Addressing IPv6

Addressing IPv6@jta joão taveira araújo

me ~ last year

“…no one cares about IPv6…”

“…IPv6 is now in limited availability…”

me ~ this year

10.0.0.1

10.0.0.1

172.16.0.1

an IP address is who you are on the network

10.0.0.1

172.16.0.110.0.0.0/8

10.0.0.1

172.16.0.1172.16.0.0/16

10.0.0.0/810.0.0.0/8

an IP address is you are on the network{ }who

where

19 45678912304567891230897

IPng

“…to scale Internet addressing to accommodate the millions of designers needed to fix the MOSAIC logo…”

199

IPng

3456

IPv6

IPng- lots of good ideas - needed something deployable

- implemented none of them

IPng- lots of good ideas

- needed something deployable - implemented none of them

IPng- lots of good ideas

- needed something deployable

- implemented none of them

IPng 32 bits 128 bits

199

NAT

3

CIDR

10.0.0.1

10.0.0.1

193.0.1.1

me ~ last year

“…no one cares about IPv6…”

network engineers

HTTP(1996, 2015)

(1995, 1997, 1998, 2014)

companies where addressing sucks

datacenters

carriers

CDN

ƒ

CDN

ƒ-1

SJC

CDN addressing 101

LAXclients

Points of Presence

SJC

Unicast model

LAX

SJC

LAX

Prefix announcements

~1998

SJC

Unicast model

LAX

SJC

LAXDNS

offsetLAX offsetSJC

IP address

~1998

SJC

Unicast model

LAX

SJC

LAXDNS

offsetLAX offsetSJC

~1998

SJC

Unicast model

LAX

SJC

LAXDNS

offsetLAX offsetSJC

~1998

LAX

SJC

SJC

LAXDNS

offsetLAX

LAX

Unicast blackhole

SJC

SJC

LAX

SJC

Unicast DDoS

LAX

SJC

Anycast model

LAXDNS

Same prefix

offset

Anycast IP address

~2006

SJC

LAXDNS

offset

Anycast model ~2006

SJC

LAXDNS

offset

Anycast model ~2006

SJC

LAXDNS

offset

Anycast model ~2006

SYD

Anycast model

uses limited address space

SYD

Anycast model


gracefully handles DDoS

SYD

Anycast model



impossible to fully control

2011 unicast2014 unicast + anycast2015 backing anycast

SYD

anycast prefix

SYD“unicast” prefix(subnetted from anycast prefix)

Backing anycast ~2015

SYD SYD

DNS

offset SYD


SYD


SYD

DNS

offset SYD

SYD

DNS

offset SYD


SYD

DNS

offset SYD


FRA FRA

control of unicast model


FRA FRA




FRA FRA



requires investment


FRA FRA



requires investment

still not enough control


❤

FRA

Service providers

💶💶💶💶

FRA FRA

offset FRA

Service providers

FRA FRA

FRA

offset FRA

Lousy providers

FRA FRA

FRA

offset FRA

Lousy providers

Lousy providers

Lousy providers

FRA FRA

FRA

offset FRA

Lousy providers

Per-provider addressing 2016


FRA

FRA

FRA

FRA

FRA

FRA

FRA

FRA

FRA


SYD

SYD

SYD

SYD

SYD

LAX

LAX

LAX

LAX

LAX

ASIA

ASIA

ASIA

ASIA

ASIA

SJC

SJC

SJC

SJCSJ

C

FRA FRA


offset FRA FRA

FRA

FRA

FRA

FRA


SYD

LAX

ASIA

SJC

www.example.com

www.example.com

www.example.com

www.example.com

www.example.com SJC

SJC

SJC

SJC


64 bit service identifier


FRA


deployed for IPv6

FRA


deployed for IPv6

graceful fallback

FRA


deployed for IPv6

graceful fallback

complete control of ingress path

FRA


deployed for IPv6

graceful fallback

complete control of ingress path

really really hard to implement

FRA

FRA

FRA

Per-provider origin pull 2016

FRA

Per-provider origin pull 2016

FRA

FRA

FRA

FRA

Questions

- limited availability - configuration complexity

- limit impact on global routing table

- higher order dimensionality

Questions

- limited availability

- configuration complexity - limit impact on global routing table


Questions


- configuration complexity

- limit impact on global routing table - higher order dimensionality

Questions


- configuration complexity

- limit impact on global routing table


Questions

Questions

why do you not implement X like Y?

Questions

because Y did a terrible job of it.

Questions

IPng

Questions

Questions

Questions

why is it taking you so long to get here?

Questions

Questions

Questions

end

Technology

Addressing IPv6