WHITE PAPER. Best Practices for Deploying IPv6 over Broadband Access



Similar documents
TR-296 IPv6 Transition Mechanisms Test Plan

Transition to IPv6 for Managed Service Providers: Meet Customer Requirements for IP Addressing

Ensuring a Smooth Transition to Internet Protocol Version 6 (IPv6)

Residential IPv6 IPv6 a t at S wisscom Swisscom a, n an overview overview Martin Gysi

IPv6 Transition Work in the IETF

Real World IPv6 Migration Solutions. Asoka De Saram Sr. Director of Systems Engineering, A10 Networks

IPv6 for AT&T Broadband

Telepresence in an IPv6 World. Simplify the Transition

Deploying IPv6 Service Across Local IPv4 Access Networks

IPv6 TRANSITION TECHNOLOGIES

CPE requirements and IPv6. Ole Trøan, February 2010

WHITE PAPER. Static Load Balancers Implemented with Filters

IxChariot Virtualization Performance Test Plan

WHITE PAPER. How To Compare Virtual Devices (NFV) vs Hardware Devices: Testing VNF Performance

Guidebook to MEF Certification

TR-242 IPv6 Transition Mechanisms for Broadband Networks Issue: 2 Issue Date: February 2015

TR-187 IPv6 for PPP Broadband Access

IPv4 and IPv6 Integration. Formation IPv6 Workshop Location, Date

IPv4/IPv6 Transition Mechanisms. Luka Koršič, Matjaž Straus Istenič

WHITE PAPER. Addressing Monitoring, Access, and Control Challenges in a Virtualized Environment

IPv6 deployment status & Migration Strategy

464XLAT in mobile networks

Transition to IPv6 in Service Providers

MPLS Layer 2 VPNs Functional and Performance Testing Sample Test Plans

Industry Automation White Paper Januar 2013 IPv6 in automation technology

Basic IPv6 WAN and LAN Configuration

Service Provider IPv6 Deployment Strategies

Whitepaper IPv6. OpenScape UC Suite IPv6 Transition Strategy

EBOOK. The Network Comes of Age: Access and Monitoring at the Application Level

ITL BULLETIN FOR JANUARY 2011

An Architecture View of Softbank

IPv6 Market Drivers and IPv6

Evaluating Wireless Broadband Gateways for Deployment by Service Provider Customers

Deploying IPv6 for Service Providers. Benoit Lourdelet IPv6 Product Manager, NSSTG

WHITE PAPER. Net Optics Phantom Virtual Tap Delivers Best-Practice Network Monitoring For Virtualized Server Environs

WHITE PAPER. Enabling 100 Gigabit Ethernet Implementing PCS Lanes

communications : IPv6 transition plans

IPv6 Opportunity and challenge

IPv6 Integration in Federal Government: Adopt a Phased Approach for Minimal Disruption and Earlier Benefits

A Model of Customer Premises Equipment for Internet Protocol Version 6

WHITE PAPER. SDN Controller Testing: Part 1

IPv6 Tunneling Over IPV4

SIIT-DC: IPv4 Service Continuity for IPv6 Data Centres. Tore Anderson Redpill Linpro AS RIPE69, London, November 2014

ENTERPRISE CONNECTIVITY

WHITE PAPER. Gaining Total Visibility for Lawful Interception

Deployment of IPv6 protocol in broadband networks. Dmitry Sakharchuk

THE ADOPTION OF IPv6 *

IEEE GLOBECOM 2009 Deploying IPv6 at AT&T

Cisco Which VPN Solution is Right for You?

WHITE PAPER SERIES Transition to IPv6

Daniel O. Awduche, MBA, PhD.

Demonstrating the high performance and feature richness of the compact MX Series

TABLE OF CONTENTS. Section 5 IPv Introduction Definitions DoD IPv6 Profile Product Requirements...

