1 / 27

IPv6 introduction in ONE

IPv6 introduction in ONE. Author: Goran Rumenovski Packet Transport Network Engineer e-mail:goran.rumenovski@one.mk Co-Author: Vladimir Stefanov Packet Transport Network Engineer e-mail:vladimir.stefanov@one.mk. WIFI SSID: IPv6 ONE Telecommunication services key: ipv6ipv6.

ismail
Download Presentation

IPv6 introduction in ONE

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. IPv6 introduction in ONE Author: Goran RumenovskiPacket Transport Network Engineere-mail:goran.rumenovski@one.mkCo-Author: Vladimir StefanovPacket Transport Network Engineere-mail:vladimir.stefanov@one.mk

  2. WIFI SSID: IPv6 ONE Telecommunication services key: ipv6ipv6

  3. On 03 Feb 2011 RIPE NCC (Network Coordination Center) stated that in next period IPv4 address space will be exaustedhttp://www.ripe.net/internet-coordination/ipv4-exhaustionWhat does this mean?When the RIPE NCC starts to allocate from the last /8 of IPv4 address space, an LIR may receive only a /22 (1,024 IPv4 addresses), even if they can justify a larger allocation. No new IPv4 Provider Independent (PI) space will be assigned.

  4. In our company this statement raised an alarm and pushed us to find solutionSOLUTION:- NAT IPv4 implementation- IPv6 deployment

  5. 1st solution: NAT (Network Address translation)Drawbacks and limitations:1. P2P applications work slower or do not work at all2. Usage of private IPv4 space3. Clients will newer be in position to publish services (port forward needed)4. Shared public IPv4 address5. Every SP that have available public IPv4 address will have competitive advantage

  6. 2nd solution: IPv6 deploymentChallenges :1. Skills and knowledge for this new technology2. Deployment in real network3. Bring this technology closer to the customer4. CPE dual stack awareness

  7. IPV6 development in ONE:2009: Getting aware about new technology2010: First Ipv6 Tunnel using tunnel broker and first published web site2011: IPv6 allocation from RIPE. Native IPv6 peering.Participate in World IPv6 day. 3 star Ripenness2012: Dual Stack enabled enterprises services. Participation in World IPv6 day. 4 star Ripennes

  8. How to get started:- IPv6 Discovery- IPv6 Assestment- IPv6 Planning and Designing * dual stack, hybrid, block model * get your own v6 prefix- IPv6 Implementation- Network optimization

  9. IPv6 prefix assignements:- Service provider (LIR): /32- Large end user, Organization: /48- Small end user: /56- SOHO: /64 or /60Do not count available hosts per subnet…………..It doesn’t have sense!!!!

  10. Planning and Designing your own IPv6 infrastructure:- understanding IPv6 128 bit length format- addresing by location (example:2A01:5B8:FEED:HEX1(location)HEX2(desktop/server/DMZ/infrastructure)HEX3&4(Vlan number)::(host IPv6)/64- addresing by type(example:2A01:5B8:FEED:HEX1&2(desktop/server/DMZ/infrastructure)HEX3&4(location)::(host IPv6)/64

  11. Where to go next:- Test applications- Evaluate impact on existing infrastructure- Endure new purchases are IPv6 compatible (HW/SW)- Train your staff- Start small- enable your website * Dual stack * native IPv6 or NAT-PT- Enable Internal connectivity. Pilot IPv6 in your network- Contact your service provider and investigate possibilities for NAT64/DNS64

  12. IPv6 Transition Techniques- Dual stack- Tunnel/Encapsulation * configured tunnels * automatic tunnels 6 to 4 ISATAP Tunnel Broker with TSP Teredo * NAT64- Application layer gateways * Proxy * Load balancer

  13. Some security consideration- Controlling access v4 and v6- Eliminate undesired traffic- Configure your IPv4 Firewall to drop protocol 41 to prevent internet hosts from using IPv6 over IPv4 tunneled traffic * 6 to 4 (protocol 41), ISATAP (protocol 41) * Terredo (UDP port 3544)- Misconfigured network devices and DNS server- Statefull firewall between private IPv6 hosts and internet

  14. PREPARATION/DEPLOYMENT IN ONE for IPv6 day 2011 (08 June)Steps undertaken on eBGP routing equipment (upstream peering):Step 1a.IPv6 BGP implementation to Telekom Slovenia (leader in ipv6 implementation at that time)interface Port-channel 1.487 description upstream - TelekomSlovenija ipv6 address 2A00:EE0:5:18::2/64 ipv6 enable interface Loopback2 description LOOPBACK_ipv6 ipv6 address 2A01:5B8::1/64 ipv6 enablerouter bgp 16333 neighbor 2A00:EE0:5:18::1 remote-as 5603neighbor 2A00:EE0:5:18::1 description IPV6-TELEKOM_SLOVENIJA

  15. PREPARATION/DEPLOYMENT IN ONE for IPv6 day 2011 (08 June)Steps undertaken on eBGP routing equipment (upstream peering):Step 1b.IPv6 BGP implementation to Telekom Slovenia (leader in ipv6 implementation at that time)address-family ipv6no synchronization network 2A01:5B8::/32 neighbor 2A00:EE0:5:18::1 activate neighbor 2A00:EE0:5:18::1 soft-reconfiguration inbound exit-address-family ipv6 route 2A01:5B8::/32 Null0 240 #sh bgp ipv6 unicast summaryeighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd2A00:EE0:5:18::1 4 5603 175953 17967 2043948 0 0 5d17h 8967

