SlideShare a Scribd company logo

APNIC IPv6 Deployment

Download as PPTX, PDF
APNIC
APNIC

Presented by Arth Paulite at the 20th Pacific Network Operators Group meeting held in Suva Fiji from the 3 to 7 July 2017.

Internet
1 of 34
Issue Date: Revision: APNIC IPv6 Deployment Suva Fiji, 3 July 2017 Arth Paulite
Overview • Deployment motivation • Network deployment • IPv6 Services deployment • IPv6 Anycast service • IPv6 cloud services • Lessons learned
Motivation for deployment • Promoting and supporting IPv6 deployment in the region • Providing critical DNS infrastructure • Providing public whois service for APNIC blocks
Global IPv6 allocation 4 /12 /12 /12 /12 /12 /3
IPv6 Reverse Delegations Root . in-addr 202 203 64 22 ip6 0.4.2.ip6.arpa net org com arpa ianaapnic 5 apple
Network Deployment
1 2 3 Using the initial allocation: 2001:DC0:2000::/35 ( before 2003 ) Deploy IPv6 in parallel with existing IPv4 network (dual stack) Use IPv4 tunnel for peering while no native IPv6 upstream available yet. (2003) Deployment timeline Best practice • Use 1 x /48 subnet for staff workstations and mobile device. • Use 1 x /64 for each network VLAN • Use 1 x /64 for all loopback and point to point links
4 5 6 Split 2001:DC0:2000::/35 into /48s Split 2001:DC0:2000:0000::/48 into /64s Used VLAN number as part of subnet: VLAN 10 => 2001:DC0:2000:10::/64 Configuration of IPv6 upstream connection • Configured BGP peering with Hurricane Electric • Advertise 2001:DC0:2000::/35 • Configure router VLAN 10 interface with /64 subnet. Deployment timeline
7 8 9 Configured cisco router interface on VLAN 10 as RA • Used 2001:0DC0:2000:10::/64 for stateless auto- configuration Configured Bind caching/recursive DNS server • Running bind on Redhat Linux • Assigned static IPv6 on the network interface: o 2001:0DC0:2000:10::53/64 • Enabled Bind to listen on IPv6 address • dig www.ripe.net @2001:0DC0:2000:10::53 to test Deployment timeline Connected workstations to VLAN 10 for testing • Verify IPv6 auto configuration works by looking at interface IP • Verify reachability: ping6, traceroute6
Subnetting (Example) 2001:0DC0::/35 2001:0DC0:0000::/48 Original block: Rewrite as a /48 subnet: First /48 Rewrite as /64 subnet How may /64 blocks are there in /48? /48 /64 = 2128-48 2128-64 = 280 264 = 216 2001:0DC0:0000:0000::/64 First /64 or 264 -248 = 216
Subnetting (Example) 2001:0DC0:0000::/48 In bits 0000 0000 0000 00002001:0DC0: ::/48 0000 0000 0000 00012001:0DC0: ::/48 0000 0000 0000 00102001:0DC0: ::/48 0000 0000 0000 00112001:0DC0: ::/48 Start by manipulating the LSB of your network prefix – write in BITS 2001:0DC0:0000::/48 2001:0DC0:0001::/48 2001:0DC0:0002::/48 2001:0DC0:0003::/48 Then write back into hex digits
DNS Production deployment • Use 2001:DC0::/32 – 2001:DC0:0000:/35 in Japan • Secondary DNS servers – 2001:DC0:2000:/35 in Australia • Secondary DNS servers, APNIC services – Web, Mail, etc. – 2001:DC0:4000:/35 in Hong Kong • Secondary DNS servers
IPv6 Services deployment
IPv6 Services deployment DNS Service – DNS servers for APNIC.NET must be configured first. • Setup the server static IPv6 address • Configure to listen on IPv6 UDP and TCP port 53. • Apply the same DNS ACL of IPv4 for IPv6 traffic. – Adding AAAA resource records with 5 minutes TTL initially. ns1.apnic.net. 1H IN A 202.12.29.25 ns1.apnic.net. 5M IN AAAA 2001:0DB8:11::25 tinnie.apnic.net. 1H IN A 202.12.29.59 tinnie.apnic.net. 5M IN AAAA 2001:0DB8:11::59 ns3.apnic.net. 1H IN A 202.12.28.131 ns3.apnic.net. 5M IN AAAA 2001:0DB8:21::131
Services deployment DNS Service – Update apnic.net GLUE record from domain registry. apnic.net. ns1.apnic.net. apnic.net. ns3.apnic.net. apnic.net. tinnie.apnic.net. ns1.apnic.net. 202.12.29.25 ns1.apnic.net. 2001:0DB8:11::25 ns3.apnic.net. 202.12.28.131 ns3.apnic.net. 2001:0DB8:21::131 tinnie.apnic.net. 202.12.29.59 tinnie.apnic.net. 2001:0DB8:11::59
Services deployment web service – Update www.apnic.net host with IPv6 static IP address – Update apache configuration to listen on IPv6 TCP 80, 443. – Add AAAA record in DNS for www.apnic.net. www.apnic.net 1H IN A 203.119.102.244 www.apnic.net 5M IN AAAA 2001:0DB8:13::244 FTP service – Update ftp.apnic.net host with IPv6 static IP address – Update FTP service to listen on IPv6 TCP port 21. – Add AAAA record in DNS for ftp.apnic.net. ftp.apnic.net 1H IN A 202.12.29.205 ftp.apnic.net 5M IN AAAA 2001:0DB8:11::205
Services deployment Mail gateway – Replaced Barracuda spam firewall with Halon – Supports incoming and outgoing IPv6 SMTP session. – Uses IPv6 as priority and failover to IPv4 if connection failed. – Serve as internal IPv6 SMTP open relay. – Clustering worked only in IPv4 until 2004 – Anti-spam, anti-virus definition updates via IPv4. Mail store – Used Courier IMAP to serve IPv6 mail client access. – Migrated to Microsoft Exchange and works with IPv6. – Uses IPv6 as priority and failover to IPv4 if connection failed.
Services deployment Load balancer – Replaced Radware with F5 LTM – Full support of IPv6 service load balancing. – Allows IPv6 virtual server with IPv4 only backend server pool. – Use for load balancing whois queries in both IPv4 and IPv6.
Services deployment LAN and WIFI – Using router for both LAN and WIFI IPv6 auto configuration – Using redundant pair of IPv4 DCHP server and DNS resolver – WIFI authentication uses Radius and LDAP over IPv6.
Services deployment VPN – Using SSL VPN, assigning IPv4 and IPv6 address – Authentication uses Active Directory over IPv6.
IPv6 Anycast Services
IPv6 Anycast Service • e.in-addr-servers.arpa – Dual stack anycast DNS server – Authoritative for in-addr.arpa reverse delegations. • Example: 202.in-addr.arpa, 1.in-addr.arpa, – Using the same IP: 203.119.86.101 & 2001:DD8:6::101/48 • Brisbane • Hong Kong • Tokyo
IPv6 Anycast Service
IPv6 Anycast Service • 2017 – Additional anycast DNS servers – Secondary DNS service for CCTLDs in developing countries. – Anycast instance of APNIC NS servers • Secondary DNS for APNIC block reverse delegations. – Anycast instance for e.ip6-servers.arpa • Secondary DNS for ip6.arpa delegations - IPv6 Registry blocks – Anycast deployment: Australia, Singapore, Japan
IPv6 cloud Services
IPv6 service in the Cloud APNIC Regional whois service: whois.apnic.net • Multiple whois servers behind a load balancer per site • Site locations: Brisbane, Tokyo, London, Fremont US. • Load balancer provides dual stack whois access. • Load balancer and whois server uses IPv4 internally. • Uses the cloud provided IPv4 and IPv6 static IP address. • Uses Linux on provided cloud virtualization platform.
IPv6 service in the Cloud
Lessons Learned
Lessons learned • DNS – Test the service before adding AAAA in DNS. • IPv6 hosts will start connecting via IPv6. – Use low TTL initially e.g. 5 min to easily roll back. – Must have working reverse DNS for IPv6. • Google not accepting mail if SMTP server has no reverse DNS. – Set the outbound IPv6 address • Configured ACLs normally knows static IP but not autoconfigure IP.
Lessons learned • Mail – Make sure static IP is being use for outbound. – IPv6 reverse DNS must be working or mail might bounce. – Update SPF record if you have existing one for IPv4. – Update firewall/ACL, the same for IPv4. 30
Lessons learned • Monitoring – Review existing monitoring, behavior might have changed. • Does it check for IPv6 or IPv4? • Example: SSH check will start using IPv6 not both. – Duplicating an existing check to work with IPv6 • Making sure critical services have separate check for both IPv4 and IPv6 – Monitoring host must be running on dual stack – Customized, scripting to suit requirements. – Monitor services from external network. • Will give you idea if your IPv6 provider is stable and reliable. • Allows monitoring of changes in firewall/ACLs rules.
Lessons learned • IPv6 service on cloud – Cloud providers like Amazon AWS is now supporting IPv6, check location • Can deploy dual stack virtual machine • IPv6 load balancer is available • IPv6 DNS based, geolocation traffic management is available – Linode supports IPv6 in most locations. • Can deploy dual stack virtual machine • IPv6 load balancer is available • No DNS based, geolocation traffic management – Dyn DNS based, geolocation traffic management works • Pricing is not transparent, rely on sales representative for pricing. • Quite expensive
33
Stay in touch! blog.apnic.net apnic.net/social

