IPv6 Opportunity and challenge



Similar documents
IPv6 Fundamentals, Design, and Deployment

Cisco. Patrick Grossetete Cisco Systems Cisco IOS IPv6 Product Manager pgrosset@cisco.com

Designing and Developing Scalable IP Networks

Juniper Networks Education Services

Transition to IPv6 in Service Providers

IPv6 Migration Challenges for Large Service Providers

Interconnecting IPv6 Domains Using Tunnels

Cisco RV215W Wireless-N VPN Router

Firewalls und IPv6 worauf Sie achten müssen!

Cisco Certified Network Associate Exam. Operation of IP Data Networks. LAN Switching Technologies. IP addressing (IPv4 / IPv6)

Fundamentals of Windows Server 2008 Network and Applications Infrastructure

Introduction of Quidway SecPath 1000 Security Gateway

IPv6 for AT&T Broadband

SSVVP SIP School VVoIP Professional Certification

Networking 4 Voice and Video over IP (VVoIP)

Cisco RV110W Wireless-N VPN Firewall

Cisco RV110W Wireless-N VPN Firewall

Juniper Networks and IPv6. Tim LeMaster Ipv6.juniper.net

Interconnecting Cisco Networking Devices Part 2

20 GE + 4 GE Combo SFP G Slots L3 Managed Stackable Switch

IPv6 Fundamentals: A Straightforward Approach

Course Overview: Learn the essential skills needed to set up, configure, support, and troubleshoot your TCP/IP-based network.

Cisco RV 120W Wireless-N VPN Firewall

How To Set Up A Cisco Rv110W Wireless N Vpn Network Device With A Wireless Network (Wired) And A Wireless Nvv (Wireless) Network (Wireline) For A Small Business (Small Business) Or Remote Worker

Cisco RV220W Network Security Firewall

IMPLEMENTING CISCO IP ROUTING V2.0 (ROUTE)

Residential IPv6 IPv6 a t at S wisscom Swisscom a, n an overview overview Martin Gysi

IPv6 Practices on China Mobile IP Bearer Network

Campus IPv6 connection Campus IPv6 deployment

IPV6 DEPLOYMENT GUIDELINES FOR. ARRIS Group, Inc.

Cisco RV220W Network Security Firewall

Concepts & Examples ScreenOS Reference Guide

Cisco Announces IPv6 Licensing Parity with IPv4 for Cisco Catalyst Series Switches

Cisco Which VPN Solution is Right for You?

Demonstrating the high performance and feature richness of the compact MX Series

LAN TCP/IP and DHCP Setup

Implementing Secured Converged Wide Area Networks (ISCW) Version 1.0

"Charting the Course...

Introduction to MPLS-based VPNs

Implementing, Managing and Maintaining a Microsoft Windows Server 2003 Network Infrastructure: Network Services Course No.

ProCurve Networking IPv6 The Next Generation of Networking

EdgeRouter Lite 3-Port Router. Datasheet. Model: ERLite-3. Sophisticated Routing Features. Advanced Security, Monitoring, and Management

Deploying IPv6 for Service Providers. Benoit Lourdelet IPv6 Product Manager, NSSTG

IETF IPv6 Request for Comments (RFCs) Updated

About the Technical Reviewers

Network Services Internet VPN

Magnum Network Software DX

Cisco RV180 VPN Router

How To Learn Cisco Cisco Ios And Cisco Vlan

WAN Failover Scenarios Using Digi Wireless WAN Routers

How To Use A Cisco Wvvvdns4400N Wireless-N Gigabit Security Router For Small Businesses

IPv4/IPv6 Transition Mechanisms. Luka Koršič, Matjaž Straus Istenič

Virtual Private Networks. Juha Heinänen Song Networks

Evaluation guide. Vyatta Quick Evaluation Guide

Basic IPv6 WAN and LAN Configuration

IPv6 over IPv4/MPLS Networks: The 6PE approach

HP VSR1000 Virtual Services Router Series

DD2491 p MPLS/BGP VPNs. Olof Hagsand KTH CSC

Internet Protocol: IP packet headers. vendredi 18 octobre 13

INDIAN INSTITUTE OF TECHNOLOGY BOMBAY MATERIALS MANAGEMENT DIVISION : (+91 22) (DR)

