IPv6 exec-overview-tm-v2

© 2012 Cisco and/or its affiliates. All rights reserved. 1

Cisco “Exec Session” Preparing for the Internet of Everything, utilizing IPv6

Tim Martin

CCIE #2020

Solutions Architect

Summer 2013


•  What Is IPv6, Why Do We Care? •  The Internet of Everything •  IPv6 Transition Strategies •  Summary


•  SDN •  Cloud •  VDI •  DC Fabric •  Virtualization

•  Oh, and that IPv6 thing

•  Don’t forget the Plumbing


•  Extends the address field from 32 bits to 128 bits

•  Simplified header format

•  Hierarchical network architecture •  Routing efficiency – high level of

aggregation possible

•  Multicast control simplicity and features – built in

•  Optimized for Internet mobile applications

•  New types of peer to peer applications

No real ‘killer application’ for IPv6 Consider Security, Business Continuity & New Service creation


340,282,366,920,938,463,374,607,432,768,211,456 (IPv6 Address Space - 340 undecillion, 282 decillion, 366 nonillion, 920 octillion, 938 septillion, 463 sextillion, 463 quintillion, 374 quadrillion, 607 trillion, 431 billion, 768 million, 211 thousand and 456

vs 4,294,967,296 (IPv4 Address Space - 4 Billion)

. •  The next generation Internet Protocol.. 2001:DB8:1234:0:218:FEFF:FEFB:CC0E

•  Expected to last a “lifetime”, with no successor in development

•  Each /64 prefix contains 18 Quintillion host address’s (18,446,744,073,709,551,616)

Antares 15th Brightest star in the sky

Our Sun

.


19th Apr 11

IANA Address Pool Exhaustion

14th Sep 12

IANA

3rd Feb 11

ARIN

RIPE

APNic

LACNic

AFRiNic

ISP’s

ISP’s

ISP’s

ISP’s

ISP’s

APNic Address Pool Exhaustion

RIPE Address Pool Exhaustion

Latin America

Aug 13 Jun 15

LACNic

Sep 19

AFRiNic

Source: http://www.potaroo.net/tools/ipv4/index.html

ARIN Address Pool = <2 /8’s

<2 /8’s


Mobility / Device Proliferation

IP Video / Collaboration

Embedded Internet

Internet growth – in terms the number of connected devices - is accelerating at an exponential rate

•  India added 15 million new subscribers in June 2011 – more than the population of Greece1

•  China Mobile has surpassed 500 million subscribers – more than the population of North America2

•  The ‘Embedded Internet’ will consist of over 15 billion devices by 20153

1 – Indian Regulator TRAI 2 – China Mobile 3 – Intel Embedded Internet Projections


0

50

100

150

200

250

300

350

400

2010 2011

2012 2013

2014

Western Europe 211M 3.5 G, 26M 4G14

US/Canada 187M 3.5G, 26M 4G14

0

50

100

150

200

250

300

350

2010 2011 2012 2013 2014

Total Subs

Handset Sales

3.5G

4G LTE

NAT44 IPv6 NAT44 IPv6

Source: Alain Fiocco, Cisco. IDC

Mobile device churn rate is high, full turnover in less than 3 years Always on, connected devices accessing billions of connections

Key Milestones : 4G/LTE is IPv6 by default , 3G (Rel9) enable dual stack


•  Home networking is evolving towards more services, including mobile convergence

•  Requires easy Internet Plug & Play features

IPv6 Internet

/64


“I thought this (v4) was still an experiment and that if it worked we would then design a production version” - Vint Cerf

- outer Vendors

1.75% - Internet User Traffic Worldwide


Internet of Things (age of the device)

Internet of Everything (people, process, data,

things)

Fixed Computing (you go to the device)

Mobility / BYOD (the device goes

with you)

1995 2000 2013 2020

200M

10B

Source: Cisco IBSG, 2013

50B




Solve Environmental Challenges Thrive in Smart Communities

Focus on Improved Safety Achieve Energy Efficiency

Live Enriched, Healthier Lives

Redefine Work Models

..to change the way the world works, lives, plays, and learns

© 2012 Cisco and/or its affiliates. All rights reserved. 14 14


Physical items connected to both the Internet and each other will sense more data, become context-aware, and provide more experiential information

Devices typically gather data and stream it over the Internet to a central source, where it is analyzed and processed; devices will become more intelligent by combining data into more useful information

