Internet2 IPv6 Workshop

About This Presentation

Title:

Internet2 IPv6 Workshop

Description:

Internet2 IPv6 Workshop Grover Browning, Bill Cerveny, Dale Finkelson, Michael Lambert, Brent Sweeny, Bill Owens and a cast of dozens – PowerPoint PPT presentation

Number of Views:286

Avg rating:3.0/5.0

Slides: 167

Provided by: BenC67

Category:

more less

Transcript and Presenter's Notes

Title: Internet2 IPv6 Workshop

1
Internet2 IPv6 Workshop

Grover Browning, Bill Cerveny, Dale Finkelson,
Michael Lambert, Brent Sweeny, Bill Owens and a
cast of dozens

2
IPv6 Addressing
3
Overview of Addressing

Historical aspects
Types of IPv6 addresses
Work-in-progress
Abilene IPv6 addressing

4
Historical Aspects of IPv6

IPv4 address space not big enough
Cant get needed addresses (particularly outside
Americas)
Resort to private (RFC1918) addresses
Competing plans to address problem
Some 64-bit, some 128-bit
Current scheme unveiled at Toronto IETF (July
1994)

5
Types of IPv6 Addresses

Like IPv4
Unicast
Multicast
Anycast
but designed into specifications from the
beginning

6
Representation of Addresses

All addresses are 128 bits
Write as sequence of eight sets of four hex
digits (16 bits each) separated by colons
Leading zeros in group may be omitted
Contiguous all-zero groups may be replaced by
Only one such group can be replaced

7
Examples of Writing Addresses

3ffe3700020000ff0000000000000001
can be written
3ffe3700200ff0001
or
3ffe3700200ff1

8
Interface Identifiers

Sixty-four bit field
Guaranteed unique on subnet
Essentially same as EUI-64
Formula for mapping IEEE 802 MAC address into
interface identifier
Used in many forms of unicast address

9
Types of Unicast Addresses

Unspecified address
All zeros ()
Used as source address during initialization
Also used in representing default
Loopback address
Low-order one bit (1)
Same as 127.0.0.1 in IPv4

10
Types of Unicast Addresses

Link-local address
Unique on a subnet
Result of router discovery or neighbor discovery
High-order FE80/64
Low-order interface identifier
Site-local address
Unique to a site
High-order FEC0/48
Low-order interface identifier
What is a site?

11
Types of Unicast Addresses

Mapped IPv4 addresses
Of form FFFFa.b.c.d
Used by dual-stack machines to communicate over
IPv4 using IPv6 addressing
Compatible IPv4 addresses
Of form a.b.c.d
Used by IPv6 hosts to communicate over automatic
tunnels

12
Types of Unicast Addresses

Aggregatable global unicast address
Used in production IPv6 networks
Goal minimize global routing table size
From range 2000/3
Three fields in /64 prefix
16-bit Top Level Aggregator (TLA)
8-bit reserved
24-bit Next Level Aggregator (NLA)
16-bit Site Level Aggregator (SLA)

13
Types of Unicast Addresses

Aggregatable global unicast address

14
Top-Level Aggregators

Allocated by RIRs to transit providers
In practice, RIRs have adopted slow-start
strategy
Start by allocating /35s
Expand to /29s when sufficient use in /35
Eventually move to /16s

15
Abilene sTLA

Allocated 2001468/35

16
NLAs and SLAs

NLAs used by providers for subnetting
Allocate blocks to customers
Can be multiple levels of hierarchy
SLAs used by customers for subnetting
Analogous to campus subnets
Also can be hierarchical

17
Other Unicast Addresses

Original provider-based
Original geographic-based
GSE (88)
Tony Hains Internet Draft for provider-independen
t (geographically-based) addressing

18
Multicast Address

From FF00/8
Address contains four-bit scope field
Unlike IPv4 multicast, scope is explicitly
defined in address
Low-order 112 bits are group identifier, not
interface identifier

19
Anycast Address

Used to send packets to all interfaces on a
network (like IPv4 anycast, not all will
necessarily respond)
Low-order bits (typically 64 or more) are zero

20
Abilene IPv6 Addressing

Two prefixes allocated
3ffe3700/24 on 6bone
2001468/35 sTLA
Planning migration from 6bone addressing
Current addressing plan built on assumption of /35

21
Allocation Procedures

GigaPoPs allocated /40s
Expected to delegate to participants
No BCP (yet) for GigaPoP allocation procedures
Direct connectors allocated /48s
Will (for now) provide addresses to participants
behind GigaPoPs which havent received IPv6
addresses
See WG web site for details

22
Registration Procedures

Providers allocated TLAs (or sTLAs) must register
suballocations
ARIN allows rwhois or SWIP
For now, Abilene will use SWIP
Will eventually adopt rwhois
GigaPoPs must also maintain registries
Will probably have central Abilene registry

23
Obtaining Addresses

Drop a note to Abilene NOC (noc_at_abilene.iu.edu)
with request
Will set wheels in motion

24
Allocation Schemes

CIDR representation and IPv6 allocations.

25
CIDR

In IPv4 you would see representations like
129.93.0.0/16
129.93.0.0 255.255.240.0
129.93.0.0/20
At the bit level this is
10000001.01011101.1111 0000.00000000

26
Reasons for CIDR

To try to preserve the address space.
To control the growth of the routing table.