Recommended

IPv6 deployment at APNIC
IPv6 deployment at APNICIPv6 deployment at APNIC
IPv6 deployment at APNICAPNIC
 
npNOG 2: APNIC IPv6 deployment
npNOG 2: APNIC IPv6 deploymentnpNOG 2: APNIC IPv6 deployment
npNOG 2: APNIC IPv6 deploymentAPNIC
 
More specific announcments in BGP
More specific announcments in BGPMore specific announcments in BGP
More specific announcments in BGPAPNIC
 
Tutorial: Using GoBGP as an IXP connecting router
Tutorial: Using GoBGP as an IXP connecting routerTutorial: Using GoBGP as an IXP connecting router
Tutorial: Using GoBGP as an IXP connecting routerShu Sugimoto
 
IPv6 and the DNS, RIPE 73
IPv6 and the DNS, RIPE 73IPv6 and the DNS, RIPE 73
IPv6 and the DNS, RIPE 73APNIC
 
IPv6 at FPT Telecom
IPv6 at FPT TelecomIPv6 at FPT Telecom
IPv6 at FPT TelecomAPNIC
 
Welcome to the APNIC Member Gathering, Mongolia
Welcome to the APNIC Member Gathering, MongoliaWelcome to the APNIC Member Gathering, Mongolia
Welcome to the APNIC Member Gathering, MongoliaAPNIC
 
Abitcool - A vast array of small-scale service providers with gigabit access,...
Abitcool - A vast array of small-scale service providers with gigabit access,...Abitcool - A vast array of small-scale service providers with gigabit access,...
Abitcool - A vast array of small-scale service providers with gigabit access,...APNIC
 

Recommended

IPv6 deployment at APNIC
IPv6 deployment at APNICIPv6 deployment at APNIC
IPv6 deployment at APNICAPNIC
 
npNOG 2: APNIC IPv6 deployment
npNOG 2: APNIC IPv6 deploymentnpNOG 2: APNIC IPv6 deployment
npNOG 2: APNIC IPv6 deploymentAPNIC
 
More specific announcments in BGP
More specific announcments in BGPMore specific announcments in BGP
More specific announcments in BGPAPNIC
 
Tutorial: Using GoBGP as an IXP connecting router
Tutorial: Using GoBGP as an IXP connecting routerTutorial: Using GoBGP as an IXP connecting router
Tutorial: Using GoBGP as an IXP connecting routerShu Sugimoto
 
IPv6 and the DNS, RIPE 73
IPv6 and the DNS, RIPE 73IPv6 and the DNS, RIPE 73
IPv6 and the DNS, RIPE 73APNIC
 
IPv6 at FPT Telecom
IPv6 at FPT TelecomIPv6 at FPT Telecom
IPv6 at FPT TelecomAPNIC
 
Welcome to the APNIC Member Gathering, Mongolia
Welcome to the APNIC Member Gathering, MongoliaWelcome to the APNIC Member Gathering, Mongolia
Welcome to the APNIC Member Gathering, MongoliaAPNIC
 
Abitcool - A vast array of small-scale service providers with gigabit access,...
Abitcool - A vast array of small-scale service providers with gigabit access,...Abitcool - A vast array of small-scale service providers with gigabit access,...
Abitcool - A vast array of small-scale service providers with gigabit access,...APNIC
 
IPv6 deployment architecture for broadband access networks
IPv6 deployment architecture for broadband access networksIPv6 deployment architecture for broadband access networks
IPv6 deployment architecture for broadband access networksAPNIC
 
Internet Noise (A Story About Two Little Subnets - Tom Paseka
Internet Noise (A Story About Two Little Subnets - Tom PasekaInternet Noise (A Story About Two Little Subnets - Tom Paseka
Internet Noise (A Story About Two Little Subnets - Tom PasekaMyNOG
 
Measuring IPv6 Performance, RIPE73
Measuring IPv6 Performance, RIPE73Measuring IPv6 Performance, RIPE73
Measuring IPv6 Performance, RIPE73APNIC
 
IPv6 Deployment Architecture for Broadband Access Networks
IPv6 Deployment Architecture for Broadband Access NetworksIPv6 Deployment Architecture for Broadband Access Networks
IPv6 Deployment Architecture for Broadband Access NetworksAPNIC
 
Open Connect Appliances - Jocelyn Ooi
Open Connect Appliances - Jocelyn OoiOpen Connect Appliances - Jocelyn Ooi
Open Connect Appliances - Jocelyn OoiMyNOG
 
CommunicAsia 2017: IPv6 deployment architecture for IoT
CommunicAsia 2017: IPv6 deployment architecture for IoTCommunicAsia 2017: IPv6 deployment architecture for IoT
CommunicAsia 2017: IPv6 deployment architecture for IoTAPNIC
 
DIY Netflow Data Analytic with ELK Stack by CL Lee
DIY Netflow Data Analytic with ELK Stack by CL LeeDIY Netflow Data Analytic with ELK Stack by CL Lee
DIY Netflow Data Analytic with ELK Stack by CL LeeMyNOG
 
IPv6 Deployment In Enterprise Networks
IPv6 Deployment In Enterprise NetworksIPv6 Deployment In Enterprise Networks
IPv6 Deployment In Enterprise NetworksIvan Pepelnjak
 
Apnic IPv6 Deployment
Apnic IPv6 DeploymentApnic IPv6 Deployment
Apnic IPv6 DeploymentAPNIC
 
Content over IPv6: no excuses
Content over IPv6: no excusesContent over IPv6: no excuses
Content over IPv6: no excusesIvan Pepelnjak
 
Network State Awareness & Troubleshooting
Network State Awareness & TroubleshootingNetwork State Awareness & Troubleshooting
Network State Awareness & TroubleshootingAPNIC
 
Netflix Open Connect: Delivering Internet TV to the world
Netflix Open Connect: Delivering Internet TV to the worldNetflix Open Connect: Delivering Internet TV to the world
Netflix Open Connect: Delivering Internet TV to the worldInternet Society
 
Route Hijaking and the role of RPKI
Route Hijaking and the role of RPKIRoute Hijaking and the role of RPKI
Route Hijaking and the role of RPKIAPNIC
 
BGP: Whats so special about the number 512?
BGP: Whats so special about the number 512?BGP: Whats so special about the number 512?
BGP: Whats so special about the number 512?GeoffHuston
 
Scaling BGP
Scaling BGPScaling BGP
Scaling BGPAPNIC
 
IPv6 Deployment Case on a Korean Governmental Website
IPv6 Deployment Case on a Korean Governmental WebsiteIPv6 Deployment Case on a Korean Governmental Website
IPv6 Deployment Case on a Korean Governmental WebsiteAPNIC
 
Getting IPv6 & Securing your Routing
Getting IPv6 & Securing your RoutingGetting IPv6 & Securing your Routing
Getting IPv6 & Securing your RoutingRIPE NCC
 
Cloud Traffic Engineer – Google Espresso Project by Shaowen Ma
Cloud Traffic Engineer – Google Espresso Project by Shaowen MaCloud Traffic Engineer – Google Espresso Project by Shaowen Ma
Cloud Traffic Engineer – Google Espresso Project by Shaowen MaMyNOG
 
