IPv6 Fundamentals & Extreme Implementation

Download Report

Transcript IPv6 Fundamentals & Extreme Implementation

IPv6:
Is Your Network
Ready For It?
IPv4 and its limitation
The initial design of IPv4 did not anticipate:
Growth of the Internet and Exhaustion of the IPv4 address space
Large routing tables in backbone routers
• Flat and hierarchical routing
Need for simpler address configuration
• Manual
• DHCP
No native IP level security
• IPSec
• Proprietary security solutions
Need for better QoS
• TOS field in IPv4
• UDP or TCP ports
Page 2
ABCs of IPv6
New version of the Internet Protocol
Developed to alleviate IPv4 address exhaustion
Improve upon IP protocol based on operational experience of IPv4 in the
Global Internet
•
•
•
•
•
•
128 bit addressing
Simplified header makes forwarding algorithms more efficient
New extensions and options
Neighbor Discovery subsystem replaces ARP
Requires Path MTU Discovery – eliminates fragmentation in transit
No more ARP:
Neighbor Discovery helps discover adjacencies
Router advertisement functions for “last hop” configuration
• Dynamic provisioning components as well as DHCPv6
Page 3
IPv4 and IPv6 Feature Comparison
Feature
IPv4
IPv6
Address Length
32 bits
128 bits
Fragment
Hosts and Routers
Hosts only
Checksum in Header
Yes
No
Options in Header
Yes
No
Link-layer Address
Resolution
ARP (broadcast)
Neighbor Discovery
(multicast)
Multicast membership
IGMP
MLD
Router Discovery
Optional
Yes
Uses broadcasts
Yes
No
Address Assignment
Manual or DHCP
Auto-Configuration
IPSec Support
Optional
Yes
QoS Support
Some
Better
A records
DNS Name queries
DNS Reverse Lookups IN-ADDR.ARPA
Page 4
AAAA and A6 Records
IP6.INT
IPv6 Trends
Flexibility is the key trend in IPv6 today
• Basic data-plane handling is standardized
• But, transition technologies (tunneling, interworking and
migration) are still in relative flux
• Importance of flexibility in data plane
Importance of Wirespeed IPv6 support
• Data plane, network layer IPv6 forwarding
• Wirespeed Transition protocols
Page 5
IPv6 Drivers
3G services – multimedia and triple-play convergences
Peer-to-Peer Networking and Computing
File sharing and Instant Messaging
Home-networking
Networked-domestic appliances
VoIP
Home Entertainment systems Manufacturers
Online gaming software developers
Or Essentially any services with significant IP addressing
requirement will benefits from adopting IPv6. The benefits are
unique addressing, autoconfiguration, renumbering and globally
routable.
Page 6
Who is asking for IPv6 Today?
North America
• Department of Defense
• Federal Government
• Universities
• Application and OS vendors
Europe
• EU governments
• Interest from 3G community – telecommunications (mobile) sector
• Getting some initial interest from the ISP community
Japan, Korea and China (Fast Growing….)
• Educational market
• Service Providers
• Government
• Internet Appliance vendors (IPv6-enabled devices)
Asia
• Everyone (Singapore, Thailand, etc)
Worldwide Trends
• Started off primarily in Asia and Europe, but US is picking up dramatically
Page 7
A recent IPv6 survey results:
(with 200 Government IT Managers)
About 43 percent of respondents said they'd inventoried their existing devices
for IPv6-readiness.
Interestingly, 51 percent said they'd implement IPv6 all the way to the desktop
(the current mandate applies only to network backbones by June 2008).
Just 14 percent said implementation is underway at their agency ( but with two
years to go, that's not shocking)
Less than 8 percent said their agencies had finished their transition plans (not
shocking either).
4 percent actually said they were done.
In fact, what the survey actually says:
IPv6 is seen as an IT issue, not a business issue
Security is the top reason to move to IPv6
Most had no idea what their agencies were doing with IPv6
Page 8
http://www.gcn.com/blogs/tech/41168.html
