Management in the company decides that it is time to gain experience with IPv6. While there hasn't been much direct customer demand to date, there are a couple of large influential clients that have it on their long-term radar, and there is a need to gain understanding now so as to avoid buying new equipment that might impede IPv6 deployment over its lifetime in the network.

A single individual is tasked with the job of gaining familiarity with IPv6, setting up a small test network (one router, one server and connectivity to the IPv6 Internet) and beginning the process of educating the rest of the operations staff.

The "IPv6 expert" procures a UNIX-based server and a spare Cisco 7200 router with Ethernet and ATM connectivity. An IPv6-in-IPv4 tunnel is configured to one of the ISP's peers who have already set up IPv6, and address space is obtained from them. At the same time, the ISP begins the process of requesting IPv6 address space from RIPE, which involves preparing a deployment plan.

After connectivity is successfully set up, a variety of IPv6-capable services are configured on the server, including a web server (Apache 2), an SMTP daemon (Exim), an IMAP server (Courier IMAP) and a DNS server (Bind 9). The server is placed in the domain ipv6.ISPNAME.net, and acts as the primary DNS server for that domain. The ISP asks its (IPv4-only) DNS secondaries to carry the forward and reverse DNS zones, thereby checking on an isolated subdomain whether the addition of IPv6 records causes any unexpected problems.

To begin the very first stages of integration, IPv6 connectivity is enabled on the local office LAN of the operations centre by means of VLAN trunking on the Cisco 7200. IPv6 is then enabled manually one machine at a time on the LAN, and any problems are noted and dealt with.

A policy is instituted that any new network equipment bought must either be IPv6 capable, or have a roadmap for native IPv6 connectivity in a short timeframe.

Having gained experience with the initial deployment, it is time to begin expanding the network and taking the first steps to integration. Expertise begins to grow throughout the company.

The ISP receives its own address space from RIPE and, while the deployment is still small, renumbering begins. This involves developing an addressing plan that will scale into the future. The organization has been granted a /32 prefix from RIPE. In the addressing plan, one-quarter of this (a /34) is assigned for the deployment project, with the rest reserved for future use. This space is then divided into four chunks of size /36 each, one for each region in which the network operates.

In line with the rules of their Regional Internet Registry, the plan then allocates one /48 to each PoP in the network. Note that these are not configured yet and may not be for quite some time—they are reserved in the addressing plan for when that time comes. As infrastructure in any one PoP is dual stacked, addresses are assigned from the appropriate block for that PoP. Customers in each region will be given allocations from the corresponding /36, which will allow the routing protocol to aggregate announcements between PoPs.

With renumbering complete, the way is now open for the ISP to run BGP and arrange peering and transit in the usual manner from other networks.

The ISP has an infrastructure based on, among other technologies, ATM and wide-area Ethernet. An additional router is procured and a dedicated IPv6 wide-area link is set up over ATM to another PoP. Private peering is arranged with a willing ISP that is also located at the same data center. This is still separate from the existing IPv4 routed network, but shares some of the switch infrastructure that, as it was used in the previous step, has been shown to be agnostic of IPv6 traffic.

Meantime, a policy is instituted that any service upgrades and new services should be IPv6-capable. Managed services staff can use the experience gained from the IPv6 server set up in the previous phase, and can carry out further experiments there before deploying IPv6-capable services in production.

Now that the prerequisites for deploying an IPv6 routing infrastructure are understood, the ISP surveys its existing network with a view to supporting dual-stacked operation. The policy of purchasing IPv6-capable equipment initiated in step 1 begins to pay dividends as the impact of IPv4-only equipment is minimized.

Early-adopter customers who are willing to participate in the IPv6 rollout can now be facilitated by means of IPv6-in-IPv4 tunnels or dedicated virtual circuits or VLANs on their wide-area links.

The time has come to integrate IPv6 support with the existing network, upgrading or deploying workarounds where necessary. Training is provided for all operations staff, conducted by those who have gained experience in previous phases. A deployment plan is drawn up by the IPv6 team and, after an initial run-through on a single router, is handed over to the operations team to implement (with support from the IPv6 team) so that they are happy that they have the expertise to deploy and support IPv6 on their infrastructure.

In the meantime, the remaining IPv4-only managed services are undergoing upgrades drawing on the experience of dual-stacking services in the previous step. IPv6 is now provided in the routing infrastructure and on managed services as a matter of course.

As necessary for a production deployment, the monitoring infrastructure is adjusted and upgraded to ensure that IPv6-specific faults are detected and dealt with.

Customers, who are dealing with internal requests for IPv6 connectivity, can be facilitated by means of transition mechanisms and, as the rollout proceeds, with native connectivity as and when they are ready to take advantage of it.

IPv6 is now rolled out and supported network-wide. Ongoing upgrades maintain existing IPv6 connectivity, removing workarounds where they were necessary and improving performance where only software-based forwarding was available on hardware-based routers. The IPv6 routing policy is brought into line with IPv4 and native peering is preferred over tunnels with existing peers and transit providers.

An Internet Exchange Point (IXP) is a facility that provides a place multiple for Internet Service Providers to meet and exchange traffic. Their aim is to save money for the ISPs and improve connectivity for their customers. Think of it as a switch into which multiple customers connect over WAN links; it's a way to get direct peer-to-peer connectivity in a scalable fashion.

There are two basic scenarios for how IPv6 might be used within the context of an IXP. First, an exchange itself might like to enable IPv6 services to offer to its members, and second, a member might like to participate in IPv6 peering across an exchange.

The members of the IXP decide to implement IPv6 as fully as possible within the exchange as part of the goals for the next financial year. As part of the usual schedule of rolling switch upgrades they specify that vendors will be unable to respond to tenders without including details on their level of support for IPv6.

IXP operations decides to do the easy bit first, and applies for special IXP address space from their nearest RIR. They examine the RIR Comparative Policy Overview,^[21] which specifies that to qualify for this space, "the IXP must have a clear and open policy for others to join and must have at least three members." The IXP qualifies, so they continue with their application. The exchange point mesh is itself "neutral" and should not be seen to receive transit from any particular member.

The address space that is received is for the peering mesh only. While it's assumed that the direct peers of an IXP will route this /48, it's likely that other more remote networks will reject advertisements of such a small network. The operations team therefore assumes that this address space, while unique, is not globally routable and so can't be reached from all places on the internet. Services such as looking glasses and NTP servers that need to be globally reachable must still get their address space from one (or more) transit providers. Thankfully in this case, one of the members is already providing IPv4 address space for the services LAN, and can persuaded to provide IPv6 address space for it too. There is little danger in this particular case of the members falling out and withdrawing address space, so it is viewed as an acceptable risk.

Fully-capable IPv6 switches and operating system versions are obtained, and a scheduled upgrade is performed. This upgrade also dual-stacks the existing server in the services LAN, as well as its associated services. Testing reveals no problems.

Members now have the choice of presenting at the exchange with a second IPv6-only router, or simply dual-stacking their IXP router. Policies are rewritten to ensure members turn off RAs on their IXP present routers, and peering is negotiated between members as usual. The operations team extends its monitoring system to include member IPv6 addresses, implemented via a database. Successful peering happens within weeks of the upgrade, and the project is declared a success.