Transition to IPv6 in Service Providers



Similar documents
RFC 2547bis: BGP/MPLS VPN Fundamentals

IP/MPLS-Based VPNs Layer-3 vs. Layer-2

IPv6 over IPv4/MPLS Networks: The 6PE approach

MPLS over IP-Tunnels. Mark Townsley Distinguished Engineer. 21 February 2005

Implementing MPLS VPN in Provider's IP Backbone Luyuan Fang AT&T

MPLS L2VPN (VLL) Technology White Paper

Tackling the Challenges of MPLS VPN Testing. Todd Law Product Manager Advanced Networks Division

Junos MPLS and VPNs (JMV)

Introducing Basic MPLS Concepts

IPv4/IPv6 Transition Mechanisms. Luka Koršič, Matjaž Straus Istenič

Quidway MPLS VPN Solution for Financial Networks

MPLS VPN Services. PW, VPLS and BGP MPLS/IP VPNs

MPLS Layer 3 and Layer 2 VPNs over an IP only Core. Rahul Aggarwal Juniper Networks. rahul@juniper.net

Demonstrating the high performance and feature richness of the compact MX Series

IPv6 Opportunity and challenge

Introduction to MPLS-based VPNs

Implementing Cisco Service Provider Next-Generation Edge Network Services **Part of the CCNP Service Provider track**

Deploying IPv6 for Service Providers. Benoit Lourdelet IPv6 Product Manager, NSSTG

IPv4 and IPv6 Integration. Formation IPv6 Workshop Location, Date

Leveraging Advanced Load Sharing for Scaling Capacity to 100 Gbps and Beyond

UNDERSTANDING JUNOS OS NEXT-GENERATION MULTICAST VPNS

Addressing Inter Provider Connections With MPLS-ICI

Implementing MPLS VPNs over IP Tunnels

Daniel O. Awduche, MBA, PhD.

DD2491 p MPLS/BGP VPNs. Olof Hagsand KTH CSC

MP PLS VPN MPLS VPN. Prepared by Eng. Hussein M. Harb

MPLS-based Virtual Private Network (MPLS VPN) The VPN usually belongs to one company and has several sites interconnected across the common service

Building VPNs. Nam-Kee Tan. With IPSec and MPLS. McGraw-Hill CCIE #4307 S&

Virtual Private Networks. Juha Heinänen Song Networks

100Gigabit and Beyond: Increasing Capacity in IP/MPLS Networks Today Rahul Vir Product Line Manager Foundry Networks

Why Do IPv6 over MPLS?

Kingston University London

DD2491 p BGP-MPLS VPNs. Olof Hagsand KTH/CSC

Computer Network Architectures and Multimedia. Guy Leduc. Chapter 2 MPLS networks. Chapter 2: MPLS

ProCurve Networking IPv6 The Next Generation of Networking

BUILDING MPLS-BASED MULTICAST VPN SOLUTION. DENOG3 Meeting, /Frankfurt Carsten Michel

MPLS in Private Networks Is It a Good Idea?

Cisco Exam CCIE Service Provider Written Exam Version: 7.0 [ Total Questions: 107 ]

WHITE PAPER. Addressing Inter Provider Connections with MPLS-ICI CONTENTS: Introduction. IP/MPLS Forum White Paper. January Introduction...

For internal circulation of BSNLonly

MikroTik RouterOS Introduction to MPLS. Prague MUM Czech Republic 2009

VPN Technologies A Comparison

Enterprise Network Simulation Using MPLS- BGP

White Paper. Cisco MPLS based VPNs: Equivalent to the security of Frame Relay and ATM. March 30, 2001

Introduction Inter-AS L3VPN

Boosting Capacity Utilization in MPLS Networks using Load-Sharing MPLS JAPAN Sanjay Khanna Foundry Networks

How Routers Forward Packets

MPLS Concepts. Overview. Objectives

IPv6 Deployment Strategies

ISTANBUL. 1.1 MPLS overview. Alcatel Certified Business Network Specialist Part 2

IPv6 Co-existence & Integration

Residential IPv6 IPv6 a t at S wisscom Swisscom a, n an overview overview Martin Gysi

SBSCET, Firozpur (Punjab), India

MPLS VPN Security Best Practice Guidelines

MPLS over Various IP Tunnels. W. Mark Townsley

MPLS-based Layer 3 VPNs

Transition to IPv6 for Managed Service Providers: Meet Customer Requirements for IP Addressing