ION Sri Lanka - IPv6 Deployment at IIJ (IPv6 Panel)
ION Sri Lanka - IPv6 Deployment at IIJ (IPv6 Panel)ION Sri Lanka - IPv6 Deployment at IIJ (IPv6 Panel)
ION Sri Lanka - IPv6 Deployment at IIJ (IPv6 Panel)Deploy360 Programme (Internet Society)
 
IPv6 Addressing Plans and Subnetting
IPv6 Addressing Plans and SubnettingIPv6 Addressing Plans and Subnetting
IPv6 Addressing Plans and SubnettingRIPE NCC
 
02 - IDNOG04 - Sheryl Hermoso (APNIC) - IPv6 Deployment at APNIC
02 - IDNOG04 - Sheryl Hermoso (APNIC) - IPv6 Deployment at APNIC02 - IDNOG04 - Sheryl Hermoso (APNIC) - IPv6 Deployment at APNIC
02 - IDNOG04 - Sheryl Hermoso (APNIC) - IPv6 Deployment at APNICIndonesia Network Operators Group
 
Rapid IPv6 Deployment for ISP Networks
Rapid IPv6 Deployment for ISP NetworksRapid IPv6 Deployment for ISP Networks
Rapid IPv6 Deployment for ISP NetworksSkeeve Stevens
 

More Related Content

What's hot

IPv6 deployment architecture for broadband access networks
IPv6 deployment architecture for broadband access networksIPv6 deployment architecture for broadband access networks
IPv6 deployment architecture for broadband access networksAPNIC
 
Internet Noise (A Story About Two Little Subnets - Tom Paseka
Internet Noise (A Story About Two Little Subnets - Tom PasekaInternet Noise (A Story About Two Little Subnets - Tom Paseka
Internet Noise (A Story About Two Little Subnets - Tom PasekaMyNOG
 
Measuring IPv6 Performance, RIPE73
Measuring IPv6 Performance, RIPE73Measuring IPv6 Performance, RIPE73
Measuring IPv6 Performance, RIPE73APNIC
 
IPv6 Deployment Architecture for Broadband Access Networks
IPv6 Deployment Architecture for Broadband Access NetworksIPv6 Deployment Architecture for Broadband Access Networks
IPv6 Deployment Architecture for Broadband Access NetworksAPNIC
 
Open Connect Appliances - Jocelyn Ooi
Open Connect Appliances - Jocelyn OoiOpen Connect Appliances - Jocelyn Ooi
Open Connect Appliances - Jocelyn OoiMyNOG
 
CommunicAsia 2017: IPv6 deployment architecture for IoT
CommunicAsia 2017: IPv6 deployment architecture for IoTCommunicAsia 2017: IPv6 deployment architecture for IoT
CommunicAsia 2017: IPv6 deployment architecture for IoTAPNIC
 
DIY Netflow Data Analytic with ELK Stack by CL Lee
DIY Netflow Data Analytic with ELK Stack by CL LeeDIY Netflow Data Analytic with ELK Stack by CL Lee
DIY Netflow Data Analytic with ELK Stack by CL LeeMyNOG
 
IPv6 Deployment In Enterprise Networks
IPv6 Deployment In Enterprise NetworksIPv6 Deployment In Enterprise Networks
IPv6 Deployment In Enterprise NetworksIvan Pepelnjak
 
Apnic IPv6 Deployment
Apnic IPv6 DeploymentApnic IPv6 Deployment
Apnic IPv6 DeploymentAPNIC
 
Content over IPv6: no excuses
Content over IPv6: no excusesContent over IPv6: no excuses
Content over IPv6: no excusesIvan Pepelnjak
 
Network State Awareness & Troubleshooting
Network State Awareness & TroubleshootingNetwork State Awareness & Troubleshooting
Network State Awareness & TroubleshootingAPNIC
 
Netflix Open Connect: Delivering Internet TV to the world
Netflix Open Connect: Delivering Internet TV to the worldNetflix Open Connect: Delivering Internet TV to the world
Netflix Open Connect: Delivering Internet TV to the worldInternet Society
 
Route Hijaking and the role of RPKI
Route Hijaking and the role of RPKIRoute Hijaking and the role of RPKI
Route Hijaking and the role of RPKIAPNIC
 
BGP: Whats so special about the number 512?
BGP: Whats so special about the number 512?BGP: Whats so special about the number 512?
BGP: Whats so special about the number 512?GeoffHuston
 
Scaling BGP
Scaling BGPScaling BGP
Scaling BGPAPNIC
 
IPv6 Deployment Case on a Korean Governmental Website
IPv6 Deployment Case on a Korean Governmental WebsiteIPv6 Deployment Case on a Korean Governmental Website
IPv6 Deployment Case on a Korean Governmental WebsiteAPNIC
 
Getting IPv6 & Securing your Routing
Getting IPv6 & Securing your RoutingGetting IPv6 & Securing your Routing
Getting IPv6 & Securing your RoutingRIPE NCC
 
Cloud Traffic Engineer – Google Espresso Project by Shaowen Ma
Cloud Traffic Engineer – Google Espresso Project by Shaowen MaCloud Traffic Engineer – Google Espresso Project by Shaowen Ma
Cloud Traffic Engineer – Google Espresso Project by Shaowen MaMyNOG
 
IPv6 Addressing Plans and Subnetting
IPv6 Addressing Plans and SubnettingIPv6 Addressing Plans and Subnetting
IPv6 Addressing Plans and SubnettingRIPE NCC
 

What's hot (20)

IPv6 deployment architecture for broadband access networks
IPv6 deployment architecture for broadband access networksIPv6 deployment architecture for broadband access networks
IPv6 deployment architecture for broadband access networks
 
Internet Noise (A Story About Two Little Subnets - Tom Paseka
Internet Noise (A Story About Two Little Subnets - Tom PasekaInternet Noise (A Story About Two Little Subnets - Tom Paseka
Internet Noise (A Story About Two Little Subnets - Tom Paseka
 
Measuring IPv6 Performance, RIPE73
Measuring IPv6 Performance, RIPE73Measuring IPv6 Performance, RIPE73
Measuring IPv6 Performance, RIPE73
 
IPv6 Deployment Architecture for Broadband Access Networks
IPv6 Deployment Architecture for Broadband Access NetworksIPv6 Deployment Architecture for Broadband Access Networks
IPv6 Deployment Architecture for Broadband Access Networks
 
Open Connect Appliances - Jocelyn Ooi
Open Connect Appliances - Jocelyn OoiOpen Connect Appliances - Jocelyn Ooi
Open Connect Appliances - Jocelyn Ooi
 
CommunicAsia 2017: IPv6 deployment architecture for IoT
CommunicAsia 2017: IPv6 deployment architecture for IoTCommunicAsia 2017: IPv6 deployment architecture for IoT
CommunicAsia 2017: IPv6 deployment architecture for IoT
 
DIY Netflow Data Analytic with ELK Stack by CL Lee
DIY Netflow Data Analytic with ELK Stack by CL LeeDIY Netflow Data Analytic with ELK Stack by CL Lee
DIY Netflow Data Analytic with ELK Stack by CL Lee
 
IPv6 Deployment In Enterprise Networks
IPv6 Deployment In Enterprise NetworksIPv6 Deployment In Enterprise Networks
IPv6 Deployment In Enterprise Networks
 
Apnic IPv6 Deployment
Apnic IPv6 DeploymentApnic IPv6 Deployment
Apnic IPv6 Deployment
 
Content over IPv6: no excuses
Content over IPv6: no excusesContent over IPv6: no excuses
Content over IPv6: no excuses
 
Network State Awareness & Troubleshooting
Network State Awareness & TroubleshootingNetwork State Awareness & Troubleshooting
Network State Awareness & Troubleshooting
 
Netflix Open Connect: Delivering Internet TV to the world
Netflix Open Connect: Delivering Internet TV to the worldNetflix Open Connect: Delivering Internet TV to the world
Netflix Open Connect: Delivering Internet TV to the world
 
Route Hijaking and the role of RPKI
Route Hijaking and the role of RPKIRoute Hijaking and the role of RPKI
Route Hijaking and the role of RPKI
 
BGP: Whats so special about the number 512?
BGP: Whats so special about the number 512?BGP: Whats so special about the number 512?
BGP: Whats so special about the number 512?
 
