IP Transition Fix or a Band-Aid? www.spirent.com Alan Way YouTube = “alantalkstech” Wiki = http://alantestwiki.pbworks.com/ E-mail = alan.way@spirent.com
SPIRENT Is… Putting Innovation to the Test MOBILITY APPLICATIONS NETWORKS Positioning Mobile packet core and backhaul testing LTE, UMTS & CDMA device and air interface testing 10/40/100G Ethernet, data centers, cloud computing and security testing Ethernet services, video and IPTV, voice and IMS testing GPS, GLONASS, Galileo, Multi-GNSS and Wi-Fi location testing
IPv4 IPv6 For IPv4
Why we need IPv6 Now the Internet is evolving again, to the embedded space. How big will it become? Intel Vice President Doug Davis cites the IDC prediction of 15 billion intelligent, connected devices by the year 2015.¹ ¹ "Gantz, John. "The Embedded Internet: Methodology and Findings." IDC. January 2009."
Maximum packet rate for 10GigE = 14,470,000 Total addresses (2^128) = 340,282,366,920,938,000,000,000,000,000,000,000,000 Maximum packet rate for 10GigE = 14,470,000 Number of seconds required = 23,516,404,071,937,700,000,000,000,000,000 ...that's 745,700,281,327,299,000,000,000 years! To put that into perspective, the universe is roughly 15 billion years old (15,000,000,000). A customer just asked me to help him construct a configuration that would send a single ping request to every IPv6 address in the entire IPv6 address space using a 10 Gig interface. 15 How long would it take to perform this test using a single 10 GigE port? BTW, it would take around 5 minutes for IPv4. From : Matthew Jefferson(Matt)
Realistic Alternative ? IS IPv4 NAT a Realistic Alternative ?
NAT444 NAT 4 4 4 RFC 1918 172.16.0.1 RFC 1918 192.168.1.2 IPv4 Public Internet 203.0.113.24 NAT444 LSN CGN Carrier Grade NAT Large Scale NAT
ISP Address & CPE Must be managed NAT444 Performance Issues Gaming VoIP Video Streaming ISP Address & CPE Must be managed Legal Intercept IPv4 RFC 1918 172.16.0.6 RFC 1918 192.168.1.2 RFC 1918 172.16.0.1 LSN Public Internet 203.0.113.24 Loss of Geolocation http://tools.ietf.org/id/draft-donley-nat444-impacts-01.html Where are the bad guys?
Dual Stack Lite (DS-Lite) Provides IPv4 access Over ipv6
Dual Stack Lite (DS-Lite) (IPv4 Access over IPv6) 198.51.100.1 IPv4 IPv6 192.0.2.1 10.0.0.1 10.0.0.2 2001:DB8:0:2::1 172.16.0.1 B4 = Basic Bridging Broad Band element AFTR = Address Family Transition Router element CPE = Customer Premise Equipment LSN = Large Scale Nat A DS-Lite CPE is an IPv6 aware CPE with a B4 interface implemented in the WAN interface. The Internet Assigned Numbers Authority (IANA) has reserved the following three blocks of the IP address space for private internets: 10.0.0.0 - 10.255.255.255 (10/8 prefix) 172.16.0.0 - 172.31.255.255 (172.16/12 prefix) 192.168.0.0 - 192.168.255.255 (192.168/16 prefix) 2001:DB8:0:1::1 172.16.0.2
Basic Bridging Broad Band element (B4) 10.0.0.2 172.16.0.2
Address Family Transition Router element (AFTR) 2001:DB8:0:2::1 192.0.2.1 172.16.0.1 NAT + DHCP NAT + DHCP CPE 2001:DB8:0:1::1 2001:DB8:0:2::1 172.16.0.2 172.16.0.1 192.0.2.1 10.0.0.2 NAT + DHCP CPE 2001:DB8:0:1::2 2001:DB8:0:2::1 172.16.0.3 172.16.0.1 192.0.2.1 2001:DB8:0:1::1 NAT + DHCP CPE 2001:DB8:0:1::3 2001:DB8:0:2::1 172.16.0.2 172.16.0.4 172.16.0.1
Datagram Mapping (NAT) Datagram Header Contents IPv4 Datagram 1 IPv4 Dst 198.51.100.1 TCP Dst Port 80 IPv4 Src 10.0.0.1 TCP Src Port 10000 IPv6 Datagram 2 IPv6 Dst 2001:DB8:0:2::1 IPv6 Src 2001:DB8:0:1::1 IPv4 Dst 198.51.100.1 TCP Dst Port 80 IPv4 Src 172.16.0.2 TCP Src Port 10000 IPv4 Datagram 3 IPv4 Dst 198.51.100.1 TCP Dst Port 80 IPv4 Src 192 .0.2.1 TCP Src Port 5000 Outbound 198.51.100.1 IPv4 IPv6 192.0.2.1 10.0.0.1 10.0.0.2 2001:DB8:0:2::1 2001:DB8:0:1::1 172.16.0.1 172.16.0.2
Datagram Mapping (NAT) Datagram Header Contents IPv4 Datagram 1 IPv4 Dst 192.0.2.1 TCP Dst Port 5000 IPv4 Src 198.51.100.1 TCP Src Port 80 IPv6 Datagram 2 IPv6 Dst 2001:DB8:0:1::1 IPv6 Src 2001:DB8:0:2::1 IPv4 Dst 172.16.0.2 TCP Dst Port 10000 IPv4 Src 198.51.100.1 TCP Src Port 80 IPv4 Datagram 3 IPv4 Dst 10.0.0.1 TCP Dst Port 10000 IPv4 Src 198 .51.100.1 TCP Src Port 80 Inbound 198.51.100.1 IPv4 IPv6 192.0.2.1 10.0.0.1 10.0.0.2 2001:DB8:0:2::1 172.16.0.1 2001:DB8:0:1::1 172.16.0.2
