Your SlideShare is downloading. ×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×
Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

Deployment Experiences with IPv6 at Cisco, the Enterprise

634

Published on

Kumar Reddy, Director of Technical Marketing at Cisco, shares deployment experience from Cisco's internal network with focus on running IPv6 on large, public campus networks and IPv6-only WiFi. The …

Kumar Reddy, Director of Technical Marketing at Cisco, shares deployment experience from Cisco's internal network with focus on running IPv6 on large, public campus networks and IPv6-only WiFi. The information is beneficial for anyone dealing with an IPv6 roll out or BYOD environment. Presented at gogoNET LIVE 2012.

Watch it on YouTube: http://youtu.be/sF8RPE9Sng8

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
634
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
20
Comments
0
Likes
0
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. Deployment Experiences with IPv6 Kumar Reddy Director, Technical Marketing Engineering Cisco Systems With thanks to: Andrew Yourtchenko, Alok Wadhwa, Mayur Brahmankar, Jon Woolwine© 2012 Cisco and/or its affiliates. All rights reserved.© 2012 Cisco and/or its affiliates. All rights reserved. 1
  • 2. Dual Stack© 2012 Cisco and/or its affiliates. All rights reserved.© 2012 Cisco and/or its affiliates. All rights reserved. 2
  • 3. Outside – In•  Internet Evolution•  Business Continuity•  B2C, B2B IPv4 Enterprise IPv6 InternetInside – Out•  Globalization•  Technology Leadership•  Industry mandate•  BYOD-Security-Visibility•  Flatten management plane Dual-Stack Enterprise IPv4 Internet http://www.cisco.com/en/US/netsol/ns817/networking_solutions_program_home.html
  • 4. •  Secured broad executive support•  Progress requires multi-functional teams – not just a networking problem•  Pursuing Outside-In and Inside-Out in parallel •  Coordinated equipment upgrades and software updates with fleet upgrade program •  Made sure common client configurations were tested •  Made operational changes e.g. IPv6-specific security mechanisms and monitoring solutions for IPv6 traffic•  To date •  Provided IPv6 access in approximately one-third of global offices – tunnel access for interim connectivity •  IPv6-enabled 100% of the core network •  Observed Happy Eyeballs (RFC 6555) in action •  Observed IPv6 attacks •  Monitor worldwide usage with 6lab.cisco.com/stats© 2012 Cisco and/or its affiliates. All rights reserved. 4
  • 5. 38,98% of WiFi devices were Apple devices (13,53% iPhone, 7,28% iPad), 30,56% Intel devices45,4% are doing 802.11n (up to 144Mbps on 2,4GHz band), 37,25% are doing 802.11n(300Mbps / 5GHz), 13,88% are doing 802.11g (54Mbps / 2,4GHz), 3,47% are doing 802.11a(54Mbps / 5GHz) Example from IPv6 World Congress, Jan 2012© 2012 Cisco and/or its affiliates. All rights reserved. 5
  • 6. 2 privacy addresses© 2012 Cisco and/or its affiliates. All rights reserved. 6
  • 7. Early experiences with IPv6-only WiFi on 2001:db8::d06:f00d/64© 2012 Cisco and/or its affiliates. All rights reserved.© 2012 Cisco and/or its affiliates. All rights reserved. 7
  • 8. •  Scope Series of experiments inside Cisco and at Public Conferences (e.g. Cisco Live) with IPv6-only WiFi Core network dual-stacked Access to ‘legacy’ Internet through a NAT64 Tried both dedicated and shared Access Points with a “try me” IPv6 SSID•  Logistics Volunteer based support – Red T-shirts offered as incentive Each event was contained within a (very large) conference room, floor or campus building Email alias and wiki for support and report issues, findings – limited publicity Kept list of applications that worked/didn’t work (user-reported) Kept traffic statistics•  To know more http://blogs.cisco.com/borderless/ipv6-at-ciscolive-san-diego/© 2012 Cisco and/or its affiliates. All rights reserved. 8
  • 9. Dual stack topology
  • 10. Measure: Unique MACs with IPv6 LL address IPv6 global address IPv6 with global EUI address IPv4 global address Measurements de-duplicate privacy addresses In 6 months *: Dual stack-capable devices increased from 47.5% to 77.5% IPv6-using devices increased by 87.3% * Between IPv6 World Congress, Jan 2012 And Cisco Live US: June 2012 Dual stack capable : IPv4 global + IPv6 LL IPv6 using : IPv6 global© 2012 Cisco and/or its affiliates. All rights reserved. 10
  • 11. •  Network and client issues •  Different OS policies generate new privacy addresses at different times •  DHCPv6 not supported on some OS [versions] •  Some mobile OS’ don’t support IPv6-only at all – at best workaround with IPv4 + ACL •  Network devices still need IPv4 too •  Happy Eyeballs implementation varies across platforms/browsers •  Subtle First Hop/RA timer interactions •  Certain devices have a high sensitivity to SSID switching (with dual stack too) •  Very few mobile clients support IPv6 on radio interfaces•  Our network setup •  An old IPv4 multicast filter impacted RA distribution •  Our DNS server address is not easy to remember (next time use eg. 2001:DB8::53)•  User Experience •  Many users couldn’t tell if they were using IPv6 or not •  Test-ipv6.com, IPvFOO, IPv6 toolkit app etc are useful •  Poor user experience == frequent disconnects and long wait to associate •  Recorded 160 applications tried by users (at internal events) •  Generally collaboration applications broke through NAT64© 2012 Cisco and/or its affiliates. All rights reserved. 11
  • 12. •  Before IPv6 turn on A fair amount of selling is still required to overcome fear of the unknown Knowledge of IPv6 outside core group(s)/enthusiasts can be superficial•  Support No shortage of volunteers (T-shirt effect?) and lots of enthusiasm but actual support provided by small groups of usual suspects Real debug/troubleshooting skills are poorly distributed – this needs to change•  Dual stack Worked well•  IPv6 only See subtle network / client interactions And not so subtle stack differences And uncover old design “short-cuts” And need changes e.g. security and management planes And there are bugs to fix© 2012 Cisco and/or its affiliates. All rights reserved. 12
  • 13. Thank You© 2012 Cisco and/or its affiliates. All rights reserved. 13

×