SlideShare a Scribd company logo

IPv6 Anchor Installation Challenges

RIPE NCC
RIPE NCC

Presentation given by Nathalie Künneke-Trenaman at Swiss IPv6 Council meeting in Zurich, Switzerland on 26 January 2015

Technology
1 of 20
Download to read offline
Swiss IPv6 Council |26 January 2015 IPv6 on your servers;  fun or frightening? Nathalie Trenaman
Introduction • What is a RIPE Atlas Anchor? - Soekris net6501-70 - Well known target and powerful probe - 80 anchors installed - 200 probes targeting each anchor with measurements - Measurements between anchors 2
Requirements • Capable of 10Mbit bandwidth (less needed today) • RJ45 network connection • Static IPv4 and IPv6 address - unfiltered - RIPE NCC needs unrestricted access • IPv6 address needs to be public • IPv6 connection needs to be native 3
IPv6 Installation Challenges • The hardware is purchased by the host • The software is on a USB stick - With host provided network info • Anchor is configured to boot from USB stick ! ! ! ! • Silly bug • Is fixed in CentOS7 4
IPv6 Installation Challenges • Anchor provisioning needs to be done over IPv4 and RIPE NCC remotely configures the IPv6 part of the network later. ! • Anchors will do SLAAC “out-of-the-box”, this needs to be disabled anyway when we do the manual configuration 5
Host IPv6 Installation Challenges
Example 1 • Starting point: - SLAAC provided address, gateway via RA - gateway address was link-local • We pushed the static IPv6 config and connectivity was lost… - global unicast gateway address we received from host did not respond to Neighbor Sollicitations: 7 [root@nl-ams-as12345678 ~]# ndisc6 2001:db8:123:a:192:0:2:1 eth0! Soliciting 2001:db8:123:a:192:0:2:1 (2001:db8:123:a:192:0:2:1) on eth0...! Timed out.! Timed out.! Timed out.! No response.
Example 1 • Yet we are receiving incoming packets on the anchor! • So the gateway works OK, but is not configured with a global address, or is configured not to respond to NS for that address • It turned out that the host gave us the wrong gateway address - They use 2 different IPv6 addressing schemes - One embeds the IPv4 address - One uses ::1/64 as gateway 8
Example 2 • The host had working IPv6, ICMPv6 was working fine • It turned out that TCP/UDP was not allowed ! ! ! ! ! • Host forgot to modify edge filters for IPv6 9 bla@loki:~$ mtr -u -nrc 10 nl-bla-as1234567.anchors.atlas.ripe.net! Start: Mon Dec 9 15:57:29 2013! HOST: loki Loss% Snt Last Avg Best Wrst StDev! 1.|-- 2001:67c:2e8:13::2 0.0% 10 2.1 3.2 1.9 7.8 1.7! 2.|-- 2001:db8:1::b800:2308:1 0.0% 10 2.0 4.2 2.0 15.1 4.0! 3.|-- ??? 100.0 10 0.0 0.0 0.0 0.0 0.0
Example 3 • Host gave us an IPv6 address ending on all zeroes - 2001:db8:3bda:666::/64 • The router on their subnet did not respond to NS that originate from the “subnet-zero” address • 2001:db8:3bda:666::2 worked fine ! • RFC4291 section 2.6.1 provided clarity - Subnet Router Anycast Address 10
Example 3 • Juniper kindly rejected the all-zeroes IPv6 address: ! ! ! ! ! ! • Lesson learned: The all-zeroes IPv6 address is not a normal IPv6 address 11 [edit interfaces ge-3/0/8 unit 666 family inet6]!   'address 2001:db8:3bda:666::0'!      Cannot assign address 0 on subnet! error: configuration check-out failed
Example 4 • This anchor had an invalid router advertisement for an ethernet link 12 [bla@nl-aaa-as2345678 ~]$ sudo rdisc6 eth0! Soliciting ff02::2 (ff02::2) on eth0...! Hop limit                ! :           64 (      0x40)! Stateful address conf.    ! :           No! Stateful other conf.      ! :           No! Router preference         ! :       medium! Router lifetime           ! :         1800 (0x00000708) seconds! Reachable time            ! :  unspecified (0x00000000)! Retransmit time           ! :  unspecified (0x00000000)!  Source link-layer address: 74:8E:F8:BC:07:89!  MTU                      ! :         1500 bytes (valid)!  Prefix                   ! : 2001:db8:102:200::/56!   Valid time              ! :      2592000 (0x00278d00) seconds!   Pref. time              ! :       604800 (0x00093a80) seconds!  from fe80::768e:f8ff:febc:0789
Example 4 • [RFC2462] “An IPv6 address prefix used for SLAAC of an Ethernet interface must have a length of 64 bits” ! • We saw different variations for the same problem: - /32 - /56 - /128 • Because we override SLAAC with manual configuration, this problem is easy to solve 13
Example 4 • In CentOS, it is not difficult to switch off SLAAC if you know where to look. ! • Change the /etc/sysconfig/network file • Change NETWORKING_IPV6=no to NETWORKING_IPV6=yes • Add: • IPV6_AUTOCONF=no • IPV6_DEFAULTGW=2001:db8::1 (use your own gateway!) 14
Example 4 • Then, change the /etc/sysconfig/network-scripts/ ifcfg-eth0 file • Add: • IPV6INIT=yes • IPV6ADDR=2001:db8::10 • This is your picked manual address! • run “service network restart” • Now you have a static address configured and SLAAC switched off. 15
Example 5 • This host had a broken gateway • Pings and traces did not succeed ! ! ! ! • Also broken to other destinations within the same provider • Default route for IPv6 was missing 16 [bla@nl-aaa-as2345678 ~]$ sudo traceroute6 -I jp-tyo-as2500.anchors.atlas.ripe.net! traceroute to jp-tyo-as2500.anchors.atlas.ripe.net (2001:200:0:6002::a10:1a2), 30 hops max, 80 byte packets!  1  2001:db8:2381:fffe::1 (2001:db8:2381:fffe::1)  1.836 ms !N  2.265 ms !N  2.505 ms !N
Example 6 • This host was using a tunnel instead of native IPv6 • Also, they blocked the ICMPv6 message “packet too big” • We found this out because the size of packets we could deliver was 1480 bytes - instead of the 1500 configured on the wire • When a packet bigger than 1480 bytes was sent, we did not receive the “packet too big” message, with a suggestion for a different MTU size • Outbound packets of 1500 bytes were dropped.. 17
Conclusions
Lessons learned… • There are still IPv6 related software bugs in current mainstream server OSes ! • Common mistakes are being made ! • IPv6 is still not as well understood as IPv4 19
Questions? Section Title Petrie/Trenaman - RIPE69 - Date [06/11/2014] 20

