users in the region. ARIN will focus on IPv6 in many of its general outreach activities, such as speaking engagements, trade shows, and technical community meetings.

9.1.3.2 –Réseaux IP Européens Network Coordination Centre (RIPE NCC) – www.ripe.net

RIPE NCC provides services to Internet users in Europe, the Middle East and Central Asia. This includes:

*     Southwest Asia: Azerbaijan, Bahrain, Cyprus, Georgia, Iran, Iraq, Israel, Jordan, Lebanon, Saudi  Arabia, Syria, Turkey, UAE and Yemen

*     Central Asia: Kazakhstan, Kyrgyzstan, Tajikistan, Turkmenistan & Uzbekistan

* Europe: Albania, Armenia, Austria, Belarus, Belgium, Bosnia-Herzegovina, Bulgaria, Croatia, Czech Republic, Denmark, Estonia, Finland, France, Germany, Greece, Hungary, Iceland, Ireland, Italy, Latvia, Lithuania, Macedonia, Moldova, Montenegro, Norway, Netherlands, Poland, Romania, Russia, Serbia, Slovakia, Spain, Sweden, Switzerland, Turkey, Ukraine, United Kingdom and Yugoslavia

*     North America: Greenland

RIPE NCC runs the “IPv6 Act Now” site (www.ipvactnow.org) with lots of information on IPv6 for small businesses, enterprise, ISPs and government.

On October 26, 2007, RIPE NCC issued the following warning:

During the RIPE 55 meeting in Amsterdam, the RIPE community agreed to issue the following statement on IPv4 depletion and the deployment of IPv6.

"Growth and innovation on the Internet depends on the continued availability of IP address space. The remaining pool of unallocated IPv4 address space is likely to be fully allocated within two to four years. IPv6 provides the necessary address space for future growth. We therefore need to facilitate the wider deployment of IPv6 addresses.

While the existing IPv4 Internet will continue to function as it currently does, the deployment of IPv6 is necessary for the development of future IP networks.

The RIPE community has well-established, open and widely supported mechanisms for Internet resource management. The RIPE community is confident that its Policy Development Process meets and will continue to meet the needs of all Internet stakeholders through the period of IPv4 exhaustion and IPv6 deployment.

We recommend that service providers make their services available over IPv6. We urge those who will need significant new address resources to deploy IPv6. We encourage governments to play their part in the deployment of IPv6 and in particular to ensure that all citizens will be able to participate in the future information society. We urge that the widespread deployment of IPv6 be made a high priority by all stakeholders."

RIPE NCC issued another warning concerning IPv4 address space depletion, on April 10, 2008:

Currently, 180 of 256 blocks of “/8” have already been allocated. Of the remaining 76, 35 are already reserved for the Internet Engineering Taskforce (IETF) and the remaining 41 blocks are held in the Internet Assigned Numbers Authority (IANA) pool for future allocation to the RIRs.

As IPv6 provides the necessary address space for future growth, RIPE NCC is urging business and government leaders to ease the path for wider deployment of IPv6 addresses. Failure to adopt these new resources could mean a slowing in the pace of Internet innovation.

“Now is the time to recognize that sustainable growth of the IPv4-based Internet is coming to an end, and that it is time to move on, with IPv6 ready as the successor.

“In order to sustain the impressive speed of Internet innovation and ensure a healthy Internet economy for the future, we recommend that content providers make their services available over IPv6,” comments Axel Pawlik, Managing Director at RIPE NCC.

“We view governments as key players in Internet growth and urge them to play their part in the deployment of IPv6 and in particular to lead by example in making content available in IPV6. Ultimately, we urge that the widespread deployment of IPv6 be made a high priority by all stakeholders."

When CIOs make firm decisions to deploy IPv6, the process is fairly straightforward. Staff will have to be trained, management tools will need to be enhanced, routers and operating systems will need to be updated, and IPv6-enabled versions of applications will need to be deployed. All these steps will take time.

The move to IPv6 will provide billions of further addresses through 128-bit addressing, which allows 50 billion, billion addresses for  every person on the planet. Islands of IPv6 are already in use, but RIPE NCC argues that infrastructure support must be addressed in time for IPv6 to fulfill its predicted role as the catalyst for the next stage of Internet development.

Pawlik concludes: “We have well-established, open and widely supported mechanisms for Internet resource management and we‟re confident that our Policy Development Process meets and will continue to meet the needs of all Internet stakeholders through the period of IPv4 exhaustion and IPv6 deployment. The immediate challenge lies in making content available in IPV6 using the processes and mechanisms already available to ensure that service providers and content providers build adequate experience and expertise in good time.”

Note that this warning was almost exactly two years ago, and at that time 41 “/8” blocks remained. As of April 15, 2010, only 20 “/8” blocks remain unallocated.