SSVP SIP School VoIP Professional Certification

: Interconnecting Cisco Networking Devices Part 2 v1.1

IPv6 Deployment Strategies

Cisco Dynamic Multipoint VPN: Simple and Secure Branch-to-Branch Communications

Example: Advertised Distance (AD) Example: Feasible Distance (FD) Example: Successor and Feasible Successor Example: Successor and Feasible Successor

Dedication Preface 1. The Age of IPv6 1.1 INTRODUCTION 1.2 PROTOCOL STACK 1.3 CONCLUSIONS 2. Protocol Architecture 2.1 INTRODUCTION 2.

VPN taxonomy. János Mohácsi NIIF/HUNGARNET tf-ngn meeting April 2005

: Interconnecting Cisco Networking Devices Part 1 v2.0 (ICND1)

IPv6 Co-existence & Integration

CCT vs. CCENT Skill Set Comparison

WAN Traffic Management with PowerLink Pro100

Application Note - Using Tenor behind a Firewall/NAT

Evaluating IPv6 Firewalls & Verifying Firewall Security Performance

HughesNet Broadband VPN End-to-End Security Enabled by the HN7700S-R

PowerLink Bandwidth Aggregation Redundant WAN Link and VPN Fail-Over Solutions

MOC 6435A Designing a Windows Server 2008 Network Infrastructure

APNIC IPv6 Deployment

Interconnecting Cisco Network Devices 1 Course, Class Outline

Network Configuration Example

Understanding Windows Server 2003 Networking p. 1 The OSI Model p. 2 Protocol Stacks p. 4 Communication between Stacks p. 13 Microsoft's Network

Solution Brief. Migrating to Next Generation WANs. Secure, Virtualized Solutions with IPSec and MPLS

Implementing, Managing, and Maintaining a Microsoft Windows Server 2003 Network Infrastructure: Network Services (5 days)

Gigabit SSL VPN Security Router

Cisco WRVS4400N Wireless-N Gigabit Security Router: Cisco Small Business Routers

Provisioning Cable Services

Broadband Network Architecture

Network Security Topologies. Chapter 11

Document ID: Introduction

IPv6 SECURITY. May The Government of the Hong Kong Special Administrative Region

Layer 3 Network + Dedicated Internet Connectivity

Training Proposal. Training Description for Enterprise Network COMMERCIAL IN CONFIDENCE 1

IPv6 and xdsl. Speaker name address

Introduction. Technology background

Advanced Network Routers. Datasheet. Model: ERLite-3, ERPoe-5. Sophisticated Routing Features. Advanced Security, Monitoring, and Management

Next Generation IPv6 Network Security a Practical Approach Is Your Firewall Ready for Voice over IPv6?

Transcription:

Juniper Networks Solution from enterprise to service provider Jean-Marc Uzé juze@juniper.net 10 May 2004 1 Opportunity and challenge More devices demanding more addresses 3G Mobile IP multimedia specifies Gamers using APAC growth driving Consistent Questions QoS Security of Availability Performance Addressing, tunneling and translation Financially viable deployment, what infrastructure changes are required? 2 1

Deployment Requirements End-to-end dual-stack for and and stateful firewall for small and large sites Multiple address allocation and tunneling mechanisms for / corporate access and Internet access CPE with integrated IPSec VPN support Tunnel and Transition schemes eg NAT-PT, 6to4, 4to6 Service Provider DSL Subscriber Management Service Provider edge and core routing in hardware Juniper Networks uniquely provide routed end-to-end 3 Dual-stack end-to-end and simultaneously CPE BRAS CORE EDGE FIREWALL Infranet / / / CPE for routing and stateful inspection firewall Access eg DSL M-series / 4 2

Corporate Access for SOHO or Branch Office CPE / routing with stateful Firewall/VPN Initiates PPPoE session over DSL (terminated in the BRAS) Routes corporate traffic into IPSec VPN and non corporate traffic to Internet SOHO user authenticates at the corporate side using XAUTH and Radiusv6 CPE Resolves DNS to correct Domain Using Split DNS resolution Prevents malicious Internet users from learning corporate network information DNS Server: Intranet.corp.com DNS Query: Intranet.corp.com Access eg DSL DNS Query: www.yahoo.com Internet 5 Enabling Service Providers to Offer Enhanced E-Series BRAS Allocate addresses, use of DHCP-prefix delegation for v6 addressing QoS and hierarchical scheduler support 6PE, directly into MPLS M- and T- Series EDGE and Core Routers Maintain and routing tables, stateless filters, CoS Forward into Core using 6PE, 2547 MPLS VPN, routing Routed BRAS 6PE MPLS LSPs EDGE Router Access eg DSL Internet 2547 VPN 6 3

