Presentation is loading. Please wait.

Presentation is loading. Please wait.

DNS and IP Scalability Communication Systems Design 2002.

Published byCurtis Hunt Modified over 8 years ago

Similar presentations

Presentation on theme: "DNS and IP Scalability Communication Systems Design 2002."— Presentation transcript:

1 DNS and IP Scalability Communication Systems Design 2002

2 2 DNS and IP Scalability  Members  Daniel Hedberg  Liyi Meng  Patrick Brosset  Thomas Wetterberg  YanHong Xu  Principal  B.Svante Eriksson, SCINT  Coach  Fredrik Lilieblad

3 3 Overview  Introduction  DNS  IP Transition  Video  Summary  Q & A

4 4 Overview  Introduction  DNS  IP Transition  Video  Summary  Q & A  Scalability?  Limitation of Scope

5 5 What is Scalability?  Ease of handling changes in volume  Ease of supporting new services

6 6 In the beginning...  DNS security requirements  Quality of Service for VoIP  The growing in routing tables  The load on Internet Exchanges  The lack of IP adresses ...

7 7 Limitation of Scope  DNS and IP Scalability  DNS  Transition - from IPv4 to IPv6

8 8 Overview  Introduction  DNS  IP Transition  Video  Summary  Q & A

9 9 Overview  Introduction  DNS  IP Transition  Video  Summary  Q & A  IPv6  Security  Root Servers  Emerging Services

10 10 DNS  Domain Name System  Distributed Database

11 11 DNS  2 transactions  Query – Response->UDP  Zone Transfers->TCP Size Limit – 512 bytes Connection oriented – large overhead

12 12 DNS and IPv6  Addresses 128 bits  2 DNS records  AAAA  A6 35N56 – N64 010RegistryIDProviderIDSubscriberIDHost 010 3 RegistryID 5 ProviderID N SubscriberID 56 – N Host 64 Fragmented IPv6 address

13 13 DNS and IPv6 Scalability  AAAA and A6->Larger packets  A6 ->More queries

14 14 DNS and Security  DNSSEC  Protect against:  Manipulation of data  Masquerading of data origin  Protects by:  Signing each response  ”Chain of trust”

15 15 DNS and Security Scalability  DNSSEC  Signed records->Larger packets  Check zone keys->More Queries

16 16 DNS services  DNS available  Globally  All the time  Ideal for storage  Public encryption keys  Certificates

17 17 DNS services ENUM – ”Electronic numbers”  Telephone numbers –> URIs  Phone / fax / mobile  IP-telephony / SIP  E-mail / SMS / Voice mail server  Public encryption keys  ENUM using DNS stores information  User decides priority of services  Processing in the host

18 18 DNS services Scalability  New services->More queries  Medium sized packets  Risk of packet growth

19 19 Root servers  Critical for all DNS operation  Need for One, Unique root

20 20 Root servers  Limited number - 13  Zone transfer by UDP  Uneven distribution

21 21 Root server Operation  Load –> 5 000-8 000 queries/second  Can handle 40 000 - 50 000 q/s  2/3 can go down without loosing service  ”Normal” computers

22 22 Root server Scalability  Traffic volume increases  IPv6 addresses

23 23 DNS Conclusions  Volume will increase  Split a zone -> share the load ”DNS is the most scalable database ever designed” – Johan Ihrén, Autonomica  Packet size will increase  DNSSEC  IPv6  IPv6 + DNSSEC  New services + DNSSEC  UDP packets to small -> TCP connections

24 24 DNS Conclusions (cont.)  Solution already designed – IPv6  UDP packet size 1280 bytes  Will take time to implement  IPv6 queries will be routed over IPv4

25 25 Overview  Introduction  DNS  IP Transition  Video  Summary  Q & A

26 26 Overview  Introduction  DNS  IP Transition  Video  Summary  Q & A  Overview  Mechanisms  Conclusions

27 27 Why do we need IP Transition?

