SlideShare a Scribd company logo

Gabriel Paues - IPv6 address planning + making the case for WHY

IKT-Norge
IKT-Norge

IPv6 forum conference Oslo, 2012-04-25

Technology
1 of 33
Planning and RA/DHCPv6 in detail
Page 2  Why IPv6?  Address planning  Address assignment  Tips and examples
Page 3
Page 4 Common arguments ”We have enough of “We do not want to be IPv4 addresses – we the early adopters – do not need IPv6!” let the others do the mistakes!” We do not have the TIME! “We do not want to touch existing infrastructure but wait to the next upgrade cycle.”
Page 5 Common arguments ”We have enough of “We do not want to be IPv4 addresses – we the early adopters – do not need IPv6!” let the others do the mistakes!” ”The world outside ”Being an early might want to reach adopter also means you over IPv6 - you more experience!” do not want to end up on a ”Wall of Shame”” ”You may set up a separate entry in your network for IPv6 and gradually introduce IPv6 into We do not have the your network!” ”An implementation TIME! may cost more time and resources if “We do not want to implemented in touch existing panic” infrastructure but wait to the next upgrade cycle.”
Page 6 One example: http://go6.se/check Some journalist will ask you what your strategy for IPv6 is.
Page 7 Not much really… Get a modern webserver. Get a modern DNS and enable the functionality Modern mail server (Exchange 2007 is enough) On the server side Windows 2008 is fine
Page 8 Today IPv4 IPv6 Get experience Mail Web DNS while IPv6 traffic is sparse! Services
Page 9 Tomorrow IPv4 IPv6 We need this up and running NOW! Mail Web DNS Services
Page 10  No time NOW will cost you later: ◦ Upgrade many things at once ◦ Trace errors? ◦ Concentrated costs ◦ No time to get acquainted with IPv6 We need this up and running NOW!
Page 11 ”We do not want to touch our current infrastructure!” IPv4 IPv6 Mail Web DNS Small firewall DMZ just for Enable IPv6 support on IPv6 servers but do not add IPv6 DNS records. When tested add IPv6 DNS records. Test network Clients
Page 12
Page 13 Short answer: a lot! Every customer will get a /48 per site: 2128-48 = 280 = 1,208925819614629174706176 * 1024 Is it possible to make mistakes with this many addresses? The answer is yes!
Page 14  Size of all subnet should be /64 – there are reasons for this we will come back to! 128 bits n bits 64 – n bits 64 bits Network prefix Subnet ID Host ID Address span for a site Subnet within a site Interface ID, 64 bits
Page 15 To spread all subnets randomly over the whole assignment! Assignment (/48) = subnet Can render unnecessary problems in the future!
Page 16 How should a customer divide its /48? 2001:db8:1234:[0000-FFFF]::/64 16 * 4096 16 * 16 * 256 16 * 256 * 16 256 * 256 L1 L2 L1 L2 L3 L1 L2 L3 L1 L2 0 000 0 0 00 0 00 0 00 00 . … . . .. . .. . .. .. F FFF F F FF F FF F FF FF One office with many subnets or extremely Few offices with Many offices with Many offices with many offices with many subnets within just a few subnets many subnets within one subnet within each each office within each each • Every subnet should be /64 which gives 65536 subnets in a /48 • Use a hierarchy with two or three levels and use only one L1-net at a time (to avoid cluttering of subnets all over the assignment) • Save the remaining L1-nets for future use • Identify where the majority of the subnets is needed: number of offices or number of subnets per office and let the hierarchy mirror this
Page 17  Avoid the 0-net in L1 since the shortening rules makes this network invisible  Only fill in the networks you are using  As an alternative the customer could use a IP planning tool. ◦ http://www.alcatel-lucent.com ◦ http://www.6connect.com ◦ http://www.infoblox.com  Google IPAM to find more! L2 L1 L2 2001:db8:1234:100::/64 2001:db8:1234:1020::/64 2001:db8:1234:20::/64 2001:db8:1234:1100::/64 2001:db8:1234:200::/64 2001:db8:1234:1200::/64 Sorting? More evident! Readability?
Page 18 To use the same size everywhere is done by several reasons:  Simplification – easier for administrators, users and support personnel  A number of techniques is built upon this assumption: ◦ Stateless Address Auto Configuration (SLAAC) ◦ Privacy Extensions (used to randomize the last 64 bits of an IP-address instead of using the MAC-address) ◦ Parts of Mobile IPv6 (roaming on IP-level)  Smaller subnet on link nets -> manual configuration
Page 19
Page 20 Manual Stateless Autoconfig (SLAAC) DHCPv6 THIS is your address! Internet R Internet R R R R R R R R R R Could I R have an address, please? Multicast Where am I? You’re with me! Use my address to tell others on the Internet where you are. DHCPv6 Yep, here is one I Server = haven’t given + Computer A unique ID for this away! Host generated address subnet Holds a list of Could be a random number or possible addresses The network prefix of the router the MAC-address of the NIC to give away.
Page 21  SLAAC and DHCPv6 communicate over IP – we need an IP-address before we have an ”official address”  It’s an automatic address which is generated on all interfaces with IPv6 support  Can be used on the local link (subnet) and is never routed to another link  Always start with FE80::/10 64-bitars host Host Address = FE80:: + generated suffix (random or MAC) R R Internet R R R Generated A Generated B Generated C Generated D Generated E Generated F
Page 22  Static ◦ Manual configuration just as in IPv4.  Address  Prefix length  Default router  DNS resolver Manuell THIS is your address!
Page 23  Stateless Address Auto Configuration - SLAAC ◦ Uses an algorithm to create the host-part of the address. ◦ This part is appended to the prefix the router is sending out with a Router Advertisement (RA) ◦ Assumes /64-bits net masks ◦ RA also gives information on default router and prefix length ◦ RA can give information on DNS resolver ◦ All OSes support RA ◦ Some support the option that configures the DNS resolver Where am I? Router Solicitation -> FF02::2 R FF02::1 or link-local <- Router Advertisement You’re with me! Use my address to tell others on the Internet where you are.
Page 24 Cur Hop Limit Which Hop Count the client should use on this segment M-flag Decides whether the client should use SLAAC or DHCPv6 to configure the address O-flag Use DHCPv6 to configure other parameters(DNS, NTP- server, etc.) Prefix Prefix (and prefix length) the client should use Other information MTU, link local address for the router, different timeouts that should be used on this segment
Page 25  Stateful address - DHCPv6 ◦ Keeps track of which clients get which address Internet R ◦ Can also be used to configure other options R like SIP gateway R R ◦ Normally there exists one DHCPv6 server and R all routers and firewalls acts as relays R Can I have ◦ Some OSes has no support for DHCPv6, for an address, please? instance Mac OS X before version 10.7. ◦ Third party software exists which can help OSes with poor support for DHCPv6 (Dibbler, Kame) ◦ Dibbler, Kame and ISC DHCPD are also examples of DHCPv6-server implementations Sure, here is one I haven’t given away!
Page 26 How will a host get its addresses? = address gets assigned Always starts with FE80::/10 Link local The computer gets Static DHCPv6 connected SLAAC ”Official ” Dynamic DHCPv6 In IPv6 every host gets more than one address: 1) Loopback (::1) 2) Link local (one FE80::/10 per interface) 3) ”Official” (global) address (per interface) 4) A number of multicast addresses
Page 27
Page 28 Servers  Static addresses on servers ◦ One prefix per server (simplifies firewall administration since every server has ONE prefix and there is no implicit communication over the link local addresses ◦ Turn off RA reception Prefix: 2001:DB8:1234::/48 2001:DB8:1234:F100::/56: Web 2001:DB8:1234:F101::/64 2001:DB8:1234:F103::/64 2001:DB8:1234:F200::/56: Mail 2001:DB8:1234:F102::/64 16 * 16 * 256 L1 L2 L3 R Web: 2001:DB8:1234:F100::/56 R 0 0 00 Internet . . .. R Mail: 2001:DB8:1234:F200::/56 F F FF L1: future L2:types (servers, clients, infrastructure) 2001:DB8:1234:F202::/64 L3:subnets within types 2001:DB8:1234:F201::/64 2001:DB8:1234:F203::/64
Page 29 Clients 2001:DB8:1234:FF00::/56: Clients  Dynamic assignments on clients 16 * 16 * 256  Simpler networks can run SLAAC L1 L2 L3  In a more advanced network where better control 0 0 00 is needed one could use RA with the O(ther . . .. options)- and M(anaged)-flags set without a prefix in the RA F F FF  DHCPv6 is used for address assignment L1: future  Many clients share the same L2:types (servers, clients, infrastructure) VLAN/segment/subnet L3:subnets within types R 2001:DB8:1234:FF01::/64 R R Relay DHCPv6 Relay 2001:db8:1234:FF03::/64 2001:db8:1234:FF02::/64 Server
Page 30 Prefix: 2001:DB8:1234::/48  Split the /48 in 256 subnets each and 256 * 256 everyone consisting of 256 subnets with the L1 L2 subnet mask /56 00 00  Take the first for your infrastructure (link .. .. nets, loopback addresses) FF FF  Assign one /56 per office L1  Save 252 subnets for future use 10 Infra 11: HQ 12: Office 1 13: Office 2 Infra: 2001:DB8:1234:1000::/56 HK: 2001:DB8:1234:1100::/56 K1: 2001:DB8:1234:1200::/56 K2: 2001:DB8:1234:1300::/56 Infra R R WAN-links
Page 31  How to enumerate static hosts? ◦ Give the router the address ::1 and the server ::2 ◦ Static addresses on clients ::1000 and go upward ◦ Do not give addresses per service (web server::80 and dns::53) – still open for debate! ◦ DHCPv6 scope range ::1000-FFFF
Page 32  Every customer will get many addresses (at least a /48) per site  Use levels not to distribute all subnets over the whole assignments  Address assignment ◦ Static - manual ◦ DHCPv6 NEW! ◦ Stateless Address Auto Configuration (SLAAC)  Every host will have several IPv6 addresses 16 * 4096 L1 L2 0 1 2 3 4 5 6 7 8 9 A B C D E F Infra Serv Client Future use
Page 33  Gabriel Paues  gabriel.paues@ip-solutions.se