27
IPv6 Notation

In IPv6 every address is notated
20010468/35
IPv6 address / Prefix Length
At the bit level
0010 0000 0000 0001 0000 0100 0110 1000000
0/35

28
Allocation Strategies

We wish to allocate /48s out of the /35.
Which are available
200104680000 through
200104681fff
Recall the the bit structure is
0010 0000 0000 0001 0000 0100 0110 1000 000
0000000000000
0010 0000 0000 0001 0000 0100 0110 1000 000
1111111111111
So there are 8,192 /48s in a /35

29
How would Allocations work?

Suppose you wish to give out /40s in the /35.
20010468000 0 0000 or 20010468/40
20010468000 1 1111 or 200104681f00/40
Thus there are 32 /40s in the /35 each of which
has 256 /48s.

30
How would Allocations work?

The same idea holds for /41s or /42s.
20010468000 000000 or 20010468/41
20010468000 111111 or 200104681f80/41
20010468000 0000000 - 000 1111111
20010468/42 200104681fd0/42

31
Mixed Allocations

The interesting case is how to handle mixed
allocations.
One site wants a /40 another a /42. How can you
handle this case.
See
draft-ietf-ipngwg-ipaddressassign-02
A flexible method for managing the assignment of
bits of an IPv6 address block

32
Mixed Allocations

Each /35 has
32 /40s with 256 /48s
64 /41s with 128 /48s
128 /42s with 64 /48s
Look at the bits here.

33
Router Configuration
34
IPv4 Subnet Masking

Originally the network size was based on the
first few bits (classful addressing)
Getting rid of address classes was painful!
routing protocols, stacks, applications
Modern IPv4 allows subnet boundaries anywhere
within the address (classless addressing)
But decimal addresses still make figuring out
subnets unnecessarily difficult. . .

35
IPv6 Subnet Masking

IPv6 still has address classes, but they set the
address types, not the network size.
Hexadecimal format makes subnetting easier for
human beings. . . but thinking in binary is still
necessary.

36
IPv6 Prefixes

Always hierarchical, and aggregated at each level
2001468/35 Abilene
00100000000000010000010001101000000
2001468400/40 Indiana GigaPoP
0010000000000001000001000110100000000000
2001468401/48 Indiana University
001000000000000100000100011010000000010000000001
2001468401b/64 Abilene NOC at IU
001000000000000100000100011010000000010000000001
0000000000001011

37
Aggregation

IU campus routers carry /64 routes for internal
subnets (and possibly other, shorter prefixes for
large nets or internal aggregation).
IU advertises only 2001468401/48 to their
gigaPoP
Indiana GigaPoP advertises only 2001468400/40
to Abilene
Abilene advertises only 2001468/35 to peers.

38
v6 Interfaces

Multiple Addresses per interface
Link-local fe80(EUI-64)
Global autoconfigured
Global manually configured
Multicast all-nodes, solicited-node, etc.
Anycast
Stateless Autoconfiguration
Stateful Autoconfiguration - DHCPv6

39
EUI-64

Mechanical construction of a unique address from
the IEEE MAC of the interface
Need 64 bits, so the 48-bit MAC is padded up
0050da205b03
0250dafffe205b03
Where did the 02 come from? It indicates this is
a globally unique address - reverse of the
original EUI-64 spec.

40
Cisco Router Configuration

Rule 1 What Would v4 do?
Enable routing
ipv6 unicast-routing
Configure Interfaces
ipv6 address
Configure Routing Protocols

41
Cisco Configs

LAN Interface
interface Ethernet0/0
ip address 192.168.1.254 255.255.255.0
ipv6 address 200146812312/64

42
Cisco Configs

Tunnel Interface
interface Tunnel1
description IPv6 to Abilene
no ip address
no ip redirects
no ip proxy-arp
ipv6 address 3FFE3700FF1052/64
tunnel source ATM2/0.1
tunnel destination 192.168.193.14
tunnel mode ipv6ip

43
Cisco Configs

ATM PVC
interface ATM2/0.3 point-to-point
description My GigaPoP
no ip redirects
no ip proxy-arp
pvc MyGigaPoP 3/66
ubr 155000
encapsulation aal5snap
!
ipv6 address 2001468FF5551/64

44
Cisco Configs

IGP - most sites will use RIPng for now, but
IS-IS is also available. OSPFv3 is on the way. .
.
ipv6 router rip ipsix
redistribute connected
interface Ethernet1/0
ipv6 rip ipsix enable
ipv6 rip ipsix default-information orig
Static
ipv6 route ltprefixgt ltnexthopgt

45
Cisco Configs

BGP - added to your existing IPv4 BGP config
router bgp 64555
bgp router-id 192.168.2.1
neighbor Abilene-v6 peer-group
neighbor Abilene-v6 remote-as 11537

46
Cisco Configs

BGP continued. . .
address-family ipv6 unicast
neighbor Abilene-v6 activate
neighbor Abilene-v6 soft-reconfiguration in
neighbor Abilene-v6 prefix-list to-Abilene-v6
out
neighbor 20014685552006 peer-group
Abilene-v6
network 20014684ff/48
aggregate-address 20014684ff/48 summary-only
exit-address-family

47
Cisco Configs

BGP continued. . .
ipv6 route 20014684ff/48 Null0
!
ipv6 prefix-list to-Abilene-v6 seq 10 permit
20014684ff/48

