IPv6 The Big Picture Rob Evans, Janet Rob.Evans@ja.net
Where are we? IPv4 32 bit addresses 4,294,967,296 possible addresses In practice much less than this. History of large allocations /8s Inefficiency due to hierarchical allocation Some address space reserved Multicast 224.0.0.0/4 Class E 240.0.0.0/4 RFC 1918 10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16 Other 0.0.0.0/8, 127.0.0.0/8 Some address space dirty and difficult to use Parts of 1/8 World s population estimated at ~7.1bn How many devices do you have with an IP stack?
Reminder of IPv4 address allocation Top level: IANA Internet Assigned Numbers Authority Number of IPv4 addresses left: 0 Next level: Regional Internet Registries AFRINIC (Africa) Number of IPv4 addresses left: 3.12 /8s (Internet penetration: 15.6%) APNIC (Asia-Pacific) Number of IPv4 addresses left: 0.79 /8s (Internet penetration: 27.5%) ARIN (North America) Number of IPv4 addresses left: 0.99 /8s (Internet penetration: 78.6%) LACNIC (Latin America) Number of IPv4 addresses left: 0.59 /8s (Internet penetration: 42.9%) RIPE NCC (Europe and the Middle-East) Number of IPv4 addresses left: 0.82 /8s (Internet penetration: 63.2%) Special policies start in an RIR when space is less than 1 /8
Reminder of IPv4 address allocation Third level: ISPs Or, for address assignment, LIRs (Local Internet Registries). Needs-based justification from RIRs Once the local RIR hits 1 /8 free, only a single allocation of fixed size is available, regardless of need. Fourth level: You Needs-based justification Immediate requirement + 3 months future Until the ISP pool is empty
Alternatively If you have addresses from the good old days of plenty. Top level: Internic Second level: You Now referred to as legacy resource holders. Address space originally referred to as class B or class C In the brave new (1993) world of CIDR, /16 or /24. Aside: If you have legacy space, drop me a line as it is essential the registration of it is kept up-to-date.
Whichever way you cut it Unused IPv4 addresses are scarce Reclamation of unused addresses won t be enough The Internet is still growing More pervasive in developed countries See question on slide 2 Increasing adoption in developing countries
How does the Internet keep growing? Force people into credit NAT Quantitative Easing Print more addresses
IPv6: Printing more addresses Widen the IP address from 32 bits to 128 bits. 2 128 addresses but that s irrelevant, as are all the statistics about grains of sand, etc. Every network is 64 bits 2 64 LANs, each of which has 2 64 potential addresses That s still a lot. 18,446,744,073,709,551,616 LANs Instead of 4 billion addresses, 18 billion, billion, networks. Excuse me for using the US form of billion. Not backwards compatible An IPv4-only system cannot talk to an IPv6-only system without some form of translation More on migration later
IPv6 address allocation Hierarchical, as with IPv4 IANA currently has a /3 to allocate from (2000::/3) There are 5 more free /3s, the other two include multicast or some reserved space Each RIR gets a /12 There s more when they run out 5 RIRs 512 x /12s per /3 Each ISP/LIR (in the RIPE region) gets a /29 131,072 /29s per /12 For comparison, RIPE NCC has about 10,000 LIRs, ARIN has about 4,700, APNIC has about 4,200 Each customer gets a /48 Or more if needed (with justification) 65,536 LANs
IPv6: Why bother? There is no more IPv4 You might have plenty, but the people you re trying to communicate with might not IPv6 is the only way for any-to-any communication without something doing address translation It may be happening anyway Automatic transition mechanisms, e.g. Teredo, 6to4 It may be bypassing your security policies Better to have a managed IPv6 transition Innovation New routing technologies, e.g. LISP Any new service requiring lots of addresses Open communications with places that don t have IPv4
IPv6: How do you start? Get some addresses operations@ja.net https://www.ja.net/forms/obtaining-ip-addresses-application/ Ask for them to be routed Can tunnel them as an interim measure Deploy on a test network Experiment with some firewalling Browse the web Some websites will show the address you re connecting from E.g. http://www.ripe.net/ Whilst you re doing the above Think of an addressing plan May be based on IPv4 plan May be different site/building aggregation?
