Run your next CGN on a $20 OpenWRT

Similar documents
TR-296 IPv6 Transition Mechanisms Test Plan

SIIT-DC: Stateless IP/ICMP Translation for IPv6 Data Centre Environments & SIIT-DC: Dual Translation Mode

WHITE PAPER. Best Practices for Deploying IPv6 over Broadband Access

Stateless IPv4 over IPv6 report dra1- janog- so1wire- report- 01

Real World IPv6 Migration Solutions. Asoka De Saram Sr. Director of Systems Engineering, A10 Networks

TR-242 IPv6 Transition Mechanisms for Broadband Networks Issue: 2 Issue Date: February 2015

How To Connect Ipv4 To Ipv6 On A Ipv2 (Ipv4) On A Network With A Pnet 2.5 (Ipvin4) Or Ipv3 (Ip V6) On An Ipv5

Residential IPv6 IPv6 a t at S wisscom Swisscom a, n an overview overview Martin Gysi

IPv4/IPv6 Transition Mechanisms. Luka Koršič, Matjaž Straus Istenič

Transition to IPv6 for Managed Service Providers: Meet Customer Requirements for IP Addressing

About Me. Work at Jumping Bean. Developer & Trainer Contact Info: mark@jumpingbean.co.za

France Telecom s IPv6 Strategy. C. Jacquenet, M. Sall

IPv6 TRANSITION TECHNOLOGIES

IPv6 in Axis Video Products

An Architecture View of Softbank

IPv6 for AT&T Broadband

Campus IPv6 connection Campus IPv6 deployment

Basic IPv6 WAN and LAN Configuration

DEPLOYMENT GUIDE Version 1.4. Configuring IP Address Sharing in a Large Scale Network: DNS64/NAT64

Step By Step Guide for Starting "Hello, World!" on OpenWRT

CGN Deployment with MPLS/VPNs

Cisco TelePresence TelePresence Server 8710 and 7010 Version 3.0

IPv6-only hosts in a dual stack environnment

IPv4/IPv6 Translation: Framework. Li, Bao, and Baker

NAT Tutorial. Dan Wing, IETF78, Maastricht July 25, 2010

World IPv6 Day. Lorenzo Colitti

Implementing DHCPv6 on an IPv6 network

IPV6 DEPLOYMENT GUIDELINES FOR. ARRIS Group, Inc.

IPv6 Transition Work in the IETF

SIIT-DC: IPv4 Service Continuity for IPv6 Data Centres. Tore Anderson Redpill Linpro AS RIPE69, London, November 2014

Status of IPv6 Rollout at Swisscom. Martin Gysi, public

464XLAT: Breaking Free of IPv4. T-Mobile.com NANOG 61 June 2014

Chapter 1 Introduction

IPv6 Troubleshooting for Helpdesks

Interconnecting Cisco Networking Devices Part 2

Challenges in NetFlow based Event Logging

LABORATORIUM 1 Setup and basic configuration of Asterisk BPX on Linux

We Are HERE! Subne\ng

Matt Ryanczak Network Operations Manager

Telepresence in an IPv6 World. Simplify the Transition

his document discusses implementation of dynamic mobile network routing (DMNR) in the EN-4000.

IPv6 Broadband and Cable NANOG46 John Jason Brzozowski

: Interconnecting Cisco Networking Devices Part 1 v2.0 (ICND1)

Introduction to IP v6

Enabling NAT and Routing in DGW v2.0 June 6, 2012

Cisco Which VPN Solution is Right for You?

THE ADOPTION OF IPv6 *

Securing the Transition Mechanisms

Industry Automation White Paper Januar 2013 IPv6 in automation technology

Developing an IPv6 Addressing Plan Guidelines, Rules, Best Practice

athenahealth Interface Connectivity SSH Implementation Guide

Getting started with IPv6 on Linux

The Cloud and IPv6 Company IPv6 and Cloud

Creating a DUO MFA Service in AWS

CheckPoint Software Technologies LTD. How to Configure Firewall-1 With Connect Control

How To Manage Ipv6 Networks On A Network With Ipvv6 (Ipv6) On A Pc Or Ipv4 (Ip6) (Ip V6) Or Ip V6 ( Ipv5) ( Ip V5

TechNote. Configuring SonicOS for MS Windows Azure

: Interconnecting Cisco Networking Devices Part 2 v1.1

Configuring Windows Server 2008 Network Infrastructure

Interconnecting Cisco Network Devices 1 Course, Class Outline

Converged Networking Solution for Dell M-Series Blades. Spencer Wheelwright

Description: Objective: Upon completing this course, the learner will be able to meet these overall objectives:

IP PBX. SD Card Slot. FXO Ports. PBX WAN port. FXO Ports LED, RED means online

Transition to IPv6 in Service Providers

Cisco Expressway IP Port Usage for Firewall Traversal. Cisco Expressway X8.1 D December 2013

IPv6 over IPv4/MPLS Networks: The 6PE approach

IPv6 Practices on China Mobile IP Bearer Network


Use Shrew Soft VPN Client to connect with IPSec VPN Server on RV130 and RV130W

Supporting Document PPP

ProCurve Networking IPv6 The Next Generation of Networking

Carrier Grade NAT. Requirements and Challenges in the Real World. Amir Tabdili Cypress Consulting

Cisco TelePresence Server 7010 and MSE 8710 in Remotely Managed Mode Printable Online Help (4.1

FTP e TFTP. File transfer protocols PSA1

Step-by-Step Guide for Setting Up IPv6 in a Test Lab

Newton2 Developers Guide

Deploying IPv6 for Service Providers. Benoit Lourdelet IPv6 Product Manager, NSSTG

Demonstrating the high performance and feature richness of the compact MX Series

Use Domain Name System and IP Version 6

CE363 Data Communications & Networking. Chapter 6 Network Layer: Logical Addressing

ITL BULLETIN FOR JANUARY 2011

Vega 100G and Vega 200G Gamma Config Guide

IPv6 network management. Where and when?

OLD VULNERABILITIES IN NEW PROTOCOLS? HEADACHES ABOUT IPV6 FRAGMENTS

Platform as a Service and Container Clouds

IPv6 network management. 6DEPLOY. IPv6 Deployment and Support

IPv6 Fundamentals: A Straightforward Approach

Network/VPN Overlap How-To with SonicOS 2.0 Enhanced Updated 9/26/03 SonicWALL,Inc.

Implementing Cisco TelePresence Video Solution, Part 1

Transcription:

Run your next CGN on a $20 OpenWRT Andrew Yourtchenko @ayourtch 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 1

There re plenty of interesting technologies emerging Let s pick MAP: a sustainable life-support for IPv4 Not all of them are on the shelves yet There are some CPE vendors working on it, but I want one *now* Practical steps to make your own CPE for experimental purposes 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 2

2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 3

Requires in production post-ipv4 : IPv4 as a service 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 4

Private IPv4 Private IPv4 -only AFTR IPv4 Private IPv4 Subscribers Providers Internet 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 5

Private IPv4 Private IPv4 -only AFTR IPv4 Private IPv4 Subscribers Providers Internet 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 6

1 000 000s of subscribers 10 000s hostroutes per BNG 100s IGP prefixes 10s BGP prefixes : AFTR 1 000 000s of DS-Lite or LW46 Tunnel endpoints 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 7

1 000 000s of subscribers 10 000s hostroutes per BNG 100s IGP prefixes 10s BGP prefixes : 10s of MAP Rules and no CGN 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 8

Private IPv4 Private IPv4 -only IPv4 Private IPv4 Subscribers Providers Internet 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 9

A public IPv4 address: (32 MAP IPv4 prefix len) = p bits PSID: Port Set ID: q bits p + q = DHCPv6-PD (user) pref.len. MAP Rule pref. len 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 10

Delegated Prefix (e.g., /56) Size = 42 bits (provisioned) 2001:0DB8:00 /42 0 Mapping Domain Prefix 42 56-42 = 14 01010101 111000 Subnet-ID EA Bits /56 64 (fixed) Interface ID 24 bits (provisioned) 130.67.1 /24 0 IPv4 Prefix 24 IPv4 Address 32-24 = 8 6 14-8 = 6 10-6 = 4 01010101 + > 0 111000 XXXX 32 IPv4 Suffix 0 6 12 16 Port Set ID + Port For this Example 2 6 =64 port sets per IPv4 Address Ports 0-1023 skipped, each CPE gets 2 16 /2 6-2 4 = 1008 ports One IPv4 /24 serves 2 (6+8) 16,384 (vs. 256) subscribers 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 11

http://6lab.cisco.com/map! 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 12

MAP MAP CE Native Infrastructure BR Transport Transport IPv4 IPv4 OR Transport IPv4 Transport IPv4 Link Link Link Link MAP-E MAP-T 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 13

MAP-E will be a Standards Track RFC http://tools.ietf.org/html/draft-ietf-softwire-map-07 MAP-T, 4rd, etc. will be Experimental or Informational http://tools.ietf.org/html/draft-ietf-softwire-map-t-01 LW46/Pubilc4over6 can be viewed as special cases of MAP Goal: One unified standard for CPE vendors Stretch Goal: One unified standard for BR/AFTR vendors 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 14