Recommended

LF_OVS_17_OvS manipulation with Go at DigitalOcean
LF_OVS_17_OvS manipulation with Go at DigitalOceanLF_OVS_17_OvS manipulation with Go at DigitalOcean
LF_OVS_17_OvS manipulation with Go at DigitalOceanLF_OpenvSwitch
 
LF_OVS_17_OVN and Kelda
LF_OVS_17_OVN and KeldaLF_OVS_17_OVN and Kelda
LF_OVS_17_OVN and KeldaLF_OpenvSwitch
 
ClueCon 2017
ClueCon 2017ClueCon 2017
ClueCon 2017Luca Pradovera
 
Cumulus networks conversion guide
Cumulus networks conversion guideCumulus networks conversion guide
Cumulus networks conversion guideScott Suehle
 
Cumulus networks - Overcoming traditional network limitations with open source
Cumulus networks - Overcoming traditional network limitations with open sourceCumulus networks - Overcoming traditional network limitations with open source
Cumulus networks - Overcoming traditional network limitations with open sourceNat Morris
 
Ovs perf
Ovs perfOvs perf
Ovs perfMadhu c
 
OVS v OVS-DPDK
OVS v OVS-DPDKOVS v OVS-DPDK
OVS v OVS-DPDKMd Safiyat Reza
 
Open vSwitch Implementation Options
Open vSwitch Implementation Options Open vSwitch Implementation Options
Open vSwitch Implementation Options Netronome
 

Recommended

LF_OVS_17_OvS manipulation with Go at DigitalOcean
LF_OVS_17_OvS manipulation with Go at DigitalOceanLF_OVS_17_OvS manipulation with Go at DigitalOcean
LF_OVS_17_OvS manipulation with Go at DigitalOceanLF_OpenvSwitch
 
LF_OVS_17_OVN and Kelda
LF_OVS_17_OVN and KeldaLF_OVS_17_OVN and Kelda
LF_OVS_17_OVN and KeldaLF_OpenvSwitch
 