48
Juniper Router Configuration

Rule 1 What Would v4 do?
Enable routing - already there. . .
Configure Interfaces
family inet6 address
Configure Routing Protocols and RIBs

49
Juniper Configs

Interface (physical)
interfaces
fe-0/1/0
unit 0
family inet6
address 20014681231/64

50
Juniper Configs

Interface (tunnel)
interfaces
ip-0/3/0
unit 0
tunnel
source 192.168.2.2
destination 192.168.45.2
family inet6
mtu 1514
address 20014681231/64

51
Juniper Configs

Router Advertisement - not enabled by default
protocols
router-advertisement
interface fe-0/3/0.0
prefix 2001468123/64

52
Juniper Configs

Routing setup
routing-options
interface-routes
rib-group
inet6 ifrg6
rib inet6.0
aggregate
route 20014684ff/48

53
Juniper Configs

Routing setup continued. . .
rib-groups
ifrg6
import-rib inet6.0 inet6.2
router-id 192.168.2.1

54
Juniper Configs

IGP - RIPng and IS-IS are both available
protocols
ripng
group local
export redist-direct
neighbor fe-0/1/0.0
policy-options
policy-statement redist-direct
from protocol direct
then accept

55
Juniper Configs

BGP
protocols
bgp
group Abilene-v6
type external
family inet6
unicast
export to-Abilene-v6
peer-as 11537
neighbor 20014685552006

56
Juniper Configs

BGP continued. . .
policy-options
policy-statement to-Abilene-v6
term accept-aggregate
from
route-filter 20014684ff/48
exact
then accept
term reject
then reject

57
Cisco Show Commands

show bgp
show bgp summary
show ipv6 bgp neigh ltaddrgt routes
show ipv6 bgp neigh ltaddrgt advertised
show ipv6 route
show ipv6 interface
show ipv6 neighbors

58
Juniper Show Commands

show bgp summary
show route advert bgp ltaddrgt
show route rece bgp ltaddrgt
show route table inet6.0 (terse)
show interfaces
show ipv6 neighbors

59
Lab Basic IPv6 Functionality
60
Enable IPv6 functionality on each router using
addresses allocated by Internet2 or your lab
router's "upstream" IPv6 provider. Send and
receive BGP IPv6 routes.

Ensure your router interfaces are configured with
IPv6 addresses
Ping a neighboring router using IPv6 ICMP.
Verify that you are sending IPv6 BGP routes to
neighboring routers, where appropriate.
Verify you are receiving IPv6 BGP routes.
Verify connectivity around the workshop lab.
If your workshop lab is connected to the global
IPv6 Internet, verify you can ping and traceroute
to a host on the global IPv6 Internet.
Verify lab client computer (laptop) is receiving
router advertisements.

61
Multihoming Issues

Many sites are multihomed in the current Internet
reliability
stability - which provider will stay in business?
competition
AUP - commodity vs. RE
But all IPv6 addresses are provider-assigned!

62
Multihoming
2001897/35
2001468/35
ISP1 (UUNET)
ISP2 (Abilene)
University of Smallville
20014681210/48
20018970456/48
63
Lab Multiple Address Configuration and
Multihoming
64
Configure router interfaces with alternate IPv6
addresses provided while retaining initial IPv6
address allocation. An additional link will be
added to the IPv6 workshop lab, making
multihoming possible from some routers. Using the
added multihomed link, configure the router to
support routing across either interface.

Verify that your router interfaces are configured
with multiple IPv6 addresses.
Verify connectivity around the workshop lab with
either router interface address.
Verify host computers connected off router
interfaces are receiving router advertisements
for all address blocks configured on local router
interface.

65
Provider-Independent Addressing
66
PI Multihoming

One possible answer to the multihoming/multiple
address problem is the use of addresses
determined by geography.
Each site uses the location of its ISP demarc to
determine its PI address space - put your GPS on
top of your router.

67
PI Address Calculation

Lat/Lon each converted to a 22-bit binary number
40.0433N 0001110001111001101010
105.2781W 1011010100100010101101
Two values interleaved, latitude first
0100 0111 1011 0001 0010 1110 1000 0110 1100 1101
1001
4 7 b 1 2 e 8 6 c d
9
X47b12e86cd9/48
X because this scheme is not yet approved, but
the expectation is that 1 will be used.

68
PI Address Calculation

Why interleave? So that as the prefix gets
longer, the area included in the prefix gets
smaller
bits degrees nominal square
scope sites
-------------------------------------------------
-------------------
4 -gt 90.00000 10000 km
octant
8 -gt 22.50000 2500 km
expanse
12 -gt 5.625000 600 km
zone
16 -gt 1.406250 150 km
region
20 -gt 0.3515625 40 km
metro 16777216
24 -gt 0.087890625 10 km
city 1048576
28 -gt 0.02197265625 2.5 km
locality 65536
32 -gt 0.0054931640625 600 m
neighborhood 4096
36 -gt 0.001373291015625 150 m
block 256
40 -gt 0.00034332275390625 40 m lot
16
44 -gt 0.0000858306884765625 10 m
site 1

69
PI Address Calculation

If all the ISPs in an area meet at a local
exchange, they may be able to aggregate PI
addresses to some degree.
But using PI will inevitably mean that more
prefixes are carried in the default-free zone
(DFZ) at the core of the Internet.

