Ole Ipv4onlifesupport
-
Upload
ipv6no -
Category
Technology
-
view
658 -
download
4
Transcript of Ole Ipv4onlifesupport
![Page 1: Ole Ipv4onlifesupport](https://reader036.fdocuments.in/reader036/viewer/2022081507/5554e555b4c905bb2a8b4642/html5/thumbnails/1.jpg)
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 1
IPv4 on life-supportOle Trøan, cisco EngineeringIP fundamentalist
2011-11-22
With help from:Randy Bush (Dr Vision)Dan Wing (Mr NAT)Mark Townsley (Mr Tunnel)Geoff Huston (Dr Doom)
![Page 2: Ole Ipv4onlifesupport](https://reader036.fdocuments.in/reader036/viewer/2022081507/5554e555b4c905bb2a8b4642/html5/thumbnails/2.jpg)
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 2
The “inevitability” of technological evolution?
![Page 3: Ole Ipv4onlifesupport](https://reader036.fdocuments.in/reader036/viewer/2022081507/5554e555b4c905bb2a8b4642/html5/thumbnails/3.jpg)
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 3
The “inevitability” of technological evolution?
![Page 4: Ole Ipv4onlifesupport](https://reader036.fdocuments.in/reader036/viewer/2022081507/5554e555b4c905bb2a8b4642/html5/thumbnails/4.jpg)
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 4
Not exactly according to plan…
![Page 5: Ole Ipv4onlifesupport](https://reader036.fdocuments.in/reader036/viewer/2022081507/5554e555b4c905bb2a8b4642/html5/thumbnails/5.jpg)
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 5Cisco ConfidentialCisco Confidential© 2010 Cisco and/or its affiliates. All rights reserved. 5
“I’m driving at 100 kph, and I see a wall 100m ahead of me.
I’m not there yet; I’ll worry about that tomorrow…”
![Page 6: Ole Ipv4onlifesupport](https://reader036.fdocuments.in/reader036/viewer/2022081507/5554e555b4c905bb2a8b4642/html5/thumbnails/6.jpg)
Cisco Confidential© 2010 Cisco and/or its affiliates. All rights reserved. 6
![Page 7: Ole Ipv4onlifesupport](https://reader036.fdocuments.in/reader036/viewer/2022081507/5554e555b4c905bb2a8b4642/html5/thumbnails/7.jpg)
Cisco Confidential© 2010 Cisco and/or its affiliates. All rights reserved. 7
![Page 8: Ole Ipv4onlifesupport](https://reader036.fdocuments.in/reader036/viewer/2022081507/5554e555b4c905bb2a8b4642/html5/thumbnails/8.jpg)
Cisco Confidential© 2010 Cisco and/or its affiliates. All rights reserved. 8
![Page 9: Ole Ipv4onlifesupport](https://reader036.fdocuments.in/reader036/viewer/2022081507/5554e555b4c905bb2a8b4642/html5/thumbnails/9.jpg)
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 9
Who deploys IPv6 today?• Enthusiasts working in corporations, friendly to “new stuff”
• Encouraged by government regulation / procurement requirements
• Out of fear (let’s be ready if this IPv6 thing happens…)
• New opportunities. If we are early into IPv6 we may have an advantage.
• Green field. Let’s not bother with legacy stuff in a new network
![Page 10: Ole Ipv4onlifesupport](https://reader036.fdocuments.in/reader036/viewer/2022081507/5554e555b4c905bb2a8b4642/html5/thumbnails/10.jpg)
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 10
“Why Has theTransitionto IPv6Been so Slow?”
![Page 11: Ole Ipv4onlifesupport](https://reader036.fdocuments.in/reader036/viewer/2022081507/5554e555b4c905bb2a8b4642/html5/thumbnails/11.jpg)
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 11
“Is it the Vendors?”
![Page 12: Ole Ipv4onlifesupport](https://reader036.fdocuments.in/reader036/viewer/2022081507/5554e555b4c905bb2a8b4642/html5/thumbnails/12.jpg)
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 12
“Is it the lazy Operators, - as the IPv6 idealist claim?”
![Page 13: Ole Ipv4onlifesupport](https://reader036.fdocuments.in/reader036/viewer/2022081507/5554e555b4c905bb2a8b4642/html5/thumbnails/13.jpg)
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 13
“Is it the lack of content?”
![Page 14: Ole Ipv4onlifesupport](https://reader036.fdocuments.in/reader036/viewer/2022081507/5554e555b4c905bb2a8b4642/html5/thumbnails/14.jpg)
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 14
“Is it that Applications do not support IPv6?”