Scaling BGP
Scaling BGPScaling BGP
Scaling BGP
 
IPv6 Deployment Case on a Korean Governmental Website
IPv6 Deployment Case on a Korean Governmental WebsiteIPv6 Deployment Case on a Korean Governmental Website
IPv6 Deployment Case on a Korean Governmental Website
 
Getting IPv6 & Securing your Routing
Getting IPv6 & Securing your RoutingGetting IPv6 & Securing your Routing
Getting IPv6 & Securing your Routing
 
Cloud Traffic Engineer – Google Espresso Project by Shaowen Ma
Cloud Traffic Engineer – Google Espresso Project by Shaowen MaCloud Traffic Engineer – Google Espresso Project by Shaowen Ma
Cloud Traffic Engineer – Google Espresso Project by Shaowen Ma
 
ION Sri Lanka - IPv6 Deployment at IIJ (IPv6 Panel)
ION Sri Lanka - IPv6 Deployment at IIJ (IPv6 Panel)ION Sri Lanka - IPv6 Deployment at IIJ (IPv6 Panel)
ION Sri Lanka - IPv6 Deployment at IIJ (IPv6 Panel)
 
IPv6 Addressing Plans and Subnetting
IPv6 Addressing Plans and SubnettingIPv6 Addressing Plans and Subnetting
IPv6 Addressing Plans and Subnetting
 

Similar to APNIC IPv6 Deployment

02 - IDNOG04 - Sheryl Hermoso (APNIC) - IPv6 Deployment at APNIC
02 - IDNOG04 - Sheryl Hermoso (APNIC) - IPv6 Deployment at APNIC02 - IDNOG04 - Sheryl Hermoso (APNIC) - IPv6 Deployment at APNIC
02 - IDNOG04 - Sheryl Hermoso (APNIC) - IPv6 Deployment at APNICIndonesia Network Operators Group
 
Rapid IPv6 Deployment for ISP Networks
Rapid IPv6 Deployment for ISP NetworksRapid IPv6 Deployment for ISP Networks
Rapid IPv6 Deployment for ISP NetworksSkeeve Stevens
 
CAv6TF Meeting - 2014-05-27 - IPv6@ VMware Integration Engineering
CAv6TF Meeting - 2014-05-27 - IPv6@ VMware Integration EngineeringCAv6TF Meeting - 2014-05-27 - IPv6@ VMware Integration Engineering
CAv6TF Meeting - 2014-05-27 - IPv6@ VMware Integration EngineeringChristian Elsen
 
Deploying IPv6 in Cisco's Labs by Robert Beckett at gogoNET LIVE! 3 IPv6 Conf...
Deploying IPv6 in Cisco's Labs by Robert Beckett at gogoNET LIVE! 3 IPv6 Conf...Deploying IPv6 in Cisco's Labs by Robert Beckett at gogoNET LIVE! 3 IPv6 Conf...
Deploying IPv6 in Cisco's Labs by Robert Beckett at gogoNET LIVE! 3 IPv6 Conf...gogo6
 
Successes and Challenges of IPv6 Transition at APNIC
Successes and Challenges of IPv6 Transition at APNICSuccesses and Challenges of IPv6 Transition at APNIC
Successes and Challenges of IPv6 Transition at APNICAPNIC
 
12.00 - Dr. Tim Chown - University of Southampton
12.00 - Dr. Tim Chown - University of Southampton12.00 - Dr. Tim Chown - University of Southampton
12.00 - Dr. Tim Chown - University of SouthamptonIPv6 Summit 2010
 
IPv6 Development in ITB 2013
IPv6 Development in ITB 2013IPv6 Development in ITB 2013
IPv6 Development in ITB 2013Affan Basalamah
 
IPv6 translation methods
IPv6 translation methodsIPv6 translation methods
IPv6 translation methodsAhmad Hijazi
 
CodiLime Tech Talk - Adam Kułagowski: IPv6 - introduction
CodiLime Tech Talk - Adam Kułagowski: IPv6 - introductionCodiLime Tech Talk - Adam Kułagowski: IPv6 - introduction
CodiLime Tech Talk - Adam Kułagowski: IPv6 - introductionCodiLime
 
Indonesia IPv6 Update - APAN Hanoi 2010
Indonesia IPv6 Update - APAN Hanoi 2010Indonesia IPv6 Update - APAN Hanoi 2010
Indonesia IPv6 Update - APAN Hanoi 2010Affan Basalamah
 
Microsoft IT's IPv6 Killer App
Microsoft IT's IPv6 Killer AppMicrosoft IT's IPv6 Killer App
Microsoft IT's IPv6 Killer AppOliver Müller
 
CONFIGURING NETWORK CONNECTIVITY.pptx
CONFIGURING NETWORK CONNECTIVITY.pptxCONFIGURING NETWORK CONNECTIVITY.pptx
CONFIGURING NETWORK CONNECTIVITY.pptxangelito tomas
 
Understanding i pv6 2
Understanding i pv6 2Understanding i pv6 2
Understanding i pv6 2srmanjuskp
 
PLNOG 7: Grzegorz Janoszka - Memoirs from an IPv6 deployment in the hosting n...
PLNOG 7: Grzegorz Janoszka - Memoirs from an IPv6 deployment in the hosting n...PLNOG 7: Grzegorz Janoszka - Memoirs from an IPv6 deployment in the hosting n...
PLNOG 7: Grzegorz Janoszka - Memoirs from an IPv6 deployment in the hosting n...PROIDEA
 
IPv6 Transition & Deployment, including IPv6-only in cellular and broadband
IPv6 Transition & Deployment, including IPv6-only in cellular and broadbandIPv6 Transition & Deployment, including IPv6-only in cellular and broadband
IPv6 Transition & Deployment, including IPv6-only in cellular and broadbandAPNIC
 

Similar to APNIC IPv6 Deployment (20)

02 - IDNOG04 - Sheryl Hermoso (APNIC) - IPv6 Deployment at APNIC
02 - IDNOG04 - Sheryl Hermoso (APNIC) - IPv6 Deployment at APNIC02 - IDNOG04 - Sheryl Hermoso (APNIC) - IPv6 Deployment at APNIC
02 - IDNOG04 - Sheryl Hermoso (APNIC) - IPv6 Deployment at APNIC
 
Rapid IPv6 Deployment for ISP Networks
Rapid IPv6 Deployment for ISP NetworksRapid IPv6 Deployment for ISP Networks
Rapid IPv6 Deployment for ISP Networks
 
CAv6TF Meeting - 2014-05-27 - IPv6@ VMware Integration Engineering
CAv6TF Meeting - 2014-05-27 - IPv6@ VMware Integration EngineeringCAv6TF Meeting - 2014-05-27 - IPv6@ VMware Integration Engineering
CAv6TF Meeting - 2014-05-27 - IPv6@ VMware Integration Engineering
 
Deploying IPv6 in Cisco's Labs by Robert Beckett at gogoNET LIVE! 3 IPv6 Conf...
Deploying IPv6 in Cisco's Labs by Robert Beckett at gogoNET LIVE! 3 IPv6 Conf...Deploying IPv6 in Cisco's Labs by Robert Beckett at gogoNET LIVE! 3 IPv6 Conf...
Deploying IPv6 in Cisco's Labs by Robert Beckett at gogoNET LIVE! 3 IPv6 Conf...
 
