1 / 58

Questions

Questions. 如何進行校園 ipv6 規劃 連外網路需與國網中心哪單位連繫 ? 校內部份該如何進行 ?? 網路設備硬體雖已支援,但應用軟體部份 ( 應用程式、資料庫等 ) 是否有注意事項,應用程式需不需要改寫 ???? 校園內 IPv4 與 IPv6 共存方式 IPv6/IPv4 轉換技術 校園 IPv6 的應用 IPv6 使用者位址規劃方式. IPv6 Deployment in Taiwan. Assistant Professor Dr. Quincy Wu solomon@ipv6.club.tw

zan
Télécharger la présentation

Questions

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Questions • 如何進行校園ipv6規劃 • 連外網路需與國網中心哪單位連繫? • 校內部份該如何進行?? • 網路設備硬體雖已支援,但應用軟體部份(應用程式、資料庫等)是否有注意事項,應用程式需不需要改寫???? • 校園內IPv4與IPv6共存方式 • IPv6/IPv4轉換技術 • 校園IPv6的應用 • IPv6使用者位址規劃方式

  2. IPv6 Deployment in Taiwan Assistant Professor Dr. Quincy Wusolomon@ipv6.club.tw Graduate Institute of Communication EngineeringNational Chi Nan University

  3. Outline • Introduction to IPv6 • 國外現況 • 標準組織 • Benefit of IPv6 • 其他國家 • 國內現況 • NICI • 其他 ISP • 骨幹分組 (基礎建設分組)

  4. IPv6 Design Goals • Addressing and Routing • Address Space • Header Format • Minimizing Administrative Workload • Auto-configuration • Multi-media Support • Security • AH/ESP • Mobility • Transition Mechanism

  5. Current IP(v4) Address • www.fcu.edu.tw = 140.134.4.2 • Every node needs a unique IP address to get connected to Internet. • 232 = 4 billion, but there are 6.5 billion people on earth. • 30 years ago, when hundreds of students and teachers were sharing a mainframe computer in university campus, this seems to be sufficient. • When computers become “personal”, it implies that each person may have a computer. 4 billions is obviously insufficient. • In the future, any single person may have multiple devices connected to Internet (PC, PDA, mobile phone, TV, XBOX, etc.) • Fortunately (unfortunately?), only 1 billion of them have access to Internet now.

  6. IPv6 Address • 128-bit long • 2128 = 3.4×1038 665×1021 addresses per m2 of earth surface. • Considering some inefficient usage (e.g. 911 prefix in telephony), it is estimated to support 8×1017 to 2×1033 addresses. • 8×1017 1,564 address perm2.

  7. Text Representation of Addresses • Colon-Hex 2001:e10:6840:20:20f:eaff:fe56:ea22 • Compressed Format: 2001:0b00:0c18:0001:0000:0000:0000:0010 becomes 2001:b00:c18:1::10 • IPv4-compatible: • 0:0:0:0:0:0:163.22.2.1 • or ::163.22.2.1 • 6to4 Address • 2002:8C6E:3C2E::8C6E:3C2E • 140.110.60.46 = 8C6E:3C2E

  8. Multicast Support • Multicast is optional for IPv4. Not all routers support multicast. • All IPv6 hosts and routers are required to support multicast. • There are no broadcast addresses in IPv6, their function being superseded by multicast addresses. • Link-local • Site-local • Global scope

  9. Multicast IPv6 • Special multicast IPv6 address • FF01::1 • Node-local scope all-nodes multicast address • FF02::1 • Link-local scope all-nodes multicast address • FF01::2 • Node-local scope all-routers multicast address • FF02::2 • Link-local scope all-Routers multicast address • FF05::5 • site-local scope all-routers multicast address • Use low-order 32 bits, each group ID maps to a unique Ethernet MAC address(RFC 2373) flags scope 000……000 group ID 11111111 8 4 4 80 32 bits

