170 likes | 278 Views
ESnet Site Coordinators Committee (ESCC): IPv6 Activities & Directions. Phil DeMar (ESCC Chair) demar@fnal.gov HEPix IPv6 Workshop (CERN) June 22, 2011. Background (I): ESnet. US Dept of Energy (DOE) network for its research facilities (Labs) & scientists: ~40 backbone sites:
E N D
ESnet Site Coordinators Committee (ESCC): IPv6 Activities & Directions Phil DeMar (ESCC Chair) demar@fnal.gov HEPix IPv6 Workshop (CERN) June 22, 2011
Background (I): ESnet • US Dept of Energy (DOE) network for its research facilities (Labs) & scientists: • ~40 backbone sites: • Peering with >100 networks • Advanced technology facility: • N (x) 10Gb/s today • 100Gb/s backbone by end-of-year • ESnet IPv6 support: • Early deployment of IPv6 thru 6-Bone (2002) • Native IPv6 service since 2006 • IPv6 support for www.es.net since 2008 • Their mail gateway & DNS server support IPv6 as well…
Background (II): ESnet Site Coordinators Committee (ESCC) • Committee of US National Labs network managers/staff • Interactions with ESnet Manager & staff • Interactions with US DOE Programs & other users of ESnet facilities • Information exchange on common LAB networking issues • Twice-a-year ESCC meetings: • Collaboration with Internet2 community on JointTechs conferences • Coordinated effort on significant common network tasks • DNS sec (produced deployment guidance white paper) • IPv6 implementation
US Federal Government IPv6 Directive • Office of Management & Budget memorandum: • Upgrade external/public-facing servers & services (eg. Web, email, DNS, ISP services, etc.) to use native IPv6 by the end of FY2012 • Upgrade internal client applications that communicate with public Internet servers to use native IPv6 by the end of FY2014 • Intent: If USG-provided network service is currently available to all users of the public Internet, that service must be available to a user who only has IPv6 capabilities. • Note: Not a transition plan for all USG systems to IPv6 • Focus is on public internet services, offered and consumed • But expectation is wider-scale deployment will naturally follow…
US National Labs IPv6 Requirements & Demands • Labs not pressed for IP address space • Modest-sized IPv4 address blocks (CIDR) still available from ESnet • Labs open science requirements: • Global in scope, with large international collaborations • Currently, no collaboration demands for IPv6 • But requirements for IPv6 support expected in “near” future • Individual IPv6-only collaborators • Distributing computing systems for new experiments • Labs perceived to be on leading edge of technology • Creates some incentive to support IPv6 early • But resource limitations & priorities limit IPv6 effort
ESCC IPv6 Planning Directions • Focus on 2012 milestones • But keep 2014 milestones in mind… • Concisely define scope of 2012 milestones for Labs • Lab interpretation of “public-facing” = intended for general public • Explicitly identify what services we’ll work on • Public web servers, site email gateway, DNS • Form ESCC IPv6 task force(s) • Non-goal: common detailed implementation plan • Each Lab will have different requirements & priorities
ESCC IPv6 Task Forces (I) • Task Force(s) characteristics (generic): • Specific objective; tied to 2012 milestone • Short term deliverable (3-4 months…) • Low/modest effort • 3-5 people • Positive aspects: • Gets Labs out in front on DOE IPv6 transition planning • Engages wider spectrum of Lab community • Tangible deliverables (presumably…) useful for individual sites • Negative aspects: • Effort needed • Obligation to produce
ESCC IPv6 Task Forces (II) • IPv6 Planning Process TF • Who needs to be engaged at sites • High-level roadmap to get there • IPv6 Technical Implementation Checklist TF • Identify basic network-level issues w/ recommendations • IPv6 Implications for Security Infrastructure TF • Identify spectrum of security tool issues & problems • Requested a lab security monitoring work group do this…
IPv6 Planning: Strategic view What you see shouldn’t sink your ship What you don’t see might…
Preliminary Site IPv6 Planning Checklist • Objective: Develop structured checklist as a planning template • Basic structure: • Ordered set of steps to follow in planning • Drafted from a 2012 deliverables perspective • Guidance and/or recommendations on each step
Site IPv6 planning checklist (II) • Establish initial IPv6 impact assessment group • Scope spectrum of site effort w/ cost guesstimate • Management buy-in process • Key technical decisions of a strategic nature • Test / development environment • Draft target (2012) deployment • Lay out roadmap(s) to achieve target deployment • Implementation planning guidance • Documentation & training
Site IPv6 technical checklist (preliminary…) • Strategy: Organize IPv6 implementation guidance & recommendations into distinct “modules”: • A structure for developing tutorials & checklists • Allows a tighter focus on target audience • Basic structure within each module: • Identify specific issues or areas of concern • Differentiate between 2012 & 2014 implications • Provide guidance and/or recommendations • Slide tutorial being developed for each module
Site IPv6 technical modules (I) • Addressing checklist • Address block selection & acquisition • Subnet allocation model • Address configuration model (static & stateful/stateless autoconfig) • Use of site/local addresses (ULAs) • Site multi-homing considerations • Routing checklist: • Selection/configuration of routing protocols • WAN connectivity / peering issues • Neighbor discovery & Stateless Autoconfig (SLACC) • IPv6 tunneling considerations • NAT issues
Site IPv6 technical modules (II) • Host IPv6 Address Management (IPAM) • Domain Name Service (DNS) issues • Computer Security (Inter-Lab network security monitoring group) • Guidance on IPv6 implementation for public services • IPv6 performance issues & considerations • Test / Development Environment(s) • IPv6 network management & monitoring • IPv6 service monitoring as well • Host IPv6 considerations
ESCC Task Force(s) Near Term Focus • First draft of IPv6 “guidance” document(s) by next meeting • High-level • With references to existing documentation & deployment guidelines • Living document, with iterative revisions over time • Capitalize on each other’s efforts: • Develop a common lessons-learned environment • Make use of each other’s IPv6 documentation • Share or even coordinate in IPv6 tools development
? Questions