Successes and Challenges of IPv6 Transition at APNIC
Successes and Challenges of IPv6 Transition at APNICSuccesses and Challenges of IPv6 Transition at APNIC
Successes and Challenges of IPv6 Transition at APNIC
 
12.00 - Dr. Tim Chown - University of Southampton
12.00 - Dr. Tim Chown - University of Southampton12.00 - Dr. Tim Chown - University of Southampton
12.00 - Dr. Tim Chown - University of Southampton
 
IPv6 Development in ITB 2013
IPv6 Development in ITB 2013IPv6 Development in ITB 2013
IPv6 Development in ITB 2013
 
IPv6 translation methods
IPv6 translation methodsIPv6 translation methods
IPv6 translation methods
 
CodiLime Tech Talk - Adam Kułagowski: IPv6 - introduction
CodiLime Tech Talk - Adam Kułagowski: IPv6 - introductionCodiLime Tech Talk - Adam Kułagowski: IPv6 - introduction
CodiLime Tech Talk - Adam Kułagowski: IPv6 - introduction
 
Indonesia IPv6 Update - APAN Hanoi 2010
Indonesia IPv6 Update - APAN Hanoi 2010Indonesia IPv6 Update - APAN Hanoi 2010
Indonesia IPv6 Update - APAN Hanoi 2010
 
Microsoft IT's IPv6 Killer App
Microsoft IT's IPv6 Killer AppMicrosoft IT's IPv6 Killer App
Microsoft IT's IPv6 Killer App
 
CONFIGURING NETWORK CONNECTIVITY.pptx
CONFIGURING NETWORK CONNECTIVITY.pptxCONFIGURING NETWORK CONNECTIVITY.pptx
CONFIGURING NETWORK CONNECTIVITY.pptx
 
Understanding i pv6 2
Understanding i pv6 2Understanding i pv6 2
Understanding i pv6 2
 
I Pv6 Enabling Menog 0.4
I Pv6 Enabling Menog 0.4I Pv6 Enabling Menog 0.4
I Pv6 Enabling Menog 0.4
 
PLNOG 7: Grzegorz Janoszka - Memoirs from an IPv6 deployment in the hosting n...
PLNOG 7: Grzegorz Janoszka - Memoirs from an IPv6 deployment in the hosting n...PLNOG 7: Grzegorz Janoszka - Memoirs from an IPv6 deployment in the hosting n...
PLNOG 7: Grzegorz Janoszka - Memoirs from an IPv6 deployment in the hosting n...
 
IPv6 in cellular networks - Jordi Palet
IPv6 in cellular networks - Jordi PaletIPv6 in cellular networks - Jordi Palet
IPv6 in cellular networks - Jordi Palet
 
Enabling IPv6 Services Transparently
Enabling IPv6 Services TransparentlyEnabling IPv6 Services Transparently
Enabling IPv6 Services Transparently
 
IPv6 Transition & Deployment, including IPv6-only in cellular and broadband
IPv6 Transition & Deployment, including IPv6-only in cellular and broadbandIPv6 Transition & Deployment, including IPv6-only in cellular and broadband
IPv6 Transition & Deployment, including IPv6-only in cellular and broadband
 
Neutron IPv6
Neutron IPv6Neutron IPv6
Neutron IPv6
 
IPv6 transition and coexistance - Jordi Palet
IPv6 transition and coexistance - Jordi PaletIPv6 transition and coexistance - Jordi Palet
IPv6 transition and coexistance - Jordi Palet
 

More from APNIC

DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024
DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024
DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024APNIC
 
'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...
'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...
'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...APNIC
 
On Starlink, presented by Geoff Huston at NZNOG 2024
On Starlink, presented by Geoff Huston at NZNOG 2024On Starlink, presented by Geoff Huston at NZNOG 2024
On Starlink, presented by Geoff Huston at NZNOG 2024APNIC
 
Networking in the Penumbra presented by Geoff Huston at NZNOG
Networking in the Penumbra presented by Geoff Huston at NZNOGNetworking in the Penumbra presented by Geoff Huston at NZNOG
Networking in the Penumbra presented by Geoff Huston at NZNOGAPNIC
 
IP addressing and IPv6, presented by Paul Wilson at IETF 119
IP addressing and IPv6, presented by Paul Wilson at IETF 119IP addressing and IPv6, presented by Paul Wilson at IETF 119
IP addressing and IPv6, presented by Paul Wilson at IETF 119APNIC
 
draft-harrison-sidrops-manifest-number-01, presented at IETF 119
draft-harrison-sidrops-manifest-number-01, presented at IETF 119draft-harrison-sidrops-manifest-number-01, presented at IETF 119
draft-harrison-sidrops-manifest-number-01, presented at IETF 119APNIC
 
Making an RFC in Today's IETF, presented by Geoff Huston at IETF 119
Making an RFC in Today's IETF, presented by Geoff Huston at IETF 119Making an RFC in Today's IETF, presented by Geoff Huston at IETF 119
Making an RFC in Today's IETF, presented by Geoff Huston at IETF 119APNIC
 
IPv6 Operational Issues (with DNS), presented by Geoff Huston at IETF 119
IPv6 Operational Issues (with DNS), presented by Geoff Huston at IETF 119IPv6 Operational Issues (with DNS), presented by Geoff Huston at IETF 119
IPv6 Operational Issues (with DNS), presented by Geoff Huston at IETF 119APNIC
 
Is DNS ready for IPv6, presented by Geoff Huston at IETF 119
Is DNS ready for IPv6, presented by Geoff Huston at IETF 119Is DNS ready for IPv6, presented by Geoff Huston at IETF 119
Is DNS ready for IPv6, presented by Geoff Huston at IETF 119APNIC
 
Benefits of doing Internet peering and running an Internet Exchange (IX) pres...
Benefits of doing Internet peering and running an Internet Exchange (IX) pres...Benefits of doing Internet peering and running an Internet Exchange (IX) pres...
Benefits of doing Internet peering and running an Internet Exchange (IX) pres...APNIC
 
APNIC Update and RIR Policies for ccTLDs, presented at APTLD 85
APNIC Update and RIR Policies for ccTLDs, presented at APTLD 85APNIC Update and RIR Policies for ccTLDs, presented at APTLD 85
APNIC Update and RIR Policies for ccTLDs, presented at APTLD 85APNIC
 
NANOG 90: 'BGP in 2023' presented by Geoff Huston
NANOG 90: 'BGP in 2023' presented by Geoff HustonNANOG 90: 'BGP in 2023' presented by Geoff Huston
NANOG 90: 'BGP in 2023' presented by Geoff HustonAPNIC
 
DNS-OARC 42: Is the DNS ready for IPv6? presentation by Geoff Huston
DNS-OARC 42: Is the DNS ready for IPv6? presentation by Geoff HustonDNS-OARC 42: Is the DNS ready for IPv6? presentation by Geoff Huston
DNS-OARC 42: Is the DNS ready for IPv6? presentation by Geoff HustonAPNIC
 
APAN 57: APNIC Report at APAN 57, Bangkok, Thailand
APAN 57: APNIC Report at APAN 57, Bangkok, ThailandAPAN 57: APNIC Report at APAN 57, Bangkok, Thailand
APAN 57: APNIC Report at APAN 57, Bangkok, ThailandAPNIC
 
Lao Digital Week 2024: It's time to deploy IPv6
Lao Digital Week 2024: It's time to deploy IPv6Lao Digital Week 2024: It's time to deploy IPv6
Lao Digital Week 2024: It's time to deploy IPv6APNIC
 
AINTEC 2023: Networking in the Penumbra!
AINTEC 2023: Networking in the Penumbra!AINTEC 2023: Networking in the Penumbra!
AINTEC 2023: Networking in the Penumbra!APNIC
 
CNIRC 2023: Global and Regional IPv6 Deployment 2023
CNIRC 2023: Global and Regional IPv6 Deployment 2023CNIRC 2023: Global and Regional IPv6 Deployment 2023
CNIRC 2023: Global and Regional IPv6 Deployment 2023APNIC
 
AFSIG 2023: APNIC Foundation and support for Internet development
AFSIG 2023: APNIC Foundation and support for Internet developmentAFSIG 2023: APNIC Foundation and support for Internet development
AFSIG 2023: APNIC Foundation and support for Internet developmentAPNIC
 
AFNOG 1: Afghanistan IP Deployment Status
AFNOG 1: Afghanistan IP Deployment StatusAFNOG 1: Afghanistan IP Deployment Status
AFNOG 1: Afghanistan IP Deployment StatusAPNIC
 
AFSIG 2023: Internet routing and addressing
AFSIG 2023: Internet routing and addressingAFSIG 2023: Internet routing and addressing
AFSIG 2023: Internet routing and addressingAPNIC
 

More from APNIC (20)

DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024
DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024
DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024
 
'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...
'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...
'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...
 