  10. Example on FreeBSD $ ping6 -c 5 FF02::2%em0 PING6(56=40+8+8 bytes) fe80::20f:eaff:fe4e:6a8c%em0 --> ff02::2%em0 16 bytes from fe80::20d:28ff:fe49:bea0%em0, icmp_seq=0 hlim=64 time=0.715 ms 16 bytes from fe80::20d:65ff:fee9:6c00%em0, icmp_seq=0 hlim=64 time=0.862 ms(DUP!) 16 bytes from fe80::20d:28ff:fe49:bea0%em0, icmp_seq=1 hlim=64 time=0.613 ms 16 bytes from fe80::20d:65ff:fee9:6c00%em0, icmp_seq=1 hlim=64 time=0.860 ms(DUP!) 16 bytes from fe80::20d:28ff:fe49:bea0%em0, icmp_seq=2 hlim=64 time=0.610 ms 16 bytes from fe80::20d:65ff:fee9:6c00%em0, icmp_seq=2 hlim=64 time=0.745 ms(DUP!) 16 bytes from fe80::20d:28ff:fe49:bea0%em0, icmp_seq=3 hlim=64 time=0.730 ms 16 bytes from fe80::20d:65ff:fee9:6c00%em0, icmp_seq=3 hlim=64 time=0.864 ms(DUP!) 16 bytes from fe80::20d:28ff:fe49:bea0%em0, icmp_seq=4 hlim=64 time=0.721 ms --- FF02::2%em0 ping6 statistics --- 5 packets transmitted, 5 packets received, +4 duplicates, 0.0% packet loss round-trip min/avg/max/std-dev = 0.610/0.747/0.864/0.093 ms

  11. Changed Removed IPv4 Header20 Octets+Options : 13 fields, include 3 flag bits 0 bits 4 8 16 24 31 Ver IHL Service Type Total Length Identifier Flags Fragment Offset Time to Live Protocol Header Checksum 32 bit Source Address 32 bit Destination Address Options and Padding

  12. IPv6 Header40 Octets, 8 fields 0 4 12 16 24 31 Version Priority Flow Label Payload Length Next Header Hop Limit 128 bit Source Address 128 bit Destination Address

  13. IPv6 enables efficient routing • Total IPv6 header size is only twice as large. • Most IPv6 extension headers are not examined or processed by intermediate nodes (in contrast with IPv4, where IP options typically cause a major performance loss for the packet at every intermediate router). • Priority and flow label can be used to identify flows even when the payload is encrypted.

  14. Application-level Security Solutions • SSH for TELNET • SSL for WWW • PGP for email The contents may be encrypted, but the traffic flow can still be observed. IPv6 provides Network-level security. IPsec is a mandatory part of IPv6, and is optional for use with IPv4.

  15. IPv6 Auto-Configuration • Stateless (RFC2462) • Host autonomously configures its own Link-Local address • Router solicitation are sent by booting nodes to request RAs for configuring the interfaces. • Stateful • DHCPv6 (RFC 3315) • Renumbering Hosts renumbering is done by modifying the RA to announce the old prefix with a short lifetime and the new prefix. Router renumbering protocol (RFC 2894), to allow domain-interior routers to learn of prefix introduction / withdrawal SUBNET PREFIX + MAC ADDRESS SUBNET PREFIX + MAC ADDRESS RA indicates SUBNET PREFIX SUBNET PREFIX + MAC ADDRESS SUBNET PREFIX + MAC ADDRESS At boot time, an IPv6 host build a Link-Local address, then its global IPv6 address(es) from RA

  16. 3ffe:b00::1 10.1.1.1 Dual Stack Approach & DNS • In a dual stack case, an application that: • Is IPv4 and IPv6-enabled • Asks the DNS for all types of addresses • Chooses one address and, for example, connects to the IPv6 address www.a.com = * ? IPv4 DNS Server IPv6 3ffe:b00::1

  17. IPv6 and IPv4 Network Cisco IOS Dual Stack Configuration • Cisco IOS is IPv6-enable: • If IPv4 and IPv6 are configured on one interface, the router is dual-stacked • Telnet, Ping, Traceroute, SSH, DNS client, TFTP,… router# interface Ethernet0 ip address 140.110.199.1 255.255.255.0 ipv6 address 2001:C58:213:1::/64 eui-64 Dual-Stack Router IPv4: 140.110.199.1 IPv6: 2001:C58:213:1::/64 eui-64

  18. WWW Server & Browser

  19. Summary • IPv6 integrates many built-in features which are optional and sometimes mutually-exclusive in IPv4. • Many routers and operating systems support IPv6 now. • Transition mechanism is crucial to the success of IPv6. • Dual-Stack • Tunneling • Translation

  20. IPv6 in IETF • IPv6 WG (formerly known as IPng WG) is developing IPv6. • IPv6 was standardized as RFC 2460 (in 1998) and many related RFCs. • Joint meeting with 3GPP was held in May 2001 and published an internet draft “Recommendations for IPv6 in 3GPP Standards.” • “Minimum IPv6 Functionality for Cellular Host” is under discussion.