How to provide Ipv6 Using Ipv4 IPv6 Rapid Deployment 6rd
Case study for IPv6 Rapid Deployment Nov 7, 2007 6rd presented Nov 9, 2007 Prefix from RIPE Nov 9, 2007 Beta Code on Freebox running Dec 11, 2007 Service available to 2M customers 250K users signed up in first month. 500K users enabled today (~4M ready for IPv6) IPv6 Deployment Timeline Founded in 1999 One of the Worlds largest IPv6 residential providers Provides VoIP, IPTV, Internet, Mobile Four Million Customers (10/2010) 27% of Market Cisco today announced that Free (Iliad Group), a leading broadband solutions operator in France, has deployed the Cisco(R) Carrier-Grade IPv6 Solution using Internet Protocol version 6 rapid deployment technology, also known as 6rd, allowing more than four million Free residential broadband customers to be a part of one of the world’s largest live IPv6-enabled residential Internet service deployments. Complete info at MarketWatch, TradingMarkets and PR-USA. Iliad S.A. is a French provider of telecommunication services. It is based in Paris and its operations comprise fixed telephony services, prepaid phone cards and internet access providing and hosting services. The company was founded by Xavier Niel in 1999 Revenue 1,212 million EUR (2007) ▲ +29.7%[1 Net Income 150.2 million EUR (2007) ▲ +24.4%[1] Employees 2275 (2007)[2] Year Slogan (translation) Original French slogan 1999 Liberty is priceless La Liberté n'a pas de Prix 2007 Everything is included C'est tout compris 2008 Undoubtedly the best offer since a long time Sans doute la meilleure offre depuis bien longtemps 2009 He has Free, he has all included / understood Il a Free, il a tout compris
IPv6 Rapid Deployment (6rd) RFC-5969 6rd specifies a protocol to deploy IPv6 to sites via a service provider's IPv4 network. It builds on 6to4 with the key differentiator that it utilizes an SP's own IPv6 address prefix rather than a well-known prefix (2002::/16) 6rd views the IPv4 network as a link layer for IPv6 IPv4 IPv6 IPv6
6rd Example ( Customer Edge Example) 6rd Prefix/n bits CE IPv4 add 0-32 bits Subnet ID 0-16 bits 2001:DB80::/32 2001:DB80: 10.100.100.1 64 64:0100: Interface ID 64 bits IPv6 10.100.100.1 IPv6 CE IPv4 address BR IPv4 Address BR IPv4/IPv6 CE = Customer Edge BR = Border Relay RG = Residential Gateway or CPE = Customer Premises Equipment The CE IPv4 address can be configured or from DHCP The CE IPv4 address can be global or private (RFC 1918)
6rd DHCPv4 Option 6rd Prefix (16 Octets) 6rdBRIPv4Address(es) Option-Length IPv4 Mask len 6rd PrefixLen 6rd Prefix (16 Octets) 6rdBRIPv4Address(es) Option_6rd Value (212). Option-Length Length of DHCP Option (22 with one BR IPv4 Address). IPv4MaskLen Number of high order bits that are identical across all CE. 6rdPrefixLen Length of SP’s 6rd IPv6 Prefix in number of bits. 6rdBRIPv4Address One or more IPv4 Address of 6rd Border Relay.
NAT64 & DNS64 Enables IPv6 Clients to access IPv4 only hosts New/Existing ISPs can provide IPv6 access only
NAT64 & DNS64 DNS64 Server alan.com IPv4: 112.1.2.3 Stress Testing DNS AAAA Response IPv6 64:FF:9B::112.1.2.3 DNS64 Server IPv4 Only Application Server DNS AAAA Query For alan.com IPv6 alan.com IPv4: 112.1.2.3 Excellent Article on NAT64/DNS64. How to set up & run small test with open source code. http://www.networkworld.com/community/blog/testing-nat64-and-dns64 Client IPv6 Only Stress Testing NAT64 NAT64 Uses a special prefix, called Pref64::/n Well-known prefix: 64:ff9b::/96 Excellent article: http://www.networkworld.com/community/blog/testing-nat64-and-dns64
How can Spirent help? Measure performance of Border Gateways Testing up to 100Gbps Measure overall server performance Application/Security/VoIP/Video IPSec Testing Measure performance of IPv6, IPv4 & Dual Stack Routers Measure performance IPv6/IPv4 Tunnel Transition Devices IPv6 Protocol conformance testing. Professional Services 22
Will Your IPv6 Network Pass the Test? 23
Thank You www.spirent.com YouTube = “alantalkstech” Wiki = http://alantestwiki.pbworks.com/ E-mail = alan.way@spirent.com