Embed Size (px)
Citation preview
H3C IPv6 Solution & Technology
What’s the challenge in IP world
IPv6 Technology Overview
IPv6 Trend
H3C Strategy
H3C IPv6 Deployment Plan
H3C Product & Technology
www.h3c.com 3
What happens to Internet today ?
• Rapid growth of Internet access worldwide– Increase of Internet users in the world– 3G cellular phone widely used– Increasing popularity of IP phones, PDA, Laptops, PCs and
other digital appliances
• New Internet application model requires more end to end communication.
User UserNetwork service enhances content management and user control Large quantities of contents
on the user computers
More contents More users
Higher bandwidth
www.h3c.com 4
Challenge : IT development requires change.
The Purpose of Change
àTo eliminate the bottleneck of the development
àTo utilize the resources more efficiently
Old system is in chaos The new structure and technology is needed
Application server farm
www.h3c.com 5
What’s the challenge in IP world?
• IP address depletion (2010à 2015)– 232 = 4.3B is not big enough to cover all IT equipments in real world– NAT cannot meet all requirements of the Internet– Internet routing tables are becoming larger and difficult to manage– Person to Person, Person to Object à Object to Object
• QoS– QoS cannot be guaranteed through Internet at this time
• Mobility and Security– Ipv4 can’t support continuous service in mobile environment.– IPSec, L2TP is just optional items for secure communication
www.h3c.com 6
Requirements for New address solution
Insufficient IPv4addresses
Poor supportin mobility
Addresscrisis
Failure inimplementing theE2E service mode
QoS andPerformance
defect
Securityissues
Routing tableexpansion
Complexconfig
• Requirements for new address solution:– Provide enough IP addresses
– Easily to be deployed; facilitate smooth migration; compatible with current applications
– More Security, Mobility ……
What’s the challenge in IP world
IPv6 Technology Overview
IPv6 Trend
H3C Strategy
H3C IPv6 Depolyment Plan
H3C Product & Technology
www.h3c.com 8
What is the IPv6 ?
• IPv6 leaps from 32 to 128-bit addressing– 2128 = 3.4 X 1038 (Practically Unlimited)
– Alleviate address depletion concerns forever
• In development since 1993, the majority of specification now finalized– Core addressing, routing specs mature and stable
• Standardized by the IETF through a variety of working groups– Initially described in RFC 2460
– Architecture defined in RFC 3513
www.h3c.com 9
Differences between IPv4 and IPv6
Auto-configurationManual / Partial autoConfiguration
Built-in IPSecOptional and limitedSecurity
Traffic Class, Flow LabelToS, Diff-Serv (but, not used)QoS
Unicast- global address - local address (site-local, link-local)
MulticastAnycast
UnicastMulticastBroadcast
Type of address
Multi-layer based on CIDRA,B,C,D class / CIDRAddress assignment
Fixed size (40 octet)Variable sizeHeader
2128 = 3.4 X 1038232 = 4.2billion# of address
16 Octet (128bits)
IPv6
4 Octet (32 bits)
IPv4
Address structure
Items
www.h3c.com 10
Differences between IPv4 and IPv6 (cont.)
3ffe:b00:c18:1:0000:3/127203.226.192.5/32Example address
: (colon). (dot)Delimiter
HexadecimalDecimalNumbering
IPv6IPv4
Header
Items
www.h3c.com 11
IPv6 addressing architecture
• IPv6 address format
00100001110110101001000011010011000000000101000000101111001110110000001010101010000000001111111111111110001010001001110001011010
BinaryRepresentations
HexadecimalRepresentations 21DA:00D3:0000:2F3B:02AA:00FF:FE28:9C5A
21DA:D3:0:2F3B:2AA:FF:FE28:9C5A
CompactRepresentations 21DA:D3::2F3B:2AA:FF:FE28:9C5A
www.h3c.com 12
IPv6 addressing architecture (cont.)