  21. IPv6 in 3GPP • GPRS supports IPv6 transport service optionally. • 3GPP decided to support IPv6 exclusively for IP Multimedia Subsystem (IMS) in June 2000. • IMS is being specified as part of 3GPP Release 5 specification. • Collaboration agreement with IETF in June 2001.

  22. IPv6 Implementation - Host • Apple • Compaq • FreeBSD • Hitachi, Ltd. • HP • IBM • Linux • Microsoft • Mentat • SGI • Sun • etc.

  23. IPv6 Implementation - Router • 3Com • 6Wind • Cisco Systems • Hitachi, Ltd. • NTHU • Nokia • Nortel Networks • Ericsson/Telebit Communications • Juniper Networks http://playground.sun.com/pub/ipng/html/ipng-implementations.html

  24. Japan 100% IPv6 readiness by 2005 • Former Prime Minister of Japan - Yoshiro Mori • Governmental • IPv6 Council • JGN (Japan Gigabit Network) IPv6 • Industrial • IAJapan IPv6 Deployment Committee • JPNIC IPv6 project

  25. NTT-JP

  26. Live E! Project Environmental Information System (http://www.live-e.org/) • Live E! is a consortium that promotes the deployment of new infrastructure • that can generate, collect, process, and share all the “Environmental • Information”, associated with the Earth • As the first step, we picked up "Digital Weather Station“ • Individuals, non-commercial and commercial organization install sensor • nodes, and let the information available from anyone on the Internet. • Larger number of participation leads richer information and for all, and • creates innovative applications and usage of information. • Single information can be used multiple purposes Digital Weather Station Chair : Hiroshi ESAKI (Univ. of Tokyo) Co-Chair : Reiji AIHARA (Hiroshima Univ.) multiple purposes ①Education Materials ②Public Services ③Business applications WIDE Project IPv6 Promotion Council of Japan U18 IPv6 u IRI Ubiteq, Inc. Weathernews, Inc. Uchida Yoko Co., Ltd. ECHELON Japan K.K. Cisco Systems, Inc. DAI-DAN CO., LTD. Net One Systems Co., Ltd. Nippon Telegraph and Telephone East Corporation Willcom Inc. NTT Neomeit Chugoku Corporation Mitsubishi Research Institute, Inc. Cooperation Organization:

  27. Thailand has installed Taiwan has installed New Zealand will install Indonesia has installed

  28. FourSensor Nodes installed in Taiwan

  29. IPv6 Deployment Policy in Korea • Transition Roadmap by Government (23 Feb 2001) Phase I (~2001) Phase II (2002~2005) Phase III (2006~2010) Phase IV (2011~) IPv4 Only IPv4 Ocean IPv4 Island IPv6 Only IPv4/IPv6 Translation Required Experimental IPv6 Network IPv6 Ocean IPv6 Island • Validation • Operation • Promotion • IMT2000 Service • Translation Service Commercial IPv6 Service (wire/wireless) Complete native IPv6

  30. Korean IPv6 Network • Experimental IPv6 Network • 6Bone-KR (since 1998) *www.6bone.ne.kr • Research & Education IPv6 Network • KOREN IPv6 Network (Since 1999)‏ • KREONET2 IPv6 Network (Since 1999)‏ • TEIN IPv6 Network (Since 2001)‏ • 6GN (Gigabit IPv6 Infrastructure) (Since 2004)‏ • IPv6 Internet Exchange • 6NGIX (IPv6 Next Generation Internet Exchange) (Since 2001)‏ • Commercial IPv6 Network & Trials • Pre-Commercial IPv6 networks • KOREAv6 Pilot Project Network (Since 2004)‏

  31. KOREN 6KANet KREONET2 Gigabit IPv6 Infrastructure: 6GN • 11 members • 2 backbones • 1 IX KT TNL KNU CNU 1G/6 1G/6 1G/6 ICU 1G/6 155M/6 1G/6 ETRI 1G/6 1G/6 HYU 1G/6 1G/6 KAIST 2G/6 1G/6 1G/6 2G/6 6NGIX NCA 1G/6 1G/6 1G/6 KISTI 1G/6 1G/6 KMA 1G/6 Phase I Phase II GIST

