IP Gateways Gdansk University of Technology Mariusz Stankiewicz 24th March 2011
A Gateway A gateway different meanings default router a device that connects two or more domains/networks/network types a gateway must convert one protocol stack into another. a device that offers or facilitates specific services (e.g. SIP gateway) a gateway may contain devices such as protocol translators gateway as a connection of two worlds (e.g. IPv4 IPv6) 2
Agenda DHCPv6 a service configuration gateway Migration to IPv6 Guide IPv6 Gateways - Bridging IPv4 and IPv6 worlds ip46nat Standardization Process 3
4 Dibbler open source, implementation of the DHCPv6
Dibbler project The Dibbler project is an open source, portable implementation of the DHCPv6 protocol, providing client, server, relay and requestor. Currently ports for Linux and Windows based systems are available. 5
Dibbler project current status Available for: Linux (Debian, Ubuntu, Gentoo, PLD, OpenWRT, sources) Windows NT, 2000, XP, 2003, Vista MacOS (work in progress) Ported to various architectures x86, x86_64, amd64, Sparc, PowerPC, Alpha (64bit RISC), Motorola m68k MIPS (embedded system, e.g. LinkSys wireless router WRT54) IBM S390 (mainframe class) 6
Feedback from 33 countries Dibbler project current status Includes Finland and Sweden Was used as reference implementation in Cisco R&D labs High interest from major telco vendors Cisco, Comcast, HP, Intel, Motorola, Nokia, Xerox and others 7
Dibbler project Dibbler is used as environment for experiments Implement various extension for test and research Uses in big companies in laboratories Very flexible when it comes to configuration Dibbler homepage: http://klub.com.pl/dhcpv6/ 8
9 MIGRATION to IPv6 GUIDE
Migration to IPv6 guide Migration of existing network IPv4 to IPv6 is a complicated process Accelerate the migration process Application primarily addressed to the SOHO network administrators At this stage of development, further expansion possible Ability for easy knowledge base extension Social development model: primary development team (GUT) with many contributors Validation of correctness, compliance with RFC multiple operating systems (Windows, Linux, FreeBSD, possibly Mac OS): Python GTK XML 10
Migration to IPv6 guide example of the network, which includes: (migration of both network and services) Server Linux Ubuntu 9.04 Mail, WWW, FTP, Samba, SSH Router Cisco WRT610N Workstation with Windows XP Ethernet 100Mbps Workstation with Windows Vista Ethernet 100Mbps Workstation with Linux Wireless connection (802.11g) network currently operates only on the IPv4. 11
Migration to IPv6 guide first step Run a network scan (process takes a few minutes) 12
Migration to IPv6 guide second step Build knowledge database, based on: network scan from step 1 Questions answered by network administrator Rich content provides additonal help 13
Migration to IPv6 guide second step Inter-question dependencies 14
Migration to IPv6 guide third step Based on obtained knowledge, split migration process into steps, provide easyto-follow migration guidelines, with extra background information. Advices depends on the answers provided previously 15
Migration to IPv6 guide fourth step Once network is migrated, validation takes place To validation used the TAHI Project 16
17 Universal IPv4 IPv6 translator - ip46nat
Universal IPv4 IPv6 translator Problem: Lack of universal mechanism to cooperation of nodes IPv4-only with nodes IPv6 only, impossibility to migration of some devices and hosts. Proposed solution: Develop translation mechanism between IPv4 and IPv6 protocols Emphasis on efficiency: larger MTU (1480) reduces a chance of problem with fragmentation Implementation in kernel space operates at the network layer (support for any protocol, no ALG) Result: Host IPv4-only communicating with a server IPv6-only Client IPv4 only NAT IPv4-IPv6 Server IPv6-only 18
Universal IPv4 IPv6 translator existing solutions Dual IP stack both protocols simultaneously Two networks exist side by side Methods of cooperation on the basic of tunneling (IPv6over-IPv4, GRE, Teredo, ) Disadvantage: Problem with the MTU (need both headers IPv4 and IPv6, sometimes more additional elemenst, such as GRE or UDP) Tunneling requires support for IPv4 destination node (server), in contrast to the translator Methods of cooperation on basic translation (6RD, 6to4, ) No opportunities for cooperation of different address families Another type of solution (issue of transfer of IPv6 traffic in IPv4 network) than the translator (communication nodes IPv4 with IPv6) Conclusion: Existing tools solve different problems 19
Universal IPv4 IPv6 translator operating principle Example IPv4 to IPv6 translation: a.b.c.d/24 -> e.f.g.h/24 => srcprefix:ab:cd -> dstprefix:ef:gh Module parameters: srcprefix = 2000:: dstprefix = 3000:: v4addr = 10.20.1.0 offset = 96 [bits] A IPv4 IPv6 B 10.30.1.2 3000::a14:164 10.30.1.2 to 10.20.1.100 => 2000::a1e:102 to 3000::a14:164 20
DEMONSTRATION 21
Universal IPv4 IPv6 translator following functionality Proof of concept phase, not solution to any intermediate problems Implemented as Linux kernel module Collecting trafic statstics (/proc interface) Ability to configure a module during loading phase Plans to configure via /proc Running on platform OpenWRT (LinkSys WRT54GL), and every Linux distribution 22
Universal IPv4 IPv6 translator example Example: ICMPv4 over IPv6 23
Sharing results All Internet related protocols are defined by IETF Active participation in several WGs Involved (authors or coauthor) in 6 drafts Notable activities: DS-Lite tunnel option for DHCPv6 Completed WGLC, after review by IESG DHCPv6 Route Option To be accepted as MIF WG item DHCPv6 redundancy considerations Co-written with DHC WG chair To be accepted as WG item 24
Thank you Future Internet Engineering homepage: http://iip.net.pl Mariusz Stankiewicz mariusz.stankiewicz@zak.eti.pg.gda.pl Gdansk University of Technology 25