Recommended

Henrik Strøm - IPv6 from the attacker's perspective
Henrik Strøm - IPv6 from the attacker's perspectiveHenrik Strøm - IPv6 from the attacker's perspective
Henrik Strøm - IPv6 from the attacker's perspectiveIKT-Norge
 
Martin J Levy - Hurricane Electric - The IPv6 global view - norway ipv6 - apr...
Martin J Levy - Hurricane Electric - The IPv6 global view - norway ipv6 - apr...Martin J Levy - Hurricane Electric - The IPv6 global view - norway ipv6 - apr...
Martin J Levy - Hurricane Electric - The IPv6 global view - norway ipv6 - apr...IKT-Norge
 
Jan Zorz - IPv6 and mobile emergency response teams
Jan Zorz - IPv6 and mobile emergency response teamsJan Zorz - IPv6 and mobile emergency response teams
Jan Zorz - IPv6 and mobile emergency response teamsIKT-Norge
 
Eric Vyncke - IPv6 security in general
Eric Vyncke - IPv6 security in generalEric Vyncke - IPv6 security in general
Eric Vyncke - IPv6 security in generalIKT-Norge
 
Eric Vyncke - Layer-2 security, ipv6 norway
Eric Vyncke - Layer-2 security, ipv6 norwayEric Vyncke - Layer-2 security, ipv6 norway
Eric Vyncke - Layer-2 security, ipv6 norwayIKT-Norge
 
AusNOG 2011 - Residential IPv6 CPE - What Not to Do and Other Observations
AusNOG 2011 - Residential IPv6 CPE - What Not to Do and Other ObservationsAusNOG 2011 - Residential IPv6 CPE - What Not to Do and Other Observations
AusNOG 2011 - Residential IPv6 CPE - What Not to Do and Other ObservationsMark Smith
 
AusNOG 2014 - Network Virtualisation: The Killer App for IPv6?
AusNOG 2014 - Network Virtualisation: The Killer App for IPv6?AusNOG 2014 - Network Virtualisation: The Killer App for IPv6?
AusNOG 2014 - Network Virtualisation: The Killer App for IPv6?Mark Smith
 
Cameron - TMO IPv6 Norway Meeting
Cameron - TMO IPv6 Norway MeetingCameron - TMO IPv6 Norway Meeting
Cameron - TMO IPv6 Norway MeetingIPv6no
 

Recommended

Henrik Strøm - IPv6 from the attacker's perspective
Henrik Strøm - IPv6 from the attacker's perspectiveHenrik Strøm - IPv6 from the attacker's perspective
Henrik Strøm - IPv6 from the attacker's perspectiveIKT-Norge
 
Martin J Levy - Hurricane Electric - The IPv6 global view - norway ipv6 - apr...
Martin J Levy - Hurricane Electric - The IPv6 global view - norway ipv6 - apr...Martin J Levy - Hurricane Electric - The IPv6 global view - norway ipv6 - apr...
Martin J Levy - Hurricane Electric - The IPv6 global view - norway ipv6 - apr...IKT-Norge
 
Jan Zorz - IPv6 and mobile emergency response teams
Jan Zorz - IPv6 and mobile emergency response teamsJan Zorz - IPv6 and mobile emergency response teams
Jan Zorz - IPv6 and mobile emergency response teamsIKT-Norge
 
Eric Vyncke - IPv6 security in general
Eric Vyncke - IPv6 security in generalEric Vyncke - IPv6 security in general
Eric Vyncke - IPv6 security in generalIKT-Norge
 
Eric Vyncke - Layer-2 security, ipv6 norway
Eric Vyncke - Layer-2 security, ipv6 norwayEric Vyncke - Layer-2 security, ipv6 norway
Eric Vyncke - Layer-2 security, ipv6 norwayIKT-Norge
 
AusNOG 2011 - Residential IPv6 CPE - What Not to Do and Other Observations
AusNOG 2011 - Residential IPv6 CPE - What Not to Do and Other ObservationsAusNOG 2011 - Residential IPv6 CPE - What Not to Do and Other Observations
AusNOG 2011 - Residential IPv6 CPE - What Not to Do and Other ObservationsMark Smith
 
