Published on April 8, 2008
IPv6 Deployment: IPv6 Deployment North American Global IPv6 Summit June 24-27 2003 Jim Bound Chair IPv6 Forum Technical Directorate / Chair North American IPv6 Task Force Hewlett Packard Fellow Chris Mitchell North American IPv6 Task Force Advisory Council / Microsoft Corporation - Lead Program Manager: Windows Networking and Communications Introduction: Introduction Review common perceptions of IPv6 Justification for IPv6 Current IPv6 realities Review deployment options available Discuss current deployment solutions Perceptions of IPv6: Perceptions of IPv6 Common perceptions: Security concepts are often viewed as vastly different from current practices Often described and viewed as a complete replacement of the current Internet Reasons for IPv6 have been eliminated by the development of Network Address Translation (NAT) Implications: Benefits of IPv6 often overlooked or questioned Companies often have “Wait and see attitude” Requires a business justification Justification: Justification There are a number of stated justifications Security from avoidance of NAT Routing Stateless Address Configuration Others………. For End Users and IT Professionals justification comes from new experiences or capabilities Example: Review from today’s Keynote: Pervasive Collaborative Computing experiences Real-Time Communications (RTC) Collaboration Shared experiences These experiences are better with peer to peer communication Networks are more efficient using distributed models Software updates can be retrieved from closest peer or server rather than from central location Is IPv6 necessary? Current challenges: Current challenges The development and deployment of new experiences is difficult: NATs deployed within networks (Enterprises, Branch offices, WiFi Hotspots, etc.) Networks have a mix of private and public IP addresses Firewalls prevent end to end connectivity IT/Network administrators have to engineer point solutions to enable communication between applications and/or computers Developers need to be network experts in order to develop successful applications Mobility is increasing but not supported in the network Users frustrated with broken experiences IPv6 meets the challenges: IPv6 meets the challenges Enables next generation network-based applications without additional expense or expertise Enables deployment of these applications without major investment in new network infrastructure IPv6 addresses many of the challenges with today’s networks: Global addressing (IPv6 has 1038 addresses) Scaling well beyond IPv4 3 billion public endpoints Allocations allow ISPs to provision many public addresses Eliminates requirement for NATs and private addresses Restores connectivity as appropriate Secure Anonymous addresses provide privacy across multiple sessions IPSec enables host-based authentication and security at the IP layer to augment edge-based security or obscurity Mobile solution Mobile IPv6 solution does not require additional infrastructure or server-side routing Meeting the challenges, today! : Meeting the challenges, today! Applications and solutions are shipping Microsoft ThreeDegrees and Peer-to-Peer software development kit require IPv6 connectivity Real-Time communication and Video streaming applications offered by Agora, Microsoft and others Vendors are shipping commercial solutions: Checkpoint, Nokia, Ericsson, Agora, WindRiver, Hitachi, Juniper, Cisco, NEC, Fujitsu, Yamaha, Hexago and more Operating systems that support IPv6 platform solutions include AIX, HP-UX, True64, Windows XP and 2003, OpenVMS, NSK, Solaris, FreeBSD, NetBSD, Linux and more Key takeaway: solutions and applications are available now Independent Software Vendors and IT Professionals should take advantage of the support in core network infrastructure to build better tools and solutions for customers NOTE: The vendor list is not exhaustive but rather a sample; most vendors have IPv6 support today; if a vendor is not listed you should ask them Deployment state: Deployment state Currently: IPv6 deployments are often equated to full native support of IPv6-only Several IPv6-only or native backbones, test networks and services are in production today Mainstream customers and ISPs are not moving to IPv6 native due to a lack of customer demand and application support Moving forward: Deployment of IPv6 will happen with customer need Deployment solutions need to be flexible and range from end-user to IT professional How will IPv6 deployments occur?: How will IPv6 deployments occur? Option 1: Transition and co-existence Lower barrier to entry; network can change gradually Legacy applications and services co-exist Additional overhead and management are concerns Option 2: Centralized deployment or Cutover Simpler network, management All applications must be upgraded All tools, infrastructure and support systems must be upgraded or updated Option 3: Hybrid Begin with transition and co-existence automatically with applications Transition technologies allow Developers to use IPv6 now! Enable centralized deployments by getting full IPv6 support into all vendor hardware, software and tools Typical deployment options: Typical deployment options Managed deployment Enable IPv6 native or Tunnels