1 / 11

Penn State College of Engineering

Penn State College of Engineering. IPv6 Planning and Implementation at PSU. IP Address Allocation History. 1986 – PSU gets Class B network (128.118.0.0) & 5 Class C networks 192.5.157-.161 1988 – Department of Computer Science and Engineering get Class B network (130.203.0.0)

zita
Download Presentation

Penn State College of Engineering

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Penn StateCollege of Engineering IPv6 Planning and Implementation at PSU

  2. IP Address Allocation History • 1986 – PSU gets Class B network (128.118.0.0) & 5 Class C networks 192.5.157-.161 • 1988 – Department of Computer Science and Engineering get Class B network (130.203.0.0) • 1991 – PSU gets additional Class B network (146.186.0.0) & additional Class C network (192.112.253.0) • 2001 – PSU gets a /17 network (66.71.0/0/17) • 2006 – PSU gets IPv6 prefix 2610:8::/32

  3. PSU IPv6 Networking • PSU Public Prefix 2610:8::/32 • 4,294,967,296 /64 subnets • PSU ULA fd0b:7cdb:aefd::/48 • Unique Local Address – local routed addresses • PSU Central Services for IPv6 • DNS • NTP • Web Servers • Wiki • IPv6 Subnets issued to PSU organizations by request

  4. Issued IPv6 Subnets • Earth and Mineral Sciences, Earth Engineering Sciences – 17 Public • Huck Institute – 4 Public • Computer Science & Engineering – 3 Public, 2 ULA • Eberly College of Science – 2 Public, 1 ULA • Advanced Vehicle Technology Design Group – 1 Public • College of Education – 1 Public, 2 ULA • Arts & Architecture – 1 Public

  5. Implementation of IPv6 has been limited outside of University central computer & network operations • No perceived advantages of IPv6 • Required replacement of network equipment not supporting IPv6 • Difficulty of compliance with PSU computing policy AD-20 Deans and Administrative Officers are responsible for: Ensuring technical or procedural means are in place to facilitate determining the User ID responsible for unauthorized activity in the event of a security incident.

  6. Present Realities of IPv6 • US Government mandate for public/external servers to use native IPv6 by end of FY 2012 • International use of IPv6 only networks due to exhaustion of IPv4 addresses • Expanding international presence of Penn State requiring IPv6 compliant services • Use of IPv6 only in expanding 3G/4G networks – Expanding mobile environment • Availability of IPv6 support in all levels of network equipment – Does NOT deal with budget limitations only provides additional options

  7. Present Realities of IPv6 (2) • The logging/tracing of IPv6 addresses has not dramatically improved • NDPmon still appears as the only open available resource • Not updated since 2009 • Requires a presence on each IPv6 subnet • DHCPv6 is an option but not supported by all routers and clients. Could log issued addresses • SLAC is supported by all. We are back to NDPmon. • There is always Static Addressing… • Clients can use multiple address techniques

  8. Where Does This Leave Us • Penn State does not presently require IPv6 support for network connectivity, but it may set a policy requiring IPv6 support • At present there is no recommendation on how to comply with AD-20, but there is also no special allowance for IPv6 • Move forward providing IPv6 access to public services within other University units • Work towards solutions that allow extension of IPv6 to all users

  9. What is the College of Engineering doing now • Presently - Directly interconnect 2 COE Hub locations via fiber creating one network • Presently - Implement firewall cluster sharing a single configuration • Future - Move all public facing central servers to current server vlan • Future - Move oldest public facing DNS server to the server vlan • Future - Implement native IPv6 on the server vlan • Future – Activate Dual-Stack on public servers

  10. Beyond the Public Services • To implement IPv6 across the entire College of Engineering would utilize 30+ IPv6 subnets and the associated monitoring equipment. • Develop procedures to accommodate College users with need for IPv6 before full implementation • Educational/Research requirement • Mobile device • Evaluate security extensions for IPv6 • Avoid IPv6 tunneling • Rogue router announcements

  11. Questions&Thank You Contact Information: Jim Carras jfc2@psu.edu (814) 863-4425 NCTS in the College of Engineering The Pennsylvania State University 152-B Hammond Building University Park, PA 16802

More Related