AusNOG 2014 - Network Virtualisation: The Killer App for IPv6?
AusNOG 2014 - Network Virtualisation: The Killer App for IPv6?AusNOG 2014 - Network Virtualisation: The Killer App for IPv6?
AusNOG 2014 - Network Virtualisation: The Killer App for IPv6?Mark Smith
 
Cameron - TMO IPv6 Norway Meeting
Cameron - TMO IPv6 Norway MeetingCameron - TMO IPv6 Norway Meeting
Cameron - TMO IPv6 Norway MeetingIPv6no
 
Introduction of ipv6
Introduction of ipv6Introduction of ipv6
Introduction of ipv6KaushikMajumder22
 
IPv6 Security - Workshop mit Live Demo
IPv6 Security - Workshop mit Live DemoIPv6 Security - Workshop mit Live Demo
IPv6 Security - Workshop mit Live DemoDigicomp Academy AG
 
Rapid IPv6 Deployment for ISP Networks
Rapid IPv6 Deployment for ISP NetworksRapid IPv6 Deployment for ISP Networks
Rapid IPv6 Deployment for ISP NetworksSkeeve Stevens
 
Getting started with IPv6
Getting started with IPv6Getting started with IPv6
Getting started with IPv6Private
 
pps Matters
pps Matterspps Matters
pps MattersBangladesh Network Operators Group
 
IPv6 Adressvergabe und Adressierung
IPv6 Adressvergabe und AdressierungIPv6 Adressvergabe und Adressierung
IPv6 Adressvergabe und AdressierungSwiss IPv6 Council
 
IPv6 How To Set Up a Linux IPv6 Lan
IPv6 How To Set Up a Linux IPv6 LanIPv6 How To Set Up a Linux IPv6 Lan
IPv6 How To Set Up a Linux IPv6 LanJumping Bean
 
Presd1 09
Presd1 09Presd1 09
Presd1 09Niels Groeneveld
 
SIP and DNS - federation, failover, load balancing and more
SIP and DNS - federation, failover, load balancing and moreSIP and DNS - federation, failover, load balancing and more
SIP and DNS - federation, failover, load balancing and moreOlle E Johansson
 
IPv6 strategy for deployment at ETH Switzerland
IPv6 strategy for deployment at ETH SwitzerlandIPv6 strategy for deployment at ETH Switzerland
IPv6 strategy for deployment at ETH SwitzerlandSwiss IPv6 Council
 
Route Origin Validation With Routinator - A MANRS Approach for Operators
Route Origin Validation With Routinator - A MANRS Approach for OperatorsRoute Origin Validation With Routinator - A MANRS Approach for Operators
Route Origin Validation With Routinator - A MANRS Approach for OperatorsBangladesh Network Operators Group
 
AusNOG 2015 - Why you should read RFCs and Internet Drafts (and what you need...
AusNOG 2015 - Why you should read RFCs and Internet Drafts (and what you need...AusNOG 2015 - Why you should read RFCs and Internet Drafts (and what you need...
AusNOG 2015 - Why you should read RFCs and Internet Drafts (and what you need...Mark Smith
 
IPv6 at CSCS
IPv6 at CSCSIPv6 at CSCS
IPv6 at CSCSSwiss IPv6 Council
 
Ipv6
Ipv6Ipv6
Ipv6maha5960
 
Things I wish I had known about IPv6 before I started
Things I wish I had known about IPv6 before I startedThings I wish I had known about IPv6 before I started
Things I wish I had known about IPv6 before I startedFaelix Ltd
 
Implementing an IPv6 Enabled Environment for a Public Cloud Tenant
Implementing an IPv6 Enabled Environment for a Public Cloud TenantImplementing an IPv6 Enabled Environment for a Public Cloud Tenant
Implementing an IPv6 Enabled Environment for a Public Cloud TenantShixiong Shang
 
OpenStack Havana over IPv6
OpenStack Havana over IPv6OpenStack Havana over IPv6
OpenStack Havana over IPv6Shixiong Shang
 
DASH7 Webinar: Working With Open Tag For Mode 2
DASH7 Webinar: Working With Open Tag For Mode 2DASH7 Webinar: Working With Open Tag For Mode 2
DASH7 Webinar: Working With Open Tag For Mode 2Haystack Technologies
 
Route Origin Validation - A MANRS Approach
Route Origin Validation - A MANRS ApproachRoute Origin Validation - A MANRS Approach
Route Origin Validation - A MANRS ApproachBangladesh Network Operators Group
 
Der Einsatz von Lisp für die IPv6 Migration
Der Einsatz von Lisp für die IPv6 MigrationDer Einsatz von Lisp für die IPv6 Migration
Der Einsatz von Lisp für die IPv6 MigrationSwiss IPv6 Council
 
Moving Towards IPv6
Moving Towards IPv6Moving Towards IPv6
Moving Towards IPv6RIPE NCC
 
Network Visualisation: Focus on RIPE Atlas
Network Visualisation: Focus on RIPE AtlasNetwork Visualisation: Focus on RIPE Atlas
Network Visualisation: Focus on RIPE AtlasRIPE NCC
 

More Related Content

What's hot

IPv6 Security - Workshop mit Live Demo
IPv6 Security - Workshop mit Live DemoIPv6 Security - Workshop mit Live Demo
IPv6 Security - Workshop mit Live DemoDigicomp Academy AG
 
Rapid IPv6 Deployment for ISP Networks
Rapid IPv6 Deployment for ISP NetworksRapid IPv6 Deployment for ISP Networks
Rapid IPv6 Deployment for ISP NetworksSkeeve Stevens
 
Getting started with IPv6
Getting started with IPv6Getting started with IPv6
Getting started with IPv6Private
 
IPv6 Adressvergabe und Adressierung
IPv6 Adressvergabe und AdressierungIPv6 Adressvergabe und Adressierung
IPv6 Adressvergabe und AdressierungSwiss IPv6 Council
 
IPv6 How To Set Up a Linux IPv6 Lan
IPv6 How To Set Up a Linux IPv6 LanIPv6 How To Set Up a Linux IPv6 Lan
IPv6 How To Set Up a Linux IPv6 LanJumping Bean
 
SIP and DNS - federation, failover, load balancing and more
SIP and DNS - federation, failover, load balancing and moreSIP and DNS - federation, failover, load balancing and more
SIP and DNS - federation, failover, load balancing and moreOlle E Johansson
 
IPv6 strategy for deployment at ETH Switzerland
IPv6 strategy for deployment at ETH SwitzerlandIPv6 strategy for deployment at ETH Switzerland
IPv6 strategy for deployment at ETH SwitzerlandSwiss IPv6 Council
 
Route Origin Validation With Routinator - A MANRS Approach for Operators
Route Origin Validation With Routinator - A MANRS Approach for OperatorsRoute Origin Validation With Routinator - A MANRS Approach for Operators
Route Origin Validation With Routinator - A MANRS Approach for OperatorsBangladesh Network Operators Group
 
