IPv6 in the Greek School Network

Similar documents
Campus IPv6 connection Campus IPv6 deployment

Basic IPv6 WAN and LAN Configuration

IP Address Management: Smoothing the Way to Cloud-Based Services

IPv6 Addressing. ISP Training Workshops

Cisco. Patrick Grossetete Cisco Systems Cisco IOS IPv6 Product Manager pgrosset@cisco.com

Reverse DNS considerations for IPv6

IPv6 in the Greek School Network and Energy-related Pilot Applications Manos Varvarigos

IPV6 DEPLOYMENT GUIDELINES FOR. ARRIS Group, Inc.

KENET NETWORK INFRASTUCTURE. KENNEDY ASEDA

ICS 351: Today's plan. IP addresses Network Address Translation Dynamic Host Configuration Protocol Small Office / Home Office configuration

CCT vs. CCENT Skill Set Comparison

Websense Support Webinar: Questions and Answers

Netflix Open Connect Network. PTT Forum December 2012 Flavio Amaral (South America Network Strategy)

E6000 CER Release 1.1

APNIC IPv6 Deployment

IPv6 Opportunity and challenge

Network Documentation Checklist

DEDICATED INTERNET CONNECTIVITY PROPOSAL

WHITE PAPER. Infoblox IPAM Integration with Microsoft AD Sites and Local Services

Layer 3 Network + Dedicated Internet Connectivity

VMware vcloud Air Networking Guide

How To Configure Windows Server 2008 as a RADIUS Server with MS-CHAP v2 Authentication

Copyright 2006 Comcast Communications, Inc. All Rights Reserved.

Residential IPv6 IPv6 a t at S wisscom Swisscom a, n an overview overview Martin Gysi

EX 3500 ETHERNET SWITCH

The Evolution of Ethernet

Chapter 15: Advanced Networks

Broadband Network Architecture

Deploying Cisco Basic Wireless LANs WDBWL v1.1; 3 days, Instructor-led

Quick Connect Express for Active Directory

GRNet. Advanced Network Services Tool

OS3 Fiber Day Broadband networks - Network Architecture. May 20, 2016 / Jan Martijn Metselaar Vodafone

IPv6 Fundamentals, Design, and Deployment

Web Application Hosting Cloud Architecture

Chapter 4 Connecting to the Internet through an ISP

IPv6 and xdsl. Speaker name address

vcloud Air - Virtual Private Cloud OnDemand Networking Guide

Dell Active Administrator 8.0

TREENO ELECTRONIC DOCUMENT MANAGEMENT. Administration Guide

Broadband Bonding Network Appliance TRUFFLE BBNA6401

Broadband Bonding Network Appliance TRUFFLE BBNA6401

Networking 4 Voice and Video over IP (VVoIP)

Discover the new version of HelpDesk! HelpDesk More features, more control, and still so easy to use!

2. From a control perspective, the PRIMARY objective of classifying information assets is to:

Comprehensive IP Traffic Monitoring with FTAS System

Implementing Microsoft Azure Infrastructure Solutions

- 1 - Wireless Modem Router User Guide

Managing Your Microsoft Windows Server Fleet with AWS Directory Service. May 2015

BELNET: Service Level Description Version (29/7/2009)

70-417: Upgrading Your Skills to MCSA Windows Server 2012

ITEC 495 Capstone Project Ideas

IPv6 over IPv4/MPLS Networks: The 6PE approach

Windows Server 2003 Active Directory: Perspective

Technical Note. vsphere Deployment Worksheet on page 2. Express Configuration on page 3. Single VLAN Configuration on page 5

Multi-Homing Security Gateway

IPv6 deployment experiences from DNA Finland. Oskari Rasi

Network Security Solutions Implementing Network Access Control (NAC)

Putting the Network Redesign Principles and Concepts into Practice

Euro6IX project and Italian IPv6 Task Force

x900 Switch Access Requestor

NEFSIS DEDICATED SERVER

PCoIP Infrastructure Deployment Guide. TER Issue 1

DSL-2600U. User Manual V 1.0

Sophos Mobile Control Technical guide

How To Configure A Kiwi Ip Address On A Gbk (Networking) To Be A Static Ip Address (Network) On A Ip Address From A Ipad (Netware) On An Ipad Or Ipad 2 (

Cisco Network Switches Juniper Firewall Clusters

Chapter 5. Data Communication And Internet Technology

VMware vsphere 5.0 Evaluation Guide

Planning Domain Controller Capacity

IceWarp to IceWarp Server Migration

Administering Windows Server 2012

MOC 6435A Designing a Windows Server 2008 Network Infrastructure

Configuring Windows Server 2008 Network Infrastructure

ALLNET ALL-VPN10. VPN/Firewall WLAN-N WAN Router

CA IT Client Manager. Desktop Migration

Configuring Global Protect SSL VPN with a user-defined port

4. Client-Level Administration

The SSL device also supports the 64-bit Internet Explorer with new ActiveX loaders for Assessment, Abolishment, and the Access Client.