THE ADOPTION OF IPv6 *

MPLS VPN Security BRKSEC-2145

IPv6 Migration Challenges for Large Service Providers

MPLS Implementation MPLS VPN

CGN Deployment with MPLS/VPNs

Overlay Networks and Tunneling Reading: 4.5, 9.4

Real World IPv6 Migration Solutions. Asoka De Saram Sr. Director of Systems Engineering, A10 Networks

Design of MPLS networks VPN and TE with testing its resiliency and reliability

l.cittadini, m.cola, g.di battista

Service Provider IPv6 Deployment Strategies

IPv6 Fundamentals Ch t ap 1 er I : ntroducti ti t on I o P IPv6 Copyright Cisco Academy Yannis Xydas

Design of Virtual Private Networks with MPLS

Implementing Cisco MPLS

Steve Worrall Systems Engineer.

WAN Topologies MPLS. 2006, Cisco Systems, Inc. All rights reserved. Presentation_ID.scr Cisco Systems, Inc. All rights reserved.

How To Make A Network Secure

WHITE PAPER. Best Practices for Deploying IPv6 over Broadband Access

MPLS Security Considerations

MPLS Virtual Private Networks

Virtual Private LAN Service on Cisco Catalyst 6500/6800 Supervisor Engine 2T

IPv6 Fundamentals, Design, and Deployment

Implementing MPLS VPNs over IP Tunnels on Cisco IOS XR Software

WHITEPAPER. Bringing MPLS to Data Center Fabrics with Labeled BGP

SEC , Cisco Systems, Inc. All rights reserved.

13 Virtual Private Networks 13.1 Point-to-Point Protocol (PPP) 13.2 Layer 2/3/4 VPNs 13.3 Multi-Protocol Label Switching 13.4 IPsec Transport Mode

MPLS-based Layer 2 VPNs. Kireeti Kompella Juniper Networks

AT&T Managed IP Network Service (MIPNS) MPLS Private Network Transport Technical Configuration Guide Version 1.0

MPLS Basics. For details about MPLS architecture, refer to RFC 3031 Multiprotocol Label Switching Architecture.

IPv4 to IPv6 Transition

IMPLEMENTING CISCO MPLS V3.0 (MPLS)

PRASAD ATHUKURI Sreekavitha engineering info technology,kammam

IMPLEMENTING CISCO MPLS V2.3 (MPLS)

Why Is MPLS VPN Security Important?

COMPREHENSIVE MPLS VPN SOLUTIONS

Virtual Private LAN Service (VPLS)

MPLS VPN over mgre. Finding Feature Information. Prerequisites for MPLS VPN over mgre

Internet Protocol: IP packet headers. vendredi 18 octobre 13

HP Networking BGP and MPLS technology training

Transcription:

Transition to IPv6 in Service Providers Jean-Marc Uzé Director Product & Technology, EMEA juze@juniper.net UKNOF14 Workshop Imperial college, London, Sept 11 th, 2009 1 Agenda Planning Transition Transition trends in Service Providers In the core In the access 2 1

The End of the Road Comes into View Only 11% of IPv4 space remains available in IANA pool Depletion projected mid-2011 3 Projected RIR and IANA Consumption (nb /8s) http://www.potaroo.net/tools/ipv4/index.html Methodologies: Core to Edge IPv6 implemented in core network first Incrementally migrated outward toward edge Application and advantages: Core devices usually the easiest/safest to add IPv6 to Gains time for addressing more difficult issues Security Management Gives time for operations to gain experience before IPv6 reaches users at the edge Best approach for holistic IPv6 deployment 4 2

Methodologies: Edge to Core IPv6 implemented at edge first Might or might not be incrementally migrated inwards to core Application and advantages: Best approach when IPv6 must be quickly deployed to users Best approach when a network must demonstrate early IPv6 capability Best approach when older devices in core cannot support IPv6 Allows a plan to spare IPv4 addresses 5 Methodologies: IPv6 Islands IPv6 distributed over areas of devices in network Appearance of IPv6 less topologically deterministic IPv6 added where it is needed most, then expanded In later phases, IPv4 islands in an IPv6 network Manual or automatic tunnelling Application and advantages: Best when IPv6 must be focused Useful when IPv6 is needed for limited applications, devices, or areas 6 3

