IPv6 Deployment: PLDT - start [APNIC TRAINING WIKI] Performance •LinkedIn Senior Director of...

IPv6 Deployment: PLDTAPNIC Technical Assistance Programme11 May 2017

Tashi [email protected]

Agenda

• Where are we now?• IPv6 in Core Network• IPv6 in Mobile Network• IPv6 in Broadband Network• IPv6 Address Planning

2

IPv6 adoption statistics by Google

3

https://www.google.com/intl/en/ipv6/statistics.html

End user readiness: APNIC Labs

4

2 May 2017: 11.91

60% increase in last 12 months!

https://stats.labs.apnic.net/ipv6/

IPv6 economy league table

5

https://stats.labs.apnic.net/ipv6/

India

6

https://stats.labs.apnic.net/ipv6/IN

Top 1000 websites IPv6

7

http://www.worldipv6launch.org/measurements/

Industry Trend

8

http://gs.statcounter.com/platform-market-share/desktop-mobile-tablet/

IPv6 Performance• Enough data collected to analyze IPv6 performance

• APNIC’s Chief Scientist, Geoff Huston’s study– @APRICOT2016 (Feb 2016)

9

• Is IPv6 as fast as IPv4?– IPv6 unicast – Comparison of RTT since 2012

• From SYN-ACK exchanges

– IPv6 is faster about half of the time– IPv6 as fast as IPv4

IPv6 Performance• LinkedIn Senior Director of Infrastructure Engineering,

Zaid Ali Kahn– @APRICOT42 (September 2016)

10

• IPv6 at LinkedIn:– For some select networks in Europe, LinkedIn is seeing up to

40% performance improvements over IPv6, and in the US, up to 10%

– TCP timeout on IPv4 over mobile carrier networks is as high as 4.6% and IPv6 timeouts are on a much lower side at 1.6%• if the data isn't acknowledged when the timeout expires, it retransmits

the data

https://blog.apnic.net/2016/05/13/linkedin-ipv6-measurements/

www.apnic.net/ipv6

11

Agenda


12

IPv6 in Core Network - BGP

• MP-BGP (RFC4760):– IPv4 and IPv6 Address Families

• Defines two separate protocols:– Carrier/Transport protocol (TCP session)– Passenger protocol (NLRI/routing information)

• IPv4 or IPv6 routes

• Still relies on TCP (179)!– for BGP sessions

13

MP-BGP

• Need to ‘activate’ BGP neighbors to exchange routes– respective address families

• Same path attributes– Path selection logic remains same!

• Routing policies are applied under respective address family– next-hop, route-maps, prefix-list, filter-list– processing order remains the same!

14

MP-BGP: Path Attributes

15

Well-known Mandatory

Well-known Discretionary

Optional Transitive

Optional Non-transitive

AS_PATHNEXT_HOP

ORIGIN

LOCAL_PREFATOMIC_AGGREGATE

COMMUNITYAGGREGATOR

MED

Always included in MP-BGP updates Can be included (for path control)!

MP-BGP: Influencing Path

16

Routing Table

Local Router

PeerPeer

Inbound updates

Outbound updates

(best paths)BGP Table

Prefix-list

Filter-list

Route-maps

Best Paths

MP-BGP: Advertising Networks

• The network statement (still) for both AFs– Injects routes into BGP table and advertise only if they

already exists in the routing table!

17

router bgp 17821neighbor 2406:6400::1 remote-as 17821neighbor 172.16.15.1 remote-as 17821!address-family ipv4network 172.16.0.0 mask 255.255.255.0neighbor 172.16.15.1 activate

exit-address-family!address-family ipv6network 2406:6400:800::/48neighbor 2406:6400::1 activate

exit-address-family

• BGP scalability techniques still the same– Route Reflection (iBGP)– Peer-groups (eBGP/iBGP)

