ABSTRACT
Considerable work documented in a number of RFCs has been undertaken in recent years to develop IPv6 transition strategies and mechanisms to facilitate the migration from IPv4 to IPv6. Examples of proposed approaches include, but
are not limited to: SIT/6over4 (“Simple Internet Transition” or “Six In Tunnel”), 6to4 automatic SIT tunnels, and Teredo (IPv6 over UDP). Th e basic transition approaches include (i) the use of dual stacks in appropriate Network Elements including possibly end systems; (ii) the use of tunneling; and (iii) the use of protocol conversion (translation). Th ere are a number of variants with these basic techniques, but in general, the three categories capture the various approaches. Table 8.1 provides a basic migration glossary [RFC1933]. Th e security issues are similar for all
Table 8.1 Basic Migration Glossary
the transition scenarios, although there are some diff erences in the specifi cs. Th e key objectives in developing a secure transition strategy are:
Allow IPv6 and IPv4 hosts to interoperate Allow IPv6 hosts and routers to be deployed on the Internet in a diff use and incremental fashion, with few interdependencies Make the transition as transparent as possible for end users, applications, and system and network administrators
As already discussed, the following transition strategies have been widely discussed in the industry:
Encapsulation (tunneling) Th e Simple Internet Transition (SIT) (RFC 1933) − 6over4 (RFC 2529) − 6to4 (RFC 3056) − Teredo (UDP port 3544). Teredo allows IPv6 connectivity between − IPv6/IPv4 nodes that are separated by one or more NATs [For example, on Microsoft systems Teredo is available for Windows Vista, Windows XP with SP2 and later, and Windows Server 2008, among others].
