ipv6 in greek school network (gsn) dimitrios kalogeras, ph.d

Post on 19-Dec-2015

220 Views

Category:

Documents

4 Downloads

Preview:

Click to see full reader

TRANSCRIPT

IPv6 in Greek School Network (GSN)

Dimitrios Kalogeras, Ph.d

Agenda

Greek School Network Differences between IPv4 and IPv6 IPv6 in GSN

– Roadmap– Numbering– Routing– Applications

Greek School Network

BackboneBackbone:: 8 PoPs around 8 PoPs around GrnetGrnet

Distribution Distribution :: 52 PoPs 52 PoPs• 9 major9 major• 43 secondary43 secondary

75 routers, 775 routers, 71 1 servers, servers,

Access Technologies:Access Technologies:

PSTN, ISDN, Leased PSTN, ISDN, Leased Lines, Wireless Lines, Wireless nodes, VDSL, ADSLnodes, VDSL, ADSL

6K Primaries and 3.7k 6K Primaries and 3.7k secondaries schools secondaries schools connectedconnected !!

GRnet

Distribution Network

www.sch.grwww.sch.gr

GSN – cont. - Services

Basic Services Υπηρεσίες

1. Dial-up

2. Proxy/Cache

3. Web-Filtering

4. Web-Page Generator

5. Web-Hosting

6. Portal (www.sch.gr)

Infrastructure

1. DNS

2. Directory Service (LDAP)

3. User registration service

4. Statistics (www.sch.gr/statistics)

5. Help-Desk (www.sch.gr/helpdesk)

6. GIS

Communication

1. e-mail (POP3, IMAP, web-mail)

2. Forums (www.sch.gr/forums)

3. NNews (www.sch.gr/news)

4. Instant Messaging (www.sch.gr/im)

5. Teleconfernce (www.sch.gr/conf)

6. Voice over IP

Ανεπτυγμένες

1. E-learning - (www.sch.gr/e-learning)

2. Video on Demand – VoD (www.sch.gr/vod)

3. Secure Content Delivery with Reliable multicast (www.sch.gr/scd)

4. Real time services (www.sch.gr/rts)

Why IPv6

Every school has ΝΑΤ / PAT due to address shortage

Difficult debugging New P2P applications do not work with servers

behind Pat PAT New Vista Windows New security and Management Features Easier P2P application development Enough address space without ΝΑΤ for every

school and pupils …

Why not IPv4

New environment ADSL, Always-On no statistical multiplexing of addressing through

address pools Need for static adresses

Differences btw. IPv4 and IPv6 (1)

small differenced IPv4 and IPv6– From the ISP’s point of view.

Address size of IP addresses– extension of address space from 32bit to 128 bit– Change in the representation of addresses:

from decimal to hexademical format IPv4: 192.168.128.254 IPv6: 2001:db8:0:d802:2d0:b7ff:fe88:eb8a check RFC3513 “IPv6 Addressing Architecture”

Native IPSEC usage better security with encryption and identification of peers.

Differences btw. IPv4 and IPv6 (2)

IPv6 address space sTLA (sub TLA) production address space (/20-/35) for ISPs

– around 700 prefixes assigned Routing tale size IPv4: around 150,000 routes IPv6: around 600 routes

– multiples /35 in Τier-1– Multiples of /48 in Tier-2 networks

Differences btw. IPv4 and IPv6 (3)

Given the bigger address space size, address delegation is structured

IPv4– Small blocks from Ripe– Non standard sizes lead to inefficient address usage

size

IPv6– bigger block sizes– homogenous blocks

Differences btw. IPv4 and IPv6 (4)

Address size assignements– LAN: /64

Automatic address assignment (stateless auto-configuration)

– End Site: multiples of /48– ISPs

multiples of /35

– Point-toPoint /126 /64 (stateless auto-configuration)

IPv6 in GSN

Roadmap– Step 1: ΙPv6 addressing, routing plan,

transition study– Step 2: Implementation of distribution

networks in Dual Stack– Step 3: school selection and preparation– Step 4: IPv6 activation in services

Addressing IPv6 (1)

Two cases– /48 for every PoP and a /48 in the backbone– in every /48 one /52 in distribution nodes– Up to 16 distribution nodes for every core node– /62 for every school =>

4 LANs per school (loopback, student lab, Administration Office, server Lans)

– 1024 schools per regions.

