SlideShare uma empresa Scribd logo

Tutorial: IPv6-only transition with demo

ā€¢
ā€¢
APNIC
APNIC

Presentation by Jordi Palet at APNIC 46 on Thursday , 13 September 2018.

Internet
1 de 62
- 1 IPv6 Transition and Coexistence IPv6-only and IPv4 as-a-Service APNIC46 September, 2018 Noumea, New Caledonia Jordi Palet (jordi.palet@theipv6company.com)
- 2 Transition / Co-Existence Techniques ā€¢ IPv6 has been designed for easing the transition and coexistence with IPv4 ā€¢ Several strategies have been designed and implemented for coexisting with IPv4 hosts, grouped in three categories: ā€“ Dual stack: Simultaneous support for both IPv4 and IPv6 stacks ā€“ Tunnels: IPv6 packets encapsulated in IPv4 ones ā€¢ This has been the commonest choice ā€¢ Today expect IPv4 packets in IPv6 ones! ā€“ Translation: Communication of IPv4-only and IPv6-only. Initially discouraged and only ā€œlast resortā€ (imperfect). Today no other choice! ā€¢ Expect to use them in combination!
- 3 Dual-Stack Approach ā€¢ When adding IPv6 to a system, do not delete IPv4 ā€“ This multi-protocol approach is familiar and well-understood (e.g., for AppleTalk, IPX, etc.) ā€“ In the majority of the cases, IPv6 is be bundled with all the OS release, not an extra-cost add-on ā€¢ Applications (or libraries) choose IP version to use ā€“ when initiating, based on DNS response: ā€¢ if (dest has AAAA record) use IPv6, else use IPv4 ā€“ when responding, based on version of initiating packet ā€¢ This allows indefinite co-existence of IPv4 and IPv6, and gradual app-by-app upgrades to IPv6 usage ā€¢ A6 record is experimental
- 4 Dual-Stack Approach IPv6 Application TCP/UDP IPv6 TCP/UDP IPv6 TCP/UDP IPv4IPv4 IPv6 IPv4 IPv6-only stack IPv4-only stackDual-stack (IPv4 & IPv6) IPv6 Application IPv4 Application IPv4 Application
- 5 Tunnels to Get Through IPv6-Ignorant Routers ā€¢ Encapsulate IPv6 packets inside IPv4 packets (or MPLS frames) in order to provide IPv6 connectivity through IPv4- only networks ā€¢ Many methods exist for establishing tunnels: ā€“ manual configuration ā€“ ā€œtunnel brokersā€ (using web-based service to create a tunnel) ā€“ ā€œ6over4ā€ (intra-domain, using IPv4 multicast as virtual LAN) ā€“ ā€œ6to4ā€ (inter-domain, using IPv4 addr as IPv6 site prefix) ā€¢ Can view this as: ā€“ IPv6 using IPv4 as a virtual link-layer, or ā€“ an IPv6 VPN (virtual public network), over the IPv4 Internet (becoming ā€œless virtualā€ over time, we hope)
- 6 IPv4/IPv6 IPv4/IPv6 Internet IPv4 IPv6 IPv6IPv4 Tunnels IPv6 in IPv4
- 7 Translation IPv4/IPv6 ā€¢ May prefer to use IPv6-IPv4 protocol translation for: ā€“ new kinds of Internet devices (e.g., cell phones, cars, appliances) ā€“ benefits of shedding IPv4 stack (e.g., serverless autoconfig) ā€¢ This is a simple extension to NAT techniques, to translate header format as well as addresses ā€“ IPv6 nodes behind a translator get full IPv6 functionality when talking to other IPv6 nodes located anywhere ā€“ they get the normal (i.e., degraded) NAT functionality when talking to IPv4 devices ā€“ methods used to improve NAT functionality (e.g, RSIP) can be used equally to improve IPv6-IPv4 functionality
- 8 IPv6 Transition Mechanisms ā€¢ Some transition mechanism based on tunnels and/or translation: ā€“ 6in4 [6in4] ā€“ TB [TB] ā€“ TSP [TSP] ā€“ 6to4 [6to4] ā€“ Teredo [TEREDO], [TEREDOC] ā€“ TĆŗneles automĆ”ticos [TunAut] ā€“ ā€¦ ā€“ ISATAP [ISATAP] ā€“ 6over4 [6over4] ā€“ Softwires ā€“ 6RD ā€“ NAT64 ā€“ DS-Lite ā€“ lw4o6 ā€“ 464XLAT ā€“ MAP E/T ā€“ ā€¦
- 9 NAT444 NAT Internet IPv4 ISP network AFTR 10.0.0.x/24 AFTR NAT 10.0.0.x/24 v4 v4 v4 v4/v6 Internet IPv6 ā€œplainā€ IPv6 Private IPv4 192.168.1.x NAT44 Level 1 NAT44 Level 2 Public IPv4
- 10 CGN breaks ā€¦ ā€¢ UPnP-IGD (Universal Plug & Play - Internet Gateway Device protocol) ā€¢ NAT-PMP (NAT Port Mapping Protocol) ā€¢ Other NAT Traversal mechs ā€¢ Security ā€¢ AJAX (Asyncronous Javascript And XML) ā€¢ FTP (big files) ā€¢ BitTorrent/Limewire (seeding ā€“ uploading) ā€¢ On-line gaming ā€¢ Video streaming (Netflix, Hulu, ā€¦) ā€¢ IP cameras ā€¢ Tunnels, VPN, IPsec, ... ā€¢ VoIP ā€¢ Port forwarding ā€¢ ...
- 11
- 12 We donā€™t have IPv4 ā€¦ ā€¢ IPv4 exhaustion avoids ā€“ Assigning IPv4 to end-users ā€“ Assigning IPv4 even in public networks ā€“ Keep scalable interoperability with IPv4-only networks ā€¢ Consequence: In many cases, we need to deploy IPv6-only networks ā€“ OpEx ā€“ No IPv4 resources (CapEx if you buy them) ā€“ Performance ā€“ Efficiency ā€“ RFCs ā€“ Other issues ā€¦
- 13 Dual Stack Lite (DS-Lite) ā€¢ To cope with the IPv4 exhaustion problem. ā€¢ Sharing (same) IPv4 addresses among customers by combining: ā€“ Tunneling ā€“ NAT ā€¢ No need for multiple levels of NAT. ā€¢ Two elements: ā€“ DS-Lite Basic Bridging BroadBand (B4) ā€“ DS-Lite Address Family Transition Router (AFTR) ā€¢ Also called CGN (Carrier Grade NAT) or LSN (Large Scale NAT)
- 14 DS-Lite CPE (B4) Internet IPv4 ISP network AFTR 10.0.0.x/24 AFTR CPE (B4) 10.0.0.x/24 v4 v4 v4 v4/v6 Internet IPv6 ā€œplainā€ IPv6 IPv6-only access IPv4-in-IPv6 tunnel NAT44 Level 1 Public IPv4
- 15 Lightweight 4over6 (lw4o6) ā€¢ Similar to DS-Lite -> Changes NAT location ā€“ Better scalability ā€“ Reduces logging ā€¢ Sharing SAME IPv4 addresses among several customers, combining: ā€¢ Tunneling ā€¢ NAT ā€¢ No need for multiple levels of NAT ā€¢ Two elements: ā€¢ Lw Basic Bridging BroadBand (lwB4) - CPE ā€¢ Lw Address Family Transition Router (lwAFTR)
- 16 lw4o6 CPE (lwB4) Internet IPv4 ISP network lwAFTR 10.0.0.x/24 lwAFTR CPE (lwB4) 10.0.0.x/24 v4 v4 v4 v4/v6 Internet IPv6 ā€œplainā€ IPv6 IPv6-only access IPv4-in-IPv6 tunnel NAT44 Level 1 Public IPv4
- 17 NAT64 (1) ā€¢ When ISPs only provide IPv6 connectivity, or devices are IPv6-only (cellular phones) ā€¢ But still some IPv4-only boxes are on the Internet ā€¢ Similar idea as NAT-PT, but working correctly ā€¢ Optional element, but decoupled, DNS64 ā€¢ Good solution if IPv4 is not required at the client ā€“ Client is IPv6-only ā€¢ Some apps donā€™t work (Skype ā€¦) ā€“ Peer-to-peer using IPv4 ā€œreferencesā€ ā€“ Literal addresses ā€“ Socket APIs
- 18 NAT64 (2) ā€¢ Stateful NAT64 is a mechanism for translating IPv6 packets to IPv4 packets and vice-versa ā€“ The translation is done by translating the packet headers according to the IP/ICMP Translation Algorithm. ā€“ The IPv4 addresses of IPv4 hosts are algorithmically translated to and from IPv6 addresses by using a specific algorithm. ā€“ The current specification only defines how stateful NAT64 translates unicast packets carrying TCP, UDP and ICMP traffic. ā€“ DNS64 is a mechanism for synthesizing AAAA resource records (RR) from A RR. The IPv6 address contained in the synthetic AAAA RR is algorithmically generated from the IPv4 address and the IPv6 prefix assigned to a NAT64 device ā€¢ NAT64 allows multiple IPv6-only nodes to share an IPv4 address to access the IPv4 Internet
- 19 NAT64 (3) ā€¢ Itā€™s known that there are things that doesnā€™t work: ā€“ Everything out of TCP,UDP, or ICMP: Multicast, Stream Control Transmission Protocol (SCTP), the Datagram Congestion Control Protocol (DCCP), and IPSEC ā€“ Applications that carry layer 3 information in the application layer: FTP [RFC6384], SIP/H323 ā€“ Some apps: online gaming, skype, etc. ā€¢ Peer-to-peer using IPv4 ā€œreferencesā€ ā€“ Literal addresses ā€“ Socket APIs
- 20 NAT64 (4) CPE Internet IPv4 ISP network NAT64 10.0.0.x/24 NAT64 CPE v4 v4 v6 v4/v6 Internet IPv6 ā€plainā€ IPv6 IPv6-only access Public IPv4 NAT64 DNS64
- 21 NAT64 breaks ā€¦ App Name Functionality Version 464XLAT Fixed connection tracker Broken NA NA DoubleTwist Broken 1.6.3 YES Go SMS Pro Broken NA YES Google Talk Broken 4.1.2 YES Google+ Broken 3.3.1 YES IP Track Broken NA NA Last.fm Broken NA YES Netflix Broken NA YES ooVoo Broken NA YES Pirates of the Caribean Broken NA YES Scrabble Free Broken 1.12.57 YES Skype Broken 3.2.0.6673 YES Spotify Broken NA YES Tango Broken NA YES Texas Poker Broken NA YES TiKL Broken 2.7 YES Tiny Towers Broken NA YES Trillian Broken NA YES TurboxTax Taxcaster Broken NA Voxer Walkie Talkie Broken NA YES Watch ESPN Broken 1.3.1 Zynga Poker Broken NA YES Xabber XMPP Broken NA *T-Mobile
- 22 464XLAT ā€¢ 464XLAT (RFC6877): RFC6145 + RFC6146 ā€¢ Very efficient use of scarce IPv4 resources ā€“ N*65.535 flows per each IPv4 address ā€“ Network growth not tied to IPv4 availability ā€¢ IPv4 basic service to customers over an-IPv6 only infrastructure ā€“ WORKS with applications that use socket APIs and literal IPv4 addresses (Skype, etc.) ā€¢ Allows traffic engineering ā€“ Without deep packet inspection ā€¢ Easy to deploy and available ā€“ Commercial solutions and open source
- 23 464XLAT CPE CLAT Internet IPv4 ISP network NAT64 PLAT 10.0.0.x/24 NAT64 PLAT CPE CLAT 10.0.0.x/24 v4 v4 v4 v4/v6 Internet IPv6 ā€œplainā€ IPv6 IPv6-only access NAT46 Public IPv4 DNS64NAT64
- 24 How it works 464XLAT? CLAT PLAT ISP + IPv6 Internet Public IPv4Private IPv4 IPv4 Internet IPv4 + IPv6 IPv4 IPv6 IPv6 IPv6 Stateless (4->6) [RFC6145] Stateful (6->4) [RFC6146] CLAT: Customer side translator (XLAT) PLAT: Provider side translator (XLAT) IPv4 IPv6
- 25 Possible ā€œappā€ cases ISP IPv6-only IPv6-only Internet 464XLAT ISP IPv6-only IPv4-only Internet 464XLAT PLAT DNS64/NAT64 ISP IPv6-only IPv4-only Internet 464XLAT PLAT 6->4 CLAT 4->6
- 26 464XLAT Addressing CLAT PLAT ISP + IPv6 Internet 200.3.14.147192.168.2.3 IPv4 Internet IPv4 + IPv6 IPv4 IPv6 IPv6 IPv6CLAT XLATE SRC prefix [2001:db8:abcd::/96] XLATE DST prefix [2001:db8:1234::/96] PLAT IPv4 pool (192.1.0.1 ā€“ 192.1.0.250) XLATE DST prefix [2001:db8:1234::/96] IPv4 IPv6 2001:db8:abcd::ab 2001:db8:dada::bb IPv4 SRC 192.168.2.3 IPv4 DST 200.3.14.147 Stateless XLATE [RFC6145] Stateful XLATE [RFC6146] IPv6 SRC 2001:db8:abcd::192.168.2.3 IPv6 DST 2001:db8:1234::200.3.14.147 IPv4 SRC 192.1.0.1 IPv4 DST 200.3.14.147
- 27 Availability and Deployment ā€¢ NAT64: ā€“ A10 ā€“ Cisco ā€“ F5 ā€“ Juniper ā€“ NEC ā€“ Huawei ā€“ Jool, Tayga, Ecdsys, Linux, OpenBSD, ā€¦ ā€¢ CLAT ā€“ Android (since 4.3) ā€“ Nokia ā€“ Windows ā€“ NEC ā€“ Linux ā€“ Jool ā€“ OpenWRT ā€“ Apple (sort-of, is Bump-in-the-Host [RFC6535] implemented in Happy Eyeballs v2) - IPv6-only since iOS 10.2 ā€¢ Commercial deployments: ā€“ T-Mobile US: +68 Millions of users ā€“ Orange ā€“ Telstra ā€“ SK Telecom ā€“ ā€¦ ā€“ Big trials in several ISPs
- 28 MAP Encapsulation (MAP-E) ā€¢ Mapping of Address and Port with Encapsulation ā€¢ Is a ā€œstatelessā€ DS-Lite ā€“ Provision of an IPv4 prefix, address or ā€œsharedā€ address ā€“ Algorithmic mapping between IPv4 and an IPv6 address ā€“ Extends CIDR to 48 bits (32 IP + 16 port) ā€¢ Allows encapsulating IPv4 in IPv6 for both mesh and hubs&spoke topologies, including mapping-independent IPv4 and IPv6 ā€¢ Two elements: ā€¢ MAP Customer Edge (CE) ā€¢ MAP Border Relay (BR)
