Technical and Economic Assessment of
Internet Protocol, Version 6 (IPv6)

IPV6 TASK FORCE
U.S. DEPARTMENT OF COMMERCE
National Telecommunications and Information Administration
National Institute of Standards and Technology

APPENDIX A:
Hypothetical Case Study: Enterprise Adoption of IPv6

The costs associated with an enterprise adoption of IPv6 can best be illustrated through a hypothetical case study. ^{[ 260 ]} Company A, a medium-to-large enterprise with an IPv4-only corporate network, determines that to contact Company B via an IPv6 connection, Company A needs to begin migrating its network to IPv6. This transition will cause Company A to incur costs for hardware, software, labor, as well as other costs that may arise from unforeseen or unpredictable security threats and other hurdles (e.g., interoperability).

Company A’s network infrastructure, combined with its present and desired future applications strategies, will determine the appropriate transition process and costs. For the purposes of this case study, we assume that Company A has eight core routers, 150 distribution switches, and four firewalls, all with varying individual costs. The primary applications that the company uses would need to be IPv6-capable, including limited video conferencing, some streaming video, and a company-wide inventory database. Company A has three full-time network specialists and allocates approximately $2,500 per year per employee on training. Table A-1 provides a breakdown of the infrastructure owned by Company A and its annual spending on IT staff and training.

Table A-1. Existing Infrastructure Components and Annual Labor Expenses for Hypothetical Company A

Network Component/Costs	Number of Units	Average likely Cost (per unit)	Total Cost
Router	8	$15,000	$120,000
Distribution Switches	150	$10,000	$1,500,000
Firewall	4	$1,500	$6,000
Network Specialist (1 Full Time Equivalent (FTE))	3	$55,000	$165,000/year
Training	3	$2,500	$7,500/year
TOTAL			$1,798,500

Source: RTI Networking Staff

In order to get immediate connection capabilities, Company A plans to establish a limited IPv6 network over a 6- to 12-month period; however, the majority of costs will be spread out over a transition period lasting at least several years. In the most likely scenario, Company A will follow a migration path that gradually increases the number of applications running IPv6 and the ability of its network to handle more IPv6 traffic. Table A-2 compares the costs as Company A progresses through the various stages of its migration strategy.

Table A-2. Transition Phases and Associated Costs

Transition Phases	Relative Estimated Size of Cost	Costs
		Hardware	Software	Labor	Other
Phase 1 (Minimal IPv6 using tunneling in a subset of the network)	Medium	Upgrading/ replacing backbone routers; replacing firewalls	Upgrading/ replacing any software that supports major network components	Existing IT personnel must be trained; new personnel may need to be hired to help install and run a dual-protocol network and to address new/additional security concerns	Scheduled downtime
Phase 2 a (Substantial IPv6 using a dual-stack network)	Large	Upgrading/ replacing remaining routers and all other networking hardware	Upgrading/ replacing all applications to be IPv6 capable	More IT training and network administration time/effort will be required before, during and after the installation; users might need to be trained to use new applications	More scheduled downtime; unexpected equipment and service outages; security threat effects
Phase 3 b (Native IPv6 with IPv4 translation and/or limited dual-stack)	Small/Medium	Upgrading/ replacing gateways and other devices to perform translation	Depending on the translation mechanism, new software may be required	Time/effort to install and maintain translation devices; training and support for users running only IPv6 applications	Interoperability issues with external Internet users/networks c
Phase 4 (Native IPv6 only)	Small	None	None	Time/effort to remove translation devices and software	Potential loss of business

Source: RTI estimates based on RFC responses and discussions with industry stakeholders.

^a The costs described in Phase 2 assume that Phase 1 has been completed.

^b The costs described in Phase 3 assume that Phase 2 has been completed. Additionally, several experts have noted that this step will be skipped in most cases.

^c Security threats will continue but most likely at a reduced cost since IPv6 intrusions will be better understood.

In Phase 1, Company A will transition from an IPv4-only network to an IPv4 network with IPv6 tunneling. ^{[ 261 ]} It will employ tunneling primarily to allow IPv6 communication with outside organizations and networks at a low cost; thus, they will employ host-to-host tunneling using a tunnel broker. By reconfiguring the network for tunneling and running dual-stack operating systems on hosts, Company A would provide IPv6 connectivity for a limited subset of the company’s hosts as a pilot group. Connectivity will later be extended to the entire corporate network and user base.

The extent of the costs associated with this first phase of migration will rely heavily on the presence of IPv6 capabilities within the network and host hardware and software. ^{[ 262 ]} After assessing hardware and software capabilities, Company A will need to develop a plan for how and when to incorporate IPv6 into its network.