On Starlink, presented by Geoff Huston at NZNOG 2024
On Starlink, presented by Geoff Huston at NZNOG 2024On Starlink, presented by Geoff Huston at NZNOG 2024
On Starlink, presented by Geoff Huston at NZNOG 2024
 
Networking in the Penumbra presented by Geoff Huston at NZNOG
Networking in the Penumbra presented by Geoff Huston at NZNOGNetworking in the Penumbra presented by Geoff Huston at NZNOG
Networking in the Penumbra presented by Geoff Huston at NZNOG
 
IP addressing and IPv6, presented by Paul Wilson at IETF 119
IP addressing and IPv6, presented by Paul Wilson at IETF 119IP addressing and IPv6, presented by Paul Wilson at IETF 119
IP addressing and IPv6, presented by Paul Wilson at IETF 119
 
draft-harrison-sidrops-manifest-number-01, presented at IETF 119
draft-harrison-sidrops-manifest-number-01, presented at IETF 119draft-harrison-sidrops-manifest-number-01, presented at IETF 119
draft-harrison-sidrops-manifest-number-01, presented at IETF 119
 
Making an RFC in Today's IETF, presented by Geoff Huston at IETF 119
Making an RFC in Today's IETF, presented by Geoff Huston at IETF 119Making an RFC in Today's IETF, presented by Geoff Huston at IETF 119
Making an RFC in Today's IETF, presented by Geoff Huston at IETF 119
 
IPv6 Operational Issues (with DNS), presented by Geoff Huston at IETF 119
IPv6 Operational Issues (with DNS), presented by Geoff Huston at IETF 119IPv6 Operational Issues (with DNS), presented by Geoff Huston at IETF 119
IPv6 Operational Issues (with DNS), presented by Geoff Huston at IETF 119
 
Is DNS ready for IPv6, presented by Geoff Huston at IETF 119
Is DNS ready for IPv6, presented by Geoff Huston at IETF 119Is DNS ready for IPv6, presented by Geoff Huston at IETF 119
Is DNS ready for IPv6, presented by Geoff Huston at IETF 119
 
Benefits of doing Internet peering and running an Internet Exchange (IX) pres...
Benefits of doing Internet peering and running an Internet Exchange (IX) pres...Benefits of doing Internet peering and running an Internet Exchange (IX) pres...
Benefits of doing Internet peering and running an Internet Exchange (IX) pres...
 
APNIC Update and RIR Policies for ccTLDs, presented at APTLD 85
APNIC Update and RIR Policies for ccTLDs, presented at APTLD 85APNIC Update and RIR Policies for ccTLDs, presented at APTLD 85
APNIC Update and RIR Policies for ccTLDs, presented at APTLD 85
 
NANOG 90: 'BGP in 2023' presented by Geoff Huston
NANOG 90: 'BGP in 2023' presented by Geoff HustonNANOG 90: 'BGP in 2023' presented by Geoff Huston
NANOG 90: 'BGP in 2023' presented by Geoff Huston
 
DNS-OARC 42: Is the DNS ready for IPv6? presentation by Geoff Huston
DNS-OARC 42: Is the DNS ready for IPv6? presentation by Geoff HustonDNS-OARC 42: Is the DNS ready for IPv6? presentation by Geoff Huston
DNS-OARC 42: Is the DNS ready for IPv6? presentation by Geoff Huston
 
APAN 57: APNIC Report at APAN 57, Bangkok, Thailand
APAN 57: APNIC Report at APAN 57, Bangkok, ThailandAPAN 57: APNIC Report at APAN 57, Bangkok, Thailand
APAN 57: APNIC Report at APAN 57, Bangkok, Thailand
 
Lao Digital Week 2024: It's time to deploy IPv6
Lao Digital Week 2024: It's time to deploy IPv6Lao Digital Week 2024: It's time to deploy IPv6
Lao Digital Week 2024: It's time to deploy IPv6
 
AINTEC 2023: Networking in the Penumbra!
AINTEC 2023: Networking in the Penumbra!AINTEC 2023: Networking in the Penumbra!
AINTEC 2023: Networking in the Penumbra!
 
CNIRC 2023: Global and Regional IPv6 Deployment 2023
CNIRC 2023: Global and Regional IPv6 Deployment 2023CNIRC 2023: Global and Regional IPv6 Deployment 2023
CNIRC 2023: Global and Regional IPv6 Deployment 2023
 
AFSIG 2023: APNIC Foundation and support for Internet development
AFSIG 2023: APNIC Foundation and support for Internet developmentAFSIG 2023: APNIC Foundation and support for Internet development
AFSIG 2023: APNIC Foundation and support for Internet development
 
AFNOG 1: Afghanistan IP Deployment Status
AFNOG 1: Afghanistan IP Deployment StatusAFNOG 1: Afghanistan IP Deployment Status
AFNOG 1: Afghanistan IP Deployment Status
 
AFSIG 2023: Internet routing and addressing
AFSIG 2023: Internet routing and addressingAFSIG 2023: Internet routing and addressing
AFSIG 2023: Internet routing and addressing
 

Recently uploaded

AWS Community DAY Albertini-Ellan Cloud Security (1).pptx
AWS Community DAY Albertini-Ellan Cloud Security (1).pptxAWS Community DAY Albertini-Ellan Cloud Security (1).pptx
AWS Community DAY Albertini-Ellan Cloud Security (1).pptxellan12
 
VIP Kolkata Call Girl Salt Lake 👉 8250192130 Available With Room
VIP Kolkata Call Girl Salt Lake 👉 8250192130 Available With RoomVIP Kolkata Call Girl Salt Lake 👉 8250192130 Available With Room
VIP Kolkata Call Girl Salt Lake 👉 8250192130 Available With Roomishabajaj13
 
Gram Darshan PPT cyber rural in villages of india
Gram Darshan PPT cyber rural in villages of indiaGram Darshan PPT cyber rural in villages of india
Gram Darshan PPT cyber rural in villages of indiaimessage0108
 
Russian Call Girls in Kolkata Ishita 🤌 8250192130 🚀 Vip Call Girls Kolkata
Russian Call Girls in Kolkata Ishita 🤌 8250192130 🚀 Vip Call Girls KolkataRussian Call Girls in Kolkata Ishita 🤌 8250192130 🚀 Vip Call Girls Kolkata
Russian Call Girls in Kolkata Ishita 🤌 8250192130 🚀 Vip Call Girls Kolkataanamikaraghav4
 
Chennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts service
Chennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts serviceChennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts service
Chennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts servicevipmodelshub1
 
VIP Kolkata Call Girl Kestopur 👉 8250192130 Available With Room
VIP Kolkata Call Girl Kestopur 👉 8250192130 Available With RoomVIP Kolkata Call Girl Kestopur 👉 8250192130 Available With Room
VIP Kolkata Call Girl Kestopur 👉 8250192130 Available With Roomdivyansh0kumar0
 
Call Girls In Model Towh Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Model Towh Delhi 💯Call Us 🔝8264348440🔝Call Girls In Model Towh Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Model Towh Delhi 💯Call Us 🔝8264348440🔝soniya singh
 
Radiant Call girls in Dubai O56338O268 Dubai Call girls
Radiant Call girls in Dubai O56338O268 Dubai Call girlsRadiant Call girls in Dubai O56338O268 Dubai Call girls
Radiant Call girls in Dubai O56338O268 Dubai Call girlsstephieert
 
Russian Call girls in Dubai +971563133746 Dubai Call girls
Russian Call girls in Dubai +971563133746 Dubai Call girlsRussian Call girls in Dubai +971563133746 Dubai Call girls
Russian Call girls in Dubai +971563133746 Dubai Call girlsstephieert
 
Call Girls In Defence Colony Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Defence Colony Delhi 💯Call Us 🔝8264348440🔝Call Girls In Defence Colony Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Defence Colony Delhi 💯Call Us 🔝8264348440🔝soniya singh
 
Low Rate Call Girls Kolkata Avani 🤌 8250192130 🚀 Vip Call Girls Kolkata
Low Rate Call Girls Kolkata Avani 🤌 8250192130 🚀 Vip Call Girls KolkataLow Rate Call Girls Kolkata Avani 🤌 8250192130 🚀 Vip Call Girls Kolkata
Low Rate Call Girls Kolkata Avani 🤌 8250192130 🚀 Vip Call Girls Kolkataanamikaraghav4
 
VIP Kolkata Call Girl Dum Dum 👉 8250192130 Available With Room
VIP Kolkata Call Girl Dum Dum 👉 8250192130 Available With RoomVIP Kolkata Call Girl Dum Dum 👉 8250192130 Available With Room
VIP Kolkata Call Girl Dum Dum 👉 8250192130 Available With Roomdivyansh0kumar0
 
Hot Service (+9316020077 ) Goa Call Girls Real Photos and Genuine Service
Hot Service (+9316020077 ) Goa Call Girls Real Photos and Genuine ServiceHot Service (+9316020077 ) Goa Call Girls Real Photos and Genuine Service
Hot Service (+9316020077 ) Goa Call Girls Real Photos and Genuine Servicesexy call girls service in goa
 
