Parallel session: IPv6

Parallel session I: IPv6

Chair: Tim Chown

Please switch your mobile phones to silent

19:30

No fire alarms scheduled. In the event of an alarm, please follow directions of NCC staff

Dinner (now full)Entrance via Goldsmith Street

16:30 - 17:30

Birds of a feather sessions

15:20 - 16:00

Lightning talks

Imperial College IPv6 deployment

Phil Mayers, Imperial College London

jisc.ac.uk

Phil Mayers,Imperial College London

http://www.jisc.ac.uk/

IPv6 deployment around the world

Mat Ford, ISOC

Internet Society © 1992–2016

World IPv6 Launch and beyondIPv6 Deployment Around the World

Mat FordTechnology Program [email protected]

12th April 2017

Presentation title – Client name 38

Founded in 1992 by pioneers of the early Internet, the Internet Society drives

technologies that keep it open and safe. We promote policies that empower people to

enable universal access for all.

We stand for a better Internet.

2

The Internet Society at Work

40

Provides leadership in policy issues

Advocates open Internet

standards

Promotes Internet

technologies that matter

Develops Internet

infrastructure

Undertakes outreach that changes lives

Recognizes industry leaders

Our Priorities

TrustWithout trust, the Internet cannot deliver its potential benefit to the entire world. Users must view the Internet as a safe

and reliable means to communicate, and be willing to use

online services for commerce, government, andsocial interaction.

AccessWe believe Internet access is a key

enabler for economic, social, and human development. But only half the world is

connected and the rate of Internet access growth is decreasing. Issues such as trust in the Internet have joined cost and availability as barriers to access.

41

Restoring trust and connecting the unconnected are key to realizing an Internet of opportunity for everyone.

Global Presence

42

Our global community of members and Chapters span over 230 countries, territories, and areas of geographic interest world-wide.

NORTH AMERICA

LATIN AMERICA/CARIBBEAN

EUROPE

AFRICA

MIDDLE EASTASIA

IETF

43

The Internet Engineering Task Force (IETF) is the premiere Internet standards organization.The mission of the IETF is to make the Internet work better by producing high quality, relevant technical documents that influence the way people design, use, and manage the Internet.The Internet Society is the organizational home of the IETF.

Membership is Vital

+90,000 people working for an Internet that brings opportunity, hope and human developmentOur members come together from every continent and walk of life to support our mission and the hope of a better future.Members benefit from:• Open, collaborative discussions• Special events and consultations • Learning and personal development• Information about issues they care

about• Networking and interacting with peers

8

© 2016 Nyani Quarmyne / Internet Society CC BY-NC-SA

Our Partners

45

The Internet Society cannot achieve its goals alone.Because the Internet impacts all of us, we work with partners of all shapes and sizes to address the wide range of social, economic, and policy issues. Our partners include:• International bodies and assemblies• Local non-governmental organizations• Technical experts and engineers • University and academic institutions • Local and global businesses • Rural or urban students and teachers

IPv6 Deployment

IPv6 Deployment Around the World – Networkshop45 46

IPv6 Deployment Around the World• Web content• Network operators from the outside• Network operators from the inside• Per country and global perspectives• DNS• Comparative performance• Predicting the future• Focus on Janet


Measuring IPv6Measuring Web content


Measuring IPv6 adoption. By: Jakub Czyz, Mark Allman, Jing Zhang, Scott Iekel-Johnson, Eric Osterweil, Michael Bailey. Appears in: CCR August 2014.

Measuring IPv6Measuring Web content


Measuring IPv6Measuring network operators from the outside – Akamai








Measuring IPv6Measuring network operators from the outside – APNIC


Measuring IPv6Measuring network operators from the outside – World IPv6 Launch


Measuring IPv6Measuring network operators from the outside – World IPv6 Launch


Measuring IPv6

• Martin Gysi of Swisscom wrote for us in 2014• At that time, 35% of subscribers were IPv6-capable• 8.5% of peak traffic was IPv6

• Presentation on IPv6 deployment at Swisscom in mid-2015• 67% of subs dual-stacked• >20% of traffic was IPv6• 31% of IPv6 user’s traffic was IPv6 (mostly Google)

• Sky: (Oct 2016) 25%-35% of dual-stack subscriber traffic is IPv6• EE: 50%+ of dual-stack mobile subscriber traffic is IPv6

Measuring network operators from the inside


Measuring IPv6Measuring countries – Google


Measuring IPv6Measuring countries – Google


Measuring IPv6Measuring countries – Akamai


Measuring IPv6Measuring countries – Akamai


Measuring IPv6Measuring countries – APNIC


Global IPv6 deployment, as measured by the relative capability to use IPv6

Measuring IPv6Measuring countries – APNIC


Use of IPv6 worldwidehttp://stats.labs.apnic.net/ipv6/XA

Measuring IPv6Measuring countries – methodologies compared


Measuring IPv6

• Around one third of the Internet’s user population invoke DNS resolvers that are capable of using IPv6 to resolve a DNS name

