ipv6 in greek school network (gsn) dimitrios kalogeras, ph.d
Post on 19-Dec-2015
219 views
TRANSCRIPT
IPv6 in Greek School Network (GSN)
Dimitrios Kalogeras, Ph.d
Agenda
Greek School Network Differences between IPv4 and IPv6 IPv6 in GSN
– Roadmap– Numbering– Routing– Applications
Greek School Network
BackboneBackbone:: 8 PoPs around 8 PoPs around GrnetGrnet
Distribution Distribution :: 52 PoPs 52 PoPs• 9 major9 major• 43 secondary43 secondary
75 routers, 775 routers, 71 1 servers, servers,
Access Technologies:Access Technologies:
PSTN, ISDN, Leased PSTN, ISDN, Leased Lines, Wireless Lines, Wireless nodes, VDSL, ADSLnodes, VDSL, ADSL
6K Primaries and 3.7k 6K Primaries and 3.7k secondaries schools secondaries schools connectedconnected !!
GRnet
Distribution Network
www.sch.grwww.sch.gr
GSN – cont. - Services
Basic Services Υπηρεσίες
1. Dial-up
2. Proxy/Cache
3. Web-Filtering
4. Web-Page Generator
5. Web-Hosting
6. Portal (www.sch.gr)
Infrastructure
1. DNS
2. Directory Service (LDAP)
3. User registration service
4. Statistics (www.sch.gr/statistics)
5. Help-Desk (www.sch.gr/helpdesk)
6. GIS
Communication
1. e-mail (POP3, IMAP, web-mail)
2. Forums (www.sch.gr/forums)
3. NNews (www.sch.gr/news)
4. Instant Messaging (www.sch.gr/im)
5. Teleconfernce (www.sch.gr/conf)
6. Voice over IP
Ανεπτυγμένες
1. E-learning - (www.sch.gr/e-learning)
2. Video on Demand – VoD (www.sch.gr/vod)
3. Secure Content Delivery with Reliable multicast (www.sch.gr/scd)
4. Real time services (www.sch.gr/rts)
Why IPv6
Every school has ΝΑΤ / PAT due to address shortage
Difficult debugging New P2P applications do not work with servers
behind Pat PAT New Vista Windows New security and Management Features Easier P2P application development Enough address space without ΝΑΤ for every
school and pupils …
Why not IPv4
New environment ADSL, Always-On no statistical multiplexing of addressing through
address pools Need for static adresses
Differences btw. IPv4 and IPv6 (1)
small differenced IPv4 and IPv6– From the ISP’s point of view.
Address size of IP addresses– extension of address space from 32bit to 128 bit– Change in the representation of addresses:
from decimal to hexademical format IPv4: 192.168.128.254 IPv6: 2001:db8:0:d802:2d0:b7ff:fe88:eb8a check RFC3513 “IPv6 Addressing Architecture”
Native IPSEC usage better security with encryption and identification of peers.
Differences btw. IPv4 and IPv6 (2)
IPv6 address space sTLA (sub TLA) production address space (/20-/35) for ISPs
– around 700 prefixes assigned Routing tale size IPv4: around 150,000 routes IPv6: around 600 routes
– multiples /35 in Τier-1– Multiples of /48 in Tier-2 networks
Differences btw. IPv4 and IPv6 (3)
Given the bigger address space size, address delegation is structured
IPv4– Small blocks from Ripe– Non standard sizes lead to inefficient address usage
size
IPv6– bigger block sizes– homogenous blocks
Differences btw. IPv4 and IPv6 (4)
Address size assignements– LAN: /64
Automatic address assignment (stateless auto-configuration)
– End Site: multiples of /48– ISPs
multiples of /35
– Point-toPoint /126 /64 (stateless auto-configuration)
IPv6 in GSN
Roadmap– Step 1: ΙPv6 addressing, routing plan,
transition study– Step 2: Implementation of distribution
networks in Dual Stack– Step 3: school selection and preparation– Step 4: IPv6 activation in services
Addressing IPv6 (1)
Two cases– /48 for every PoP and a /48 in the backbone– in every /48 one /52 in distribution nodes– Up to 16 distribution nodes for every core node– /62 for every school =>
4 LANs per school (loopback, student lab, Administration Office, server Lans)
– 1024 schools per regions.
