Deploy360 11 April 2012

Network World Tests Six IPv6-Enabled Application Delivery Controllers (load balancers)

By Dan YorkDirector, Internet Technology

Back in February, Scott Hogg at Network World put together a “Clear Choice Test” on “IPv6-Enabled Application Delivery Controllers (ADCs)” that explored the idea of using an ADC (what we used to think of typically as a “server load balancer”) to IPv6-enable content that exists on IPv4-only web servers.  As the intro to the series of posts explains:

If an organization were to deploy an IPv6-capable Server Load Balancer (SLB) or, using the most current term, Application Delivery Controller (ADC), they could configure an IPv6 Virtual IP (VIP) and an IPv4-only server farm.

This would allow Web apps hosted on IPv4-only servers to appear to the Internet user as IPv6-applications. The way it works is that clients would connect to the IPv6 VIP, and the ADC would perform a reverse-proxy function and terminate the IPv6 HTTP Internet connection, then create a new IPv4 HTTP back-end connection to the IPv4-only application servers. The server would not necessarily know the IP version being used by the client and it would happily return the data to the ADC appliance using IPv4. The ADC appliance takes that IPv4 response from the server, copies the HTTP application data and transmits it back to the IPv6-connected client.

Essentially, you are using your load-balancing infrastructure to also proxy the IPv6 to IPv4 connection.

It’s quite a useful and interesting idea for enterprises who want to make their content available over IPv6  (particularly with World IPv6 Launch approaching) but are concerned about making changes directly to their current web servers.  It may be easier as a first step to make changes to your ADC infrastructure (or even to install such an infrastructure).

Sadly, Network World has now locked this good content behind a registration wall and so you can only read their full report if you sign up to be an “Insider”. This is “free” in cost but does require you to provide info for them to track and monitor your usage.  If you are registered already or are okay doing so you’ll be able to read the full report and recommendations.  If you don’t want to register, the idea in general may be worth pursuing and you should explore your options.  (Wikipedia has a nice writeup on Application Delivery Networks that provides names and links to some of the vendors involved.)

Disclaimer: Viewpoints expressed in this post are those of the author and may or may not reflect official Internet Society positions.

Related articles

Improving Technical Security 15 March 2019

DNS Privacy Frequently Asked Questions (FAQ)

We previously posted about how the DNS does not inherently employ any mechanisms to provide confidentiality for DNS transactions,...

Improving Technical Security 14 March 2019

Introduction to DNS Privacy

Almost every time we use an Internet application, it starts with a DNS (Domain Name System) transaction to map...

Improving Technical Security 13 March 2019

IPv6 Security for IPv4 Engineers

It is often argued that IPv4 practices should be forgotten when deploying IPv6, as after all IPv6 is a...