This effort will involve contributions not only from IT administrators, but also from company leaders and/or any Internet users who can communicate the desire to have certain IPv6 capabilities. Such a process should take several months and could be quite costly in terms of labor effort.

Addressing specific expenditures, we note that Phase 1 equipment costs will include upgrading/replacing one or more routers to allow IPv6 tunneling and replacing firewalls and intrusion detection system (IDS) equipment for security. Unless Company A has an urgent need to gain IPv6 connectivity, it will incur these costs during a routine three- to five-year equipment upgrade cycle. Thus, a “size of cost” estimate does not include hardware and software costs. Because most computer operating systems currently support IPv6 (e.g., Windows and Linux), software costs for a pilot group of IPv6 users will be limited to any upgrades of applications to be used specifically with IPv6.

Labor and training costs will be a large part of this initial migration phase. Existing IT personnel must be trained to support IPv6. New personnel may be hired to assist with the operational overhead of installing IPv6, running two Internet protocols on a network, and addressing potential security concerns commonly associated with any major IT transition. Scheduled downtime and unexpected outages of equipment and services related to upgrades will result in additional costs.

As Company A decides to enable more internal Internet hosts to use IPv6, it will likely begin Phase 2 of its migration by integrating dual-stack capabilities into network routers that would allow more IPv6 messages to be sent and received, and would make such communication more efficient. Although Windows-based hosts could use Microsoft’s Teredo to send IPv6 messages with no changes to existing routers, ^{[ 263 ]} companies interested in transitioning to IPv6 will likely enable dual-stack capabilities in their network routers, as well as on most or all of their network and IT infrastructure while maintaining normal IPv4 operation.

Phase 2 will involve configuring dual-stack routers and running IPv4 and IPv6 simultaneously on most network equipment and hosts. Hardware not upgraded to IPv6 in Phase 1 will be upgraded during this phase. However, the majority of the costs will come from software upgrades and associated labor costs necessary to roll out new IPv6 services and applications to a large number of corporate users. ^{[ 264 ]} Training costs will also be incurred because these users need to be trained on new applications. Security issues will also require labor expenditures and, possibly, additional hardware and software.

In Phase 3 of Company A’s migration plan, it will use IPv6 predominantly for network transmission, and use either dual-stack capable subnetworks or IPv6-to-IPv4 translation to interact with internal and external IPv4 networks. The decision to move from Phase 2 to Phase 3 will turn on cost savings – whether the costs of network support for IPv4 exceed the costs of supporting IPv6. Estimated to be many years away, Phase 3 will most likely involve employing an IPv6 network with remaining “pockets” of IPv4 within the company. Equipment continuing to run IPv4 even after this phase may include legacy information pieces, such as mainframes and databases that are too expensive to upgrade during Phase 3. The only likely equipment costs are gateways and other devices if IPv4/IPv6 translation is needed. Labor costs may be incurred for planning, testing, and moving to native IPv6, as well for the installation and maintenance of these translation devices. Additional labor costs may come from supporting a large base of users now running IPv6 natively and the associated issues that may arise.

Lastly, as IPv4 traffic becomes less common, Company A will decide not to support translation devices. In Phase 4, any networks or hosts still operating on IPv4 stacks will have to have dual-stack capabilities or translation devices to communicate with IPv6-only hosts or networks.

APPENDIX B

FOOTNOTES

^[260] This hypothetical builds on the discussion of IPv6 transition costs presented in Section 2.2 of the main report. It is also based on RTI’s review of the RFC comments and its discussions with industry stakeholders and RTI’s own networking staff.

^[261] Tunneling refers to using tunneling techniques in one or more routers to enable IPv6 messages to traverse IPv4 networks, and running dual-stack operating systems on host computers. In order for any IPv6 applications to be used on IPv4-based computers, the operating system on each computer will need to support both the IPv6 and IPv4 protocol stacks.

^[262] As routine upgrades take place, IPv6 capabilities will be part of installed hardware and software both at the host level and at the network level, though not on the same timeframe. Although the capabilities have to be enabled, or “turned on,” the level and timing of IPv6 capabilities will significantly affect transition costs.

^[263] Microsoft’s Teredo is a software application that allows an IPv6-over-IPv4 tunnel to originate at a Windows host, rather than at a router. Teredo encapsulate IPv6 packets within certain IPv4 packets, allowing messages from an IPv6 host device to be routed over IPv4 networks and even through IPv4 NATs. See Microsoft TechNet, “Teredo Overview,” at http://www.microsoft.com/technet/prodtechnol/winxppro/maintain/teredo.mspx (last updated Jul. 30, 2004).

^[264] During this phase, the majority of network management software and user software and applications will be IPv6-enabled.