1 / 22

IPv6: A campus experience

IPv6: A campus experience. 2nd CLARA-TEC Meeting Presentation Vera Cruz, Mexico Tim Chown tjc@ecs.soton.ac.uk Electronics and Computer Science University of Southampton. Wot, no ‘business case’?. Those common questions… ‘When will IPv6 replace IPv4?’

kordell
Download Presentation

IPv6: A campus experience

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. IPv6: A campus experience 2nd CLARA-TEC Meeting Presentation Vera Cruz, Mexico Tim Chown tjc@ecs.soton.ac.uk Electronics and Computer Science University of Southampton

  2. Wot, no ‘business case’? • Those common questions… • ‘When will IPv6 replace IPv4?’ • ‘What is the business case to deploy?’ • At Southampton, we deployed in support of • Teaching (hands-on is the best approach) • Research (EU FP5/FP6, EPSRC, DTI,…) • Connectivity to *and* from other IPv6 networks (Asia, including China, also staff/student SOHO/DSL,…) • Cultivation of new applications (ECS-TV, Surge radio,…) • Cultivation of new services (Mobile IPv6 between WLANs) • Most operating systems/routers ship with IPv6 • Control it before the bad guys do :)

  3. Status • IPv6 deployed in production ‘on the wire’ • Pervasive dual-stack on all subnets (~20, inc. 1000+ hosts) • Includes IPv6 multicast (ASM and SSM) • Many *nodes* IPv6 enabled, including all UG labs • Key services made dual-stack: DNS, Web, SMTP, NTP • Remote access methods deployed (tunnel broker) • Creating an environment into which IPv6-only nodes can deploy and operate • Though these may be some time off in Europe • Stimulate staff research and student innovation

  4. Steps in deployment • Get IPv6 address space allocation • http://www.ja.net/development/ipv6/experimental_service.html • Deploy a local router • Could be Linux, BSD, Cisco, etc… • Arrange connectivity, ideally academic… • Universities can tunnel to JANET Experimental service, until their regional network can deliver a native service • Deploy some security measures • IPv6 packet filter (e.g. BSD), though port-scanning unlikely • Enable internal routing and services (e.g. DNS) • Then connect and enable systems and applications

  5. Address space and allocation • Hierarchical, provider assigned (PA) address space • JANET 2001:630::/32 • SOUTHAMPTON 2001:630:d0::/48 • SOUTHAMPTON-ECS 2001:630:d0:0::/52 • Various address allocation/management methods: • Statelessly autoconfiguring hosts • Statefully configuring hosts (DHCPv6) • Privacy Addresses (reduces tracability of autoconf hosts) • Unique Local Addresses (‘private’ address space) • DHCPv6 defined (RFC3315), few implementations • Needs to be consistent with IPv4 DHCP

  6. IPv6 routing on site • IPv6 supported natively dual stack by European National Research Networks and GEANT • The UK academic network JANET is dual-stack • Our regional network (LeNSE) has deployed (Cisco) 6PE • IPv6 presented to us natively on campus as GigE • Ideally IPv4/IPv6 would be routed internally on common infrastructure, dual-stack • Our existing hardware (Alcatel) does not support this • Thus we deployed a (temporary) parallel IPv6 routing infrastructure using Cisco/BSD routers. • Re-procuring in Summer’05, aiming for common hardware

  7. Parallel routed infrastructure • Use 802.1q VLANs to “inject” IPv6 into existing IPv6 network subnets • See IETF I-D: draft-chown-v6ops-vlan-usage-02 • Allows managed intranet IPv6 deployment • Have congruent IPv4 and IPv6 subnets, since IPv6 Router Advertisements injected into each IPv4 subnet, where each subnet’s traffic is constrained by a unique VLAN ID. • BSD can write a packet’s VLAN ID based on observed destination IPv6 prefix, and can port balance if required • Early traffic levels sustainable via BSD platform • NB. This is only an interim measure • But has been in production use for ~2 years!

  8. Parallel IPv6 infrastructure

  9. IPv6 DNS • Supported in (some) root servers, for .uk (Nominet), and for .ac.uk (JANET NOSC) • In campus, use BIND 9 • Configure resolvers to use both protocols • Add AAAA records for dual-stack hosts ;; ADDITIONAL SECTION: ns0.ecs.soton.ac.uk. 390 IN A 152.78.70.1 ns0.ecs.soton.ac.uk. 390 IN AAAA 2001:630:d0:116::53 ns1.ecs.soton.ac.uk. 390 IN A 152.78.68.1 ns1.ecs.soton.ac.uk. 390 IN AAAA 2001:630:d0:117::53 ns2.ecs.soton.ac.uk. 390 IN A 152.78.71.1 ns2.ecs.soton.ac.uk. 390 IN AAAA 2001:630:d0:121::53