• IPv6 address type
BroadcastMulticastAnycast
IPv6
Unicast
IPv4
address
– Unicast addresses are point to point.– Anycast addresses are special cases of multicast addresses that identify
the “nearest” host in the group– Multicast addresses are point-to-many, many-to-many, and many-to-point
addresses. (IPv6 multicast addresses are scoped)– Regarding to broadcast, multicast can be used to broadcast packet in
IPv6
www.h3c.com 13
IPv6 addressing architecture (cont.)
• IPv6 address assignment
Subnet ID Interface IDGlobal Routing PrefixFP
Provider Site Host
3bits 45bits 16bits 64bits
Local address / Multicast address- FF00::/8(1111 1111) for Multicast- FEC0::/10(1111 1110 11) for site-local unicast (ie, 10.0.0.0/8, 172.16.0.0/16, 192.168.0.0/24 in IPv4)- FE80::/10(1111 1110 11) for link-local unicast (ex, neighbor discovery)
unassigned address
Global Unicast Address (2001::/16, IANA)- 2001:0200::/23, 2001:0c00::/23 for Asia (APNIC)- 2001:0400::/23 for America (ARIN)- 2001:0600::/23, 2001:0800 for Europe and Mid East (RIPE NCC)
Special address (unspecified address, local loopback, IPv4 mapped/compatible address)
111
010 ~ 110
001
000
www.h3c.com 14
IPv6 Auto Configuration
• Allows a host to automatically configure its IPv6 interface–Simple setup reducing management overhead
• Uses Neighbor Discovery protocol• Interfaces build own addresses to communicate on link• It guarantee address unique because of interface MAC address
• Provides Network Stateless and Stateful plug-and-play–Link Local Address
• Applicable if no router is present or no DHCPv6–Stateless mechanism
• Host uses Link Local address and multicasts to routers on the network• Router provides all prefix information which has an associated timeframe
–Stateful mechanism - Server provides address (DHCPv6)
• Facilitates renumbering–Greater mobility–No ISP lock-in–Faster and Easier transition/migration
www.h3c.com 15
IPv6 Routing
• Routing under IPv6 is the same as modern IP routing– IPv6 versions of RIP, OSPF, IS-IS and BGP are availableà RIPng, OSPFv3, IS-IS6 and BGPv4+
• RIPng (RFC2080) – Distance-vector, 15 hops, split-horizon, based on RIPv2, uses UDP 521port– RIPng is not backward compatible to RIPv2– Uses the multicast group FF02::9
• OSPFv3 (RFC2740)– Based on OSPFv2, with enhancements– Fundamental OSPF mechanisms and algorithms unchanged– Packet and LSA formats are different
• BGP4+ (RFC2545, RFC2858)– BGP TCP session can be over IPv4 or IPv6– Two BGP attributes defined
• Multiprotocol Reachable NLRI, Multiprotocol Unreachable NLRI
What’s the challenge in IP world
IPv6 Technology Overview
IPv6 Trend
H3C Strategy
H3C IPv6 Depolyment Plan
H3C Product & Technology
www.h3c.com 17
What’s is IPv6 Killer applications
• Long term drivers– NGN,Triple
play(Phone+Broadband+Broadcasting), Remote control, Embedded, Wimax, Home, Grid, IMS, IPTV, Car2Car, Building automation, P2P, RFID, Sensor, Emergency
• Short term drivers– VPN, IPT, 3G, Gaming, Broadband
www.h3c.com 18
Developments in IPv6 deployment : USA
• Government– These are some services in use or are planning to use IPv6
• Electronic voting, Electronic Vehicle IDs• Emergency/disaster management
• Department of Defense– DoD has a plan to change to IPv6 network in 2008
• GIG (Global information Grid)• DISA (Defense Information System Agency)• DoD CIO
– Advantage of IPv6 for DoD• The IPv6 military network helps to greatly raise efficiency• The IPv6 network QoS helps to provide a more intelligent network.