28 28 IP transition

29 29 IP Transition strategies  Company Level  IPv6 over IPv4 tunnels  Translation mechanisms  ISP / Backbone  IPv6 over dedicated datalink  IPv6 over MPLS backbone  Dual stack backbones

30 30 What did we do?  Dual Stack  6to4  ISATAP  NAT-PT  Teredo  Because  Focus on finding solutions for company users  Not all implementations are available  Time limitation

31 31 About the test The test measure:  Throughput – FTP, HTTP  Path characteristics (Delay, bottleneck, queuing) – pchar  Packet loss – MGEN All these results are compared between IPv4, transition and IPv6

32 32 Transition mechanism  Dual Stack  6to4  ISATAP  NAT-PT  Teredo

33 33 Dual Stack How it works

34 34 Dual Stack Features & Limitations  IPv4 Requirements  1 IPv4 address per host  IPv4 connectivity remains  Scale-up of hardware and software  Implementation all at once  More processing and memory in the router to manage both IPv4 & IPv6  DNS requirements  AAAA records.

35 35 Dual Stack Features & Limitations  Support of services  end-to-end  real-time  Mobile IP  Multicasting  Open Acess Network  Flow labels  Anycast  Connectivity/Reliability  Same connectivity as a pure IPv6 network

36 36 Dual Stack Conclusion  Benefits  Important technology for other mechanisms  Have every support that IPv6 has  Limitations  Double-work and management

37 37 Transition mechanism  Dual Stack  6to4  ISATAP  NAT-PT  Teredo

38 38 6to4 How it works

39 39 6to4 Features & Limitations  IPv4 Requirements  1 IPv4 address per site  Scale-up of hardware and software  Implementation all at once  further scale-up very easy  DNS requirements  IPv6 DNS  6to4 tunnel won’t work through NAT

40 40 6to4 Features & Limitations  Support of services  end-to-end  real-time  Mobile IP: not supported (IPv4).  Flow labels not supported.  Connectivity/Reliability  Effect of a router going down  Performances  - 5%

41 41 6to4 Our Testing network

42 42 6to4 Test Result Throughput

43 43 6to4 Test Result Path characteristics

44 44 6to4 Test Result The Packet Loss

45 45 6to4 Conclusion  Benefits  Easy to startup  No management overhead in the future  Limitation  Tunneling can not go through NAT box  Maybe loss connectivity when tunneling over IPv4 island  User  Suitable for companies that want to migration to IPv6 all at once.

46 46 Transition mechanism  Dual Stack  6to4  ISATAP  NAT-PT  Teredo

47 47 ISATAP How it works  Intra-Site  Communication between two IPv6 nodes over an IPv4 network  Host automatically creates a tunnel to an ISATAP router

48 48 ISATAP How it works

49 49 ISATAP Features & Limitations  IPv4 Requirements  1 IPv4 address per ISATAP host  IPv4 connectivity remains  Scale-up of hardware and software  Implementation step-by-step  further scale-up easy  DNS requirements  Well-known service ISATAP (for hosts)  AAAA records.  Won't work through a NAT

50 50 ISATAP Features & Limitations  Support of services  end-to-end  real-time  private IPv4 addresses  Mobile IP: not supported (IPv4)  Flow labels not supported  Connectivity/Reliability  ISATAP router is the critical point  Performances  - 3%

51 51 ISATAP Our Testing network

52 52 ISATAP Test Result Throughput

53 53 ISATAP Test Result Path characteristics

54 54 ISATAP Test Result Packet Loss

55 55 ISATAP Conclusion  Benefits  Suits very well for companies deploying IPv6 step-by-step.  Setup easy.  Further scale-up easy.  Limitation  Still relies on IPv4 infrastructure.  User  Big company networks

56 56 Transition mechanism  Dual Stack  6to4  ISATAP  NAT-PT  Teredo

57 57 NAT-PT How it works Network Address Translation- Protocol Translation Works for communication between IPv6 only host and IPv4 only host