AusNOG 2015 - Why you should read RFCs and Internet Drafts (and what you need...
AusNOG 2015 - Why you should read RFCs and Internet Drafts (and what you need...AusNOG 2015 - Why you should read RFCs and Internet Drafts (and what you need...
AusNOG 2015 - Why you should read RFCs and Internet Drafts (and what you need...Mark Smith
 
Things I wish I had known about IPv6 before I started
Things I wish I had known about IPv6 before I startedThings I wish I had known about IPv6 before I started
Things I wish I had known about IPv6 before I startedFaelix Ltd
 
Implementing an IPv6 Enabled Environment for a Public Cloud Tenant
Implementing an IPv6 Enabled Environment for a Public Cloud TenantImplementing an IPv6 Enabled Environment for a Public Cloud Tenant
Implementing an IPv6 Enabled Environment for a Public Cloud TenantShixiong Shang
 
OpenStack Havana over IPv6
OpenStack Havana over IPv6OpenStack Havana over IPv6
OpenStack Havana over IPv6Shixiong Shang
 
DASH7 Webinar: Working With Open Tag For Mode 2
DASH7 Webinar: Working With Open Tag For Mode 2DASH7 Webinar: Working With Open Tag For Mode 2
DASH7 Webinar: Working With Open Tag For Mode 2Haystack Technologies
 
Der Einsatz von Lisp für die IPv6 Migration
Der Einsatz von Lisp für die IPv6 MigrationDer Einsatz von Lisp für die IPv6 Migration
Der Einsatz von Lisp für die IPv6 MigrationSwiss IPv6 Council
 

What's hot (20)

Introduction of ipv6
Introduction of ipv6Introduction of ipv6
Introduction of ipv6
 
IPv6 Security - Workshop mit Live Demo
IPv6 Security - Workshop mit Live DemoIPv6 Security - Workshop mit Live Demo
IPv6 Security - Workshop mit Live Demo
 
Rapid IPv6 Deployment for ISP Networks
Rapid IPv6 Deployment for ISP NetworksRapid IPv6 Deployment for ISP Networks
Rapid IPv6 Deployment for ISP Networks
 
Getting started with IPv6
Getting started with IPv6Getting started with IPv6
Getting started with IPv6
 
pps Matters
pps Matterspps Matters
pps Matters
 
IPv6 Adressvergabe und Adressierung
IPv6 Adressvergabe und AdressierungIPv6 Adressvergabe und Adressierung
IPv6 Adressvergabe und Adressierung
 
IPv6 How To Set Up a Linux IPv6 Lan
IPv6 How To Set Up a Linux IPv6 LanIPv6 How To Set Up a Linux IPv6 Lan
IPv6 How To Set Up a Linux IPv6 Lan
 
Presd1 09
Presd1 09Presd1 09
Presd1 09
 
SIP and DNS - federation, failover, load balancing and more
SIP and DNS - federation, failover, load balancing and moreSIP and DNS - federation, failover, load balancing and more
SIP and DNS - federation, failover, load balancing and more
 
IPv6 strategy for deployment at ETH Switzerland
IPv6 strategy for deployment at ETH SwitzerlandIPv6 strategy for deployment at ETH Switzerland
IPv6 strategy for deployment at ETH Switzerland
 
Route Origin Validation With Routinator - A MANRS Approach for Operators
Route Origin Validation With Routinator - A MANRS Approach for OperatorsRoute Origin Validation With Routinator - A MANRS Approach for Operators
Route Origin Validation With Routinator - A MANRS Approach for Operators
 
AusNOG 2015 - Why you should read RFCs and Internet Drafts (and what you need...
AusNOG 2015 - Why you should read RFCs and Internet Drafts (and what you need...AusNOG 2015 - Why you should read RFCs and Internet Drafts (and what you need...
AusNOG 2015 - Why you should read RFCs and Internet Drafts (and what you need...
 
IPv6 at CSCS
IPv6 at CSCSIPv6 at CSCS
IPv6 at CSCS
 
Ipv6
Ipv6Ipv6
Ipv6
 
Things I wish I had known about IPv6 before I started
Things I wish I had known about IPv6 before I startedThings I wish I had known about IPv6 before I started
Things I wish I had known about IPv6 before I started
 
Implementing an IPv6 Enabled Environment for a Public Cloud Tenant
Implementing an IPv6 Enabled Environment for a Public Cloud TenantImplementing an IPv6 Enabled Environment for a Public Cloud Tenant
Implementing an IPv6 Enabled Environment for a Public Cloud Tenant
 
OpenStack Havana over IPv6
OpenStack Havana over IPv6OpenStack Havana over IPv6
OpenStack Havana over IPv6
 
DASH7 Webinar: Working With Open Tag For Mode 2
DASH7 Webinar: Working With Open Tag For Mode 2DASH7 Webinar: Working With Open Tag For Mode 2
DASH7 Webinar: Working With Open Tag For Mode 2
 
Route Origin Validation - A MANRS Approach
Route Origin Validation - A MANRS ApproachRoute Origin Validation - A MANRS Approach
Route Origin Validation - A MANRS Approach
 
Der Einsatz von Lisp für die IPv6 Migration
Der Einsatz von Lisp für die IPv6 MigrationDer Einsatz von Lisp für die IPv6 Migration
Der Einsatz von Lisp für die IPv6 Migration
 

Viewers also liked

Moving Towards IPv6
Moving Towards IPv6Moving Towards IPv6
Moving Towards IPv6RIPE NCC
 
Network Visualisation: Focus on RIPE Atlas
Network Visualisation: Focus on RIPE AtlasNetwork Visualisation: Focus on RIPE Atlas
Network Visualisation: Focus on RIPE AtlasRIPE NCC
 
A Message About IPv6
A Message About IPv6A Message About IPv6
A Message About IPv6RIPE NCC
 
Are Dutch Internet Paths Local - A Measurement Study Using RIPE Atlas
Are Dutch Internet Paths Local - A Measurement Study Using RIPE AtlasAre Dutch Internet Paths Local - A Measurement Study Using RIPE Atlas
Are Dutch Internet Paths Local - A Measurement Study Using RIPE AtlasRIPE NCC
 
RIPE Atlas and IXPs "Stitchin' it up"
RIPE Atlas and IXPs "Stitchin' it up"RIPE Atlas and IXPs "Stitchin' it up"
RIPE Atlas and IXPs "Stitchin' it up"RIPE NCC
 
RIPE Atlas
RIPE AtlasRIPE Atlas
RIPE AtlasRIPE NCC
 
The State of the (Romanian) Internet
The State of the (Romanian) InternetThe State of the (Romanian) Internet
The State of the (Romanian) InternetRIPE NCC
 

Viewers also liked (7)

Moving Towards IPv6
Moving Towards IPv6Moving Towards IPv6
Moving Towards IPv6
 
Network Visualisation: Focus on RIPE Atlas
Network Visualisation: Focus on RIPE AtlasNetwork Visualisation: Focus on RIPE Atlas
Network Visualisation: Focus on RIPE Atlas
 
A Message About IPv6
A Message About IPv6A Message About IPv6
A Message About IPv6
 
