15
Skeeve Stevens, CEO IPv6 Readiness Preparing for the Inevitable Saturday, 15 January 2011

IPv6 Readiness - Preparing for the Inevitable

Embed Size (px)

DESCRIPTION

IPv6 Readiness - Preparing for the Inevitable - delivered at NZNOG 2011 in Wellington NZ

Citation preview

Page 1: IPv6 Readiness - Preparing for the Inevitable

Skeeve Stevens, CEO

IPv6 ReadinessPreparing for the Inevitable

Saturday, 15 January 2011

Page 2: IPv6 Readiness - Preparing for the Inevitable

IPv6 Readiness

NZNOG 2011, Wellington, NZ

Who is eintellego?❖ Specialist integrator designing, building and managing the infrastructure of ISPs and Enterprises (with ISP-like networks)

❖ Multi-vendor specialists - focusing on Juniper, HP Networking, Cisco with certified engineers on staff

❖ Platform and Systems Development relating to networking services and systems

❖ IPv6 Consulting/Design/Implementation for Service Providers, Enterprises, Integrators & Government Departments (all over Asia Pacific region)

❖ IPv6 ‘bump-up’ training for network engineers (one on one)

Saturday, 15 January 2011

Page 3: IPv6 Readiness - Preparing for the Inevitable

IPv6 Readiness

NZNOG 2011, Wellington, NZ

What this talk is about?❖ We offer a service to assist customers IPv6 transition called ‘IPv6 Readiness Reports’ which cover four primary areas

❖ We’re here to give some insight into the areas that you should be looking at to prepare yourself for IPv6

❖ Giving you some feedback on our experiences performing these audits/reports

❖ What to expect from your report❖ What generally goes well❖ What generally doesn’t❖ Wrong Assumptions❖ Advice

Saturday, 15 January 2011

Page 4: IPv6 Readiness - Preparing for the Inevitable

IPv6 Readiness

NZNOG 2011, Wellington, NZ

Readiness Reports❖ Network Infrastructure❖ Server Infrastructure❖ Application/Service Infrastructure❖ Office/DC Supporting Infrastructure❖ Other reports.....

❖ Generally involves three phases1. The Audit and resulting report2. Implementation of results - full or partial3. Implement IPv6

Saturday, 15 January 2011

Page 5: IPv6 Readiness - Preparing for the Inevitable

IPv6 Readiness

NZNOG 2011, Wellington, NZ

Readiness Reports PhasesPhase 1 - The Audit and resulting report

• Perform Inventory• Develop scope based on current functionality • De-duplicate• Research• Prepare Report with Recommendations

Phase 2 - Implementation of results - full or partial• Analyse Phase 1 Report• Decide on what functionality and what you need to do to achieve that• Commission project of purchasing upgrades and installing them

Phase 3 - Implement IPv6• Develop Addressing Plan• Policies relating to DHCP, Security, DNS, etc• Implement changes• Test IPv6 capabilities

Saturday, 15 January 2011

Page 6: IPv6 Readiness - Preparing for the Inevitable

IPv6 Readiness

NZNOG 2011, Wellington, NZ

Readiness Reports• Network Infrastructure

• Routing and Switching

• Security Devices• Firewalls, IPS/IDS, AAA

• Transit/Upstreams

• Server Networking• Blade Switching• Virtualised Switching (Cisco Nexus 1000, Arista vEOS, etc)• Virtualised Security (Cisco Virtual Security Gateway, etc)

• Server Storage Networking

• Appliances• Load Balancers, Shapers

• Routing Protocol and Feature Analysis• OSPF, BGP, RIP, ISIS, EIGRP• FHRP, VPN, NAT, Tunnelling, IP-SLA, etc

Saturday, 15 January 2011

Page 7: IPv6 Readiness - Preparing for the Inevitable

IPv6 Readiness

NZNOG 2011, Wellington, NZ

Readiness Reports• Server Infrastructure

• Out-of-band Management - Server and Storage

• iLo, Drac, etc that use networking

• Storage - NAS, SAN, iSCSI or other IP based storage

• Operating Systems• Microsoft Operating Systems (2003, 2008, Vista, 7, special editions for embedded environments such as PoS)

• Linux/Unixes (Linux distros, BSD, Solaris, Apple OSX)

• Virtualisation Technologies• VMware• Xen• Linux kernel implementations• Hyper-V• VDI (Virtual Desktop Infrastructure)

• Citrix/Terminal Services

Saturday, 15 January 2011

Page 8: IPv6 Readiness - Preparing for the Inevitable

IPv6 Readiness

NZNOG 2011, Wellington, NZ

Readiness Reports• Application/Services Infrastructure

• Services• WWW

• Mail - Unix servers, Exchange, Groupwise, Notes, etc

• DNS - Bind, Active Directory, others

• Streaming - Unicast, Multicast - Video, Audio or other

• Monitoring, Logging

• Authentication, Accounting (AAA) - receive and process

• Scripting - Windows, Unix shell, etc

• Webcode - PHP, Python, Perl, ASP, Java, etc

• Operational Support Systems (OSS) - Radius, Accounting, Provisioning, Reporting, etc

