Transcript APAN_IPv6_XiAn

AARNet Copyright 2007
AARNet IPv6 Update
IPv6 Workshop
APAN 24, Xi’An 2007
Bruce Morgan
AARNet Copyright 2007
The AARNet Network
• AARNet owns and operates a resilient and redundant multiGbps network across Australia. In the Eastern Australia we
have deployed DWDM equipment which currently has up to 320
Gbps capacity.
• Dual STM-64c (10 Gbps) links connect major capital cities with
routing being done by Juniper M320 routers
2
AARNet Copyright 2007
University connections
• Universities are encouraged to have diverse connections to the
Juniper M320 routers at each PoP.
• Institutions typically connect at 1 Gbps and we have deployed
Cisco 7304 routers at each site (edge routers), and also edge
servers. This allows close monitoring of each tail circuit.
• So far about 85 edge routers have been deployed.
3
AARNet Copyright 2007
AARNet3 National Network
4
AARNet Copyright 2007
Regional Optical Network
5
AARNet Copyright 2007
AARNet International Network
6
AARNet Copyright 2007
The international footprint
• AARNet has a very large international footprint from the PoP in
Frankfurt, Germany to Palo Alto in the US - it covers a timezone
difference of 17 hours from +1 to -8
• Peering at :
– Hawai’I, Seattle (Pacific Wave), PAIX, Telehouse (LA), Any2 (LA)
– Singapore, Frankfurt (DE-CIX), Amsterdam (AMS-IX), London (LINX)
• Currently 622 Mbps to Singapore and then on to Frankfurt
• The 622 Mbps link to Singapore connects to the TEIN2 nework
7
AARNet Copyright 2007
10G Trans Pacific
•
•
•
•
Partnership with Southern Cross Cable Networks
AUP - Research and Education only
Dual STM-64c (OC192)
Northern path to Seattle
– Layer 3 routed
• Southern path to Los Angeles
– Layer 1/2
• Catalyse Global Astronomy Initiative
– Mauna Kea, Big Island
8
AARNet Copyright 2007
TEIN2 Connectivity
 There are four STM-1
circuits linking Perth to
Singapore.
 Two of these go via
APCN, and the other
two via SMW3 to
provide diversity and
fault tolerance
9
 AARNet Singapore
PoP establish at the
Kim Chuan data
centre from where we
peer with TEIN2,
Singaren and ASNet
AARNet Copyright 2007
Commodity and R&E
• AARNet offers both commodity (commercial) internet and
research networking
• Two 10 Gbps circuits for R&E connectivity to the US. The
northern link is IP and routed - the southern link will be
presented as light paths (ethernet L2 circuits)
• 6 x STM-4 (3.6 Gbps) circuits to the US - terminating at Palo
Alto and Los Angeles
• 2 x STM-1 (310 Mbps) circuits to Seattle via Hawai’i and Fiji
• 4 x STM-1 (622 Mbps) circuits to Singapore and Frankfurt –
also two 100 Mbps circuits to LINX and AMS-IX
10
AARNet Copyright 2007
AARNet support for IPv6
• AARNet3 core and edge is dual stack since 2003
• Dual stack deployed across M320 core using OSPF3 and BGP
as routing protocols
• IPv6 is used within AARNet
– www.aarnet.edu.au IPv6 enabled
– Infrastructure is IPv6 enabled
• IPv6 Multicast is enabled
– SSM supported
– Currently use a static RP for ASM
11
AARNet Copyright 2007
Addressing
• Addressing Plan
– Currently use /32 2001:388::/32 allocated by APNIC
• Allocate a /40 to a PoP or a /48 to a customer
• A /39 is allocated to the Tunnel broker networks
• Some customers have their own allocations
12
AARNet Copyright 2007
AARNet Migration Broker
•
•
•
•
•
•
13
http://broker.aarnet.net.au
Hexago appliance
Same as Freenet6
Tunnel Setup Protocol
NAT Traversal support
Open to anyone who can reach it via a domestic Australian path
AARNet Copyright 2007
Peering and Transit
• International transit and peering available for IPv6
• Encouraging both IPv4 and IPv6 peering
– But still many IPv4 only peers
– Haven’t yet fully deployed RPSLng so IPv6 prefix
filtering not as strong in the IPv4 world
14
AARNet Copyright 2007
The customer edge
• All customers can connect natively
– But the customer edge is configured only on request
– CPE router dual stack but customer’s router/firewall may not
be
15
AARNet Copyright 2007
Still work to be done…
• DNS about to be implemented
• Mail issues – 3rd parties?
• Still need to deploy IPv6 measurement
– IPv6 monitoring is still in its infancy within our infrastructure
– IPv4 Netflow is heavily deployed – IPv6 isn’t at the moment
16
AARNet Copyright 2007
AARNet3 is ready…
• A few institutions are using IPv6 natively in a limited fashion
– Many are worried about deploying a dual stack at the edge
• Stability/complexity concerns
– Existing infrastructure may not support IPv6
• Firewalls
• Web services
• Some institutions and researchers use static tunnels or broker
17
AARNet Copyright 2007
Some progress…
• Fiji is now advertising IPv6 routes
• More customers are deploying IPv6
– But still a snail’s pace
• Uptake of IPv6 has been slow
– Lack of IPv6 specific spplications
– Not a huge amount of IPv6 services available
– No shortage of IPv4 address space within institutions
– Legacy and non-IPv6 compliant equipment
– Security
– Management
18
AARNet Copyright 2007
IPv4 address depletion
•
•
•
•
•
•
19
2009?
2012?
2015?
When will it kick in?
Will it effect our customers/institutions immediately?
Will it be a painful process?
AARNet Copyright 2007
Where to from here?
Ensure as many services as possible are IPv6 enabled
• Encourage customer connections
• Look for more peering opportunities
• Encourage IPv6 activities
– Education on setting up IPv6 to institutions
20
AARNet Copyright 2007
Thank You!
21