1 / 25

TANet 6RD (IPv6 Rapid Deployment)

TANet 6RD (IPv6 Rapid Deployment). TANet 南投區域網路中心 National Chi Nan University Dr. Quincy Wu (solomon@2012.ipv6.club.tw). Facts about IPv4/IPv6. More and more devices are connecting to the Internet.

najila
Download Presentation

TANet 6RD (IPv6 Rapid Deployment)

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. TANet 6RD (IPv6 Rapid Deployment) TANet 南投區域網路中心 National Chi Nan University Dr. Quincy Wu (solomon@2012.ipv6.club.tw)

  2. Facts about IPv4/IPv6 • More and more devices are connecting to the Internet. • There are 6.5 billions people in the world, but there are only 4 billions of IPv4 addresses. • Despite of the technologies of DHCP and NAT, the demand of IPv4 addresses keeps growing. • We have run out of the last 5 class A (/8) IPv4 addresses in Feb. 2011. • The transition to IPv6 is not a problem of “whether”, but a problem of “when” and “how”.

  3. IPv4–to–IPv6 Transition Strategy(RFC 2893; obsoleted by RFC 4213) • Dual Stack • Reduce the cost invested in transition by running both IPv4/IPv6 protocols on the same machine . • Tunneling • Reduce the cost in wiring by re-using current IPv4 routing infrastructures as a virtual link. • Translation (RFC 2766 NAT-PT; obsoleted by RFC 4966) • Allow IPv6 realm to access the rich contents already developed on IPv4 applications • From 16-bit DOS to 32-bit Windows • From 4-byte IPv4 to 16-byte IPv6

  4. Many Hosts Are IPv6-Ready • Although TANet backbone enables IPv6 since many years ago, many campus routers are still IPv4 only. • For departments, laboratories, and individuals are want to try IPv6, they don’t have IPv6 connections, even though their Windows 7 or CentOS 6 support both IPv4/IPv6.

  5. How to get IPv6 connection if your network manager is reluctant to support it • The deployment pace is unexpectedly slow. • My lab joined an inter-university project, and convinced all other professors to adopt IPv6. • Each professor should enable IPv6 in his department. According to RFC 3177, each subnet should be allocated a block of /64. • RFC 3177 recommends the assignment of • /48 to each organization in the general case, • /64 when it is known that one and only one subnet is needed • /128 when it is absolutely known that one and only one device is connecting • Each university has a /48, so it has 65536 blocks, which is quite a lot. • However, the computer center refused to allocate a /64. “How many devices do you have? Many sensors? All right, I shall allocate you a /112, because you won’t have more than ten thousand sensors!”

  6. IPv6 Network IPv6 Network IPv4 Transport Header Transport Header Tunnels of IPv6 over IPv4 • Encapsulating the IPv6 packet in an IPv4 packet • Tunneling can be used by routers and hosts IPv6 Header Data IPv6 Host IPv6 Host Dual-Stack Router Dual-Stack Router Tunnel: IPv6 in IPv4 packet IPv4 Header IPv6 Header Data

  7. IPv6 Network IPv6 Network IPv4 Manually Configured Tunnel Dual-Stack Router1 Dual-Stack Router2 IPv4: 131.243.129.44 IPv6: 2001:DB8:c18:1::3 IPv4:140.110.199.250 IPv6: 2001:DB8:c18:1::2 router1# interface Tunnel0 ipv6 address 2001:DB8:c18:1::3/64 tunnel source 131.243.129.44 tunnel destination 140.110.199.250 tunnel mode ipv6ip router2# interface Tunnel0 ipv6 address 2001:DB8:c18:1::2/64 tunnel source 140.110.199.250 tunnel destination 131.243.129.44 tunnel mode ipv6ip • Manually Configured tunnels require: • Dual stack end points • Both IPv4 and IPv6 addresses configured at each end

  8. IPv4 Manually Configured Tunnel Dual-Stack Host Dual-Stack Router IPv4: 140.111.1.254 IPv6: 2001:288::3/127 IPv4: 163.22.105.10 IPv6: 2001:288::2/127 FreeBSD8.2# ifconfig gif0 create ifconfig gif0 tunnel 163.22.105.10 140.111.1.254 ifconfig gif0 inet6 2001:288::2 2001:288:3a1:210::3 prefixlen 128