18

router bgp 17821neighbor RR-CLIENT peer-groupneighbor RR-CLIENT remote-as 17821neighbor RR-CLIENT update-source Loopback0neighbor RRv6-CLIENT peer-groupneighbor RRv6-CLIENT remote-as 17821neighbor RRv6-CLIENT update-source Loopback0neighbor 2001:6400::1 peer-group RRv6-CLIENTneighbor 2001:6400::5 peer-group RRv6-CLIENTneighbor 172.16.15.1 peer-group RR-CLIENTneighbor 172.16.15.5 peer-group RR-CLIENT

MP-BGP: Scaling (iBGP)

address-family ipv4neighbor RR-CLIENT route-reflector-clientneighbor RR-CLIENT next-hop-selfneighbor 172.16.15.1 activateneighbor 172.16.15.5 activate

!address-family ipv6neighbor RRv6-CLIENT route-reflector-clientneighbor RRv6-CLIENT next-hop-selfneighbor 2001:6400::1 activateneighbor 2001:6400::5 activate

!

19

router bgp 17821neighbor IX-PEERS peer-groupneighbor IX-v6PEERS peer-groupneighbor 2001:20::1 remote-as 200neighbor 2001:78::1 remote-as 300neighbor 2001:78::1 peer-group IX-v6PEERSneighbor 1.1.1.1 remote-as 200neighbor 17.7.1.1 remote-as 300neighbor 17.7.1.1 peer-group IX-PEERS!address-family ipv4network 172.16.0.0 mask 255.255.255.0neighbor IX-PEERS route-map IX-IN inneighbor IX-PEERS filter-list 8 outneighbor 1.1.1.1 prefix-list IPv4IN inneighbor 1.1.1.1 route-map TRANSIT-IN inneighbor 1.1.1.1 filter-list 8 outneighbor 1.1.1.1 activateneighbor 17.7.1.1 activate!

MP-BGP: Scaling and Policing (eBGP)

address-family ipv6network 2001:6400::/32neighbor IX-v6PEERS route-map IX-IN inneighbor IX-v6PEERS filter-list 8 outneighbor 2001:20::1 prefix-list IPv6IN in neighbor 2001:20::1 route-map TRANSIT-IN inneighbor 2001:20::1 filter-list 8 outneighbor 2001:20::1 activateneighbor 2001:78::1 activate!

20

ip as-path access-list 8 permit ^$!ip route 172.16.0.0 255.255.255.0 Null0ipv6 route 2001:6400::/32 Null0!ip prefix-list IPv4-IN seq 10 deny 0.0.0.0/0ip prefix-list IPv4-IN seq 20 deny 127.0.0.0/8 le 32ip prefix-list IPv4-IN seq 40 deny 192.168.1.0/22 le 32ip prefix-list IPv4-IN seq 60 permit 0.0.0.0/0 le 32!ipv6 prefix-list IPv6IN seq 10 deny 2001:DB8:/32 le 128ipv6 prefix-list IPv6IN seq 20 permit 2000::/3 le 48ipv6 prefix-list IPv6IN seq 30 deny ::/0 le 128!route-map IX-IN permit 10set local-preference 250!route-map TRANSIT-IN permit 10set local-preference 150!

MP-BGP: Scaling and Policing (eBGP)

MP-BGP: Origin Validation

• ROAs can be created and validated for IPv6– same as IPv4

21

router bgp 17821bgp rpki server tcp 172.16.1.2 port 43779 refresh 60neighbor 2001:20::1 remote-as 200neighbor 10.1.1.1 remote-as 200!address-family ipv4bgp bestpath prefix-validate allow-invalidneighbor 10.1.1.1 route-map VALIDATE-IN inneighbor 10.1.1.1 activate

!address-family ipv6bgp bestpath prefix-validate allow-invalidneighbor 2001:20::1 route-map VALIDATE-IN inneighbor 2001:20::1 activate

!

route-map VALIDATE-IN permit 10match rpki validset local-preference 250!route-map VALIDATE-IN permit 20match rpki not-foundset local-preference 100!route-map VALIDATE-IN permit 30match rpki invalidset local-preference 90

sh ip bgp rpki serversh bgp ipv6|ipv4 unicast rpki tablesh ip bgp <prefix>sh bgp ipv6 unicast <prefix>

