Presentation is loading. Please wait.

Presentation is loading. Please wait.

Bringing IPv6 connectivity to the general public.

Published byNatalia Pottle Modified over 9 years ago

Similar presentations

Presentation on theme: "Bringing IPv6 connectivity to the general public."— Presentation transcript:

1 http://www.ipng.nl/ Bringing IPv6 connectivity to the general public

2 IIR - Feb2002Pim van Pelt 2 Contents Pim van Pelt, Business Internet Trends pim@ipng.nl IP next generations http://www.ipng.nl/

3 IIR - Feb2002Pim van Pelt 3 Contents Introduction: What is a tunnel broker Why should we develop/maintain them Whom should we address Part two: How did IPng tackle things Which services do we provide Open discussion: how to procede?

4 IIR - Feb2002Pim van Pelt 4 0.0 Tunnelbroker A term for an IPv4/IPv6 connected host IPv6 connectivity via proto-41 tunnels IPv4 connectivity at a well connected site Informative web- and portal site A place where end users can turn to with operational matters Tracking and active maintenance of: Users and their activities Peering and transit issues

5 IIR - Feb2002Pim van Pelt 5 0.1 Why deploy ? Bring IPv6 to the public Advocate the use of IPv6 properly to end users (company and individual) Gain a user base, and thus: Gain expertise on the matter with a live network Collect invaluable feedback from the field Present cases and bug reports to vendors

6 IIR - Feb2002Pim van Pelt 6 0.2 Whom to address ? Companies Enabling engineers to take a look at the operational tasks in IPv6 Stimulating provision: top-down from ISP to end user Private individuals Gaining a higher educational level of Internet users Creating demand: bottom-up from end user to ISP

7 IIR - Feb2002Pim van Pelt 7 1.0 Tunnelbroker system Find an answer to the following topics: IPv6 aggregation – pTLA or sTLA Local user authenticity, validity Database structure Tunnelserver OS choice Tunnelserver configuration IP filtering and abuse (DDoS) Addressing local users

8 IIR - Feb2002Pim van Pelt 8 1.1 pTLA or sTLA sTLA are production quality, native connection oriented, b2b pTLA are meant for testing deployments (using proto-41 tunneling), b2bc IPng uses pTLA because Absence of official collaboration between network operators Use of tunnels degrades network stability

9 IIR - Feb2002Pim van Pelt 9 1.2 Registering users Name, address, phone number We require users to create person objects at the 6bone registry Needed to create preliminary barrier Help keeping abuse kids out Help administer IPng at whois.6bone.net We use the nichdl to uniquely identify the user

10 IIR - Feb2002Pim van Pelt 10 1.3 DB Structure MySQL is DBM of choice Table of users, by nichdl Table of tunnels, one per nichdl Table of subnet allocations, one per tunnel Blacklist and deletion tracking Recividist malicious users IPv4 networks denied access (prior abuse) Notes and things for internal use Reasons for tunnel deletion

11 IIR - Feb2002Pim van Pelt 11 1.4 OS choice Linux Pro: dynamic amt of tunnel devices (sit) and /proc for device stats gathering Con: difficult scope handling, uncertain stability BSD Pro: decent IP filtering, proper scope handling (ff02::2%gif0), greater stability Con: static amt. of tunnel devices (gif) Cisco IOS Con: expensive, relatively low pps Pro: solid state, corporate, stable

12 IIR - Feb2002Pim van Pelt 12 1.5 Server config We chose Linux, kernel 2.4 Simple scripting for tunnel maintenance Newtunnel.sh, newsubnet.sh, movetunnel.sh Automatic mailing system with autoresponses Possibility of ‘cronned’ tasks Packet/octet counters Hourly pingstats and daily uptime checks Dynamic filtering Ease of use – perl, sh, pike, c(++)

13 IIR - Feb2002Pim van Pelt 13 1.6 Daily maintenence Traffic statistics (five-minutely) Track bandwidth consumption (bps) Find possible attack victims (pps) rrdtool by Tobias Oetiker Ping statistics (hourly) Check latency Check packet loss Check availability of remote endpoint fping ported by Jeroen Massar

14 IIR - Feb2002Pim van Pelt 14 1.6 Daily maintenence Downtime check (once daily) Mail users with excess downtime Try to keep them motivated Alternatively: Get rid of non-participating users DNS checkup (four times a day) Do not delegate downstream DNS (lame) Grab zone files, process them into a large zone file and publish this via IPng DNS Shellscripts for unix, dig(1) and bind 9.2

15 IIR - Feb2002Pim van Pelt 15 1.7 IP filtering Handle IPv4 incoming traffic Accept traffic only from known destinations Handle IPv4 outgoing traffic Never send proto-41 traffic to unexpecting nodes 24/7 static IP for remote users Deny non-local IPv6 traffic from downstreams

16 IIR - Feb2002Pim van Pelt 16 1.8 DDoS attacks Public IPv6 sites get attacked too Primary reason: IRC abuse Take care with unknown users on IRC Common attack forms Stacheldraht UDP/TCP fragmentation attacks Let IPv4 transit providers block your tunnel endpoint at their border, allow only proto-41 Use PI space and don’t announce to transit providers (no route to you from non peered nets)

17 IIR - Feb2002Pim van Pelt 17 2.0 Services provided Stimulation of end users and companies IPv6-only public services, such as IRC (chat) server SMS portal Webhosting Mail and DNS service

18 IIR - Feb2002Pim van Pelt 18 2.1 Expertise gained Feedback from the users to the vendor User remarks, requests, findings Representing users at conferences Feedback from community to users Relaying new policies from 6bone Forming and commenting on RFCs