  32. Multihoming test on 6GN • ET-SHIM6 Testbed 6GN Network Multihomed Sites KOREN KREONET2 ET-SHIM6 – Stream Client ANF organization ETRI site ET-SHIM6 - Stream Sever

  33. CERNETv6

  34. 北京-北大 沈阳 长春 哈尔滨 北京-北邮 北京-北航 大连 郑州 天津 CNGI - 6IX 北京 济南 北京-清华 兰州 合肥 上海-复旦 上海-同济 西安 武汉 重庆 成都 南京 40 GPOS 上海-交大 10GPOS 2.5GPOS 长沙 CNGI - 6IX BE12016 比威 杭州 上海 NE80 华为 NE5000 华为 Juniper T640 广州 厦门 CiscoCRS Hitachi GR4000

  35. Australia • AARNet (Australian Academic and Research Network) core and edge is dual stack since 2003 • Dual stack deployed across Juniper M320 core using OSPF3 and BGP as routing protocols • IPv6 is used within AARNet • www.aarnet.edu.au IPv6 enabled • Infrastructure is IPv6 enabled • IPv6 Multicast is enabled • SSM supported • Currently use a static RP for ASM

  36. AARNet3 National Network

  37. Still work to be done… • DNS about to be implemented • Mail issues – 3rd parties? • Still need to deploy IPv6 measurement • IPv6 monitoring is still in its infancy within our infrastructure • IPv4 Netflow is heavily deployed – IPv6 isn’t at the moment

  38. USA • IPv6 continues to perform well on the Internet2 Network • Transition from Abilene layer3 network to new Internet2 network infrastructure almost complete [done by 30-Sep] • Using same Juniper T640 routers; still running dual-stack IPv4 and IPv6 • The backbone now supports 32 bit ASNs

  39. Monitoring • Monitoring and network test points still being updated for the new network [Should be finished by end Sept.] • We will have at every router node • Latency (owamp) • Throughput (bwctl) [1G, 10G upon request] • On-demand testing (NDT) • All supporting IPv6 • We also have firewall filters installed in the Juniper routers to capture IPv6 utilization (and other specific port counts)

  40. IPv6 Utilization http://vixen.grnoc.iu.edu/jfirewall-viz/index-bits.html

  41. IPv6 Prefix Range Assignment IPv6 Prefix Range Assignment 2001:0000::/29-2001:01F8::/29 IANA 2001:0600::/29-2001:07F8::/29 RIPE NCC 2001:0200::/29-2001:03F8::/29 APNIC 2001:1200::/29-2001:13F8::/29 LACNIC 2001:0400::/29-2001:05F8::/29 ARIN International IPv6 Address Management Initial IPv6 Prefix Allocation for RIRs

  42. IANA IPv6 Allocations to RIRs issued as /23s prior to Oct 2006 http://www.apnic.net/info/reports/index.html

  43. Total IPv6 Allocations from RIRs to LIRs/ISPs Top 10 Countries

  44. APNIC annual allocations

  45. APNIC allocations by economies

  46. IPv6 Prefix Allocation in Taiwan • 2001:238::/32 - HiNet • 2001:288::/32 - TANet • 2001:C08::/32 - ASNet • 2001:C50::/32 - TTN • 2001:C58::/32 - 6REN • 2001:CA0::/32 - CHT TL • 2001:CD8::/32 - SeedNet • 2001:D20::/32 - TFN • 2001:D40::/32 - TW NTT • 2001:E10::/32 - TWAREN • 2001:ED8::/32 - ITRI • 2001:F18::/32 - NCTU

  47. Status of 256 /8s IPv4 Addresses IP addressing in China and the myth of address shortage http://www.apnic.net/news/hot-topics/index.html#ip-addressing

  48. Major IPv6 Players in Taiwan • MOECC(Ministry of Education Computing Center) • CHT(Chunghwa Telecom) • ASCC (Academia Sinica Computing Center) • TWAREN/NCHC (National Center for High-Performance Computing) • TWNIC(Taiwan Network Information Center)

  49. TANet, MOECC(Taiwan Academic Network) • 100% connectivity penetration rate to the domestic schools (all level) and universities • 5 million Internet user base • Obtained IPv6 2001:288::/32 sub-TLA • Plan to implement native IPv6 nation-wide

More Related