v4 Run-Out in Europe “Run Out Fairly” Special rules for final /8 in RIPE-land Each LIR will be given one single /22 No PI will be assigned Probably implemented Q1 2012. Similar rules in APNIC land and others..
So what am I recommending you do? NEVER buy Hardware/Services that are not IPv6 future proof! Get connectivity to your network v6 connectivity to your engineers (address your workstation) v6 trials in your lab (address some toy boxes, devel environment) v6 connectivity to all users Dual-stack production for some services Dual-stack production for all services
How we did it Don’t do it this way! It was 2001 – there was no stable v6 support in any vendor equipment In 2006, we found stable and mature IPv6 support so now I recommend dual stack. rtr server Real IPv4 IP6 Tunnel
Since 2006 Dual Stack – Every backbone link gets an IPv4 and IPv6 address – Every IGP has an IPv4 and IPv6 adjacency – BGP parity This is my strong recommendation to you. Overlay networks are not a v6 rollout and mean you need a future v6 native rollout.
Tunnel technology Transitional technology: – 6in4 (GRE Tunnels) www.tunnelbroker.net – 6to4 (Auto Tunnel) – Terado (Auto Tunnel) Transitional technology poor compared with native, less well supported, overhead to debug, performance impacting. But 6in4 static tunnels are a reliable way to get connectivity into your laboratory, or in regions where no v6 native players exist
Buying Equipment and Services RIPE-501 is the template http://www.ripe.net/ripe/docs/ripe-501 Do *not* buy kit or software without IPv6 support, it would be throwing money away. If v6 support is on the roadmap, demand evaluation units for your lab. If your lab needs v6, tunnelbroker.net
Addressing school Typical IPv4Typical IPv6 Assignment Unit/32 (An Address)/64 (A subnet) Assignment PolicyScarsityAggregation Addresses4 billion~350 Unidecilion NATNecessary Broken Not necessary Not supported Addressing ConfigurationStatic DHCP Static Stateless Autoconfig DHCP (Weak) DHCP-PD
Like with v4, addressing involves getting an IP address to a host ISP Identifier Customer ID My Network Number Host Part
RA Guard Any host can send Router-Advertisements – Problems with Windows ICS boxes – Turn on Terado and advertise a ::/0 path! – Other malicious intent Think of RA Guard like DHCP Guard interface GigabitEthernet0/0 switchport access vlan nn ipv6 nd raguard show ipv6 nd raguard policy
Modern history – what’s happened this year? http://bgp.he.net/report/prefixes#_prefixes http://bgp.he.net/report/prefixes#_networks 102% increase in 12 months! 80% increase in 12 months!
IPv6 measured at via BGP ASNs with IPv6 http://bgp.he.net/ipv6-progress-report.cgi Networks Running IPv6 We can measure the percentage of networks running IPv6 by comparing the set of ASes in the IPv6 routing table to those in the combined set of IPv4 and IPv6. IPv4 Ases: 38,889 IPv6 ASes: 4,592 ASes using only IPv4: 34,394 ASes using only IPv6: 97 ASes using IPv4 and IPv6: 4,495 ASes using IPv4 or IPv6: 38,986 Percentage of ASes (IPv4 or IPv6) running IPv6: 11.8% Date 11.8% Percentage of ASNs running v6 3.6% IANA Runout W6D
World IPv6 Day and real IPv6 traffic World IPv6 Day was about enabling web-based traffic for IPv6 Focus on content providers Web (port 80 & 443 TCP traffic) plotted below
World IPv6 Day and real IPv6 traffic Long term win since W6D in IPv6 traffic levels That means there are both content and eyeballs in play