58 58 NAT-PT How it works FEDC:BA98::7654:3210 IPv6 server IPV4 only network IPv6 native network NAT-PT IPv6 host IPv4 server IPv4 host 132.146.243.30 (DNS-ALG) SA=FEDC:BA98::7654:3210 DA=PREFIX::132.146.243.30 SA=120.130.26.10 DA=132.146.243.30

59 59 NAT-PT Features & Limitations IPv4 requirements At least one global address Scale-up Configuration all at once Further scale-up easy DNS requirements ALG

60 60 NAT-PT Features & Limitations Connectivity NAT box easy to overload NAT box = critical point Support of services Breaks end-to-end principle

61 61 NAT-PT Conclusion Benefits: Enables interoperation between pure IPv4 and pure IPv6 Limitations: End-to-end connectivity Security Users: Suitable for a new IPv6 company A temporary patch before entire migration

62 62 Transition mechanism  Dual Stack  6to4  ISATAP  NAT-PT  Teredo

63 63 Teredo How it works  Tunneling over UDPv4 through NAT  Teredo server  Teredo relay connects to IPv6

64 64 Teredo How it works

65 65 Teredo Features & Limitations  IPv4 Requirements  All hosts behind the NAT share on a pool of addresses  Scale-up of hardware and software  Implementation step-by-step  DNS requirements  Dynamic updates on DNS  AAAA records

66 66 Teredo Features & Limitations  Support of services  real-time (might be possible)  private IPv4 addresses  Mobile IP: not supported  Flow labels not supported  Connectivity/Reliability  If the Teredo server, relay or NAT box goes down, connections break down...

67 67 Teredo Conclusion  Benefit  enables tunnel through a NAT box  Limitation  3 critical points  User  Big company networks that have a NAT implemented and want IPv6 connectivity

68 68 Overview  Introduction  DNS  IP Transition  Video  Summary  Q & A  Overview  Mechanisms  Conclusions

69 69 IP transition Conclusions Facts  Degradation of throughput not significant  Packet loss also acceptable in most cases.  IPv6 “strange” delay  Early-state applications  Tunnel links are a bottleneck  extra processing  Our conclusion

70 70 IP transition Conclusions Recommendations  Smaller case  Small network  Able to migrate all at once  Pure IPv6 + 6to4 + NAT- PT  Further scale-up easy

71 71 IP transition Conclusions Recommendations  larger case  Large company network  Cannot configure all at once  ISATAP  Setup easy  Private addresses supported  Further scale-up easy

72 72 IP transition Conclusions Lab sessions experience  Lot’s of configuration problems  Test more difficult  6to4 standardized  Draft state OS’s and applications  But most of the technics are workable  Now it’s time to migrate!

73 73 Overview  Introduction  DNS  IP Transition  Video  Summary  Q & A

74 74 Video – Start projektor

75 75 Overview  Introduction  DNS  IP Transition  Video  Summary  Q & A

76 76 Summary DNS  Volume will increase  No problem  Packet size will increase  Problem!  UDP packets to small -> TCP connections  Solution excists -> IPv6

77 77 Summary IP Transition  Mechanims work well  Choose the one that fits your needs

78 78 Overview  Introduction  DNS  IP Transition  Video  Summary  Q & A

Download ppt "DNS and IP Scalability Communication Systems Design 2002."

Similar presentations

1 IPv6 and IPv4 Interoperation and Transition Tony Hain co-chair IETF ngtrans WG

1 IPv6 and IPv4 Interoperation and Transition Tony Hain co-chair IETF ngtrans WG
IPv4 - IPv6 Integration and Coexistence Strategies Warakorn Sae-Tang Network Specialist Professional Service Department A Subsidiary.

IPv4 - IPv6 Integration and Coexistence Strategies Warakorn Sae-Tang Network Specialist Professional Service Department A Subsidiary.
Transitioning to IPv6 April 15,2005 Presented By: Richard Moore PBS Enterprise Technology.

Transitioning to IPv6 April 15,2005 Presented By: Richard Moore PBS Enterprise Technology.
Computer Networks20-1 Chapter 20. Network Layer: Internet Protocol 20.1 Internetworking 20.2 IPv4 20.3 IPv6.

