Presentation is loading. Please wait.

Presentation is loading. Please wait.

US Labs IPv6 Planning & Deployment Status Phil DeMar Oct. 4, 2012 1.

Similar presentations

Presentation on theme: "US Labs IPv6 Planning & Deployment Status Phil DeMar Oct. 4, 2012 1."— Presentation transcript:

1 US Labs IPv6 Planning & Deployment Status Phil DeMar Oct. 4, 2012 1

2 USG OMB IPv6 “Mandates” for 2012 & 2014 Public-facing services to support IPv6 by Sept 30, 2012  For US Dept of Energy (DOE), this means email, DNS, & web services  “Public-facing” interpreted as “intended for the general public” Internal client systems to support IPv6 by Sept 30, 2014  Essentially, this means all desktops No IPv6 transition mandate for all USG systems  Mandate targeted at public services & clients using public services  Scientific computing systems are not within scope “Mandate” lacks enforcement element  NIST dashboard measures agency compliance  But nothing happens to the non-compliant 2

3 US DOE IPv6 Transition Planning DOE has transition team coordinating IPv6 milestone compliance across the Department  Size of DOE dictates a decentralized approach DOE National Labs are not part of DOE IPv6 transition planning scope:  Labs aren’t bound to OMB mandates Per current interpretation…  But are encouraged to support IPv6, consistent with mission requirements & resources DOE participates in Federal (USG) IPv6 Task Force  A post-9/30/2012 progress report is expected  Not clear if current interpretation of OMB mandate might change

4 DOE Transition TF – recent report (9/30/12) 4

5 Deployment of IPv6 at Labs Labs are implementing IPv6 independently:  Availability of effort is largest issue holding up progress  Several Labs have stopped/paused IPv6 deployment entirely  Most are moving forward, at least with the OMB 2012 milestones So far, there have been no reported requirements or requests from experiments or collaborations for IPv6 5

6 Recent Lab Survey on 2012 IPv6 Milestone Status: 8 sites say they’ll meet OMB milestones by end of year  Other extreme: 3 are not putting effort into IPv6 now DNS status slightly deceiving:  A number are ESnet-supported secondary servers 6

7 IPv6 Status Monitoring Dashboards NIST runs “official” Fed. Deployment IPv6 dashboard:  If you’re not green, you’re red…  Most, but not all Labs in domain are listed ESnet now has a site IPv6 deployment dashboard  Green or gray, no red  ESnet-only IPv6 DNS support is “light” green 7

8 Likeliest Next IPv6 Steps for Labs Start focusing on internal IPv6 client deployment issues  Lab directions driven more by site self-interest than OMB directive  Most sites classified their client IPv6 planning as “investigating impact” Likeliest ESCC course of action will be to target specific common IPv6 technology areas:  Auto-configuration & neighbor discovery  Tunneling capabilities & controls  Dual stack (IPv4/IPv6) issues  Unique Local Addresses (ULAs) Managing & maintaining control over IPv6 likely to be strongest motivation 8

9 US Tier-1 IPv6 Deployment Status (FNAL & BNL) 9

10 FNAL IPv6 Deployment Status Currently IPv6 deployment:  DNS & Email support IPv6; central web will in ~2 weeks Using Infoblox for IPAM  Small test bed with wide area connectivity FermiCloud cluster attached to IPv6 test bed Provision for rolling development systems into test bed Separate address space (PA) Internal IPv6 work group to develop structured IPv6 plans  Includes networking, security, system & application support  Addressing & routing plans drafted & vetted Next steps in IPv6 deployment:  Use Computing Div. LAN as development environment for IPv6 client system support 10

11 11 IPv6 in FNAL Core Network Central Services (web, email) Computer Security subnets Computing Div LAN (slaac) IPv6 Test Bed Backup Border Router

12 12 FNAL

13 BNL IPv6 Deployment Status Expect to satisfy OMB 2012 milestones by end of year:  COTS IPAM solution in process of being implemented to provide DNS IPv6 capability  External interfaces of Ironports hosting mail daemons IPv6-capable  Public web servers migrated behind squid proxies w/IPv6 capable external interface Working group established to address OMB 2014 requirements for IPv6 compatibility of internal clients/apps  Under umbrella of BNL Cyber Security Advisory Council 13

14 Questions ? 14

Download ppt "US Labs IPv6 Planning & Deployment Status Phil DeMar Oct. 4, 2012 1."

Similar presentations

Ads by Google