within managed network Use central automatic deployment solution like ISATAP Automatic deployment IPv6 installed or enabled with applications Use well known services like Teredo, Tunnel Broker, or other transition mechanism Managed deployment: Managed deployment Description: Managed deployment is centralized and owned IT manager or engineer Technology can require some configuration and must be manageable Availability: Lot of options available to IT managers: Dual stack (i.e. native IPv6 and IPv4) 6to4 Tunneling ISATAP Tunneling Native IPv6 with DSTM or NAT-PT Network Equipment providers also support these technologies, for example: Cisco, Hitachi, Juniper, 6WIND, and NEC Automatic deployment: Automatic deployment Description: Enable applications to depend on connectivity Requires simple, zero configuration experience for end users Must work in a variety of network topologies May not work for all scenarios Availability: A few solutions available: Teredo Tunneling Host-based 6to4 Tunneling Tunnel Broker Example, Microsoft is shipping 6to4, ISATAP and Teredo in operating systems and with applications All are made available to applications written (WinSock, DPlay, .NET Framework and RPC) to use IPv6 Solutions: Dual stack: Solutions: Dual stack All major router vendors support native dual stack: Cisco = IOS 12.0S;12.2T/S;12.3M depending on hardware series; see www.cisco.com for specifics To enable IPv6: enable configure terminal interface type number ipv6 enable exit ipv6 unicast-routing Hitachi = GR2000; see www.internetworking.hitachi.com for specifics To enable IPv6: Configure the port, example: line e1 ethernet 0/0 IP e1 3ffe:501:811:ff01::/64 RA interface e1 Juniper = All M-series platforms; see www.juniper.net for specifics To enable IPv6: Configure an IPv6 address into “Inet6” configuration Configure router discovery under “protocols” NEC = BlueFire routers and switches; see www.cng.nec.com for specifics To enable IPv6: (config)#interface vlan 1 (conf-vlan-1)#ipv6 enable (conf-vlan-1)#interface vlan 2 (conf-vlan-2)#ipv6 enable (conf-vlan-2)#exit (config)#ipv6 unicast-routing 6WIND = 6WINDgate, edge, and NMS see www.6wind.com for specifics Solutions: Tunneling: Solutions: Tunneling 6to4 Tunneling Several router vendors support 6to4: Cisco, Hitachi, NEC, 6WIND ISATAP Tunneling ISATAP can be enabled on: Cisco IOS 12.2(15)T Enabled using configure command line interface Microsoft Windows Server 2003 (www.microsoft.com/ipv6) See ISATAP section in your IPv6/IPv4 Coexistence and Migration whitepaper included in your gift bag Linux ISATAP (http://v6web.litech.org/isatap/) Kernel 2.4.x with ISATAP (USAGI) Modified IPRoute package (USAGI) Radvd with ISATAP support (router only) Teredo Tunneling Teredo tunneling is a Internet draft: Available on Windows XP SP1 with Advanced Networking pack Enables IPv6 connectivity from behind existing IPv4 NAT devices See http://www.ietf.org/internet-drafts/draft-huitema-v6ops-teredo-00.txt for more information Solutions: Native IPv6 to IPv4: Solutions: Native IPv6 to IPv4 When native IPv6 becomes ubiquitous (or aggressive plan for Native IPv6) within a network there are a few options available to continue accessing “Legacy” networks without supporting Dual-Stack DSTM: Dual Stack Transition Mechanism (DSTM) allows IPv6 hosts within a network to access IPv4 Hosts by obtaining IPv4 addresses (using DHCPv6) within a dominant IPv6 native network, to avoid the use of IPv4 infrastructure or NAT, to communicate with IPv4 Hosts. Supported on FreeBSD 3.4 and 4.x (KAME) and Linux www.ipv6.rennes.enst-bretagne.fr/dstm/ NAT-PT: NAT-Protocol Translation (NAT-PT) allows IPv6 hosts within a network using NAT-PT to access IPv4 devices via the NAT-PT enabled device Supported on Cisco IOS 12.2T; NEC BlueFire http://www.cisco.com/en/US/products/sw/iosswrel/ps1839/products_feature_guide_chapter09186a00801179e2.html Training, references and resources: Training, references and resources Training: Cisco: Online Training materials available Juniper: Class for configuring IPv6 in JUNOS Tonex: IPv6 Fundamentals (onsite training) Sunny Connection: IPv6 overview and Market Analysis Microsoft: Updated Academic Learning Series TCP Title to contain IPv6 fundamentals releasing November 2003 Native6Group IPv6 Training Courses Publications and references: IPv6 Essentials written by Silvia Hagen published by O'Reilly & Associates (ISBN 0-5960-0125-8) Understanding IPv6 written by Joseph Davies published by Microsoft Press (ISBN 0-7356-1245-5) Development resources: Microsoft: MSDN: .Net Framework and WinSock reference guides P2P SDK (overview tomorrow afternoon by Todd Manion) Linux: Several resources available FreeBSD: FreeBSD.org and others have v6 source and information IPv6 Forum and NAv6TF www.ipv6forum.com and www.nav6tf.org Contact your vendors Summary: Summary IPv6 Deployment will happen with applications and use of applications Transition and co-existence technologies are available and can be used by application developers to restore connectivity Managed deployments can begin now with existing infrastructure in most situations
... dynamic enable existence family force france freebsd global gré gration grenoble guide hawaii hossam hosts inté internet ipv6deploymentsummit ...