22

RPKI-to-Router

RPKI Cache Server

(Validator)

10.10.0.0/19-20

2914

.1/:1

.2/:2

AS2914

AS9299

Origin Validation - RPKI

Global RPKIRepository

ROA

10.10.0.0/19-20

2914

MP-BGP: Tables

• Separate tables for respective AFs– Neighbor table, BGP Table, Routing Table

23

sh bgp ipv6 unicast summary (IPv6 BGP neighbors)sh bgp ipv6 unicast (IPv6 BGP table)sh ipv6 route (IPv6 routing table)sh ipv6 route bgp (BGP learned IPv6 routes)

sh bgp ipv4 unicast summary (IPv4 BGP neighbors)sh bgp ipv4 unicast (IPv4 BGP table)sh ip route (IPv4 routing table)sh ip route bgp (BGP learned IPv4 routes)

IPv6 in Core Network - IGP

• Both IS-IS (RFC5308) and OSPFv3 (RFC5340) support IPv6

– IS-IS as separate address families (dual stack)

– both OSPFv2 (RFC2328) and OSPFv3 for dual stack • OSPFv3 with AF (RFC5838)

24

OSPFv3

• Still runs on top of IP/Network Layer– Protocol number 89

• Metric still based on interface cost

• OSPFv3 messages are sent to well-known multicast– FF02::5 (all OSPF routers)– FF02::6 (DR/BDR)

• OSPFv3 uses link-local for neighbor adjacency– FE80::/10– Messages sourced using link-local

25

OSPFv3 MessageOSPFv3 HeaderIP Header

OSPFv3

• Renames Type 3 and Type 4 LSAs (same function)– Type 3 (Inter-area summary: Inter-area prefix)– Type 4 (ASBR summary: Inter-area router)

• Router-ID is still 32 bit– Either configured router-id, or– Highest IPv4 loopback/physical interface

• Process-ID still only locally significant

• Does NOT use network command to enable OSPF process and advertise networks– need to enable per interface!

26

OSPFv2/v3: Dual stack

• Either natively– Run both OSPFv2 and OSPFv3 processes– Separate LSDB for each AF

• OR use OSPFv3 with AFs – Consolidates OSPF configuration– Single LSDB for both AFs– Need to enable per interface (even for IPv4)– IOS 15.1 and later– JunOS 9.2 and later

27

Native OSPFv2 and OSPFv3

28

router ospf 17821passive-interface default no passive-interface FastEthernet0/0 no passive-interface Ethernet1/0 network 172.16.10.0 0.0.0.3 area 1 network 172.16.12.0 0.0.0.255 area 0network 172.16.15.2 0.0.0.0 area 0 !ipv6 router ospf 17821passive-interface loopback0

ipv6 unicast-routing!interface Loopback0 ip address 172.16.15.2 255.255.255.255ipv6 address 2406:6400::2/128 ipv6 ospf 17821 area 0!interface FastEthernet0/0 ip address 172.16.12.1 255.255.255.0ipv6 address 2406:6400:2::1/64ipv6 ospf 17821 area 0!interface Ethernet1/0 ip address 172.16.10.1 255.255.255.252ip ospf network point-to-point ipv6 address 2406:6400:E::1/64 ipv6 ospf 17821 area 1 ipv6 ospf network point-to-point

Verify:-------sh ip/ipv6 ospf neish ip/ipv6 ospf databasesh ip/ipv6 route sh ip/ipv6 route ospfsh ip/ipv6 ospf (area details)

OSPFv3 Address Family

29

router ospfv3 17821address-family ipv4 unicastpassive-interface loopback0!address-family ipv6 unicastpassive-interface loopback0

!

