IPv6/IPv4 Transition: The experience sharing of Tunnel Broker deployment
1. Ethern M., Lin
The experience sharing
Tunnel Broker deployment
Academia Sinica Computing Centre
6, July, 2007
IPv6/IPv4 Transition
of
8th IP Open Policy Meeting
TWNIC
2. Outline
Introduction
The roadmap of IPv6 transition
The role of Tunnel Broker
The O&M of ASCC
IPv6 applications
4. Introduction
Just experience sharing, not advertisement!
Solving the access problems in end-user side.
Combine with RADIUS, provide SSO.
Minimize the cost in operation and
management for IPv6/IPv4 Transition.
Easy to use for end-users.
6. Transition stages(1)
Stage 1
IPv4 backbone + IPv4 customers
Get IPv6 Address; IPv6 Connectivity to
Upstream or peers; IPv6 transit; IPv6 IX
Stage 2
Backbone support IPv6/IPv4
Software/hardware upgrade; Tunnel could help
customer to connect to IPv6
Customers support IPv6/IPv4
Tunnel; IPv6 overlay network(6PE)
7. Transition stages(2)
Stage 3
IPv6/IPv4 backbone + IPv6/IPv4 customers
Import IPv6 features for yourself
Routine or scheduled evolution
Get IPv6 features in all new equipments.
8. Transition actions(1)
Backbone
IPv6 connectivity to upstream or peers
Enable IPv6 function to IPv6 network
components
Upgrade regular network management and
monitoring applications
Connect dual-stack customers through IPv4
backbone
Backbone from IPv4 to dual-stack
11. Customers connection transition steps(1)
Tunneling, prefix is
the key
Configured/automated
Tunneling
ISATAP [RFC 4214]
6to4 [RFC 3056]
Teredo [RFC 4380]
Small sites
Dual stack ->
configured tunneling ->
automated tunneling
Large sites
Dual stack ->
Configured tunneling
Customer premise equipment
Too much to manual configured
DHCPv6 or stateless mechanism
12. Customers connection transition steps(2)
Issues
Firewall, NAT, dynamic IP assigned
User authentication/access control
Traceability
Ingress filtering, uRPF
Multi-homing
developing; multi-connection
Quality of Service
13. Network and service operation action
IPv6 network device configuration
IPv6 network management
IPv6 monitoring
IPv6 customers management
IPv6 network and service operation security
14. How does ASCC proceed?
At the outset -> Tunneling
IPv6/IPv4 Tunnel w/ BGP4+
Where is the Dual-Stack exist?
Campus, WAN
Native and pure IPv6 Link
IPv6 IX, dedicated IPv6 Link with other networks
Transition mechanism
6to4, Tunnel broker
24. What are we doing in IPv6?
Cooperate with VoIPv6 Task Force
http://www.ipv6.artdio.com.tw/
Multimedia service(trial)
IPv6 streaming for conference
ADSLv6 service
DHCPv6, Tunnel Broker.
IPv6 Multicasting
27. The pros and cons of Tunnel Broker
(1)
pros
To solve the network that can’t get IPv6 access
for the time being, and minimize the cost for IPv6
upgrade.
Easy for end-user; avoiding the single point of
failure.
One account, many services.
Dynamic DNS Update.
Work for both end-user and organization.
Configured and automated tunneling.
28. The pros and cons of Tunnel Broker
(2)
cons
Realm can’t be supported yet.
IPv6 Multicast don’t work yet.
Allow IPv6-over-IPv4 Tunnel(protocol number
41) & TCP/UDP port 3653 in Firewall device.
Local database sync. problem.
IPv6 network performance issue.