![Page 15: Ole Ipv4onlifesupport](https://reader036.fdocuments.in/reader036/viewer/2022081507/5554e555b4c905bb2a8b4642/html5/thumbnails/15.jpg)
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 15
“Is the CPE?”
![Page 16: Ole Ipv4onlifesupport](https://reader036.fdocuments.in/reader036/viewer/2022081507/5554e555b4c905bb2a8b4642/html5/thumbnails/16.jpg)
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 16
“Is it the End-user host stack?”
![Page 17: Ole Ipv4onlifesupport](https://reader036.fdocuments.in/reader036/viewer/2022081507/5554e555b4c905bb2a8b4642/html5/thumbnails/17.jpg)
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 17
“Isn’t the 430 transition mechanisms enough?”
![Page 18: Ole Ipv4onlifesupport](https://reader036.fdocuments.in/reader036/viewer/2022081507/5554e555b4c905bb2a8b4642/html5/thumbnails/18.jpg)
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 18
“Transition depends on All of Those at the SAME TIME – a recipe for failure”
![Page 19: Ole Ipv4onlifesupport](https://reader036.fdocuments.in/reader036/viewer/2022081507/5554e555b4c905bb2a8b4642/html5/thumbnails/19.jpg)
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 19
The challenge often lies in managing the transition from one technology to another
![Page 20: Ole Ipv4onlifesupport](https://reader036.fdocuments.in/reader036/viewer/2022081507/5554e555b4c905bb2a8b4642/html5/thumbnails/20.jpg)
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 20
IPv4
IPv6
CGNs
ALGs CDNs
The challenge often lies in managing the transition from one technology to another
To get from “here” to “there” requires an excursion through an environment of CGNs, CDNs, ALGs and similar middleware ‘solutions’ to IPv4 address exhaustion
![Page 21: Ole Ipv4onlifesupport](https://reader036.fdocuments.in/reader036/viewer/2022081507/5554e555b4c905bb2a8b4642/html5/thumbnails/21.jpg)
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 21
IPv4
IPv6
CGNs
ALGs CDNs
Transition requires the network owner to undertake capital investment in network service infrastructure to support IPv4 address sharing/rationing.
But will this be merely a temporary phase of transition?
![Page 22: Ole Ipv4onlifesupport](https://reader036.fdocuments.in/reader036/viewer/2022081507/5554e555b4c905bb2a8b4642/html5/thumbnails/22.jpg)
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 22
The risk in this transition phase is that the Internet heads off in a completely different direction!
IPv4
IPv6
CGNs
ALGs CDNs
The challenge often lies in managing the transition from one technology to another
![Page 23: Ole Ipv4onlifesupport](https://reader036.fdocuments.in/reader036/viewer/2022081507/5554e555b4c905bb2a8b4642/html5/thumbnails/23.jpg)
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 23
IPv4
IPv6
CGNs
ALGs CDNs
APNIC
RIPE NCC
LACNICAFRINIC
ARIN201x?
![Page 24: Ole Ipv4onlifesupport](https://reader036.fdocuments.in/reader036/viewer/2022081507/5554e555b4c905bb2a8b4642/html5/thumbnails/24.jpg)
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 24
“The IPv4 InternetWas a Simple PlaceWhere Packets FlowedFreely Between Us”
![Page 25: Ole Ipv4onlifesupport](https://reader036.fdocuments.in/reader036/viewer/2022081507/5554e555b4c905bb2a8b4642/html5/thumbnails/25.jpg)
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 25
![Page 26: Ole Ipv4onlifesupport](https://reader036.fdocuments.in/reader036/viewer/2022081507/5554e555b4c905bb2a8b4642/html5/thumbnails/26.jpg)
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 26
128 bits
32 bits
CGN
![Page 27: Ole Ipv4onlifesupport](https://reader036.fdocuments.in/reader036/viewer/2022081507/5554e555b4c905bb2a8b4642/html5/thumbnails/27.jpg)
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 27
We are the Salmon
![Page 28: Ole Ipv4onlifesupport](https://reader036.fdocuments.in/reader036/viewer/2022081507/5554e555b4c905bb2a8b4642/html5/thumbnails/28.jpg)
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 28
“But We Can EasilyDestroy theEnvironment in theNext Year or Two”
![Page 29: Ole Ipv4onlifesupport](https://reader036.fdocuments.in/reader036/viewer/2022081507/5554e555b4c905bb2a8b4642/html5/thumbnails/29.jpg)
