Professional Documents
Culture Documents
Ipv6 Transition Strategies For Service Providers: Johnson Liu 2011/09/30
Ipv6 Transition Strategies For Service Providers: Johnson Liu 2011/09/30
0%
After completion: Existing IPv4 addresses will not stop working. Current networks will still operate.
3
Copyright 2011 Juniper Networks, Inc. www.juniper.net
Win 95/98/2000/XP, game consoles, consumer electronics, industrial devices) are IPv4-only. Most software & servers in enterprise network are IPv4-only
They will not function in an IPv6-only environment. Few of those can or will upgrade to IPv6.
Current measurement:
0.15% of Alexa top 1-million web sites are available via IPv6
(This number has not changed in the last 12 months) Source: http://ipv6monitor.comcast.net
4
Copyright 2011 Juniper Networks, Inc. www.juniper.net
IPv6 does not solve the immediate problem of IPv4 address exhaust.
Most sites are still accessible only through IPv4
Maintaining IPv4 service after IPv4 exhaustion is #1 priority for most
players. This implies some form or another of IPv4 address sharing: NAT Many transition technologies to choose from Impact on routing and network architecture
www.juniper.net
billion combined visits each day, are joining major content delivery networks Akamai and Limelight Networks, and the Internet Society, for the first global-scale trial of the new Internet Protocol, IPv6.
Juniper Networks will participate in "World IPv6 Day, furthering
its long-standing commitment to ensure its customers continue to be fully prepared for a transparent transition to the new IPv6 protocol to meet their respective market needs. http://ipv6.juniper.net reachable over IPv6 since Jan. 8th Commitment to participate to the IPv6 world day on June 8th with http://www.juniper.net
www.juniper.net
SURVIVING TECHNIQUE
8
Copyright 2011 Juniper Networks, Inc. www.juniper.net
Translators
IPv6 IPv6 IPv4 IPv4
Tunnels
IPv4 IPv6 IPv6 IPv4
IPv4
IPv6
PHY/Data Link
Initially tunnel IPv6 over IPv4. Later tunnel IPv4 over IPv6 Ideal when Core is not v6 ready Requires v6-capable CPEs Technologies: 6to4 6rd
www.juniper.net
Mobile Edge
PE
Business Edge
GGSN
10
www.juniper.net
CORE: DUAL-STACK IT
Prepare the core as a dual-stack infrastructure Interfaces
Implement IPv6 on the Core interfaces
Routing protocols
ISIS
draft-ietf-isis-ipv6-02.txt, Routing IPv6 with IS-IS 2 new TLVs are defined:
- IPv6 Reachability (TLV type 236) - IPv6 Interface Address (TLV type 232)
OSPFv3
11
Unlike IS-IS, entirely new version required RFC 2740 Fundamental OSPF mechanisms and algorithms unchanged Packet and LSA formats are different
Copyright 2011 Juniper Networks, Inc. www.juniper.net
CORE: DUAL-STACK IT
Routing protocols
BGP
MBGP defined in RFC 2283
- BGP TCP session can be over IPv4 or IPv6 - Advertised Next-Hop address must be global or site-local IPv6 address
12
www.juniper.net
CORE: 6PE
6PE: IPv6 islands over MPLS IPv4 core
v6
6PE
P CORE P
6PE
v4
v4
Dual-stack PEs
v6
P
v4
6PE
MPLS/IPv4
6PE
v6
13
www.juniper.net
CORE: 6VPE
6VPE: IPv6 VPNs over MPLS IPv4 core
VPN-1
v6/v4
6VPE
P CORE P
6VPE
v6
VPN-2
VPN-2
v6
Dual-stack PEs
VPN-1
v6/v4
P VPN-2
v6
6VPE
MPLS/IPv4
6VPE
v6/v4
VPN-1
14
www.juniper.net
Internet IPv4
Internet IPv6
BGP
6PE
IP/MPLS VPN IPv4 BGP VPN IPv6 IP/MPLS
IP/MPLS
VPN IPv4 BGP VPN IPv6
6VPE
IP/MPLS
15
IP/MPLS
Copyright 2011 Juniper Networks, Inc. www.juniper.net
IP/MPLS
IPV6 TRANSITION
16
Copyright 2011 Juniper Networks, Inc. www.juniper.net
Momentum
NAT-PT
A+P
IPv6 to IPv4 NAT
NAT64 PCP
17
www.juniper.net
Dual Stack
Customer Access/Aggregation Core Global Public Network
IPV4/ IPv6
IPV4/ IPv6
IPv6
IPv4/ IPv6 IPv6
IPv4
IPv4
IPv4
IPv4
IPv4
18
www.juniper.net
NAT44
Customer IPv4 Access/Aggregation Core IPv4 Global Public Network IPv4
IPv4 IPv4
IPv6
IPv6
IPv6 IPv6
IPv6
IPv4
IPv4
IPv4
CPE NAT44
IPv4
IPv4
NAT444
Customer IPv4 Access/Aggregation Core IPv4 Global Public Network IPv4
IPv4 IPv4
IPv6
IPv6
IPv6 IPv6
IPv6
IPv4
CPE NAT44
IPv4
IPv4
NAT444
draft-shirasaki-nat444-isp-shared-addr-00.txt RFC1918 private address CPE NAPT v4 v4 (*1) In draft-nishitani-cgn-01, CGN (Carrier-Grade NAT) was renamed to LSN (Large Scale NAT) Global IPv4 address CGN/LSN(*1) NAPT v4
Src
Src Dst
Src
Dst