ClueCon 2017
ClueCon 2017ClueCon 2017
ClueCon 2017Luca Pradovera
 
Cumulus networks conversion guide
Cumulus networks conversion guideCumulus networks conversion guide
Cumulus networks conversion guideScott Suehle
 
Cumulus networks - Overcoming traditional network limitations with open source
Cumulus networks - Overcoming traditional network limitations with open sourceCumulus networks - Overcoming traditional network limitations with open source
Cumulus networks - Overcoming traditional network limitations with open sourceNat Morris
 
Ovs perf
Ovs perfOvs perf
Ovs perfMadhu c
 
OVS v OVS-DPDK
OVS v OVS-DPDKOVS v OVS-DPDK
OVS v OVS-DPDKMd Safiyat Reza
 
Open vSwitch Implementation Options
Open vSwitch Implementation Options Open vSwitch Implementation Options
Open vSwitch Implementation Options Netronome
 
LF_OVS_17_Enabling hardware acceleration in OVS-DPDK using DPDK Framework.
LF_OVS_17_Enabling hardware acceleration in OVS-DPDK using DPDK Framework.LF_OVS_17_Enabling hardware acceleration in OVS-DPDK using DPDK Framework.
LF_OVS_17_Enabling hardware acceleration in OVS-DPDK using DPDK Framework.LF_OpenvSwitch
 
Cumulus Linux 2.5.3
Cumulus Linux 2.5.3Cumulus Linux 2.5.3
Cumulus Linux 2.5.3Cumulus Networks
 
TRex Traffic Generator - Hanoch Haim
TRex Traffic Generator - Hanoch HaimTRex Traffic Generator - Hanoch Haim
TRex Traffic Generator - Hanoch Haimharryvanhaaren
 
LF_OVS_17_LXC Linux Containers over Open vSwitch
LF_OVS_17_LXC Linux Containers over Open vSwitchLF_OVS_17_LXC Linux Containers over Open vSwitch
LF_OVS_17_LXC Linux Containers over Open vSwitchLF_OpenvSwitch
 
Design, Verification and Emulation of an Island-Based Network Flow Processor
Design, Verification and Emulation of an Island-Based Network Flow ProcessorDesign, Verification and Emulation of an Island-Based Network Flow Processor
Design, Verification and Emulation of an Island-Based Network Flow ProcessorNetronome
 
LF_OVS_17_Enabling Hardware Offload of OVS Control & Data plane using LiquidIO
LF_OVS_17_Enabling Hardware Offload of OVS Control & Data plane using LiquidIOLF_OVS_17_Enabling Hardware Offload of OVS Control & Data plane using LiquidIO
LF_OVS_17_Enabling Hardware Offload of OVS Control & Data plane using LiquidIOLF_OpenvSwitch
 
LF_OVS_17_State of the OVN
LF_OVS_17_State of the OVNLF_OVS_17_State of the OVN
LF_OVS_17_State of the OVNLF_OpenvSwitch
 
Tech talk network - friend or foe
Tech talk network - friend or foeTech talk network - friend or foe
Tech talk network - friend or foearagozin
 
LF_OVS_17_Red Hat's perspective on OVS HW Offload Status
LF_OVS_17_Red Hat's perspective on OVS HW Offload StatusLF_OVS_17_Red Hat's perspective on OVS HW Offload Status
LF_OVS_17_Red Hat's perspective on OVS HW Offload StatusLF_OpenvSwitch
 
Cumulus Linux 2.5.4
Cumulus Linux 2.5.4Cumulus Linux 2.5.4
Cumulus Linux 2.5.4Cumulus Networks
 
LF_OVS_17_IPSEC and OVS DPDK
LF_OVS_17_IPSEC and OVS DPDKLF_OVS_17_IPSEC and OVS DPDK
LF_OVS_17_IPSEC and OVS DPDKLF_OpenvSwitch
 
Cumulus Linux 2.5.5 What's New
Cumulus Linux 2.5.5 What's NewCumulus Linux 2.5.5 What's New
Cumulus Linux 2.5.5 What's NewCumulus Networks
 
Sfo15 408- odp-dpdk platform performance
Sfo15 408- odp-dpdk platform performanceSfo15 408- odp-dpdk platform performance
Sfo15 408- odp-dpdk platform performanceLinaro
 
