2015-8-16 Guoliang YANG Problem Statement of China Telecom.

Slides:

Advertisements

Similar presentations

IETF 80 th Problem Statement for Operational IPv6/IPv4 Co-existence 3/31/2011 Chongfeng Xie Qiong Sun

Advertisements

SAVI Requirements and Solutions for ISP IPv6 Access Network ISP-access-01.txt.

NAT, firewalls and IPv6 Christian Huitema Architect, Windows Networking Microsoft Corporation.

CPSC Network Layer4-1 IP addresses: how to get one? Q: How does a host get IP address? r hard-coded by system admin in a file m Windows: control-panel->network->configuration-

Transitioning to IPv6 April 15,2005 Presented By: Richard Moore PBS Enterprise Technology.

Halifax, 31 Oct – 3 Nov 2011 ICT Accessibility For All 4over6 technology for IPv6 transition Yong CUI CCSA (Tsinghua University) Document No: GSC16-PLEN-71.

IPv4 to IPv6 Migration strategies. What is IPv4  Second revision in development of internet protocol  First version to be widely implied.  Connection.

© 2006 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Implementing IP Addressing Services Accessing the WAN – Chapter 7.

Project by: Palak Baid (pb2358) Gaurav Pandey (gip2103) Guided by: Jong Yul Kim.

1 Muhammed Rudman

IPv4 Depletion IPv6 Adoption 3 February /8s Remaining.

IPv4 Run Out and Transitioning to IPv6 Marco Hogewoning Trainer, RIPE NCC.

Enabling IPv6 in Corporate Intranet Networks

17/10/031 Summary Peer to peer applications and IPv6 Microsoft Three-Degrees IPv6 transition mechanisms used by Three- Degrees: 6to4 Teredo.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Addressing the Network – IPv4 Network Fundamentals – Chapter 6.

Strategies to Ensure ROI From Ipv6 Transition and Deployments Alpna Doshi Asst. Vice President – Telecom Business Unit Satyam Computer Services Ltd.

IP Version 6 Next generation IP Prof. P Venkataram ECE Dept. IISc.

Guide to Network Defense and Countermeasures Second Edition

1 Chapter 2: Networking Protocol Design Designs That Include TCP/IP Essential TCP/IP Design Concepts TCP/IP Data Protection TCP/IP Optimization.

Securing Remote PC Access to UNIX/Linux Hosts with VPN or SSH Charles T. Moetului WRQ, Inc. (206)

Module 10: Troubleshooting Network Access. Overview Troubleshooting Network Access Resources Troubleshooting LAN Authentication Troubleshooting Remote.

SCSC 455 Computer Security Virtual Private Network (VPN)

IPV6 in China Telecom: Policies and Try Cancan Huang, China Telecom

Network Isolation Using Group Policy and IPSec Paula Kiernan Senior Consultant Ward Solutions.

Hands-On Microsoft Windows Server 2003 Administration Chapter 11 Administering Remote Access Services.

Goal of The Paper  What exactly is a VPN?  Why do you need a VPN?  what are some of the technologies used in deploying a VPN?  How does a VPN work?

Lightweight 4over6 in access network draft-cui-softwire-b4-translated-ds-lite-01 China Telecom: Chongfeng Xie, Qiong Sun Tsinghua University: Yong Cui,

Lecture Week 7 Implementing IP Addressing Services.

IETF 79 th Considerations for Stateless Translation (IVI/dIVI) in Large SP draft-sunq-v6ops-ivi-sp-01 Qiong Sun( China Telecom) Heyu Wang( China Telecom)

Remote Networking Architectures

1 © J. Liebeherr, All rights reserved Virtual Private Networks.

1 CDMA/GPRS Roaming Proposals Raymond Hsu, Jack Nasielski Feb

1 Microsoft Windows NT 4.0 Authentication Protocols Password Authentication Protocol (PAP) Challenge Handshake Authentication Protocol (CHAP) Microsoft.

4: Addressing Working At A Small-to-Medium Business or ISP.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Addressing the Network – IPv4 Network Fundamentals – Chapter 6.

Windows Internet Connection Sharing Dave Eitelbach Program Manager Networking And Communications Microsoft Corporation.

