IPv6 Migration 21 Nov2008

32
IPv6 integration strategies November 25, 2008 Peter van Eijk http://petersgriddle.n et http:// digitalinfrastructures

description

talk on IPv6 migration integration

Transcript of IPv6 Migration 21 Nov2008

Page 1: IPv6 Migration 21 Nov2008

IPv6 integrationstrategiesNovember 25, 2008

Peter van Eijkhttp://petersgriddle.nethttp://digitalinfrastructures.nl

Page 2: IPv6 Migration 21 Nov2008

© Digital Infrastructures 2 Nov 25, 2008

Page 3: IPv6 Migration 21 Nov2008

© Digital Infrastructures 3 Nov 25, 2008

The IP address evolution

Source: Wikipedia

Page 4: IPv6 Migration 21 Nov2008

© Digital Infrastructures 4 Nov 25, 2008

Why did we want IPv6 in the first place? More addresses:

But: NAT makes 24+24 = 48 bits addresses, which is >60.000* more than public IP addresses (145.15.15.X + 10.A.B.C)

Better security: Better than NAT? New technology = new bugs and leaks

New applications: QoS, VoIP, IPTV Routers ready for prime time?

No NAT needed No NAT: no walled garden… No provider independence?

Easier address allocation DHCP is proven technology, why bother?

More customer revenue (ARPU)? Where? Who? How?

Page 5: IPv6 Migration 21 Nov2008

© Digital Infrastructures 5 Nov 25, 2008

Who has the real address space problem? [no, maybe] Retail consumer: no.

Will want IPv4 connectivity for next 20+ years Organisations: maybe?

If by IPv6 you can avoid renumbering with every reorganisation

ISP: maybe? Where is the paying customer? More support issues

Page 6: IPv6 Migration 21 Nov2008

© Digital Infrastructures 6 Nov 25, 2008

Who has the real address space problem? [could be, wannabe] We can always use RFC 1918 (10.X.X.X)

addresses, can we? Unless we need millions of them. Double NAT??

Class A exhaustion is the real problem Large ISPs are moving on this

Unless we need private partner networks Unless we need to merge and renumber

Deploying millions of connected devices RFID tags?, sensors, machine to machine Mobile handsets

Page 7: IPv6 Migration 21 Nov2008

© Digital Infrastructures 7 Nov 25, 2008

How hard is integration with IPv6?IPv6 integration project

=Y2K : check all Operating Systems +€ : review all applications for the

use of IP addresses -/-deadline : there is no rush

This ‘formula’ suggests that the integration project is going to cost a lot, and last very long

In 1965 people drove left in Sweden, in 1967 on the right hand side. How did they migrate? City by city?

Page 8: IPv6 Migration 21 Nov2008

© Digital Infrastructures 8 Nov 25, 2008

IPv6 integration is a chain problem

First: everybody spends money (implement dual stack IPv6)

Then: some pick the rewards (more address space, phase out IPv4)

Page 9: IPv6 Migration 21 Nov2008

© Digital Infrastructures 9 Nov 25, 2008

Every component of the chain has to migrate (simplistic view)

CPE ServersISP, WANUser equipment

IPv4

IPv6

IPv4

IPv6

IPv4 eraIPv4 era

IPv6 eraIPv6 era

Ga-te-way

Ga-te-way

Ga-te-way

Ga-te-way

Page 10: IPv6 Migration 21 Nov2008

© Digital Infrastructures 10 Nov 25, 2008

Current state of affairs

Page 11: IPv6 Migration 21 Nov2008

© Digital Infrastructures 11 Nov 25, 2008

IPv4 addresses per inhabitant USA 4.7 : 1 NL 1 : 1 China 1 : 17 India 1 : 165

World (‘end state’) 1 : 2

Page 12: IPv6 Migration 21 Nov2008

© Digital Infrastructures 12 Nov 25, 2008

What is there?

Windows XP and Vista are dual stack (IPv4/v6 on one network card)

Most new mobile phones Server OS mostly OK

Backbone routers +/- CPE (ADSL & Cable modems in progress)

Page 13: IPv6 Migration 21 Nov2008

© Digital Infrastructures 13 Nov 25, 2008

IPv6 0.1% of traffic

600 Mbit/sec @ AMS/IX

Daily and weekly patterns suggest home users take the lead

Page 14: IPv6 Migration 21 Nov2008

© Digital Infrastructures 14 Nov 25, 2008

IPv6 versus IPv4 traffic growth on AMS-IX

Parity in 2010?

Page 15: IPv6 Migration 21 Nov2008

© Digital Infrastructures 15 Nov 25, 2008

Airport Extreme as SoHo gateway drives adoption

Google measurements suggest IPv6 capability 50% by 2013

Page 16: IPv6 Migration 21 Nov2008

© Digital Infrastructures 16 Nov 25, 2008

Page 17: IPv6 Migration 21 Nov2008

© Digital Infrastructures 17 Nov 25, 2008

What is not there?