Lac2006 Lee Revell Slides
Lac2006 Lee Revell SlidesLac2006 Lee Revell Slides
Lac2006 Lee Revell Slidesrlrevell
 
LF_OVS_17_Open vSwitch Offload: Conntrack and the Upstream Kernel
LF_OVS_17_Open vSwitch Offload: Conntrack and the Upstream KernelLF_OVS_17_Open vSwitch Offload: Conntrack and the Upstream Kernel
LF_OVS_17_Open vSwitch Offload: Conntrack and the Upstream KernelLF_OpenvSwitch
 
Accelerating Neutron with Intel DPDK
Accelerating Neutron with Intel DPDKAccelerating Neutron with Intel DPDK
Accelerating Neutron with Intel DPDKAlexander Shalimov
 
DPACC Acceleration Progress and Demonstration
DPACC Acceleration Progress and DemonstrationDPACC Acceleration Progress and Demonstration
DPACC Acceleration Progress and DemonstrationOPNFV
 
DPDK Integration: A Product's Journey - Roger B. Melton
DPDK Integration: A Product's Journey - Roger B. MeltonDPDK Integration: A Product's Journey - Roger B. Melton
DPDK Integration: A Product's Journey - Roger B. Meltonharryvanhaaren
 
Successes and Challenges of IPv6 Transition at APNIC
Successes and Challenges of IPv6 Transition at APNICSuccesses and Challenges of IPv6 Transition at APNIC
Successes and Challenges of IPv6 Transition at APNICAPNIC
 
IP Address Certification (RPKI)
IP Address Certification (RPKI)IP Address Certification (RPKI)
IP Address Certification (RPKI)RIPE NCC
 
IPv6 at Home
IPv6 at HomeIPv6 at Home
IPv6 at HomeRIPE NCC
 
RIPE Atlas Tutorial
RIPE Atlas TutorialRIPE Atlas Tutorial
RIPE Atlas TutorialRIPE NCC
 

More Related Content

What's hot

LF_OVS_17_Enabling hardware acceleration in OVS-DPDK using DPDK Framework.
LF_OVS_17_Enabling hardware acceleration in OVS-DPDK using DPDK Framework.LF_OVS_17_Enabling hardware acceleration in OVS-DPDK using DPDK Framework.
LF_OVS_17_Enabling hardware acceleration in OVS-DPDK using DPDK Framework.LF_OpenvSwitch
 
TRex Traffic Generator - Hanoch Haim
TRex Traffic Generator - Hanoch HaimTRex Traffic Generator - Hanoch Haim
TRex Traffic Generator - Hanoch Haimharryvanhaaren
 
LF_OVS_17_LXC Linux Containers over Open vSwitch
LF_OVS_17_LXC Linux Containers over Open vSwitchLF_OVS_17_LXC Linux Containers over Open vSwitch
LF_OVS_17_LXC Linux Containers over Open vSwitchLF_OpenvSwitch
 
Design, Verification and Emulation of an Island-Based Network Flow Processor
Design, Verification and Emulation of an Island-Based Network Flow ProcessorDesign, Verification and Emulation of an Island-Based Network Flow Processor
Design, Verification and Emulation of an Island-Based Network Flow ProcessorNetronome
 
LF_OVS_17_Enabling Hardware Offload of OVS Control & Data plane using LiquidIO
LF_OVS_17_Enabling Hardware Offload of OVS Control & Data plane using LiquidIOLF_OVS_17_Enabling Hardware Offload of OVS Control & Data plane using LiquidIO
LF_OVS_17_Enabling Hardware Offload of OVS Control & Data plane using LiquidIOLF_OpenvSwitch
 
LF_OVS_17_State of the OVN
LF_OVS_17_State of the OVNLF_OVS_17_State of the OVN
LF_OVS_17_State of the OVNLF_OpenvSwitch
 
Tech talk network - friend or foe
Tech talk network - friend or foeTech talk network - friend or foe
Tech talk network - friend or foearagozin
 
LF_OVS_17_Red Hat's perspective on OVS HW Offload Status
LF_OVS_17_Red Hat's perspective on OVS HW Offload StatusLF_OVS_17_Red Hat's perspective on OVS HW Offload Status
LF_OVS_17_Red Hat's perspective on OVS HW Offload StatusLF_OpenvSwitch
 
