Download North American Global IPv6 Summit June 24

Survey
yes no Was this document useful for you?
   Thank you for your participation!

* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project

page
1
page
2
page
3
page
4
page
5
page
6
page
7
page
8
page
9
page
10
page
11
page
12
page
13
page
14
page
15
page
16
page
17
Document related concepts

Piggybacking (Internet access) wikipedia , lookup

Wake-on-LAN wikipedia , lookup

Net bias wikipedia , lookup

Distributed firewall wikipedia , lookup

Recursive InterNetwork Architecture (RINA) wikipedia , lookup

Network tap wikipedia , lookup

Microsoft Security Essentials wikipedia , lookup

List of wireless community networks by region wikipedia , lookup

Cracking of wireless networks wikipedia , lookup

Airborne Networking wikipedia , lookup

Service-oriented architecture implementation framework wikipedia , lookup

Zero-configuration networking wikipedia , lookup

Transcript 
IPv6 Deployment
North American Global IPv6 Summit
June 24-27 2003
Jim Bound
Chair IPv6 Forum Technical Directorate / Chair North American IPv6 Task Force
Hewlett Packard Fellow
Chris Mitchell
North American IPv6 Task Force Advisory Council / Microsoft Corporation - Lead Program
Manager: Windows Networking and Communications
Introduction
• Review common perceptions of IPv6
• Justification for IPv6
• Current IPv6 realities
• Review deployment options available
• Discuss current deployment solutions
June 2003
Page 2
Perceptions of IPv6
• Common perceptions:
– Security concepts are often viewed as vastly different
from current practices
– Often described and viewed as a complete
replacement of the current Internet
– Reasons for IPv6 have been eliminated by the
development of Network Address Translation (NAT)
• Implications:
– Benefits of IPv6 often overlooked or questioned
– Companies often have “Wait and see attitude”
– Requires a business justification
June 2003
Page 3
Justification
• There are a number of stated justifications
–
–
–
–
Security from avoidance of NAT
Routing
Stateless Address Configuration
Others……….
• For End Users and IT Professionals justification comes
•
from new experiences or capabilities
Example:
– Review from today’s Keynote:
• Pervasive Collaborative Computing experiences
– Real-Time Communications (RTC)
– Collaboration
– Shared experiences
– These experiences are better with peer to peer communication
– Networks are more efficient using distributed models
• Software updates can be retrieved from closest peer or server
rather than from central location
• Is IPv6 necessary?
June 2003
Page 4
Current challenges
•
The development and deployment of new
experiences is difficult:
•
•
•
–
–
•
NATs deployed within networks (Enterprises, Branch offices,
WiFi Hotspots, etc.)
Networks have a mix of private and public IP addresses
Firewalls prevent end to end connectivity
IT/Network administrators have to engineer point
solutions to enable communication between applications
and/or computers
Developers need to be network experts in order to develop
successful applications
Mobility is increasing but not supported in the
network
–
Users frustrated with broken experiences
June 2003
Page 5
IPv6 meets the challenges
• Enables next generation network-based applications without additional
expense or expertise
• Enables deployment of these applications without major investment in
new network infrastructure
• IPv6 addresses many of the challenges with today’s networks:
– Global addressing (IPv6 has 1038 addresses)
•
•
•
•
Scaling well beyond IPv4 3 billion public endpoints
Allocations allow ISPs to provision many public addresses
Eliminates requirement for NATs and private addresses
Restores connectivity as appropriate
– Secure
• Anonymous addresses provide privacy across multiple sessions
• IPSec enables host-based authentication and security at the IP layer to
augment edge-based security or obscurity
– Mobile solution
• Mobile IPv6 solution does not require additional infrastructure or server-side
routing
June 2003
Page 6
Meeting the challenges, today!
• Applications and solutions are shipping