Are Dutch Internet Paths Local - A Measurement Study Using RIPE Atlas
Are Dutch Internet Paths Local - A Measurement Study Using RIPE AtlasAre Dutch Internet Paths Local - A Measurement Study Using RIPE Atlas
Are Dutch Internet Paths Local - A Measurement Study Using RIPE Atlas
 
RIPE Atlas and IXPs "Stitchin' it up"
RIPE Atlas and IXPs "Stitchin' it up"RIPE Atlas and IXPs "Stitchin' it up"
RIPE Atlas and IXPs "Stitchin' it up"
 
RIPE Atlas
RIPE AtlasRIPE Atlas
RIPE Atlas
 
The State of the (Romanian) Internet
The State of the (Romanian) InternetThe State of the (Romanian) Internet
The State of the (Romanian) Internet
 

Similar to Gabriel Paues - IPv6 address planning + making the case for WHY

Google and IPv6: Steinar H. Gunderson, Software engineer, Google
Google and IPv6: Steinar H. Gunderson, Software engineer, GoogleGoogle and IPv6: Steinar H. Gunderson, Software engineer, Google
Google and IPv6: Steinar H. Gunderson, Software engineer, GoogleIPv6no
 
TCP/IP Geeks Stockholm :: Introduction to IPv6
TCP/IP Geeks Stockholm :: Introduction to IPv6TCP/IP Geeks Stockholm :: Introduction to IPv6
TCP/IP Geeks Stockholm :: Introduction to IPv6Olle E Johansson
 
IPv6 at LinkedIn
IPv6 at LinkedInIPv6 at LinkedIn
IPv6 at LinkedInAPNIC
 
Ron Broersma dren-stavanger-22 nov2011
Ron Broersma dren-stavanger-22 nov2011Ron Broersma dren-stavanger-22 nov2011
Ron Broersma dren-stavanger-22 nov2011IPv6no
 
6. IPv6 Internetzugang für Privatkunden: Die Lösung von Swisscom - Martin Gysi
6. IPv6 Internetzugang für Privatkunden: Die Lösung von Swisscom - Martin Gysi6. IPv6 Internetzugang für Privatkunden: Die Lösung von Swisscom - Martin Gysi
6. IPv6 Internetzugang für Privatkunden: Die Lösung von Swisscom - Martin GysiDigicomp Academy AG
 
2009 11 06 3gpp Ietf Ipv6 Shanghai Nat64
2009 11 06 3gpp Ietf Ipv6 Shanghai Nat642009 11 06 3gpp Ietf Ipv6 Shanghai Nat64
2009 11 06 3gpp Ietf Ipv6 Shanghai Nat64yacc2000
 
ION Belfast - IPv6 Success Stories: Network Operators Tell All! - Ian Farrer
ION Belfast - IPv6 Success Stories: Network Operators Tell All! - Ian FarrerION Belfast - IPv6 Success Stories: Network Operators Tell All! - Ian Farrer
ION Belfast - IPv6 Success Stories: Network Operators Tell All! - Ian FarrerDeploy360 Programme (Internet Society)
 
IPv6 IAB/IETF Activities Report from ARIN 32
IPv6 IAB/IETF Activities Report from ARIN 32IPv6 IAB/IETF Activities Report from ARIN 32
IPv6 IAB/IETF Activities Report from ARIN 32ARIN
 
Content over IPv6: no excuses
Content over IPv6: no excusesContent over IPv6: no excuses
Content over IPv6: no excusesIvan Pepelnjak
 
CDN and ISP Operation
CDN and ISP OperationCDN and ISP Operation
CDN and ISP OperationKae Hsu
 
Good Men Rising: IPv6 & DNSSEC (ION Toronto 2011)
Good Men Rising: IPv6 & DNSSEC (ION Toronto 2011)Good Men Rising: IPv6 & DNSSEC (ION Toronto 2011)
Good Men Rising: IPv6 & DNSSEC (ION Toronto 2011)Internet Society
 
Successfully Deploying IPv6
Successfully Deploying IPv6Successfully Deploying IPv6
Successfully Deploying IPv6Zivaro Inc
 
Stay Connected - world IPv6 Launch
Stay Connected - world IPv6 LaunchStay Connected - world IPv6 Launch
Stay Connected - world IPv6 LaunchOlle E Johansson
 
IPVS for Docker Containers
IPVS for Docker ContainersIPVS for Docker Containers
IPVS for Docker ContainersBob Sokol
 

Similar to Gabriel Paues - IPv6 address planning + making the case for WHY (20)

Ventajas de IPv6
Ventajas de IPv6Ventajas de IPv6
Ventajas de IPv6
 
Google and IPv6: Steinar H. Gunderson, Software engineer, Google
Google and IPv6: Steinar H. Gunderson, Software engineer, GoogleGoogle and IPv6: Steinar H. Gunderson, Software engineer, Google
Google and IPv6: Steinar H. Gunderson, Software engineer, Google
 
TCP/IP Geeks Stockholm :: Introduction to IPv6
TCP/IP Geeks Stockholm :: Introduction to IPv6TCP/IP Geeks Stockholm :: Introduction to IPv6
TCP/IP Geeks Stockholm :: Introduction to IPv6
 
IPv6 at LinkedIn
IPv6 at LinkedInIPv6 at LinkedIn
IPv6 at LinkedIn
 
Ron Broersma dren-stavanger-22 nov2011
Ron Broersma dren-stavanger-22 nov2011Ron Broersma dren-stavanger-22 nov2011
Ron Broersma dren-stavanger-22 nov2011
 
6. IPv6 Internetzugang für Privatkunden: Die Lösung von Swisscom - Martin Gysi
6. IPv6 Internetzugang für Privatkunden: Die Lösung von Swisscom - Martin Gysi6. IPv6 Internetzugang für Privatkunden: Die Lösung von Swisscom - Martin Gysi
6. IPv6 Internetzugang für Privatkunden: Die Lösung von Swisscom - Martin Gysi
 
2009 11 06 3gpp Ietf Ipv6 Shanghai Nat64
2009 11 06 3gpp Ietf Ipv6 Shanghai Nat642009 11 06 3gpp Ietf Ipv6 Shanghai Nat64
2009 11 06 3gpp Ietf Ipv6 Shanghai Nat64
 
IPv6
IPv6IPv6
IPv6
 
Getting The World IPv6 Enabled
Getting The World IPv6 EnabledGetting The World IPv6 Enabled
Getting The World IPv6 Enabled
 
ION Belfast - IPv6 Success Stories: Network Operators Tell All! - Ian Farrer
ION Belfast - IPv6 Success Stories: Network Operators Tell All! - Ian FarrerION Belfast - IPv6 Success Stories: Network Operators Tell All! - Ian Farrer
ION Belfast - IPv6 Success Stories: Network Operators Tell All! - Ian Farrer
 
IPv6 IAB/IETF Activities Report from ARIN 32
IPv6 IAB/IETF Activities Report from ARIN 32IPv6 IAB/IETF Activities Report from ARIN 32
IPv6 IAB/IETF Activities Report from ARIN 32
 
