270 likes | 639 Vues
IP Transition Fix or a Band-Aid?. www.spirent.com. YouTube = “alantalkstech” Wiki = http://alantestwiki.pbworks.com/ E-mail = alan.way@spirent.com. Alan Way. SPIRENT Is… Putting Innovation to the Test. MOBILITY. APPLICATIONS. NETWORKS. Positioning.
 
                
                E N D
IP Transition Fix or a Band-Aid? www.spirent.com YouTube = “alantalkstech” Wiki = http://alantestwiki.pbworks.com/ E-mail = alan.way@spirent.com Alan Way
SPIRENT Is… Putting Innovation to the Test MOBILITY APPLICATIONS NETWORKS Positioning Mobile packet core and backhaul testing LTE, UMTS & CDMA device and air interface testing 10/40/100G Ethernet, data centers, cloud computing and security testing Ethernet services, video and IPTV,voice and IMS testing GPS, GLONASS, Galileo, Multi-GNSS and Wi-Fi location testing
IPv4 IPv6 For IPv4
Why we need IPv6 Now the Internet is evolving again, to the embedded space. How big will it become? Intel Vice President Doug Davis cites the IDC prediction of 15 billion intelligent, connected devices by the year 2015.¹ ¹ "Gantz, John. "The Embedded Internet: Methodology and Findings." IDC. January 2009."
Total addresses (2^128) = 340,282,366,920,938,000,000,000,000,000,000,000,000 Maximum packet rate for 10GigE = 14,470,000 Number of seconds required = 23,516,404,071,937,700,000,000,000,000,000 ...that's 745,700,281,327,299,000,000,000 years! To put that into perspective, the universe is roughly 15 billion years old (15,000,000,000). A customer just asked me to help him construct a configuration that would send a single ping request to every IPv6 address in the entire IPv6 address space using a10 Gig interface. 15 How long would it take to perform this test using a single 10 GigE port? BTW, it would take around 5 minutes for IPv4.
IS IPv4 NAT a Realistic Alternative ?
NAT444 NAT 4 4 4 RFC 1918 172.16.0.1 RFC 1918 192.168.1.2 IPv4 Public Internet 203.0.113.24 CGN NAT444 LSN Large Scale NAT Carrier Grade NAT
NAT444 • Performance Issues • Gaming • VoIP • Video Streaming ISP Address & CPE Must be managed Legal Intercept IPv4 RFC 1918 172.16.0.1 RFC 1918 172.16.0.6 RFC 1918 192.168.1.2 LSN Public Internet 203.0.113.24 Loss of Geolocation http://tools.ietf.org/id/draft-donley-nat444-impacts-01.html Where are the bad guys?
Dual Stack Lite (DS-Lite) Provides IPv4 access Over ipv6
Dual Stack Lite (DS-Lite) (IPv4 Access over IPv6) 198.51.100.1 192.0.2.1 10.0.0.1 IPv4 IPv6 10.0.0.2 2001:DB8:0:2::1 172.16.0.1 2001:DB8:0:1::1 172.16.0.2
Basic Bridging Broad Band element (B4) 2001:DB8:0:1::1 10.0.0.2 172.16.0.2
Address Family Transition Router element (AFTR) AFTR NAT + DHCP 2001:DB8:0:1::1 2001:DB8:0:2::1 172.16.0.1 172.16.0.2 192.0.2.1 10.0.0.2 CPE CPE CPE NAT + DHCP NAT + DHCP 2001:DB8:0:1::2 2001:DB8:0:2::1 172.16.0.1 172.16.0.3 192.0.2.1 192.0.2.1 2001:DB8:0:1::1 NAT + DHCP 2001:DB8:0:1::3 2001:DB8:0:2::1 172.16.0.2 172.16.0.1 172.16.0.4 2001:DB8:0:2::1 172.16.0.1
Datagram Mapping (NAT) Datagram Header Contents IPv4 Datagram 1 IPv4 Dst 198.51.100.1 TCP Dst Port 80 IPv4 Src 10.0.0.1 TCP Src Port 10000 IPv6 Datagram 2 IPv6 Dst 2001:DB8:0:2::1 IPv6 Src 2001:DB8:0:1::1 IPv4 Dst 198.51.100.1 TCP Dst Port 80 IPv4 Src 172.16.0.2 TCP Src Port 10000 IPv4 Datagram 3 IPv4 Dst 198.51.100.1 TCP Dst Port 80 IPv4 Src 192 .0.2.1 TCP Src Port 5000 IPv4 IPv6 Outbound 198.51.100.1 192.0.2.1 10.0.0.1 10.0.0.2 2001:DB8:0:2::1 172.16.0.1 2001:DB8:0:1::1 172.16.0.2