IPv6 Deployment Strategies

ProCurve Networking IPv6 The Next Generation of Networking

QUALITY OF SERVICE FOR CLOUD-BASED MOBILE APPS: Aruba Networks AP-135 and Cisco AP3602i

Ensuring Success in a Virtual World: Demystifying SDN and NFV Migrations

Testing Packet Switched Network Performance of Mobile Wireless Networks IxChariot

Deploying IPv6, Now. Christian Huitema. Architect Windows Networking & Communications Microsoft Corporation

464XLAT: Breaking Free of IPv4. T-Mobile.com NANOG 61 June 2014

VoIP Testing IxChariot

WHITE PAPER. Extending Network Monitoring Tool Performance

SIIT-DC: Stateless IP/ICMP Translation for IPv6 Data Centre Environments & SIIT-DC: Dual Translation Mode

IPV6 DEPLOYMENT GUIDELINES FOR. ARRIS Group, Inc.

Technologies for an IPv4 Address Exhausted World

IPv6 and Fortinet: Network Security in the Next Generation of IP Communication

NAT Tutorial. Dan Wing, IETF78, Maastricht July 25, 2010

NATed Network Testing IxChariot

A10 Networks IPv6 Overview. November 2011

CPNI VIEWPOINT. SECURITY IMPLICATIONS OF IPv6. Disclaimer: MARCH 2011

Supporting Document PPP

Campus IPv6 connection Campus IPv6 deployment

Agilent N2X Layer 2 MPLS VPN Emulation Software

EBOOK. Software Defined Networking (SDN)

Network Functions Virtualization in Home Networks

IPv4 to IPv6 Transition

Addressing Inter Provider Connections With MPLS-ICI

Unifying the Distributed Enterprise with MPLS Mesh

XpressPath Optimized Media Functionality For VoiceFlow Session Border Controllers

References and Requirements for CPE Architectures for Data Access

IPv6 Migration Challenges for Large Service Providers

Next Generation IPv6 Network Security a Practical Approach Is Your Firewall Ready for Voice over IPv6?

SANS Technology Institute Group Discussion/Written Project. The Rapid Implementation of IPv6 at GIAC Enterprises

So#bank group s IPv6 deployment experiences

IPv6 Fundamentals, Design, and Deployment

Securing the Transition Mechanisms

Network Address Translation (NAT) Good Practice Guideline

IPv6: Network Security and the Next Generation of IP Communication

France Telecom s IPv6 Strategy. C. Jacquenet, M. Sall

IPv6 and xdsl. Speaker name address

EXPEDITING ACCESS TO V6 SERVICES: GETTING WEB CONTENT AVAILABLE OVER IPV6 QUICKLY AND AT LOW COST

Lab Testing Summary Report

IP-VPN Architecture and Implementation O. Satty Joshua 13 December Abstract

WHITE PAPER. Addressing Inter Provider Connections with MPLS-ICI CONTENTS: Introduction. IP/MPLS Forum White Paper. January Introduction...

An Executive Brief for Network Security Investments

WHITE PAPER. Monitoring Load Balancing in the 10G Arena: Strategies and Requirements for Solving Performance Challenges

Planning the transition to IPv6

TCP/IP Basis. OSI Model

RA-MPLS VPN Services. Kapil Kumar Network Planning & Engineering Data. Kapil.Kumar@relianceinfo.com

Transcription:

WHITE PAPER Best Practices for Deploying IPv6 over Broadband Access www.ixiacom.com 915-0123-01 Rev. C, December 2013

2

Table of Contents Udi cusciamenis minctorpos... 4 Toreptur aut dolo cone verum aute pelestiumque et alitis... 4 Udi cusciamenis minctorpos... 5 Toreptur aut dolo cone verum aute pelestiumque et alitis... 5 Udi cusciamenis minctorpos... 6 Toreptur aut dolo cone verum aute pelestiumque et alitis... 6 Udi cusciamenis minctorpos... 7 Toreptur aut dolo cone verum aute pelestiumque et alitis... 7 Udi cusciamenis minctorpos... 8 Toreptur aut dolo cone verum aute pelestiumque et alitis... 8 Udi cusciamenis minctorpos... 9 Toreptur aut dolo cone verum aute pelestiumque et alitis... 9 Udi cusciamenis minctorpos...10 Toreptur aut dolo cone verum aute pelestiumque et alitis...10 Udi cusciamenis minctorpos... 11 Toreptur aut dolo cone verum aute pelestiumque et alitis... 11 3