Content over IPv6: no excuses
Content over IPv6: no excusesContent over IPv6: no excuses
Content over IPv6: no excuses
 
CDN and ISP Operation
CDN and ISP OperationCDN and ISP Operation
CDN and ISP Operation
 
IPv6 training guide - Yuval Shaul
IPv6 training guide - Yuval ShaulIPv6 training guide - Yuval Shaul
IPv6 training guide - Yuval Shaul
 
Good Men Rising: IPv6 & DNSSEC
Good Men Rising: IPv6 & DNSSECGood Men Rising: IPv6 & DNSSEC
Good Men Rising: IPv6 & DNSSEC
 
Good Men Rising: IPv6 & DNSSEC (ION Toronto 2011)
Good Men Rising: IPv6 & DNSSEC (ION Toronto 2011)Good Men Rising: IPv6 & DNSSEC (ION Toronto 2011)
Good Men Rising: IPv6 & DNSSEC (ION Toronto 2011)
 
Successfully Deploying IPv6
Successfully Deploying IPv6Successfully Deploying IPv6
Successfully Deploying IPv6
 
Suggestion for an IPv6 Roll Out
Suggestion for an IPv6 Roll OutSuggestion for an IPv6 Roll Out
Suggestion for an IPv6 Roll Out
 
Stay Connected - world IPv6 Launch
Stay Connected - world IPv6 LaunchStay Connected - world IPv6 Launch
Stay Connected - world IPv6 Launch
 
IPVS for Docker Containers
IPVS for Docker ContainersIPVS for Docker Containers
IPVS for Docker Containers
 

More from IKT-Norge

Lars Johan Bjørkevoll, Xeneta
Lars Johan Bjørkevoll, XenetaLars Johan Bjørkevoll, Xeneta
Lars Johan Bjørkevoll, XenetaIKT-Norge
 
Erik Stokkeland
Erik Stokkeland Erik Stokkeland
Erik Stokkeland IKT-Norge
 
Ketil Widerberg
Ketil WiderbergKetil Widerberg
Ketil WiderbergIKT-Norge
 
Randi Marjamaa
Randi MarjamaaRandi Marjamaa
Randi MarjamaaIKT-Norge
 
Eirik Norman Hansen
Eirik Norman Hansen Eirik Norman Hansen
Eirik Norman Hansen IKT-Norge
 
Roger Schjervas innlegg for produktivitetskommisjonen 19.05.2015
Roger Schjervas innlegg for produktivitetskommisjonen 19.05.2015Roger Schjervas innlegg for produktivitetskommisjonen 19.05.2015
Roger Schjervas innlegg for produktivitetskommisjonen 19.05.2015IKT-Norge
 
Læringsanalyse – Arne Krokan
Læringsanalyse – Arne KrokanLæringsanalyse – Arne Krokan
Læringsanalyse – Arne KrokanIKT-Norge
 
Læringsanalyse – Yngve Lindvig
Læringsanalyse – Yngve LindvigLæringsanalyse – Yngve Lindvig
Læringsanalyse – Yngve LindvigIKT-Norge
 
Multi Smart Øving – skjermbilder
Multi Smart Øving – skjermbilderMulti Smart Øving – skjermbilder
Multi Smart Øving – skjermbilderIKT-Norge
 
NEO2015: Zwipe
NEO2015: ZwipeNEO2015: Zwipe
NEO2015: ZwipeIKT-Norge
 
NEO2015: Crypho
NEO2015: CryphoNEO2015: Crypho
NEO2015: CryphoIKT-Norge
 
NEO2015: Bartec Pixavi
NEO2015: Bartec PixaviNEO2015: Bartec Pixavi
NEO2015: Bartec PixaviIKT-Norge
 
Verdiskaping i en digital verden: Næringsminister Monica Mæland på NEO2015
Verdiskaping i en digital verden: Næringsminister Monica Mæland på NEO2015Verdiskaping i en digital verden: Næringsminister Monica Mæland på NEO2015
Verdiskaping i en digital verden: Næringsminister Monica Mæland på NEO2015IKT-Norge
 
NEO2015: Filmgrail
NEO2015: FilmgrailNEO2015: Filmgrail
NEO2015: FilmgrailIKT-Norge
 
NEO2015: Home Control
NEO2015: Home ControlNEO2015: Home Control
NEO2015: Home ControlIKT-Norge
 
Et digitalt #drømmeløft for Norge: Innovasjon Norge-keynote på NEO2015
Et digitalt #drømmeløft for Norge: Innovasjon Norge-keynote på NEO2015Et digitalt #drømmeløft for Norge: Innovasjon Norge-keynote på NEO2015
Et digitalt #drømmeløft for Norge: Innovasjon Norge-keynote på NEO2015IKT-Norge
 
NEO2015: The Trampery keynote. Creating a global innovation cluster: Lessons ...
NEO2015: The Trampery keynote. Creating a global innovation cluster: Lessons ...NEO2015: The Trampery keynote. Creating a global innovation cluster: Lessons ...
NEO2015: The Trampery keynote. Creating a global innovation cluster: Lessons ...IKT-Norge
 
NEO2015: Xeneta
NEO2015: XenetaNEO2015: Xeneta
NEO2015: XenetaIKT-Norge
 
NEO2015: Hatteland
NEO2015: HattelandNEO2015: Hatteland
NEO2015: HattelandIKT-Norge
 

More from IKT-Norge (20)

Lars Johan Bjørkevoll, Xeneta
Lars Johan Bjørkevoll, XenetaLars Johan Bjørkevoll, Xeneta
Lars Johan Bjørkevoll, Xeneta
 
Erik Stokkeland
Erik Stokkeland Erik Stokkeland
Erik Stokkeland
 
Ketil Widerberg
Ketil WiderbergKetil Widerberg
Ketil Widerberg
 
Randi Marjamaa
Randi MarjamaaRandi Marjamaa
Randi Marjamaa
 
Roar Olsen
Roar Olsen Roar Olsen
Roar Olsen
 
Eirik Norman Hansen
Eirik Norman Hansen Eirik Norman Hansen
Eirik Norman Hansen
 
Roger Schjervas innlegg for produktivitetskommisjonen 19.05.2015
Roger Schjervas innlegg for produktivitetskommisjonen 19.05.2015Roger Schjervas innlegg for produktivitetskommisjonen 19.05.2015
Roger Schjervas innlegg for produktivitetskommisjonen 19.05.2015
 
Læringsanalyse – Arne Krokan
Læringsanalyse – Arne KrokanLæringsanalyse – Arne Krokan
Læringsanalyse – Arne Krokan
 
Læringsanalyse – Yngve Lindvig
Læringsanalyse – Yngve LindvigLæringsanalyse – Yngve Lindvig
Læringsanalyse – Yngve Lindvig
 
Multi Smart Øving – skjermbilder
Multi Smart Øving – skjermbilderMulti Smart Øving – skjermbilder
Multi Smart Øving – skjermbilder
 
NEO2015: Zwipe
NEO2015: ZwipeNEO2015: Zwipe
NEO2015: Zwipe
 
NEO2015: Crypho
NEO2015: CryphoNEO2015: Crypho
NEO2015: Crypho
 
NEO2015: Bartec Pixavi
NEO2015: Bartec PixaviNEO2015: Bartec Pixavi
NEO2015: Bartec Pixavi
 