Configuring Routing and Remote Access(RRAS) and Wireless Networking

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE I Chapter 6 1 Implementing IP Addressing Services Accessing the WAN – Chapter 7.

Module 9: Planning Network Access. Overview Introducing Network Access Selecting Network Access Connection Methods Selecting a Remote Access Policy Strategy.

Page 1 NAT & VPN Lecture 8 Hassan Shuja 05/02/2006.

HUAWEI TECHNOLOGIES CO., LTD. IPv4/IPv6 multicast interoperation Sheng Jiang Senior Research Engineer Huawei

Remote Access Chapter 4. Learning Objectives Understand implications of IEEE 802.1x and how it is used Understand VPN technology and its uses for securing.

Objectives Configure routing in Windows Server 2008 Configure Routing and Remote Access Services in Windows Server 2008 Network Address Translation 1.

Implementing IP Addressing Services Accessing the WAN – Chapter 7.

1 Chapter 12: VPN Connectivity in Remote Access Designs Designs That Include VPN Remote Access Essential VPN Remote Access Design Concepts Data Protection.

UNIT IP Datagram Fragmentation Figure 20.7 IP datagram.

IPv6 for ISP Industry Sify Technologies Ltd Somasundaram Padmanabhan Network Engineering IPv6 Awareness Workshop.

ISP Edge NAT 10/8 “Home” Network Upstreams and Peers /32

1 Chapter 3: Multiprotocol Network Design Designs That Include Multiple Protocols IPX Design Concepts AppleTalk Design Concepts SNA Design Concepts.

IANA Reserved IPv4 Prefix for IPv6 Transition draft-weil-opsawg-provider-address-space-00 IETF 78 July

RADIUS issues in IPv6 deployments draft-hu-v6ops-radius-issues-ipv6-01 J. Hu, YL. Ouyang, Q. Wang, J. Qin,

The necessity of 4-over-6 stateless address sharing mechanism Satoru Matsushima Jie Jiao Chunfa Sun 0.

CS460 Final Project Service Provider Scenario David Bergman Dong Jin Richard Bae Scott Greene Suraj Nellikar Wee Hong Yeo Virtual Customer: Mark Scifres.

1 Week #5 Routing and NAT Network Overview Configuring Routing Configuring Network Address Translation Troubleshooting Routing and Remote Access.

Deploying IPv6, Now Christian Huitema Architect Windows Networking & Communications Microsoft Corporation.

IPv6 Transition Guide For A Large-scale Broadband Network Guo Liang Yang (Editor) Le Ming Hu Jin Yan Lin China Telecom Sept. 21 st, 2010 draft-yang-v4v6tran-ipv6-transition-guide-00.

Post IPv4 “completion” Making IPv6 incrementally deployable by making it backward compatible with IPv4. Alain Durand.

17/10/031 Euronetlab – Implementation of Teredo

Network Layer IP Address.

CCNA4-1 Chapter 7-1 IP Addressing Services Scaling Networks With Network Address Translation (NAT)

Windows Vista Configuration MCTS : Advanced Networking.

CCNA4-1 Chapter 7-1 NAT Chapter 11 Routing and Switching (CCNA2)

KAPLAN SCHOOL OF INFORMATION SYSTEMS AND TECHNOLOGY IT375 Window Enterprise Administration Course Name – IT Introduction to Network Security Instructor.

IETF 80 th Lightweight Address Family Transition for IPv6 draft-sunq-v6ops-laft6-01 Chongfeng Xie( China Telecom ) Qiong Sun( China Telecom)

Presented By:- Avinash Kumar Nitesh Kumar Yadav. OUTLINE  Introduction of IP v4.  Introduction of IP v6.  Advantages of IP v6 over IP v4.  Transition.

