| copyright © 2009 juniper networks, inc. | 1 survey of ipv6 enabled services mark prior, liaison...
Post on 20-Dec-2015
214 views
TRANSCRIPT
| Copyright © 2009 Juniper Networks, Inc. | www.juniper.net1
SURVEY OF IPV6 ENABLED SERVICES
Mark Prior, Liaison APAC R&E CommunityAPAN 27, 4 March 2009
| Copyright © 2009 Juniper Networks, Inc. | www.juniper.net2
Motivation
Talk by Ron Broersma, DREN, at the Joint Techs Meeting at Fermilab (July 2007)
Very easy to deploy a single “router” announcing an IPv6 prefix
Harder to deploy services
Public services do NOT imply IPv6 enablement of an organisation but do illustrate some commitment– Public services often on a DMZ rather than inside the
organisation’s network
| Copyright © 2009 Juniper Networks, Inc. | www.juniper.net3
Services Examined
Need to be services provided to the “public”– Expected to be accessible from the Internet
Web service (HTTP)
Mail delivery service (SMTP)
Domain Name service (DNS)
Instant Messenger (Jabber)
Network Time service (NTP)
| Copyright © 2009 Juniper Networks, Inc. | www.juniper.net4
Web Service
Test the accessibility of a web service
Look for a AAAA record on– www.example.com– www.ipv6.example.com– ipv6.example.com– www6.example.com– www.example6.com
If AAAA record exists then connect to it and issues a HTTP 1.1 HEAD command
Try to follow any redirects
200 code = success– No test that the IPv6 and IPv4 service are the same thing
| Copyright © 2009 Juniper Networks, Inc. | www.juniper.net5
Mail Delivery service
Test delivery of email to the domain over IPv6
List the MX for the domain
If there is a AAAA then attempt to connect to it
Send EHLO greeting
Claim victory and QUIT if response looks OK
Test primary MX first but fall back and test the secondary MX if primary fails
Partial success if the secondary supports IPv6– Could be called “SUCCESS” as IPv6 only host can
deliver email but dual stack will use IPv4 instead
| Copyright © 2009 Juniper Networks, Inc. | www.juniper.net6
Domain Name service
Find out the Domain Name servers for the domain
Look for AAAA record on each of them
For each AAAA send a SOA query for the domain
Try to classify if the server is managed by the domain name holder or if it is off site
Success if each of the servers has an IPv6 version– No guarantee that the IPv6 servers are the same systems
as the IPv4 ones– Multiple servers using the same address are noticed but
not reported
| Copyright © 2009 Juniper Networks, Inc. | www.juniper.net7
Instant Messenger service
No guarantees that this will exist as a public service
Look for SRV for _xmpp-client._tcp.example.com
If it exists is there a AAAA record for it?
Try to connect to it using the port in the SRV
| Copyright © 2009 Juniper Networks, Inc. | www.juniper.net8
Network Time service
No guarantee that this will exist as a public service
No defined way to find the service so guess using ntp.example.com and then ntp.ipv6.example.com
If there is a A record then look for a AAAA too
If it exists then use ntpdate to query the server and check the status returned
Stratum between 1 and 15 is considered success
| Copyright © 2009 Juniper Networks, Inc. | www.juniper.net9
Pulling this together
A perl script is run twice a week from a dual stack system in Adelaide
Creates a web page with the results
Feedback that organisations have been motivated to try to go green
| Copyright © 2009 Juniper Networks, Inc. | www.juniper.net10
Future Work
Would be good to test RTT and Path MTU, comparing result with IPv4
Try to identify tunnels and sub optimal paths
| Copyright © 2009 Juniper Networks, Inc. | www.juniper.net11
Where’s the web page?
Currently very few Asian organisations tested– An artifact of original motivation rather than a lack of
interest in doing it Of course there are a lot more Chinese Universities than
New Zealand ones!
– Send me email if you want your organisation to be added to the list!
– Send me perl code if you can do RTT and/or Path MTU testing in perl (on a Solaris 8 system)
http://www.mrp.net/IPv6_Survey.html
| Copyright © 2009 Juniper Networks, Inc. | www.juniper.net12
Contact Info
Mark PriorLiaison, APAC R&E CommunityJuniper Networks
[email protected]@mrp.net