- 29 MAP-E CE Internet IPv4 ISP Network BR 10.0.0.x/24 BR CE 10.0.0.x/24 v4 v4 v4 v4/v6 Internet IPv6 ā€œplainā€ IPv6 IPv6-only access IPv4-in-IPv6 tunnel NAT44 Level 1 Public IPv4
- 30 MAP-E Packet Path
- 31 MAP Translation (MAP-T) ā€¢ Mapping of Address and Port using Translation ā€¢ Similar to MAP-E ā€¢ Similar to 464XLAT in the sense of the double translation NAT46 (CLAT) and NAT64 (PLAT)
- 32 MAP-T CE Internet IPv4 ISP Network BR 10.0.0.x/24 BR CE 10.0.0.x/24 v4 v4 v4 v4/v6 Internet IPv6 ā€œplainā€ IPv6 IPv6-only access IPv4-in-IPv6 tunnel NAT46 Public IPv4 NAT64 NAT44 Level 1
- 33 MAP-T Packet Path
- 34 MAP-E vs MAP-T ā€¢ MAP-E uses extra 20 bytes for the encapsulation (IPv4-in-IPv6 tunnel). IPv4 IPv6 Transport Link IPv4 Transport Link IPv4 Transport Link IPv6 Transport Link Ć³ IPv4 CE BR MAP MAP MAP-E MAP-T ā€¦ ā€¦Core IPv6
- 35 MAP Addressing
- 36 Comparing Transition ā€¦ 6RD Softwires v2 NAT444 DS-Lite Lw4o6 NAT64 464XLAT MAP-E MAP-T Tunel/Translation (X) T 6in4 T 6in4 X T 4in6 T 4in6 X X T 4in6 X Dual-stack LAN YES YES optional YES YES NO YES YES YES IPv4 Multicast YES YES YES NO NO NO NO NO NO Access Network IPv4 IPv4 IPv4 /dual IPv6 IPv6 IPv6 IPv6 IPv6 IPv6 Overhead 20 bytes 40 bytes - 40 bytes 40 bytes 20 bytes 20 bytes 40 bytes 20 bytes Impact in IPv6 addressing plan YES NO NO NO NO NO NO YES YES CPE Update YES YES optional YES YES YES YES YES YES NAT44/NAPT CPE CPE CPE + CGN CGN CPE CPE CPE CPE CPE 46/64 Translation - - - - - ISP ISP +/or CPE - CPE + ISP Translation at ISP with or w/o state - - with - - with with w/o w/o Scalability High Medium Medium Medium High High High High High Performance High Low Low Low High Medium High High High ALGs NO NO YES YES NO YES YES YES YES Any Protocol or only-TCP/UDP/ICMP YES YES YES YES YES NO NO NO NO Sharing IPv4 Ports NO NO YES YES YES NO NO YES YES IPv6 Aggregation NO NO optional YES YES YES YES YES YES IPv4 Mesh YES YES YES NO NO NO NO YES YES IPv6 Mesh YES NO optional YES YES YES YES YES YES Impacts on logging NO NO YES YES NO YES YES NO NO HA simplicity High Low Low Low High Medium High High High DPI simplicity Low Low High Low Low High High Low High Support in cellular NO NO YES NO NO YES YES NO NO Support in CPEs YES YES YES YES YES YES YES YES YES 15.5 12.5 10.5 9.5 15 11.5 14 13 13.5
- 37 How many ports per user? ā€¢ Possibly a minimum of 300 per user behind each CPE ā€“ More as AJAX/similar technologies usage increase ā€“ Times average number of users behind each NAT ā€“ And going up ā€¢ Be aware of IP/port sharing implications ā€¦
- 38 Recommended Reading ā€¢ Basic Requirements for IPv6 Customer Edge Routers (RFC7084) ā€“ Originally include support only for 6RD and DS-LITE ā€“ Being updated to include support for 464XLAT, MAP T/E, lw4o6, ā€¦ ā€“ https://datatracker.ietf.org/doc/draft-ietf-v6ops-transition-ipv4aas/ ā€¢ BCOP RIPE690: ā€“ https://www.ripe.net/publications/docs/ripe-690 ā€¢ Point-to-point links: ā€“ https://datatracker.ietf.org/doc/draft-palet-v6ops-p2p-links/ ā€¢ NAT64 deployment guidelines: ā€“ https://datatracker.ietf.org/doc/draft-ietf-v6ops-nat64-deployment/
- 39 DNSSEC Considerations ā€¢ DNS64 modifies DNS answers and DNSSEC is designed to detect such modifications, DNS64 can break DNSSEC ā€¢ In general, DNS servers with DNS64 function, by default, will not synthesize AAAA responses if the DNSSEC OK (DO) flag was set in the query. In this case, as only an A record is available, it means that the CLAT will take the responsibility, as in the case of literal IPv4 addresses, to keep that traffic flow end-to-end as IPv4, so DNSSEC is not broken ā€¢ Today no apps in cellular that use DNSSEC, but you should be ready for that ā€“ Consider apps used by means of tethering ā€“ Very relevant for non-cellular networks
- 40 Performance *FaceBook data (17/3/2015) US Mobile Performance ā€“ Dual Stack Provider iOS v6 v4 30% ā€¢ā€Æ iPhone 6 on LTE only ā€¢ā€Æ No Instrumentation of the client ā€¢ā€Æ Examining Client Last Byte Time ā€¢ā€Æ Time it takes for the device to read the response ā€¢ā€Æ Read all the data for a newsfeed Time of HTTP GET completion US Mobile Performance ā€“ Dual Stack Provider Android v6 v4 40% ā€¢ā€Æ Android 4/5 ā€¢ā€Æ Galaxy S5 on LTE only ā€¢ā€Æ No Instrumentation of the client ā€¢ā€Æ Examining Client Last Byte Time ā€¢ā€Æ Time it takes for the device to read the response ā€¢ā€Æ Read all the data for a newsfeed Time of HTTP GET completion US Mobile Performance ā€“ Dual Stack Provider iOS v6 v4 40% ā€¢ā€Æ iPhone 6 ā€¢ā€Æ Client instrumentation ā€¢ā€Æ No A/B testing ā€¢ā€Æ Mobile Proxygen ā€¢ā€Æ Examining Total Request Time ā€¢ā€Æ Similar to Client Last Byte Time Total Request Time
- 41 Multiservice Network ā€¦ ā€¦ 464XLAT PLAT DNS64/NAT64 ā€¦ Cellular network 464XLAT Residential network Corporate network
- 42 Example Residential Customer ā€¦ IPv4 + IPv6 2001:db8::/32 198.51.100.0/24 FE80::1/64 Internet LAN Eth1 192.168.1.1 2001:db8:40::41 CPE (CLAT) Pool IPv4/NAT46: 192.0.0.1/32 Pool IPv6: 2001:db8:2::40/128 2001:db8:1::2 WAN Eth0 Node 1 192.168.1.2/24 2001:db8:40::42/64 BRAS Eth0 198.51.100.10 2001:db8::10 VM PLAT (NAT64 + DNS64) Pool IPv4/NAT64: 198.51.100.11/32 Prefijo IPv6: 64:ff9b::/96 2001:db8:1::1 Eth1 ISP Network User Network Traffic Legend Red: IPv6-only Blue: IPv4-only Green: Dual-stack Node ā€œnā€ 192.168.1.x/24 2001:db8:40::xx/64
- 43 NAT64, DNS64 Jool APNIC46 September, 2018 Noumea, New Caledonia Jordi Palet (jordi.palet@theipv6company.com)
- 44 Jool ā€¢ http://jool.mx/ ā€¢ Open Source SIIT and NAT64 for Linux ā€¢ SIIT (RFC7915): Stateless IP/ICMP Translation Algorithm ā€“ Just ā€œtranslates 1:1ā€ between IPv4 and IPv6 and back ā€“ SIIT with EAM (Explicit Address Mapping) allows ā€œrulesā€ ā€¢ Stateful NAT64, is a NAT between both ā€“ So helps with IPv4 address exhaustion
- 45 Jool Defined Architectures ā€¢ SIIT-DC ā€¢ 464XLAT ā€¢ SIIT-DC DTM (Dual Translation Mode)
- 46 Jool Features ā€¢ Runs in Single Interface ā€“ if needed ā€¢ ā€œNode-Based Translationā€ ā€“ Using ā€œnamespacesā€ to ā€œwrapā€ Jool ā€¢ High-Availability ā€“ Daemon that allows constant synchronization of sessions across Jool instances
- 47 EAMT ā€¢ Some examples: IPv4 Prefix IPv6 Prefix 192.0.2.1/32 2001:db8:aaaa::5/128 198.51.100.0/24 2001:db8:bbbb::/120 203.0.113.8/29 2001:db8:cccc::/125
- 48 Our Demo Setup
- 49 Demo ping 1.1.1.1 tracert 1.1.1.1 ping www.google.com ping -4 www.google.com tracert6 www.google.com tracert www.google.com Also browse to web site that are/arenā€™t IPv6 enabled and with literals, for example http://1.1.1.1 In Chrome/Firefox you may want first to install extension ā€œIPvfoo"
- 50 NAT64 Setup sudo service network-manager stop sudo service radvd stop sudo service isc-dhcp-server stop sudo service isc-dhcp-server6 stop sysctl -w net.ipv4.conf.all.forwarding=1 sysctl -w net.ipv6.conf.all.forwarding=1 ethtool --offload br-lan gro off lro off ethtool --offload eth0 gro off lro off ethtool --offload eth3 gro off lro off ip -6 route replace 2001:df9:6::/60 via fe80::a00:27ff:fe6b:e065 dev eth3 modprobe jool pool6=64:ff9b::/96 pool4=220.247.148.2
- 51 DNS64 Setup /etc/bind/named.conf.options ... forwarders { 8.8.8.8; 8.8.4.4; }; dns64 64:ff9b::/96 { clients { any; }; mapped { any; }; exclude { 0::/3; 4000::/2; 8000::/1; 2001:db8::/32; }; break-dnssec no; };
- 52 CLAT Setup sudo service isc-dhcp-server start sudo service radvd start sudo stop network-manager sysctl -w net.ipv4.conf.all.forwarding=1 sysctl -w net.ipv6.conf.all.forwarding=1 sysctl -w net.ipv4.ip_forward=1 ethtool --offload eth0 gro off lro off ethtool --offload eth1 gro off lro off modprobe jool_siit pool6=64:ff9b::/96 jool_siit --eamt --add 100.64.0.0/10 2001:df9:6:2::/106
- 53 Data-Centers without IPv4! SIIT-DC
- 54 Data-Centers without IPv4! ā€¢ Several cases, large content providers with IPv6-only data-centers and more coming ā€¦ ā€¢ Many ways to do that ā€“ Load Balancing (cost, state, scalability) ā€“ IPv4 traffic (from Internet) finish in IPv6-only clusters ā€¢ Same RFC1918 space, for IPv4 BGP sessions ā€¢ RFC5549 ā€“ Advertising IPv4 Network Layer Reachability Information with an IPv6 Next Hop ā€¢ IPv4 in IPv6 tunneling, for IPVS (IP Virtual Server) ā€¢ IPv4 link-local (169.254.0.0/16) for Linux and switches
- 55 Advantages of IPv6-only ā€¢ IPv6 traffic keeps going up ā€“ Initially more in cellular networks ā€¢ This is a ā€more expensiveā€ traffic (radio, energy, bandwidth availability, ā€¦) ā€¢ More expensive with IPv4 (ā€œkeepalivesā€) than with IPv6 ā€¢ If the end-points speak IPv6 there is no NAT ā€“ Even better, no CGN ā€¢ ā€œperformanceā€ or ā€user-perceived quality of service increases ā€“ IPv6 40% ā€œfasterā€ than IPv4 ā€¢ Response time to complete ā€œHTTP GETā€ ā€¢ Using HTTP2 and QUIC can increase that performance
- 56 IPv4 or Dual-Stack? ā€¢ Against IPv4: ā€“ Lack of IPv4 addresses ā€“ Overlapping of private addresses ā€“ NAT (state) ā€“ Renumbering (new servers or VMs) ā€“ Lack of IPv6 support ā€¢ Against Dual-Stack: ā€“ ā€Dualā€ management costs ā€¢ Monitoring, security, human resources, errors, ā€¦
- 57 SIIT-DC ā€¢ RFC7755 - SIIT-DC: Stateless IP/ICMP Translation for IPv6 Data Center Environments ā€“ ā€œ464XLATā€ for the DC ā€“ No additional software in end-points ā€¢ No state! ā€“ High availability: BGP, ECMP, ā€¦ ā€¢ Keeps source IPv4 address ā€“ Logging, geolocation, ā€¦ ā€¢ Avoid dual-stack in the DC ā€“ DC is simplified ā€¢ Keeps dual-stack for Internet ā€“ Service is available for all users ā€¢ IPv4-only, IPv6-only and dual-stack ā€¢ Doesnā€™t work with literal addresses neither IPv4-only APIs ā€“ Not an issue: a DC use DNS! ā€“ Sorted out as well with RFC7756 ā€¢ Stateless IP/ICMP Translation for IPv6 Internet Data Center Environments (SIIT-DC): Dual Translation Mode
- 58 Example of DC with SIIT-DC IPv6-only Data Center SIIT-DC BR SIIT-DC BR Internet IPv4 Internet IPv6
- 59 Mapping all the IPv4 Internet Internet IPv6 Internet IPv4 0.0.0.0/0 64:ff9b::0.0.0.0/96 ā€¢ An EAM (Explicit Address Mapping) table is configured in the SIIT-DC BR Translation prefix: 2001:db8:46::/96 IPv4 pool: 192.0.2.0/24 EAM table: IPv4 Internet address Address in the DC 192.0.2.1 2001:db8:12:34::1 192.0.2.2 2001:db8:24:68::80 192.0.2.3 2001:db8:24:68::25
- 60 Traffic Flow ā€¢ Example from IP 203.0.113.50 to 192.0.2.1 IPv4 -> IPv6 translation IPv4 IPv6 SRC: 203.0.113.50 2001:db8:46::203.0.113.50 DST: 192.0.2.1 2001:db8:12:34::1 IPv6 -> IPv4 translation IPv6 IPv4 SRC: 2001:db8:12:34::1 192.0.2.1 DST: 2001:db8:46::203.0.113.50 203.0.113.50
- 61 Support ā€¢ Commercial: ā€“ A10 ā€“ Brocade ā€“ Cisco ā€“ F5 ā€¢ Open Source: ā€“ Jool ā€“ Tayga ā€“ VPP
- 62 Thanks! Contact: ā€“ Jordi Palet: jordi.palet@theipv6company.com