ipv6 unicast-routing!interface Loopback0 ip address 172.16.15.2 255.255.255.255ipv6 address 2406:6400::2/128 ospfv3 17821 ipv4 area 0ospfv3 17821 ipv6 area 0!interface FastEthernet0/0 ip address 172.16.12.1 255.255.255.0ipv6 address 2406:6400:2::1/64ospfv3 17821 ipv4 area 0ospfv3 17821 ipv6 area 0!interface Ethernet1/0 ip address 172.16.10.1 255.255.255.252ipv6 address 2406:6400:E::1/64 ospfv3 17821 ipv4 area 1ospfv3 17821 ipv6 area 1ospfv3 network point-to-point

Verify:-------sh ospfv3 nei (both AFs)sh ospfv3 databasesh ip/ipv6 route sh ipv6 route ospfsh ip route ospfv3sh ospfv3 (area details)

IS-IS for IPv6• Still runs on top of data-link Layer

– Agnostic to layer-3 protocols

• Two new TLVs defined to carry IPv6 (RFC5308)– IPv6 Reachability TLV (directly connected routes)– IPv6 Interface Address TLV (link-local for IIH)

• IS-IS messages are still sent to well-known L2 multicast– 0180:C200:0014 (L1- Area)– 0180:C200:0015 (L2- Backbone)

• Routing hierarchy remains the same– Only L1>L2 allowed– not reverse: ATT bit from L1-L2/L2 to L1

30

TLV (subTLV)IS-IS HeaderFrame Header

Frame Trailer

• Only one NSAP/NET (network entity title) still used– all routing messages sourced with the NET

– 49.0001.2021.4412.8001.00

• Both narrow and extended/wide metric still supported– 1-63, or 1-16777214

• Single LSDB for all topological (address) information– LSPDU carries all as TLV records– NO new LSPDU types defined– L1L2 maintains separate LSDB for each

31

IS-IS for IPv6

AFI (1 byte)

Area-ID(variable)

Sys-ID (6 bytes)

N-SEL (1 byte)

IS-IS: Dual stack

• Similar configuration for both IPv4 and IPv6

32

interface Loopback0 ip address 172.16.15.2 255.255.255.255ipv6 address 2406:6400::2/128 !interface Ethernet1/0 ip address 172.16.10.1 255.255.255.252ip router isis 17821ipv6 address 2406:6400:E::1/64ipv6 router isis 17821isis network point-to-pointisis metric 1 level-2isis ipv6 metric 1 level-2!

router isis 17821net 49.0001.1720.1601.5002.00is-type level-2-onlymetric-style wideset-overload-bit on-startup wait-for-bgppassive-interface loopback0!address-family ipv6set-overload-bit on-startup wait-for-bgp!

Verify:-------sh clnssh clns interface [int-id]sh clns nei [detail]sh isis neish isis database [detail]sh ip/ipv6 route isis

Agenda


33

IPv6 in Mobile Networks: Technology

34

IPv6 in Mobile Networks: Deployment

35

Dual-stack in mobile network

• Does not solve IPv4 depletion issue

• But effective– None of the problems of CG-NAT

36

464XLAT (RFC6877)

37

CLAT (NAT64)v4p

(v4 sockets)

v6

IPv6 Mobile Core

GGSNIPv4

Internet

IPv6 Internet

Mobile Phone

DNS 64

PLAT (NAT64)

IPv4 embedded IPv6:IPv6 /96 + 32 bit IPv4

(RFC6052)

Stateless NAT64(RFC6145)

Statelful NAT64(RFC6146)

CLAT (Stateless NAT64) (RFC6145)

• When IPv4 connection is required (an IPv4 socket)– CLAT function provides private IPv4 address (and default

route for applications to bind to)– a dedicated prefix (/64 or /96) for stateless translation

(DHCPv6)– must know the PLAT side translation prefix– Route connections to the PLAT (stateful NAT64)– 1:1 mapping– 2400:6400::[v4p in HEX] (RFC6052)

38

DNS64(RFC6147)• Generate AAAA records from A records

– Allows IPv6 client to talk to IPv4 hosts– If ‘AAAA’ records exists, no synthesis– If only ‘A’ record exist for the queried name (after recursive

query), synthesize to AAAA record

39

DNS 64

AAAA Query: test.com

Authoritative DNS

AAAA Query: test.com

Empty Response

A Query: test.com

Response: 192.168.2.10Response:

2406:6400::C0A8:20A

PLAT (Stateful NAT64) (RFC6146)

• IPv6 to IPv4 translation (public)– and vice versa– bindings for every translation maintained

• need a return path

– N:1 mapping (conserves IPv4)– 2400:6400::[v4p in HEX] to [v4]:port (~PAT)

40

IPv6-only to IPv4 ‘Internet’

41

CLAT (NAT64)v4p

(v4 sockets)

v6

IPv6 Mobile Core

GGSNIPv4

Internet

Mobile Phone

DNS 64

PLAT (NAT64)

Dst: [2406:6400::C0A8:20A]:80Src: 2406:6400::9

192.168.2.10(test.com)

IPv4 Pool: 202.70.77.1-30Dst: 192.168.2.10:80

Src: 202.70.77.1:6435

Over IPv6

Over IPv4

v4p to IPv4 ‘Internet’

42

CLAT (NAT64)v4p

(v4 sockets)

v6

IPv6 Mobile Core

GGSNIPv4

Internet

Mobile Phone

PLAT (NAT64)

Stateless XLATE prefix: 2406:6400:EEEE::/96

PLAT-side XLATE prefix: 2406:6400:AAAA::/96

v4p address (Src): 192.168.12.99Dst: 202.69.185.252:80

IPv4 Pool: 202.70.77.1-30

PLAT-side XLATE prefix: 2406:6400:AAAA::/96

Src: 202.70.77.1:888Dst: 202.69.185.252:80

202.69.185.252

IPv6 Src: 2406:6400:EEEE::C0A8:C63

IPv6 Dst:[2406:6400:AAAA::CA45:B9FC]:80

IPv6 and Mobile devices

• Android supports 464XLAT

• IPv6 support from iOS 9 onwards– All apps submitted to App Store must support IPv6 since

early 2016– https://developer.apple.com/news

• DHCPv6:– iOS, Android, Windows– https://en.wikipedia.org/wiki/Comparison_of_IPv6_support_

in_operating_systems

43

IPv6 Tethering

• RFC6653:DHCPv6-PD for Mobile Networks

• RFC7278: Extending IPv6 /64 prefix from Mobile interface to LAN– Feature not available on Android 5.1 (Lollipop)– https://dan.drown.org/android/clat/

44

References

• IPv6 in Mobile Networks – Telstra– Sunny Yeung, Senior Technology Specialist – Presentation @APNIC41 (Feb 2016)– https://conference.apnic.net/data/41/yeung.-s-tutorial-

apricot-2016_1455689286.pdf

• 464XLAT: Breaking free of IPv4 - TMobile– Cameron Byrne’s presentation at SANOG23 (Jan 2014)– http://www.sanog.org/resources/sanog23/SANOG23_464XL

AT.pdf

45

Agenda


46

Broadband Network (IPv4)

47

PPP Access Request & Response

(Accept/Reject)

RADIUS (AAA) BRAS/BNGDSLAMCPE/RG

Home LAN

End user NAT

LSN/CGN

DHCP Server

On the BRAS Centralized

IPv6 over PPP (RFC2472)

48

IPv6 over PPP

BRAS/BNGDSLAMCPE/RG

• Link Control Protocol (LCP) same as in IPv4– Establish the connection, agree packet sizes (MTU/MSS)

• Authentication same as IPv4– (PAP/CHAP)

• Network Control Protocol (NCP) for IPv6 is IPV6CP– Choose the network protocol (IPv6)– Options:

• Interface Identifier (to negotiate the 64-bit int-id for SLAAC)• Compression Protocol (ability to received compressed packets)

IPv6 CPE WAN

49

• CPE IPv6 address– SLAAC based on the RA (and set ‘O’ flag for DNS), or – use the link-local, or

• DHCPv6 over PPP

• How will home devices get IPv6 address?– Proxy RA?

ipv6 nd prefix-advertisement 2400:db8::/64no ipv6 nd ra suppressipv6 nd other-config-flag