Introduction Service Providers: The IPv6 Bell Tolls for Thee! After more than a decade of forewarning, the IPv4 to IPv6 transition has finally reached critical mass. On February 1, 2011, the Internet Assigned Numbers Authority (IANA) allocated the last freely-available block of IPv4 addresses. At the same time, the number of users and endpoints requiring Internet access, and thus a unique IP address, continues to explode. With broadband deployments achieving global exponential growth, next-generation wireless rollouts on the horizon, and smart-phone use escalating, it is expected that there will be an increase of 5 billion unique endpoints between 2010 and 2015. Service providers are challenged to prepare their networks for the influx of IPv6 addresses. As exemplified by Google s support of IPv6 on its search, news, docs, maps, and YouTube, the Internet is already rich with IPv6 content and services; but IPv4 won t just vanish as IPv6 comes on board. This creates a challenging situation for service providers, who must upgrade their network infrastructures to handle IPv4 and IPv6 co-existence. After more than a decade of forewarning, the IPv4 to IPv6 transition has finally reached critical mass. On February 1, 2011, the Internet Assigned Numbers Authority (IANA) allocated the last freely-available block of IPv4 addresses. While network cores are well-equipped to handle both IPv4 and IPv6, broadband access networks are not. IPv4 and IPv6 co-existence stresses the underlying network systems, which can introduce latency, degrade network responsiveness, and compromise servicelevel agreements (SLAs). The biggest transition concern is its impact on customers will introducing IPv6 endpoints, forwarding tables, and services affect connectivity speed, service quality, and network reliability? With fierce industry competitiveness over customer retention, service providers need assurance of a seamless IPv6 transition at least from the customer perspective. To proactively address customer-impacting problems, service providers need a quick and reliable test solution that enables them to predict the effect of the IPv6 transition on their broadband access network. IPv6 Solutions for Broadband Access An abrupt transition of the legacy IPv4 infrastructure to IPv6 is not practical because most Internet services are still based on IPv4 and many customers still run operating systems that do not fully support IPv6. Service providers must support both IPv4 and IPv6 endpoints and services to guarantee the quality of service (QoS) defined in their SLAs. There are different methods used to achieve this goal across broadband access networks including: Translation Tunneling (includes dual-stack lite and IPv6 rapid deployment) Dual-stack 4