LF_OVS_17_IPSEC and OVS DPDK
LF_OVS_17_IPSEC and OVS DPDKLF_OVS_17_IPSEC and OVS DPDK
LF_OVS_17_IPSEC and OVS DPDKLF_OpenvSwitch
 
Cumulus Linux 2.5.5 What's New
Cumulus Linux 2.5.5 What's NewCumulus Linux 2.5.5 What's New
Cumulus Linux 2.5.5 What's NewCumulus Networks
 
Sfo15 408- odp-dpdk platform performance
Sfo15 408- odp-dpdk platform performanceSfo15 408- odp-dpdk platform performance
Sfo15 408- odp-dpdk platform performanceLinaro
 
Lac2006 Lee Revell Slides
Lac2006 Lee Revell SlidesLac2006 Lee Revell Slides
Lac2006 Lee Revell Slidesrlrevell
 
LF_OVS_17_Open vSwitch Offload: Conntrack and the Upstream Kernel
LF_OVS_17_Open vSwitch Offload: Conntrack and the Upstream KernelLF_OVS_17_Open vSwitch Offload: Conntrack and the Upstream Kernel
LF_OVS_17_Open vSwitch Offload: Conntrack and the Upstream KernelLF_OpenvSwitch
 
Accelerating Neutron with Intel DPDK
Accelerating Neutron with Intel DPDKAccelerating Neutron with Intel DPDK
Accelerating Neutron with Intel DPDKAlexander Shalimov
 
DPACC Acceleration Progress and Demonstration
DPACC Acceleration Progress and DemonstrationDPACC Acceleration Progress and Demonstration
DPACC Acceleration Progress and DemonstrationOPNFV
 
DPDK Integration: A Product's Journey - Roger B. Melton
DPDK Integration: A Product's Journey - Roger B. MeltonDPDK Integration: A Product's Journey - Roger B. Melton
DPDK Integration: A Product's Journey - Roger B. Meltonharryvanhaaren
 
Successes and Challenges of IPv6 Transition at APNIC
Successes and Challenges of IPv6 Transition at APNICSuccesses and Challenges of IPv6 Transition at APNIC
Successes and Challenges of IPv6 Transition at APNICAPNIC
 

What's hot (19)

LF_OVS_17_Enabling hardware acceleration in OVS-DPDK using DPDK Framework.
LF_OVS_17_Enabling hardware acceleration in OVS-DPDK using DPDK Framework.LF_OVS_17_Enabling hardware acceleration in OVS-DPDK using DPDK Framework.
LF_OVS_17_Enabling hardware acceleration in OVS-DPDK using DPDK Framework.
 
Cumulus Linux 2.5.3
Cumulus Linux 2.5.3Cumulus Linux 2.5.3
Cumulus Linux 2.5.3
 
TRex Traffic Generator - Hanoch Haim
TRex Traffic Generator - Hanoch HaimTRex Traffic Generator - Hanoch Haim
TRex Traffic Generator - Hanoch Haim
 
LF_OVS_17_LXC Linux Containers over Open vSwitch
LF_OVS_17_LXC Linux Containers over Open vSwitchLF_OVS_17_LXC Linux Containers over Open vSwitch
LF_OVS_17_LXC Linux Containers over Open vSwitch
 
Design, Verification and Emulation of an Island-Based Network Flow Processor
Design, Verification and Emulation of an Island-Based Network Flow ProcessorDesign, Verification and Emulation of an Island-Based Network Flow Processor
Design, Verification and Emulation of an Island-Based Network Flow Processor
 
LF_OVS_17_Enabling Hardware Offload of OVS Control & Data plane using LiquidIO
LF_OVS_17_Enabling Hardware Offload of OVS Control & Data plane using LiquidIOLF_OVS_17_Enabling Hardware Offload of OVS Control & Data plane using LiquidIO
LF_OVS_17_Enabling Hardware Offload of OVS Control & Data plane using LiquidIO
 
LF_OVS_17_State of the OVN
LF_OVS_17_State of the OVNLF_OVS_17_State of the OVN
LF_OVS_17_State of the OVN
 
Tech talk network - friend or foe
Tech talk network - friend or foeTech talk network - friend or foe
Tech talk network - friend or foe
 