Computer Networks20-1 Chapter 20. Network Layer: Internet Protocol 20.1 Internetworking 20.2 IPv IPv6.
20.1 Chapter 20 Network Layer: Internet Protocol Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.

20.1 Chapter 20 Network Layer: Internet Protocol Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.
Project by: Palak Baid (pb2358) Gaurav Pandey (gip2103) Guided by: Jong Yul Kim.

Project by: Palak Baid (pb2358) Gaurav Pandey (gip2103) Guided by: Jong Yul Kim.
© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 W. Schulte Chapter 5: Network Address Translation for IPv4  Connecting.

© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 W. Schulte Chapter 5: Network Address Translation for IPv4  Connecting.
Implementing IPv6 Module B 8: Implementing IPv6

Implementing IPv6 Module B 8: Implementing IPv6
Sergei Komarov. DNS  Mechanism for IP hostname resolution  Globally distributed database  Hierarchical structure  Comprised of three components.

Sergei Komarov. DNS  Mechanism for IP hostname resolution  Globally distributed database  Hierarchical structure  Comprised of three components.
© 2007 Cisco Systems, Inc. All rights reserved.ICND2 v1.0—7-1 Address Space Management Transitioning to IPv6.

© 2007 Cisco Systems, Inc. All rights reserved.ICND2 v1.0—7-1 Address Space Management Transitioning to IPv6.
© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Lecture15: Network Address Translation for IPv4 Connecting Networks.

© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Lecture15: Network Address Translation for IPv4 Connecting Networks.
1 Teredo - Tunneling IPv6 through NATs Date: 2003-10-31 Speaker: Quincy Wu National Chiao Tung University.

1 Teredo - Tunneling IPv6 through NATs Date: Speaker: Quincy Wu National Chiao Tung University.
IPv4 & IPv6 Coexistence & Migration Joe Zhao SW2 Great China R&D Center ZyXEL Communications, Inc.

IPv4 & IPv6 Coexistence & Migration Joe Zhao SW2 Great China R&D Center ZyXEL Communications, Inc.
20.1 Chapter 20 Network Layer: Internet Protocol Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.

20.1 Chapter 20 Network Layer: Internet Protocol Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.
Enabling IPv6 in Corporate Intranet Networks

Enabling IPv6 in Corporate Intranet Networks
17/10/031 Summary Peer to peer applications and IPv6 Microsoft Three-Degrees IPv6 transition mechanisms used by Three- Degrees: 6to4 Teredo.

17/10/031 Summary Peer to peer applications and IPv6 Microsoft Three-Degrees IPv6 transition mechanisms used by Three- Degrees: 6to4 Teredo.
1 Internet Protocol Version 6 (IPv6) What the caterpillar calls the end of the world, nature calls a butterfly. - Anonymous.

1 Internet Protocol Version 6 (IPv6) What the caterpillar calls the end of the world, nature calls a butterfly. - Anonymous.
Cs/ee 143 Communication Networks Chapter 6 Internetworking Text: Walrand & Parekh, 2010 Steven Low CMS, EE, Caltech.

Cs/ee 143 Communication Networks Chapter 6 Internetworking Text: Walrand & Parekh, 2010 Steven Low CMS, EE, Caltech.
Security in VoIP Networks Juan C Pelaez Florida Atlantic University Security in VoIP Networks Juan C Pelaez Florida Atlantic University.

Security in VoIP Networks Juan C Pelaez Florida Atlantic University Security in VoIP Networks Juan C Pelaez Florida Atlantic University.
An Overview of IPv6 Transition/Co-existence Technologies Fernando Gont UTN/FRH LACNOG 2010 Sao Paulo, Brazil, October 19-22, 2010.

An Overview of IPv6 Transition/Co-existence Technologies Fernando Gont UTN/FRH LACNOG 2010 Sao Paulo, Brazil, October 19-22, 2010.

Similar presentations

Ads by Google