Translation The easiest way to conserve the depleting IPv4 address space is to use translation so that the outward-facing interface uses a public interface while the private network uses IP addresses that are not routed on the Internet. However, the known performance and scalability issues compel most service providers to deploy either tunneling or dual-stack transition mechanisms in broadband access networks. Tunneling Tunneling mechanisms are used to tunnel IPv6 island traffic over IPv4 networks and vice versa. The two tunneling schemes currently receiving significant industry attention are: Dual-stack Lite IPv6 rapid deployment Dual-Stack Lite (DS-Lite) While service providers aim to capitalize on the benefits of quickly embracing IPv6, they must also contain the costs of doing so and ensure uninterrupted IPv4 support. With DS-Lite, broadband service providers handle IPv4 addresses using IP in IP (IPv4-in- IPv6) tunneling and Network Address Translation (NAT). DS-Lite simplifies the IPv4/IPv6 transition by de-coupling IPv6 deployment in the service provider network from the rest of the Internet. How DS-Lite works DS-Lite uses IPv6-only links between the provider and the customer. The DS-Lite home gateway is provisioned with an IPv6 address on its WAN interface. At the LAN-side interface, it operates its own DHCPv4 server, handing out RFC1918 private addresses to home devices. There is no NAT service on the customer premise equipment (CPE) device, such as a home gateway. The NAT service is located on a carrier-grade NAT device in the provider s network, which is also a tunnel terminator for the Pv4-in-IPv6 tunnel. While service providers aim to capitalize on the benefits of quickly embracing IPv6, they must also contain the costs of doing so and ensure uninterrupted IPv4 support. The IPv4 packet from the home device to an external destination is encapsulated in an IPv6 packet by the DS-Lite home gateway and transported into the provider network. The packet is decapsulated at the carrier-grade NAT device (CGN), also referred to as an Address Family Translation Router (AFTR) and NAT44 is performed to map the home device s private IPv4 address to a public IPv4 address. The IPv6 tunnel source address is added to the NAT table, along with an IPv4 source address and port, to both disambiguate the customer private address and provide the reference for the tunnel endpoint. If a home device needs to access an IPv6 service, it is transported as-is and routed to an Internet server. With DS-Lite technology, the communications between end-nodes stay within their address family without requiring protocol family translation. If a home device needs to access an IPv6 service, it is transported as-is and routed to an Internet server. 5

CGN/AFTR: Builds NAT table (maps IPv4/IPv6) Terminates IPv4-in-IPv6 tunnel Encapsulates IPv4 packet in IPv6 tunnel DS-Lite Home Gateway: n order to quickly offer end-to-end IPv6 service, providers use 6rd to encapsulate IPv6 traffic in IPv4 headers, and tunnel home users IPv6 traffic through the IPv4 network to IPv6 internet service. Figure 1: How DS-Lite Works There are multiple advantages of DS-Lite over using NAT cascading: Tunneling IPv4 over IPv6 is far simpler than translation so it performs much better than NAT464. The deployment of IPv6 in the service provider network is decoupled and independent of the customers migrating to IPv6. If customer equipment is IPv6-aware, the packets simply follow the IPv6 routing to reach the destination, and no tunneling is performed. Increased traffic load is handled by adding more AFTR elements in the service provider network, providing flexibility to adapt to changing traffic load. IPv6 Rapid Deployment (6rd) Uses IPv6 address WAN interfaces Operates DHCPv4 server on LAN interfaces Encapsulates IPv4 packet in IPv6 going to network Decapsulates IPv6 packet coming from network In order to quickly offer end-to-end IPv6 service, providers use 6rd to encapsulate IPv6 traffic in IPv4 headers, and tunnel home users IPv6 traffic through the IPv4 network to IPv6 internet service. This tunnel is terminated by an edge router on the service provider network and native IPv6 packets are then transmitted to the IPv6-capable Internet. This allows for rapid introduction of IPv6 services in provider networks as they transition from IPv4 to IPv6. This approach minimizes deployment costs because it only requires upgrades to the routers at the customer edge (CE routers) to support 6rd and additional border routers (BR) that terminate the tunnel. The service provider can operate one or several BRs at its border between its IPv4 infrastructure and the IPv6 Internet depending on the number of IPv6 hosts it has to support and the capacity of a single BR. How 6rd works 6rd relies on IPv4 and is designed to deliver production-quality IPv6 alongside IPv4 with as little change to IPv4 networking and operation as possible.a 6rd domain consists of: 6