The migration to IPv6 network is a good opportunity for QoS standardization.
• IPv6 enables E2E security
www.h3c.com 19
Developments in IPv6 deployment : Japan
• Various additional service is also delivered with Internet access(Broadband ADSL service + VoIP, Security,…)
– NTT East Japan FLET’S Service servies IPv6 (IPv4 PPP à IPv6 RA)– DION(KDDI) Home network access Service à ADSL Dual-stack services
and set of translator, it also offers security service– IIJ make test environment for IPv6 Dual, Native, Tunneling service, it
give a chance to test compatibility in IPv6
• Government – e-Japan à u-Japan (’06 ~ ’10)– Mobile IPv6 project
www.h3c.com 20
Developments in IPv6 deployment : Europe
• Global IPv6 network in EU– Renater network– SFINX
• 3 PoPs in Paris, 70+ ISPs• IPv6 DNS root service for IPv6
– 6Net for management (35 partners from EU and Korea)– M6bone for IPv6 multicast backbone in Renater
2,5 Gb/s
2,5 Gb/s
2,5 Gb/s
SFINX (GIX)1 Gb/s
Overseas territories
Korea+ Asia
34 Mb/s
FT
InterXion
COLT
Gbit/s
Gbit/s
RenaterRenater
ISPISPISPISPISPISP ISPISPISPISPISPISPISPISPISPISPISPISP
ISPISPISPISPISPISP ISPISPISPISPISPISPISPISPISPISPISPISP
ISPISPISPISPISPISP ISPISPISPISPISPISPISPISPISPISPISPISP
www.h3c.com 21
Developments in IPv6 deployment : China
• Government– CNGI (national IPv6 project) is launched with eight government
ministries and agencies• The budget of 1.4 billion RMB for the CNGI project (2004-2005)
– The purposes of the CNGI project are to build 6 national IPv6 networks• 5 major telecommunications operators and 1 academic network (CERNET)
– IPv6-related critical technologies and applications.– Cooperation with foreign Government (EU, Japan)
www.h3c.com 22
Developments in IPv6 deployment: China (cont.)
• Telco and ISP – They already started their own IPv6 network and service deploying from end
of 2003– China Telecom, China Netcom, China Unicom, China Mobile, China Railcom
• Education– CERNET IPv6 research project started at 2002
www.h3c.com 23
Developments in IPv6 deployment: Korea
• Main driving application for IPv6
– RFID and USN (Ubiquitous Sensor Network )• Information gathering, Information processing, Perfect control and certainty
– u-Society : person to person à person to object à object to object
www.h3c.com 24
Developemnt in Korea IPv6 Networks
• Roadmap for IPv6 service and equipment
What’s the challenge in IP world
IPv6 Technology Overview
IPv6 Trend
H3C Strategy
H3C IPv6 Depolyment Plan
H3C Product & Technology
www.h3c.com 26
H3C IPv6 History
2006.12 Provided end to end IPv6 solution
2003.12 First pilot project in China
2004.04 Released IPv6 business products
2003.8 Released IPv6 business version-Commware
2003.10 First vendor to pass IPv6 test of Ministry of Information Industry (China)
2005.12 Established the CNGI IPv6 backbone network
2004.1 Released IPv6 software for routers
www.h3c.com 27
• Development of key chips: supporting IPv6 forwarding/switching with highperformance
• Accumulation of key IPRs: Transfer technology, high speed forwarding, QoS technology and so on
• Key algorithm/key implementation technology/testing & authentication technology
H3C IPv6 Technology Accumulation
IPv6 Key TechnologyIPv6 Key Technology
Platform PolicyPlatform Policy
