IPv6: Is Your Network Ready For It?

1
IPv6 Is Your Network Ready For It?
2
IPv4 and its limitation

• The initial design of IPv4 did not anticipate
• Growth of the Internet and Exhaustion of the IPv4
  address space
• Large routing tables in backbone routers
• Flat and hierarchical routing
• Need for simpler address configuration
• Manual
• DHCP
• No native IP level security
• IPSec
• Proprietary security solutions
• Need for better QoS
• TOS field in IPv4
• UDP or TCP ports

3
ABCs of IPv6

• New version of the Internet Protocol
• Developed to alleviate IPv4 address exhaustion
• Improve upon IP protocol based on operational
  experience of IPv4 in the Global Internet
• 128 bit addressing
• Simplified header makes forwarding algorithms
  more efficient
• New extensions and options
• Neighbor Discovery subsystem replaces ARP
• Requires Path MTU Discovery eliminates
  fragmentation in transit
• No more ARP
• Neighbor Discovery helps discover adjacencies
• Router advertisement functions for last hop
  configuration
• Dynamic provisioning components as well as DHCPv6

4
IPv4 and IPv6 Feature Comparison
Feature IPv4 IPv6
Address Length 32 bits 128 bits
Fragment Hosts and Routers Hosts only
Checksum in Header Yes No
Options in Header Yes No
Link-layer Address Resolution ARP (broadcast) Neighbor Discovery (multicast)
Multicast membership IGMP MLD
Router Discovery Optional Yes
Uses broadcasts Yes No
Address Assignment Manual or DHCP Auto-Configuration
IPSec Support Optional Yes
QoS Support Some Better
DNS Name queries DNS Reverse Lookups A records IN-ADDR.ARPA AAAA and A6 Records IP6.INT
5
IPv6 Trends

• Flexibility is the key trend in IPv6 today
• Basic data-plane handling is standardized
• But, transition technologies (tunneling,
  interworking and migration) are still in relative
  flux
• Importance of flexibility in data plane
• Importance of Wirespeed IPv6 support
• Data plane, network layer IPv6 forwarding
• Wirespeed Transition protocols

6
IPv6 Drivers

• 3G services multimedia and triple-play
  convergences
• Peer-to-Peer Networking and Computing
• File sharing and Instant Messaging
• Home-networking
• Networked-domestic appliances
• VoIP
• Home Entertainment systems Manufacturers
• Online gaming software developers
• Or Essentially any services with significant IP
  addressing requirement will benefits from
  adopting IPv6. The benefits are unique
  addressing, autoconfiguration, renumbering and
  globally routable.

7
Who is asking for IPv6 Today?

• North America
• Department of Defense
• Federal Government
• Universities
• Application and OS vendors
• Europe
• EU governments
• Interest from 3G community telecommunications
  (mobile) sector
• Getting some initial interest from the ISP
  community
• Japan, Korea and China (Fast Growing.)
• Educational market
• Service Providers
• Government
• Internet Appliance vendors (IPv6-enabled devices)
• Asia
• Everyone (Singapore, Thailand, etc)
• Worldwide Trends
• Started off primarily in Asia and Europe, but US
  is picking up dramatically

8
A recent IPv6 survey results(with 200
Government IT Managers)

• About 43 percent of respondents said they'd
  inventoried their existing devices for
  IPv6-readiness.
• Interestingly, 51 percent said they'd implement
  IPv6 all the way to the desktop (the current
  mandate applies only to network backbones by June
  2008).
• Just 14 percent said implementation is underway
  at their agency ( but with two years to go,
  that's not shocking)
• Less than 8 percent said their agencies had
  finished their transition plans (not shocking
  either).
• 4 percent actually said they were done.

• In fact, what the survey actually says
• IPv6 is seen as an IT issue, not a business issue
• Security is the top reason to move to IPv6
• Most had no idea what their agencies were doing
  with IPv6

http//www.gcn.com/blogs/tech/41168.html
9
IPv6 is out there are you ready ?

• IPv6 is readily available for Windows
  2000/XP/2003, MAC-OS, Linux
• As IPv6 traffic may enter the network, the
  infrastructure needs to be made ready for it to
  protect you
• ACL security
• IP Address Security (equivalents to ARP, ICMP and
  DHCP security and monitoring)
• DoS testing of the infrastructure
• To turn on IPv6, control plane needs to be
  supported
• L2 ICMPv6, MLD Snooping,
• L3 static routes, RIPng, OSPFv3,
• IPv6 enabled applications (Telnet, SSH,
  traceroute, pingv6, )
• There is no D-Day youll need Interworking /
  Migration technologies (6to4, conf tunnels, ...)

10
IPv6 Transition Mechanisms

• IPv4 and IPv6 will coexist and migration will
  take years
• Dual-Stack, Tunnelling and Translation

11
Extreme Networks Vision on IPv6

• Massive proliferation of devices
• New and more demanding applications on a global
  level
• The changing role of networks in conducting
  business

12
Extreme Solution
Extreme introduced a family of simple, fast,
highly intelligent, hardware-based switches to
replace complex software-based routers

• Extreme Technology Revolution
• Wire Speed Gigabit Ethernet ASICs
• Native QoS and Security Features
• Enhanced Traffic Shaping
• Consistent Software Management
• Full Standards Based Layer 3 Features
• Simpler Management Applications

Ethernet and IP Everywhere
13
Extreme History with IPv6

• Extreme Networks was one of the first vendors to
  release IPv6 software, Extreme began IPv6
  development as early as year 2000 with a team
  that has over 18 combined person-years of IPv6
  experience, with members of the team that
  implemented the worlds first IPv6 implementation
  in 1995 at Naval Research Lab.
• Participating in IPv6 Demonstration Collaborative
  Initiative in conjunction with the University of
  New Hampshire Interoperability Labs (Moonv6)
• The tests will demonstrate the functionality of
  IPv6 including proper base specification, routing
  and mobility functions with the network
  infrastructure supporting DNS for IPv6, NFS,
  streaming media, common business applications and
  Web browsing.
• Success customer Telecom Italia Lab (TILAB)

14
Extreme Hardware
BlackDiamond 10K/12K
15
Extreme Software - XOS

• Highly Available Modular OS
• Memory protection
• Process Monitoring and Restart
• Hitless failover/upgrade
• DoS Protection
• Open-ness - Add New features faster
• POSIX APIs gives a great starting point for new
  code
• XML data representation and APIs enable easy
  integration with best-of-breed software and
  appliances
• TCL and scriptable CLI enable easier management

16
Edge to Core IPv6 Enabled Infrastructure
Dual-stack in clients, Unified Access,
Intelligent Core and servers. Telnet, SSH, Ping,
Traceroute
BD 8800 Summit X450
BD10K
IPv6 ACLs for Security at the Edge and in the Core

• L2 infrastructure
• MLD v1/v2 router requirements,
• ICMPv6 router requirements with Path MTU Discovery

L2 hardware assisted forwarding, 9K Jumbo Frames,
Protocol based VLANs
L3 Routing OSPFv3, RIPng, Static Routes
L3 Hardware assisted L3 forwarding. Hardware
assisted configured tunnels and 6to4 to connect
between v6 islands locally and through the
internet. High performance in Core
17
Are You Ready for IPv6?!!