Presentation on theme: "IPv6 Planning and Implementation at PSU. 1986 – PSU gets Class B network (188.8.131.52) & 5 Class C networks 192.5.157-.161 1988 – Department of Computer."— Presentation transcript:
1986 – PSU gets Class B network (184.108.40.206) & 5 Class C networks 192.5.157-.161 1988 – Department of Computer Science and Engineering get Class B network (220.127.116.11) 1991 – PSU gets additional Class B network (18.104.22.168) & additional Class C network (22.214.171.124) 2001 – PSU gets a /17 network (66.71.0/0/17) 2006 – PSU gets IPv6 prefix 2610:8::/32
PSU Public Prefix 2610:8::/32 4,294,967,296 /64 subnets PSU ULA fd0b:7cdb:aefd::/48 Unique Local Address – local routed addresses PSU Central Services for IPv6 DNS NTP Web Servers Wiki IPv6 Subnets issued to PSU organizations by request
Earth and Mineral Sciences, Earth Engineering Sciences – 17 Public Huck Institute – 4 Public Computer Science & Engineering – 3 Public, 2 ULA Eberly College of Science – 2 Public, 1 ULA Advanced Vehicle Technology Design Group – 1 Public College of Education – 1 Public, 2 ULA Arts & Architecture – 1 Public
No perceived advantages of IPv6 Required replacement of network equipment not supporting IPv6 Difficulty of compliance with PSU computing policy AD-20 Deans and Administrative Officers are responsible for: Ensuring technical or procedural means are in place to facilitate determining the User ID responsible for unauthorized activity in the event of a security incident.
US Government mandate for public/external servers to use native IPv6 by end of FY 2012 International use of IPv6 only networks due to exhaustion of IPv4 addresses Expanding international presence of Penn State requiring IPv6 compliant services Use of IPv6 only in expanding 3G/4G networks – Expanding mobile environment Availability of IPv6 support in all levels of network equipment – Does NOT deal with budget limitations only provides additional options
The logging/tracing of IPv6 addresses has not dramatically improved NDPmon still appears as the only open available resource Not updated since 2009 Requires a presence on each IPv6 subnet DHCPv6 is an option but not supported by all routers and clients. Could log issued addresses SLAC is supported by all. We are back to NDPmon. There is always Static Addressing… Clients can use multiple address techniques
Penn State does not presently require IPv6 support for network connectivity, but it may set a policy requiring IPv6 support At present there is no recommendation on how to comply with AD-20, but there is also no special allowance for IPv6 Move forward providing IPv6 access to public services within other University units Work towards solutions that allow extension of IPv6 to all users
Presently - Directly interconnect 2 COE Hub locations via fiber creating one network Presently - Implement firewall cluster sharing a single configuration Future - Move all public facing central servers to current server vlan Future - Move oldest public facing DNS server to the server vlan Future - Implement native IPv6 on the server vlan Future – Activate Dual-Stack on public servers
To implement IPv6 across the entire College of Engineering would utilize 30+ IPv6 subnets and the associated monitoring equipment. Develop procedures to accommodate College users with need for IPv6 before full implementation Educational/Research requirement Mobile device Evaluate security extensions for IPv6 Avoid IPv6 tunneling Rogue router announcements
Contact Information: Jim Carras firstname.lastname@example.org (814) 863-4425 NCTS in the College of Engineering The Pennsylvania State University 152-B Hammond Building University Park, PA 16802
Your consent to our cookies if you continue to use this website.