• IPv6 features by software upgrading: unified “Commware” software platform• Smooth upgrade to IPv6 can protect customers investments on IPv4 products• Abundant features to support the integration of services
www.h3c.com 28
H3C IPv6 Features Overview
IPv6 UpgradeIPv6 Upgrade
IPv6 StackIPv6 Stack
IPv6 TunnelIPv6 Tunnel
IPv4/v6 Inter IPv4/v6 Inter CommunicationCommunication
IPv6 ACL/QoSIPv6 ACL/QoS
IPv6 MulticastIPv6 Multicast
• Hardware Ready, Software Upgrade• IPv4/v6 Dual Stack, IPv6 over IPv4 Tunnels
• ICMPv6, ND, PMTU, DNS6, Telnet6, Tracert6, etc• RIPng, OSPFv3, IS-IS for IPv6, BGP4+, etc
• Manual Tunnel, GRE Tunnel• Auto Tunnel, 6to4 Tunnel, ISATAP, 6PE
• Static NAT-PT, Dynamic NAT-PT• NAT-PT DNS ALG
• IPv6 Standard & Advanced ACL, Mirroring based on IPv6• Queue Management, Priority, CAR
• MLDv1/v2, MLD Snooping• PIM DMt, PIM-SM, PIM-SSM
What’s the challenge in IP world
IPv6 Technology Overview
IPv6 Trend
H3C Strategy
H3C IPv6 Depolyment Plan
H3C Product & Technology
www.h3c.com 30
IPv6 Deployment Stage
IPv6 island
IPv6 island
IPv6 island
Protocol conversion
IPv4 Internet
IPv6 Internet
IPv4 island
IPv4 island
IPv4 Internet
IPv6 island
IPv6 island
IPv6 Internet
Three phases of IPv6 deployment:l IPv6 leader:
The backbone of Internet is IPv6 and IPv4 islands connect to each other through an IPv4 over IPv6 tunnel.
l Coexistence of IPv6 and IPv4:
The scale of IPv6 applications expands and IPv6 backbone emerges. IPv4 services still exist. The intercommunication between IPv6 and IPv4 needs protocol conversion.
l Early phase:
IPv4 takes the lead and IPv6 islands connect to each other through an IPv6 over IPv4 tunnel .
www.h3c.com 31
H3C IPv6 Deployment Scenario
IPv6 IPv6
IPv6 only infrastructure
IPv4
IPv4 IPv6
IPv6IPv6/v4
Layer-3 infrastructure, Dual Stack migration
IPv6IPv6
6Bone(IPv6)
IPv4IPv4
Tunnel Service provide transparent transport Service
IPv4
IPv6
IPv4 MPLS
6PE
MPLS Backbone
IPv6/v4 Dual Stack
A B
C D
www.h3c.com 32
IPv6 User Access—Dual Stack
IPv4
host
Introduction:All L3 equipment in the premises network is IPv4/IPv6 dual-
stack equipment.
Feature:• From the technology perspective, this is an ideal solution. The
network configuration is not subject to user type. Little overhead, simple management, and clear logical interface between IPv4 and IPv6
• All equipment shall support dual stack, thus needing large investment.
IPv6 host
IPv6/IPv4 application layer
IPv4
TCP/UDP
IPv6
Link layer
Config example:
interface ethernet 0
ipv6 address 3ffe:b00:c18:1::3/127
ip address 202.38.16.1 255.255.0.0
IPv4 IPv6
Dual stack core switch
L3 aggregation
switch
Access switch
Access switch
www.h3c.com 33
IPv6 User Access—TunnelingIntroduction:• The previous L3 equipment complies with IPv4. To comply with IPv6, upgrade the previous core equipment to dual-stack
equipment. • Tunnel type: manual tunnel, GRE tunnel, ISATAP tunnel, 6to4 tunnelFeatures:• Retain previous investment without upgrading and replacing original equipment. There is almost no need to adjust network
topology and routes, but configure the client simply. • The tunnel technology is a transitional technology. Equipment on both sides of a tunnel needs extra system overhead. • Effectively help the IPv4 network to support IPv6 services.
