ipv6 at the university of wisconsin hopefully 79,228,162,514,264,337,593,543,950,336 ip addresses...
Post on 31-Dec-2015
212 Views
Preview:
TRANSCRIPT
IPv6 at the University of Wisconsin
Hopefully 79,228,162,514,264,337,593,543,950,336 IP addresses will be enough for a while.
A subset of the UW IPv6 Task Force:
Dale W. Carder - DoIT Network Svcs.
Bob Plankers - DoIT Sys EngineeringSteve Barnet - IceCube
2008-09-26
Agenda
• Quick overview & introductions– Jurgen
• IPv6 Networking Crash Course– Dale
• Technology issues– Bob
• End-User issues– Steve
• Questions– Jurgen or Al, moderator
Why are we here?
- IPv4 resources, shared by campus, are running out.
- IPv4 address space, shared by the world, is running out.
- The need for the true, global, unencumbered, end-to-end connectivity we have today will continue to exist.
What is this IPv6 thing?
• “Just another protocol” – (remember appletalk, decnet, ipx, etc?)
• A Method to continue to give all internet endpoints a globally unique address in the future.
• Not a drop-in replacement for IPv4. In fact, it’s natively incompatible with IPv4! (FAIL)
Addressing Structure “96 more bits, no magic”
• IPv4 address– 32 bits – “dotted quad” format– 128.104.181.26
• IPv6 address– 128 bits– hexadecimal format– 2607:f388:e:100:217:f2ff:fe0a:bdf6
No Native Compatibility between the two.
IPv6 Subnet features• All Subnets are the same, fixed size, supporting a nearly “unlimited” number of hosts.
• UW holds an ISP-size allocation, which allows for theoretically 4 billion subnets.
• This means we can give “a lot” UW entities “a lot” of subnets. One Example method:
2607:f388:0143:1001:0217:02ff:fe0a:bdf6
UW Dept ID Host ID
Dept subnet ID
IPv6 host addressing features
• Automatic address, based on MAC address– MAC: 00:17:f2:0a:bd:f6– IPv6: 2607:f388:e:100:217:f2ff:fe0a:bdf6
• Static assigned addresses- 2607:f388:ab:2ef::53
• “Privacy” addresses- clients change address every day
• Shorthand notation 2607:f388:ab:2ef::1 equals 2607:f388:00ab:02ef:0000:0000:0000:0001
IPv6 / IPv4 coexistence
• Did I mention they are incompatible?
- However, you can run both at the same time. This is called “Dual Stack”.
• An IPv6 enabled host checks DNS and prefers using IPv6 when it can
> dig ricotta.doit.wisc.edu anyricotta.doit.wisc.edu. 14340 IN AAAA 2607:f388:e:100:217:f2ff:fe0a:bdf6
ricotta.doit.wisc.edu. 10341 IN A 144.92.67.161
IPv4 / IPv6 Coexistence (cont)
• The most reasonable deployment model for campus would be to run dual stack.
• Hosts will need to run v6 to get around NAT, or talk to regions of the world without v4. This will be critical for servers.
• Hosts will need to run v4 indefinitely to talk to “legacy” v4-only hosts, applications, lab equipment, etc.
DHCP & DNS in v6
• Hosts don’t have to use DHCP, although it’s still useful to get DNS server info via DHCP
• DHCP can still be used for static host assignment.
• Since host IPv6 addresses are messy, DNS will become more important.
• You may want to consider using dynamic dns from the dhcp server.
IPv6 on the UW network today
• We have our address space, and a preliminary allocation plan.
• Core routers are running v6 today.
• Some testing has occurred.• Firewalling is a weak link.• Integration into AANTS will take some time.
End of dale’s content
• The next slides are stuff I had lying around
• toss them or make new ones• whatever
Why UW must adopt IPv6 at some point
• IPv6 will be the only method left for true end-to-end connectivity
• Collaboration with entities beyond North America
• To be competitive
•Business Continuity
IPv6 timeline• Right now there are a few people trying to reach us via IPv6.
• At some point, there will be people who will only be able to reach us via IPv6.
• IPv6 will probably be the only way to ensure global reachability.
• Campus Backbone Ready
IPv6 Roadblocks
• 3rd Party Application Support• Numerous Backend Systems• Legacy Systems• Staff Training• Transition Issues
• Need to make IPv6 a Requirement on all new Software/System acquisitions.
IPv6 Planning
• Task force stuff
Other stuff
• Host support
- native support in MacOS, Vista, Unixen
- it’s there, but not on by default in XP
Security
• OMFG, really?
Steal more content from the Michaels
• http://net.doit.wisc.edu/~dwcarder/HARE-v6%202008-08-27.pdf
top related