• Half of those users are invoking Google, AT&T and Comcast• “The DNS is well on the path of transition and perhaps further along this path

than all the other elements of the Internet’s infrastructure.” (https://labs.ripe.net/Members/gih/ipv6-and-the-dns)

• As of October 2016, all DNS root servers are IPv6-enabled

Measuring the DNS


Geoff Huston, APNIC

https://labs.ripe.net/Members/gih/ipv6-and-the-dns

Measuring IPv6Measuring the DNS – h.root-servers.net


Measuring IPv6

• Facebook have described controlled A/B tests that show IPv6 to be 15% faster on average for devices on mobile networks in the US, with some devices showing even better results.

• Measurements using Akamai’s RUM system have also shown measurable performance improvements for IPv6 connections from US mobile networks.

• At the last UK IPv6 Council meeting, Sky presented measurements that show on average a slight performance benefit for IPv6 over IPv4.

Measuring performance


https://blogs.akamai.com/2016/10/ipv6-at-edge-2016.html

Measuring IPv6Projecting the future – when will IPv6 overtake IPv4?


Scott Hogg, Infoblox

Martin Gysi, Swisscom

Measuring IPv6Another vantage point – AMS-IX


JanetWorld IPv6 Launch Measurements


Janet


APNIC’s view

JanetAkamai’s view


Janet


IPv6 in UK Higher Education


https://www.vyncke.org/ipv6status/detailed.php?country=gb&type=Edu

Checking individual institutionsreading.ac.uk

IPv6 Deployment Around the World – Networkshop45 75https://ip6.nl/#!reading.ac.uk

www.mythic-beasts.com/ipv6/health-check?domain=reading.ac.uk

Measuring IPv6

• IPv6 is real, deployments not everywhere, but in a lot of networks and countries now

• IPv6 DNS is very real• Centralisation of hosting/DNS is helping speed up deployment in some cases• Web content is growing slowly -> needs to be much more pervasive• When deployments happen, they can happen fast• IPv6 is dominant protocol in some cases• IPv6 is faster in some cases• Interconnection and/or deployment quality is problematic in some cases• Different vantage points and methodologies yield different results• IPv6 will be dominant protocol for many (more) operators in 2 – 3 years• Lots of work still to do for many UK higher ed institutions

Conclusions


Sources

World IPv6 Launch: http://www.worldipv6launch.org/measurements/

Akamai: https://www.akamai.com/uk/en/our-thinking/state-of-the-internet-report/state-of-the-internet-ipv6-adoption-visualization.js

p

APNIC: http://stats.labs.apnic.net/ipv6/ + http://stats.labs.apnic.net/v6perf

Google: https://www.google.com/intl/en/ipv6/statistics.html

Eric Vyncke: http://www.vyncke.org/ipv6status/


http://www.worldipv6launch.org/measurements/

https://www.akamai.com/uk/en/our-thinking/state-of-the-internet-report/state-of-the-internet-ipv6-adoption-visualization.jsp

https://www.akamai.com/uk/en/our-thinking/state-of-the-internet-report/state-of-the-internet-ipv6-adoption-visualization.jsp

http://stats.labs.apnic.net/ipv6/

http://stats.labs.apnic.net/v6perf

https://www.google.com/intl/en/ipv6/statistics.html

http://www.vyncke.org/ipv6status/

Visit us atwww.internetsociety.orgFollow us@internetsociety

Galerie Jean-Malbuisson 15, CH-1204 Geneva, Switzerland.+41 22 807 1444

1775 Wiehle Avenue, Suite 201, Reston, VA 20190-5108 USA. +1 703 439 2120

Thank you.Matthew FordTechnology Program [email protected]


jisc.ac.uk

Mat FordISOC


IPv6 address planningEmma Cardinal-Richards, Network architect,

University College London

03/05/2023

About UCL

»Approximately 38,000 students and 11,000 staff

»Main campus in Bloomsbury

»Satellite sites across London and beyond

»Sponsored Connections e.g. British Museum, National Gallery, Alan Turing Institute

IPv6 address planning

03/05/2023

Our IPv6 Address Allocation Strategy

»JANET offer /48 from 2001:630::/32

»Alignment with IPv4»Routing options limited»Renumbering»Size of allocation»Full control


IPv6

03/05/2023

RIPE allocation

»Application for LIR status

»Allocation /32 »Reserved /29

»Now we have it…. What do we do with it?


03/05/2023

Addressing Scheme Questions

»Link to IPv4 structure?»By type?»By location?»Both?