Dual-stack host 2
ISATAP router
IPv6 host
IPv4 networkIPv6
network
ISATAP tunnel
Dual-stackhost 1
ISATAP tunnel
IPv6 host
6to4 tunnel
Dual-stack router
IPv6 network
6to4 trunk IPv6 host
IPv4 network
IPv6 network
IPv6 hostIPv6 network
Dual-stack router
Router A
Router B
Router C
Manual tunnel/GRE
tunnel
www.h3c.com 34
IPv6 Use Access—Transparent Transmission
Dual-stack core switch
IPv6 hostIPv4 host
L3 aggregation
switch
L2 access switch
Introduction:The L3 equipment in the original premise network complies with IPv4. To comply with IPv6, upgrade the original core equipment to dual-stack equipment.
Implementation mode:For a dual-stack terminal, the IPv4 gateway is deployed in the L3 aggregation switch that complies with IPv4. Set the uplink from the VLAN containing IPv6 terminals to the access switch to 802.1q Trunk and include the VLAN in the Trunk. The IPv4 L3 equipment transmits IPv6 packets to the IPv6 router transparently. Set the gateway address of the IPv6 client to the address of the dual-stack core switch. IPv4 packets are forwarded normally, while IPv6 packets are transmitted transparently to the upper-layer switch as broadcast packets inside the VLAN until the dual-stack equipment receive them for global forwarding.
Advantages: • Retain previous investments without upgrading and replacing original equipment. • Avoid the influence between IPv6 traffic and IPv4 traffic.
IPv4 IPv6
What’s the challenge in IP world
IPv6 Technology Overview
IPv6 Trend
H3C Strategy
H3C IPv6 Depolyment Plan
H3C Product & Technology
www.h3c.com 36
Regional Branch/Remote Office/Mobile Office
WAN/MANApplication Intelligent
Integrated Security
Campus LAN CoreHigh PerformanceHigh Availability
UserEnvironment
LAN edgeConverged
Service
Regional Office/Branch oofice
INTERNET
MSR30
Digital Camera
Digital TV
Video Terminal
computer
IP-phone
Note book
SOHO/Mobile Office
S5500MSR50
Data Center
S9512S9508
Secure intelligent mid-low end
switch
10G high-end routing switch
Full service integrated WAN
router-MSR
Trustworthyaccess control
Branch edge router; SOHO/Wireless
H3C Products Portfolio
S3610
S5510
S7506E
IPv6 Ready
IPv6 Ready
IPv6 Ready
MSR30
MSR20IPv6 Ready
S9505 S9508
MSR30S3610
www.h3c.com 37
Consistent User Interface and Management Across all Platforms
Performance and Features
Scal
abili
ty
S7502ES7503E
S7506E
S7510E
S5510 Intelligent Switch
S3610 Switch
S5100 Gigabit Switch
S3100 Enhanced L2 Switch
S9512
S9508
L2 Edge Switches
Edge & AggregationSwitches
Large/Medium Enterprise Backbone Switch
Large Enterprise Core Routing Switch
S9502
S9505
Switch Portfolio
IPv6 Ready
IPv6 Ready
IPv6 Ready
www.h3c.com 39
CERNET2(china education & research network) is a ipv6
backbone connected most of all the universities and academy
institutes in china. H3C provide equipments in 25 POP nodes.
CERNET2
NIX
GEANT
INTERNET2
APAN
INTERNET
HarbinChangchun
Shenyang
Dalian
BeijingTianjin
ZhengzhouJinan
Lanzhou XiAn
Wuhan
HefeiChengdu Chongqing Nanjing Shanghai
Hangzhou
Xiamen
Changsha
Gguangzhou
www.h3c.com 40
S9500
S5510
MSR 50
MSR 30
IPv6IPv4
PC-BPC-A PC-1 PC-2
GE GE
MSR 20
GE
MSR 20 S3610S3610
IPv4 Router
IPv6 Router
Tsinghua Pilot IPv6 network
GE FE FE
GE GEGE
Tsinghua campus network
H3C environment
S5500SI
PC-3