Datagram Mapping (NAT) Datagram Header Contents IPv4 Datagram 1 IPv4 Dst 192.0.2.1 TCP Dst Port 5000 IPv4 Src 198.51.100.1 TCP Src Port 80 IPv6 Datagram 2 IPv6 Dst 2001:DB8:0:1::1 IPv6 Src 2001:DB8:0:2::1 IPv4 Dst 172.16.0.2 TCP Dst Port 10000 IPv4 Src 198.51.100.1 TCP Src Port 80 IPv4 Datagram 3 IPv4 Dst 10.0.0.1 TCP Dst Port 10000 IPv4 Src 198 .51.100.1 TCP Src Port 80 IPv4 IPv6 Inbound 198.51.100.1 192.0.2.1 10.0.0.1 10.0.0.2 2001:DB8:0:2::1 172.16.0.1 2001:DB8:0:1::1 172.16.0.2
How to provide Ipv6 Using Ipv4 IPv6 Rapid Deployment 6rd
Case study for IPv6 Rapid Deployment IPv6 Deployment Timeline • Founded in 1999 • One of the Worlds largest IPv6 residential providers • Provides VoIP, IPTV, Internet, Mobile • Four Million Customers (10/2010) 27% of Market • Nov 7, 2007 6rd presented • Nov 9, 2007 Prefix from RIPE • Nov 9, 2007 Beta Code on Freebox running • Dec 11, 2007 Service available to 2M customers • 250K users signed up in first month. • 500K users enabled today (~4M ready for IPv6)
IPv6 Rapid Deployment (6rd) RFC-5969 • 6rd specifies a protocol to deploy IPv6 to sites via a service provider's IPv4 network. • It builds on 6to4 with the key differentiator that it utilizes an SP's own IPv6 • address prefix rather than a well-known prefix (2002::/16) IPv4 IPv6 • 6rd views the IPv4 network as a link layer for IPv6 IPv6
6rd Example ( Customer Edge Example) 6rd Prefix/n bits CE IPv4 add 0-32 bits Subnet ID 0-16 bits Interface ID 64 bits 10.100.100.1 64 64:0100: 2001:DB80::/32 2001:DB80: IPv6 10.100.100.1 IPv6 CE IPv4 address BR IPv4 Address BR IPv4/IPv6 The CE IPv4 address can be configured or from DHCP The CE IPv4 address can be global or private (RFC 1918)
6rd DHCPv4 Option Option_6rd Option-Length IPv4 Mask len 6rd PrefixLen 6rd Prefix (16 Octets) 6rdBRIPv4Address(es) • Option_6rd Value (212). • Option-Length Length of DHCP Option (22 with one BR IPv4 Address). • IPv4MaskLen Number of high order bits that are identical across all CE. • 6rdPrefixLen Length of SP’s 6rd IPv6 Prefix in number of bits. • 6rdBRIPv4Address One or more IPv4 Address of 6rd Border Relay.
NAT64 & DNS64 • Enables IPv6 Clients to access IPv4 only hosts • New/Existing ISPs can provide IPv6 access only
NAT64 & DNS64 DNS AAAA Response IPv6 64:FF:9B::112.1.2.3 DNS64 Server IPv4 Only Application Server DNS AAAA Query For alan.com alan.com IPv4: 112.1.2.3 Client IPv6 Only Stress Testing NAT64 NAT64 • Uses a special prefix, called Pref64::/n • Well-known prefix: 64:ff9b::/96 IPv6 Excellent article: http://www.networkworld.com/community/blog/testing-nat64-and-dns64
How can Spirent help? • Measure performance of Border Gateways • Testing up to 100Gbps • Measure overall server performance • Application/Security/VoIP/Video • IPSec Testing • Measure performance of IPv6, IPv4 & Dual Stack Routers • Measure performance IPv6/IPv4 Tunnel Transition Devices • IPv6 Protocol conformance testing. • Professional Services
Thank You www.spirent.com YouTube = “alantalkstech” Wiki = http://alantestwiki.pbworks.com/ E-mail = alan.way@spirent.com