Addressing IPv6 (2)

a /35 for the GSN RIPE allows a /48 every non single node

customer (that s even for a school) Conservative policy of /56 for future needs Multiple /48 for every PoP

Routing (1)

IGP (Internal Gateway Protocol) OSPFv3 selection (for IPv6 only) minimal with

OSPFv2 (IPv4 only) Route management (i.e. nssa) To IS-IS demands a “D – Day” for transition,

alternatively support for incongruent network graps in terms of IPv6 and IPv4 capabilities (multi-topology extension) – OSPFv3 provides smoother transition

EGP (Exterior Gateway Protocol) BGP-MP

– Separate routing for IPv4 and IPv6– But possible routing information transfer on top of IPv4

!!! ΙPv4 connection for IPv4 routes exchange

ΙPv6 connection for IPv6 routes exchange

smooth transition without affecting current routing

Same routing policy

Routing (2)

Access (1)

Differences ΙPv4 /128 for a single Pc ( provisioning costs) With PPP for IPv6 , no ΙPCP address delegation but a

/64 prefix delegation and stateless-autoconfiguration for the rest 64 bits (= interface-id)

interface-id configuration dynamically or statically (via ΑΑΑ)

Prefix delegation to a router for automatic addressing in the internal interfaces (INDEPEDENTLY from the PPP !!!)

Access (2)

`

Network Access Provider

Radius Server

Dial- in

/64 for the line and (/48) /56 for networks inside every school

/64 for the Line /56 (/48) for the network

PPP (IPv6CP)

DHCPv6-PD

Home Router

ISP Router

/64 for every LAN+ 64 Auto Conf

/64 foe the access network

+ 64 interface-id

Transition (1)

Adoption of dual-stack strategy Support from software vendors Requirement for more memory and CPU in

routers Upgrade IOS in routers ONLY (not in switches)

Transition (2)

Dual stack activation in routers Configuration of p2p interfaces and LAN

interfaces Activation of OSPFv3 Tuning of internal security with acls in LANs

Transition (3)

Services – servers End user service transition dns, mail, ftp, http Minor support for management services

– Radius, snmp– Radius (support of attributes)

DNS : a crucial for IPv6 transisition

Transition (4)

DNS – A very useful and important service Large address size -> in valuable DNS Two choices

– Usage of AAAΑ and PTR records with transport over IPv4 (new zone for ipv6.int)

– Usage of IPv6 as transport protocol First case adopted form Windows XP ΧΡ Second case supported form *UNIXes and Vista Support of ΑΑΑΑ and Α ? Default usage of ΙPv6 !!

(RFC 3484) Attention: activate IPv6 in services and later on update

appropriate DNS records

Transition (5)

Servers - Services– discrimination: Multiple services on one box against

one service per box. Multiple Service

– dual stack activation– Address configuration (stateless vs. static)– Service activation– Initial dns allocation with different name i.e. service-

ipv6.– Monitoring of operation and further adoption of ΑΑΑΑ

record for the same name

Transition (6)

MAIL – service– Smtp, PoP, IMAP

SMTP – Qmail , a patch from http://pyon.org/fujiwara/

PoP, IMAP– Courier with ipv6 support– Clients ready: Thunderbird, mozilla

Web service– Apache + jboss– Αλλαγή σε apache 2.0– J2SDK/JRE 1.4 release, support of IPv6 in Java Networking– Tomcat ver.5 OK– Client: Firefox

IM– Jabber OK

Transition (7)

Radius– Attributes specific with IPv6 ( interface-id, prefix-id,

ipv6-route, etc)– Update of specific files (dictionary)– for dhcp-pd a new attribute was added (i.e. for user user1 user1-dhcpv6 was added which fixes the prefix to every user.

Dialup-admin – User management application– 2 new attributes (interface-id και prefix-id)

ToDO

Content Filtering– Squid, SquidGuard– beta squid 3 support– LDAP activation

Deployment of IPv6 capable routers in a limited number of schools!!

??Questions???

top related