6rd CE routers, also referred to as Residential Gateways (RGs) or Customer Premises Equipment (CPE). A 6rd CE router functions as a customer edge in a 6rd deployment and is the initiator of the 6rd tunnel One or more 6rd BRs. A 6rd-enabled router is managed by the service provider at the edge of a 6rd domain. The BR terminates the IPv4 tunnel and transmits native IPv6 into the IPv6 network. 6rd CPE: Encapsulates IPv6 traffic in IPv4 going to BRs Decapsulates IPv4 traffic coming from BRs Advertises 6rd-delegated prefix or runs DHCPv6 server to assign IPv6 to home devices 6rd BR: Encapsulates IPv6 traffic from IPv6 Internet server in IPv4 tunnel and delivers to 6rd CE Decapsulates IPv4 traffic from 6rd CE and delivers to IPv6 Internet server Figure 2: ISP Architecture to Deploy IPv6 with 6rd (Source: http://tools.ietf.org/html/draft-despres-6rd-03) The 6rd mechanism relies on an algorithmic mapping between the IPv6 addresses and IPv4 addresses that are assigned for use within the service provider network. An IPv6 prefix, called a 6rd prefix, is selected by the service provider for use by a 6rd domain. There is exactly one 6rd prefix for a given 6rd domain. A service provider may deploy 6rd with a single 6rd domain or multiple 6rd domains. A 6rd CE-calculated IPv6 prefix, called the 6rd delegated prefix is used within the customer site. The 6rd delegated prefix is achieved by combining the 6rd prefix and CE IPv4 address as shown in figure 2. An IPv6 prefix, called a 6rd prefix, is selected by the service provider for use by a 6rd domain. Figure 3: 6rd Delegated Prefix The above address mapping allows for automatic determination of IPv4 tunnel endpoints from IPv6 prefixes, allowing stateless operation of 6rd. The 6rd CE either includes the 6rd delegated prefix in its router advertisement out of its LAN-side interface (so each home device can auto-configure its IPv6 address), or runs a DHCPv6 server to assign IPv6 addresses from a 6rd-delegated prefix to home devices. The IPv6 packet is encapsulated inside IPv4 by a 6rd CE and follows the IPv4 routing topology within the service provider network among CEs and BRs. 7

Dual-Stack Many service providers plan to deploy dual-stack networks as a long-term strategy, supporting a mixture of IPv4 and IPv6 applications for customers that require both protocols. Dual-stack-capable devices support both IPv4 and IPv6, from the network layer to the applications. Applications choose to use either IPv4 or IPv6 based on the type of IP traffic and particular requirements of the communication. Dual-stack deployments are more costly and time-intensive to deploy than tunneling technologies, since all devices in the network require a software upgrade (at a minimum) to support both IPv4 and IPv6 protocol stacks and forwarding tables. One important dual-stack technology for DSL networks is dual-stack PPP. How Dual-Stack PPP works Many service providers plan to deploy dual-stack networks as a long-term strategy, supporting a mixture of IPv4 and IPv6 applications for customers that require both protocols. Dual-stack PPP resolves IPv4/IPv6 compatibility issues and facilitates transition to IPv6 by enabling IPv6/IPv4 nodes to send and receive both IPv4 and IPv6 packets. Each individual PPP session results in getting both an IPv4 address and an IPv6 prefix that are used to assign addresses to IP devices at the customer site. The CPE supports formation of IPv4CP and IPv6CP over the same logical PPP LCP session and allows the end hosts to get IPv6 addresses. Using dual-stack PPP, the user s Figure 4: Dual-Stack PPP Implementation CE device can support IPv4 and IPv6 connectivity over a single PPP link, while keeping IPv6 and IPv4 connectivity independent from each other. Dual-stack PPP over L2TP is a specialized case of dual-stack PPP, wherein the L2TP access concentrator (LAC) and L2TP network server (LNS) tunnel dual-stack PPP sessions. The result for the end user is still an IPv6 address, but dual-stack PPP over L2TP replicates PPP over an L2TP network. Dual-stack PPP supports the use of DHCPv6 to get broadband subscribers their IPv6 addressing and other networking configuration information directly from the provider edge (PE). 8