– Microsoft ThreeDegrees and Peer-to-Peer software development kit
require IPv6 connectivity
– Real-Time communication and Video streaming applications offered by
Agora, Microsoft and others
• Vendors are shipping commercial solutions:
– Checkpoint, Nokia, Ericsson, Agora, WindRiver, Hitachi, Juniper, Cisco,
NEC, Fujitsu, Yamaha, Hexago and more
– Operating systems that support IPv6 platform solutions include AIX,
HP-UX, True64, Windows XP and 2003, OpenVMS, NSK, Solaris,
FreeBSD, NetBSD, Linux and more
• Key takeaway: solutions and applications are available now
– Independent Software Vendors and IT Professionals should take
advantage of the support in core network infrastructure to build better
tools and solutions for customers
NOTE: The vendor list is not exhaustive but rather a sample; most vendors have IPv6 support today; if a vendor
is not listed you should ask them
June 2003
Page 7
Deployment state
• Currently:
– IPv6 deployments are often equated to full native
support of IPv6-only
– Several IPv6-only or native backbones, test networks
and services are in production today
– Mainstream customers and ISPs are not moving to
IPv6 native due to a lack of customer demand and
application support
• Moving forward:
– Deployment of IPv6 will happen with customer need
– Deployment solutions need to be flexible and range
from end-user to IT professional
June 2003
Page 8
How will IPv6 deployments occur?
• Option 1: Transition and co-existence
– Lower barrier to entry; network can change gradually
– Legacy applications and services co-exist
– Additional overhead and management are concerns
• Option 2: Centralized deployment or Cutover
– Simpler network, management
– All applications must be upgraded
– All tools, infrastructure and support systems must be upgraded
or updated
• Option 3: Hybrid
– Begin with transition and co-existence automatically with
applications
• Transition technologies allow Developers to use IPv6 now!
– Enable centralized deployments by getting full IPv6 support into
all vendor hardware, software and tools
June 2003
Page 9
Typical deployment options
• Managed deployment
– Enable IPv6 native or Tunnels within managed
network
– Use central automatic deployment solution like
ISATAP
• Automatic deployment
– IPv6 installed or enabled with applications
– Use well known services like Teredo, Tunnel Broker, or
other transition mechanism
June 2003
Page 10
Managed deployment
• Description:
– Managed deployment is centralized and owned IT manager or
engineer
– Technology can require some configuration and must be
manageable
• Availability:
– Lot of options available to IT managers:
•
•
•
•
Dual stack (i.e. native IPv6 and IPv4)
6to4 Tunneling
ISATAP Tunneling
Native IPv6 with DSTM or NAT-PT
– Network Equipment providers also support these technologies,
for example:
• Cisco, Hitachi, Juniper, 6WIND, and NEC
June 2003
Page 11
Automatic deployment
• Description:
–
–
–
–
Enable applications to depend on connectivity
Requires simple, zero configuration experience for end users
Must work in a variety of network topologies
May not work for all scenarios
• Availability:
– A few solutions available:
• Teredo Tunneling
• Host-based 6to4 Tunneling
• Tunnel Broker
– Example, Microsoft is shipping 6to4, ISATAP and Teredo in
operating systems and with applications
• All are made available to applications written (WinSock, DPlay, .NET
Framework and RPC) to use IPv6
June 2003
Page 12
Solutions: Dual stack
• All major router vendors support native dual stack:
– Cisco = IOS 12.0S;12.2T/S;12.3M depending on hardware series; see
www.cisco.com for specifics
• To enable IPv6:
enable
configure terminal
interface type number
ipv6 enable
exit
ipv6 unicast-routing
– Hitachi = GR2000; see www.internetworking.hitachi.com for specifics
• To enable IPv6:
Configure the port, example:
line e1 ethernet 0/0
IP e1 3ffe:501:811:ff01::/64
RA interface e1
– Juniper = All M-series platforms; see www.juniper.net for specifics
• To enable IPv6:
Configure an IPv6 address into “Inet6” configuration
Configure router discovery under “protocols”
– NEC = BlueFire routers and switches; see www.cng.nec.com for specifics