Enterprise Central Site Stateful Firewall Netscreen Central Site Stateful inspection Firewall aware stateful Inspection tunnel authentication and termination M7i Central Site CPE Router routing and packet processing for CoS, filters etc in hardware / 6PE Routed MPLS LSPs Internet 2547 VPN Central Site Firewall and Router 7 Easing Operators Service Deployment M- and T- series Core and Edge Dual stack allows and to operate simultaneously Configured tunnels in routers allows over existing backbones 6PE allows use of existing MPLS backbone E-Series BRAS PPPoE v6 termination 48 000 or subscribers 6PE in BRAS and edge routers allows in signaled MPLS LSPs In Provider managed Netscreen Security CPE Allow applications to be extended to enterprise sites Routed on LAN and WAN inside IPSec VPN tunnels Tunneling or Translation 6to4 and 4to6 8 4

Easing Corporate Deployment Allow mixed and hosts on LAN Netscreen platform performs and stateful firewall at each site Translate for Internet access using NAT-PT 6to4 and 4to6 on LAN WAN offered by Service Provider WAN offered by Service Provider Netscreen CPE encrypts corporate data in IPSec VPN Netscreen CPE encrypts corporate in IPSec VPN on LAN on LAN 9 JUNOS Features (M-series and T-series) T640 M40 M40e M160 T320 M5/M10 M20 Since JUNOS 5.1 November 2001 Addressing & Forwarding Forwarding in hardware Addressing Link, site, global Stateless autoconfiguration Neighbor discovery Packet Filtering EUI 64 Autogeneration Unicast RPF FBF and CBF for Destination/Source Class Usage Routing Protocols T-series M-series IS-IS OSPFv3 MP-BGP over v4/v6 RIPng Static VPN (RFC2547bis) PIM v2 MLD v1, v2 multitopology extensions for ISIS Operations & Transition Common support ICMPv6 SNMP over v6 + MIBs IP applications Transition Ping, telnet, ssh, ftp Configured tunnels Dual stack Transport in MPLS All forwarding in hardware 10 5

ERX: JUNOSe Release 5.0 Basic protocol support (RFC 2460) ICMPv6 (RFC 2463) Ping v6 & Traceroute v6 Global and interface configuration CLI command and logging function Routing table change and Static routing Supported Line Card: ATM ERX310 ERX1410 ERX705/710 E-series ERX1440 11 ERX: JUNOSe Release 5.1 Dual Stack BRAS ATM / Ethernet / Vlan interfaces BRAS / LAC / LNS Radius extensions to support for v6 Radius attributes (RFC 3162 & ERX VSAs) DHCP support for v6 for prefix delegation* Dynamic PPPoE interfaces ERX310 ERX1410 ERX705/710 E-series ERX1440 BGP w/ v4 and v6 routes over TCPv4 Neighbor Discovery for (RFC 2461) - ETH Supported Line Cards ATM, ETH, TSM, Service Module QoS packet classification, coloring, traffic classes As being implemented by Microsoft (v6 PPPoE w/ prefix delegation) 12 6

ERX: JUNOSe Release 5.2 BGP support for 6PE DNS client for v6 Router advertisements (stateless and stateful auto configuration) Static v6 host names Internal cross-connect for frames ( bridging ) using MPLS-Martini mechanisms inside the ERX ERX310 ERX1410 ERX705/710 E-series ERX1440 13 Juniper Networks deployment in R&E and ISP Networks Americas EMEA APAC Osiris 14 7

Summary Juniper reduces obstacles in deploying services Flexible capabilities provide financially viable deployment options for Service Providers and Enterprise Proven, stable and scalable implementations Documented configurations eases deployment No compromises Security QoS Availability Performance 15 Thank You 16 8

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information