Download IPv6 in Greek School Network (GSN) - seeren-2

Survey
yes no Was this document useful for you?
   Thank you for your participation!

* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project

page
1
page
2
page
3
page
4
page
5
page
6
page
7
page
8
page
9
page
10
page
11
page
12
page
13
page
14
page
15
page
16
page
17
page
18
page
19
page
20
page
21
page
22
page
23
page
24
page
25
page
26
Document related concepts

Wireless security wikipedia , lookup

Multiprotocol Label Switching wikipedia , lookup

Video on demand wikipedia , lookup

Dynamic Host Configuration Protocol wikipedia , lookup

SIP extensions for the IP Multimedia Subsystem wikipedia , lookup

AppleTalk wikipedia , lookup

IEEE 802.1aq wikipedia , lookup

Net bias wikipedia , lookup

Computer network wikipedia , lookup

Wake-on-LAN wikipedia , lookup

Piggybacking (Internet access) wikipedia , lookup

Airborne Networking wikipedia , lookup

Recursive InterNetwork Architecture (RINA) wikipedia , lookup

List of wireless community networks by region wikipedia , lookup

Cracking of wireless networks wikipedia , lookup

Routing wikipedia , lookup

Routing in delay-tolerant networking wikipedia , lookup

Zero-configuration networking wikipedia , lookup

Transcript 
IPv6 in Greek School Network
(GSN)
Dimitrios Kalogeras, Ph.d
Agenda
 Greek School Network
 Differences between IPv4 and IPv6
 IPv6 in GSN
–
–
–
–
Roadmap
Numbering
Routing
Applications
Greek School Network
Backbone: 8 PoPs around
Grnet
Distribution : 52 PoPs
• 9 major
• 43 secondary
75 routers, 71 servers,
Access Technologies:
PSTN, ISDN, Leased
Lines, Wireless
nodes, VDSL, ADSL
6K Primaries and 3.7k
secondaries schools
connected !
GRnet
Distribution Network
www.sch.gr
GSN – cont. - Services
Basic Services Υπηρεσίες
Communication
1.
Dial-up
1.
e-mail (POP3, IMAP, web-mail)
2.
Proxy/Cache
2.
Forums (www.sch.gr/forums)
3.
Web-Filtering
3.
NNews (www.sch.gr/news)
4.
Web-Page Generator
4.
5.
Web-Hosting
Instant Messaging
(www.sch.gr/im)
6.
Portal (www.sch.gr)
5.
Teleconfernce
(www.sch.gr/conf)
6.
Voice over IP
Infrastructure
1.
DNS
2.
Directory Service (LDAP)
3.
User registration service
4.
Statistics (www.sch.gr/statistics)
5.
Help-Desk
(www.sch.gr/helpdesk)
6.
Ανεπτυγμένες
1.
E-learning (www.sch.gr/e-learning)
2.
Video on Demand – VoD
(www.sch.gr/vod)
3.
Secure Content Delivery with
Reliable multicast
(www.sch.gr/scd)
4.
Real time services
(www.sch.gr/rts)
GIS
Why IPv6
 Every school has ΝΑΤ / PAT due to address
shortage
 Difficult debugging
 New P2P applications do not work with servers
behind Pat PAT
 New Vista Windows
 New security and Management Features
 Easier P2P application development
 Enough address space without ΝΑΤ for every
school and pupils …
Why not IPv4
 New environment ADSL, Always-On
 no statistical multiplexing of addressing through
address pools
 Need for static adresses
Differences btw. IPv4 and IPv6 (1)
 small differenced IPv4 and IPv6
– From the ISP’s point of view.
 Address size of IP addresses
– extension of address space from 32bit to 128 bit
– Change in the representation of addresses:




from decimal to hexademical format
IPv4: 192.168.128.254
IPv6: 2001:db8:0:d802:2d0:b7ff:fe88:eb8a
check RFC3513 “IPv6 Addressing Architecture”
 Native IPSEC usage  better security with
encryption and identification of peers.
Differences btw. IPv4 and IPv6 (2)
 IPv6 address space
 sTLA (sub TLA)
 production address space (/20-/35)
 for ISPs
– around 700 prefixes assigned
 Routing tale size
 IPv4: around 150,000 routes
 IPv6: around 600 routes
– multiples /35 in Τier-1
– Multiples of /48 in Tier-2 networks
Differences btw. IPv4 and IPv6 (3)
 Given the bigger address space size, address
delegation is structured
 IPv4
– Small blocks from Ripe
– Non standard sizes lead to inefficient address usage
size
 IPv6
– bigger block sizes
– homogenous blocks
Differences btw. IPv4 and IPv6 (4)
 Address size assignements
– LAN: /64
 Automatic address assignment (stateless auto-configuration)
– End Site: multiples of /48
– ISPs
 multiples of /35
– Point-toPoint
 /126
 /64 (stateless auto-configuration)
IPv6 in GSN
Roadmap
– Step 1: ΙPv6 addressing, routing plan,
transition study
– Step 2: Implementation of distribution
networks in Dual Stack
– Step 3: school selection and preparation
– Step 4: IPv6 activation in services
Addressing IPv6 (1)
 Two cases
–
–
–
–
/48 for every PoP and a /48 in the backbone
in every /48 one /52 in distribution nodes
Up to 16 distribution nodes for every core node
/62 for every school =>
 4 LANs per school (loopback, student lab, Administration
Office, server Lans)
– 1024 schools per regions.
Addressing IPv6 (2)
 a /35 for the GSN
 RIPE allows a /48 every non single node
customer (that s even for a school)
 Conservative policy of /56 for future needs
 Multiple /48 for every PoP
Routing (1)
 IGP (Internal Gateway Protocol)
 OSPFv3 selection (for IPv6 only) minimal with
OSPFv2 (IPv4 only)
 Route management (i.e. nssa)
 To IS-IS demands a “D – Day” for transition,
alternatively support for incongruent network
graps in terms of IPv6 and IPv4 capabilities
(multi-topology extension)
– OSPFv3 provides smoother transition
Routing (2)
 EGP (Exterior Gateway Protocol)
 BGP-MP
– Separate routing for IPv4 and IPv6
– But possible routing information transfer on top of IPv4
!!!
ΙPv4 connection for IPv4 routes exchange
ΙPv6 connection for IPv6 routes exchange
 smooth transition without affecting current
routing
 Same routing policy
Access (1)
 Differences ΙPv4
 /128 for a single Pc ( provisioning costs)
 With PPP for IPv6 , no ΙPCP address delegation but a
/64 prefix delegation and stateless-autoconfiguration for
the rest 64 bits (= interface-id)
 interface-id configuration dynamically or statically (via
ΑΑΑ)
 Prefix delegation to a router for automatic addressing in
the internal interfaces (INDEPEDENTLY from the PPP !!!)
Access (2)
/64 for the Line
/56 (/48) for the
network
Network
Access
Provider
`
Dial- in
Home
Router
/64 for the line and (/
48) /56 for networks
inside every school
/64 foe the
access network
+ 64 interface-id
PPP (IPv6CP)
/64 for every LAN
+ 64 Auto Conf
DHCPv6-PD
Radius
Server
ISP Router
Transition (1)
 Adoption of dual-stack strategy
 Support from software vendors
 Requirement for more memory and CPU in
routers
 Upgrade IOS in routers ONLY (not in switches)
Transition (2)
 Dual stack activation in routers
 Configuration of p2p interfaces and LAN
interfaces
 Activation of OSPFv3
 Tuning of internal security with acls in LANs
Transition (3)
 Services – servers
 End user service transition
 dns, mail, ftp, http
 Minor support for management services
– Radius, snmp
– Radius (support of attributes)
 DNS : a crucial for IPv6 transisition
Transition (4)
DNS – A very useful and important service
 Large address size -> in valuable DNS
 Two choices
– Usage of AAAΑ and PTR records with transport over IPv4 (new
zone for ipv6.int)
– Usage of IPv6 as transport protocol
 First case adopted form Windows XP ΧΡ
 Second case supported form *UNIXes and Vista
 Support of ΑΑΑΑ and Α ?  Default usage of ΙPv6 !!
(RFC 3484)
 Attention: activate IPv6 in services and later on update
appropriate DNS records
Transition (5)
 Servers - Services
– discrimination: Multiple services on one box against
one service per box.
 Multiple Service
–
–
–
–
dual stack activation
Address configuration (stateless vs. static)
Service activation
Initial dns allocation with different name i.e. serviceipv6.
– Monitoring of operation and further adoption of ΑΑΑΑ
record for the same name
Transition (6)
 MAIL – service
– Smtp, PoP, IMAP
 SMTP
– Qmail , a patch from http://pyon.org/fujiwara/
 PoP, IMAP
– Courier with ipv6 support
– Clients ready: Thunderbird, mozilla
 Web service
–
–
–
–
–
Apache + jboss
Αλλαγή σε apache 2.0
J2SDK/JRE 1.4 release, support of IPv6 in Java Networking
Tomcat ver.5 OK
Client: Firefox
 IM
– Jabber OK
Transition (7)
 Radius
– Attributes specific with IPv6 ( interface-id, prefix-id,
ipv6-route, etc)
– Update of specific files (dictionary)
– for dhcp-pd a new attribute was added (i.e. for user
user1 user1-dhcpv6 was added which fixes the prefix
to every user.
 Dialup-admin
– User management application
– 2 new attributes (interface-id και prefix-id)
ToDO
 Content Filtering
– Squid, SquidGuard
– beta squid 3 support
– LDAP activation
 Deployment of IPv6 capable routers in a limited
number of schools!!
Questions???
Related documents
IPv6 Site Renumbering Gap Analysis
IPv6 Site Renumbering Gap Analysis
Title: ISPs ignore IP timebomb
Title: ISPs ignore IP timebomb
IPv4 to IPv6 Migration strategies
IPv4 to IPv6 Migration strategies
HOW MANY IP ADDRESSES ARE AVAILABLE IN IPV6
HOW MANY IP ADDRESSES ARE AVAILABLE IN IPV6
Chapter 9b IPv6 Subnetting
Chapter 9b IPv6 Subnetting
B.E. Sixth Semester
B.E. Sixth Semester
IPv6 Migration: A cost estimate Methodology
IPv6 Migration: A cost estimate Methodology
Ip addressing
Ip addressing
To ensure that the industry maintains a collective - Labs
To ensure that the industry maintains a collective - Labs
Internet Exchange Points
Internet Exchange Points
IPv4-mapped addresses
IPv4-mapped addresses
IPv6Security - Personal.kent.edu
IPv6Security - Personal.kent.edu