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 29
“There isOne SeriousProblemWith CGNs”
![Page 30: Ole Ipv4onlifesupport](https://reader036.fdocuments.in/reader036/viewer/2022081507/5554e555b4c905bb2a8b4642/html5/thumbnails/30.jpg)
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 30
and When They Say“Service Continuity”What They Mean isThey are NOT Transitioning to IPv6”
![Page 31: Ole Ipv4onlifesupport](https://reader036.fdocuments.in/reader036/viewer/2022081507/5554e555b4c905bb2a8b4642/html5/thumbnails/31.jpg)
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 31
IPv4 Life Support
![Page 32: Ole Ipv4onlifesupport](https://reader036.fdocuments.in/reader036/viewer/2022081507/5554e555b4c905bb2a8b4642/html5/thumbnails/32.jpg)
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 32
“Think About a WorldWhere You Can NotDeploy New Protocols(e.g. Skype)Without Telenor’s (or Apple’s or Google’s)Lawyers’ Approval”
![Page 33: Ole Ipv4onlifesupport](https://reader036.fdocuments.in/reader036/viewer/2022081507/5554e555b4c905bb2a8b4642/html5/thumbnails/33.jpg)
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 33
“Tunnels and translators”
![Page 34: Ole Ipv4onlifesupport](https://reader036.fdocuments.in/reader036/viewer/2022081507/5554e555b4c905bb2a8b4642/html5/thumbnails/34.jpg)
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 34
Two types of transition mechanism• IPv6 service (to end users)
6rd, L2TP, (IPv6 in IP, GRE, ISATAP, Teredo, Tunnel brokers)
• IPv4 exhaustion (IP address sharing)A+P: Mapping of Address and port (Shared IPv4 address over IPv6)
CGN / SD-NAT
DS-lite
• “Interoperate”:IPv6 to IPv4 connectivity
NAT64, TRT, Application proxies
![Page 35: Ole Ipv4onlifesupport](https://reader036.fdocuments.in/reader036/viewer/2022081507/5554e555b4c905bb2a8b4642/html5/thumbnails/35.jpg)
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 35
Is it because we only have 430 transition mechanisms?
![Page 36: Ole Ipv4onlifesupport](https://reader036.fdocuments.in/reader036/viewer/2022081507/5554e555b4c905bb2a8b4642/html5/thumbnails/36.jpg)
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 36
What goes in should come out..
Tunnels act like the layer below that which they are carrying
Often not perfectly, but “good enough” for a specific purpose
IP tunnels act like Data Link Layers
![Page 37: Ole Ipv4onlifesupport](https://reader036.fdocuments.in/reader036/viewer/2022081507/5554e555b4c905bb2a8b4642/html5/thumbnails/37.jpg)
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 37
They provide us a Layer of Indirection
All problems in computer science can be solved by another level of indirection…
…except for the problem of too many levels of indirection
- David Wheeler
![Page 38: Ole Ipv4onlifesupport](https://reader036.fdocuments.in/reader036/viewer/2022081507/5554e555b4c905bb2a8b4642/html5/thumbnails/38.jpg)
They have a wide variety of uses…
![Page 39: Ole Ipv4onlifesupport](https://reader036.fdocuments.in/reader036/viewer/2022081507/5554e555b4c905bb2a8b4642/html5/thumbnails/39.jpg)
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 39
Subscribers Providers Internet
Private IPv4
IPv6
IPv6
Private IPv4
IPv6
IPv4
IPv6
IPv4
IPv6
Private IPv4
IP address sharing (NAT placement)
![Page 40: Ole Ipv4onlifesupport](https://reader036.fdocuments.in/reader036/viewer/2022081507/5554e555b4c905bb2a8b4642/html5/thumbnails/40.jpg)
Cisco Confidential© 2010 Cisco and/or its affiliates. All rights reserved. 40
Address Sharing Gone Bad
Source: Shin Miyakawa, NTT Communications
40IETF82 - INTAREA
![Page 41: Ole Ipv4onlifesupport](https://reader036.fdocuments.in/reader036/viewer/2022081507/5554e555b4c905bb2a8b4642/html5/thumbnails/41.jpg)
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 41
41IETF82 - INTAREA
IPv4 Address Sharing Technologies
IPv4 AddressRun-Out
IPv4
IPv6 6rd
Obtain IPv4 Addresses (RIR, address broker)
IPv4 Address SharingCGN,
NAT44, SD-NAT
6rd+
CGN
DualStackLite
MAP(4rd/dIVI)native
![Page 42: Ole Ipv4onlifesupport](https://reader036.fdocuments.in/reader036/viewer/2022081507/5554e555b4c905bb2a8b4642/html5/thumbnails/42.jpg)
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 42
2. Connect IPvX to IPvY
