Telstra Unrestricted Copyright Telstra©

JourneytoIPv6AReal-WorlddeploymentforMobilesAPRICOT2017– February2017

JeffSchmidt- TechnologyTeamManager,TelstraWirelessNetworkEngineering

ManagingtheTechnicalLeadforWirelessIPv6deploymentandWirelessMobileIPEdge/CoreArchitecture

IntroductionInstructional Slide

1. WhyIPv6?

2. BusinessandTechnicalconsiderations

3. NetworkArchitectures

4. AddressingandSubnetting

5. DeploymentModel

6. OurExperience

7. Q&A

Agenda

WhyIPv6?

TrafficgrowthanddeviceperpersonNetworkreadinessfornewtechnologies:• Internet-of-Things• VoLTE/IMS• ViLTE• ManagementandBackhaul

IPv4public/privateaddressdepletionReductioninnetworkinefficiencies

WhyIPv6?

Source- https://www.google.com/intl/en/ipv6/statistics.html

IPv6GlobalTraffic

BusinessandTechnicalConsiderations

BusinessandTechnicalConsiderations

DepletingpublicandprivateIPv4addressrange

BusinessandTechnicalConsiderations

Non-interworkingprivateIPv4addressrangesduplicatedbetweendomains,thatnowrequireinterworking

10.0.0.0 10.0.0.0

10.0.0.0 10.0.0.0

ContinualinvestmenttoextendIPv4resourcesvsIPv6tofutureproofournetwork

BusinessandTechnicalConsiderations

NAT

IoT

$

$or

AsIPv4addressesdeplete,itwillbemoreexpensivetoextendIPv4resources

Dual-StackisaneffectivetransitiontechnologybutdoesnotsolvetheIPv4depletionproblem

IntroducingIPv6:

- ReduceddependencyonNAT

- Removetheneedforregionalisation

- PushesapplicationstomovetoIPv6

BusinessandTechnicalConsiderations

NetworkArchitectures

• CGNperformsNAT/PAT44andNAT/PAT64PATsubstantiallyreducesPublicandPrivateIPv4address

demand,butdoesnotpreventIPv4addressdepletion.

IPv6ImplementationCentralisedCGN

Internet

IPCore/Edge

Internet

CGNAT BR

Region1

Region2

NAT/PAT44PrivateIPv4toPublicIPv4

CGNAT BR

NAT/PAT64PublicIPv6toPublicIPv4

Backhaul

EPG

Backhaul

EPG

IPv6ImplementationTrafficFlow

IPv4PublicInternet

CarrierNetwork(IPv4+IPv6)

IPv6PublicInternetIBR

NAT64PublicIPv6toPublicIPv4

NativeIPv6

RadioNetwork(IPv4transport)

EPG

Single–BearerIPv6onlyuserplane

IPv6

RunningmultipleAPNs

InternetRadio Network Carrier Network

IPv4

eNodeB

GGSN/EPG

IPv6 APN

IPv4v6 APN

IPv4 APN

IPv4v6

IPv6

IBRNAT44 / NAT64

DNS64

DNS-DS

CreatemultiplerealAPNsthatsupportsIPv4,IPv6,andIPv4v6individually

RunningaSingleAPN

InternetRadio Network Carrier Network

IPv4

eNodeB

GGSN/EPG

IPv4v6 APN

IPv4v6

IPv6

IBRNAT44 / NAT64

DNS-DS

CreateasinglerealAPNthatsupportsbothDSandSS

IPv6ImplementationSecurity

IPv4PublicInternet

CarrierNetwork(IPv4+IPv6)

IPv6PublicInternetCGNAT BR

NAT44/64TranslationStatefulfirewall

UntrusttoTrustBlockalltrafficoriginatingfrominternet

TrusttoUntrustAllowalltraffic

RadioNetwork(IPv4transport)

EPG

FirewallApplication

IPv6

IPv6NativeStatefulfirewall

UntrusttoTrustBlockalltrafficoriginatingfromInternet

TrusttoUntrustAllowalltrafficoriginatingfromIPv6handsetrangesonlyAllowDNStrafficBlockallinfrastructurerangesBlockallVoLTEranges

APNACL

AdvertiseonlyhandsetrangestoCarrierNetworkBlocktrafficwithIPrangesnotconfiguredontheEPG

InfrastructureCloudIPv6

L3FabricEVPN

InternetProviderCoreNetworkMPLS

PE

DCGateway

ToR

vCGN

BR

vEPC

HowmuchtrafficwilluseIPv6?

464XLATArchitectureforMobiles

CarrierCore

UserEquipment/MobilePhone

IPv6

IPv4 CLATFunction

PLAT(NAT64)

IPv6Internet

IPv4Internet

CLAT>IPv4hostaddressforXLATE(clat4)

[192.0.0.4/32]IPv6hostaddressforXLATE[2001:db8:aaaa::464/128PLAT-SideXLATEIPv6Prefix

[2001:db8:bbbb::/96]

PLAT>IPv4pool

[192.0.2.1–192.0.2.100]PLAT-SideXLATEIPv6Prefix

[2001:db8:bbbb::/96]

IPv4SRC192.0.0.4IPv4DST

198.51.100.1

IPv6SRC2001:db8:aaaa::464

IPv6DST2001:db8:bbbb::198.51.100.1

IPv4SRC192.0.2.1IPv4DST

198.51.100.1StatelessNAT64

[RFC6145]

StatefulNAT64

[RFC6146]

198.51.100.1

2001:db8:ca7e::d007

AddressingandSubnetting

3GPPcurrentlydictateseachUEtoreceivea/64

Futurereleasesmayrequirea/60withDHCP-PDforsingleAPNtethering

4x/44perAPNperEPG=4Mprefixes

YouwillprobablyalsoneedasimilarrangeforVoLTE APNs

KEY:makesureitisastructuredsubnetting schemasoitisconsistentnationallyandacrosstheentireorganisation.