128.0.0.1 port 80
Dst
128.0.0.1 port 80
DS-LITE
Customer IPv4 Access/Aggregation Core
IPv6/IPv4
IPv6 IPv6
IPv6
IPv6
CPE DS-LITE IPv6 Tunnel IPv6 IPv6
IPv6
IPv4
IPv4
IPv4
22
www.juniper.net
DS-LITE
rfc1918 private address CPE DS-lite router v4 v4 v6 IPv4 in IPv6 Tunnel
(*1) In draft-nishitani-cgn-01, CGN (Carrier-Grade NAT) was renamed to LSN (Large Scale NAT) Global IPv4 address CGN/LSN(*1) Tunnel Termination NAPT v4
Src Dst
Src Dst
2001:0:0:2::1 2001:0:0:1::1
Src Dst
23
www.juniper.net
TOPOLOGY NAT64
Customer IPv6 Access/Aggregation Core
IPv6/IPv4
IPv6 IPv6
DNS64
IPv6
IPv6
IPv6 IPv6 NAT64 CGN IPv4 IPv4
IPv6
IPv4
IPv4
IPv4
24
www.juniper.net
Protocol Translation
NAT64
DNS
H1v4
www.yahoo.net 209.131.36.158
3. Send traffic to to the server 5. Destination Address NAT64 (SA:H1v6, DA:Prefix64::209.131.36.158) translated to IPv6 by removing H1v6 the well-known prefix64 (SA:H1v4, DA:209.131.36.158) 4. IPv4 NAT pool and Prefix64::/96 configured
25
www.juniper.net
6RD
Customer IPv6 Access/Aggregation Core IPv4/IPv6 Global Public Network IPv6
IPv4 IPv4
IPv6
IPv6
IPv6 IPv6 6rd CPE 6rd IPv4 IPv4
IPv6
IPv4
IPv4
IPv4
26
www.juniper.net
Tunneling
6rd
draft-despres-6rd-03.txt draft-townsley-ipv6-6rd-01.txt
IPv6
6rd CE
IPv6
v6
v6 v4
v6
Src Dst
2001:db8:6464:0100::1 2001:db8::yyyy.yyyy
Src Dst
10.100.100.1
Src Dst
2001:db8:6464:0100::1 2001:db8::yyyy.yyyy
192.88.99.1
Src Dst
2001:db8:6464:0100::1 2001:db8::yyyy.yyyy
27
www.juniper.net
IPv4
IPv4 IPv6
IPv4
IPv4
IPv4/IPv6
IPv6 in IPv4 Tunnel
IPv6
IPv6
IPv6 Routing
IPv6
IPv6/IPv4
IPv6
IPv6
NAT64 CGN
DS-LITE CGN
28
www.juniper.net
As a consequence:
ISP does not see the urge to move to IPv6 right now. Wait until technology mature Synchronize IPv6 deployment with roll-out of next gen service
30
Copyright 2011 Juniper Networks, Inc. www.juniper.net
Strategy:
- Legacy World: Carrier Grade NAT (CGN) & 6rd - New World: Public IPv4 & native IPv6(Dual Stack)
offload the cost of replacing CPEs in the old technology to the end-users who want to be early adopters of IPv6
31
Copyright 2011 Juniper Networks, Inc. www.juniper.net
IPv4 is a service overlayed on top of IPv6 with DS-Lite (with or without a Carrier-Grade NAT)
Enabling customers to run their applications expecting incoming connections (Eg: Set-Top box control, P2P):
PCP (Port Control Protocol) to open-up pin-holes on CGN
Two licenses: 1 for IPv4 PDP + 1 for IPv6 PDP 1 for IPv4/IPv6 PDP/bearer
Preferred
Going IPv6-only + NAT64 works ONLY if all applications are converted to IPv6 and there is no connectivity to external devices such as PCs.
Dual-Stack remains the preferred/simplest general solution.
33
Copyright 2011 Juniper Networks, Inc. www.juniper.net
Reduce drastically (to just a few?) the number of IPv4 addresses allocated to business customers. NAT is performed by the business CPEs.
34
www.juniper.net
ISP is incumbent is a region/country and want to expand internationally. Need to offer IPv6 quickly.
ISP will have to migrate to native IPv6 at some point in the future.
35
www.juniper.net
All transition techniques (NAT444, 6RD, NAT64, DS-Lite) revolve around the notion of sharing IPv4 addresses via some form of NAT.
They all require the exact same amount of IPv4 addresses to be shared in a NAT pool.
The difference is how packets are transported to the NAT
36
www.juniper.net
ISP network
GGSN NAT64 IPv4
DNS64
IPv6
38
www.juniper.net
ISP network
GGSN Dual-Stack PDP context IPv6 NAT44 IPv4
IPv6-only (NAT64)
No No
Yes Yes
Yes Two licenses: 1 for IPv4 PDP + 1 for IPv6 PDP 1 for IPv4/IPv6 PDP
No No
Variable 1 for IPv6 PDP 1 for IPv6 PDP
40
www.juniper.net
JUNIPERS OFFERING
41
Copyright 2011 Juniper Networks, Inc. www.juniper.net
C4000
STRM5000 NEBS
SRX3400
MS-PIC
STRM2500, STRM5000 Steel-Belted Radius Appliance SRX3600, SRX3000 Line
log Server
Policy Management
6rd
NAT44
NAT64
DS-Lite
M7i
Junos SDK
SRX Series, SRX5800
Security Appliance
IPv6 NAT and IPv6 Stateful Firewall NAT-PT Supported (ICMP ALG) NAT-PT DNS ALG (10.4) NAT66 supported NAT64 (10.4)
NAT44
Support CGN requirement
(draft-ietf-behave-lsn-requirements-00)
IPv6 Softwire
DS-Lite (10.4) 4over6 (10.4) 6rd/6to4 (11.1)
43
Copyright 2011 Juniper Networks, Inc. www.juniper.net
Summary
44
www.juniper.net