Implementation mechanisms A (maybe too?) rich IPv6 Transition Toolkit 7 Dual stacks Co-existence, no intersection Manually configured or signalled tunnels GRE, IPSec MPLS L2VPN, VPLS, L3VPN, P2MP LSPs Manual tunnels are ideal for interconnecting IPv6 sites or edges over an IPv4 network Automatic tunnels Tunnel brokers, Teredo, 6to4, ISATAP Translators NAT-PT: same as IPv4 but with IPv6 pool But now deprecated by IETF to historical status => other under development (IVI, softwires, Dual-Stack Lite, Carrier Grade NAT ) Elements of a Practical IPv6 Deployment Plan IPv6 has specific implementation mechanisms Relative lack of extensive experience New technologies increase project risk Careful planning can bring those risks back to an acceptable level IPv6 Plan Design Inventory Methodology Milestones Vendor Evaluation and Selection Design and Interoperability Testing Training Cost and Risk Analysis Project Executables 8 4

A Comparison of IPv4 and IPv6 Headers 32 bits 32 bits Ver. 4 HL TOS Datagram Length Datagram-ID Flags Fragment Offset TTL Protocol Header Checksum Ver. Traffic class 6 8 bits Payload Length 16 bits Flow label 20 bits Next Hdr. Hop Limit 8 bits 8 bits Source IP Address Destination IP Address Source Address 128 bits IP Options (with padding if necessary) IPv4 header Destination Address 128 bits 9 IPv6 header Factors to Consider 10 IPv4 and IPv6 are not interoperable Means must be established for interconnecting Means must be established for coexistence Incremental deployment requires interim mechanisms Multiple mechanisms might be required Choices driven by methodology A well-equipped toolbox is essential Planning is all about controlling cost and risk Balance timelines against projected demands Apply principle of least surprises Do not forget Training 5

Agenda Planning Transition Transition trends in Service Providers In the core In the access 11 The End of the Road Comes into View Smooth transition plan is not sufficient Dual stack approach From IPv6 islands to IPv4 islands Window time has changed: from a decade to 2-3 years Moving to a forced scenario where NAT is unavoidable IPv4 will remain for a long time NAT at the edge, NAT in the middle, Carrier-Grade NAT (CGN), Large Scale NAT (LSN), 12 6

Dual Stacks Device supports IPv4 and IPv6 on the same interface All routers are configured with IPv6 on the interfaces and IPv6 routing protocols) Preferred method for deploying intra-site, full network, or core to edge 13 Dual Stacks Device is bilingual If DNS returns IPv4 address, device speaks IPv4 If DNS returns IPv6 address, device speaks IPv6 14 7

Dual Stacks Pros: Implementation driven by DNS Simplest of the implementation mechanisms Cons: Requires both IPv4 and IPv6 addresses on all interfaces Potential for conflicts when DNS returns both and IPv4 and IPv6 address 15 Agenda Planning Transition Transition trends in Service Providers In the core In the access 16 8

IPv6 core transport schemes IPv6 schemes MPLS-based IP-based 6PE IPv6 Layer 3 VPN (6VPE) Most SPs already have MPLS backbones IPv6 over IPv4 configured tunnels Native IPv6 (IPv4/IPv6 dual stack) 17 Schemes for IPv6 over MPLS Two main schemes exist: IPv6 islands over MPLS IPv4 core (sometimes known as 6PE ) RFC 4798, Connecting IPv6 Islands over IPv4 MPLS Using IPv6 Provider Edge Routers (6PE) IPv6 VPN (sometimes known as 6VPE ) RFC 4659, BGP-MPLS IP Virtual Private Network (VPN) Extension for IPv6 VPN Both schemes avoid need to turn on IPv6 in the core of the network Existing IPv4-signalled transport LSP infrastructure can be used 18 9

Applicability of 6PE and IPv6 VPN Both are mature technologies, IPv6 VPN has been available in Junos production code for 4-5 years now and 6PE for even longer.. In 6PE, routes reside within the main routing context on each PE, so is not a VPN scheme Useful for transporting Internet IPv6 across a service provider s IPv4 MPLS network. IPv6 VPN is very similar to the IPv4 VPN model Routes reside in VRFs on each PE Gives separation between client networks and allows for overlapping addresses Also used for Internet IPv6, e.g. by having a VRF containing the internet routes 19 Infrastructure for 6PE Customer A RR1 BGP sessions over IPv4 PE1 RR2 ASBR Peering exchange Peer 1 Peer 2 ebgp (IPv6) ebgp (IPv6) Upstream 1 IPv6 islands Customer B PE2 ebgp (IPv6) IPv4 core: IGP, BGP, RSVP, LDP all run over IPv4 MPLS LSPs, signalled using IPv4 Links in black have IPv4 addresses, and use an IPv4 IGP Links in blue have IPv6 addresses, and use an IPv6 protocol 20 10