19 IIR - Feb2002Pim van Pelt 19 3.0 Progress Future plans include Prolongued tunnelbroker activity Roadmap for ISPs in the Netherlands Creating and maintaining IPv6 exchange points (Ede)

20 IIR - Feb2002Pim van Pelt 20 3.1 Roadmap to IPv6 A working group of predominantly Dutch ISPs (xs4all, bit, intouch) Creating a step-by-step introduction for AMS-IX connected sites Consulting, helping and explaining these businesses how they could start to use IPv6 Ultimately: interconnecting their AS

21 IIR - Feb2002Pim van Pelt 21 3.2 IX activity Connecting to AMS-IX natively Jumpstarting traffic exchange on own hardware – respecting AMS-IX board Offering alternative peering points Ede, Gelderland Almere, Flevoland Amsterdam, Zuid Holland Interconnecting these Exchanges

22 IIR - Feb2002Pim van Pelt 22 3.3 Collaboration Each company chips in to create European and global consensus on how to educate new ISPs and telco industries We offer support and software for those wanting to set up a tunnelbroker

23 IIR - Feb2002Pim van Pelt 23 3.4 Discussion Questions, comments, discussion. Dutch contact: pim@ipng.nlpim@ipng.nl Foreign input much appreciated

Download ppt "Bringing IPv6 connectivity to the general public."

Similar presentations

Computer Networks TCP/IP Protocol Suite.

Computer Networks TCP/IP Protocol Suite.
1 An Update on Multihoming in IPv6 Report on IETF Activity IPv6 Technical SIG 1 Sept 2004 APNIC18, Nadi, Fiji Geoff Huston.

1 An Update on Multihoming in IPv6 Report on IETF Activity IPv6 Technical SIG 1 Sept 2004 APNIC18, Nadi, Fiji Geoff Huston.
Network Monitoring System In CSTNET Long Chun China Science & Technology Network.

Network Monitoring System In CSTNET Long Chun China Science & Technology Network.
Security Issues In Mobile IP

Security Issues In Mobile IP
Copyright (c) 2002 Japan Network Information Center Introduction of JPNICs New Registry System Izumi Okutani IP Address Section Japan Network Information.

Copyright (c) 2002 Japan Network Information Center Introduction of JPNICs New Registry System Izumi Okutani IP Address Section Japan Network Information.
1 Taiwan Routing table statistics – a new service in TWNIC Ching-Heng Ku IP Department TWNIC.

1 Taiwan Routing table statistics – a new service in TWNIC Ching-Heng Ku IP Department TWNIC.
Multihoming and Multi-path Routing

Multihoming and Multi-path Routing
Multihoming and Multi-path Routing

Multihoming and Multi-path Routing
IPv6 Transition for Enterprises Light Reading Live 14 July 2011 John Curran President and CEO ARIN.

IPv6 Transition for Enterprises Light Reading Live 14 July 2011 John Curran President and CEO ARIN.
Planning Your Conversion from IPv4 to IPv6 John Curran ARIN President & CEO This presentation describes the impending depletion of Internet Protocol version.

Planning Your Conversion from IPv4 to IPv6 John Curran ARIN President & CEO This presentation describes the impending depletion of Internet Protocol version.
Deploying IPv6: The time is now Are you ready? SFTA 24 May 2012 John Curran President and CEO, ARIN.

Deploying IPv6: The time is now Are you ready? SFTA 24 May 2012 John Curran President and CEO, ARIN.
IPv6: No Longer Optional John Curran President & CEO, ARIN.

IPv6: No Longer Optional John Curran President & CEO, ARIN.
Disruption (and Recovery) of the ISP Business Model with IPv4 Depletion PTC12 15 January 2012 John Curran President and CEO, ARIN.

Disruption (and Recovery) of the ISP Business Model with IPv4 Depletion PTC12 15 January 2012 John Curran President and CEO, ARIN.
Demystifying IPv6: Ensuring a Smooth Transition John Curran ARIN President & CEO This presentation describes the impending depletion of Internet Protocol.

Demystifying IPv6: Ensuring a Smooth Transition John Curran ARIN President & CEO This presentation describes the impending depletion of Internet Protocol.
R I P E N e t w o r k C o o r d i n a t i o n C e n t r e. h t t p : / / w w w. r i p e. n e t. n c r i p e. n e t 1 The Internet Registry System IPv4.

R I P E N e t w o r k C o o r d i n a t i o n C e n t r e. h t t p : / / w w w. r i p e. n e t. n c r i p e. n e t 1 The Internet Registry System IPv4.
Jeopardy Q 1 Q 6 Q 11 Q 16 Q 21 Q 2 Q 7 Q 12 Q 17 Q 22 Q 3 Q 8 Q 13

Jeopardy Q 1 Q 6 Q 11 Q 16 Q 21 Q 2 Q 7 Q 12 Q 17 Q 22 Q 3 Q 8 Q 13
Jeopardy Q 1 Q 6 Q 11 Q 16 Q 21 Q 2 Q 7 Q 12 Q 17 Q 22 Q 3 Q 8 Q 13

Jeopardy Q 1 Q 6 Q 11 Q 16 Q 21 Q 2 Q 7 Q 12 Q 17 Q 22 Q 3 Q 8 Q 13
1 Linux IP Masquerading Brian Vargyas XNet Information Systems.

1 Linux IP Masquerading Brian Vargyas XNet Information Systems.
1 Processes and Threads Creation and Termination States Usage Implementations.

1 Processes and Threads Creation and Termination States Usage Implementations.
Peer-to-peer and agent-based computing Peer-to-Peer Computing: Introduction.

Peer-to-peer and agent-based computing Peer-to-Peer Computing: Introduction.

Similar presentations

Ads by Google