Recomendados

IPv4aaS tutorial and hands-on
IPv4aaS tutorial and hands-onIPv4aaS tutorial and hands-on
IPv4aaS tutorial and hands-onAPNIC
Ā 
IPv6 in Cellular Networks
IPv6 in Cellular NetworksIPv6 in Cellular Networks
IPv6 in Cellular NetworksAPNIC
Ā 
Operationalizing EVPN in the Data Center: Part 2
Operationalizing EVPN in the Data Center: Part 2Operationalizing EVPN in the Data Center: Part 2
Operationalizing EVPN in the Data Center: Part 2Cumulus Networks
Ā 
Cisco IPv6 Tutorial
Cisco IPv6 TutorialCisco IPv6 Tutorial
Cisco IPv6 Tutorialkriz5
Ā 
IPv6 Address Planning
IPv6 Address PlanningIPv6 Address Planning
IPv6 Address PlanningAPNIC
Ā 
OpenStack Neutron IPv6 Lessons
OpenStack Neutron IPv6 LessonsOpenStack Neutron IPv6 Lessons
OpenStack Neutron IPv6 LessonsAkihiro Motoki
Ā 
IPv6 address-planning
IPv6 address-planningIPv6 address-planning
IPv6 address-planningTim Martin
Ā 
Cisco Live! :: Cisco ASR 9000 Architecture :: BRKARC-2003 | Las Vegas 2017
Cisco Live! :: Cisco ASR 9000 Architecture :: BRKARC-2003 | Las Vegas 2017Cisco Live! :: Cisco ASR 9000 Architecture :: BRKARC-2003 | Las Vegas 2017
Cisco Live! :: Cisco ASR 9000 Architecture :: BRKARC-2003 | Las Vegas 2017Bruno Teixeira
Ā 

Recomendados

IPv4aaS tutorial and hands-on
IPv4aaS tutorial and hands-onIPv4aaS tutorial and hands-on
IPv4aaS tutorial and hands-onAPNIC
Ā 
IPv6 in Cellular Networks
IPv6 in Cellular NetworksIPv6 in Cellular Networks
IPv6 in Cellular NetworksAPNIC
Ā 
Operationalizing EVPN in the Data Center: Part 2
Operationalizing EVPN in the Data Center: Part 2Operationalizing EVPN in the Data Center: Part 2
Operationalizing EVPN in the Data Center: Part 2Cumulus Networks
Ā 
Cisco IPv6 Tutorial
Cisco IPv6 TutorialCisco IPv6 Tutorial
Cisco IPv6 Tutorialkriz5
Ā 
IPv6 Address Planning
IPv6 Address PlanningIPv6 Address Planning
IPv6 Address PlanningAPNIC
Ā 
OpenStack Neutron IPv6 Lessons
OpenStack Neutron IPv6 LessonsOpenStack Neutron IPv6 Lessons
OpenStack Neutron IPv6 LessonsAkihiro Motoki
Ā 
IPv6 address-planning
IPv6 address-planningIPv6 address-planning
IPv6 address-planningTim Martin
Ā 
Cisco Live! :: Cisco ASR 9000 Architecture :: BRKARC-2003 | Las Vegas 2017
Cisco Live! :: Cisco ASR 9000 Architecture :: BRKARC-2003 | Las Vegas 2017Cisco Live! :: Cisco ASR 9000 Architecture :: BRKARC-2003 | Las Vegas 2017
Cisco Live! :: Cisco ASR 9000 Architecture :: BRKARC-2003 | Las Vegas 2017Bruno Teixeira
Ā 
Cisco Live Milan 2015 - BGP advance
Cisco Live Milan 2015 - BGP advanceCisco Live Milan 2015 - BGP advance
Cisco Live Milan 2015 - BGP advanceBertrand Duvivier
Ā 
BGP Unnumbered 恧遊悓恧ćæ恟
BGP Unnumbered 恧遊悓恧ćæ恟BGP Unnumbered 恧遊悓恧ćæ恟
BGP Unnumbered 恧遊悓恧ćæ恟akira6592
Ā 
Vxlan control plane and routing
Vxlan control plane and routingVxlan control plane and routing
Vxlan control plane and routingWilfredzeng
Ā 
CCNA v6.0 ITN - Chapter 10
CCNA v6.0 ITN - Chapter 10CCNA v6.0 ITN - Chapter 10
CCNA v6.0 ITN - Chapter 10Irsandi Hasan
Ā 
Building DataCenter networks with VXLAN BGP-EVPN
Building DataCenter networks with VXLAN BGP-EVPNBuilding DataCenter networks with VXLAN BGP-EVPN
Building DataCenter networks with VXLAN BGP-EVPNCisco Canada
Ā 
OpenvSwitch Deep Dive
OpenvSwitch Deep DiveOpenvSwitch Deep Dive
OpenvSwitch Deep Diverajdeep
Ā 
Zebra SRv6 CLI on Linux Dataplane (ENOG#49)
Zebra SRv6 CLI on Linux Dataplane (ENOG#49)Zebra SRv6 CLI on Linux Dataplane (ENOG#49)
Zebra SRv6 CLI on Linux Dataplane (ENOG#49)Kentaro Ebisawa
Ā 
IPv6 Transition Strategies
IPv6 Transition StrategiesIPv6 Transition Strategies
IPv6 Transition StrategiesAPNIC
Ā 
Application Centric Infrastructure (ACI), the policy driven data centre
Application Centric Infrastructure (ACI), the policy driven data centreApplication Centric Infrastructure (ACI), the policy driven data centre
Application Centric Infrastructure (ACI), the policy driven data centreCisco Canada
Ā 
OSPF Fundamental
OSPF FundamentalOSPF Fundamental
OSPF FundamentalReza Farahani
Ā 
BGP Advance Technique by Steven & James
BGP Advance Technique by Steven & JamesBGP Advance Technique by Steven & James
BGP Advance Technique by Steven & JamesFebrian ā€Ž
Ā 
A very good introduction to IPv6
A very good introduction to IPv6A very good introduction to IPv6
A very good introduction to IPv6Syed Arshad
Ā 
HSRP ccna
HSRP ccna HSRP ccna
HSRP ccna MohamedJafar5
Ā 
[OpenStack Days Korea 2016] Track3 - ģ˜¤ķ”ˆģŠ¤ķƒ ķ™˜ź²½ģ—ģ„œ ź³µģœ  ķŒŒģ¼ ģ‹œģŠ¤ķ…œ źµ¬ķ˜„ķ•˜źø°: ė§ˆė‹ė¼(Manila) ķ”„ė”œģ ķŠø
[OpenStack Days Korea 2016] Track3 - ģ˜¤ķ”ˆģŠ¤ķƒ ķ™˜ź²½ģ—ģ„œ ź³µģœ  ķŒŒģ¼ ģ‹œģŠ¤ķ…œ źµ¬ķ˜„ķ•˜źø°: ė§ˆė‹ė¼(Manila) ķ”„ė”œģ ķŠø[OpenStack Days Korea 2016] Track3 - ģ˜¤ķ”ˆģŠ¤ķƒ ķ™˜ź²½ģ—ģ„œ ź³µģœ  ķŒŒģ¼ ģ‹œģŠ¤ķ…œ źµ¬ķ˜„ķ•˜źø°: ė§ˆė‹ė¼(Manila) ķ”„ė”œģ ķŠø
[OpenStack Days Korea 2016] Track3 - ģ˜¤ķ”ˆģŠ¤ķƒ ķ™˜ź²½ģ—ģ„œ ź³µģœ  ķŒŒģ¼ ģ‹œģŠ¤ķ…œ źµ¬ķ˜„ķ•˜źø°: ė§ˆė‹ė¼(Manila) ķ”„ė”œģ ķŠøOpenStack Korea Community
Ā 
Tutorial: Using GoBGP as an IXP connecting router
Tutorial: Using GoBGP as an IXP connecting routerTutorial: Using GoBGP as an IXP connecting router
Tutorial: Using GoBGP as an IXP connecting routerShu Sugimoto
Ā 
IPv6
IPv6IPv6
IPv6Jesse Padilla Agudelo
Ā 
VXLAN and FRRouting
VXLAN and FRRoutingVXLAN and FRRouting
VXLAN and FRRoutingFaisal Reza
Ā 
1 asr9 k platform architecture
1 asr9 k platform architecture1 asr9 k platform architecture
1 asr9 k platform architectureThanh Hung Quach
Ā 
Mpls Services
Mpls ServicesMpls Services
Mpls ServicesKristof De Brouwer
Ā 
TechWiseTV Workshop: Software-Defined Access
TechWiseTV Workshop: Software-Defined AccessTechWiseTV Workshop: Software-Defined Access
TechWiseTV Workshop: Software-Defined AccessRobb Boyd
Ā 
IPv6 Transition & Deployment, including IPv6-only in cellular and broadband
IPv6 Transition & Deployment, including IPv6-only in cellular and broadbandIPv6 Transition & Deployment, including IPv6-only in cellular and broadband
IPv6 Transition & Deployment, including IPv6-only in cellular and broadbandAPNIC
Ā 
IPv6 transition and coexistance - Jordi Palet
IPv6 transition and coexistance - Jordi PaletIPv6 transition and coexistance - Jordi Palet
IPv6 transition and coexistance - Jordi PaletŠ ŠµŠ³ŠøстŠ°Ń€ Š½Š°Ń†ŠøŠ¾Š½Š°Š»Š½Š¾Š³ Š˜Š½Ń‚ŠµŃ€Š½ŠµŃ‚ Š“Š¾Š¼ŠµŠ½Š° Š”рŠ±ŠøјŠµ - Š ŠŠ˜Š”Š”
Ā 