ND-RA over PPP

BRAS/BNGDSLAMCPE/RG

Home LAN

DHCPv6 over PPP DHCPv6 Server

IPv6 on Home LAN (DHCP-PD: RFC 3633)

50

• CPE requests prefix from BRAS (delegator)– DHCPv6 messages over PPP– BRAS delegates /64 prefix from the pool to CPE

• Router Advertisement to home devices by CPE– Auto-configure IPv6 address (SLAAC) using the delegated prefix

BRAS/BNGDSLAMCPE/RG

Home LAN

DHCPv6-PD over PPP(2001:db8::/64)

ipv6 local pool PD-POOL 2001:db8::/60 64ipv6 dhcp pool DHCPv6-PD-POOLprefix-delegation pool PD-POOLdns-server 2001:db8::1

RA

DHCPv6 Server

DHCPv6 (RFC3315)

51

• RA message:

– A (auto) flag set by default• SLAAC

– If O (other) flag set: stateless DHCPv6• auto-generate IPv6 address (IPv6 prefix, prefix length in the RA)• obtain other information (DNS server, domain) via DHCPv6

– If M (managed) flag set:• obtain all addressing information via DHCPv6• ‘O’ flag is redundant

52

Solicit (Client-Id)

Advertise

Request

Reply

IPv6 Client DHCPv6 Server

DHCPv6 (RFC3315)

• DHCPv6 uses DUID + IAID as Client-Id– Servers will drop any Solicit message without Client-id

• Be wary of duplicate DUID!– to uniquely identify & associate (IA) IPv6 addresses with each interface

on a host– IAIDs uniquely identifies the interface (one IA per interface)

• DUID types:– Link-layer address, Link-layer+Time, Enterprise number (vendor)

RADIUS attributes for IPv6 (RFC6911)

53

RADIUS (AAA) BRAS/BNG

Access-Request"username, password, NAS"

(Framed-Interface-Id)

Access-Accept/Reject

Accounting Start/Stop(Framed-IPv6-Prefix)

(Framed-Interface-Id)

• Framed-IPv6-Prefix:– Which prefix was delegated to the LAN side of the CPE

• Framed-Interface-Id:– Used for accounting and also indicated what address will be used on WAN

side through RA

Putting it together

54

RADIUS (AAA) BRAS(DHCPv6)CPE

Access-Request

Access Accept

LCP

NCP (IPv6CP)

Solicit

AdvertiseRequestReply

Accounting Start

NCP Open

IPv6 traffic over the session

PPPoE

DHCPv6

Agenda


55

56

0 127

ISP /32

20

Customer site /48

16

End site subnet /64

16 64

Device 128-bit address

Interface ID64

Network prefix 63

Unicast /3

3

Regional /12

9

Recap: IPv6 Address Structure

IPv6 Address Planning

• Network Operators allocated /32 by RIRs

• Global Routing prefix /48– /56 (ISPs to end site) – upstream could filter anything smaller– Consider the routing table size!

57

IPv6 Address Planning

• Future traffic engineering needs?– Contiguous assignment vs Split assignment

• Shift in thought:– IPv4: number of hosts L– IPv6: number of subnets!

58

IPv6 Address Plan: ISP Infra

• Loopbacks

• Point-to-Point links

• Internal Server LAN– also called NOC LAN– not seen from outside

• External Server LAN– Mail, DNS, etc

59


• Dedicate a /40 (or /48) for the backbone infra– Every infrastructure assignment from this block!– Carried by IGP (not iBGP)

• Loopbacks– Generally one /48 (/60 and /64 also common) for all

loopbacks– /128 as loopback

• Point-to-Point links– Dedicate a /48 for all PtP links– Assign /64 per link (RFC); RFC6164 recommends /127

• Reserve /64 per link but use /127

60


• Internal Server/NOC LAN– /60 (if different subnets within the NOC), or – /64

• External Server LAN– /64 (allows up to 2^64 services to be hosted)

61

IPv6 Address Plan: Enterprise Customer

• Consider regional delegation– Aggregation in mind!– /40 per region?