70
PI Multihoming
152886532800/39
ISP2 (WestCo)
ISP1 UUnet
IBM 15288653294C/48
SOX 1528865328FE/48
Ford 1528865329A6/48
GE 152886532905/48
71
PI Multihoming

Proposed format draft-hain-ipv6-pi-addr-use-02.tx
t
Usage discussion draft-hain-ipv6-pi-addr-use-02.t
xt
Abilene PIA background and calculator
http//loadrunner.uits.iu.edu/neteng/ipv6/pi/pi.h
tml
Remember, this is NOT a standard yet!

72
Lab Provider-Independent Addressing
73
Configure router interfaces with
provider-independent addresses, based on
geographic location of each router.

Verify connectivity to all provider-independent
addresses configured in the router lab.
Verify host computers connected off router
interfaces are receiving router advertisements
for all address blocks configured on local router
interface.

74
IPv6 Under the Hood
75
Changes from IPv4 to IPv6

Expanded addressing capabilities
Header format simplification
Improved support for extensions and options
Flow labelling capability
Authentication and privacy capabilities

76
IPv6 Header Format
77
IPv6 Header Fields

Defined in RFC 2460
Version (4 bits) 6. Enough said.
Traffic class (8 bits) DSCP?
Flow label (20 bits) Used in identifying
flows
Payload length (16 bits) Length in octets of
rest of packet
Next header (8 bits) Identifies type of header
immediately following IPv6 header

78
IPv6 Header Fields

Hop limit (8 bits) Decremented by one each time
packet is forwarded
Source address (128 bits) Originator of this
packet
Destination address (128 bits) Intended
recipient of packet

79
IPv6 Extension Headers

Hop-by-hop options
Routing
Fragment
Destination options
Authentication
Encapsulating security payload

80
ICMPv6

Defined in RFC 2463
Two types of messages defined
Error messages
Informational messages
Implemented as extension header (type 58)
Follows other extension headers

81
ICMPv6 Format
82
ICMPv6 Types

ICMPv6 error messages
Destination unreachable (1)
Packet too big (2)
Time exceeded (3)
Parameter problem (4)
ICMPv6 informational messages
Echo request (128)
Echo reply (129)

83
IPv6 Neighbor Discovery

Used by nodes on same link to
Discover each others presence
Determine each others link-layer addresses
Find routers
Maintain reachability information about paths to
active neighbors
Defined in RFC 2461 (93 pages!)
Adds five ICMPv6 messages

84
Router Solicitation Message

Router Solicitation When an interface becomes
enabled, hosts may send out Router Solicitations
that request routers to generate Router
Advertisements immediately rather than at their
next scheduled time.
ICMPv6 type 133

85
Router Advertisement Message

Router Advertisement Routers advertise their
presence together with various link and Internet
parameters either periodically, or in response to
a Router Solicitation message. Router
Advertisements contain prefixes that are used for
on-link determination and/or address
configuration, a suggested hop limit value, etc.
ICMPv6 type 134

86
Neighbor Solicitation Message

Neighbor Solicitation Sent by a node to
determine the link-layer address of a neighbor,
or to verify that a neighbor is still reachable
via a cached link-layer address. Neighbor
Solicitations are also used for Duplicate Address
Detection.
ICMPv6 type 135

87
Neighbor Advertisement Message

Neighbor Advertisement A response to a Neighbor
Solicitation message. A node may also send
unsolicited Neighbor Advertisements to announce a
link-layer address change.
ICMPv6 type 136

88
Redirect Message

Redirect Used by routers to inform hosts of a
better first hop for a destination.
ICMPv6 type 137

89
Building a dual stack host

Rangers.ipv6.unl.edu
Dale Finkelson

90
OS

I started by installing Freebsd 4.4.
Has the advantage of having the Kame stack
compiled into the Kernel.
I choose to use two names for the machine.
One resolving to a v6 address
One resolving to a v4 host
In the rc.conf file I used the name
rangers.unl.edu rather then the v6 name.
For some reason this worked better.
It messed up the window manager Gnome.
My guess is Gnome didnt know how to deal with a
AAAA record
Not a big deal if you use another window manager.

91
Applications

Named
4.4 came with 8.2.4
This supports AAAA
Configuration
DNS will be done in more detail at another time
in the workshop.

92
Applications

Apache_1.3.20ipv6
This was trivial. All I had to do was do a make
in the ports directory.
The config file is /usr/local/etc/apache/httpd.con
f
Apart from some http configuration there was
nothing v6 specific to do.

93
Applications

Mozilla-0.9.3.1ipv6
This took forever to install. The compilation is
huge. It probably cannot be done in a half day of
a workshop.
Unless your machine is faster.
It worked just fine. However you will have a hard
time convincing yourself if www.kame.net is not
available.
You need a v6 addressed server where you know you
will use the v6 address.
It does not display the address of the machine it
is going to.
I use different names for v4 and v6 on rangers.
Thus by attaching to rangers.ipv6.unl.edu I
convinced myself it works.

94
Applications

Sendmail
The sendmail in freebsd 4.4 is v6 capable. Its
version 8.11.6.
There is however configuration you need to do.
In the M4 file, in my case this was
/etc/mail/freebsd.mc, you need to add the
following two lines.
DAEMON_OPTIONS(NameMTA-v4, Familyinet)
DAEMON_OPTIONS(NameMTA-v6, Familyinet6)

95
Sendmail Configuration

In my machine the file /etc/mail/freebsd.mc
contained the lines.
I uncommented them.
I copied the file to /usr/share/sendmail/cf/cf.
Then /usr/share/sendmail/cf/m4/cf.m4 freebsd.mc gt
freebsd.cf
Copied freebsd.cf to sendmail.cf and restarted
the sendmail process.
It worked fine.
Test this by telneting to port 25 on the v6
hostname

96
Sendmail

I could not make the m4 stuff work if I was in
another directory then the one specified.
The README file says to do a ./Build in the
directory, but I could not get that to work.