Allows people, data, and things to work together to deliver the right information to the right person (or machine) at the right time in the appropriate way

As the Internet evolves toward IoE, we will be connected in more relevant and valuable ways People

Process

Data

Things



Alongside Metcalfe’s law, value comes from:

•  Connections Available, secure, private, comprehensive, accurate, timely, relevant, rich, valuable

•  People, data, things Context awareness, increased processing power, greater sensing abilities

Intelligence Convergence

Visibility Security



•  Selling, General and Administrative (SG&A ) and Cost of Goods Sold (CoGS)

•  Improves capital efficiency

•  Improved labor efficiency •  Fewer or more productive man-hours

•  Improved customer lifetime value •  Additional market share (more customers)

•  Improved R&D speed, reduced TTM •  New business models and new sources of revenue

•  Improved process efficiency •  Reduced waste in supply chain

Asset utilization

Improved customer experience

Supply-chain / logistics efficiency

Innovation

Employee productivity & Morale




•  You serve content to the internet

•  Your end customers fill out their tax forms/pay their bills on the internet

•  You are concerned about security within your network

•  You provide VPN access for home working for their employees

•  You use links internet links as a backup strategy for “main” links

•  You want to communicate with areas where IPv4 addresses are limited – China/India/Japan etc


Planning and coordination is required from many across the organization, including …  Network engineers & operators  Security engineers  Application developers  Desktop / Server engineers  Web hosting / content developers  Business development managers  …

Moreover, training will be required for all involved in supporting the various IPv6 based network services

•  Build your IPv6 Transition Team


•  IPv6 “Game Changer” – Network World, Sept 2010

•  IPv6 on external facing servers and services by the end of 2012

•  IPv6 on … supporting enterprise networks by the end of 2014


89%

10%

1% 23%

36%

26% 75%

22%

Desktops Smart Phones Tablets •  Boomers are retiring, GenX is “tech savvy”, GenY is “tech dependent”

•  2016 GenY (the millennia's (18-34)) become the largest workforce segment

•  43% of 18-24 year-olds say that texting is just as meaningful as a phone conversation -eMarketer

•  40% of GenY believe that blogging about workplace issues is acceptable –Iconoculture

•  24% of GenY say that technology use is what makes their generation unique -Pew Research

•  74% of GenY used a smartphone for work purposes in the last year, compared to 37 percent of Baby Boomers -CompTIA


•  Your host: IPv4 is protected by your favorite personal firewall... IPv6 is enabled by default (Vista, Linux, Mac OS/X, ...)

•  Your network: Does not run IPv6

•  Your assumption: I’m safe

•  Reality You are not safe Attacker sends Router Advertisements Your host configures silently to IPv6 You are now under IPv6 attack

•  => Probably time to think about IPv6 in your network

23


•  Google Maps opens ~70 parallel connections

•  iTunes store has been shown to open as many as 300 parallel connections

•  New apps that have not emerged yet..

•  IPv4/nat multiplexes multiple users through the port range, so 64k divided by 300 parallel connections results in ~200 customers per ISP based nat address (assuming each customer is only allowed to run one simultaneous instance of iTunes or similar apps).

•  Services generally don’t allow connections from the same host to span multiple public side addresses.

•  Many commerce sites still use an IP address to “ID” their customer






•  “NAT has several negative characteristics that make it inappropriate as a long term solution, and may make it inappropriate even as a short term solution”. – Authors of RFC2393

•  NAT complicates network architecture. Troubleshooting, downtime, expense

•  NAT has slowed growth of transparent applications (need ALG’s) INHIBITS GROWTH - scalability issues with TURN, ICE and STUN ADDS TO COST - Problem typically ends up with the applications team

•  NAT breaks security (IPSec/Authentication Header etc)

•  NAT complicates mergers, double NAT-ing is needed for devices to communicate with each other

•  Large scale NAT at the Carrier level (e.g. NAT64/NAT464/NAT444) is NEVER going to be a permanent solution – speed/complexity/cost




  Standards - Leadership in IP protocols within IETF & IPv6 development

  Experience - Professional Services offering years of experience in IPv6

  Solutions - Innovation, Feature Acceleration


•  Gain Operational Experience now

•  Security enforcement is possible

•  Control IPv6 traffic as you would IPv4

•  Plan, Prepare, Preserve, Prosper

•  Invest in your future - IPv6, the future is now

32


Technology

IPv6 exec-overview-tm-v2