LF_OVS_17_Red Hat's perspective on OVS HW Offload Status
LF_OVS_17_Red Hat's perspective on OVS HW Offload StatusLF_OVS_17_Red Hat's perspective on OVS HW Offload Status
LF_OVS_17_Red Hat's perspective on OVS HW Offload Status
 
Cumulus Linux 2.5.4
Cumulus Linux 2.5.4Cumulus Linux 2.5.4
Cumulus Linux 2.5.4
 
LF_OVS_17_IPSEC and OVS DPDK
LF_OVS_17_IPSEC and OVS DPDKLF_OVS_17_IPSEC and OVS DPDK
LF_OVS_17_IPSEC and OVS DPDK
 
Cumulus Linux 2.5.5 What's New
Cumulus Linux 2.5.5 What's NewCumulus Linux 2.5.5 What's New
Cumulus Linux 2.5.5 What's New
 
Sfo15 408- odp-dpdk platform performance
Sfo15 408- odp-dpdk platform performanceSfo15 408- odp-dpdk platform performance
Sfo15 408- odp-dpdk platform performance
 
Lac2006 Lee Revell Slides
Lac2006 Lee Revell SlidesLac2006 Lee Revell Slides
Lac2006 Lee Revell Slides
 
LF_OVS_17_Open vSwitch Offload: Conntrack and the Upstream Kernel
LF_OVS_17_Open vSwitch Offload: Conntrack and the Upstream KernelLF_OVS_17_Open vSwitch Offload: Conntrack and the Upstream Kernel
LF_OVS_17_Open vSwitch Offload: Conntrack and the Upstream Kernel
 
Accelerating Neutron with Intel DPDK
Accelerating Neutron with Intel DPDKAccelerating Neutron with Intel DPDK
Accelerating Neutron with Intel DPDK
 
DPACC Acceleration Progress and Demonstration
DPACC Acceleration Progress and DemonstrationDPACC Acceleration Progress and Demonstration
DPACC Acceleration Progress and Demonstration
 
DPDK Integration: A Product's Journey - Roger B. Melton
DPDK Integration: A Product's Journey - Roger B. MeltonDPDK Integration: A Product's Journey - Roger B. Melton
DPDK Integration: A Product's Journey - Roger B. Melton
 
Successes and Challenges of IPv6 Transition at APNIC
Successes and Challenges of IPv6 Transition at APNICSuccesses and Challenges of IPv6 Transition at APNIC
Successes and Challenges of IPv6 Transition at APNIC
 

Viewers also liked

IP Address Certification (RPKI)
IP Address Certification (RPKI)IP Address Certification (RPKI)
IP Address Certification (RPKI)RIPE NCC
 
IPv6 at Home
IPv6 at HomeIPv6 at Home
IPv6 at HomeRIPE NCC
 
RIPE Atlas Tutorial
RIPE Atlas TutorialRIPE Atlas Tutorial
RIPE Atlas TutorialRIPE NCC
 
RIPE Atlas, Measuring the Internet
RIPE Atlas, Measuring the InternetRIPE Atlas, Measuring the Internet
RIPE Atlas, Measuring the InternetRIPE NCC
 
Introduction to IP Addressing and Regional Internet Registries
Introduction to IP Addressing and Regional Internet RegistriesIntroduction to IP Addressing and Regional Internet Registries
Introduction to IP Addressing and Regional Internet RegistriesRIPE NCC
 
A Message About IPv6
A Message About IPv6A Message About IPv6
A Message About IPv6RIPE NCC
 
Network Visualisation Workshop
Network Visualisation WorkshopNetwork Visualisation Workshop
Network Visualisation WorkshopRIPE NCC
 
Registry Data Quality
Registry Data QualityRegistry Data Quality
Registry Data QualityRIPE NCC
 
Applications of Internet Data
Applications of Internet DataApplications of Internet Data
Applications of Internet DataRIPE NCC
 
IPv6 and Internet of Things: A Nice Couple
IPv6 and Internet of Things: A Nice CoupleIPv6 and Internet of Things: A Nice Couple
IPv6 and Internet of Things: A Nice CoupleRIPE NCC
 
IPv6 Country Statistics
IPv6 Country StatisticsIPv6 Country Statistics
IPv6 Country StatisticsRIPE NCC
 
The Future of IP Addresses
The Future of IP AddressesThe Future of IP Addresses
The Future of IP AddressesRIPE NCC
 
RIPE Routing Information Service
RIPE Routing Information ServiceRIPE Routing Information Service
RIPE Routing Information ServiceRIPE NCC
 