Test Requirements It is important to measure the functionality and performance of tunneling mechanisms on network equipment prior to deployment of DS-Lite and 6rd. To offer customers a seamless IPv6 transition, service providers must ensure services can be delivered with requisite quality guarantees. Network design and configuration requires protocol and traffic stresstesting to identify the scalability limits of each device. It is equally important to validate interoperability of the different network devices, especially given the compatibility risks between IPv4 and IPv6 devices. Test equipment plays a critical role in this validation as it enables reliable, repeatable measurements across network devices. Testing Tunneling Ixia Port Ixia Port Emulated Home Devices Emulated CPE HTTP IPv6 IPv4 NAT IPv4 DUT Carrier grade NAT devices Emulated Internet Services (Web Server) Figure 5: Test Equipment Emulates Customer Network and Internet Services to Test DS-Lite Implementation It is important to measure the functionality and performance of tunneling mechanisms on network equipment prior to deployment of DS-Lite and 6rd. Figures 5 and 6 show how test equipment is used to emulate the customer premises and home devices, as well as the Internet services, surrounding each broadband network device under test (DUT). This allows service providers to test network equipment under real-world scenarios without the time and expense of building extensive test beds of real equipment. 9

As shown in Table 1 and 2, test equipment can validate key measurements for device functionality, forwarding performance, and application performance, allowing comparative analysis between different network hardware and tunneling implementations (i.e., DS-Lite vs. 6rd). Ixia Port Ixia Port 6rd BR HTTP IPv4 IPv6 Emulated Home Devices Emulated CPE 6rd Border Relay Emulated Internet Services (Web Server) Figure 6: Test Equipment Emulates Customer Network and Internet Services to Test 6rd Implementation Below are summaries of key DS-Lite and 6rd test requirements. Table 1: DS-Lite Test Measurements 10

Testing Dual-Stack PPP Table 2: 6rd Test Measurements For dual-stack network deployments, supporting and scaling both IPv6 and IPv4 versions of each protocol can be process-intensive for infrastructure equipment. It is imperative to verify that the device under test (DUT) can successfully complete the protocol negotiations, setup sessions at a high rate, and scale clients and traffic. Figure 7 shows how test equipment is used to stress Dual-Stack PPP implementations by emulating DHCP clients, network servers, and access controllers. For dualstack network deployments, supporting and scaling both IPv6 and IPv4 versions of each protocol can be process-intensive for infrastructure equipment. Figure 7: Test Setup for Dual-Stack PPP Test equipment is used to emulate clients and servers surrounding the dual-stack DUT. Test equipment must: Simulate different clients types Emulate both IPv4 and IPv6 protocol stacks Generate both IPv4 and IPv6 traffic Test a variety of device types (BNGs, BRAS, LAC, LNS, etc.) Key dual-stack test requirements include: 11

Conclusion With IPv4 address depletion, IPv6 applications and endpoints will soon become ubiquitous across networks from end to end. 2011 will be a year of significant access-network upgrades to support IPv6 and the dual-stack technologies required for IPv6 services. To ensure this evolution is transparent to subscribers, service providers and network equipment vendors must demonstrate that the network infrastructure equipment is ready for IPv4/IPv6 co-existence. Real-world and worst-case pre-deployment testing will play a critical role in mitigating any risk to service reliability, scalability, and quality. Comparative metrics between network equipment will also enable service providers to maximize their investment in new and upgraded infrastructure, and best optimize network configurations. Real-world and worst-case predeployment testing will play a critical role in mitigating any risk to service reliability, scalability, and quality. 12

13

WHITE PAPER Ixia Worldwide Headquarters 26601 Agoura Rd. Calabasas, CA 91302 (Toll Free North America) 1.877.367.4942 (Outside North America) +1.818.871.1800 (Fax) 818.871.1805 www.ixiacom.com Ixia European Headquarters Ixia Technologies Europe Ltd Clarion House, Norreys Drive Maidenhead SL6 4FL United Kingdom Sales +44 1628 408750 (Fax) +44 1628 639916 Ixia Asia Pacific Headquarters 21 Serangoon North Avenue 5 #04-01 Singapore 554864 Sales +65.6332.0125 Fax +65.6332.0127 915-0123-01 Rev. C, December 2013

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information