  9. 通道代理者(Tunnel Broker)機制

  10. Some Words About Tunnel Brokers • 1 tunnel, 1 route, to all the IPv6 world. • Ease the configuration • Route may not be optimal. • Especially when users build tunnels with different service providers. • TANet has deployed Tunnel Brokers, but the support is not continued. • IPv6 Tunnel Broker 列表 (from: TWNIC IPv6 自學手冊) • 亞太電信 • 遠傳電信 • 台灣大電訊 • 台灣碩網 • 中華電信 • 中研院

  11. Considerations for SOHO • In schools, we get a Layer-3 switch + native IPv6 on FastEthernet. • How can I get IPv6 connection easily at home? • TWNIC IPv6 自學手冊: “如果你在家中想要體驗 IPv6, 可利用Tunnel Broker來獲得服務。” • Tunnel Broker is good for your PC, but how about my IP phone? • Can my home router utilities the abovementioned tunnel broker services provided by ISPs? • 如果IPv6真的像傳說中的那麼神奇及重要,至少得先貼近升斗小民看得到摸得到的高度,讓大家有實際環境可以使用它才行,而不是像現在這樣高高在上。 • Goal: Find a home router which allow users to plug-and-play.

  12. Automatic Tunnels • IPv4 Compatible Tunnel (RFC 2893) • IPv6-over-IPv4 Tunnel (RFC 2529) • 6to4 Tunnel (RFC 3056) • ISATAP (RFC 5214) • Teredo (RFC 4380) • 6RD (IPv6 Rapid Deployment, RFC 5569)

  13. IPv6 Network IPv6 Network IPv4 6to4 Tunnel(RFC 3056) 2002:8C6E:C7FA:2::5 2002:83F3:812C:1::3 6to4 Router1 6to4 Router2 E0 E0 131.243.129.44 140.110.199.250 Network prefix: 2002:83F3:812C::/48 Network prefix: 2002:8C6E:C7FA::/48 IPv4 SRC 131.243.129.44 IPv4 DEST 140.110.199.250 IPv6 SRC 2002:83F3:812C:1::3 IPv6 SRC 2002:83F3:812C:1::3 IPv6 SRC 2002:83F3:812C:1::3 IPv6 DEST 2002:8C6E:C7FA:2::5 IPv6 DEST 2002:8C6E:C7FA:2::5 IPv6 DEST 2002:8C6E:C7FA:2::5 Data Data Data

  14. IPv6 Network IPv6 Network IPv4 6to4 Tunnel 6to4 Router1 6to4 Router2 E0 E0 131.243.129.44 140.110.199.250 Network prefix: 2002:83F3:812C::/48 Network prefix: 2002:8C6E:C7FA::/48 = = router2# interface Ethernet0 ip address 140.110.199.250 255.255.255.0 ipv6 address 2002:8C6E:C7FA:1::/64 eui-64 interface Tunnel0 no ip address ipv6 unnumbered Ethernet0 tunnel source Ethernet0 tunnel mode ipv6ip 6to4 ipv6 route 2002::/16 Tunnel0 6to4 Tunnel: • Is an automatic tunnel method • Gives a prefix to the attached IPv6 network • 2002::/16 assigned to 6to4 • Requires one global IPv4 address on each site

  15. If you have a public IPv4 address Ethernet adapter Ethernet: Connection-specific DNS Suffix . : Description . . . . . . . . . . . : Intel(R) 82577LM Gigabit Network Connection Physical Address. . . . . . . . . : F0-DE-F1-2F-CF-96 DHCP Enabled. . . . . . . . . . . : No Autoconfiguration Enabled . . . . : Yes Link-local IPv6 Address . . . . . : fe80::403e:5a36:3109:994d%12(Preferred) IPv4 Address. . . . . . . . . . . : 140.114.190.2(Preferred) Subnet Mask . . . . . . . . . . . : 255.255.255.0 Default Gateway . . . . . . . . . : DHCPv6 IAID . . . . . . . . . . . : 300998385 DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-14-94-DE-FE-F0-DE-F1-2F-CF-96 DNS Servers . . . . . . . . . . . : 140.114.63.1 140.114.63.10 NetBIOS over Tcpip. . . . . . . . : Enabled 8C:72:BE:02

  16. Your Windows will automatically create a 6to4 tunnel Tunnel adapter 6TO4 Adapter: Connection-specific DNS Suffix . : Description . . . . . . . . . . . : Microsoft 6to4 Adapter Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0 DHCP Enabled. . . . . . . . . . . : No Autoconfiguration Enabled . . . . : Yes IPv6 Address. . . . . . . . . . . : 2002:8c72:be02::8c72:be02(Preferred) Default Gateway . . . . . . . . . : 2002:c058:6301::c058:6301 DNS Servers . . . . . . . . . . . : 140.114.63.1 140.114.63.10 NetBIOS over Tcpip. . . . . . . . : Disabled 192.88.99.1 See RFC 3068

  17. Problems of 6to4 Tunnel • 6to4 is supported by Windows 7 by default, but • It requires a public IPv4 address. • The return path may choose another relay router. • Delay time will increase by 200 ms if a foreign relay router is chosen! • The owner of the relay router may be reluctant to provide the relay services to non-customers • Open-Proxy Issue • If the router filtered out non-customer packets, this becomes a “black-hole”.

