IPv 6 Swisscom Martin Gysi 9 5 2011
- Slides: 14
IPv 6 @ Swisscom Martin Gysi, 9. 5. 2011 Senior Network Development Engineer, Swisscom Public
The question „will IPv 6 ever by widely deployed? “ is no longer open. The answer is a clear „yes“. • Google, Facebook are accessible using IPv 6 • Free. fr has 500‘ 000 IPv 6 -enabled customers (which makes it the largest IPv 6 ISP in the world) • Most major Telcos have stated that they are now starting to deploy real IPv 6 services. Most will do so in 2011/2012 • And yes, IPv 4 addresses will become scarce real soon… But that’s another story… 2
The driver for IPv 6 is the lack of IPv 4 addresses. But IPv 6 does not solve the IPv 4 address shortage problem • IPv 6 is not compatible to IPv 4. So IPv 4 must continue to be operated • IPv 4 addresses can be saved by using them more efficiently, or by deploying NAT inside the carrier‘s network (NAT 44, CGN). Drives complexity and costs short term fix. • IPv 6 is not the short term solution. But in the long run it‘s the only way to continue the Internet as we know it today. IPv 4 address depletion Short term fix: NAT 44 deployment Medium term strategy: IPv 6 migration Action plan: End-to-end IPv 6 deployment • IPv 6 does not replace IPv 4, it‘s added in parallel to it „Dual Stack“ 3
Our IPv 6 policy: We enable our customers to access the IPv 6 Internet, and we offer our services to the IPv 6 Internet • External communication (aka Internet) will need IPv 6 first. Gartner recommends that enterprises establish an IPv 6 Internet presence no longer than 2014. • Internal networks and services can remain IPv 4 on the longer term • Swisscom is currently analyzing all its services, to identify the steps required for introducing IPv 6, and is working out a detailed roll-out plan – Entire IT tool chain: order entry, service fulfillment and assurance, billing – Network elements (routers, firewalls, load-balancers…) and platforms – Regulatory aspects, such as lawful intercept – Security, both from Swisscom’s and our customer’s point of view – Product integration (part of the standard offering or option, …) – Customer experience – Impact on operations, training of staff 4
So, what are we doing right now? IPv 6 @ Swisscom • IP-plus backbone is fully dual-stack, IP-plus business Internet access is available with native IPv 6. • IPv 6 in our mobile network. Works in the lab, are now expanding from there into the IT systems (RADIUS, User Databases (HLR), Mobile Proxy, Billing, etc. ) and into the radio access network. – The few handsets that support IPv 6 cannot operate Dual Stack. IPv 6 only is not interesting for most people – LTE Rel. 8 / 3 G Rel. 9 defines a Dual Stack PDP context. – Newest chipsets support PDPv 4 v 6, so the handset situation will improve. • More labs for broadband access and datacenter environments. Gives those engineers and sysadmins something to learn from! • We’ll launch IPv 6 for residential Internet access this year 5
What is required for an IPv 6 Internet Access Service? Complex infrastructure is barrier to cost-efficient IPv 6 deployment. Legacy infrastructure cannot be upgraded easily. End-to-end overview of Swisscom‘s Internet Access Service network 6
Using 6 RD, IPv 6 Internet access is an incremental upgrade. Production-quality IPv 6 Internet access at a fraction of the costs • No complex upgrade of infrastructure, leverage IPv 4 network to provide IPv 6 access. Simply. . . 6 RD Border Relay Lausanne – Add IPv 6 and 6 RD support to customer modems – Add 6 RD Border Relays to dual-stack portion of network 6 RD CE router native IPv 6 home network IPv 4 access network Home network (dual stack) Swisscom Internet Access Service network (IPv 4 only) IPv 6 Internet 6 RD Border Relay Zürich Internet peering (dual stack) 7
6 RD is a Stateless Tunnel Technology, Embedding the CE’s IPv 4 Address into the IPv 6 Prefix. IPv 6 Rapid Deployment on IPv 4 Infrastructures (RFC 5969) Network topology IPv 4 network native IPv 6 network IPv 6 address format for 6 RD native IPv 6 network 6 RD CE router 6 RD Border Relay send to preconfigured BR address send to embedded CE address IPv 6 prefix is calculated from the IPv 4 address 2 A 02: 1200 0 6 RD prefix 85. 5. 7. 171 Subnet ID 60 28 Interface ID 64 subscriber subnetting up to 32 bits of subscriber’s IPv 4 address IPv 4 header & encapsulated IPv 6 packet (downstream) 8 IPv 4 Header IPv 6 Header IPv 4 dest 85. 5. 7. 171 copy IPv 6 Payload
6 RD Border Relay Implementation Details 9 • Cisco ASR 1002 -ESP 10 scales up to 10 Gb/s per box (tested) • Using anycast IPv 4 address, geographically distributed scale by adding more boxes • Topology: “Router on a stick“ No danger of black hole routing, as IPv 4 and IPv 6 interface status is inherently coupled. Router on a stick Separate IPv 4 and IPv 6 interface 6 RD Border Relay IPv 4 + IPv 6 6 RD Border Relay OSPFv 3 OSPFv 2 IPv 4 IPv 6 Dual stack core router Link failure propagated on both IGPs IPv 4 Link failure noticed in IPv 4 IGP (or vice versa) IPv 6
6 RD CPE Routers Implementation Details • Vendors: Motorola, ADB Broadband (formerly Pirelli Broadband) • 6 RD parameters configured using TR-069 – Swisscom 6 RD prefix and length (2 a 02: 1200: : /28) – IPv 4 bits suffix length (all 32 bits) – 6 rd Border Relay anycast IPv 4 address – Swisscom DNS servers – IPv 6 flag (enable/disable) • IPv 6 must be enabled by customer on “customer centre” website (no other changes to IT/OSS tools) • Third-party modems (AVM Fritz Box and others) work, but need manual configuration 10
Implementation details IT aspects 11 IT Systems DNS • Display IPv 6 check box on “customer centre” website if router supports IPv 6, store IPv 6 status in customer database • Display IPv 6 status to customer support, enable them to change status • Implement new TR 069 parameters for 6 RD • No other changes! No address management, no provisioning, etc! • Separate DNS (Google white-listed) that can stop handing out AAAA records if problems with IPv 6 should occur • 6 rd. swisscom. com
First deployment experiences: expect to find problems with turning on IPv 6 • 2011 – the year of the MTU? Make sure Path MTU Discovery works! • 7600 with 6748 LAN card and IOS 12. 2(22)SXF 10: sets IPv 6 MTU to 1486 Bytes (no matter what is configured) • Motorola CPE (Beta version) does not do PTMUD at all… • ASR-1 k: ICMP Packet Too Big messages use final destination’s address as source address (not local address) • 7600 with 12. 2(33)SRE 3: Buffer leak when IPv 6 is enabled. Requires periodic reboot of the box. 12
Swisscom will launch IPv 6 for residential customers in 2011, using 6 rd technology. • 6 RD changes the IPv 6 “business case” from complex & expensive to simple & cheap. There’s no excuse for not deploying IPv 6 now! • 6 RD is simple, reliable, scalable technology – Fast prototyping thanks to Linux implementation – Vendors engineering/beta implementations quickly available, yet (inter-) worked flawlessly – Tested and proven scalability • Large-scale pilot to be started in July 2011. – If you are a Swisscom customer and – have a “Centro” series router, then – apply at swisscom. ipv 6@swisscom. com – Check out the “sneak preview” at http: //labs. swisscom. com 13
14