  10. IPv6 web serving • Enable IPv6 in Apache 2 • Includes www.ecs.soton.ac.uk, www.ist-ipv6.org, www.ipv6forum.org • Stats for www.ist-ipv6.org:

  11. IPv6 email transfer • Supporting IPv6 MX • Configured sendmail to listen on IPv6 • Added AAAA entry for MX server • Sending host can then choose IPv4 or IPv6 Received: from tyholt.uninett.no ([IPv6:2001:700:1:4::1:0]) by jackdaw.ecs.soton.ac.uk (8.12.10/8.12.10) with ESMTP id j2NBH3ix000857 for <tjc@ecs.soton.ac.uk>; Wed, 23 Mar 2005 11:17:03 GMT Received: from storhaugen.uninett.no (storhaugen.uninett.no [IPv6:2001:700:e000:0:290:27ff:fe22:7186]) by tyholt.uninett.no (8.12.10/8.12.10) with ESMTP id j2NBH3LL019094 for <tjc@ecs.soton.ac.uk>; Wed, 23 Mar 2005 12:17:03 +0100

  12. Example applications • Various streaming tools: • ECS-TV • http://www.ecstv.ecs.soton.ac.uk/ • (locally scoped IPv6 multicast, using videolan package) • Surge • http://www.ipv6.ecs.soton.ac.uk/virginradio/ • (re-broadcast - with permission - digital radio using icecast) • http://www.surgeradio.co.uk/listen/advanced.html • (University radio station, includes IPv6 multicast) • Conferencing tools • Gnomemeeting, OpenH323 • Globus-based weather station system

  13. MRTG: IPv6 traffic levels The statistics were last updated Wednesday, 23 March 2005 at 12:15 Top: external IPv6 (via Cisco 7206) Bottom: IPv6 on one internal subnet (BSD)

  14. External routing stability • Various tools are available • We’re using RIPE Test Traffic Measurement servers • http://www.ripe.net/projects/ttm/data.html • But only useful to other TTM servers • Some 100 deployed, around 30 IPv6-enabled now • Includes historical traceroutes

  15. Remote IPv6 access tools • Want to support IPv6 users in home or other networks when no IPv6 support from that ISP • e.g. Home ADSL, wireless hotspots, conferences • Have thus deployed: • Tunnel broker (in-house), Hexago broker • 6to4 relay (manually configured) • OpenVPN broker • Discussing a possible tunnel broker experimental service with UKERNA • Encourage university pilots and home users to try IPv6 connectivity, grow the UK academic IPv6 community

  16. The tunnel broker model

  17. Web site(s) (Apache2) Login/FTP (ssh, sftp) DNS (bind9) SMTP (sendmail) RADIUS (Radiator) NTP (TTM, Meinberg) RIPE TTM server Nagios MRTG Snort Jabber IRC Open.H323 SIP-based VoIP (SER) Video streaming Radio streaming … Tunnel broker 6to4 relay Summary of IPv6 services

  18. Mobile IP • Mobile IP addresses two problems: • Maintaining network sessions when moving between different IP subnets, e.g. when streaming radio over IP • Being addressable via a fixed global IP address • IPv6 has a specific Mobile IPv6 standard • RFC3775, RFC3776 • Relies on a Home Agent to ‘redirect’ traffic to a mobile node while it is away from its home network • Some early implementations • For example, www.mobile-ipv6.org (mipl/Linux)

  19. Mobile IPv6

  20. Community wireless (SOWN) • Student-run 802.11-based wireless network • External presence in/around campus • Complements campus (indoor) WLAN presence • SOWN has IPv6, currently via 6to4 • Running MIPv6 between them (e.g. for streaming, ssh) • Raised some issues, e.g. MIPv6 firewalling

  21. IPv6 Multicast • Been around for a long time for IPv4 • Two thrusts in IPv6: • ASM, using embedded-RP for inter-RP communication • SSM, simplifying the model, easing deployment • Running both on site, using BSD and Cisco routers • Connectivity to 6NET, m6bone and soon GEANT • IPv6 SSM applications… • Ported Mad-FLUTE to support IPv6 SSM • Using for reliable file transfer over multicast • Planning demo distributing MP3’s for IPv6 ‘jukeboxes’ (which could be in user home networks)

  22. Conclusions • Some observations: • IPv6 is deployable in an academic enterprise network • The basic services can be IPv6-enabled • Without significant adverse impact on the IPv4 service • Some gaps, mainly in vendor application space • But these can continue to use IPv4 • Interim deployment solutions for early adopters exist, until IPv6 capability is available through re-procurement • Deploying attracts interest from students • We are seeing some new services/applications emerging • IPv6 ‘helpdesk’ - contact ‘helpdesk@6net.org’

More Related