97
Applications

Cucipop-1.31
Pop3 server
There are several, I chose this one for no
particular reason.
Compiled and installed with no problem.
Configuration
By default pop3 is probably turned off in
inetd.conf.
Had to change the pop line in inetd.conf from tcp
to tcp6 or create a new one so it would support
both.
Restart inetd

98
Applications

Sylpheed.0.6
A v6 complient mail client.
Complied and installed just fine.
Configuration
I configured it to use rangers.ipv6.unl.edu as
the sending and receiving host.
Set up a user
Testing
This will be hard to test as someone else with a
v6 capable mailer needs to mail you a message.
In a workshop this could be done and mail could
move back and forth there.

99
Applications

Those are the major ones that I know of that will
provide the major services that at least I use
most of the time.
I also installed some tools.

100
Tools

Ethereal 0.9.1
Easy to compile and install.
Will receive and decode v6 packets.
At least to the extent that you know how to use
ethereal.
Good for exploring and verifying the packet flows
for neighbor discovery or stateless autoconfig as
well as verifying packets are using v6 addresses.

101
Tools

Netperf-2.1.3
Compiled and installed fine.
I have no clue if it works.

102
Tools

Pchar-1.4
This does the path charactistics.
Works with v6 addresses.

103
Failures

I had two packages that are claimed to work but
that I could not make work.
Mtr 0.45
This is a ping/traceroute tool. It would not
resolve a v6 hostname or work with a v6 address.
Ncftp 3.1.2
Same problem. It failed to resolve v6 hostnames
or use v6 addresses.

104
Conclusion

Over about 3 days, I was able to build a dual
stack workstation that can
Do DNS for ipv6.unl.edu
Send and receive mail
Host a web site
Use other v6 web sites
Do some network analysis and testing.
There are also of course the standard tools line
ping6 and traceroute6 that are simply included in
4.4.
This is Unix specific. I suspect that Linux with
Usagi will have very similar results.

105
IPv6 and Microsoft Windows (as of April 14, 2002)

Bill Cerveny

106
Supported Platforms

Windows 2000 with Service Pack 1 installed
Must install IPv6 Technology Preview
Installing with Service Pack 2 see
http//msdn.microsoft.com/Downloads/sdks/platform/
tpipv6/faq.asp
Windows XP
Integral part of the operating system
Must be turned on

107
Turning on IPv6 support in Windows XP

C\Documents and Settings\Billgtipv6 install
Installing...
Succeeded.

108
Installation Verification via ipv6 if

C\Documents and Settings\Billgtipv6 if
Interface 5 Ethernet Local Area Connection 2
uses Neighbor Discovery
uses Router Discovery
link-layer address 00-50-04-f0-64-b2
preferred global 3ffe37001f05e0d847c169c
aa0cab2, life 6d23h56m11s/23h
53m49s (anonymous)
preferred global 3ffe37001f05e02504fffef
064b2, life 29d23h58m54s/6d23
h58m54s (public)
preferred link-local fe802504fffef064b2,
life infinite
multicast interface-local ff011, 1 refs,
not reportable
multicast link-local ff021, 1 refs, not
reportable
multicast link-local ff021fff064b2, 2
refs, last reporter
multicast link-local ff021ffa0cab2, 1
refs, last reporter

109
Installation Verification via ipv6 if (cont)

link MTU 1500 (true link MTU 1500)
current hop limit 64
reachable time 23000ms (base 30000ms)
retransmission interval 1000ms
DAD transmits 1
Interface 4 Ethernet Local Area Connection
cable unplugged
uses Neighbor Discovery
uses Router Discovery
link-layer address 00-60-08-d2-5c-1b
preferred link-local fe802608fffed25c1b,
life infinite
multicast interface-local ff011, 1 refs,
not reportable
multicast link-local ff021, 1 refs, not
reportable
multicast link-local ff021ffd25c1b, 1
refs, last reporter

110
Installation Verification via ipv6 if(cont)

link MTU 1500 (true link MTU 1500)
current hop limit 128
reachable time 25000ms (base 30000ms)
retransmission interval 1000ms
DAD transmits 1
Interface 3 6to4 Tunneling Pseudo-Interface
does not use Neighbor Discovery
does not use Router Discovery
preferred global 2002d1d3ed55d1d3ed55,
life infinite
link MTU 1280 (true link MTU 65515)
current hop limit 128
reachable time 32000ms (base 30000ms)
retransmission interval 1000ms
DAD transmits 0

111
Installation Verification via ipv6 if(cont)

Interface 2 Automatic Tunneling Pseudo-Interface
does not use Neighbor Discovery
does not use Router Discovery
router link-layer address 0.0.0.0
EUI-64 embedded IPv4 address 0.0.0.0
preferred link-local fe805efe209.211.237.85
, life infinite
preferred global 209.211.237.85, life
infinite
link MTU 1280 (true link MTU 65515)
current hop limit 128
reachable time 43000ms (base 30000ms)
retransmission interval 1000ms
DAD transmits 0