VIP 7001035870 Find & Meet Hyderabad Call Girls Dilsukhnagar high-profile Cal...
VIP 7001035870 Find & Meet Hyderabad Call Girls Dilsukhnagar high-profile Cal...VIP 7001035870 Find & Meet Hyderabad Call Girls Dilsukhnagar high-profile Cal...
VIP 7001035870 Find & Meet Hyderabad Call Girls Dilsukhnagar high-profile Cal...aditipandeya
 
Russian Call Girls Thane Swara 8617697112 Independent Escort Service Thane
Russian Call Girls Thane Swara 8617697112 Independent Escort Service ThaneRussian Call Girls Thane Swara 8617697112 Independent Escort Service Thane
Russian Call Girls Thane Swara 8617697112 Independent Escort Service ThaneCall girls in Ahmedabad High profile
 
How is AI changing journalism? (v. April 2024)
How is AI changing journalism? (v. April 2024)How is AI changing journalism? (v. April 2024)
How is AI changing journalism? (v. April 2024)Damian Radcliffe
 
GDG Cloud Southlake 32: Kyle Hettinger: Demystifying the Dark Web
GDG Cloud Southlake 32: Kyle Hettinger: Demystifying the Dark WebGDG Cloud Southlake 32: Kyle Hettinger: Demystifying the Dark Web
GDG Cloud Southlake 32: Kyle Hettinger: Demystifying the Dark WebJames Anderson
 

Recently uploaded (20)

AWS Community DAY Albertini-Ellan Cloud Security (1).pptx
AWS Community DAY Albertini-Ellan Cloud Security (1).pptxAWS Community DAY Albertini-Ellan Cloud Security (1).pptx
AWS Community DAY Albertini-Ellan Cloud Security (1).pptx
 
VIP Kolkata Call Girl Salt Lake 👉 8250192130 Available With Room
VIP Kolkata Call Girl Salt Lake 👉 8250192130 Available With RoomVIP Kolkata Call Girl Salt Lake 👉 8250192130 Available With Room
VIP Kolkata Call Girl Salt Lake 👉 8250192130 Available With Room
 
Gram Darshan PPT cyber rural in villages of india
Gram Darshan PPT cyber rural in villages of indiaGram Darshan PPT cyber rural in villages of india
Gram Darshan PPT cyber rural in villages of india
 
Russian Call Girls in Kolkata Ishita 🤌 8250192130 🚀 Vip Call Girls Kolkata
Russian Call Girls in Kolkata Ishita 🤌 8250192130 🚀 Vip Call Girls KolkataRussian Call Girls in Kolkata Ishita 🤌 8250192130 🚀 Vip Call Girls Kolkata
Russian Call Girls in Kolkata Ishita 🤌 8250192130 🚀 Vip Call Girls Kolkata
 
Chennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts service
Chennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts serviceChennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts service
Chennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts service
 
VIP Kolkata Call Girl Kestopur 👉 8250192130 Available With Room
VIP Kolkata Call Girl Kestopur 👉 8250192130 Available With RoomVIP Kolkata Call Girl Kestopur 👉 8250192130 Available With Room
VIP Kolkata Call Girl Kestopur 👉 8250192130 Available With Room
 
Call Girls In Model Towh Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Model Towh Delhi 💯Call Us 🔝8264348440🔝Call Girls In Model Towh Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Model Towh Delhi 💯Call Us 🔝8264348440🔝
 
Radiant Call girls in Dubai O56338O268 Dubai Call girls
Radiant Call girls in Dubai O56338O268 Dubai Call girlsRadiant Call girls in Dubai O56338O268 Dubai Call girls
Radiant Call girls in Dubai O56338O268 Dubai Call girls
 
Russian Call girls in Dubai +971563133746 Dubai Call girls
Russian Call girls in Dubai +971563133746 Dubai Call girlsRussian Call girls in Dubai +971563133746 Dubai Call girls
Russian Call girls in Dubai +971563133746 Dubai Call girls
 
Call Girls In Defence Colony Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Defence Colony Delhi 💯Call Us 🔝8264348440🔝Call Girls In Defence Colony Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Defence Colony Delhi 💯Call Us 🔝8264348440🔝
 
Low Rate Call Girls Kolkata Avani 🤌 8250192130 🚀 Vip Call Girls Kolkata
Low Rate Call Girls Kolkata Avani 🤌 8250192130 🚀 Vip Call Girls KolkataLow Rate Call Girls Kolkata Avani 🤌 8250192130 🚀 Vip Call Girls Kolkata
Low Rate Call Girls Kolkata Avani 🤌 8250192130 🚀 Vip Call Girls Kolkata
 
VIP Kolkata Call Girl Dum Dum 👉 8250192130 Available With Room
VIP Kolkata Call Girl Dum Dum 👉 8250192130 Available With RoomVIP Kolkata Call Girl Dum Dum 👉 8250192130 Available With Room
VIP Kolkata Call Girl Dum Dum 👉 8250192130 Available With Room
 
Hot Service (+9316020077 ) Goa Call Girls Real Photos and Genuine Service
Hot Service (+9316020077 ) Goa Call Girls Real Photos and Genuine ServiceHot Service (+9316020077 ) Goa Call Girls Real Photos and Genuine Service
Hot Service (+9316020077 ) Goa Call Girls Real Photos and Genuine Service
 
Call Girls In South Ex 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SERVICE
Call Girls In South Ex 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SERVICECall Girls In South Ex 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SERVICE
Call Girls In South Ex 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SERVICE
 
VIP 7001035870 Find & Meet Hyderabad Call Girls Dilsukhnagar high-profile Cal...
VIP 7001035870 Find & Meet Hyderabad Call Girls Dilsukhnagar high-profile Cal...VIP 7001035870 Find & Meet Hyderabad Call Girls Dilsukhnagar high-profile Cal...
VIP 7001035870 Find & Meet Hyderabad Call Girls Dilsukhnagar high-profile Cal...
 
Russian Call Girls Thane Swara 8617697112 Independent Escort Service Thane
Russian Call Girls Thane Swara 8617697112 Independent Escort Service ThaneRussian Call Girls Thane Swara 8617697112 Independent Escort Service Thane
Russian Call Girls Thane Swara 8617697112 Independent Escort Service Thane
 
Model Call Girl in Jamuna Vihar Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Jamuna Vihar Delhi reach out to us at 🔝9953056974🔝Model Call Girl in Jamuna Vihar Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Jamuna Vihar Delhi reach out to us at 🔝9953056974🔝
 
How is AI changing journalism? (v. April 2024)
How is AI changing journalism? (v. April 2024)How is AI changing journalism? (v. April 2024)
How is AI changing journalism? (v. April 2024)
 
Rohini Sector 26 Call Girls Delhi 9999965857 @Sabina Saikh No Advance
Rohini Sector 26 Call Girls Delhi 9999965857 @Sabina Saikh No AdvanceRohini Sector 26 Call Girls Delhi 9999965857 @Sabina Saikh No Advance
Rohini Sector 26 Call Girls Delhi 9999965857 @Sabina Saikh No Advance
 
GDG Cloud Southlake 32: Kyle Hettinger: Demystifying the Dark Web
GDG Cloud Southlake 32: Kyle Hettinger: Demystifying the Dark WebGDG Cloud Southlake 32: Kyle Hettinger: Demystifying the Dark Web
GDG Cloud Southlake 32: Kyle Hettinger: Demystifying the Dark Web
 