IPv6 is out there – are you ready ?
IPv6 is readily available for Windows 2000/XP/2003, MAC-OS, Linux
As IPv6 traffic may enter the network, the infrastructure needs to be
made ready for it to protect you
• ACL security
• IP Address Security (equivalents to ARP, ICMP and DHCP
security and monitoring)
• DoS testing of the infrastructure
To turn on IPv6, control plane needs to be supported
•
•
•
•
L2+: ICMPv6, MLD Snooping, …
L3: static routes, RIPng, OSPFv3, …
IPv6 enabled applications (Telnet, SSH, traceroute, pingv6, …)
There is no D-Day – you’ll need Interworking / Migration
technologies (6to4, conf tunnels, ...)
Page 9
IPv6 Transition Mechanisms
IPv4 and IPv6 will coexist and migration will take years
Dual-Stack, Tunnelling and Translation
Page 10
Extreme Network’s Vision on IPv6
Massive proliferation of
devices
Broadening deployment of
wireless (802.11b/a/g, UWB)
Power Over Ethernet
Non-Computing
Devices
Computing
Systems
New and more
demanding applications
on a global level
The changing role of
networks in conducting
business
Growth
Optimization
Page 11
Survival
Extreme Solution
Extreme introduced a family of simple, fast,
highly intelligent, hardware-based switches
to replace complex software-based routers
Extreme Technology Revolution
Wire Speed Gigabit Ethernet ASICs
• Native QoS and Security Features
• Enhanced Traffic Shaping
Consistent Software & Management
• Full Standards Based Layer 3 Features
• Simpler Management Applications
“Ethernet and IP Everywhere”
Page 12
Extreme History with IPv6
Extreme Networks was one of the first vendors to release IPv6
software, Extreme began IPv6 development as early as year
2000 with a team that has over 18 combined person-years of
IPv6 experience, with members of the team that implemented
the worlds first IPv6 implementation in 1995 at Naval Research
Lab.
Participating in IPv6 Demonstration Collaborative Initiative in
conjunction with the University of New Hampshire
Interoperability Labs (Moonv6)
• The tests will demonstrate the functionality of IPv6 including proper
base specification, routing and mobility functions with the network
infrastructure supporting DNS for IPv6, NFS, streaming media,
common business applications and Web browsing.
Success customer: Telecom Italia Lab (TILAB)
Page 13
Extreme Hardware
Multi-Terabit Architecture
LPM Routing for IPv4, IPv6, MPLS
T-Flex to Accommodate Evolving Standards
Programmable packet parser
Programmable packet editor
Advanced Metro Ethernet Capabilities
Tunneling, translation, frame stacking
Scaling for massive address spaces
Virtually Infinite Capacities
Extensive Access Control Lists
T-Stat statistics – programmable counters
Prepared for Proliferation of Devices
1 Million+ devices
Ability to track, monitor, account for 1M+ devices
Control, restrict, rewrite, redirect 1M+ devices
Page 14
BlackDiamond 10K/12K
Extreme Software - XOS
Highly Available Modular OS
• Memory protection
• Process Monitoring and Restart
• Hitless failover/upgrade
• DoS Protection
Open-ness - Add New features faster
• POSIX APIs gives a great starting
point for new code
• XML data representation and APIs
enable easy integration with bestof-breed software and appliances
• TCL and scriptable CLI enable
easier management
Page 15
Edge to Core IPv6 Enabled Infrastructure
Dual-stack in clients, Unified Access, Intelligent Core and servers. Telnet, SSH, Ping, Traceroute
BD 8800
BD10K
Summit X450
IPv6 ACLs for Security at the Edge and in the Core
L2+ infrastructure:
•MLD v1/v2 router requirements,
•ICMPv6 router requirements with Path MTU Discovery
L2 hardware assisted forwarding, 9K Jumbo Frames, Protocol based VLANs
L3 Routing: OSPFv3, RIPng, Static Routes
L3: Hardware assisted L3 forwarding.
Hardware assisted configured tunnels
and 6to4 to connect between v6
islands locally and through the
internet. High performance in Core
Page 16
Are You Ready for IPv6?!!