Mais conteĆŗdo relacionado

Mais procurados

Cisco Live Milan 2015 - BGP advance
Cisco Live Milan 2015 - BGP advanceCisco Live Milan 2015 - BGP advance
Cisco Live Milan 2015 - BGP advanceBertrand Duvivier
Ā 
BGP Unnumbered 恧遊悓恧ćæ恟
BGP Unnumbered 恧遊悓恧ćæ恟BGP Unnumbered 恧遊悓恧ćæ恟
BGP Unnumbered 恧遊悓恧ćæ恟akira6592
Ā 
Vxlan control plane and routing
Vxlan control plane and routingVxlan control plane and routing
Vxlan control plane and routingWilfredzeng
Ā 
CCNA v6.0 ITN - Chapter 10
CCNA v6.0 ITN - Chapter 10CCNA v6.0 ITN - Chapter 10
CCNA v6.0 ITN - Chapter 10Irsandi Hasan
Ā 
Building DataCenter networks with VXLAN BGP-EVPN
Building DataCenter networks with VXLAN BGP-EVPNBuilding DataCenter networks with VXLAN BGP-EVPN
Building DataCenter networks with VXLAN BGP-EVPNCisco Canada
Ā 
OpenvSwitch Deep Dive
OpenvSwitch Deep DiveOpenvSwitch Deep Dive
OpenvSwitch Deep Diverajdeep
Ā 
Zebra SRv6 CLI on Linux Dataplane (ENOG#49)
Zebra SRv6 CLI on Linux Dataplane (ENOG#49)Zebra SRv6 CLI on Linux Dataplane (ENOG#49)
Zebra SRv6 CLI on Linux Dataplane (ENOG#49)Kentaro Ebisawa
Ā 
IPv6 Transition Strategies
IPv6 Transition StrategiesIPv6 Transition Strategies
IPv6 Transition StrategiesAPNIC
Ā 
Application Centric Infrastructure (ACI), the policy driven data centre
Application Centric Infrastructure (ACI), the policy driven data centreApplication Centric Infrastructure (ACI), the policy driven data centre
Application Centric Infrastructure (ACI), the policy driven data centreCisco Canada
Ā 
OSPF Fundamental
OSPF FundamentalOSPF Fundamental
OSPF FundamentalReza Farahani
Ā 
BGP Advance Technique by Steven & James
BGP Advance Technique by Steven & JamesBGP Advance Technique by Steven & James
BGP Advance Technique by Steven & JamesFebrian ā€Ž
Ā 
A very good introduction to IPv6
A very good introduction to IPv6A very good introduction to IPv6
A very good introduction to IPv6Syed Arshad
Ā 
[OpenStack Days Korea 2016] Track3 - ģ˜¤ķ”ˆģŠ¤ķƒ ķ™˜ź²½ģ—ģ„œ ź³µģœ  ķŒŒģ¼ ģ‹œģŠ¤ķ…œ źµ¬ķ˜„ķ•˜źø°: ė§ˆė‹ė¼(Manila) ķ”„ė”œģ ķŠø
[OpenStack Days Korea 2016] Track3 - ģ˜¤ķ”ˆģŠ¤ķƒ ķ™˜ź²½ģ—ģ„œ ź³µģœ  ķŒŒģ¼ ģ‹œģŠ¤ķ…œ źµ¬ķ˜„ķ•˜źø°: ė§ˆė‹ė¼(Manila) ķ”„ė”œģ ķŠø[OpenStack Days Korea 2016] Track3 - ģ˜¤ķ”ˆģŠ¤ķƒ ķ™˜ź²½ģ—ģ„œ ź³µģœ  ķŒŒģ¼ ģ‹œģŠ¤ķ…œ źµ¬ķ˜„ķ•˜źø°: ė§ˆė‹ė¼(Manila) ķ”„ė”œģ ķŠø
[OpenStack Days Korea 2016] Track3 - ģ˜¤ķ”ˆģŠ¤ķƒ ķ™˜ź²½ģ—ģ„œ ź³µģœ  ķŒŒģ¼ ģ‹œģŠ¤ķ…œ źµ¬ķ˜„ķ•˜źø°: ė§ˆė‹ė¼(Manila) ķ”„ė”œģ ķŠøOpenStack Korea Community
Ā 
Tutorial: Using GoBGP as an IXP connecting router
Tutorial: Using GoBGP as an IXP connecting routerTutorial: Using GoBGP as an IXP connecting router
Tutorial: Using GoBGP as an IXP connecting routerShu Sugimoto
Ā 
VXLAN and FRRouting
VXLAN and FRRoutingVXLAN and FRRouting
VXLAN and FRRoutingFaisal Reza
Ā 
1 asr9 k platform architecture
1 asr9 k platform architecture1 asr9 k platform architecture
1 asr9 k platform architectureThanh Hung Quach
Ā 
TechWiseTV Workshop: Software-Defined Access
TechWiseTV Workshop: Software-Defined AccessTechWiseTV Workshop: Software-Defined Access
TechWiseTV Workshop: Software-Defined AccessRobb Boyd
Ā 

Mais procurados (20)

Cisco Live Milan 2015 - BGP advance
Cisco Live Milan 2015 - BGP advanceCisco Live Milan 2015 - BGP advance
Cisco Live Milan 2015 - BGP advance
Ā 
BGP Unnumbered 恧遊悓恧ćæ恟
BGP Unnumbered 恧遊悓恧ćæ恟BGP Unnumbered 恧遊悓恧ćæ恟
BGP Unnumbered 恧遊悓恧ćæ恟
Ā 
Vxlan control plane and routing
Vxlan control plane and routingVxlan control plane and routing
Vxlan control plane and routing
Ā 
CCNA v6.0 ITN - Chapter 10
CCNA v6.0 ITN - Chapter 10CCNA v6.0 ITN - Chapter 10
CCNA v6.0 ITN - Chapter 10
Ā 
Building DataCenter networks with VXLAN BGP-EVPN
Building DataCenter networks with VXLAN BGP-EVPNBuilding DataCenter networks with VXLAN BGP-EVPN
Building DataCenter networks with VXLAN BGP-EVPN
Ā 
OpenvSwitch Deep Dive
OpenvSwitch Deep DiveOpenvSwitch Deep Dive
OpenvSwitch Deep Dive
Ā 
Zebra SRv6 CLI on Linux Dataplane (ENOG#49)
Zebra SRv6 CLI on Linux Dataplane (ENOG#49)Zebra SRv6 CLI on Linux Dataplane (ENOG#49)
Zebra SRv6 CLI on Linux Dataplane (ENOG#49)
Ā 
IPv6 Transition Strategies
IPv6 Transition StrategiesIPv6 Transition Strategies
IPv6 Transition Strategies
Ā 
Application Centric Infrastructure (ACI), the policy driven data centre
Application Centric Infrastructure (ACI), the policy driven data centreApplication Centric Infrastructure (ACI), the policy driven data centre
Application Centric Infrastructure (ACI), the policy driven data centre
Ā 
OSPF Fundamental
OSPF FundamentalOSPF Fundamental
OSPF Fundamental
Ā 
BGP Advance Technique by Steven & James
BGP Advance Technique by Steven & JamesBGP Advance Technique by Steven & James
BGP Advance Technique by Steven & James
Ā 
A very good introduction to IPv6
A very good introduction to IPv6A very good introduction to IPv6
A very good introduction to IPv6
Ā 
HSRP ccna
HSRP ccna HSRP ccna
HSRP ccna
Ā 
[OpenStack Days Korea 2016] Track3 - ģ˜¤ķ”ˆģŠ¤ķƒ ķ™˜ź²½ģ—ģ„œ ź³µģœ  ķŒŒģ¼ ģ‹œģŠ¤ķ…œ źµ¬ķ˜„ķ•˜źø°: ė§ˆė‹ė¼(Manila) ķ”„ė”œģ ķŠø
[OpenStack Days Korea 2016] Track3 - ģ˜¤ķ”ˆģŠ¤ķƒ ķ™˜ź²½ģ—ģ„œ ź³µģœ  ķŒŒģ¼ ģ‹œģŠ¤ķ…œ źµ¬ķ˜„ķ•˜źø°: ė§ˆė‹ė¼(Manila) ķ”„ė”œģ ķŠø[OpenStack Days Korea 2016] Track3 - ģ˜¤ķ”ˆģŠ¤ķƒ ķ™˜ź²½ģ—ģ„œ ź³µģœ  ķŒŒģ¼ ģ‹œģŠ¤ķ…œ źµ¬ķ˜„ķ•˜źø°: ė§ˆė‹ė¼(Manila) ķ”„ė”œģ ķŠø
[OpenStack Days Korea 2016] Track3 - ģ˜¤ķ”ˆģŠ¤ķƒ ķ™˜ź²½ģ—ģ„œ ź³µģœ  ķŒŒģ¼ ģ‹œģŠ¤ķ…œ źµ¬ķ˜„ķ•˜źø°: ė§ˆė‹ė¼(Manila) ķ”„ė”œģ ķŠø
Ā 
Tutorial: Using GoBGP as an IXP connecting router
Tutorial: Using GoBGP as an IXP connecting routerTutorial: Using GoBGP as an IXP connecting router
Tutorial: Using GoBGP as an IXP connecting router
Ā 
IPv6
IPv6IPv6
IPv6
Ā 
VXLAN and FRRouting
VXLAN and FRRoutingVXLAN and FRRouting
VXLAN and FRRouting
Ā 
1 asr9 k platform architecture
1 asr9 k platform architecture1 asr9 k platform architecture
1 asr9 k platform architecture
Ā 
Mpls Services
Mpls ServicesMpls Services
Mpls Services
Ā 
TechWiseTV Workshop: Software-Defined Access
TechWiseTV Workshop: Software-Defined AccessTechWiseTV Workshop: Software-Defined Access
TechWiseTV Workshop: Software-Defined Access
Ā 

Semelhante a Tutorial: IPv6-only transition with demo

IPv6 Transition & Deployment, including IPv6-only in cellular and broadband
IPv6 Transition & Deployment, including IPv6-only in cellular and broadbandIPv6 Transition & Deployment, including IPv6-only in cellular and broadband
IPv6 Transition & Deployment, including IPv6-only in cellular and broadbandAPNIC
Ā 
IPv6 Transition Considerations for ISPs
IPv6 Transition Considerations for ISPsIPv6 Transition Considerations for ISPs
IPv6 Transition Considerations for ISPsCarlos Martinez Cagnazzo
Ā 
Understanding i pv6 2
Understanding i pv6 2Understanding i pv6 2
Understanding i pv6 2srmanjuskp
Ā 
Enabling IPv6 Services Transparently
Enabling IPv6 Services TransparentlyEnabling IPv6 Services Transparently
Enabling IPv6 Services TransparentlyCarlos Martinez Cagnazzo
Ā 
Raiders of the lost Ark (read IPv6 CPE)
Raiders of the lost Ark (read IPv6 CPE)Raiders of the lost Ark (read IPv6 CPE)
Raiders of the lost Ark (read IPv6 CPE)APNIC
Ā 
Robert Raszuk - Technologies for IPv4/IPv6 coexistance
Robert Raszuk - Technologies for IPv4/IPv6 coexistanceRobert Raszuk - Technologies for IPv4/IPv6 coexistance
Robert Raszuk - Technologies for IPv4/IPv6 coexistancePROIDEA
Ā 
ARIN 36 IETF IPv6 Activities Report
ARIN 36 IETF IPv6 Activities ReportARIN 36 IETF IPv6 Activities Report
ARIN 36 IETF IPv6 Activities ReportARIN
Ā 
IPv6 New RFCs
IPv6 New RFCsIPv6 New RFCs
IPv6 New RFCsAPNIC
Ā 
APNIC Update
APNIC Update APNIC Update
APNIC Update APNIC
Ā 
Rapid IPv6 Deployment for ISP Networks
Rapid IPv6 Deployment for ISP NetworksRapid IPv6 Deployment for ISP Networks
Rapid IPv6 Deployment for ISP NetworksSkeeve Stevens
Ā 
I pv4 vs ipv6
I pv4 vs ipv6I pv4 vs ipv6
I pv4 vs ipv6liiramlkprov
Ā 
RFC8273: Unique Prefix per Host
RFC8273: Unique Prefix per HostRFC8273: Unique Prefix per Host
RFC8273: Unique Prefix per HostAPNIC
Ā 

Semelhante a Tutorial: IPv6-only transition with demo (20)

IPv6 Transition & Deployment, including IPv6-only in cellular and broadband
IPv6 Transition & Deployment, including IPv6-only in cellular and broadbandIPv6 Transition & Deployment, including IPv6-only in cellular and broadband
IPv6 Transition & Deployment, including IPv6-only in cellular and broadband
Ā 
IPv6 transition and coexistance - Jordi Palet
IPv6 transition and coexistance - Jordi PaletIPv6 transition and coexistance - Jordi Palet
IPv6 transition and coexistance - Jordi Palet
Ā 
IPv6 in cellular networks - Jordi Palet
IPv6 in cellular networks - Jordi PaletIPv6 in cellular networks - Jordi Palet
IPv6 in cellular networks - Jordi Palet
Ā 
IPv6 Transition Considerations for ISPs
IPv6 Transition Considerations for ISPsIPv6 Transition Considerations for ISPs
IPv6 Transition Considerations for ISPs
Ā 
Understanding i pv6 2
Understanding i pv6 2Understanding i pv6 2
Understanding i pv6 2
Ā 
IPv6 on the Interop Network
IPv6 on the Interop NetworkIPv6 on the Interop Network
IPv6 on the Interop Network
Ā 
3hows
3hows3hows
3hows
Ā 
Enabling IPv6 Services Transparently
Enabling IPv6 Services TransparentlyEnabling IPv6 Services Transparently
Enabling IPv6 Services Transparently
Ā 
Raiders of the lost Ark (read IPv6 CPE)
Raiders of the lost Ark (read IPv6 CPE)Raiders of the lost Ark (read IPv6 CPE)
Raiders of the lost Ark (read IPv6 CPE)
Ā 
Robert Raszuk - Technologies for IPv4/IPv6 coexistance
Robert Raszuk - Technologies for IPv4/IPv6 coexistanceRobert Raszuk - Technologies for IPv4/IPv6 coexistance
Robert Raszuk - Technologies for IPv4/IPv6 coexistance
Ā 
ARIN 36 IETF IPv6 Activities Report
ARIN 36 IETF IPv6 Activities ReportARIN 36 IETF IPv6 Activities Report
ARIN 36 IETF IPv6 Activities Report
Ā 
ipv4 to 6
ipv4 to 6ipv4 to 6
ipv4 to 6
Ā 
IPv6 New RFCs
IPv6 New RFCsIPv6 New RFCs
IPv6 New RFCs
Ā 
Ipv6
Ipv6Ipv6
Ipv6
Ā 
APNIC Update
APNIC Update APNIC Update
APNIC Update
Ā 
Rapid IPv6 Deployment for ISP Networks
Rapid IPv6 Deployment for ISP NetworksRapid IPv6 Deployment for ISP Networks
Rapid IPv6 Deployment for ISP Networks
Ā 
I pv4 vs ipv6
I pv4 vs ipv6I pv4 vs ipv6
I pv4 vs ipv6
Ā 
Day 20.i pv6 lab
Day 20.i pv6 labDay 20.i pv6 lab
Day 20.i pv6 lab
Ā 
Ipv6 routing
Ipv6 routingIpv6 routing
Ipv6 routing
Ā 
RFC8273: Unique Prefix per Host
RFC8273: Unique Prefix per HostRFC8273: Unique Prefix per Host
RFC8273: Unique Prefix per Host
Ā 