How to upgrade a country?
How to upgrade a country?How to upgrade a country?
How to upgrade a country?RIPE NCC
 

Viewers also liked (14)

IP Address Certification (RPKI)
IP Address Certification (RPKI)IP Address Certification (RPKI)
IP Address Certification (RPKI)
 
IPv6 at Home
IPv6 at HomeIPv6 at Home
IPv6 at Home
 
RIPE Atlas Tutorial
RIPE Atlas TutorialRIPE Atlas Tutorial
RIPE Atlas Tutorial
 
RIPE Atlas, Measuring the Internet
RIPE Atlas, Measuring the InternetRIPE Atlas, Measuring the Internet
RIPE Atlas, Measuring the Internet
 
Introduction to IP Addressing and Regional Internet Registries
Introduction to IP Addressing and Regional Internet RegistriesIntroduction to IP Addressing and Regional Internet Registries
Introduction to IP Addressing and Regional Internet Registries
 
A Message About IPv6
A Message About IPv6A Message About IPv6
A Message About IPv6
 
Network Visualisation Workshop
Network Visualisation WorkshopNetwork Visualisation Workshop
Network Visualisation Workshop
 
Registry Data Quality
Registry Data QualityRegistry Data Quality
Registry Data Quality
 
Applications of Internet Data
Applications of Internet DataApplications of Internet Data
Applications of Internet Data
 
IPv6 and Internet of Things: A Nice Couple
IPv6 and Internet of Things: A Nice CoupleIPv6 and Internet of Things: A Nice Couple
IPv6 and Internet of Things: A Nice Couple
 
IPv6 Country Statistics
IPv6 Country StatisticsIPv6 Country Statistics
IPv6 Country Statistics
 
The Future of IP Addresses
The Future of IP AddressesThe Future of IP Addresses
The Future of IP Addresses
 
RIPE Routing Information Service
RIPE Routing Information ServiceRIPE Routing Information Service
RIPE Routing Information Service
 
How to upgrade a country?
How to upgrade a country?How to upgrade a country?
How to upgrade a country?
 

Similar to IPv6 Anchor Installation Challenges

Rapid IPv6 Deployment for ISP Networks
Rapid IPv6 Deployment for ISP NetworksRapid IPv6 Deployment for ISP Networks
Rapid IPv6 Deployment for ISP NetworksSkeeve Stevens
 
IPv6 translation methods
IPv6 translation methodsIPv6 translation methods
IPv6 translation methodsAhmad Hijazi
 
Hands-on Experience with IPv6 Routing and Services
Hands-on Experience with IPv6 Routing and ServicesHands-on Experience with IPv6 Routing and Services
Hands-on Experience with IPv6 Routing and ServicesCisco Canada
 
Deploying IPv6-mostly access networks
Deploying IPv6-mostly access networksDeploying IPv6-mostly access networks
Deploying IPv6-mostly access networksRIPE NCC
 
IPv6 How To Set Up a Linux IPv6 Lan
IPv6 How To Set Up a Linux IPv6 LanIPv6 How To Set Up a Linux IPv6 Lan
IPv6 How To Set Up a Linux IPv6 LanJumping Bean
 
TCP/IP Geeks Stockholm :: Introduction to IPv6
TCP/IP Geeks Stockholm :: Introduction to IPv6TCP/IP Geeks Stockholm :: Introduction to IPv6
TCP/IP Geeks Stockholm :: Introduction to IPv6Olle E Johansson
 
CodiLime Tech Talk - Adam Kułagowski: IPv6 - introduction
CodiLime Tech Talk - Adam Kułagowski: IPv6 - introductionCodiLime Tech Talk - Adam Kułagowski: IPv6 - introduction
CodiLime Tech Talk - Adam Kułagowski: IPv6 - introductionCodiLime
 
IPv6 networking training sduffy v3
IPv6 networking training sduffy v3IPv6 networking training sduffy v3
IPv6 networking training sduffy v3Shane Duffy
 
IPv6 New RFCs
IPv6 New RFCsIPv6 New RFCs
IPv6 New RFCsAPNIC
 
IPv6 Basics - pfSense Hangout July 2015
IPv6 Basics - pfSense Hangout July 2015IPv6 Basics - pfSense Hangout July 2015
IPv6 Basics - pfSense Hangout July 2015Netgate
 