Basics Of Replication: SQL Server 2000

Using different Security Policies on Group Level for AD within one Portal. SSL-VPN Security on Group Level. Introduction

WiNG5 CAPTIVE PORTAL DESIGN GUIDE

NETASQ MIGRATING FROM V8 TO V9

Gigabit SSL VPN Security Router

Faculty Details. : Assistant Professor ( OG. ),Assistant Professor (OG) Course Details. : B. Tech. Batch : : Information Technology

Network support for tele-education

D.R. Network Design. The Small College Version

Introduction to Directory Services

Cisco Meraki MX products come in 6 models. The chart below outlines MX hardware properties for each model: MX64 MX64W MX84 MX100 MX400 MX600

Cisco Knowledge Network

WatchGuard SSL v3.2 Update 1 Release Notes. Introduction. Windows 8 and 64-bit Internet Explorer Support. Supported Devices SSL 100 and 560

6.0. Getting Started Guide

How to configure your Thomson SpeedTouch 780WL for ADSL2+

Transcription:

IPv6 in the Greek School Network Michalis Oikonomakos - Network Engineer, Greek School Network & CTIP Athanasios Douitsis - Network Engineer Greek School Network & NTUA NOC / ICCS

Brief overview of Greek School Network (GSN) GSN is the Educational Network of Ministry of Education Schools (16.200) and (900) administrative units are broadband connected Serves 180.000 teachers and 1.350.000 pupils Hosts 12.747 websites and 19.223 blogs (Personalized access to 84.944 teachers and 65.294 pupils) Develops, provides and supports value added services, for education and administration of education. Helpdesk supports >30.000 tickets/year and a multiple number of phone calls Cofounded by European Union and Greek state Designed, implemented and operated by the Ministry of Education and 12 Research Centers, Universities and Technological Educational Institutes

GSN s Electronic Services Broadband access Email & emailing lists Web portals, which are provide useful educational material Web filters, to protect pupils from inappropriate web content Special portal for internet safety Web hosting and wizards to create dynamic web pages Blogging and social networking E-Learning and e-portfolios Special portal for Educational Open Source Software Video on Demand and Live web-castings Web conferences Schools magazines

Network status 56 PoPs (at least 1 pop in every prefecture), interconnected using GRNET s and SYZEYXIS backbone 10Gbps internet connection via GRNET, which serves as upstream provider to GSN 2 geographically separated Datacenters (soon to be 3) Various access methods (MetroEthernet, xdsl, Wireless, Optical Fiber, Leased Lines)

IPv6 history and status @ GSN Early involvement in IPv6 Case study in book Global IPv6 Strategies: From Business Analysis to Operational Planning (10 years ago) Address space used to be a /47 & a /48 Nowadays is a /48 (backbone) and a /40 for school and administrative units Dual stack implementation OSPFv3 as IGP / BGPv4 Basic services running ipv6 (www, DNS etc) >6Gbps daily IPv4 internet traffic >350Mbps daily IPv6 internet traffic

SCH ACCESS NETWORK IPV6 ADDRESS MANAGEMENT SYSTEM

SCH Previous IPv6 Setup In place for almost 10 years Same prefix pool for all units /63 per unit /64 for WAN/PPP, /64 for DHCPv6 PD Manual assignment of prefixes Maintenance by SCH operators Error-prone, cumbersome Vendor specific IPv6 RADIUS attributes stored verbatim in directory as radiusreplyitem(s)

SCH Future IPv6 Requirements Design for another 10 years ahead Static /56 per school 256 VLANs plus a static /64 for the PPP/WAN link Automated Prefix assignment/maintenance Storage of clean IPv6 prefixes in LDAP (Vendor neutral) Extension of LDAP schema with dedicated IPv6 attributes RADIUS translates to VSAs only if necessary Grouping of unit prefixes according to category e.g. high school, administrative, elementary Easier policy enforcement, access lists, content filtering very important for elementary category

Prefix Calculation from Offset Delegated Pool space: 2001:648:2000:0000::/ 40 + Stored offset 431d (16 bits) = Final Delegated Prefix 2001:648:2043:1d00::/5 6 Storage of address offset instead of full prefix Storage in ordinary DB Easier sorting, easier counting Renumbering possible without alteration of thousands of user records Simple change of pool spaces

IPv6 Pool Dimensioning Assumption of double space requirements in next 10 years Separate prefix group per unit category 2001:648:3400::/44 core network / datacenter 2001:648:3410::/44 administrative 4000 2001:648:3420::/43 high school units 8000 2001:648:3400::/4 0 2001:648:3440::/42 elementary units 16000 2001:648:3480::/41

RADIUS and LDAP modifications Directory service (LDAP) 2 new attributes FramedIPv6Prefix DelegatedIPv6Prefix RADIUS Framed-IPv6-Prefix (from LDAP attribute) Delegated-IPv6-Prefix (from LDAP attribute) Framed-Interface-ID (TBD: unset, static or random) DNS-Server-IPv6-Address (TBD: static, dynamic) Building an IPv6 Address Management System 11

Software goals Automated operation Batch mode Assign prefix to every unit in LDAP Single unit mode Assign prefix to specific unit supplied as argument Ability for on the fly renumbering In case of IPv6 pools space reconfiguration Lifecycle automation (auto detection of creation and deletion of units)

Software requirements Update directory entries Multiple configurable groups/pools Different delegated prefix length per group Assignment of framed, delegated prefixes per unit Existing unit Retain same prefix New unit Assignment of free prefix Deleted unit Recycle prefix Deletion / prefix reassignment logging (for audit/accounting purposes)

System Operation Overview Calculate prefixes from offset Store prefixes Address assignment software SCH Master Directory Classify unit, get pool for category, get offset for unit Pool and address offset DB Read unit If new unit, create a new offset in DB or recycle oldest unused

Software code Standalone software Perl >= 5.14 Communication with DB & LDAP Approx. 35 CPAN module dependencies MySQL 5.x https://github.com/aduitsis/ipv6-static/tree/sch

Thank you! Any Questions? For the IPv6 Address management system, see also: http://www.slideshare.net/aduitsis/building-an-i-pv6- address-management-system-47192345

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information