112
Installation Verification via ipv6 if(cont)

Interface 1 Loopback Pseudo-Interface
does not use Neighbor Discovery
does not use Router Discovery
link-layer address
preferred link-local 1, life infinite
preferred link-local fe801, life infinite
link MTU 1500 (true link MTU 4294967295)
current hop limit 128
reachable time 21500ms (base 30000ms)
retransmission interval 1000ms
DAD transmits 0

113
Windows XP ping6

C\Documents and Settings\Billgtping6 www.kame.net
Pinging kame220.kame.net 3ffe50148192000280a
dfffe7181fc
from 3ffe37001f05e0d847c169caa0cab2 with
32 bytes of data
Reply from 3ffe50148192000280adfffe7181fc
bytes32 time249ms
Reply from 3ffe50148192000280adfffe7181fc
bytes32 time232ms
Reply from 3ffe50148192000280adfffe7181fc
bytes32 time249ms
Reply from 3ffe50148192000280adfffe7181fc
bytes32 time229ms
Ping statistics for 3ffe50148192000280adfffe
7181fc
Packets Sent 4, Received 4, Lost 0 (0
loss),
Approximate round trip times in milli-seconds
Minimum 229ms, Maximum 249ms, Average
239ms

114
IPv6 tracert

C\Documents and Settings\Billgttracert6
www.kame.net
Tracing route to kame220.kame.net
3ffe50148192000280adfffe7181fc
from 3ffe37001f05e0d847c169caa0cab2 over a
maximum of 30 hops
1 lt1 ms lt1 ms lt1 ms
3ffe37001f05e04700
2 19 ms 19 ms 19 ms
3ffe3700ff24a1
3 75 ms 95 ms 95 ms
snva-ipls.ipv6.abilene.ucaid.edu 3ffe3700f
f5092
4 76 ms 97 ms 76 ms
cisco1.sanjose.wide.ad.jp 200120006c031
5 250 ms 229 ms 231 ms
cisco1.notemachi.wide.ad.jp 200120006c01
29027fffe3ad8
6 230 ms 232 ms 230 ms
pc3.yagami.wide.ad.jp 200120001c041000
2000
7 251 ms 229 ms 250 ms
gr2000.k2c.wide.ad.jp 2001200048192000
1
8 232 ms 251 ms 234 ms apple.kame.net
3ffe50148192000280adfff
e7181fc

115
IPv6 configuration commands

ipv6 rc View the route cache
ipv6 nc View the neighbor cache
ipv6 if View interface information
ipv6 ifc Configure interface attributes
ipv6 rtu Add IPv6 route
ipv6 adu Configure IPv6 with manual addresses

116
ipv6 rc (route cache)

C\Documents and Settings\Billgtipv6 rc
3ffe50148192000280adfffe7181fc via
5/fe802602ffffea3c098
src 5/3ffe37001f05e0d847c169caa0cab2
PMTU 1500
200120004819280adfffe7181fc via
5/fe802602ffffea3c098
src 5/3ffe37001f05e0d847c169caa0cab2
PMTU 1500
2002c0586301c0586301 via 3/2002c0586301c0
586301 (stale)
src 3/2002d1d3ed55d1d3ed55
PMTU 1280
2002836b213c836b213c via 3/2002836b213c83
6b213c (stale)
src 3/2002d1d3ed55d1d3ed55
PMTU 1280

117
ipv6 nc (neighbor cache)

C\Documents and Settings\Billgtipv6 nc
5 fe802602ffffea3c098 00-60-2f-a3-c0-98
stale (router)
5 fe802504fffef064b2 00-50-04-f0-64-b2
permanent
5 3ffe37001f05e02504fffef064b2
00-50-04-f0-64-b2 permanent
5 3ffe37001f05e0d847c169caa0cab2
00-50-04-f0-64-b2 permanent
4 fe802608fffed25c1b 00-60-08-d2-5c-1b
permanent
3 2002c0586301c0586301 192.88.99.1
permanent
3 2002836b213c836b213c 131.107.33.60
permanent
3 2002d1d3ed55d1d3ed55 127.0.0.1
permanent
3 2002836b213c1e08f08f0208 131.107.33.60
permanent
3 200170801624
incomplete
2 209.211.237.85 127.0.0.1 permanent
2 fe805efe209.211.237.85 127.0.0.1
permanent
1 fe801 permanent
1 1 permanent

118
Operating System Applications with IPv6
Functionality Included

Internet Explorer
telnet
ftp
ftpd
Microsoft Network Monitor

119
Coming Soon

.net Server, now in beta and to be released in
2H2002
IPv6 compliant IIS
IPv6 compliant Micosoft Media Server
Anything that runs over MS RPC should just
work.
Alledgedly every Microsoft application group is
working on IPv6 compliance, but timetables are
uncertain.