• One /48 per customer– Could be transit customers or leased line customers– Could be given additional /48s as they grow

• Common to see ISPs give:– /56 to mid-sized customers– /64 or /60 for very small customers– Please share your experience

62

IPv6 Address Plan: Customer WAN links

• Either use from their own /48 block– /64 from their block

• Dedicate a /48 block for customer WAN links– Helps to monitor customer links– Not to be mistaken with the trusted infra PtP block!– Actual addressing still the same:

• Reserve /64 and use /127

• Carried in iBGP (not IGP)– Aggregated at the GW router or POP routers

63

IPv6 Address Plan: Broadband Customer

• Depends on your deployment– ND-RA for CPE WAN side

• A /64 prefix on BRAS can still support 2^64 CPEs through SLAAC

– DHCP-PD for CPE LAN side• A /48 pool on each BRAS (65k /64s can be delegated)

• Dedicate a /40 (or bigger) for Broadband network– /48s out of the /40 to each BRAS– Announced in iBGP by BRAS

64

IPv6 Address Plan: DC services

• DC infra blocks from your infra block– Loopbacks– PtP links

• dedicate /40 for Data Center (hosted) services– Depends on DC architecture– Dedicated VLAN/subnet per service?

• /64 per VLAN/subnet (2^64 servers)

– Dedicated subnet per customer (customer buys VMs/hosts services)?• /64 per customer or subnet (2^64 VMs)

– Announced in iBGP (DC border router)

65

IPv6 Address Plan: Traffic Shaping

• Borrow from IPv4– sub-aggregates to shape traffic– Difficult with contiguous assignment

• Assign customer prefixes (that attract traffic) from both ends of address space– Infrastructure prefix do not attract traffic

66

IPv6 Address Plan: Traffic Shaping

• Customer prefixes assigned from each /33 sub-prefix– Similar to IPv4 sub-aggregates!– Allows us to balance incoming traffic

67

ISP/32

/33 /33

/34 /34/34/34

Customer 1 /48

Customer 2 /48

Customer 3 /48

Customer 4 /48

IPv6 Address Plan: Routing

• IGP to carry next-hop reachability information– Infrastructure blocks (PtPs, loopbacks)– Aggregation desirable in IGP

• Customer prefixes (Enterprise, broadband, DC customers/services)– Sub-aggregates for traffic shaping (mulithoming)– Consider regional delegation– iBGP carries all customer prefixes

• Aggregation may interfere with traffic shaping

– Aggregation necessary in eBGP (pull up routes)

68

IPv6 Address Plan: Routing

• Remember how it all works:

69

AS 111 AS 222 AS 333

iBGP iBGP iBGP

IGP IGP IGP

eBGP eBGP

IPv6 Address Planning: Example

• ISP has 2406:6400::/32 prefix– 16x /36s– easier to play at nibble

boundaries

70

# Prefix Comments

1 2406:6400:0000::/36

First /33

2 2406:6400:1000::/36

3 2406:6400:2000::/36

4 2406:6400:3000::/36

5 2406:6400:4000::/36

6 2406:6400:5000::/36

7 2406:6400:6000::/36

8 2406:6400:7000::/36

9 2406:6400:8000::/36

Second /33

10 2406:6400:9000::/36

11 2406:6400:a000::/36

12 2406:6400:b000::/36

13 2406:6400:c000::/36

14 2406:6400:d000::/36

15 2406:6400:e000::/36

16 2406:6400:f000::/36

Example: High level plan

71

# Prefix Assignment Comment

1 2406:6400:0000::/36 Infra + Cust

First /33

2 2406:6400:1000::/36

Customer

3 2406:6400:2000::/36

4 2406:6400:3000::/36

5 2406:6400:4000::/36

6 2406:6400:5000::/36

7 2406:6400:6000::/36

8 2406:6400:7000::/36

9 2406:6400:8000::/36

Second /33

10 2406:6400:9000::/36

11 2406:6400:a000::/36

12 2406:6400:b000::/36

13 2406:6400:c000::/36

14 2406:6400:d000::/36

15 2406:6400:e000::/36

16 2406:6400:f000::/36

Example: High Level

72

# Prefix Assignment Comment

1 2406:6400:0000::/36 Infra + Cust

First /33

1 2406:6400:0000:0000::/40 Backbone Infra (PtP, Loopbacks)