Verdiskaping i en digital verden: Næringsminister Monica Mæland på NEO2015
Verdiskaping i en digital verden: Næringsminister Monica Mæland på NEO2015Verdiskaping i en digital verden: Næringsminister Monica Mæland på NEO2015
Verdiskaping i en digital verden: Næringsminister Monica Mæland på NEO2015
 
NEO2015: Filmgrail
NEO2015: FilmgrailNEO2015: Filmgrail
NEO2015: Filmgrail
 
NEO2015: Home Control
NEO2015: Home ControlNEO2015: Home Control
NEO2015: Home Control
 
Et digitalt #drømmeløft for Norge: Innovasjon Norge-keynote på NEO2015
Et digitalt #drømmeløft for Norge: Innovasjon Norge-keynote på NEO2015Et digitalt #drømmeløft for Norge: Innovasjon Norge-keynote på NEO2015
Et digitalt #drømmeløft for Norge: Innovasjon Norge-keynote på NEO2015
 
NEO2015: The Trampery keynote. Creating a global innovation cluster: Lessons ...
NEO2015: The Trampery keynote. Creating a global innovation cluster: Lessons ...NEO2015: The Trampery keynote. Creating a global innovation cluster: Lessons ...
NEO2015: The Trampery keynote. Creating a global innovation cluster: Lessons ...
 
NEO2015: Xeneta
NEO2015: XenetaNEO2015: Xeneta
NEO2015: Xeneta
 
NEO2015: Hatteland
NEO2015: HattelandNEO2015: Hatteland
NEO2015: Hatteland
 

Recently uploaded

Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machinePadma Pradeep
 
Vertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsVertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsMiki Katsuragi
 
The Future of Software Development - Devin AI Innovative Approach.pdf
The Future of Software Development - Devin AI Innovative Approach.pdfThe Future of Software Development - Devin AI Innovative Approach.pdf
The Future of Software Development - Devin AI Innovative Approach.pdfSeasiaInfotech2
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationSafe Software
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLScyllaDB
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebUiPathCommunity
 
Story boards and shot lists for my a level piece
Story boards and shot lists for my a level pieceStory boards and shot lists for my a level piece
Story boards and shot lists for my a level piececharlottematthew16
 
Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxArtificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxhariprasad279825
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 3652toLead Limited
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Mattias Andersson
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024Lorenzo Miniero
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Commit University
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationRidwan Fadjar
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfAlex Barbosa Coqueiro
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brandgvaughan
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...Fwdays
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Manik S Magar
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Mark Simos
 

Recently uploaded (20)

Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machine
 
Vertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsVertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering Tips
 
The Future of Software Development - Devin AI Innovative Approach.pdf
The Future of Software Development - Devin AI Innovative Approach.pdfThe Future of Software Development - Devin AI Innovative Approach.pdf
The Future of Software Development - Devin AI Innovative Approach.pdf
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQL
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio Web
 
Story boards and shot lists for my a level piece
Story boards and shot lists for my a level pieceStory boards and shot lists for my a level piece
Story boards and shot lists for my a level piece
 
Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxArtificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptx
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdf
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brand
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!
 
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptxE-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
 
DMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special EditionDMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special Edition
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
 

