ESnet Site Coordinators Committee (ESCC):

IPv6 Activities & Directions

Phil DeMar (ESCC Chair)

demar@fnal.gov

HEPix IPv6 Workshop (CERN)

June 22, 2011

1

Background (I): ESnet

US Dept of Energy (DOE) network for its research facilities (Labs) & scientists: ~40 backbone sites: Peering with >100 networks Advanced technology facility:

• N (x) 10Gb/s today• 100Gb/s backbone by end-of-year

2

ESnet IPv6 support: Early deployment of IPv6 thru 6-Bone (2002) Native IPv6 service since 2006 IPv6 support for www.es.net since 2008

Their mail gateway & DNS server support IPv6 as well…

Background (II): ESnet Site Coordinators Committee (ESCC)

Committee of US National Labs network managers/staff Interactions with ESnet Manager & staff Interactions with US DOE Programs & other users of ESnet facilities Information exchange on common LAB networking issues

Twice-a-year ESCC meetings: Collaboration with Internet2 community on JointTechs conferences

Coordinated effort on significant common network tasks DNS sec (produced deployment guidance white paper) IPv6 implementation

3

US Federal Government IPv6 Directive

Office of Management & Budget memorandum: Upgrade external/public-facing servers & services (eg. Web, email,

DNS, ISP services, etc.) to use native IPv6 by the end of FY2012

Upgrade internal client applications that communicate with public Internet servers to use native IPv6 by the end of FY2014

Intent: If USG-provided network service is currently available to all users of the public Internet, that service must be available to a user who only has IPv6 capabilities.

Note: Not a transition plan for all USG systems to IPv6 Focus is on public internet services, offered and consumed

But expectation is wider-scale deployment will naturally follow…

4

US National Labs IPv6 Requirements & Demands Labs not pressed for IP address space

Modest-sized IPv4 address blocks (CIDR) still available from ESnet

Labs open science requirements: Global in scope, with large international collaborations Currently, no collaboration demands for IPv6 But requirements for IPv6 support expected in “near” future

- Individual IPv6-only collaborators- Distributing computing systems for new experiments

Labs perceived to be on leading edge of technology Creates some incentive to support IPv6 early

But resource limitations & priorities limit IPv6 effort

5

ESCC IPv6 Planning Directions

6

Focus on 2012 milestones But keep 2014 milestones in mind…

Concisely define scope of 2012 milestones for Labs Lab interpretation of “public-facing” = intended for general public Explicitly identify what services we’ll work on

• Public web servers, site email gateway, DNS

Form ESCC IPv6 task force(s)

Non-goal: common detailed implementation plan Each Lab will have different requirements & priorities

ESCC IPv6 Task Forces (I)

7

Task Force(s) characteristics (generic): Specific objective; tied to 2012 milestone Short term deliverable (3-4 months…) Low/modest effort 3-5 people

Positive aspects: Gets Labs out in front on DOE IPv6 transition planning Engages wider spectrum of Lab community Tangible deliverables (presumably…) useful for individual sites

Negative aspects: Effort needed Obligation to produce

ESCC IPv6 Task Forces (II)

8

1. IPv6 Planning Process TF Who needs to be engaged at sites High-level roadmap to get there

2. IPv6 Technical Implementation Checklist TF Identify basic network-level issues w/ recommendations

3. IPv6 Implications for Security Infrastructure TF Identify spectrum of security tool issues & problems

Requested a lab security monitoring work group do this…

IPv6 Planning: Strategic view

What you see shouldn’t sink your ship

What you don’t see might…

Preliminary Site IPv6 Planning Checklist

11

Objective: Develop structured checklist as a planning template

Basic structure: Ordered set of steps to follow in planning

Drafted from a 2012 deliverables perspective

Guidance and/or recommendations on each step

Site IPv6 planning checklist (II)

12

Establish initial IPv6 impact assessment group

Scope spectrum of site effort w/ cost guesstimate

Management buy-in process

Key technical decisions of a strategic nature

Test / development environment

Draft target (2012) deployment

Lay out roadmap(s) to achieve target deployment

Implementation planning guidance Documentation & training

Site IPv6 technical checklist (preliminary…)

13

Strategy: Organize IPv6 implementation guidance & recommendations into distinct “modules”: A structure for developing tutorials & checklists Allows a tighter focus on target audience

Basic structure within each module: Identify specific issues or areas of concern Differentiate between 2012 & 2014 implications Provide guidance and/or recommendations

Slide tutorial being developed for each module

Site IPv6 technical modules (I)

14

Addressing checklist Address block selection & acquisition Subnet allocation model Address configuration model (static & stateful/stateless autoconfig) Use of site/local addresses (ULAs) Site multi-homing considerations

Routing checklist: Selection/configuration of routing protocols WAN connectivity / peering issues Neighbor discovery & Stateless Autoconfig (SLACC) IPv6 tunneling considerations NAT issues

Site IPv6 technical modules (II)

15

Host IPv6 Address Management (IPAM)

Domain Name Service (DNS) issues

Computer Security (Inter-Lab network security monitoring group)

Guidance on IPv6 implementation for public services

IPv6 performance issues & considerations

Test / Development Environment(s)

IPv6 network management & monitoring IPv6 service monitoring as well

Host IPv6 considerations

ESCC Task Force(s) Near Term Focus

16

First draft of IPv6 “guidance” document(s) by next meeting High-level With references to existing documentation & deployment guidelines Living document, with iterative revisions over time

Capitalize on each other’s efforts: Develop a common lessons-learned environment Make use of each other’s IPv6 documentation Share or even coordinate in IPv6 tools development

Questions

?17