  18. RFC 5569 – IPv6 Rapid Deployment (6RD ‏) • RAPID DEPLOYMENT • No change to the core of IPv4 infrastructures (like all tunnel mechanisms) • No new address assignment policy (v4 address ==> v6 site prefix)‏ • Use only v6-v4 border gateway(s) and upgraded CPEs • COMPLETENESS • IPv6 addresses MUST look like other native ones: guaranteed return paths (unlike 6to4)‏ • SCALABILITY • v6-v4 gateways is stateless (like 6to4)‏ • EFFICIENCY • Direct IPv4 routes between ISP 6rd sites (like 6to4)‏ ... and KISS (Keep It Simple and Stupid‏)

  19. (Actual) Rapid Deployment by FREE • Before Nov. 2007: "no short term need for IPv6" • Nov 7th: 6RD principles presented to FREE (French ISP)‏ • Nov 7th at night: FREE asks for an IPv6 prefix => /32 • Nov 18th: "Done!" IPv6 prefixes confidentially available • Dec 4th: Evaluation after early trials • Dec 11th: Press release - IPv6 unicast available Opt-in service to more than 1,500,000 customer sites

  20. SITE IPv6 ACTIVATION HOST IPv6 ACTIVATION (Mac OS X Tiger)‏

  21. ISP _________________/\________________ / \ 6rd unchanged 6rd CPEs v4 infrastructure ISP | | Gateway(s)‏ | | | v6 V V V peering ___ ______________________ ___ | | | | | | | V v6 |--|-. .--------------|--| |-------- |___| | \ / | |___| | \ / 6rd ISP 6rd Customer Sites| O v4 anycast ==> <= ISP prefix ___ | / \ address ___ | | | / \ | | | v6 |--|-' '--------------|--| |-------- |___| | | |___| |______________________|

  22. Address format .<-IPv6 link prefix(64 bits)->.<---------- Host ID --------->. | | | | Subnet| | |<--- Site prefix ---->.<-ID->| | | | | | | 6rd IPv4 | | | | ISP site | | | | prefix address | | | |<-------> <---------->| | | | | | | +---//----+------------+--//--+-------------------------------+ | | 32 bits | ≥ 0 | 64 bits | | | | bits | | +---//----+------------+--//--+-------------------------------+ PPPP:PPPP:AAAA:AAAA:IIII:IIII:IIII:IIII ISP prefix /32; Site prefix /64; No Subnet ID PPPP:PPPA:AAAA:AAAS:IIII:IIII:IIII:IIII ISP prefix /28; Site prefix /60; Subnet ID 4 bits

  23. Extra IPv6 Prefix for TANet 6RD • TANet has 2001:288::/32 • KR has 2001:280::/32 and 2001:290::/32 • TANet can grow up to 2001:288::/29. • Use 2001:28C::/30 for 6RD. • Each customer can have 4 subnets. • CHT has three blocks! • 2001:238::/32 ChungHwa Telecom • 2001:CA0::/32 CHT TL • 2001:B000::/21 HiNet • If TANet can request a /28, then each customer can have 16 subnets. • Maybe TANet should try to request a /22?

  24. 6RD Deployment for TANet • 6RD Border Gateway • Cisco 2811, IOS 15.1(3)T1 • 6RD Customer Edge • WLAN routers which support DD-WRT can easily upgrade firmware to support 6RD • IPv6 Tutorial - http://www.dd-wrt.com/wiki/index.php/IPv6 • ASUS RT-N16 ($2650) • D-Link DIR-615 ($1198) • You may test that with Comcast (the largest cable operator in the US, http://www.comcast6.net/) • Off-Campus Dormitory *100 (TANet 百人團?) • Collaboration with vendors • Traffic monitoring

  25. Conclusion • IPv6 is an on-going future. • All the major operating systems, including Windows, Linux, FreeBSD supports IPv6. • Even your mobile phones (either iPhone or Android) already support IPv6. • Try to catch the opportunities promised by this future. • Consider to develop an “enabling technology” that will facilitate the transition from IPv4 to IPv6.

More Related