• VoIP Servers

Saturday, 15 January 2011

Page 9: IPv6 Readiness - Preparing for the Inevitable

IPv6 Readiness

NZNOG 2011, Wellington, NZ

Readiness Reports• Office/DC Supporting Infrastructure

• Voice equipment - IP handsets, soft-phones, Smart Phones (voice)

• Computers - laptops, desktops, tablets, Smart Phones (data)

• Peripherals - Network Printers, Network Photocopiers, Scanners (Image, barcode), UPS, GPS, Projectors, TVs, Game consoles, etc

• Infrastructure - Network Audio, Alarm Systems and Access Control, IP Cameras, Video recording (IP), Advertising interfaces, Building automation (BMS) - cooling, heating, Smart meters, etc

• Routers - xDSL/MetroE/3G, etc

• Firewalls - Office Grade device capabilities

• VPN - Remote Access, tokens, etc

• Wireless - management and DHCP (if used)

• SME grade switching management

• Vehicles - Fleet Management, etc

Saturday, 15 January 2011

Page 10: IPv6 Readiness - Preparing for the Inevitable

IPv6 Readiness

NZNOG 2011, Wellington, NZ

What to Expect from your report1. A true representation of your current situation

2. What needs to be done to bring you up to IPv6 capabilityi. Hardware/Modules that are not IPv6 capableii. Software that is not IPv6 capableiii. Licensing that does not not support IPv6

3. What options exist for the above issuesi. New hardware, new modules, new software versions or new license packsii. If something is fully IPv6 capable (for your required functionality) then minimal details required

4. You should feel you know all that you need to know for planning for Phase 2

5. You should have a report that you can take to management

Saturday, 15 January 2011

Page 11: IPv6 Readiness - Preparing for the Inevitable

IPv6 Readiness

NZNOG 2011, Wellington, NZ

Our ExperiencesWhat Goes Well• Initial enthusiasm• Common vendors generally easy to audit (Cisco, Juniper, HP)• Customer has an opportunity to fix pre-existing problems

What Doesn’t Go Well• IPv6 isn’t finished - there are still debates on how things should be done• Not all solutions have been released (CGN/LSN)• Engineers nervousness about security concerns• Engineers worried about scrutiny by 3rd parties• Getting detail needed - sometimes takes a LONG time• Language barriers - when working with foreign entities• Uncommon vendors or legacy (out of business) equipment/vendors• Specialised equipment or devices or local foreign vendors• SME vendors - little care; hard to communicate with (what is IPv6?)

Wrong Assumptions• This will solve everything - we do this and we will be fine• That the network infrastructure is all they have to do

Saturday, 15 January 2011

Page 12: IPv6 Readiness - Preparing for the Inevitable

IPv6 Readiness

NZNOG 2011, Wellington, NZ

Our ExperiencesWhat We’ve Experienced in our Reports• Only 60% of Reports get past Phase 1

• Mostly clients are so disheartened at the cost or effort, they just give up (for now)• Most re-establish contact at some point later - though not all re-engage

• Of the 60% who move to Phase 2, only 55% of those complete Phase 2 in a reasonable timeframe (less than 6-9 months) due to other priorities, management changes, funding withdrawal, etc.

• 100% of clients are STILL buying hardware/software that does NOT have IPv6 in their roadmap.

• Clients are still buying transit/internet connectivity from providers who do not have IPv6 Dual-stack (sometimes unavoidable in developing world)

• About 80% of people who are ‘interested’ in the idea of the reports do not think that they need to worry about it at the moment.

Saturday, 15 January 2011

Page 13: IPv6 Readiness - Preparing for the Inevitable

IPv6 Readiness

NZNOG 2011, Wellington, NZ

Our Advice1. IPv6 is here now and happening whether you like it or not - stop being a mushroom.

2. Do a report soon - either internally or getting outside assistance

3. Involve management sooner than later - especially as they they need to justify funding up the line and make their management aware of the costs.

4. Timeframes - Budget cycles can be important and are often prepared a long time in advance

Example: We had a customer whose budget ran on a calendar year (Jan-Dec), but budgets had to be submitted for approval by June 30 the previous year. This meant Phase 1 had to start one year before Phase 2 could begin.

4. Accept that your architecture WILL change (not a bad thing)

5. Be specific with your vendors: “X device can support IPv6” is a fuzzy term

6. Be prepared to consider alternate vendors

7. Budget for Money AND Time for Engineers to be trained in IPv6

8. If you don’t do a report now, at least be playing with IPv6 in some capacity

9. Start an IPv6 Committee involving Management, Engineer, Sales and R&D

Saturday, 15 January 2011

Page 14: IPv6 Readiness - Preparing for the Inevitable

IPv6 Readiness

NZNOG 2011, Wellington, NZ Saturday, 15 January 2011

Page 15: IPv6 Readiness - Preparing for the Inevitable

IPv6 Readiness

NZNOG 2011, Wellington, NZ

Questions

?Saturday, 15 January 2011