IPv6: How do you start Configure some services DNS SMTP HTTP Before adding an IPv6 address record into the DNS, make sure all services on the box are IPv6-enabled Mandate IPv6 in tender documents Look at what others have done Previous Networkshop presentations on EdLab Be aware of some of the gotchas E.g. Router Advertisement spoofing Roll out to edge networks More of this in the IPv6 technical guide URL at the end of the presentation
Migration from IPv4 to IPv6 The plan was that every system would speak both IPv4 and IPv6 Starting from shortly after IPv6 was standardised in the late 1990s When IPv4 ran out it wouldn t matter, everything would speak IPv6 That didn t happen Automatic tunnelling mechanisms 6to4, Teredo, 6RD Designed for getting over lack of IPv6 in the last mile Some more trouble than their worth, especially if enabled by default Translation mechanisms NAT64, 464XLAT, IVI Designed for getting over a lack of IPv4 at the edge
IPv6 deployment on Janet Backbone has been dual-stack since 2003 Regional networks must provide it on request Native transit from global transit suppliers Native IPv6 to GEANT for other R&E networks Extensive IPv6 private and public peering to other ISPs Services mostly available over IPv6 DNS (nsx.ja.net) NTP (ntpx.ja.net) Mail Waiting for software support for videoconferencing
IPv6 deployment on Janet
IPv6 in the UK Some ISPs offering it Andrews & Arnold, Bogons, Claranet, etc Still waiting for the larger providers BT, Virgin Media
IPv6 Global Deployment
IPv6 global deployment World IPv6 Day 8 th June, 2011 Make content available for 24 hours, leave it switched on if it doesn t cause a problem Google, YouTube, Facebook, Akamai, Limelight Main concern was broken tunnels Google warned Janet that 22,000 users might have broken connectivity Largely went off without problem
IPv6 global deployment World IPv6 Launch 6 th June, 2012 (6/6/12) Emphasis on access rather than content Commitment to have 2% of traffic using IPv6 from the content providers involved in the measurements Measurements updated periodically
IPv6 global deployment Akamai https://blogs.akamai.com/2013/06/world-ipv6-launch-anniversarymeasuring-adoption-one-year-later.html Increased 2.5x since last June 10 billion IPv6 requests per day
IPv6 global deployment Comcast, Google Fiber [sic] Native IPv6 on domestic broadband Google, YouTube IPv6 for content Happy eyeballs in browsers and O/S IP stacks Connect to a site over IPv4 and IPv6, give IPv6 a small head-start, continue using whichever one responds first Safer to enable IPv6 on content
What s plan B? Carrier Grade NAT For customers of large service providers, a NAT behind a NAT (behind a NAT) Lots of logging Walled gardens Content will have to be at the centre of the network Innovation at the edge becomes harder Higher barrier to entry.
Janet resources Training IPv6 Fundamentals: https://www.ja.net/events/ipv6-fundamentals IPv6 Technical Guide https://community.ja.net/system/files/487/ipv6-tech-guide-for-web.pdf Community website https://community.ja.net/groups/ipv6 JISCmail list https://www.jiscmail.ac.uk/cgi-bin/webadmin?a0=ipv6-users Your IPv6 prefix! https://www.ja.net/forms/obtaining-ip-addresses-application/ Events like this
Resources World Population Clock (slide 2) http://www.census.gov/popclock/?intcmp=sldr1 RIR address space remaining (slide 3) http://www.potaroo.net/tools/ipv4/index.html Internet penetration statistics (slide 3) http://www.internetworldstats.com IPv6-enabled ASNs (slide 16) http://v6asns.ripe.net/v/6?s=_all;s=gb;s=_eu IPv6 deployment ranking (slide 17) http://resources.potaroo.net/iso3166/v6dcc.html World IPv6 Launch measurements (slide 19) http://www.worldipv6launch.org/measurements/
Questions and discussion Janet, Lumen House Library Avenue, Harwell Oxford Didcot, Oxfordshire t: +44 (0) 1235 822200 f: +44 (0) 1235 822399 e: Service@ja.net