AddressingandSubnetting

InfrastructureAddressing:

/64perVLAN– Keepitsimple!

PrivateorPublic– butremembertouseafirewallandpoliciestoavoidadvertisingtheinfrastructureouttotheinternet!

NATisnotasecurityfeature!

AddressingandSubnetting

DeploymentModel

SP1 SP2/SP3 SP4Dual-StackSS+NAT64+DNS64+CLATSS/DS+NAT64+DNS-HD+CLAT

1. Everycarrierwillhaveauniquesetofcircumstancesthatdictateswhichtransitionmethodtheywilluse.Thereisnostandardwayofdoingthis.

2. Youmustdeterminewhichisthebestmethodforyournetwork.

Inanymethod,remembertoensureyouhavealong-termstrategyfortheeventualdeploymentofnativeSingleStackIPv6!

CarrierExamples

TwoexistingAPNs– oneforHandsets,oneforMobileBroadbandandTethering

or

464XLAT+NAT64+DNS64fortheHandsetAPNonly

IPv6enabledDNSforallotherAPNs

DifferentAPNsfordifferentpurposes

Telstra.WAP

Telstra.Internet

NAT64/DNS64

464XLAT Internet

DNS-DS/NAT44 Internet

HSSConfiguration

PDPContextid=IPv4v6

MMEConfiguration

DAF=set

EPGConfiguration

PDPTYPE=IPv4v6

EPGwillthenalsohavethefollowingasaminimumwithineachAPN:

-IPv6HandsetRange

-IPv4HandsetRange

-2xIPv4DNSNameServers,2xIPv6DNSNameServers

PacketCoreConfiguration

Android4.3+supports464XLAT.Werecommendusinganythingthatis4.4.4+or5.1+

Dependingonyoursetup,eitherPDPselectionisbasedontheUEortheNetwork.

InternationalRoamingoverIPv6workstoday!ButwerecommendtheAPNRoamingProtocoltobesettoIPv4onlyforthenexttwoyears.

UERequirementsandSettings

• InformedFrontofHouseandprovidedtraining,aswellasEnterprisesupportandsalespersonnel

• UpdatedinternalKnowledgeBase

• BriefedOperationsandprovidedtraining• Createdmoderatedforumwithofficialdetailsonthenetworkchange

• ProvideddirectemailcontacttoTelstraEngineering• Contactedthetechnicalcommunityviamailinglistsandpublicforums

beforelaunch

LaunchConsiderations

OurExperience

iPadDual-StackCarrierSettings

SignificantIPv6takeup oniPadssincecarrierupdatewasmadeavailablewithDual-Stack.

UpdatemadeviaiOSpatch.UsersarenotimmediatelyawareIPv6isavailableontheiriPads.Transparentmigration.

IPv6takeupoccurswheniPadsarepatchedtothelatestversion

SingleStackwillcomelaterthisyear

OurExperience

OurExperience

01/07/16

01/08/16

01/09/16

01/10/16

01/11/16

01/12/16

01/01/17

NSW QLD SA VIC WA Total

telstra.wap - IPv6 Usage

APN– IPv4v6,HLR/HSS– IPv4v6LegacydevicesconfiguredwithIPv4onlyarenotimpactedNewdevicesconfiguredwithIPv4v6obtainsbothaddressesandiscurrentlygrowingsignificantlyExistingdevicesconfiguredwithIPv6onlyobtainsIPv6only

CGNATNAT64ALGs:ftp,sip,pptp,rtsp,h323

BYOdeviceandexistingservices

SomeapplicationsfailwithIPv6– evenwith464XLAT.Routingissues?

VPNsarearealproblem– butisitacarrierproblemoranapplication/serverproblem?

HTTP/HTTPSworksverywell

SSHisnotamajorproblem

IPv6isfasterinsomecases– smallerBGPtable,noNATetc.

Majorappsworkverywell– especiallyfromthemajorcontentproviders

IPv4vsIPv6

Engagethecommunityearlysotheyknowwhat’scoming.Theywillappreciateyouarestilldevelopingandtheywillwanttobepartofthejourney!

Wereceivesupportemailthroughourcontactpointsandreplyassoonaspossible.Don’tkeepyourcustomerswaiting

Skiptheredtape– letcustomersengageengineeringdirectly

Keepmanagementhappy!ReportSIOandbandwidthusage!

CustomerSupport

Q&A

CONTACT

JeffSchmidtTechnologyTeamManagerTelstraWirelessNetworkEngineering

jeff.Schmidt@team.telstra.com

SunnyYeungSeniorTechnologySpecialistTelstraWirelessNetworkEngineering

sunny.yeung@team.telstra.com

Contact