IPv6 Performance Monitoring

Introduction

The switch to IPv6 is on. In June 2008, the U.S. federal government, which is arguably the world’s largest single enterprise, required that all its executive agencies add IPv6 to their network backbones. The European Commission recently set an IPv6 target adoption rate of 25 percent by 2010, Cisco Corporation predicted an exhaustion of IPv4 addresses in late 2010, and the chairman of the Asia Pacific Network Information Centre predicted that all IPv4 addresses will be depleted by 2011, forcing wide-scale IPv6 adoption. A number of Internet powerhouses, such as Google and Alta Vista, have now deployed IPv6 accessible websites. Operating systems, such as the latest versions of Microsoft Windows, include IPv6 support.

History of Internet Addressing

Every device on the internet is given a unique IP Address. An IP address is the basic identifier for a computer or any other device on a TCP/IP network. The standard for IP addresses on the Internet is called IPv4.

IPv4 Addresses are typically represented in dotted decimal format:
Example of IPv4 IP Address: 127.0.0.1

Each octet, or part of the address, must be a number from 0 to 255 and therefore there is a maximum of 4,294,967,296 addresses available for use. The same way no two houses can have the same address, no two computers or devices on the Internet can share the same the same IP Address. IP Addresses are converted to “hosts”, or resolved to a specific host. For example, www.cnn.com resolves to 64.236.16.84.

Concern over the exhaustion of IPv4 addresses begin in the 1990s, when the Internet begin to grow exponentially. Many new technologies were created as a result of this fear of IP Address exhaustion. For example, Network Address Translation (NAT), whereby a single public Internet IP address is shared across multiple internal local area network (LAN) hosts, has been a temporary solution to the issue. This approach is not a long-term solution to the problem. As of 2008, the only viable option is IPv6 as it is readily available.

It is widely understood that by the end of 2011, there will be so many new clients and servers on the Internet, whether from computing devices, mobile phones, or other pieces of hardware, there will be no choice but to utilize IPv6. As mobile phone market grows, and penetration approaches 100% globally, it becomes plausible that every person on the planet could be IP-addressable.

The Future – IPv6

IPv6 will become the essential backbone protocol for next-generation networking. IPv6 boasts improved network reliability, lower costs and improved security in addition to its vastly expanded addressing and routing capabilities. Instead of a 32-bit address, with 4.3 billion possible hosts, IPv6 uses 128-bit addresses, providing 3.4×1038 or 50 octillion for each of the roughly 6.5 billion people on Earth. IPv6 is intended to be the long-term solution to the IPv4 address shortage.

The advent of IPV6 is not without problems. The biggest issue: IPV6 and IPv4 headers are not interoperable.

IPv4 is a best-effort service where all packets are treated equally; IPv6 implements quality-of-service (QOS) by classifying IP packets using an 8-bit traffic class field and a 20-bit flow label field in the header. With the flow label in place, transit routers will not need to open the inner packet to identify the flow. This will enhance flow identification when encryption is used.

While IPv6 web sites can be accessed using dual stacks, tunneling and protocol translation, native IPv6 performance monitoring is essential to determine whether performance issues are originating in the end-to-end IPv6 environment. Companies that have deployed IPv6 websites must utilize native IPv6 performance monitoring to isolate service-level agreement (SLA) issues for these sites as IPv4 monitoring alone will not help isolate IPv6 QoS issues.

Performance Monitoring Challenges

While the benefits of IPv6 are apparent, performance management will becomes inherently more difficult as a single IPv6 subnet is as large as the entire Internet today. Performance monitoring solutions that worked for IPv4, will not work with IPv6.

As with IPv4, IPv6 quality of service is implemented at Layer 2 and Layer 3 of the TCP/IP stack. A number of network management vendors support IPv6, but while passive network management tools may comply with the new version, some may not include the evolving set of features for IPv6 support. Alone, passive monitoring may be unable to properly detect performance issues experienced by the end user, and for web-enabled businesses, the end user experience is the most critical element of service quality.

For business and organizations deploying IPv6 websites, performance management and service-level agreement monitoring become more complicated due to the coexistence of IPv4 and IPv6, the exponential size of IPv6 addressing and routing, and the lack of a killer application to drive wide-scale and accelerated deployment.

Security Concerns

IPv4 security issues are widely known and understood. The last five years have brought terms such as Denial of Service attacks (DOS), malicious code distribution (viruses and worms), port scanning, and fragmentation attacks into the mainstream.

For example, port scanning attacks are made common due to the inherent small address space in an IPv4 scheme. Scanning a whole class C network can take less than ten minutes.

IPv6 security issues are not yet fully understood. In the early stages of IPv6 deployment, there will be many issues around dual-IP stacks. Weaknesses in how these networks may interoperate will cause security issues. IP spoofing continues to be a possible security concern with IPv6 networks. While not impossible, IP flooding, or scanning for valid host addresses and services is going to much more difficult than with IPv4. The concept of mobility is a feature of IPv6 networks that was available with IPv4. This is a very complex function that must be considered when evaluating IPv6 security.

Performance monitoring of IPv6 websites and networks is critical. It will be some time before all of the possible weaknesses are fully exposed. In the interim, performance monitoring will prove to be extremely effective at limiting any security threats to your IPv6 website.

Benefits of Native IPv6 Monitoring

There are several reasons to actively monitor IPv6 websites in a native environment:

• Because there’s a gap between IPv6 capabilities and current network management tools, active monitoring is essential.
• As with any new technology, there is the potential for flaws, which may impact uptime and performance.
• IPv6 will lead to larger networks that directly address more network devices, increasing the overall complexity.
• IPv6 end-to-end security features, while improving security, will make it harder to analyze network traffic.

Dotcom-Monitor^® Native IPv6 Monitoring Bureau

Dotcom-Monitor^® has deployed a native IPv6 monitoring bureau to offer end-to-end IPv6 performance monitoring for QOS and SLA management from the end-user perspective. Dotcom-Monitor^® is a synthetic monitoring service – active computer agents log onto targeted URLs as often as once per minute and execute scripts that simulate real end-user connections to a website. Dotcom-Monitor^® performs URL monitoring for performance, accessibility and availability, checks content, monitors forms and provides basic and NT LAN (NTLM) authentication support. It provides monitoring for both HTTP sites, which typically use port 80, as well as for HTTPS which by default uses port 443 unless another port is specified.

Typical user connections might also include us of transactional processes such as shopping carts, member log-ins and sign-up processes. Dotcom-Monitor^® can simulate these end-user interactions, and provides support for cookies, dynamic variables, client-side certificates and password-protected pages. The collected data is aggregated by each step and by the overall transaction for complete reporting.

With active monitoring using native IPv6, companies deploying IPv6 website can ensure that SLAs are being met specific to IPv6 performance. End-to-end IPv6 performance monitoring is crucial to maximize the return on investment of the deployment and to understand its effects on the IT operations and the business.

Dotcom-Monitor^® provides extensive real-time reporting using graphical charts that explain success/failure rates for specific performance checks, response/download times, uptime/downtime, load variations by hour/day/week and much more. For e-commerce sites, Dotcom-Monitor^® will measure quality of service for each phase of the transaction process as well as performance comparisons among different geographic areas. Dotcom-Monitor^® provides instantaneous notification of website and web application performance issues, based on customer configured notification and escalation parameters.

Conclusion

Using an external performance monitoring service will be critical with the advent of IPv6. Network and website managers must have a true view into end-user connectivity and the ability to receive instant notification whenever a problem occurs.