Mais de APNIC

APNIC Updates presented by Paul Wilson at ARIN 53
APNIC Updates presented by Paul Wilson at ARIN 53APNIC Updates presented by Paul Wilson at ARIN 53
APNIC Updates presented by Paul Wilson at ARIN 53APNIC
Ā 
DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024
DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024
DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024APNIC
Ā 
'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...
'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...
'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...APNIC
Ā 
On Starlink, presented by Geoff Huston at NZNOG 2024
On Starlink, presented by Geoff Huston at NZNOG 2024On Starlink, presented by Geoff Huston at NZNOG 2024
On Starlink, presented by Geoff Huston at NZNOG 2024APNIC
Ā 
Networking in the Penumbra presented by Geoff Huston at NZNOG
Networking in the Penumbra presented by Geoff Huston at NZNOGNetworking in the Penumbra presented by Geoff Huston at NZNOG
Networking in the Penumbra presented by Geoff Huston at NZNOGAPNIC
Ā 
IP addressing and IPv6, presented by Paul Wilson at IETF 119
IP addressing and IPv6, presented by Paul Wilson at IETF 119IP addressing and IPv6, presented by Paul Wilson at IETF 119
IP addressing and IPv6, presented by Paul Wilson at IETF 119APNIC
Ā 
draft-harrison-sidrops-manifest-number-01, presented at IETF 119
draft-harrison-sidrops-manifest-number-01, presented at IETF 119draft-harrison-sidrops-manifest-number-01, presented at IETF 119
draft-harrison-sidrops-manifest-number-01, presented at IETF 119APNIC
Ā 
Making an RFC in Today's IETF, presented by Geoff Huston at IETF 119
Making an RFC in Today's IETF, presented by Geoff Huston at IETF 119Making an RFC in Today's IETF, presented by Geoff Huston at IETF 119
Making an RFC in Today's IETF, presented by Geoff Huston at IETF 119APNIC
Ā 
IPv6 Operational Issues (with DNS), presented by Geoff Huston at IETF 119
IPv6 Operational Issues (with DNS), presented by Geoff Huston at IETF 119IPv6 Operational Issues (with DNS), presented by Geoff Huston at IETF 119
IPv6 Operational Issues (with DNS), presented by Geoff Huston at IETF 119APNIC
Ā 
Is DNS ready for IPv6, presented by Geoff Huston at IETF 119
Is DNS ready for IPv6, presented by Geoff Huston at IETF 119Is DNS ready for IPv6, presented by Geoff Huston at IETF 119
Is DNS ready for IPv6, presented by Geoff Huston at IETF 119APNIC
Ā 
Benefits of doing Internet peering and running an Internet Exchange (IX) pres...
Benefits of doing Internet peering and running an Internet Exchange (IX) pres...Benefits of doing Internet peering and running an Internet Exchange (IX) pres...
Benefits of doing Internet peering and running an Internet Exchange (IX) pres...APNIC
Ā 
APNIC Update and RIR Policies for ccTLDs, presented at APTLD 85
APNIC Update and RIR Policies for ccTLDs, presented at APTLD 85APNIC Update and RIR Policies for ccTLDs, presented at APTLD 85
APNIC Update and RIR Policies for ccTLDs, presented at APTLD 85APNIC
Ā 
NANOG 90: 'BGP in 2023' presented by Geoff Huston
NANOG 90: 'BGP in 2023' presented by Geoff HustonNANOG 90: 'BGP in 2023' presented by Geoff Huston
NANOG 90: 'BGP in 2023' presented by Geoff HustonAPNIC
Ā 
DNS-OARC 42: Is the DNS ready for IPv6? presentation by Geoff Huston
DNS-OARC 42: Is the DNS ready for IPv6? presentation by Geoff HustonDNS-OARC 42: Is the DNS ready for IPv6? presentation by Geoff Huston
DNS-OARC 42: Is the DNS ready for IPv6? presentation by Geoff HustonAPNIC
Ā 
APAN 57: APNIC Report at APAN 57, Bangkok, Thailand
APAN 57: APNIC Report at APAN 57, Bangkok, ThailandAPAN 57: APNIC Report at APAN 57, Bangkok, Thailand
APAN 57: APNIC Report at APAN 57, Bangkok, ThailandAPNIC
Ā 
Lao Digital Week 2024: It's time to deploy IPv6
Lao Digital Week 2024: It's time to deploy IPv6Lao Digital Week 2024: It's time to deploy IPv6
Lao Digital Week 2024: It's time to deploy IPv6APNIC
Ā 
AINTEC 2023: Networking in the Penumbra!
AINTEC 2023: Networking in the Penumbra!AINTEC 2023: Networking in the Penumbra!
AINTEC 2023: Networking in the Penumbra!APNIC
Ā 
CNIRC 2023: Global and Regional IPv6 Deployment 2023
CNIRC 2023: Global and Regional IPv6 Deployment 2023CNIRC 2023: Global and Regional IPv6 Deployment 2023
CNIRC 2023: Global and Regional IPv6 Deployment 2023APNIC
Ā 
AFSIG 2023: APNIC Foundation and support for Internet development
AFSIG 2023: APNIC Foundation and support for Internet developmentAFSIG 2023: APNIC Foundation and support for Internet development
AFSIG 2023: APNIC Foundation and support for Internet developmentAPNIC
Ā 
AFNOG 1: Afghanistan IP Deployment Status
AFNOG 1: Afghanistan IP Deployment StatusAFNOG 1: Afghanistan IP Deployment Status
AFNOG 1: Afghanistan IP Deployment StatusAPNIC
Ā 

Mais de APNIC (20)

APNIC Updates presented by Paul Wilson at ARIN 53
APNIC Updates presented by Paul Wilson at ARIN 53APNIC Updates presented by Paul Wilson at ARIN 53
APNIC Updates presented by Paul Wilson at ARIN 53
Ā 
DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024
DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024
DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024
Ā 
'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...
'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...
'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...
Ā 
On Starlink, presented by Geoff Huston at NZNOG 2024
On Starlink, presented by Geoff Huston at NZNOG 2024On Starlink, presented by Geoff Huston at NZNOG 2024
On Starlink, presented by Geoff Huston at NZNOG 2024
Ā 
Networking in the Penumbra presented by Geoff Huston at NZNOG
Networking in the Penumbra presented by Geoff Huston at NZNOGNetworking in the Penumbra presented by Geoff Huston at NZNOG
Networking in the Penumbra presented by Geoff Huston at NZNOG
Ā 
IP addressing and IPv6, presented by Paul Wilson at IETF 119
IP addressing and IPv6, presented by Paul Wilson at IETF 119IP addressing and IPv6, presented by Paul Wilson at IETF 119
IP addressing and IPv6, presented by Paul Wilson at IETF 119
Ā 
draft-harrison-sidrops-manifest-number-01, presented at IETF 119
draft-harrison-sidrops-manifest-number-01, presented at IETF 119draft-harrison-sidrops-manifest-number-01, presented at IETF 119
draft-harrison-sidrops-manifest-number-01, presented at IETF 119
Ā 
Making an RFC in Today's IETF, presented by Geoff Huston at IETF 119
Making an RFC in Today's IETF, presented by Geoff Huston at IETF 119Making an RFC in Today's IETF, presented by Geoff Huston at IETF 119
Making an RFC in Today's IETF, presented by Geoff Huston at IETF 119
Ā 
IPv6 Operational Issues (with DNS), presented by Geoff Huston at IETF 119
IPv6 Operational Issues (with DNS), presented by Geoff Huston at IETF 119IPv6 Operational Issues (with DNS), presented by Geoff Huston at IETF 119
IPv6 Operational Issues (with DNS), presented by Geoff Huston at IETF 119
Ā 
Is DNS ready for IPv6, presented by Geoff Huston at IETF 119
Is DNS ready for IPv6, presented by Geoff Huston at IETF 119Is DNS ready for IPv6, presented by Geoff Huston at IETF 119
Is DNS ready for IPv6, presented by Geoff Huston at IETF 119
Ā 
Benefits of doing Internet peering and running an Internet Exchange (IX) pres...
Benefits of doing Internet peering and running an Internet Exchange (IX) pres...Benefits of doing Internet peering and running an Internet Exchange (IX) pres...
Benefits of doing Internet peering and running an Internet Exchange (IX) pres...
Ā 
APNIC Update and RIR Policies for ccTLDs, presented at APTLD 85
APNIC Update and RIR Policies for ccTLDs, presented at APTLD 85APNIC Update and RIR Policies for ccTLDs, presented at APTLD 85
APNIC Update and RIR Policies for ccTLDs, presented at APTLD 85
Ā 
NANOG 90: 'BGP in 2023' presented by Geoff Huston
NANOG 90: 'BGP in 2023' presented by Geoff HustonNANOG 90: 'BGP in 2023' presented by Geoff Huston
NANOG 90: 'BGP in 2023' presented by Geoff Huston
Ā 
DNS-OARC 42: Is the DNS ready for IPv6? presentation by Geoff Huston
DNS-OARC 42: Is the DNS ready for IPv6? presentation by Geoff HustonDNS-OARC 42: Is the DNS ready for IPv6? presentation by Geoff Huston
DNS-OARC 42: Is the DNS ready for IPv6? presentation by Geoff Huston
Ā 
APAN 57: APNIC Report at APAN 57, Bangkok, Thailand
APAN 57: APNIC Report at APAN 57, Bangkok, ThailandAPAN 57: APNIC Report at APAN 57, Bangkok, Thailand
APAN 57: APNIC Report at APAN 57, Bangkok, Thailand
Ā 
Lao Digital Week 2024: It's time to deploy IPv6
Lao Digital Week 2024: It's time to deploy IPv6Lao Digital Week 2024: It's time to deploy IPv6
Lao Digital Week 2024: It's time to deploy IPv6
Ā 
AINTEC 2023: Networking in the Penumbra!
AINTEC 2023: Networking in the Penumbra!AINTEC 2023: Networking in the Penumbra!
AINTEC 2023: Networking in the Penumbra!
Ā 
CNIRC 2023: Global and Regional IPv6 Deployment 2023
CNIRC 2023: Global and Regional IPv6 Deployment 2023CNIRC 2023: Global and Regional IPv6 Deployment 2023
CNIRC 2023: Global and Regional IPv6 Deployment 2023
Ā 
AFSIG 2023: APNIC Foundation and support for Internet development
AFSIG 2023: APNIC Foundation and support for Internet developmentAFSIG 2023: APNIC Foundation and support for Internet development
AFSIG 2023: APNIC Foundation and support for Internet development
Ā 
AFNOG 1: Afghanistan IP Deployment Status
AFNOG 1: Afghanistan IP Deployment StatusAFNOG 1: Afghanistan IP Deployment Status
AFNOG 1: Afghanistan IP Deployment Status
Ā 

ƚltimo

Nanded City ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready ...
Nanded City ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready ...Nanded City ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready ...
Nanded City ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready ...tanu pandey
Ā 
Call Girls In Saket Delhi šŸ’ÆCall Us šŸ”8264348440šŸ”
Call Girls In Saket Delhi šŸ’ÆCall Us šŸ”8264348440šŸ”Call Girls In Saket Delhi šŸ’ÆCall Us šŸ”8264348440šŸ”
Call Girls In Saket Delhi šŸ’ÆCall Us šŸ”8264348440šŸ”soniya singh
Ā 
āœ‚ļø šŸ‘… Independent Andheri Escorts With Room Vashi Call Girls šŸ’ƒ 9004004663
āœ‚ļø šŸ‘… Independent Andheri Escorts With Room Vashi Call Girls šŸ’ƒ 9004004663āœ‚ļø šŸ‘… Independent Andheri Escorts With Room Vashi Call Girls šŸ’ƒ 9004004663
āœ‚ļø šŸ‘… Independent Andheri Escorts With Room Vashi Call Girls šŸ’ƒ 9004004663Call Girls Mumbai
Ā 
Lucknow ā¤CALL GIRL 88759*99948 ā¤CALL GIRLS IN Lucknow ESCORT SERVICEā¤CALL GIRL
Lucknow ā¤CALL GIRL 88759*99948 ā¤CALL GIRLS IN Lucknow ESCORT SERVICEā¤CALL GIRLLucknow ā¤CALL GIRL 88759*99948 ā¤CALL GIRLS IN Lucknow ESCORT SERVICEā¤CALL GIRL
Lucknow ā¤CALL GIRL 88759*99948 ā¤CALL GIRLS IN Lucknow ESCORT SERVICEā¤CALL GIRLimonikaupta
Ā 
Best VIP Call Girls Noida Sector 75 Call Me: 8448380779
Best VIP Call Girls Noida Sector 75 Call Me: 8448380779Best VIP Call Girls Noida Sector 75 Call Me: 8448380779
Best VIP Call Girls Noida Sector 75 Call Me: 8448380779Delhi Call girls
Ā 
Call Girls In Model Towh Delhi šŸ’ÆCall Us šŸ”8264348440šŸ”
Call Girls In Model Towh Delhi šŸ’ÆCall Us šŸ”8264348440šŸ”Call Girls In Model Towh Delhi šŸ’ÆCall Us šŸ”8264348440šŸ”
Call Girls In Model Towh Delhi šŸ’ÆCall Us šŸ”8264348440šŸ”soniya singh
Ā 
VIP 7001035870 Find & Meet Hyderabad Call Girls LB Nagar high-profile Call Girl
VIP 7001035870 Find & Meet Hyderabad Call Girls LB Nagar high-profile Call GirlVIP 7001035870 Find & Meet Hyderabad Call Girls LB Nagar high-profile Call Girl
VIP 7001035870 Find & Meet Hyderabad Call Girls LB Nagar high-profile Call Girladitipandeya
Ā 
Pune Airport ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready...
Pune Airport ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready...Pune Airport ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready...
Pune Airport ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready...tanu pandey
Ā 
š“€¤Call On 7877925207 š“€¤ Ahmedguda Call Girls Hot Model With Sexy Bhabi Ready Fo...
š“€¤Call On 7877925207 š“€¤ Ahmedguda Call Girls Hot Model With Sexy Bhabi Ready Fo...š“€¤Call On 7877925207 š“€¤ Ahmedguda Call Girls Hot Model With Sexy Bhabi Ready Fo...
š“€¤Call On 7877925207 š“€¤ Ahmedguda Call Girls Hot Model With Sexy Bhabi Ready Fo...Neha Pandey
Ā 
Call Now ā˜Ž 8264348440 !! Call Girls in Sarai Rohilla Escort Service Delhi N.C.R.
Call Now ā˜Ž 8264348440 !! Call Girls in Sarai Rohilla Escort Service Delhi N.C.R.Call Now ā˜Ž 8264348440 !! Call Girls in Sarai Rohilla Escort Service Delhi N.C.R.
Call Now ā˜Ž 8264348440 !! Call Girls in Sarai Rohilla Escort Service Delhi N.C.R.soniya singh
Ā 
Call Girls Dubai Prolapsed O525547819 Call Girls In Dubai Princes$
Call Girls Dubai Prolapsed O525547819 Call Girls In Dubai Princes$Call Girls Dubai Prolapsed O525547819 Call Girls In Dubai Princes$
Call Girls Dubai Prolapsed O525547819 Call Girls In Dubai Princes$kojalkojal131
Ā 
Call Girls In Pratap Nagar Delhi šŸ’ÆCall Us šŸ”8264348440šŸ”
Call Girls In Pratap Nagar Delhi šŸ’ÆCall Us šŸ”8264348440šŸ”Call Girls In Pratap Nagar Delhi šŸ’ÆCall Us šŸ”8264348440šŸ”
Call Girls In Pratap Nagar Delhi šŸ’ÆCall Us šŸ”8264348440šŸ”soniya singh
Ā 
CALL ON āž„8923113531 šŸ”Call Girls Lucknow Lucknow best sexual service Online
CALL ON āž„8923113531 šŸ”Call Girls Lucknow Lucknow best sexual service OnlineCALL ON āž„8923113531 šŸ”Call Girls Lucknow Lucknow best sexual service Online
CALL ON āž„8923113531 šŸ”Call Girls Lucknow Lucknow best sexual service Onlineanilsa9823
Ā 
Call Girls In Ashram Chowk Delhi šŸ’ÆCall Us šŸ”8264348440šŸ”
Call Girls In Ashram Chowk Delhi šŸ’ÆCall Us šŸ”8264348440šŸ”Call Girls In Ashram Chowk Delhi šŸ’ÆCall Us šŸ”8264348440šŸ”
Call Girls In Ashram Chowk Delhi šŸ’ÆCall Us šŸ”8264348440šŸ”soniya singh
Ā 
All Time Service Available Call Girls Mg Road šŸ‘Œ ā­ļø 6378878445
All Time Service Available Call Girls Mg Road šŸ‘Œ ā­ļø 6378878445All Time Service Available Call Girls Mg Road šŸ‘Œ ā­ļø 6378878445
All Time Service Available Call Girls Mg Road šŸ‘Œ ā­ļø 6378878445ruhi
Ā 
Hot Service (+9316020077 ) Goa Call Girls Real Photos and Genuine Service
Hot Service (+9316020077 ) Goa Call Girls Real Photos and Genuine ServiceHot Service (+9316020077 ) Goa Call Girls Real Photos and Genuine Service
Hot Service (+9316020077 ) Goa Call Girls Real Photos and Genuine Servicesexy call girls service in goa
Ā 
WhatsApp šŸ“ž 8448380779 āœ…Call Girls In Mamura Sector 66 ( Noida)
WhatsApp šŸ“ž 8448380779 āœ…Call Girls In Mamura Sector 66 ( Noida)WhatsApp šŸ“ž 8448380779 āœ…Call Girls In Mamura Sector 66 ( Noida)
WhatsApp šŸ“ž 8448380779 āœ…Call Girls In Mamura Sector 66 ( Noida)Delhi Call girls
Ā 