Gabriel Paues - IPv6 address planning + making the case for WHY

  • 2. Page 2  Why IPv6?  Address planning  Address assignment  Tips and examples
  • 4. Page 4 Common arguments ”We have enough of “We do not want to be IPv4 addresses – we the early adopters – do not need IPv6!” let the others do the mistakes!” We do not have the TIME! “We do not want to touch existing infrastructure but wait to the next upgrade cycle.”
  • 5. Page 5 Common arguments ”We have enough of “We do not want to be IPv4 addresses – we the early adopters – do not need IPv6!” let the others do the mistakes!” ”The world outside ”Being an early might want to reach adopter also means you over IPv6 - you more experience!” do not want to end up on a ”Wall of Shame”” ”You may set up a separate entry in your network for IPv6 and gradually introduce IPv6 into We do not have the your network!” ”An implementation TIME! may cost more time and resources if “We do not want to implemented in touch existing panic” infrastructure but wait to the next upgrade cycle.”
  • 6. Page 6 One example: http://go6.se/check Some journalist will ask you what your strategy for IPv6 is.
  • 7. Page 7 Not much really… Get a modern webserver. Get a modern DNS and enable the functionality Modern mail server (Exchange 2007 is enough) On the server side Windows 2008 is fine
  • 8. Page 8 Today IPv4 IPv6 Get experience Mail Web DNS while IPv6 traffic is sparse! Services
  • 9. Page 9 Tomorrow IPv4 IPv6 We need this up and running NOW! Mail Web DNS Services
  • 10. Page 10  No time NOW will cost you later: ◦ Upgrade many things at once ◦ Trace errors? ◦ Concentrated costs ◦ No time to get acquainted with IPv6 We need this up and running NOW!
  • 11. Page 11 ”We do not want to touch our current infrastructure!” IPv4 IPv6 Mail Web DNS Small firewall DMZ just for Enable IPv6 support on IPv6 servers but do not add IPv6 DNS records. When tested add IPv6 DNS records. Test network Clients
  • 13. Page 13 Short answer: a lot! Every customer will get a /48 per site: 2128-48 = 280 = 1,208925819614629174706176 * 1024 Is it possible to make mistakes with this many addresses? The answer is yes!
  • 14. Page 14  Size of all subnet should be /64 – there are reasons for this we will come back to! 128 bits n bits 64 – n bits 64 bits Network prefix Subnet ID Host ID Address span for a site Subnet within a site Interface ID, 64 bits
  • 15. Page 15 To spread all subnets randomly over the whole assignment! Assignment (/48) = subnet Can render unnecessary problems in the future!
  • 16. Page 16 How should a customer divide its /48? 2001:db8:1234:[0000-FFFF]::/64 16 * 4096 16 * 16 * 256 16 * 256 * 16 256 * 256 L1 L2 L1 L2 L3 L1 L2 L3 L1 L2 0 000 0 0 00 0 00 0 00 00 . … . . .. . .. . .. .. F FFF F F FF F FF F FF FF One office with many subnets or extremely Few offices with Many offices with Many offices with many offices with many subnets within just a few subnets many subnets within one subnet within each each office within each each • Every subnet should be /64 which gives 65536 subnets in a /48 • Use a hierarchy with two or three levels and use only one L1-net at a time (to avoid cluttering of subnets all over the assignment) • Save the remaining L1-nets for future use • Identify where the majority of the subnets is needed: number of offices or number of subnets per office and let the hierarchy mirror this
  • 17. Page 17  Avoid the 0-net in L1 since the shortening rules makes this network invisible  Only fill in the networks you are using  As an alternative the customer could use a IP planning tool. ◦ http://www.alcatel-lucent.com ◦ http://www.6connect.com ◦ http://www.infoblox.com  Google IPAM to find more! L2 L1 L2 2001:db8:1234:100::/64 2001:db8:1234:1020::/64 2001:db8:1234:20::/64 2001:db8:1234:1100::/64 2001:db8:1234:200::/64 2001:db8:1234:1200::/64 Sorting? More evident! Readability?
  • 18. Page 18 To use the same size everywhere is done by several reasons:  Simplification – easier for administrators, users and support personnel  A number of techniques is built upon this assumption: ◦ Stateless Address Auto Configuration (SLAAC) ◦ Privacy Extensions (used to randomize the last 64 bits of an IP-address instead of using the MAC-address) ◦ Parts of Mobile IPv6 (roaming on IP-level)  Smaller subnet on link nets -> manual configuration
  • 20. Page 20 Manual Stateless Autoconfig (SLAAC) DHCPv6 THIS is your address! Internet R Internet R R R R R R R R R R Could I R have an address, please? Multicast Where am I? You’re with me! Use my address to tell others on the Internet where you are. DHCPv6 Yep, here is one I Server = haven’t given + Computer A unique ID for this away! Host generated address subnet Holds a list of Could be a random number or possible addresses The network prefix of the router the MAC-address of the NIC to give away.
  • 21. Page 21  SLAAC and DHCPv6 communicate over IP – we need an IP-address before we have an ”official address”  It’s an automatic address which is generated on all interfaces with IPv6 support  Can be used on the local link (subnet) and is never routed to another link  Always start with FE80::/10 64-bitars host Host Address = FE80:: + generated suffix (random or MAC) R R Internet R R R Generated A Generated B Generated C Generated D Generated E Generated F
  • 22. Page 22  Static ◦ Manual configuration just as in IPv4.  Address  Prefix length  Default router  DNS resolver Manuell THIS is your address!
  • 23. Page 23  Stateless Address Auto Configuration - SLAAC ◦ Uses an algorithm to create the host-part of the address. ◦ This part is appended to the prefix the router is sending out with a Router Advertisement (RA) ◦ Assumes /64-bits net masks ◦ RA also gives information on default router and prefix length ◦ RA can give information on DNS resolver ◦ All OSes support RA ◦ Some support the option that configures the DNS resolver Where am I? Router Solicitation -> FF02::2 R FF02::1 or link-local <- Router Advertisement You’re with me! Use my address to tell others on the Internet where you are.
  • 24. Page 24 Cur Hop Limit Which Hop Count the client should use on this segment M-flag Decides whether the client should use SLAAC or DHCPv6 to configure the address O-flag Use DHCPv6 to configure other parameters(DNS, NTP- server, etc.) Prefix Prefix (and prefix length) the client should use Other information MTU, link local address for the router, different timeouts that should be used on this segment
  • 25. Page 25  Stateful address - DHCPv6 ◦ Keeps track of which clients get which address Internet R ◦ Can also be used to configure other options R like SIP gateway R R ◦ Normally there exists one DHCPv6 server and R all routers and firewalls acts as relays R Can I have ◦ Some OSes has no support for DHCPv6, for an address, please? instance Mac OS X before version 10.7. ◦ Third party software exists which can help OSes with poor support for DHCPv6 (Dibbler, Kame) ◦ Dibbler, Kame and ISC DHCPD are also examples of DHCPv6-server implementations Sure, here is one I haven’t given away!
  • 26. Page 26 How will a host get its addresses? = address gets assigned Always starts with FE80::/10 Link local The computer gets Static DHCPv6 connected SLAAC ”Official ” Dynamic DHCPv6 In IPv6 every host gets more than one address: 1) Loopback (::1) 2) Link local (one FE80::/10 per interface) 3) ”Official” (global) address (per interface) 4) A number of multicast addresses
  • 28. Page 28 Servers  Static addresses on servers ◦ One prefix per server (simplifies firewall administration since every server has ONE prefix and there is no implicit communication over the link local addresses ◦ Turn off RA reception Prefix: 2001:DB8:1234::/48 2001:DB8:1234:F100::/56: Web 2001:DB8:1234:F101::/64 2001:DB8:1234:F103::/64 2001:DB8:1234:F200::/56: Mail 2001:DB8:1234:F102::/64 16 * 16 * 256 L1 L2 L3 R Web: 2001:DB8:1234:F100::/56 R 0 0 00 Internet . . .. R Mail: 2001:DB8:1234:F200::/56 F F FF L1: future L2:types (servers, clients, infrastructure) 2001:DB8:1234:F202::/64 L3:subnets within types 2001:DB8:1234:F201::/64 2001:DB8:1234:F203::/64
  • 29. Page 29 Clients 2001:DB8:1234:FF00::/56: Clients  Dynamic assignments on clients 16 * 16 * 256  Simpler networks can run SLAAC L1 L2 L3  In a more advanced network where better control 0 0 00 is needed one could use RA with the O(ther . . .. options)- and M(anaged)-flags set without a prefix in the RA F F FF  DHCPv6 is used for address assignment L1: future  Many clients share the same L2:types (servers, clients, infrastructure) VLAN/segment/subnet L3:subnets within types R 2001:DB8:1234:FF01::/64 R R Relay DHCPv6 Relay 2001:db8:1234:FF03::/64 2001:db8:1234:FF02::/64 Server
  • 30. Page 30 Prefix: 2001:DB8:1234::/48  Split the /48 in 256 subnets each and 256 * 256 everyone consisting of 256 subnets with the L1 L2 subnet mask /56 00 00  Take the first for your infrastructure (link .. .. nets, loopback addresses) FF FF  Assign one /56 per office L1  Save 252 subnets for future use 10 Infra 11: HQ 12: Office 1 13: Office 2 Infra: 2001:DB8:1234:1000::/56 HK: 2001:DB8:1234:1100::/56 K1: 2001:DB8:1234:1200::/56 K2: 2001:DB8:1234:1300::/56 Infra R R WAN-links
  • 31. Page 31  How to enumerate static hosts? ◦ Give the router the address ::1 and the server ::2 ◦ Static addresses on clients ::1000 and go upward ◦ Do not give addresses per service (web server::80 and dns::53) – still open for debate! ◦ DHCPv6 scope range ::1000-FFFF
  • 32. Page 32  Every customer will get many addresses (at least a /48) per site  Use levels not to distribute all subnets over the whole assignments  Address assignment ◦ Static - manual ◦ DHCPv6 NEW! ◦ Stateless Address Auto Configuration (SLAAC)  Every host will have several IPv6 addresses 16 * 4096 L1 L2 0 1 2 3 4 5 6 7 8 9 A B C D E F Infra Serv Client Future use
  • 33. Page 33  Gabriel Paues  gabriel.paues@ip-solutions.se

Editor's Notes

  1. StatelessAdvertisements by routersRouters don’t keep track of what configuration parameters are picked up by clientsIP layer parameters may be auto-configured (address, net mask and gateway)DNS parameters may be configured (RFC 6106)ICMP is used to request and advertise parametersMay signal that the clients should use DHCP for other options (like DNS or SIP-gateway)StatefulProvides centralized management of network resourcesHigher layer protocol parameters can be configured as well as IP layer parametersDHCP (or possibly other higher layer protocol) is used to request and advertise parametersStateless and statefulcan be used concurrently