03/05/2023

Principles

»Stay within a single /32»Allocation - day one»Reservation – expansion»Automated»Compressed notation

IPv6 Address Planning

03/05/2023

Types»Information Services

Division› Infrastructure (Network)› Data Centres› Wireless Clients

»Departments› On request


»Locations› Building Infrastructure› Client services

»Sponsored Connections

03/05/2023

IPv6 Strategies

»Last year somewhere on a mountain….› Packet Pushers› SURFnet – Preparing an

IPv6 Addressing Plan› RIPE IPv6 Info Centre


03/05/2023

Considerations


Route Summarisat

ionIPAM Supported

all the way through?

Client Addressing

DNS

ICMPv6Security

03/05/2023

In conclusion…

»Don’t ignore it just because you think you’re IPv4 rich!

»Testing environment»Procurement»UCL IPv6 Working Group


jisc.ac.uk

03/05/2023

Contact

Emma [email protected]



IPv6 Address PlanUniversity of Reading

George MargaritisNetwork & Telephony Service Manager

UoR IPv6 state

03/05/2023 IPv6 Addressing Plans

IPv4

IPv6

Network Infrastructure (Routing, Firewalls)

Core Services

DNS and Website (IPv6 day)

IPv6 Only Data Centre

DHCPv6Uo

R

More Services (corp. apps etc)

SLAAC with RDNSS (Wireless)

03/05/2023

UoR IPv6 state

»University of Reading addressing:

–UK: 2001:630:53::/48

–Malaysia: 2001:df0:2bf::/48

–Unique Local Addresses (ULA) for VPN links–e.g. fd0c:8da8:1839::/126

–Addressing based on VLAN IDsIPv6 Addressing Plans

03/05/2023

Considerations

»Recommended smallest prefix is /64»Being ‘mathematically’ correct

–Avoid: 134.225.204.0/24 2001:630:53:204::/64

(204 hex = 516 decimal !)»Have a logical link to the routing topology (OSPF areas, BGP private AS etc)

»Have a logical link to the IPv4 subnetting scheme

IPv6 Addressing Plans

03/05/2023

Considerations

Use Case:»Network with 1-16 different sites/campuses/areas

»Unique VLAN-IDs within each area»One-to-One matching VLAN-ID to Subnet

»Not convenient if the same VLAN-ID is used for many different subnets in the same area.IPv6 Addressing Plans

03/05/2023

Subnet allocation

»2001:630:53: y x x x : : /64 0000 0000 0000 0000 Site VLAN» y: Site / Campus /Area number/Zone: 0 – 15

– IPv6 route summarisation per site with /52– If VLAN-IDs are reused in different parts of the

network.» x: The same as VLAN-IDs: 0-4095


03/05/2023

Subnet allocation


»The site identifier y can also be used in various ways› For 1 to 16 different

sites/campuses/areas – Main Site (0-3),

• 0: Campus• 1: Guest• 2: DMZ • 3: Other

– Site 1 (4-7), – Site 2 (8-9)– Site 3 (a-b)– Data Centre (c-f)

03/05/2023

Subnet allocation

»Public IPs (campus network)›Main campus VLAN 100 2001:630:53:64::/64

• IPv4 Subnet: 134.225.100.0/23

›Remote site 1, VLAN 803 2001:630:53:1323::/64

»Private IPs›Main site VLAN 2932 2001:630:53:b74::/64

• IPv4 Subnet: 10.30.32.0/22

›Remote site 11, VLAN 2932 2001:630:53:bb74::/64

• IPv4 Subnet: 10.128.32.0/22


03/05/2023

Host addresses


»Servers have static IPs with per-service prefixes– 2001:db8:abc:123::<svc>:<inst>:<id>

03/05/2023

Host addresses


›Web Servers–2001:630:53:1:0:80:1:1/64–2001:df0:2bf:1:0:80:1:2/64

›SMTP Servers–2001:630:53:1:0:25:1:1/64–2001:df0:2bf:1:0:25:1:2/64

›SQL Servers–2001:630:53:1::1433

:1/64–2001:df0:2bf:1::1433

:1/64

03/05/2023

IPv6 Tools

»Must have: › IPAM ›Documentation›An easy-to-use tool to support engineers:

• UoR IPv6 calculator built by Dr. A. J. Gatward (Jan 2011)IPv6 Addressing Plans

03/05/2023

IPv6 Risks

»Dual Stack›Servers not configured for IPv6

(while advertised on DNS as having IPv6)›Services not configured for IPv6›Missing IPv6 firewall policies

»Solutions with no IPv6 support›Hardware/firmware limitations (older equipment; BMS)

›Some newer applications too!IPv6 Addressing Plans

03/05/2023

Thank you