ƚltimo (20)

VVVIP Call Girls In Connaught Place āž”ļø Delhi āž”ļø 9999965857 šŸš€ No Advance 24HRS...
VVVIP Call Girls In Connaught Place āž”ļø Delhi āž”ļø 9999965857 šŸš€ No Advance 24HRS...VVVIP Call Girls In Connaught Place āž”ļø Delhi āž”ļø 9999965857 šŸš€ No Advance 24HRS...
VVVIP Call Girls In Connaught Place āž”ļø Delhi āž”ļø 9999965857 šŸš€ No Advance 24HRS...
Ā 
Nanded City ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready ...
Nanded City ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready ...Nanded City ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready ...
Nanded City ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready ...
Ā 
Call Girls In Saket Delhi šŸ’ÆCall Us šŸ”8264348440šŸ”
Call Girls In Saket Delhi šŸ’ÆCall Us šŸ”8264348440šŸ”Call Girls In Saket Delhi šŸ’ÆCall Us šŸ”8264348440šŸ”
Call Girls In Saket Delhi šŸ’ÆCall Us šŸ”8264348440šŸ”
Ā 
āœ‚ļø šŸ‘… Independent Andheri Escorts With Room Vashi Call Girls šŸ’ƒ 9004004663
āœ‚ļø šŸ‘… Independent Andheri Escorts With Room Vashi Call Girls šŸ’ƒ 9004004663āœ‚ļø šŸ‘… Independent Andheri Escorts With Room Vashi Call Girls šŸ’ƒ 9004004663
āœ‚ļø šŸ‘… Independent Andheri Escorts With Room Vashi Call Girls šŸ’ƒ 9004004663
Ā 
Lucknow ā¤CALL GIRL 88759*99948 ā¤CALL GIRLS IN Lucknow ESCORT SERVICEā¤CALL GIRL
Lucknow ā¤CALL GIRL 88759*99948 ā¤CALL GIRLS IN Lucknow ESCORT SERVICEā¤CALL GIRLLucknow ā¤CALL GIRL 88759*99948 ā¤CALL GIRLS IN Lucknow ESCORT SERVICEā¤CALL GIRL
Lucknow ā¤CALL GIRL 88759*99948 ā¤CALL GIRLS IN Lucknow ESCORT SERVICEā¤CALL GIRL
Ā 
Best VIP Call Girls Noida Sector 75 Call Me: 8448380779
Best VIP Call Girls Noida Sector 75 Call Me: 8448380779Best VIP Call Girls Noida Sector 75 Call Me: 8448380779
Best VIP Call Girls Noida Sector 75 Call Me: 8448380779
Ā 
Call Girls In Model Towh Delhi šŸ’ÆCall Us šŸ”8264348440šŸ”
Call Girls In Model Towh Delhi šŸ’ÆCall Us šŸ”8264348440šŸ”Call Girls In Model Towh Delhi šŸ’ÆCall Us šŸ”8264348440šŸ”
Call Girls In Model Towh Delhi šŸ’ÆCall Us šŸ”8264348440šŸ”
Ā 
VIP 7001035870 Find & Meet Hyderabad Call Girls LB Nagar high-profile Call Girl
VIP 7001035870 Find & Meet Hyderabad Call Girls LB Nagar high-profile Call GirlVIP 7001035870 Find & Meet Hyderabad Call Girls LB Nagar high-profile Call Girl
VIP 7001035870 Find & Meet Hyderabad Call Girls LB Nagar high-profile Call Girl
Ā 
Pune Airport ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready...
Pune Airport ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready...Pune Airport ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready...
Pune Airport ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready...
Ā 
Russian Call Girls in %(+971524965298 )# Call Girls in Dubai
Russian Call Girls in %(+971524965298 )# Call Girls in DubaiRussian Call Girls in %(+971524965298 )# Call Girls in Dubai
Russian Call Girls in %(+971524965298 )# Call Girls in Dubai
Ā 
š“€¤Call On 7877925207 š“€¤ Ahmedguda Call Girls Hot Model With Sexy Bhabi Ready Fo...
š“€¤Call On 7877925207 š“€¤ Ahmedguda Call Girls Hot Model With Sexy Bhabi Ready Fo...š“€¤Call On 7877925207 š“€¤ Ahmedguda Call Girls Hot Model With Sexy Bhabi Ready Fo...
š“€¤Call On 7877925207 š“€¤ Ahmedguda Call Girls Hot Model With Sexy Bhabi Ready Fo...
Ā 
Call Now ā˜Ž 8264348440 !! Call Girls in Sarai Rohilla Escort Service Delhi N.C.R.
Call Now ā˜Ž 8264348440 !! Call Girls in Sarai Rohilla Escort Service Delhi N.C.R.Call Now ā˜Ž 8264348440 !! Call Girls in Sarai Rohilla Escort Service Delhi N.C.R.
Call Now ā˜Ž 8264348440 !! Call Girls in Sarai Rohilla Escort Service Delhi N.C.R.
Ā 
Call Girls Dubai Prolapsed O525547819 Call Girls In Dubai Princes$
Call Girls Dubai Prolapsed O525547819 Call Girls In Dubai Princes$Call Girls Dubai Prolapsed O525547819 Call Girls In Dubai Princes$
Call Girls Dubai Prolapsed O525547819 Call Girls In Dubai Princes$
Ā 
Call Girls In Pratap Nagar Delhi šŸ’ÆCall Us šŸ”8264348440šŸ”
Call Girls In Pratap Nagar Delhi šŸ’ÆCall Us šŸ”8264348440šŸ”Call Girls In Pratap Nagar Delhi šŸ’ÆCall Us šŸ”8264348440šŸ”
Call Girls In Pratap Nagar Delhi šŸ’ÆCall Us šŸ”8264348440šŸ”
Ā 
CALL ON āž„8923113531 šŸ”Call Girls Lucknow Lucknow best sexual service Online
CALL ON āž„8923113531 šŸ”Call Girls Lucknow Lucknow best sexual service OnlineCALL ON āž„8923113531 šŸ”Call Girls Lucknow Lucknow best sexual service Online
CALL ON āž„8923113531 šŸ”Call Girls Lucknow Lucknow best sexual service Online
Ā 
Call Girls In Ashram Chowk Delhi šŸ’ÆCall Us šŸ”8264348440šŸ”
Call Girls In Ashram Chowk Delhi šŸ’ÆCall Us šŸ”8264348440šŸ”Call Girls In Ashram Chowk Delhi šŸ’ÆCall Us šŸ”8264348440šŸ”
Call Girls In Ashram Chowk Delhi šŸ’ÆCall Us šŸ”8264348440šŸ”
Ā 
Rohini Sector 26 Call Girls Delhi 9999965857 @Sabina Saikh No Advance
Rohini Sector 26 Call Girls Delhi 9999965857 @Sabina Saikh No AdvanceRohini Sector 26 Call Girls Delhi 9999965857 @Sabina Saikh No Advance
Rohini Sector 26 Call Girls Delhi 9999965857 @Sabina Saikh No Advance
Ā 
All Time Service Available Call Girls Mg Road šŸ‘Œ ā­ļø 6378878445
All Time Service Available Call Girls Mg Road šŸ‘Œ ā­ļø 6378878445All Time Service Available Call Girls Mg Road šŸ‘Œ ā­ļø 6378878445
All Time Service Available Call Girls Mg Road šŸ‘Œ ā­ļø 6378878445
Ā 
Hot Service (+9316020077 ) Goa Call Girls Real Photos and Genuine Service
Hot Service (+9316020077 ) Goa Call Girls Real Photos and Genuine ServiceHot Service (+9316020077 ) Goa Call Girls Real Photos and Genuine Service
Hot Service (+9316020077 ) Goa Call Girls Real Photos and Genuine Service
Ā 
WhatsApp šŸ“ž 8448380779 āœ…Call Girls In Mamura Sector 66 ( Noida)
WhatsApp šŸ“ž 8448380779 āœ…Call Girls In Mamura Sector 66 ( Noida)WhatsApp šŸ“ž 8448380779 āœ…Call Girls In Mamura Sector 66 ( Noida)
WhatsApp šŸ“ž 8448380779 āœ…Call Girls In Mamura Sector 66 ( Noida)
Ā 