  16. PREPARATION/DEPLOYMENT IN ONE for IPv6 day 2011 (08 June)Steps undertaken on eBGP routing equipment (upstream peering):Step 2 IPv6 implementation on CORE routers (static routes)main bgp router#ipv6 route 2002::/16 Tunnel102ipv6 route 2A01:5B8:D910::/48 2A01:5B8:0:1::Fipv6 route 2A01:5B8:FAAA::/48 2A01:5B8:FAAA:101::1ipv6 route 2A01:5B8:FEED::/48 2A01:5B8:FEED:101::1core router# interface GigabitEthernet1/24 description Link to Yoda ipv6-gateway no ip address ipv6 address 2A01:5B8:0:1::1/64 ipv6 enable default route:ipv6 route ::/0 2A01:5B8:0:1::2

  17. PREPARATION/DEPLOYMENT IN ONE for IPv6 day 2011 (08 June)Steps undertaken on routing equipment:Step 4 Bypass IPv4 infrastructure with 6to4 tunnels interface Tunnel100 description TUNNEL_IPV6IP_FOR_IT (IPV6_SUBNET_2a01.5b8.feed::/48) no ip address ipv6 address 2A01:5B8:FEED:101::2/64 ipv6 enable tunnel source 217.16.64.24 tunnel destination 212.158.191.162 tunnel mode ipv6ip

  18. IPv6 real connectivity test and troubleshooting on network equipment#traceroute ipv6 ipv6.google.comTranslating "ipv6.google.com"...domain server (217.16.69.3) [OK]Type escape sequence to abort.Tracing the route to ipv6.l.google.com (2A00:1450:4016:800::1010) 1 2A00:EE0:5:18::1 [AS 5603] 16 msec 16 msec 16 msec 2 2A00:EE0:0:216::2 [AS 5603] 20 msec 32 msec 20 msec 3 de-cix20.net.google.com (2001:7F8::3B41:0:2) [AS 5603] 84 msec 80 msec 76 msec 4 2001:4860::1:0:10 [AS 5603] 36 msec 2001:4860::1:0:11 36 msec 2001:4860::1:0:10 36 msec 5 2001:4860::8:0:3015 [AS 5603] 36 msec 36 msec 36 msec 6 2001:4860::1:0:336C [AS 5603] 136 msec 44 msec 44 msec 7 2001:4860:0:1::535 [AS 5603] 44 msec 44 msec 44 msec 8 2A00:1450:8000:1E::4 [AS 5603] 88 msec 88 msec 88 msec

  19. IPv6 real connectivity test and troubleshooting on network equipmentping ipv6 ipv6.google.comType escape sequence to abort.Sending 5, 100-byte ICMP Echos to 2A00:1450:4016:800::1010, timeout is 2 seconds:!!!!!Success rate is 100 percent (5/5), round-trip min/avg/max = 44/44/44 ms#ping ipv6 ipv6.on.net.mkTranslating "ipv6.on.net.mk"...domain server (217.16.69.3) [OK]Type escape sequence to abort.Sending 5, 100-byte ICMP Echos to 2A01:5B8:FAAA::D910:5F4C, timeout is 2 seconds:.H.H.Success rate is 0 percent (0/5)#ping ipv6 ipv6.one.mkTranslating "ipv6.one.mk"...domain server (217.16.69.3) [OK]Type escape sequence to abort.Sending 5, 100-byte ICMP Echos to 2A01:5B8:FEED:1303::28, timeout is 2 seconds:!!!!!

  20. - Official participation for World IPv6 day in 2011 (8 June)http://www.worldipv6day.org/ipv6-enabled-websites/index.htmlIPv6 Enabled WebsitesThe IPv6 standards have been stable for many years.  Networks, websites, equipment and operating system vendors have been developing and deploying IPv6 during the standards development process and continue to do so.Here is a set of websites that have IPv6 enabled today and who have contacted us supporting the World IPv6 Day effort.  You can visit them using IPv6 today:Show entriesSearch: IPv6 Enabled Websites on.net.mk Showing 1 to 1 of 1 entries - How to check that portal is ipv6 ready:1. http://ipv6.one.mk2.http://ipv6.on.net.mk3.http://ipv6.google.com

  21. http://ripeness.ripe.net/pies.html https://labs.ripe.net/Members/becha/ipv6-ripeness-how-to-reach-the-stars http://ripeness.ripe.net/4star/MK.html

  22. FUTURE PLANS for IPv6 expansion in ONE:- Dual stack deployment in Packet Mobile (GGSN, SGSN) - Dual stack deployment for PPPoEusers (BRASs)- Dual stack deployment on all hosted web portalsFirst commercial request for deployment of IPV6/IPv4 dual stack awareness came from Google for their GGC (Google global cash) nodes deployed in ONE

  23. IPv6 is a must, not an option!!!!Question remains, will we be ready for IPv6, or we will wait to be surprised by IPv6?ACT NOW!!!!!

  24. ? THANK YOU

More Related