plnog 13: m. czerwonka, t. kossut: ipv6 in mobile network
TRANSCRIPT
Orange Polska S.A.
IPv6 implementationin mobile network- stage IIOrange Poland
Tomasz Kossut, Michał Czerwonka PLNOG 2014, Kraków, September 2014
2
Orange Polska S.A.
Agenda
Orange Poland solution IPv6 architecture IPv6 TransitionStatisticsResearchDemo
3
Orange Polska S.A.
IPv6 implementationin mobile network- stage II
Solution
4
Orange Polska S.A.
• One path for IPv4 traffic (always via CLAT)
• ALG’s treated as NAT44• IPv4 literal & domain use same path
• One path for IPv6 traffic (native IPv6)
• Motivation for native IPv6 content
• Application address family independent
• Applicable for tethering and CPE routers
Ipv6 only CLAT+PLAT+DNS
5
Orange Polska S.A.
IPv6 implementationin mobile network- stage II
IPv6 architecture
6
Orange Polska S.A.
DNS or DNS64? DNS64 only for plat-prefix discovery
Can be done by F5 irule or Nominum Vantio
7
Orange Polska S.A.
NAT64 box – feature overview
Feature/bugs Juniper SRX
Fortinet FG1500D
A10 AX3200
Linux NAT64 stateless +
NAT44 statefullHashing NOK OK OK OKCLAT-
awareness ALGs
NOK FTP,
RTSP*, PPTP*
FTP FTP,RTSP
Selective TCP MSS override
NOK OK OK OK
comments
*) not tested, demo only
8
Orange Polska S.A.
NAT64 box – issues
• MTU and fragmentation (28B overhead)
• Hashing algorithm must be based on IPv6 prefix
• ALGs
9
Orange Polska S.A.
Roaming & IPv6-only IPv6 or IPv4v6 is not populated in all roaming
partners
– IPv4 PDP guarantee failsafe automatic data roaming regardless of visitied network
– Some times even PDP IPv4 does not work, but the clue is more PDP IPv6 contexts in roaming
OPL failsafe mechanism for roaming case
– Mechanism works for Android, WP8.1 GDR1
– Roaming indicator triggers fallback to ipv4 APN
10
Orange Polska S.A.
IPv6 implementationin mobile network- stage II
Ipv6 transition
11
Orange Polska S.A.
APN IPv6-only configuration
Name: Orange Internet
MCC/MNC 26003
APN internetipv6
Username/password internet
APN state readonly
APN protocol IPv6
APN Protocol when roaming
IPv4
APN type default, hipri, dun, supl
12
Orange Polska S.A.
IPv6 devices
OPL certified IPv6 devices
Android – Sony/Samsung/HTC/LGWP 8.1 – Nokia /Lumia
13
Orange Polska S.A.
IPv6 devices -requirements3.1. Dynamic IPv6 Address Allocation + IID randomly generated (privacy address) + UE shall use the
IID given in PDP activation response message to configure its LLA (3GPP TS 23.060) http://www.3gpp.org/ftp/Specs/archive/23_series/23.060/.
3.2. Customer Side Translator function (CLAT) must be embedded (smartphone/tablet/router) as part of 464xlat architecture RFC 6877. The CLAT must support ICMP, UDP, TCP, GRE and fragmented packet. clatd.conf - may be generic where the domain for nat64 prefix discovery must be “ipv4only.arpa” – static configuration may be request by OPL PM.
https://android.googlesource.com/platform/external/android-clat/
3.3. MTU size & device interfaces - If the network send MTU size in RA message, then device must set it to the radio interface otherwise set the default value=1500B. The CLAT demon will calculate MTU size automatically for its interfaces (clat and clat4).
4. IPv6 tethering - the CLAT helps Dual Stack tethering solution both USB/WIFI on the device (http://tools.ietf.org/html/draft-ietf-v6ops-64share-09, scenario#2) when APN is IPv6-only. The Global IPv6 and private IPv4 (clat) must be enabled on tethered LAN.
4.1. RA – device sends RA message to tethered host with Ipv6 prefix information. Router lifetime set=9000 secs. Router sends periodically RA message – max. value 9000 secs.
4.2. DHCPv6 – device server relays PCO Ipv6 DNS'es addresses to tethered hosts.
4.3. DHCPv4 – device server relays private IPv4 address and send DNS IPv4 (CLAT DNS-proxy)
4.4. Tethering & MTU size – device propagates MTU size 1500B to tethered clients interfaces ( Ipv4&Ipv6)
5. IPv6 LTE UE - the device must set EIT bit=1 in “Initial Attach” message
14
Orange Polska S.A.
Download Booster (CLAT+PLAT+DNS) Device is connected to WiFi & LTE at the same time (http speed up=LTE+80%WiFi !)
CLAT is always disabled while WiFi connected = platprefix unknown, no IPv4-IPv6 synthesis= NAT64 unreachable
Proposed solution – add platprefix discovery on application layer=get the prefix +IPv4-IPv6 synthesis =NAT64 reachable
Solution works for IPv4 literal/domain names with DNS64 disabled
It solves „IPv4 without DNS” when DNS64 is enabled !
15
Orange Polska S.A.
IPv6 implementationin mobile network- stage II
IPv6 statistics
16
Orange Polska S.A.
12%
• OPL PDP IPv6 vs PDP IPv4
17
Orange Polska S.A.
18
Orange Polska S.A.
OPL APN IPv6 – traffic
19
Orange Polska S.A.
IPv6 users in Poland
0,41% users
20
Orange Polska S.A.
IPv6 users in Poland
0,41% users
21
Orange Polska S.A.
464XLAT mobile networks
T-MOBILE USAORANGE PLEIRCOM IRLANDTELENOR NORWAYEE UKTELSTRA AUSTRALIA
22
Orange Polska S.A.
IPv6 implementationin mobile network- stage II
IPv6 research
23
Orange Polska S.A.
DNS new feature
•Limit DNS64 functiondns64 for domain „ipv4only.arpa” only
•Insted of use iRules or static AAAA record
This helps to deploy DNS for all subscribers
24
Orange Polska S.A.
PLAT new feature
•operate with CLAT 2.0? full RFC 6877 and DHCPv6 PD support
source IPv6 address /96 mapped IPv4 addressesdestination IPv6 address /96 mapped IPv4 addresses
Source_IPv6subs_CLAT_PD::194.0.0.4 => 192.0.0.4Destination_IPv6_PLAT_WKP::8.8.8.8 => 8.8.8.8
CLAT-awareness ALGs more easy IPv4 traffic are transparent for IPv6 transport
25
Orange Polska S.A.
TAYGA new feature
•Combo NAT box NAT64 stateless + NAT44 statefull in one box at least with FTP ALG process IPv4 pools internally
Possible to implement CLAT 2.0 support
http://www.litech.org/tayga/
26
Orange Polska S.A.
TAYGA new feature ct’d
•Heterogeneous System Architecture (HSA) support
imageine a CPE router with Heterogeneous processor handling packet at wirespeed with 10GE interfaces
http://www.litech.org/tayga/http://www.hsafoundation.com/
27
Orange Polska S.A.
IPv6 implementationin mobile network- stage II
Demo
28
Orange Polska S.A.
IPv6 tethering hotspots
Voyager 1,2,3,4Pass 12345678
Visit Eric site
http://www.vyncke.org/countv6/stats.php
29
Orange Polska S.A.
Q&A
Orange Polska S.A.
thank you