Mature and proven technology ISP OSS/BSS and other applications Enough skilled people Business case (mostly)

Page 18: IPv6 Migration 21 Nov2008

© Digital Infrastructures 18 Nov 25, 2008

Reasons to migrate

Page 19: IPv6 Migration 21 Nov2008

© Digital Infrastructures 19 Nov 25, 2008

Cases

Comcast: needs 100 M addresses; double NAT is too complex to engineer and run

NATO: auto configuring mobile (vehicle) networks

SME: avoid double NAT over VPN Microsoft: Peer to peer security model requires

unique identities Mobile operators; car manufacturers: acquiring

address space; NAT is a battery drain

Page 20: IPv6 Migration 21 Nov2008

© Digital Infrastructures 20 Nov 25, 2008

Typical IPv6 adopters

Research & Universities Providers of new services

IMS, P2P, Mobile Operators, Car telematics Very large and complex networks

multimillion nodes and/or double NAT Small/Medium enterprises

VPN over Cable/DSL -> double NAT Dark horse: Adoption of new MS collaboration,

serverless collaboration ? Private interconnection between organisations

Public IP space for this is hard to get -> double NAT

Page 21: IPv6 Migration 21 Nov2008

© Digital Infrastructures 21 Nov 25, 2008

How to migrate

Page 22: IPv6 Migration 21 Nov2008

© Digital Infrastructures 22 Nov 25, 2008

What should you do (top prio)?

Specify IPv6 capabilities in all RFP Pilot projects Upgrade network management to dual

stack, which will give you visibility on your evolving IPv6 network

Page 23: IPv6 Migration 21 Nov2008

© Digital Infrastructures 23 Nov 25, 2008

Possible logical approach for non-ISP organisations1. Acquire IPv6 space

preferably provider independent (PI)

2. Set up pilot3. Dual stack servers (€)4. Upgrade all apps

start with firewall and network mgt (€€)

5. Upgrade company IP backbone (€€€) Tunnel into public IPv6, migrate to dual-stack ISP

6. Migrate clients to IPv6 (€€) Proxy firewall will NAT for external IPv4 websites

Page 24: IPv6 Migration 21 Nov2008

© Digital Infrastructures 24 Nov 25, 2008

Possible logical approach for ISPs

1. Begin ASAP with dual stack CPEIPv4 CPE is tomorrows legacy

2. Upgrade OSS/BSS and administrative systems

3. IPv6 in the backbone to CPE Home network IPv4 (192.168.X.X) NAT at CPE, which is already there

Page 25: IPv6 Migration 21 Nov2008

© Digital Infrastructures 25 Nov 25, 2008

Possible logical approach for 3GPP providers

1. Provision dual stack UEIPv4 UE is tomorrows legacy

2. Upgrade OSS/BSS and administrative systems

3. IPv6 in the backbone to access concentrator

Page 26: IPv6 Migration 21 Nov2008

© Digital Infrastructures 26 Nov 25, 2008

Lessons learned

Early planning makes for cheap migrationPurchasingTraining/ and recruitingDo pilotsMake address space plan

Dual stack backbone, single stack terminal Note: dual stack network is more redundant against

configuration glitches

Page 27: IPv6 Migration 21 Nov2008

© Digital Infrastructures 27 Nov 25, 2008

Lessons learned: IPv6 challenges

Trained people: operators, engineers? Limited IPv6 security and management

software High-end load balancers not mature Cheap IPv6 CPE? Software and standards for mobility

(roaming) not mature enough yet

Page 28: IPv6 Migration 21 Nov2008

© Digital Infrastructures 28 Nov 25, 2008

Possible end-state for IPv6

CPE Hosting, V4 (+V6)ISP, WAN

SOHO: V4 (+V6)

IPv4

IPv6

Corporate: V6

Mobile: V6

V4-V6 NAT

Page 29: IPv6 Migration 21 Nov2008

© Digital Infrastructures 29 Nov 25, 2008

Skeleton adoption project plan

Elaborate needs and possibilities, strategic expectations Establish roadmap, scope and urgency High-level integration plan Preparation phase

Specify IPv6 in purchasing standards Build up IPv6 competencies in selected staff Start pilot projects

Preproduction phase Dual stack network management and infrastructural services (DNS) IPv6 connectivity for limited number of users

Expansion phase Plan dual stack for all servers, realization of strategic benefits

Implementation and handover to operations

Page 30: IPv6 Migration 21 Nov2008

© Digital Infrastructures 30 Nov 25, 2008

Possible steps on policy level

Important policy measures any public administration can take:Make government websites IPv6 readySponsor case studies into secured

communication between organizations. Both activities will have increased

competency levels as one of their benefits.

Page 31: IPv6 Migration 21 Nov2008

© Digital Infrastructures 31 Nov 25, 2008

The ‘bait’

http://www.ipv6experiment.com/ We're taking 10 gigabytes of the most popular "adultentertainment" videos from one of the largest subscription websites on the internet, and giving away access to anyone who can connect to it via IPv6. No advertising, no subscriptions, no registration.

If you access the site via IPv4, you get a primer on IPv6, […] If you access the site via IPv6 you get instant access to "the

goods".

Page 32: IPv6 Migration 21 Nov2008

© Digital Infrastructures 32 Nov 25, 2008

More information

English report [email protected] Dutch report

http://www.ecp.nl/download/Rapport_IPv6_7_maart_2007_definitief.pdf

Dutch newsletter on IT management www.digitalinfrastructures.nl (Computable column), or mail [email protected]

Subscribe to http://petersgriddle.net “What’s cooking on the net?”

Further reading:http://www.bgpexpert.com/presentations/overstapv6.pdf

http://petersgriddle.net/2006/10/ipv6-has-heartbeat-but.html

http://www.ipv6.org/