Presentation is loading. Please wait.

Presentation is loading. Please wait.

Managing IP addresses for your private clouds 2013 ASEAN CAS Summit Bangkok, Thailand 7 February 2013 George Kuo Member Services Manager.

Published byCharity Jowett Modified over 9 years ago

Similar presentations

Presentation on theme: "Managing IP addresses for your private clouds 2013 ASEAN CAS Summit Bangkok, Thailand 7 February 2013 George Kuo Member Services Manager."— Presentation transcript:

1 Managing IP addresses for your private clouds 2013 ASEAN CAS Summit Bangkok, Thailand 7 February 2013 George Kuo Member Services Manager

2 Overview Introduction to APNIC and Regional Internet Registries Why your own IP addresses for your clouds? Questions to ask your cloud service providers IPv6 security How to get IP addresses ? Internet resource management policies 2

3 Introduction to APNIC & Regional Internet Registries 3

4 Regional Internet Registries 4 The Internet community established the RIRs to provide fair access and consistent resource distribution and registration throughout the world.

5 What is APNIC? The Regional Internet Registry (RIR) for the Asia Pacific –Delegates IP addresses and AS numbers –Maintains the APNIC Whois Database –Manages reverse DNS delegations Not-for-profit and membership based organization –3,400+ Members –100+ Members in Thailand –NOT a domain name registry 5

6 APNIC’s Mission Assist the Asia Pacific Internet community in effective Internet resources management and distribution Support regional Internet infrastructure building Seek public consideration of issues that benefit Members and the community Coordinate and facilitate Internet resource policy development Provide training and outreach on resource management and APNIC services 6

7 Why your own IP addresses for your clouds? 7

8 Service provider networks –A key component in service provision –Addresses to be assigned to infrastructure and customers Independent networks –Addresses to be used for their own networks –Allows easier management of multiple connections to ISPs/IXPs –Removes the need to renumber when changing upstream providers

9 Questions to ask your cloud service providers 9

10 Private IP addressing has its limitations. Are you numbering cloud hosts in public or private addresses? –Private: How many customers share the NAT interface to the public Internet? –Public: Does the provider have enough addresses to meet your future needs? IP address portability –If you have access to a block of public addresses, does the provider have the capability to use them in provisioning your cloud solution? What are the costs involved? –Are you being charged for public IP addresses? 10

11 Questions to ask your cloud service providers Does the provider rely on NAT and CGN for their security? –NAT and CGN are not all of your security –You need proper configuration and ACL reflecting your function and needs, e.g. inbound SSH only for your back office network, outbound only to your specified clients How much shared infrastructure between cloud customers and your specific needs? –Shared access path potentially shared risks Does the cloud provider understand IPv6? –For future growth and and demand, start early, gain experience –Be aware of difference in IPv6 security 11

12 IPv6 security Mostly the same as IPv4 –ACL are basically the same –ICMPv6 substantially different, do not block most ICMPv6, it’s needed for pMTU discovery…etc –Be aware of different IP fragmentation behaviour New class of risks –Stateless auto config (SLAAC) –Switch ND exhaustion (DDOS attack) –Get proper IPv6 aware managed switches, they should offer mitigation against both risks 12

13 How to get IP addresses 13

14 How to get IP addresses Service providers and independent network operators get their IP addresses from their Internet Registry –Maximum /22 (1,024 addresses) of IPv4 –Initial /48 to /32 of IPv6 –Must meet current policy criteria Casual users get their IP addresses from their service provider (ISP, hosting, data centre etc.)

15 How to get IP addresses Online request form –www.apnic.net/memberwww.apnic.net/member Need support ? –Contact APNIC Member Services Helpdesk –Monday to Friday, 09:00 to 21:00 (UTC +10) –www.apnic.net/helpdesk

16 Policy criteria 16

17 Policies Service providers –IPv4 criteria Have used a /24 from their upstream provider or demonstrate an immediate need for a /24, Demonstrate a detailed plan for use of a /23 within a year –IPv6 criteria Have existing IPv4, or Plan to provide IPv6 connectivity and make 200 customer assignments in 2 years

18 Policies Independent networks –IPv4 criteria Connected or plan to connect within 3 months to multiple ISPs/IXPs, or Running an IXP (Internet Exchange Point), or Running an Internet critical infrastructure e.g. –Root domain name system (DNS) server; –Global top level domain (gTLD) nameservers; –Country code TLD (ccTLDs) nameservers; –National/Regional Internet Registry

19 Policies Independent networks –IPv6 criteria automatically eligible for a minimum IPv6 portable assignment if previously justified an IPv4 portable assignment from APNIC Running an IXP (Internet Exchange Point), or Running an Internet critical infrastructure e.g. –Root domain name system (DNS) server; –Global top level domain (gTLD) nameservers; –Country code TLD (ccTLDs) nameservers; –National/regional Internet Registry

20 Questions? 20

21 Thanks! George Kuo, Member Services Manager 21

Download ppt "Managing IP addresses for your private clouds 2013 ASEAN CAS Summit Bangkok, Thailand 7 February 2013 George Kuo Member Services Manager."

