1 / 24

IPv6 Enterprise Deployment S trategy

IPv6 Enterprise Deployment S trategy. Benoit Lourdelet, IPv6 Product Manager, blourdel@cisco.com. Capturing the IPv6 business opportunity. Status on IPv6 adoption Impact of IPv4- address exhaustion Enterprise network functions Making an IPv6 plan. V6 -Enabled. V6 in 2010. V6 -Enabled.

tave
Télécharger la présentation

IPv6 Enterprise Deployment S trategy

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. IPv6 Enterprise Deployment Strategy Benoit Lourdelet, IPv6 Product Manager, blourdel@cisco.com

  2. Capturing the IPv6 business opportunity • Status on IPv6 adoption • Impact of IPv4-address exhaustion • Enterprise network functions • Making an IPv6 plan

  3. V6-Enabled V6 in 2010 V6-Enabled V6-Enabled Cloud-based Services Ironport cisco.com Image Source: Forrester, “Three Mega Business Trends Will Reshape The Tech Sector” alpha V6 Enabled Functions Departments V6 in iOS 4.0 V6-Enabled Enterprise Collaboration Tools Workgroups/ teams Information Workers Consumer Software Web-enabled Devices V6-Enabled V6-Enabled V6-Enabled

  4. Impact of IPv4 address pool exhaustion • Enterprises should expect their customers, partners, and remote employees to have a mix of connectivity • Public IPv4-only • Public IPv4 and IPv6 • Shared IPv4-only • Shared IPv4 and IPv6 • IPv6 only Enterprises must be ready for this mix (they cannot select the SP of their users). The days of one public IPv4 address for each Internet user are over.

  5. Impact of Shared IPv4 Address on Applications • Applications which could work poorly or even not at all when one side uses a shared IPv4 address • Multiple TCP connections (like AJAX) in parallel • Assuming that one IPv4 address = one user (for logging, for load balancing, for access control…) • Expecting inbound connections (like active FTP) • Using an application not yet supported by the NAT devices • Enterprises should: • Be conservative for their IPv4 users • Be aggressive for their IPv6 plan

  6. Dramatic Increase in Enterprise Activity External Pressure Internal Pressure

  7. IPv6 Adoption and Delivery 1 Sales Certs(IPv6 Logo,USGv6, RIPE-501) 2 IPv6 Pilot and Basic Infrastructure 3 IPv6 Internet Presence (websites, remote users, B2B …) 4 IPv6 Islands (Wireless/Consumer devices, Labs …) 5 Internal Data Center, Enterprise Apps 6 Ubiquitous Dual-Stack 7 IPv4 EOL

  8. IPv6 for Internet Presence How to offer services on the IPv6 Internet?

  9. What is Internet Presence? • The set of services offered by • the enterprises • Governments • Hospitals • Schools • To their • Customers • Citizens • Patients • students

  10. Why Should an Enterprise Add an IPv6 Internet Presence? • To be ready for IPv6 • Regulations or incentives • To keep applications running • Unique IP address per user • Customers having only IPv6 connectivity

  11. Multiple Ways to Add IPv6 to Web Servers • Add native IPv6 to existing web servers: • could require some changes in application scripts & logging • Add a set of IPv6-only web servers • More flexibility and independence of IPv4 & IPv6 • Address Family Translator (AFT) in load balancer • Accept IPv6 connection from browser • Load balance and connect to server with IPv4 • AFT in reverse web proxies • Quite often reverse proxies are used for security anyway • Same scenario as load balancers • AFT in network devices • Currently with NAT-PT but scalability issue and deprecated by IETF • Being worked on at the IETF Behave WG

  12. IPv6 Access to Internet How can enterprise internal users access services on the IPv6 Internet?

  13. Why Getting IPv6 Access to the Internet? • Get end-to-end connectivity for all users • Avoid being placed behind a NAT • Customer or partner requiring IPv6 • Getting know-how and expertise on IPv6 • IPv4 connectivityistoo expensive

  14. Adding IPv6 Access for Internal Users • Choice of deployment models • Dual-stack: • add IPv6 to all hosts and network devices • recommended approach • Application proxies at the perimeter: • Internal browser connects over IPv4 to proxies • Proxies connects to IPv6 server • Tunneling • add IPv6 only to some hosts and network devices • could be used for pilot phase or in case of legacy devices

  15. IPv6 in the Intranet How can enterprise internal users use IPv6 for internal services?

  16. Why Adding IPv6 to all hosts in the intranet?Even if RFC 1918 is enough for enterprise • Visibility of tunneled IPv6 traffic • To enforce a security policy • Enable IPv6-only application • Windows 7 DirectAccess transport IPv6 only • Windows 2008 Cluster uses IPv6 link-local address • Apple Airport management uses IPv6 link-local address • Simpler network management without any NAT • Ease of deployment and mobility • Facilitate merging & acquisition (avoiding NAT conflicts) • Be ready to merge/acquire with a IPv6-enabled organization

  17. Building an IPv6 intranet • Well-known and proven designs (dual-stack, hybrid, …) • Enterprises have run several protocols in parallel for years (DECnet, AppleTalk, IPX, …) • All OS (Microsoft, Apple, *ix) supports IPv6 for years • Some ‘hidden’ costs • Training of operational staff • Test all applications for IPv6 readiness While IPv4 will probably disappear from the Internet, It can be expected that IPv4 will stay longer in the enterprise (think SNA or DECnet)

  18. Provider Considerations

  19. Asking the tough questions !

  20. A Phased Approach to IPv6 Adoption Start with a Phased Plan Aligned with Your Business Strategy Identify the highest priority IPv6-critical areas in your network Perform IPv6 Assessment on highest-priority areas to determine scope of design 2 3 4 1 Develop an IPv6 design that enables IPv6 to be introduced without disrupting your IPv4 network Begin IPv6 testing and implementation in pilot mode, then extend over time into production deployment Repeat for the Next IPv6-Critical Area in Your Network

  21. Questions ?

  22. Reference Materials • Deploying IPv6 in Campus Networks (Just updated):http://www.cisco.com/en/US/docs/solutions/Enterprise/Campus/CampIPv6.html • Deploying IPv6 in Branch Networks (Just updated):http://www.cisco.com/en/US/solutions/ns340/ns414/ns742/ns816/landing_br_ipv6.html • New/Updated IPv6 Cisco Sites: http://www.cisco.com/go/ipv6http://www.cisco.gom/go/entipv6 • Cisco Network Designs: http://www.cisco.com/go/designzone • Cisco Live Tweet Chat on Enterprise IPv6: http://bit.ly/a8s2tW • Interop Las Vegas – Enterprise IPv6 Session • Twitter:@eyepv6

  23. Recommended Reading Deploying IPv6 in Broadband Networks - Adeel Ahmed, SalmanAsadullahISBN0470193387, John Wiley & Sons Publications® Available Now- Hardcover/eBook

More Related