9.1.3.3 – Asia Pacific Network Information Center (APNIC) – www.apnic.net

APNIC provides service to Internet users in:

*     South Asia: Afghanistan, Bangladesh, Bhutan, India, Nepal, Pakistan and Sri Lanka

*     Eastern Asia: China, North Korea, Hong Kong, Japan, Macau, Mongolia, South Korea and Taiwan

* Southeast Asia: Cambodia, Indonesia, Laos, Malaysia, Myanmar, Philippines, Singapore, Thailand and Vietnam

*     Australia and New Zealand

*     Oceania:  various islands in Polynesia, Melanesia and Micronesia

APNIC is currently running a program called “Kickstart your IPv6”, in which anyone that owns or obtains an IPv4 address allocation from APNIC can get a free block of IPv6 addresses. If their IPv4 block is less than a “/22”, then the IPv6 block is a “/48”. For IPv4 blocks from “/22” and up, the free IPv6 block is a “/32” (this is 4 billion times 4 billion times the size of the entire IPv4 address space). You could also look at this as 65,536 “/48” blocks. These addresses are not tied to any ISP, and can be routed from anywhere. There is no demonstration of need required for obtaining the IPv6 address block.

APNIC also runs an IPv6 resource site at icons.apnic.net/display/IPv6/Home. The name “icons” stands for

Internet Community of Online Networking Specialists.

9.1.3.4 – Latin American and Caribbean Network Information Center (LACNIC) – www.lacnic.net

LACNIC was started in 2002. It provides services to Internet users in:

*     North America: Mexico

*     Central America: Costa Rica, El Salvador, Guatemala, Honduras, Nicaragua, Panama

* South America: Argentina, Belize, Bolivia, Brazil, Chile, Columbia, Ecuador, French Guiana, Paraguay, Peru, Uruguay & Venezuela

* Caribbean Islands: Aruba, Barbados, Cayman Islands, Cuba, Dominica, Dominican Republic, Grenada, Haiti, Jamaica, and various smaller islands.

LACNIC runs an IPv6 resource site at portalipv6.lacnic.net/en/portal-ipv6-2

9.1.3.5. – Africa Region (AfriNIC) – www.afrinic.net

AfriNIC provides services for Internet users in the entire African continent. It began in April 2005. They run an IPv6 resource center at www.afrinic.net/IPv6, and an IPv6 virtual lab at www.afrinic.net/projects/cvl.htm. This is a test network with public access, with primarily Cisco equipment.

9.1.4 – The Number Resources Organization (NRO) – www.nro.net

NRO was formed in October 2003 by the four Regional Internet Registries that existed at the time, to formalize their co-operative efforts. Its goal is to protect the unallocated Number Resource pool, to  promote and protect the bottom-up policy development process, and to act as a focal point for Internet community input into the RIR system.

Recently NRO issued the following statement, when the remaining IPv4 address pool dropped below 10%:

This is a key milestone in the growth and development of the global Internet,” noted Axel Pawlik, Chairman of the NRO. “With less than 10 percent of the entire IPv4 address range still available for allocation to RIRs, it is vital that the Internet community take considered and determined action to ensure the global adoption of IPv6. The limited IPv4 addresses will not allow us enough resources to achieve the ambitions we all hold for global Internet access. The deployment of  IPv6 is a key infrastructure development that will enable the network  to support the billions of people and devices that will connect in the coming years,” added Pawlik.

9.1.5 – Internet Architecture Board (IAB) – www.iab.org

“The IAB is chartered both as a committee of the Internet Engineering Task Force (IETF) and as an advisory body of the Internet Society (ISOC). Its responsibilities include architectural oversight of IETF activities, Internet Standards Process oversight and appeal, and the appointment of the RFC Editor. The IAB is also responsible for the management of the IETF protocol parameter registries.”

9.1.6 –Internet Engineering Task Force (IETF) – www.ietf.org

“The mission of the IETF is to make the Internet work better by producing high quality, relevant technical documents that influence the way people design, use, and manage the Internet.”

The IETF:

* Runs numerous working groups on technical topics relevant to the Internet, that are the main source of RFCs

*    Oversees the standards process

*    Maintains the Internet Drafts and the RFC Pages

*    Holds periodic meetings (Fall, Spring and Summer, each year)

*    Runs various mailing lists, which anyone can subscribe to

9.1.7 – Internet Research Task Force (IRTF) – www.irtf.org

“To promote research of importance to the evolution of the future Internet by creating focused, long-term and small Research Groups working on topics related to Internet protocols, applications, architecture and technology.”

9.1.8 – Internet Society (ISOC) – www.isoc.org

“The Internet Society (ISOC) is a nonprofit organisation founded in 1992 to provide leadership in Internet related standards, education, and policy. With offices in Washington D.C., USA, and Geneva, Switzerland, it is dedicated to ensuring the open development, evolution and use of the Internet for the benefit of people throughout the world.