120
Open Software with IPv6 Support within Windows XP

NTemacs
Teraterm Pro with SSH
Cygwin with IPv6 extensions
Apache with IPv6 extensions for win32
NcFTP
Windump
Emacs

121
Open Source Porting Problems

Sylpheed supports IPv6 with FreeBSD and Linux,
but doesnt appear to work with Windows XP
Mozilla supports IPv6 on FreeBSD and Linux, but
not for Windows. This is apparently because
Windows XP doesnt support IPv4-mapped IPv6
addresses
Mozilla developer said there is some interest in
making mozilla IPv6-capable on Windows XP
Look for a Windows single stack network
architecture in 2003

122
Applications to be investigated

Wanderlust - Yet another message interface on
Emacsen
http//www.gohome.org/wl/index-e.htmlIMAGES

123
Microsoft Bleeding Edge Statement

The IPv6 software supplied in this release
contains prerelease code and is not intended for
commercial use. This software is available for
research, development and testing only and must
never be used in a production environment.
Microsoft is not responsible for your use of the
code or for the results from your use of the
code, and Microsoft does not provide any level of
technical support for IPv6 in this release. Peer
support is available from the microsoft.public.pla
tformssdk.networking.ipv6 newsgroup found at
msnews.microsoft.com

124
Firing Up DVTS over IPv6

Bill Cerveny

125
What is DVTS?

Digital Video over IP
Videoconferencing over IPv6 or IPv4 with
preference for IPv6
A product of the Wide Project
http//www.sfc.wide.ad.jp/DVTS/

126
Operating Systems Supported

FreeBSD
NetBSD
Linux
Windows 2000 and Windows XP (IPv4 only as of Jan
10, 2002)
MacOS X -- incomplete IPv4 seems to work IPv6
stuff incomplete

127
Tested Operating System Environments

Linux
Must use specific Linux kernel and configuration
Used Debian Linux, but any Linux variant should
be OK
Firewire configuration on desktop easy, but
challenging on laptop PC
Once working, everything looked obvious
Gory details at end of presentation

128
Tested Operating System Environments

MacOS X
Wasnt able to build without significant
modification port incomplete

129
Tested Configuration
This shows video/audio flow Going one direction
only. For Both directions, duplicate this Going
in opposite direction.
Firewire Link
15-30Mbps IPv6
Abilene
15-30Mbps IPv6
SVGA or Composite Video
Video Content
Firewire Link
130
Network Traffic Generated

By default, 32Mbps IPv6 or IPv4 traffic is
generated in each direction (30 frames per
second)
Can reduce frame rate to 15 frames per second to
reduce bandwidth to about 16Mbps without
noticable degradation in video performance

131
Bandwidth Stats from Test Between Chicago and
Armonk, NY

Abilene (mix of IPv4 and IPv6 traffic)

132
Bandwidth Stats from Test Between Chicago and
Armonk, NY

Armonk IPv6 Router Stats - FastEthernet Interface

Armonk, NY IPv6 Router Stats - Tunnel
133
Cost of DVTS -- Wide Estimate
Item Quantity Per End Cost Each
Desktop or laptop computer 2 2,000
Firewire cards for PC or laptop 2 70
Camcorder 2 1,500
134
DVTS Cost - My Experience
Item Quantity per end Cost Each
Laptop or PC 2 Used existing equipment
Camcorder 1 1,000
A/D Converter 1 300
Firewire Cardbus or PCI card 2 50-100
135
References

DVTS Main Page - http//www.sfc.wide.ad.jp/DVTS/
DVTS Presentation to Internet2 IPv6 Workshop in
Los Angeles - http//www.toyabe.net/I2-presentatio
n.ppt

136
Linux Configuration Notes

Configured on Debian Linux, 2.4.12 kernel.
Turned on IEEE1394 (and IPv6) support in Linux
kernel
DVTS source code looks for IEEE1394 kernel source
code at /usr/src/linux/drivers/ieee1394
Must install libraw1394 libraries

137
Kernel configuration - 1 of 3Turning on
Experimental Code
138
Kernel configuration 2 of 3Enabling IPv6
139
Kernel configuration 3 of 3IEEE1394 Options
140
Personal Linux/Hardware Compatibility Notes

What works
IBM Thinkpad T21 and 600E
Western Digital IEEE1394 Cardbus card
(WDAD0003-RNW)
Sony DCR-PC9 Camcorder (also DCR-PC3 and DCR-PC7)
Sony A/D Converter
Dell 400Mhz GX1
Pinnacle PCI IEEE1394 card
Orange Micro IEEE1394/USB PCI card (USB not
tested)
Siig PCI card
All Firewire devices listed above

141
Personal Hardware Compatibility Notes

Doesnt work
Siig 2-port Cardbus card (NN-PC2012)
Dazzle Hollywood A/D Bridge

142
Warnings

Dont try to use ohci1394 stuff in pcmcia-cs
source code -- it doesnt work and developers
dont intend to fix it (I wasted a lot of time
troubleshooting it, before I gave up)
If you are using a Cardbus IEEE1394 card and
Linux freezes, you must remark some ohci1394
initialization code (this seems to be a laptop
memory problem)

143
Final Note about DVTS (IMHO)

You have to get past source code and hardware
configuration problems, but once you do this,
DVTS seems easy and straightforward.

144
Campus/GigaPoP IPv6

Addressing, Software Versions, Topology Issues,
DNS Support, Traffic

145
Campus Addressing

Most sites will receive /48 assignments
16 bits left for subnetting - what to do with
them?