Similar presentations

Introduction to ARIN and the Internet Registry System.

Introduction to ARIN and the Internet Registry System.
APNIC Internet Routing Registry Routing SIG APNIC-15, Taipei 26 February 2003.

APNIC Internet Routing Registry Routing SIG APNIC-15, Taipei 26 February 2003.
Handling Internet Network Abuse Reports at APNIC 21 October 2010 LAP-CNSA Workshop, Melbourne George Kuo.

Handling Internet Network Abuse Reports at APNIC 21 October 2010 LAP-CNSA Workshop, Melbourne George Kuo.
Introduction to ARIN and the Internet Registry System.

Introduction to ARIN and the Internet Registry System.
IPv6: The Future of the Internet? July 27th, 1999 Auug.

IPv6: The Future of the Internet? July 27th, 1999 Auug.
IPv6 Addressing – Status and Policy Report Paul Wilson Director General, APNIC.

IPv6 Addressing – Status and Policy Report Paul Wilson Director General, APNIC.
APNIC Update 1. 2 3 IPv4 Exhaustion Reached “Final /8” on 15 April 2011 103.0.0.0/8 New allocation policy activated Up to /22 per member From 15 April.

APNIC Update IPv4 Exhaustion Reached “Final /8” on 15 April /8 New allocation policy activated Up to /22 per member From 15 April.
APNIC Update The state of IP address distribution and its impact to business operations 1 Elly Tawhai Senior Internet Resource Analyst/Liaison Officer,

APNIC Update The state of IP address distribution and its impact to business operations 1 Elly Tawhai Senior Internet Resource Analyst/Liaison Officer,
Introduction to ARIN and the Internet Registry System.

Introduction to ARIN and the Internet Registry System.
AussieISP Fall ‘99 Sydney, 9 April 1999 Overview and Status Report.

AussieISP Fall ‘99 Sydney, 9 April 1999 Overview and Status Report.
A S I A P A C I F I C N E T W O R K I N F O R M A T I O N C E N T R E APNIC Introduction and Overview ITU/PITA Joint Workshop Brisbane, October 2001.

A S I A P A C I F I C N E T W O R K I N F O R M A T I O N C E N T R E APNIC Introduction and Overview ITU/PITA Joint Workshop Brisbane, October 2001.
Internet Addressing and the RIR system 11 February 2004 Phnom Penh, Cambodia Paul Wilson, APNIC.

Internet Addressing and the RIR system 11 February 2004 Phnom Penh, Cambodia Paul Wilson, APNIC.
1 APNIC support for Internet development APT/PITA Regional Meeting on ICT for the Pacific 25-27 August 2004, Nadi, Fiji Paul Wilson

1 APNIC support for Internet development APT/PITA Regional Meeting on ICT for the Pacific August 2004, Nadi, Fiji Paul Wilson
1 APNIC Status Report RIPE 48 May 2004 Amsterdam.

1 APNIC Status Report RIPE 48 May 2004 Amsterdam.
APNIC Update Paul Wilson Director General. APNIC RIR for Asia Pacific –IP address allocation and management –Open policy development Support for Internet.

APNIC Update Paul Wilson Director General. APNIC RIR for Asia Pacific –IP address allocation and management –Open policy development Support for Internet.
Supporting Internet Growth and Evolution: The Transition to IPv6 Bali IPv6 Summit, Bali 9 June 2010 1 Sanjaya Services Director, APNIC.

Supporting Internet Growth and Evolution: The Transition to IPv6 Bali IPv6 Summit, Bali 9 June Sanjaya Services Director, APNIC.
APNIC Update RIPE 59 October 2009. Overview APNIC Services Update APNIC 28 policy outcomes APNIC Members and Stakeholder Survey Next APNIC Meetings.

APNIC Update RIPE 59 October Overview APNIC Services Update APNIC 28 policy outcomes APNIC Members and Stakeholder Survey Next APNIC Meetings.
A S I A P A C I F I C N E T W O R K I N F O R M A T I O N C E N T R E Internet Registry allocation and assignment Policies.

A S I A P A C I F I C N E T W O R K I N F O R M A T I O N C E N T R E Internet Registry allocation and assignment Policies.
APNIC Policy Update 1 st TWNIC IP Open Policy Meeting 3 December, 2003 Taipei, Taiwan.

APNIC Policy Update 1 st TWNIC IP Open Policy Meeting 3 December, 2003 Taipei, Taiwan.
1 Internet Presentation GCC-IT commity Saleem Al-Balooshi ETISALAT.

1 Internet Presentation GCC-IT commity Saleem Al-Balooshi ETISALAT.

Similar presentations

Ads by Google