6PE mechanisms When transporting IPv4 packets over MPLS, one simply places IPv4 packet directly into transport LSP If we did the same with IPv6 packets, could cause problems If PHP is being used, bare IPv6 packet would be exposed on penultimate router, and penultimate router typically is P router that does not run IPv6 If explicit-null label is being used on last hop, explicit null label value is different for IPv4 and IPv6, so same LSP could not be used for both IPv4 and IPv6 traffic Hence use an inner label. M-BGP is used to enable PEs to exchange the inner label values. 21 IPv4 over MPLS and IPv6 over MPLS (6PE) compared IPv4 over MPLS: IPv4 X IPv4 W IPv4 IPv4 PE1 IPv4 P1 P2 PE2 BGP session, plain IP routes 6PE: IPv6 Y X IPv6 Y W IPv6 Y IPv6 PE1 IPv6 P1 P2 PE2 M-BGP session, AFI 2, SAFI 4. Labelled IPv6 Routes. Label = Y 22 11

IPv6 VPN mechanisms Described in RFC 4659, BGP-MPLS IP Virtual Private Network (VPN) Extension for IPv6 VPN The MPLS tunnels can be existing IPv4-signalled LSPs Uses very similar machinery as IPv4 VPNs: Use of M-BGP to exchange labelled routes between PEs ( inner label, aka VPN label ) Route Distinguishers to disambiguate routes Extended Community Route Targets to identify the VPN Label stacking in data plane: ingress PE pushes VPN label and then pushes outer transport label(s) 23 IPv6 VPN case 2001:db8:11:11::/64 CE1 OSPFv3 CE4 2001:db8:11:22::/64 PE1 BGP RR2 RR1 BGP sessions: vpn-ipv6 address family MPLS LSPs (IPv4 signalling) CE2 PE2 BGP 2001:db8:11:22::/64 PE3 OSPFv3 Static routes CE3 CE5 2001:db8:11:33::/64 2001:db8:11:33::/64 N.B. IPv6 VPN could instead run over an IPv6 core in principle, but current implementations/deployments/trials are over an IPv4 core (IPv4 IGP, BGP sessions over IPv4, MPLS LSPs signalled by IPv4) 24 12

Agenda Planning Transition Transition trends in Service Providers In the core In the access 25 Possible Locations for NAT/CGN Home Networking & Network connectivity Main target to spare IPv4 addresses Transport NAT? IPv4 NAT? NAT? NAT? IPv6 RG Edge Core 26 13

1. NAT444 pros/cons Pros : No need for change the current CPE spec. All consists of existing technologies. Easier to implement. 27 Cons : Session states at Core Scalability Concern (LSN to support massive number of sessions). Applications are restricted Fullcone/BEHAVE compliance is new to highend NAT/firewall. 2. DS lite pros/cons Pros : only one layer of NAT (no dual NAT like NAT444) Access Network could be IPv6 only Cons : Requires CPE change Same concerns as NAT444 applies in terms of CGN/LSN 28 14

3. DS lite + A+P pros/cons 29 Pros : No session states at Core (Translation&States only at the Edge) Scalable Less harmful to the endto end principle of the Internet Access Network could be IPv6 only Cons : Requires considerable CPE change New CPE management scheme is also needed (i.e. address+port assignment via DHCP) Brand new technology NAT Scaling ( example with 10 TCP Sessions ) http://www.nttv6.jp/~miyakawa/ietf72/ Port Usage and Scaling are additional concern if NAT or NAT-PT is performed by Service Provider in the Edge or in the Core 30 15

Juniper Networks The Preferred IPv6 Supplier Juniper included IPv6 in hardware from the beginning First support in 2001 on JUNOS routers! JUNOS: Core, Edge, Access JUNOSe: Broadband Access ScreenOS: Security and Translation Juniper has long been the preferred vendor for highperformance, next-generation IPv6 networks Dual-Stack IPv4/IPv6, IPv6 over MPLS 31 Osiris Conclusions IPv6 is inevitable IPv4 exhaustion is pushing IPv6 deployment up the agenda IPv6 is an infrastructure issue, not an application issue IPv6 deployment is happening worldwide Planning now is essential Juniper Networks has a long experience in deploying and supporting IPv6 in production infrastructures 32 16

THANK YOU Jean-Marc Uzé Director Product & Technology, EMEA juze@juniper.net Copyright 33 2009 Copyright Juniper Networks, 2009 Juniper Inc. Networks, Inc. www.juniper.net www.juniper.net 33 17

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information