Tutorial: IPv6-only transition with demo

  • 1. - 1 IPv6 Transition and Coexistence IPv6-only and IPv4 as-a-Service APNIC46 September, 2018 Noumea, New Caledonia Jordi Palet (jordi.palet@theipv6company.com)
  • 2. - 2 Transition / Co-Existence Techniques ā€¢ IPv6 has been designed for easing the transition and coexistence with IPv4 ā€¢ Several strategies have been designed and implemented for coexisting with IPv4 hosts, grouped in three categories: ā€“ Dual stack: Simultaneous support for both IPv4 and IPv6 stacks ā€“ Tunnels: IPv6 packets encapsulated in IPv4 ones ā€¢ This has been the commonest choice ā€¢ Today expect IPv4 packets in IPv6 ones! ā€“ Translation: Communication of IPv4-only and IPv6-only. Initially discouraged and only ā€œlast resortā€ (imperfect). Today no other choice! ā€¢ Expect to use them in combination!
  • 3. - 3 Dual-Stack Approach ā€¢ When adding IPv6 to a system, do not delete IPv4 ā€“ This multi-protocol approach is familiar and well-understood (e.g., for AppleTalk, IPX, etc.) ā€“ In the majority of the cases, IPv6 is be bundled with all the OS release, not an extra-cost add-on ā€¢ Applications (or libraries) choose IP version to use ā€“ when initiating, based on DNS response: ā€¢ if (dest has AAAA record) use IPv6, else use IPv4 ā€“ when responding, based on version of initiating packet ā€¢ This allows indefinite co-existence of IPv4 and IPv6, and gradual app-by-app upgrades to IPv6 usage ā€¢ A6 record is experimental
  • 4. - 4 Dual-Stack Approach IPv6 Application TCP/UDP IPv6 TCP/UDP IPv6 TCP/UDP IPv4IPv4 IPv6 IPv4 IPv6-only stack IPv4-only stackDual-stack (IPv4 & IPv6) IPv6 Application IPv4 Application IPv4 Application
  • 5. - 5 Tunnels to Get Through IPv6-Ignorant Routers ā€¢ Encapsulate IPv6 packets inside IPv4 packets (or MPLS frames) in order to provide IPv6 connectivity through IPv4- only networks ā€¢ Many methods exist for establishing tunnels: ā€“ manual configuration ā€“ ā€œtunnel brokersā€ (using web-based service to create a tunnel) ā€“ ā€œ6over4ā€ (intra-domain, using IPv4 multicast as virtual LAN) ā€“ ā€œ6to4ā€ (inter-domain, using IPv4 addr as IPv6 site prefix) ā€¢ Can view this as: ā€“ IPv6 using IPv4 as a virtual link-layer, or ā€“ an IPv6 VPN (virtual public network), over the IPv4 Internet (becoming ā€œless virtualā€ over time, we hope)
  • 7. - 7 Translation IPv4/IPv6 ā€¢ May prefer to use IPv6-IPv4 protocol translation for: ā€“ new kinds of Internet devices (e.g., cell phones, cars, appliances) ā€“ benefits of shedding IPv4 stack (e.g., serverless autoconfig) ā€¢ This is a simple extension to NAT techniques, to translate header format as well as addresses ā€“ IPv6 nodes behind a translator get full IPv6 functionality when talking to other IPv6 nodes located anywhere ā€“ they get the normal (i.e., degraded) NAT functionality when talking to IPv4 devices ā€“ methods used to improve NAT functionality (e.g, RSIP) can be used equally to improve IPv6-IPv4 functionality
  • 8. - 8 IPv6 Transition Mechanisms ā€¢ Some transition mechanism based on tunnels and/or translation: ā€“ 6in4 [6in4] ā€“ TB [TB] ā€“ TSP [TSP] ā€“ 6to4 [6to4] ā€“ Teredo [TEREDO], [TEREDOC] ā€“ TĆŗneles automĆ”ticos [TunAut] ā€“ ā€¦ ā€“ ISATAP [ISATAP] ā€“ 6over4 [6over4] ā€“ Softwires ā€“ 6RD ā€“ NAT64 ā€“ DS-Lite ā€“ lw4o6 ā€“ 464XLAT ā€“ MAP E/T ā€“ ā€¦
  • 9. - 9 NAT444 NAT Internet IPv4 ISP network AFTR 10.0.0.x/24 AFTR NAT 10.0.0.x/24 v4 v4 v4 v4/v6 Internet IPv6 ā€œplainā€ IPv6 Private IPv4 192.168.1.x NAT44 Level 1 NAT44 Level 2 Public IPv4
  • 10. - 10 CGN breaks ā€¦ ā€¢ UPnP-IGD (Universal Plug & Play - Internet Gateway Device protocol) ā€¢ NAT-PMP (NAT Port Mapping Protocol) ā€¢ Other NAT Traversal mechs ā€¢ Security ā€¢ AJAX (Asyncronous Javascript And XML) ā€¢ FTP (big files) ā€¢ BitTorrent/Limewire (seeding ā€“ uploading) ā€¢ On-line gaming ā€¢ Video streaming (Netflix, Hulu, ā€¦) ā€¢ IP cameras ā€¢ Tunnels, VPN, IPsec, ... ā€¢ VoIP ā€¢ Port forwarding ā€¢ ...
  • 11. - 11
  • 12. - 12 We donā€™t have IPv4 ā€¦ ā€¢ IPv4 exhaustion avoids ā€“ Assigning IPv4 to end-users ā€“ Assigning IPv4 even in public networks ā€“ Keep scalable interoperability with IPv4-only networks ā€¢ Consequence: In many cases, we need to deploy IPv6-only networks ā€“ OpEx ā€“ No IPv4 resources (CapEx if you buy them) ā€“ Performance ā€“ Efficiency ā€“ RFCs ā€“ Other issues ā€¦
  • 13. - 13 Dual Stack Lite (DS-Lite) ā€¢ To cope with the IPv4 exhaustion problem. ā€¢ Sharing (same) IPv4 addresses among customers by combining: ā€“ Tunneling ā€“ NAT ā€¢ No need for multiple levels of NAT. ā€¢ Two elements: ā€“ DS-Lite Basic Bridging BroadBand (B4) ā€“ DS-Lite Address Family Transition Router (AFTR) ā€¢ Also called CGN (Carrier Grade NAT) or LSN (Large Scale NAT)
  • 14. - 14 DS-Lite CPE (B4) Internet IPv4 ISP network AFTR 10.0.0.x/24 AFTR CPE (B4) 10.0.0.x/24 v4 v4 v4 v4/v6 Internet IPv6 ā€œplainā€ IPv6 IPv6-only access IPv4-in-IPv6 tunnel NAT44 Level 1 Public IPv4
  • 15. - 15 Lightweight 4over6 (lw4o6) ā€¢ Similar to DS-Lite -> Changes NAT location ā€“ Better scalability ā€“ Reduces logging ā€¢ Sharing SAME IPv4 addresses among several customers, combining: ā€¢ Tunneling ā€¢ NAT ā€¢ No need for multiple levels of NAT ā€¢ Two elements: ā€¢ Lw Basic Bridging BroadBand (lwB4) - CPE ā€¢ Lw Address Family Transition Router (lwAFTR)
  • 16. - 16 lw4o6 CPE (lwB4) Internet IPv4 ISP network lwAFTR 10.0.0.x/24 lwAFTR CPE (lwB4) 10.0.0.x/24 v4 v4 v4 v4/v6 Internet IPv6 ā€œplainā€ IPv6 IPv6-only access IPv4-in-IPv6 tunnel NAT44 Level 1 Public IPv4
  • 17. - 17 NAT64 (1) ā€¢ When ISPs only provide IPv6 connectivity, or devices are IPv6-only (cellular phones) ā€¢ But still some IPv4-only boxes are on the Internet ā€¢ Similar idea as NAT-PT, but working correctly ā€¢ Optional element, but decoupled, DNS64 ā€¢ Good solution if IPv4 is not required at the client ā€“ Client is IPv6-only ā€¢ Some apps donā€™t work (Skype ā€¦) ā€“ Peer-to-peer using IPv4 ā€œreferencesā€ ā€“ Literal addresses ā€“ Socket APIs
  • 18. - 18 NAT64 (2) ā€¢ Stateful NAT64 is a mechanism for translating IPv6 packets to IPv4 packets and vice-versa ā€“ The translation is done by translating the packet headers according to the IP/ICMP Translation Algorithm. ā€“ The IPv4 addresses of IPv4 hosts are algorithmically translated to and from IPv6 addresses by using a specific algorithm. ā€“ The current specification only defines how stateful NAT64 translates unicast packets carrying TCP, UDP and ICMP traffic. ā€“ DNS64 is a mechanism for synthesizing AAAA resource records (RR) from A RR. The IPv6 address contained in the synthetic AAAA RR is algorithmically generated from the IPv4 address and the IPv6 prefix assigned to a NAT64 device ā€¢ NAT64 allows multiple IPv6-only nodes to share an IPv4 address to access the IPv4 Internet
  • 19. - 19 NAT64 (3) ā€¢ Itā€™s known that there are things that doesnā€™t work: ā€“ Everything out of TCP,UDP, or ICMP: Multicast, Stream Control Transmission Protocol (SCTP), the Datagram Congestion Control Protocol (DCCP), and IPSEC ā€“ Applications that carry layer 3 information in the application layer: FTP [RFC6384], SIP/H323 ā€“ Some apps: online gaming, skype, etc. ā€¢ Peer-to-peer using IPv4 ā€œreferencesā€ ā€“ Literal addresses ā€“ Socket APIs
  • 20. - 20 NAT64 (4) CPE Internet IPv4 ISP network NAT64 10.0.0.x/24 NAT64 CPE v4 v4 v6 v4/v6 Internet IPv6 ā€plainā€ IPv6 IPv6-only access Public IPv4 NAT64 DNS64
  • 21. - 21 NAT64 breaks ā€¦ App Name Functionality Version 464XLAT Fixed connection tracker Broken NA NA DoubleTwist Broken 1.6.3 YES Go SMS Pro Broken NA YES Google Talk Broken 4.1.2 YES Google+ Broken 3.3.1 YES IP Track Broken NA NA Last.fm Broken NA YES Netflix Broken NA YES ooVoo Broken NA YES Pirates of the Caribean Broken NA YES Scrabble Free Broken 1.12.57 YES Skype Broken 3.2.0.6673 YES Spotify Broken NA YES Tango Broken NA YES Texas Poker Broken NA YES TiKL Broken 2.7 YES Tiny Towers Broken NA YES Trillian Broken NA YES TurboxTax Taxcaster Broken NA Voxer Walkie Talkie Broken NA YES Watch ESPN Broken 1.3.1 Zynga Poker Broken NA YES Xabber XMPP Broken NA *T-Mobile
  • 22. - 22 464XLAT ā€¢ 464XLAT (RFC6877): RFC6145 + RFC6146 ā€¢ Very efficient use of scarce IPv4 resources ā€“ N*65.535 flows per each IPv4 address ā€“ Network growth not tied to IPv4 availability ā€¢ IPv4 basic service to customers over an-IPv6 only infrastructure ā€“ WORKS with applications that use socket APIs and literal IPv4 addresses (Skype, etc.) ā€¢ Allows traffic engineering ā€“ Without deep packet inspection ā€¢ Easy to deploy and available ā€“ Commercial solutions and open source
  • 23. - 23 464XLAT CPE CLAT Internet IPv4 ISP network NAT64 PLAT 10.0.0.x/24 NAT64 PLAT CPE CLAT 10.0.0.x/24 v4 v4 v4 v4/v6 Internet IPv6 ā€œplainā€ IPv6 IPv6-only access NAT46 Public IPv4 DNS64NAT64
  • 24. - 24 How it works 464XLAT? CLAT PLAT ISP + IPv6 Internet Public IPv4Private IPv4 IPv4 Internet IPv4 + IPv6 IPv4 IPv6 IPv6 IPv6 Stateless (4->6) [RFC6145] Stateful (6->4) [RFC6146] CLAT: Customer side translator (XLAT) PLAT: Provider side translator (XLAT) IPv4 IPv6
  • 25. - 25 Possible ā€œappā€ cases ISP IPv6-only IPv6-only Internet 464XLAT ISP IPv6-only IPv4-only Internet 464XLAT PLAT DNS64/NAT64 ISP IPv6-only IPv4-only Internet 464XLAT PLAT 6->4 CLAT 4->6
  • 26. - 26 464XLAT Addressing CLAT PLAT ISP + IPv6 Internet 200.3.14.147192.168.2.3 IPv4 Internet IPv4 + IPv6 IPv4 IPv6 IPv6 IPv6CLAT XLATE SRC prefix [2001:db8:abcd::/96] XLATE DST prefix [2001:db8:1234::/96] PLAT IPv4 pool (192.1.0.1 ā€“ 192.1.0.250) XLATE DST prefix [2001:db8:1234::/96] IPv4 IPv6 2001:db8:abcd::ab 2001:db8:dada::bb IPv4 SRC 192.168.2.3 IPv4 DST 200.3.14.147 Stateless XLATE [RFC6145] Stateful XLATE [RFC6146] IPv6 SRC 2001:db8:abcd::192.168.2.3 IPv6 DST 2001:db8:1234::200.3.14.147 IPv4 SRC 192.1.0.1 IPv4 DST 200.3.14.147
  • 27. - 27 Availability and Deployment ā€¢ NAT64: ā€“ A10 ā€“ Cisco ā€“ F5 ā€“ Juniper ā€“ NEC ā€“ Huawei ā€“ Jool, Tayga, Ecdsys, Linux, OpenBSD, ā€¦ ā€¢ CLAT ā€“ Android (since 4.3) ā€“ Nokia ā€“ Windows ā€“ NEC ā€“ Linux ā€“ Jool ā€“ OpenWRT ā€“ Apple (sort-of, is Bump-in-the-Host [RFC6535] implemented in Happy Eyeballs v2) - IPv6-only since iOS 10.2 ā€¢ Commercial deployments: ā€“ T-Mobile US: +68 Millions of users ā€“ Orange ā€“ Telstra ā€“ SK Telecom ā€“ ā€¦ ā€“ Big trials in several ISPs
  • 28. - 28 MAP Encapsulation (MAP-E) ā€¢ Mapping of Address and Port with Encapsulation ā€¢ Is a ā€œstatelessā€ DS-Lite ā€“ Provision of an IPv4 prefix, address or ā€œsharedā€ address ā€“ Algorithmic mapping between IPv4 and an IPv6 address ā€“ Extends CIDR to 48 bits (32 IP + 16 port) ā€¢ Allows encapsulating IPv4 in IPv6 for both mesh and hubs&spoke topologies, including mapping-independent IPv4 and IPv6 ā€¢ Two elements: ā€¢ MAP Customer Edge (CE) ā€¢ MAP Border Relay (BR)