EUI host address (64 bits)
Network address (48 bits)
16 bits
146
Campus Addressing

Sequentially, e.g.
0000
0001
FFFF
16 bits 65535 subnets

147
Campus Addressing

Sequentially
Following existing IPv4
Subnets or combinations of nets subnets, or
VLANs, etc., e.g.
128.8.60.0/24 ?? 003c
128.8.91.0/24 ?? 005b
128.8.156.0/24 ?? 009c
156.56.60.0/24 vs 129.79.60.0/24?
013c or 383c or 9c3c vs 023c or 4f3c or 813c

148
Campus Addressing

Sequentially
Following existing IPv4
Topological/aggregating
reflecting wiring plants, supernets, large
broadcast domains, etc.
Main library 0010/60
Floor in library 001a/64
Computing center 0020/55
Student servers 002c/64
Medical school 00c0/50
and so on. . .

149
New Things to Think About

You can use all 0s and all 1s! (0000, ffff)
Youre not limited to 254 hosts per subnet!
Switch-rich LANs allow for larger broadcast
domains (with tiny collision domains), perhaps
thousands of hosts/LAN
No secondary subnets (though gt1
address/interface)
No tiny subnets either (no /30, /31, /32)plan
for what you need for backbone blocks, loopbacks,
etc.

150
New Things to Think About

Every /64 subnet has far more than enough
addresses to contain all of the computers on the
planet, and with a /48 you have 65536 of those
subnets - use this power wisely!
With so many subnets your IGP may end up carrying
thousands of routes - consider internal topology
and aggregation to avoid future problems.

151
New Things to Think About

Renumbering will likely be a fact of life.
Although v6 does make it easier, it still isnt
pretty. . .
Avoid using numeric addresses at all costs
Avoid hard-configured addresses on hosts except
for servers
Anticipate that changing ISPs will mean
renumbering

152
Router Software Versions

JUNOS 5.1 and up Line Rate v6 (just turn it on)
IOS 12.2T and up - for most ISP-type routers
IOS 12.0(19)ST and up - GSR only
IOS process-switches IPv6 traffic with the router
CPU, so beware high traffic loads (though this is
a good problem to have!)
No IPv6 support on 65xx/76xx or 73xx yet.

153
Topology Issues

V6 in a production network

154
Layer-2 Campus1 Switch
Bldg Switch
Big Core Switch
Bldg Switch
Bldg Switch
Big Core Router
155
Layer-2 Campus1 Switch
Bldg Switch
Big Core Switch
Bldg Switch
Bldg Switch
Big Core Router
Small v6 Router
156
Layer-2 Campus2 Core Switches
Bldg Switch
Bldg Switch
Bldg Switch
Big Core Switch
Big Core Switch
Big Core Router
Big Core Router
157
Layer-2 Campus2 Core Switches
Bldg Switch
Bldg Switch
Bldg Switch
Small v6 Router
Big Core Switch
Big Core Switch
Big Core Router
Big Core Router
158
Layer-3 Campus
Bldg Router
Big Core Router
Bldg Router
Bldg Router
Border Router
159
Edge Router Options
Host v4/v6
Bldg Switch
VLAN2
VLAN1
Switched Core
Bldg Switch
VLAN1
Host v4-only
VLAN1
VLAN1
VLAN2
Commodity Router v4-only
Internet2 Router v4 and v6
160
Routing Protocols

iBGP and IGP (RIPng/IS-IS)
IPv6 iBGP sessions in parallel with IPv4
Static Routing
all the obvious scaling problems, but works OK to
get started, especially using a trunked v6 VLAN.
OSPFv3 is coming
It will run in a ships-in-the-night mode relative
to OSPFv2 for IPV4 - neither will know about the
other.

161
DNS Issues

BIND Versions
All modern versions of BIND support AAAA
BIND9 can use IPv6 transport for queries
IPv6 root servers
ip6.int vs. ip6.arpa - being fixed, we hope!

162
Equipment Needs

Tunnel Router (Cisco 2600) 2,000
A router with two Ethernet interfaces is best, to
avoid one-armed routing.
Workstation Linux Box 1,000
For testing and demonstrations, any old cast-off
Pentium will get you going. . .

163
Future Needs

Routers better v6 support, new features, speed
Servers Dual-Stack, Application support
Topology Border/Core Designs

164
Traffic

Not much - this graph is of IPv6 NNTP traffic
between UO and NYSERNet on June 20, which at the
time was the only non-routing-protocol v6 traffic
over Abilene. There are a few other occasional
tests, but WE NEED MORE TRAFFIC!

165
Traffic - the NNTP Experiment

Usenet makes an excellent IPv6 "foundation"
application, and INN, the traditional open source
news server supported by the ISC, has IPv6
support in the INN -CURRENT development tree
(ftp//ftp.isc.org/isc/inn/snapshots/) Tin
supports v6 reading (http//www.tin.org)
Building INN is covered in detail in the INSTALL
file included with the source including support
for IPv6 is a simple matter of including the line
--enable-ipv6 as part of the configure time
options. See also doc/IPv6-info (included with
the source).
IPv6 addresses show up explicitly in three
configuration files
incoming.conf - who can transfer articles to you
innfeed.conf - where you are feeding articles
readers.conf - who can read/post from your server
All work the way you'd expect, and can accept
either host names or IPv6 colon-formatted
addresses (if you use colon-formatted raw
addresses, enclose them in double quotes due to
the use of colons as punctuation in the
innfeed.conf file).
If folks need help finding an IPv6 Usenet peer,
they should feel free to contact Joe St Sauver
(joe_at_oregon.uoregon.edu). He will usually be
willing to provide IPv6 Usenet peering, or play
"matchmaker" to help people find other IPv6
Usenet peers.