IPv4 shortage and CERN 15 January 2013

Virtual Private Networks (VPN)

Implementing IP Addressing Services

Implementing IP Addressing Services

Multicast Support for Dual Stack Lite and 6RD

Presentation transcript:

Guoliang YANG Problem Statement of China Telecom

Problems and Challenges for China Telecom 22 4 Deployment 3 Environment 1Motivation 2 Technology Address Pool Exhaustion Worldwide Asia China Telecom Total Space91 17per yr Exhausting speed ( Unit: million ) 2. Protocol Incompatibility Different protocol Packet format Different protocol Packet format Different treatment for software Different treatment for software No clear guidelines from government No clear guidelines from government No drivers for ICP No drivers for ICP Users do not care Users do not care Long Life cycle of ROI Long Life cycle of ROI (ROI, Return on Investment) Giant network scope and large numbers of service platforms need Considerable human and material resources Giant network scope and large numbers of service platforms need Considerable human and material resources No practical criteria referenced for IPv6 transition No practical criteria referenced for IPv6 transition 4. Lack of transition experience For network management, product development and service flow, no mature experiences and examples can be learned from. For network management, product development and service flow, no mature experiences and examples can be learned from. CT status quo CT status quo Predicted extinction date Predicted extinction date 3. Inactive Industry Chain ICP NetworkCustomer Government

Contents Transition Technology Selection Problems in deploying Dual Stack NAT444 authentication User tracing Impact on internet application Problems in deploying tunnels incapable multicast service in Ds-lite Problems in deploying protocol translation Infeasible fixed range port in DIVI Address planning strategy network application users IPv4 Contents Transition Unavailable PPPoEv6 in Windows XP

Transition Technology Selection Considerations which need to be made when applying various transition technologies to existing networks. Various transition technologies may have different impacts to the services: Dual Stack with Carrier Grade NAT444 Tunnel technologies Protocol Translation

Problems in deploying Dual Stack Carrier Grade NAT444: Authentication Single-Sign-On of the website ： The user’s IPv4 private address is allocated by BRAS after AAA process, so, only user's private ipv4 address is mapped with the user account in AAA system. In some cases, website may make SSO authentication with user’s IP address via carrier’s AAA server. User accesses the Internet website with public address, while the address in the carrier’s AAA Server is private address. So the user can not be authorized. VPN authentication In L2TP and NAT444 environments with user creating VPN itself, if the user wants to access the enterprise internal network via VPN, some authentication protocol such as EAP, may not be supported in these two environments. AAA authentication In some cases, dual stack users may establish dial-up sessions to BRAS to get IPv4 and IPv6 address separately. BRAS may probably send different radius authentication request packets to AAA. According to current anti-attack policies in AAA server, the AAA server will deal with the first request packet and ignore the other ones.

Problems in deploying Dual Stack Carrier Grade NAT444: User tracing Flow Analysis System and Behavior Analysis System The existing Flow Analysis and Behavior Analysis System of Carrier is centralized and deployed in backbone. In NAT444 environment, they both need to be placed before NAT device, in order to collect users’ data and analysis their behavior accurately by their IPv4 address.

Problems in deploying Dual Stack Carrier Grade NAT444: Others Internet user access the private network users initiatively. Currently two access methods are considered in the metropolitan area network: Communication between Private IP host, the traffic will not go through NAT444 device. Communication between Private IP host and Public one, the traffic will go through NAT444 device. For the user who wants to visit a website which is provided by private address host, it is not accessible. NAT444 doesn’t support the current PPTP VPN.

Problems in deploying tunnel What is the sequence of deployment for tunnel technologies: 6RD 、 DS-lite and L2TP, etc 6RD  DS-lite or directly to DS-lite? Incapable multicast service in DS-Lite: For China Telecom, the IPTV multicast replication point is located in BRAS. There is a trend to move down the replication point to access node. In the DS-Lite scenario, the IPTV multicast replication point will be at AFTR which will lead some performance problems and conflict with the above trend. What is the investment benefit and maintenance cost of different tunnel technology?

Problems in deploying protocol translation Infeasible fixed range port in DIVI DIVI assigns a fixed range of ports to the HG, for users sake, it is infeasible and unfair for customers. Much larger traffic will pass the DIVI gateway than other technology

Address Planning Strategy When IPv6 is deployed, how to plan the IP address pool in a large scale network is a problem.

IPv4 Contents Transition Lacking business driven and technology driven for IPv4 Internet contents Providers (ICP) to provide IPv6 contents. For example, the lifecycle of online games is short and deploying IPv6 has long lifecycle of ROI. (Return on Investment) ICPs need carriers’ guidelines or solutions about the IPv4 contents transition. How ICP can provide IPv6 services with the least changes?

Thank you