  • 29. - 29 MAP-E CE Internet IPv4 ISP Network BR 10.0.0.x/24 BR CE 10.0.0.x/24 v4 v4 v4 v4/v6 Internet IPv6 ā€œplainā€ IPv6 IPv6-only access IPv4-in-IPv6 tunnel NAT44 Level 1 Public IPv4
  • 31. - 31 MAP Translation (MAP-T) ā€¢ Mapping of Address and Port using Translation ā€¢ Similar to MAP-E ā€¢ Similar to 464XLAT in the sense of the double translation NAT46 (CLAT) and NAT64 (PLAT)
  • 32. - 32 MAP-T CE Internet IPv4 ISP Network BR 10.0.0.x/24 BR CE 10.0.0.x/24 v4 v4 v4 v4/v6 Internet IPv6 ā€œplainā€ IPv6 IPv6-only access IPv4-in-IPv6 tunnel NAT46 Public IPv4 NAT64 NAT44 Level 1
  • 34. - 34 MAP-E vs MAP-T ā€¢ MAP-E uses extra 20 bytes for the encapsulation (IPv4-in-IPv6 tunnel). IPv4 IPv6 Transport Link IPv4 Transport Link IPv4 Transport Link IPv6 Transport Link Ć³ IPv4 CE BR MAP MAP MAP-E MAP-T ā€¦ ā€¦Core IPv6
  • 36. - 36 Comparing Transition ā€¦ 6RD Softwires v2 NAT444 DS-Lite Lw4o6 NAT64 464XLAT MAP-E MAP-T Tunel/Translation (X) T 6in4 T 6in4 X T 4in6 T 4in6 X X T 4in6 X Dual-stack LAN YES YES optional YES YES NO YES YES YES IPv4 Multicast YES YES YES NO NO NO NO NO NO Access Network IPv4 IPv4 IPv4 /dual IPv6 IPv6 IPv6 IPv6 IPv6 IPv6 Overhead 20 bytes 40 bytes - 40 bytes 40 bytes 20 bytes 20 bytes 40 bytes 20 bytes Impact in IPv6 addressing plan YES NO NO NO NO NO NO YES YES CPE Update YES YES optional YES YES YES YES YES YES NAT44/NAPT CPE CPE CPE + CGN CGN CPE CPE CPE CPE CPE 46/64 Translation - - - - - ISP ISP +/or CPE - CPE + ISP Translation at ISP with or w/o state - - with - - with with w/o w/o Scalability High Medium Medium Medium High High High High High Performance High Low Low Low High Medium High High High ALGs NO NO YES YES NO YES YES YES YES Any Protocol or only-TCP/UDP/ICMP YES YES YES YES YES NO NO NO NO Sharing IPv4 Ports NO NO YES YES YES NO NO YES YES IPv6 Aggregation NO NO optional YES YES YES YES YES YES IPv4 Mesh YES YES YES NO NO NO NO YES YES IPv6 Mesh YES NO optional YES YES YES YES YES YES Impacts on logging NO NO YES YES NO YES YES NO NO HA simplicity High Low Low Low High Medium High High High DPI simplicity Low Low High Low Low High High Low High Support in cellular NO NO YES NO NO YES YES NO NO Support in CPEs YES YES YES YES YES YES YES YES YES 15.5 12.5 10.5 9.5 15 11.5 14 13 13.5
  • 37. - 37 How many ports per user? ā€¢ Possibly a minimum of 300 per user behind each CPE ā€“ More as AJAX/similar technologies usage increase ā€“ Times average number of users behind each NAT ā€“ And going up ā€¢ Be aware of IP/port sharing implications ā€¦
  • 38. - 38 Recommended Reading ā€¢ Basic Requirements for IPv6 Customer Edge Routers (RFC7084) ā€“ Originally include support only for 6RD and DS-LITE ā€“ Being updated to include support for 464XLAT, MAP T/E, lw4o6, ā€¦ ā€“ https://datatracker.ietf.org/doc/draft-ietf-v6ops-transition-ipv4aas/ ā€¢ BCOP RIPE690: ā€“ https://www.ripe.net/publications/docs/ripe-690 ā€¢ Point-to-point links: ā€“ https://datatracker.ietf.org/doc/draft-palet-v6ops-p2p-links/ ā€¢ NAT64 deployment guidelines: ā€“ https://datatracker.ietf.org/doc/draft-ietf-v6ops-nat64-deployment/
  • 39. - 39 DNSSEC Considerations ā€¢ DNS64 modifies DNS answers and DNSSEC is designed to detect such modifications, DNS64 can break DNSSEC ā€¢ In general, DNS servers with DNS64 function, by default, will not synthesize AAAA responses if the DNSSEC OK (DO) flag was set in the query. In this case, as only an A record is available, it means that the CLAT will take the responsibility, as in the case of literal IPv4 addresses, to keep that traffic flow end-to-end as IPv4, so DNSSEC is not broken ā€¢ Today no apps in cellular that use DNSSEC, but you should be ready for that ā€“ Consider apps used by means of tethering ā€“ Very relevant for non-cellular networks
  • 40. - 40 Performance *FaceBook data (17/3/2015) US Mobile Performance ā€“ Dual Stack Provider iOS v6 v4 30% ā€¢ā€Æ iPhone 6 on LTE only ā€¢ā€Æ No Instrumentation of the client ā€¢ā€Æ Examining Client Last Byte Time ā€¢ā€Æ Time it takes for the device to read the response ā€¢ā€Æ Read all the data for a newsfeed Time of HTTP GET completion US Mobile Performance ā€“ Dual Stack Provider Android v6 v4 40% ā€¢ā€Æ Android 4/5 ā€¢ā€Æ Galaxy S5 on LTE only ā€¢ā€Æ No Instrumentation of the client ā€¢ā€Æ Examining Client Last Byte Time ā€¢ā€Æ Time it takes for the device to read the response ā€¢ā€Æ Read all the data for a newsfeed Time of HTTP GET completion US Mobile Performance ā€“ Dual Stack Provider iOS v6 v4 40% ā€¢ā€Æ iPhone 6 ā€¢ā€Æ Client instrumentation ā€¢ā€Æ No A/B testing ā€¢ā€Æ Mobile Proxygen ā€¢ā€Æ Examining Total Request Time ā€¢ā€Æ Similar to Client Last Byte Time Total Request Time
  • 41. - 41 Multiservice Network ā€¦ ā€¦ 464XLAT PLAT DNS64/NAT64 ā€¦ Cellular network 464XLAT Residential network Corporate network
  • 42. - 42 Example Residential Customer ā€¦ IPv4 + IPv6 2001:db8::/32 198.51.100.0/24 FE80::1/64 Internet LAN Eth1 192.168.1.1 2001:db8:40::41 CPE (CLAT) Pool IPv4/NAT46: 192.0.0.1/32 Pool IPv6: 2001:db8:2::40/128 2001:db8:1::2 WAN Eth0 Node 1 192.168.1.2/24 2001:db8:40::42/64 BRAS Eth0 198.51.100.10 2001:db8::10 VM PLAT (NAT64 + DNS64) Pool IPv4/NAT64: 198.51.100.11/32 Prefijo IPv6: 64:ff9b::/96 2001:db8:1::1 Eth1 ISP Network User Network Traffic Legend Red: IPv6-only Blue: IPv4-only Green: Dual-stack Node ā€œnā€ 192.168.1.x/24 2001:db8:40::xx/64
  • 43. - 43 NAT64, DNS64 Jool APNIC46 September, 2018 Noumea, New Caledonia Jordi Palet (jordi.palet@theipv6company.com)
  • 44. - 44 Jool ā€¢ http://jool.mx/ ā€¢ Open Source SIIT and NAT64 for Linux ā€¢ SIIT (RFC7915): Stateless IP/ICMP Translation Algorithm ā€“ Just ā€œtranslates 1:1ā€ between IPv4 and IPv6 and back ā€“ SIIT with EAM (Explicit Address Mapping) allows ā€œrulesā€ ā€¢ Stateful NAT64, is a NAT between both ā€“ So helps with IPv4 address exhaustion
  • 45. - 45 Jool Defined Architectures ā€¢ SIIT-DC ā€¢ 464XLAT ā€¢ SIIT-DC DTM (Dual Translation Mode)
  • 46. - 46 Jool Features ā€¢ Runs in Single Interface ā€“ if needed ā€¢ ā€œNode-Based Translationā€ ā€“ Using ā€œnamespacesā€ to ā€œwrapā€ Jool ā€¢ High-Availability ā€“ Daemon that allows constant synchronization of sessions across Jool instances
  • 47. - 47 EAMT ā€¢ Some examples: IPv4 Prefix IPv6 Prefix 192.0.2.1/32 2001:db8:aaaa::5/128 198.51.100.0/24 2001:db8:bbbb::/120 203.0.113.8/29 2001:db8:cccc::/125
  • 48. - 48 Our Demo Setup
  • 49. - 49 Demo ping 1.1.1.1 tracert 1.1.1.1 ping www.google.com ping -4 www.google.com tracert6 www.google.com tracert www.google.com Also browse to web site that are/arenā€™t IPv6 enabled and with literals, for example http://1.1.1.1 In Chrome/Firefox you may want first to install extension ā€œIPvfoo"
  • 50. - 50 NAT64 Setup sudo service network-manager stop sudo service radvd stop sudo service isc-dhcp-server stop sudo service isc-dhcp-server6 stop sysctl -w net.ipv4.conf.all.forwarding=1 sysctl -w net.ipv6.conf.all.forwarding=1 ethtool --offload br-lan gro off lro off ethtool --offload eth0 gro off lro off ethtool --offload eth3 gro off lro off ip -6 route replace 2001:df9:6::/60 via fe80::a00:27ff:fe6b:e065 dev eth3 modprobe jool pool6=64:ff9b::/96 pool4=220.247.148.2
  • 51. - 51 DNS64 Setup /etc/bind/named.conf.options ... forwarders { 8.8.8.8; 8.8.4.4; }; dns64 64:ff9b::/96 { clients { any; }; mapped { any; }; exclude { 0::/3; 4000::/2; 8000::/1; 2001:db8::/32; }; break-dnssec no; };
  • 52. - 52 CLAT Setup sudo service isc-dhcp-server start sudo service radvd start sudo stop network-manager sysctl -w net.ipv4.conf.all.forwarding=1 sysctl -w net.ipv6.conf.all.forwarding=1 sysctl -w net.ipv4.ip_forward=1 ethtool --offload eth0 gro off lro off ethtool --offload eth1 gro off lro off modprobe jool_siit pool6=64:ff9b::/96 jool_siit --eamt --add 100.64.0.0/10 2001:df9:6:2::/106
  • 53. - 53 Data-Centers without IPv4! SIIT-DC
  • 54. - 54 Data-Centers without IPv4! ā€¢ Several cases, large content providers with IPv6-only data-centers and more coming ā€¦ ā€¢ Many ways to do that ā€“ Load Balancing (cost, state, scalability) ā€“ IPv4 traffic (from Internet) finish in IPv6-only clusters ā€¢ Same RFC1918 space, for IPv4 BGP sessions ā€¢ RFC5549 ā€“ Advertising IPv4 Network Layer Reachability Information with an IPv6 Next Hop ā€¢ IPv4 in IPv6 tunneling, for IPVS (IP Virtual Server) ā€¢ IPv4 link-local (169.254.0.0/16) for Linux and switches
  • 55. - 55 Advantages of IPv6-only ā€¢ IPv6 traffic keeps going up ā€“ Initially more in cellular networks ā€¢ This is a ā€more expensiveā€ traffic (radio, energy, bandwidth availability, ā€¦) ā€¢ More expensive with IPv4 (ā€œkeepalivesā€) than with IPv6 ā€¢ If the end-points speak IPv6 there is no NAT ā€“ Even better, no CGN ā€¢ ā€œperformanceā€ or ā€user-perceived quality of service increases ā€“ IPv6 40% ā€œfasterā€ than IPv4 ā€¢ Response time to complete ā€œHTTP GETā€ ā€¢ Using HTTP2 and QUIC can increase that performance
  • 56. - 56 IPv4 or Dual-Stack? ā€¢ Against IPv4: ā€“ Lack of IPv4 addresses ā€“ Overlapping of private addresses ā€“ NAT (state) ā€“ Renumbering (new servers or VMs) ā€“ Lack of IPv6 support ā€¢ Against Dual-Stack: ā€“ ā€Dualā€ management costs ā€¢ Monitoring, security, human resources, errors, ā€¦
  • 57. - 57 SIIT-DC ā€¢ RFC7755 - SIIT-DC: Stateless IP/ICMP Translation for IPv6 Data Center Environments ā€“ ā€œ464XLATā€ for the DC ā€“ No additional software in end-points ā€¢ No state! ā€“ High availability: BGP, ECMP, ā€¦ ā€¢ Keeps source IPv4 address ā€“ Logging, geolocation, ā€¦ ā€¢ Avoid dual-stack in the DC ā€“ DC is simplified ā€¢ Keeps dual-stack for Internet ā€“ Service is available for all users ā€¢ IPv4-only, IPv6-only and dual-stack ā€¢ Doesnā€™t work with literal addresses neither IPv4-only APIs ā€“ Not an issue: a DC use DNS! ā€“ Sorted out as well with RFC7756 ā€¢ Stateless IP/ICMP Translation for IPv6 Internet Data Center Environments (SIIT-DC): Dual Translation Mode
  • 58. - 58 Example of DC with SIIT-DC IPv6-only Data Center SIIT-DC BR SIIT-DC BR Internet IPv4 Internet IPv6
  • 59. - 59 Mapping all the IPv4 Internet Internet IPv6 Internet IPv4 0.0.0.0/0 64:ff9b::0.0.0.0/96 ā€¢ An EAM (Explicit Address Mapping) table is configured in the SIIT-DC BR Translation prefix: 2001:db8:46::/96 IPv4 pool: 192.0.2.0/24 EAM table: IPv4 Internet address Address in the DC 192.0.2.1 2001:db8:12:34::1 192.0.2.2 2001:db8:24:68::80 192.0.2.3 2001:db8:24:68::25
  • 60. - 60 Traffic Flow ā€¢ Example from IP 203.0.113.50 to 192.0.2.1 IPv4 -> IPv6 translation IPv4 IPv6 SRC: 203.0.113.50 2001:db8:46::203.0.113.50 DST: 192.0.2.1 2001:db8:12:34::1 IPv6 -> IPv4 translation IPv6 IPv4 SRC: 2001:db8:12:34::1 192.0.2.1 DST: 2001:db8:46::203.0.113.50 203.0.113.50
  • 61. - 61 Support ā€¢ Commercial: ā€“ A10 ā€“ Brocade ā€“ Cisco ā€“ F5 ā€¢ Open Source: ā€“ Jool ā€“ Tayga ā€“ VPP
  • 62. - 62 Thanks! Contact: ā€“ Jordi Palet: jordi.palet@theipv6company.com