“The Internet Society provides leadership in addressing issues that confront the future of the Internet, and is the organisational home for the groups responsible for Internet infrastructure standards, including the Internet Engineering Task Force (IETF) and the Internet Architecture Board (IAB).

“The Internet Society acts not only as a global clearinghouse for Internet information and education but also as a facilitator and coordinator of Internet-related initiatives around the world. For over 15 years ISOC has run international network training programs for developing countries and these have played a vital role in setting up the Internet connections and networks in virtually every country connecting to the Internet during this time.

“The Internet Society has more than 100 organisational and more than 28,000 individual members in over 80 chapters around the world.”

9.2 – IPv6 Forum Groups

There are a number of groups organized specifically to advocate for the adoption of IPv6, given the importance of the issue. There is an international umbrella group, called the IPv6 Forum, chaired by Latif Ladid, who wrote the foreword to this book. Their website is at www.ipv6forum.org.

9.2.1 – Local IPv6 Forum Chapters

There are local chapters of the IPv6 Forum in many countries. Some of these national groups use the term Forum (e.g. IPv6 Forum Downunder, at www.ipv6forum.org.au). Some use the term Task Force (e.g. North American IPv6 Task Force, at www.nav6tf.org). Some use the term Council (e.g. The German IPv6 Council, at www.ipv6council.de). Altogether there are currently 58 national or regional groups under the International IPv6 Forum. These groups advocate within their own country or region for the adoption of IPv6, and put on conferences usually called IPv6 Summits. There are links to all of the chapters on the IPv6 Forum national site (www.ipv6forum.org), as well as announcements about coming summits and other IPv6 related events.

9.2.2 – IPv6 Ready Logo Program

Affiliated with the IPv6 Forum is a group whose goal is to do testing of IPv6 equipment and applications, ISPs who offer IPv6, and websites that are available over IPv6. This testing and issuing of certifications is done under the IPv6 Ready Logo Program. Their website is at www.ipv6ready.org. There are three main parts to the IPv6 Ready Program: Products, ISP and website.

9.2.2.1 – IPv6 Ready Product Testing and Certification

Product Testing uses test suites developed by TAHI (part of the Japan WIDE project) and IPv6 ready Test Labs. This is overseen by the IPv6 Ready Logo Committee (v6LC). There are both Phase 1 (“Silver”) tests, which verify behavior of the MUST clauses of all relevant RFCs, and Phase 2 (“Gold”) tests, which verify behavior of both the MUST and the SHOULD clauses of all relevant RFCs. The hundreds of products that have passed these tests are published on the IPv6 Ready site at:

http://cf.v6pc.jp/logo_db/approved_list_ph1.php http://cf.v6pc.jp/logo_db/approved_list_ph2.php

There are several categories of test suites currently. The IPv6 Ready Logo can be obtained for passing the Core Protocols tests, which includes both Conformance and an Interoperability tests. There are advanced tests in the following areas:

*     IPsec – End-Node and Security Gateway

*     IKEv2 – End-Node and Security Gateway

*     Mobile IPv6 – Correspondent Node, Home Agent and Mobile Node

*     NEMO – Home Agent and Mobile Router

*     DHCPv6 – Client, Server and Relay Agent

*     SIP – UA, Endpoint, B2BUA, Proxy, registrar

*     Management (SNMP-MIBs) – Agent and Manager

*     Multicast Listener Discovery protocol (MLDv2) The current test sites include:

*     BII: Beijing Internet Institute (Peoples Republic of China)

*     CHT-TL: ChungHwa Telecom Labs (Taiwan)

*     IRISA (European Union)

*     IWC: InfoWeapons Corporation (Philippines)

*     JATE: Japan Approvals Institute for Telecommunications Equipment (Japan)

*     TTA: Telecommunication Technology Association (Korea)

*     UNH-IOL: University of New Hampshire InterOp Lab (United States)

9.2.2.2 – IPv6 Enabled ISP and Website Certification

Information on how an ISP or a website can be certified as delivering IPv6 compliant service is available at:

www.ipv6forum.com/ipv6_enabled

The ISP certification process was created by the Beijing Internet Institute (BII). There is currently a basic level. The advanced level will be introduced shortly. The list of certified ISPs is available at:

www.ipv6forum.com/ipv6_enabled/isp/approval_list.php

Notably, Malaysia has taken this even further, and has three levels of ISP certification, which has been mandated by the Malaysian government.

*     Phase 1 – Basic network connectivity tests

*     Phase 2 – Interconnectivity tests

*     Phase 3 – Commercial & advanced network services

12 ISPs have already passed the first two levels, and will shortly pass the third.

For websites, again there is a basic level currently available and an advanced level coming soon. The list of certified websites is available at:

http://www.ipv6forum.com/ipv6_enabled/approval_list.php

9.3 – Informal IPv6 Network Administration Ce