• NAT Purpose 2: connect IPv6 to IPv4
IPv4 IPv6
IPv4-only hosts IPv6-only hosts
NAT64
42IETF82 - INTAREA
![Page 43: Ole Ipv4onlifesupport](https://reader036.fdocuments.in/reader036/viewer/2022081507/5554e555b4c905bb2a8b4642/html5/thumbnails/43.jpg)
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 43
Connecting IPvX hosts to IPvY hosts• NAT64 is not perfect
• IPv6 and IPv4 are not compatibleFragmentation (IPv4: network fragments, IPv6: hosts fragment)
minimum MTU (IPv4: 576, IPv6: 1280)
IPv4 options versus IPv6 extensions
• Like NAT44:NAT64 can also bring Application Layer Gateway (ALG) issues
Complicates troubleshooting and abuse handling
43IETF82 - INTAREA
![Page 44: Ole Ipv4onlifesupport](https://reader036.fdocuments.in/reader036/viewer/2022081507/5554e555b4c905bb2a8b4642/html5/thumbnails/44.jpg)
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 44
Smart Edge & Stupid Core• Traditional Voice has stupid edge devices,
phone instruments, and a very smart expensive core
• The Internet has a smart edge, computers with operating systems, applications, …, and a simple stupid core, which just does packet forwarding
• Adding an entirely new Internet service is just a matter of distributing an application to a few consenting desktops (until NATs)
• Compare that to adding a service to Voice
![Page 45: Ole Ipv4onlifesupport](https://reader036.fdocuments.in/reader036/viewer/2022081507/5554e555b4c905bb2a8b4642/html5/thumbnails/45.jpg)
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 45
Conclusions
![Page 46: Ole Ipv4onlifesupport](https://reader036.fdocuments.in/reader036/viewer/2022081507/5554e555b4c905bb2a8b4642/html5/thumbnails/46.jpg)
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 46
IPv6 Transition: Tunnel or Translate?
translate tunnel native routing
worst best
46IETF82 - INTAREA
![Page 47: Ole Ipv4onlifesupport](https://reader036.fdocuments.in/reader036/viewer/2022081507/5554e555b4c905bb2a8b4642/html5/thumbnails/47.jpg)
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 47
IPv4-OnlyNetwork
IPv4-OnlyNetwork
IPv4-OnlyUsers
NAT
NAT
IPv6-Only
IPv6-OnlyUsers
CE
Dual Stack Network
Dual-StackUsers
PEPE
CE
Dual Stack Transition Leap
![Page 48: Ole Ipv4onlifesupport](https://reader036.fdocuments.in/reader036/viewer/2022081507/5554e555b4c905bb2a8b4642/html5/thumbnails/48.jpg)
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 48
IPv4-OnlyNetwork
IPv4-OnlyNetwork
IPv4-OnlyUsers
NAT
NAT
IPv6-Only
Dual StackNetwork
IPv6-OnlyUsers
CE
6↔4
Dual StackNetwork
IIPv6Only
Dual-StackUsers
Dual-StackUsers
IPv6 Only
Dual StackNetwork
Dual Stack Network
Dual-StackUsers
PEPE
CE CE CE
Transition Steps Instead of Leaps…
![Page 49: Ole Ipv4onlifesupport](https://reader036.fdocuments.in/reader036/viewer/2022081507/5554e555b4c905bb2a8b4642/html5/thumbnails/49.jpg)
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 49
While:• IP address sharing is necessary to keep business running
• Necessary to keep end users happy (long tail IPv4)
• It is never ideal
![Page 50: Ole Ipv4onlifesupport](https://reader036.fdocuments.in/reader036/viewer/2022081507/5554e555b4c905bb2a8b4642/html5/thumbnails/50.jpg)
Cisco Confidential© 2010 Cisco and/or its affiliates. All rights reserved. 50
Principle #1:Choose mechanisms which are progress towards IPv6
![Page 51: Ole Ipv4onlifesupport](https://reader036.fdocuments.in/reader036/viewer/2022081507/5554e555b4c905bb2a8b4642/html5/thumbnails/51.jpg)
Cisco Confidential© 2010 Cisco and/or its affiliates. All rights reserved. 51
Principle #2:Prefer Mechanisms Which are simple, Stateless, Use IPv6 not IPv4, …
![Page 52: Ole Ipv4onlifesupport](https://reader036.fdocuments.in/reader036/viewer/2022081507/5554e555b4c905bb2a8b4642/html5/thumbnails/52.jpg)
Cisco Confidential© 2010 Cisco and/or its affiliates. All rights reserved. 52
Principle #3:Keep state at the edge not the core
![Page 53: Ole Ipv4onlifesupport](https://reader036.fdocuments.in/reader036/viewer/2022081507/5554e555b4c905bb2a8b4642/html5/thumbnails/53.jpg)
Cisco Confidential© 2010 Cisco and/or its affiliates. All rights reserved. 53
Principle #4:Use Mechanisms Which Preserve e2e and the Other Basic Principles as Much as Possible