2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 15

The working applications had no need of a special configuration to work. Most of the applications work OK FTP active mode does not work. (But, it s 2013 ) More info: http://tools.ietf.org/html/draft-cordeiro-experience-mapt-testing-00 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 16

European Advanced Networking Test Center MAP Tes+ng at Mul+- Vendor Interoperability Test Event 2013 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 17

n Stateless counterpart to DS-Lite n Designed to be used without Carrier-Grade NAT n Cisco ASR1000, ASR9000 and Cernet (CPE) participated Successfully tested: n Mapping of Address and Port with Encapsulation (MAP-E) n Mapping of Address and Port using Translation (MAP-T) 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 18

MAP does not route traffic through the ISM Blade, yielding line rate performance. Using A9K-24x10G line cards = 240 Gbps per slot! 7 x 240 = 1.68 Tbps on a 9010 chassis. DS-Lite routes traffic through the ISM Blade 14Gbps per slot 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 19

2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 20

2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 21

http://tools.ietf.org/html/draft-ietf-softwire-map Standards Track Running code on ASR9k http://tools.ietf.org/html/draft-ietf-softwire-map-t Experimental Track Running code on ASR9k, ASR1k My deciding factor: the size of the box. Also, I like NATs. T. 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 22

Great platform support Well documented Open Source 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 23

X86 VM The cheapest TL-WR703N The smallest TL-MR3020 Feels more polished TL-WR1043ND PoC platform of choice TL-WDR4300 The luxury CPE. 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 24

Ubuntu 12.04 Server install with all-defaults In a VM => easy to rollback sudo apt-get update sudo apt-get upgrade sudo apt-get install build-essential subversion git-core libncurses5-dev sudo apt-get install zlib1g-dev gawk flex quilt libssl-dev unzip sudo apt-get install xsltproc libxml-parser-perl 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 25

git clone git://git.openwrt.org/openwrt.git 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 26

cd openwrt./scripts/feeds update -a./scripts/feeds install -a 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 27

make menuconfig 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 28

make 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 29

2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 30

ASAMAP (kernel patches) http://enog.jp/~masakazu/vyatta/map/ CERNET MAP (kernel module) https://github.com/cernet/map 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 31

ivictl -s -i br-lan -I wan0 -H -a 192.168.1.1/24 -A 1.1.1.1/32 -P 2001:6f8:147e:1000::/52 -R 16 -z 4 -o 14 -c 1234 -T ivictl -r -d -P 2610:d0:1208:cafe::/64 T (does it look complicated to you too?) 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 32

IETF draft - draft-ietf-softwire-map-dhcp-03 A new MAP DHCPv6 option Rule option DMR option MAP Port Parameters *static* value, the same across the entire MAP domain Let s do some coding! 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 33

Starts /etc/odhcp6c.user on addressing changes Preset environment variables Allocated prefixes DHCPv6 options requested 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 34

~1 day to write Works Problem: way too slow Need a rewrite! 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 35

https://github.com/ayourtch/mdpc 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 36

odhcp6c odhcp6c.user Not in standard image mdpc ivictl 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 37

2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 38

Package An OpenWRT-specific abstraction Describes - building process - name and place in the menuconfig menu - dependencies to enable Very flexible retrieval mechanism (git, tarball, http, etc.) Feed A collection of packages Simple way to add functionality Only one-line edit needed for the source! 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 39

https://github.com/ayourtch/openwrt-map Adds CERNET MAP package Adds MDPC package Tested on Barrier Breaker (trunk in October 2013) 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 40

nat64 map-t domain 1 default-mapping-rule 2610:D0:1208:CAFE::/64 basic-mapping-rule ipv6-prefix 2001:6F8:147E:1000::/52 ipv4-prefix 153.16.17.83/32 port-parameters share-ratio 16 Private IPv4 Private IPv4 -only IPv4 2001:6F8:147E:1F00::/56 DHCPv6 MAP option(*) DHCPv6 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 41

https://github.com/ayourtch/mdpc/blob/master/html/provision-03.html 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 42

DIY demo: http://tinyurl.com/map-cpe (links to http://www.youtube.com/watch?v=uquk5nnqila) 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 43

NATs are good! MAPs are good! There s a MAP CPE ready for your experiments today My home office connects through a MAP-T CPE and CSR1000V BR Ask your CPE supplier for the production-grade code This model is replicable for other technologies Allows to evaluate the new tech w/o waiting for the vendors The code they ship can contain lessons from early iterations 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 44

Thank you.