Addressing IPv6 (2)
a /35 for the GSN RIPE allows a /48 every non single node
customer (that s even for a school) Conservative policy of /56 for future needs Multiple /48 for every PoP
Routing (1)
IGP (Internal Gateway Protocol) OSPFv3 selection (for IPv6 only) minimal with
OSPFv2 (IPv4 only) Route management (i.e. nssa) To IS-IS demands a “D – Day” for transition,
alternatively support for incongruent network graps in terms of IPv6 and IPv4 capabilities (multi-topology extension) – OSPFv3 provides smoother transition
EGP (Exterior Gateway Protocol) BGP-MP
– Separate routing for IPv4 and IPv6– But possible routing information transfer on top of IPv4
!!! ΙPv4 connection for IPv4 routes exchange
ΙPv6 connection for IPv6 routes exchange
smooth transition without affecting current routing
Same routing policy
Routing (2)
Access (1)
Differences ΙPv4 /128 for a single Pc ( provisioning costs) With PPP for IPv6 , no ΙPCP address delegation but a
/64 prefix delegation and stateless-autoconfiguration for the rest 64 bits (= interface-id)
interface-id configuration dynamically or statically (via ΑΑΑ)
Prefix delegation to a router for automatic addressing in the internal interfaces (INDEPEDENTLY from the PPP !!!)
Access (2)
`
Network Access Provider
Radius Server
Dial- in
/64 for the line and (/48) /56 for networks inside every school
/64 for the Line /56 (/48) for the network
PPP (IPv6CP)
DHCPv6-PD
Home Router
ISP Router
/64 for every LAN+ 64 Auto Conf
/64 foe the access network
+ 64 interface-id
Transition (1)
Adoption of dual-stack strategy Support from software vendors Requirement for more memory and CPU in
routers Upgrade IOS in routers ONLY (not in switches)
Transition (2)
Dual stack activation in routers Configuration of p2p interfaces and LAN
interfaces Activation of OSPFv3 Tuning of internal security with acls in LANs
Transition (3)
Services – servers End user service transition dns, mail, ftp, http Minor support for management services
– Radius, snmp– Radius (support of attributes)
DNS : a crucial for IPv6 transisition
Transition (4)
DNS – A very useful and important service Large address size -> in valuable DNS Two choices
– Usage of AAAΑ and PTR records with transport over IPv4 (new zone for ipv6.int)
– Usage of IPv6 as transport protocol First case adopted form Windows XP ΧΡ Second case supported form *UNIXes and Vista Support of ΑΑΑΑ and Α ? Default usage of ΙPv6 !!
(RFC 3484) Attention: activate IPv6 in services and later on update
appropriate DNS records
Transition (5)
Servers - Services– discrimination: Multiple services on one box against
one service per box. Multiple Service
– dual stack activation– Address configuration (stateless vs. static)– Service activation– Initial dns allocation with different name i.e. service-
ipv6.– Monitoring of operation and further adoption of ΑΑΑΑ
record for the same name
Transition (6)
MAIL – service– Smtp, PoP, IMAP
SMTP – Qmail , a patch from http://pyon.org/fujiwara/
PoP, IMAP– Courier with ipv6 support– Clients ready: Thunderbird, mozilla
Web service– Apache + jboss– Αλλαγή σε apache 2.0– J2SDK/JRE 1.4 release, support of IPv6 in Java Networking– Tomcat ver.5 OK– Client: Firefox
IM– Jabber OK
Transition (7)
Radius– Attributes specific with IPv6 ( interface-id, prefix-id,
ipv6-route, etc)– Update of specific files (dictionary)– for dhcp-pd a new attribute was added (i.e. for user user1 user1-dhcpv6 was added which fixes the prefix to every user.
Dialup-admin – User management application– 2 new attributes (interface-id και prefix-id)
ToDO
Content Filtering– Squid, SquidGuard– beta squid 3 support– LDAP activation
Deployment of IPv6 capable routers in a limited number of schools!!
??Questions???