APNIC IPv6 Deployment

  • 1. Issue Date: Revision: APNIC IPv6 Deployment Suva Fiji, 3 July 2017 Arth Paulite
  • 2. Overview • Deployment motivation • Network deployment • IPv6 Services deployment • IPv6 Anycast service • IPv6 cloud services • Lessons learned
  • 3. Motivation for deployment • Promoting and supporting IPv6 deployment in the region • Providing critical DNS infrastructure • Providing public whois service for APNIC blocks
  • 5. IPv6 Reverse Delegations Root . in-addr 202 203 64 22 ip6 0.4.2.ip6.arpa net org com arpa ianaapnic 5 apple
  • 7. 1 2 3 Using the initial allocation: 2001:DC0:2000::/35 ( before 2003 ) Deploy IPv6 in parallel with existing IPv4 network (dual stack) Use IPv4 tunnel for peering while no native IPv6 upstream available yet. (2003) Deployment timeline Best practice • Use 1 x /48 subnet for staff workstations and mobile device. • Use 1 x /64 for each network VLAN • Use 1 x /64 for all loopback and point to point links
  • 8. 4 5 6 Split 2001:DC0:2000::/35 into /48s Split 2001:DC0:2000:0000::/48 into /64s Used VLAN number as part of subnet: VLAN 10 => 2001:DC0:2000:10::/64 Configuration of IPv6 upstream connection • Configured BGP peering with Hurricane Electric • Advertise 2001:DC0:2000::/35 • Configure router VLAN 10 interface with /64 subnet. Deployment timeline
  • 9. 7 8 9 Configured cisco router interface on VLAN 10 as RA • Used 2001:0DC0:2000:10::/64 for stateless auto- configuration Configured Bind caching/recursive DNS server • Running bind on Redhat Linux • Assigned static IPv6 on the network interface: o 2001:0DC0:2000:10::53/64 • Enabled Bind to listen on IPv6 address • dig www.ripe.net @2001:0DC0:2000:10::53 to test Deployment timeline Connected workstations to VLAN 10 for testing • Verify IPv6 auto configuration works by looking at interface IP • Verify reachability: ping6, traceroute6
  • 10. Subnetting (Example) 2001:0DC0::/35 2001:0DC0:0000::/48 Original block: Rewrite as a /48 subnet: First /48 Rewrite as /64 subnet How may /64 blocks are there in /48? /48 /64 = 2128-48 2128-64 = 280 264 = 216 2001:0DC0:0000:0000::/64 First /64 or 264 -248 = 216
  • 11. Subnetting (Example) 2001:0DC0:0000::/48 In bits 0000 0000 0000 00002001:0DC0: ::/48 0000 0000 0000 00012001:0DC0: ::/48 0000 0000 0000 00102001:0DC0: ::/48 0000 0000 0000 00112001:0DC0: ::/48 Start by manipulating the LSB of your network prefix – write in BITS 2001:0DC0:0000::/48 2001:0DC0:0001::/48 2001:0DC0:0002::/48 2001:0DC0:0003::/48 Then write back into hex digits
  • 12. DNS Production deployment • Use 2001:DC0::/32 – 2001:DC0:0000:/35 in Japan • Secondary DNS servers – 2001:DC0:2000:/35 in Australia • Secondary DNS servers, APNIC services – Web, Mail, etc. – 2001:DC0:4000:/35 in Hong Kong • Secondary DNS servers
  • 14. IPv6 Services deployment DNS Service – DNS servers for APNIC.NET must be configured first. • Setup the server static IPv6 address • Configure to listen on IPv6 UDP and TCP port 53. • Apply the same DNS ACL of IPv4 for IPv6 traffic. – Adding AAAA resource records with 5 minutes TTL initially. ns1.apnic.net. 1H IN A 202.12.29.25 ns1.apnic.net. 5M IN AAAA 2001:0DB8:11::25 tinnie.apnic.net. 1H IN A 202.12.29.59 tinnie.apnic.net. 5M IN AAAA 2001:0DB8:11::59 ns3.apnic.net. 1H IN A 202.12.28.131 ns3.apnic.net. 5M IN AAAA 2001:0DB8:21::131
  • 15. Services deployment DNS Service – Update apnic.net GLUE record from domain registry. apnic.net. ns1.apnic.net. apnic.net. ns3.apnic.net. apnic.net. tinnie.apnic.net. ns1.apnic.net. 202.12.29.25 ns1.apnic.net. 2001:0DB8:11::25 ns3.apnic.net. 202.12.28.131 ns3.apnic.net. 2001:0DB8:21::131 tinnie.apnic.net. 202.12.29.59 tinnie.apnic.net. 2001:0DB8:11::59
  • 16. Services deployment web service – Update www.apnic.net host with IPv6 static IP address – Update apache configuration to listen on IPv6 TCP 80, 443. – Add AAAA record in DNS for www.apnic.net. www.apnic.net 1H IN A 203.119.102.244 www.apnic.net 5M IN AAAA 2001:0DB8:13::244 FTP service – Update ftp.apnic.net host with IPv6 static IP address – Update FTP service to listen on IPv6 TCP port 21. – Add AAAA record in DNS for ftp.apnic.net. ftp.apnic.net 1H IN A 202.12.29.205 ftp.apnic.net 5M IN AAAA 2001:0DB8:11::205
  • 17. Services deployment Mail gateway – Replaced Barracuda spam firewall with Halon – Supports incoming and outgoing IPv6 SMTP session. – Uses IPv6 as priority and failover to IPv4 if connection failed. – Serve as internal IPv6 SMTP open relay. – Clustering worked only in IPv4 until 2004 – Anti-spam, anti-virus definition updates via IPv4. Mail store – Used Courier IMAP to serve IPv6 mail client access. – Migrated to Microsoft Exchange and works with IPv6. – Uses IPv6 as priority and failover to IPv4 if connection failed.
  • 18. Services deployment Load balancer – Replaced Radware with F5 LTM – Full support of IPv6 service load balancing. – Allows IPv6 virtual server with IPv4 only backend server pool. – Use for load balancing whois queries in both IPv4 and IPv6.
  • 19. Services deployment LAN and WIFI – Using router for both LAN and WIFI IPv6 auto configuration – Using redundant pair of IPv4 DCHP server and DNS resolver – WIFI authentication uses Radius and LDAP over IPv6.
  • 20. Services deployment VPN – Using SSL VPN, assigning IPv4 and IPv6 address – Authentication uses Active Directory over IPv6.
  • 22. IPv6 Anycast Service • e.in-addr-servers.arpa – Dual stack anycast DNS server – Authoritative for in-addr.arpa reverse delegations. • Example: 202.in-addr.arpa, 1.in-addr.arpa, – Using the same IP: 203.119.86.101 & 2001:DD8:6::101/48 • Brisbane • Hong Kong • Tokyo
  • 24. IPv6 Anycast Service • 2017 – Additional anycast DNS servers – Secondary DNS service for CCTLDs in developing countries. – Anycast instance of APNIC NS servers • Secondary DNS for APNIC block reverse delegations. – Anycast instance for e.ip6-servers.arpa • Secondary DNS for ip6.arpa delegations - IPv6 Registry blocks – Anycast deployment: Australia, Singapore, Japan
  • 26. IPv6 service in the Cloud APNIC Regional whois service: whois.apnic.net • Multiple whois servers behind a load balancer per site • Site locations: Brisbane, Tokyo, London, Fremont US. • Load balancer provides dual stack whois access. • Load balancer and whois server uses IPv4 internally. • Uses the cloud provided IPv4 and IPv6 static IP address. • Uses Linux on provided cloud virtualization platform.
  • 27. IPv6 service in the Cloud
  • 29. Lessons learned • DNS – Test the service before adding AAAA in DNS. • IPv6 hosts will start connecting via IPv6. – Use low TTL initially e.g. 5 min to easily roll back. – Must have working reverse DNS for IPv6. • Google not accepting mail if SMTP server has no reverse DNS. – Set the outbound IPv6 address • Configured ACLs normally knows static IP but not autoconfigure IP.
  • 30. Lessons learned • Mail – Make sure static IP is being use for outbound. – IPv6 reverse DNS must be working or mail might bounce. – Update SPF record if you have existing one for IPv4. – Update firewall/ACL, the same for IPv4. 30
  • 31. Lessons learned • Monitoring – Review existing monitoring, behavior might have changed. • Does it check for IPv6 or IPv4? • Example: SSH check will start using IPv6 not both. – Duplicating an existing check to work with IPv6 • Making sure critical services have separate check for both IPv4 and IPv6 – Monitoring host must be running on dual stack – Customized, scripting to suit requirements. – Monitor services from external network. • Will give you idea if your IPv6 provider is stable and reliable. • Allows monitoring of changes in firewall/ACLs rules.
  • 32. Lessons learned • IPv6 service on cloud – Cloud providers like Amazon AWS is now supporting IPv6, check location • Can deploy dual stack virtual machine • IPv6 load balancer is available • IPv6 DNS based, geolocation traffic management is available – Linode supports IPv6 in most locations. • Can deploy dual stack virtual machine • IPv6 load balancer is available • No DNS based, geolocation traffic management – Dyn DNS based, geolocation traffic management works • Pricing is not transparent, rely on sales representative for pricing. • Quite expensive
  • 33. 33

Editor's Notes

  1. To verify