2 2406:6400:0100:0000::/40 Enterprise Customer Reg1

3 2406:6400:0200:0000::/40 Broadband Region1

4 2406:6400:0300:0000::/40

Future Customers

5 2406:6400:0400:0000::/40

6 2406:6400:0500:0000::/40

7 2406:6400:0600:0000::/40

:

:

:

:

16 2406:6400:0f00:0000::/40

Example: High Level

73

# Prefix Assignment Comments

9 2406:6400:8000::/36 Customer

Second /33

1 2406:6400:8000::/40 Broadband Region2

2 2406:6400:8100::/40 Enterprise Customer Reg2

3 2406:6400:8200::/40

Future Customers

4 2406:6400:8300::/40

5 2406:6400:8400::/40

6 2406:6400:8500::/40

7 2406:6400:8600::/40

:

:

:

:

16 2406:6400:8f00::/40

Example: Infrastructure

74


1 2406:6400:0000::/36 Infra + Cust

First /33

1 2406:6400:0000::/40 Backbone Infra

1 2406:6400:0000::/48 Loopbacks

2 2406:6400:0001::/48 Point-to-Point

3 2406:6400:0002::/48

Future Infra use

4 2406:6400:0003::/48

5 2406:6400:0004::/48

6 2406:6400:0005::/48

:

:

:

:

256 2406:6400:00ff::/48

Example: Customer

75


1 2406:6400:0000::/36 Infra + Cust

First /33


1 2406:6400:0100::/48 Customer WAN links

2 2406:6400:0101::/48 Customer 1.1

3 2406:6400:0102::/48 Customer 1.2

4 2406:6400:0103::/48

Future Customers5 2406:6400:0104::/48

6 2406:6400:0105::/48

7 2406:6400:0106::/48

8 2406:6400:0107::/48

:

:

256 2406:6400:01ff::/48

Example: Customer

76


1 2406:6400:0000::/36 Infra + Cust

First /33

3 2406:6400:0200::/40 Broadband Reg1

1 2406:6400:0100::/48 BRAS 1

2 2406:6400:0101::/48 BRAS 2

3 2406:6400:0102::/48 BRAS 3

4 2406:6400:0103::/48

Future Customers5 2406:6400:0104::/48

6 2406:6400:0105::/48

7 2406:6400:0106::/48

8 2406:6400:0107::/48

:

:

256 2406:6400:01ff::/48

Example: Customer

77


9 2406:6400:8000::/36 Customer

Second /33

1 2406:6400:8000::/40 Broadband Reg2

1 2406:6400:8000::/48 BRAS1

2 2406:6400:8001::/48 BRAS2

3 2406:6400:8002::/48 BRAS3

4 2406:6400:8003::/48

Future BRAS

5 2406:6400:8004::/48

:

:

:

256 2406:6400:80ff::/48

Example: Customer

78


9 2406:6400:8000::/36 Customer

Second /33


1 2406:6400:8100::/48 Customer 1-1

2 2406:6400:8101::/48 Customer 1-2

3 2406:6400:8102::/48

Future Customers

4 2406:6400:8103::/48

5 2406:6400:8104::/48

:

:

:

256 2406:6400:81ff::/48

Reference

• IPv6 Addressing – ISP/IXP– Philip Smith and Barry Greene– http://www.bgp4all.com.au/dokuwiki/_media/workshops/02

-ipv6-addressing.pdf

79

IPv6 Deployment: PLDT - start [APNIC TRAINING WIKI] Performance •LinkedIn Senior Director of...

Documents

Transcript of IPv6 Deployment: PLDT - start [APNIC TRAINING WIKI] Performance •LinkedIn Senior Director of...