• To enable IPv6:
(config)#interface vlan 1
(conf-vlan-1)#ipv6 enable
(conf-vlan-1)#interface vlan 2
(conf-vlan-2)#ipv6 enable
(conf-vlan-2)#exit
(config)#ipv6 unicast-routing
– 6WIND = 6WINDgate, edge, and NMS see www.6wind.com for specifics
June 2003
Page 13
Solutions: Tunneling
• 6to4 Tunneling
– Several router vendors support 6to4: Cisco, Hitachi, NEC, 6WIND
• ISATAP Tunneling
– ISATAP can be enabled on:
• Cisco IOS 12.2(15)T
– Enabled using configure command line interface
• Microsoft Windows Server 2003 (www.microsoft.com/ipv6)
– See ISATAP section in your IPv6/IPv4 Coexistence and Migration whitepaper
included in your gift bag
• Linux ISATAP (http://v6web.litech.org/isatap/)
– Kernel 2.4.x with ISATAP (USAGI)
– Modified IPRoute package (USAGI)
– Radvd with ISATAP support (router only)
• Teredo Tunneling
– Teredo tunneling is a Internet draft:
• Available on Windows XP SP1 with Advanced Networking pack
• Enables IPv6 connectivity from behind existing IPv4 NAT devices
• See http://www.ietf.org/internet-drafts/draft-huitema-v6ops-teredo-00.txt for more
information
June 2003
Page 14
Solutions: Native IPv6 to IPv4
• When native IPv6 becomes ubiquitous (or aggressive plan for Native
IPv6) within a network there are a few options available to continue
accessing “Legacy” networks without supporting Dual-Stack
• DSTM:
– Dual Stack Transition Mechanism (DSTM) allows IPv6 hosts within a
network to access IPv4 Hosts by obtaining IPv4 addresses (using
DHCPv6) within a dominant IPv6 native network, to avoid the use of
IPv4 infrastructure or NAT, to communicate with IPv4 Hosts.
– Supported on FreeBSD 3.4 and 4.x (KAME) and Linux
– www.ipv6.rennes.enst-bretagne.fr/dstm/
• NAT-PT:
– NAT-Protocol Translation (NAT-PT) allows IPv6 hosts within a network
using NAT-PT to access IPv4 devices via the NAT-PT enabled device
– Supported on Cisco IOS 12.2T; NEC BlueFire
– http://www.cisco.com/en/US/products/sw/iosswrel/ps1839/products_feature_gui
de_chapter09186a00801179e2.html
June 2003
Page 15
Training, references and resources
• Training:
–
–
–
–
–
–
Cisco: Online Training materials available
Juniper: Class for configuring IPv6 in JUNOS
Tonex: IPv6 Fundamentals (onsite training)
Sunny Connection: IPv6 overview and Market Analysis
Microsoft: Updated Academic Learning Series TCP Title to contain IPv6 fundamentals
releasing November 2003
Native6Group IPv6 Training Courses
• Publications and references:
–
–
IPv6 Essentials written by Silvia Hagen published by O'Reilly & Associates (ISBN 0-59600125-8)
Understanding IPv6 written by Joseph Davies published by Microsoft Press (ISBN 0-73561245-5)
• Development resources:
–
–
–
Microsoft:
• MSDN: .Net Framework and WinSock reference guides
• P2P SDK (overview tomorrow afternoon by Todd Manion)
Linux:
• Several resources available
FreeBSD:
• FreeBSD.org and others have v6 source and information
• IPv6 Forum and NAv6TF
•
• www.ipv6forum.com and www.nav6tf.org
Contact your vendors
June 2003
Page 16
Summary
• IPv6 Deployment will happen with applications
and use of applications
Transition and co-existence technologies are available
and can be used by application developers to restore
connectivity
• Managed deployments can begin now with
existing infrastructure in most situations
June 2003
Page 17
Related documents
Title: ISPs ignore IP timebomb
Title: ISPs ignore IP timebomb
Document
Document
IPv4 to IPv6 Migration strategies
IPv4 to IPv6 Migration strategies
Chapter 9b IPv6 Subnetting
Chapter 9b IPv6 Subnetting
HOW MANY IP ADDRESSES ARE AVAILABLE IN IPV6
HOW MANY IP ADDRESSES ARE AVAILABLE IN IPV6
To ensure that the industry maintains a collective - Labs
To ensure that the industry maintains a collective - Labs
IPv6 Migration: A cost estimate Methodology
IPv6 Migration: A cost estimate Methodology
GBBN IPV6 LAUNCH EVENT GBBN is using Internet Protocol
GBBN IPV6 LAUNCH EVENT GBBN is using Internet Protocol
Internet Exchange Points
Internet Exchange Points
Check Point Virtual Systems Datasheet
Check Point Virtual Systems Datasheet
IPv4-mapped addresses
IPv4-mapped addresses
IPv6Security - Personal.kent.edu
IPv6Security - Personal.kent.edu