1 / 30

Why IPAM for the transition to IPv6?

Why IPAM for the transition to IPv6?. Jos de Klein Professional Services Manager Europe jklein@bluecatnetworks.com. Another Day at the Airport. http:// www.satnews.com / cgi -bin/ display_story.cgi?number =1143127680. Analysts’ Take on BlueCat.

adanne
Download Presentation

Why IPAM for the transition to IPv6?

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Why IPAM for the transition to IPv6? Jos de Klein Professional Services Manager Europe jklein@bluecatnetworks.com

  2. Another Day at the Airport http://www.satnews.com/cgi-bin/display_story.cgi?number=1143127680

  3. Analysts’ Take on BlueCat “Strong Positive in 2012”Highest possible rating 2nd year in a row. “Go-to DDI vendor for enterprise I&O because of its ease-of-use solutions” Source 2012 DDI Marketscope, Gartner Research, Inc., April, 2012. Source An Infrastructure Can Only Be As Efficient As DNS, DHCP, and IP Address Management, Forrester Research, Inc., December, 2011.

  4. Evolution of IP Address Management (IPAM) Spreadsheet Manually assigned and tracked • IP Address Management • (IPAM) • Name Resolution • (DNS) • IP Address Assignment • (DHCP) • Homegrown Tools • Self developed individual tools • Leverage Bind, MS or others • IPAM • Centralized full management of DNS and DHCP • IPv6, DNSSEC & Web-based IPAM

  5. What is IPAM ? IPAM IP Inventory Subnet Allocation Multi-Core Architecture DNS DHCP Services

  6. IP Address space modeling

  7. IPAM Implementation • Push DNS and DHCP configurations toAdonis/Windows® • Pull DHCP lease and DDNS updates fromAdonis/Windows®

  8. About Apple > 280 retail stores worldwide DHCP for employees and customers Key Objective Optimal use of IP address space (result: 20min DHCP leases) About their Deployment 2 x Proteus 5000 Centralized IPAM 640+ Adonis XMBs 2 XMBs per store with DHCP failover Apple

  9. BYOD Begins with Device Registration BlueCat Networks & Yale University

  10. Why? Device Change is Exponential Total # of Devices Onboarded Time

  11. Gartner’s Take on BYOD… It’s about balancing conflicting goals: • Social (keep employees happy) • Business (keep processes running effectively) • Financial (manage costs) • Risk management (stop bad things from happening) Doing nothing is not an option.

  12. How it works Bring Your Own Device Register Your Own Device Connect Your Device

  13. BlueCat = Span of Control and Visibility Mobile Device Management Device Onboarding Device Offboarding Network Access Control Device and User Auditing Span of Control and Visibility

  14. Getting Connected to All ✔ IPv6 IPv4/IPv6 IPv4 IPv4 Only

  15. Why was IPv6 Developed? • Growth of Internet – new users coming online • Need for simpler auto configuration (without requiring DHCP) • Better integration of beneficial services and features including QoS and IPSec (no NAT!) • Advanced Multicasting, no Broadcasting • Chance to create a more efficient protocol from the top-down (fixed headers, hierarchical addressing) • IPv6 Mobility supports mobile IP, not loose sessions

  16. IPv6 Address Structure 2001:DB8:1234:ABCD:1322:0000:FE44:0566 • Prefix identifies the network (and subnet) portion of an IPv6 address • Interface ID represents the host portion • IPv6 address is 128 bits (8 x 16 bits/4hex) • IPv4 address is 32 bits (4 x 8 bits/decimal)

  17. Flexible Subnetting (example) • Simplest method of subnetting • Increments at the hex nibble • Each Hexadecimal nibble (country and city) provides 16 /64 networks (24) • Two nibbles (subnets) provide 256 /64 networks (28) 2001:DB8:1234: 1 8 1A /64 Country City Subnet

  18. No Broadcasting in IPv6 ! • Neighbor Discovery (RFC 4861) – no ARP • Used to contact neighboring nodes and routers • Message types include: • Neighbor Solicitation • Neighbor Advertisement • Router Solicitation • Router Advertisement • Duplicate Address Detection (DAD) - to verify uniqueness of IPv6 address

  19. IPv6 Prefix – 3 IP Addressesper Device 2001:DB8:1234:ABCD:1322:0000:FE44:0566 • A node’s prefix depends on how it is assigned: • Global Prefixis allocated by a RIR or provider 2000::/3 • Unique Local prefix is usually randomly generated by the organization FC00::/7 • A Link Local prefix is always FE80::

  20. Link Local Unicast Addresses X FE80::1 X FE80::1 FE80::3 FE80::2

  21. Unique Local and Global IPv6 routing 2001:DB8:EFAB::1 2001:DB8:ABCD::1 FD00:ABCD::1 FD00:ABCD::5

  22. Types of IPv6 Autoconfiguration • Stateless (SLAAC) – node auto-generates addresses based on prefixes received from a router (security concerns, it uses the MAC address) • Stateful DHCPv6 –IP address and options from DHCPv6 server – e.g. use IPAM • Both– address via SLAAC, options via DHCPv6 also known as Stateless DHCPv6 – e.g.useIPAM • Node can use either method

  23. IPAM and DNS - Forward Zones • AAAA (pronounced quad A) resolves DNS names to IPv6 addresses • The IPv6 address can be written in its full or abbreviated form When using dig for a AAAA, type AAAA at the end of the dig statement

  24. Use IPAM to Develop Your IPv6 Road Map

  25. Discover IPv4 Data with BlueCat Create reconciliation policies to ensure IPAM data accuracy Capture router connected to IP address Track DNS and MAC address details for IP Detect reclaimable, unknown and updatable IP addresses to stay current with network Capture switch port details for each IP address

  26. Discover IPv6 with BlueCat Track IP to device to router/switch port Discover IPv6 devices MAC address and FQDN are discovered Track IP to device to router/switch port

  27. Document IPv6 Space with BlueCat Track details and metadata for IP Networks IPv6 Network Discovery to verify IPv6 data integrity Map business logic to IPv6 data through Smart Tagging Configure access rights to delegate control over IPv4 and IPv6 space Track all changes to IPv4 and IPv6 data

  28. Track IPv4 and IPv6 with BlueCat Track dual-stacked hosts from the IPv4 or IPv6 address…

  29. Conclusion:Implementing IPv6 Requires IPAM • Organizations need to look at implementing DNS, DHCP and IPAM together (Investigate vendors that do all three) • DNS is a must for IPv6 go-live • DHCPv6 is a must for IPv6 go-live • IPAM is important to help smoothen the transition

  30. Thank You

More Related