IPv6 at Home
IPv6 at HomeIPv6 at Home
IPv6 at HomeRIPE NCC
 
Deploying IPv6-mostly access networks
Deploying IPv6-mostly access networksDeploying IPv6-mostly access networks
Deploying IPv6-mostly access networksRIPE NCC
 
CAv6TF Meeting - 2014-05-27 - IPv6@ VMware Integration Engineering
CAv6TF Meeting - 2014-05-27 - IPv6@ VMware Integration EngineeringCAv6TF Meeting - 2014-05-27 - IPv6@ VMware Integration Engineering
CAv6TF Meeting - 2014-05-27 - IPv6@ VMware Integration EngineeringChristian Elsen
 
Hands-on Experience with IPv6 Routing and Services
Hands-on Experience with IPv6 Routing and ServicesHands-on Experience with IPv6 Routing and Services
Hands-on Experience with IPv6 Routing and ServicesCisco Canada
 
Hands-on Experience with IPv6 Routing and Switching
Hands-on Experience with IPv6 Routing and Switching Hands-on Experience with IPv6 Routing and Switching
Hands-on Experience with IPv6 Routing and Switching Cisco Canada
 
IPv6: We Care So You Don't Have To
IPv6: We Care So You Don't Have ToIPv6: We Care So You Don't Have To
IPv6: We Care So You Don't Have ToGary Wilhelm
 
Infrastructure API Lightning Talk by Jeremy Pollard of box.com
Infrastructure API Lightning Talk by Jeremy Pollard of box.comInfrastructure API Lightning Talk by Jeremy Pollard of box.com
Infrastructure API Lightning Talk by Jeremy Pollard of box.comDevOps4Networks
 
Microsoft IT's IPv6 Killer App
Microsoft IT's IPv6 Killer AppMicrosoft IT's IPv6 Killer App
Microsoft IT's IPv6 Killer AppOliver Müller
 

Similar to IPv6 Anchor Installation Challenges (20)

Rapid IPv6 Deployment for ISP Networks
Rapid IPv6 Deployment for ISP NetworksRapid IPv6 Deployment for ISP Networks
Rapid IPv6 Deployment for ISP Networks
 
IPv6 at CSCS
IPv6 at CSCSIPv6 at CSCS
IPv6 at CSCS
 
IPv6 translation methods
IPv6 translation methodsIPv6 translation methods
IPv6 translation methods
 
Hands-on Experience with IPv6 Routing and Services
Hands-on Experience with IPv6 Routing and ServicesHands-on Experience with IPv6 Routing and Services
Hands-on Experience with IPv6 Routing and Services
 
Deploying IPv6-mostly access networks
Deploying IPv6-mostly access networksDeploying IPv6-mostly access networks
Deploying IPv6-mostly access networks
 
IPv6 How To Set Up a Linux IPv6 Lan
IPv6 How To Set Up a Linux IPv6 LanIPv6 How To Set Up a Linux IPv6 Lan
IPv6 How To Set Up a Linux IPv6 Lan
 
TCP/IP Geeks Stockholm :: Introduction to IPv6
TCP/IP Geeks Stockholm :: Introduction to IPv6TCP/IP Geeks Stockholm :: Introduction to IPv6
TCP/IP Geeks Stockholm :: Introduction to IPv6
 
CodiLime Tech Talk - Adam Kułagowski: IPv6 - introduction
CodiLime Tech Talk - Adam Kułagowski: IPv6 - introductionCodiLime Tech Talk - Adam Kułagowski: IPv6 - introduction
CodiLime Tech Talk - Adam Kułagowski: IPv6 - introduction
 
IPv6 networking training sduffy v3
IPv6 networking training sduffy v3IPv6 networking training sduffy v3
IPv6 networking training sduffy v3
 
IPv6 New RFCs
IPv6 New RFCsIPv6 New RFCs
IPv6 New RFCs
 
IPv6 Basics - pfSense Hangout July 2015
IPv6 Basics - pfSense Hangout July 2015IPv6 Basics - pfSense Hangout July 2015
IPv6 Basics - pfSense Hangout July 2015
 
IPv6 at Home
IPv6 at HomeIPv6 at Home
IPv6 at Home
 
Run Your Own 6LoWPAN Based IoT Network
Run Your Own 6LoWPAN Based IoT NetworkRun Your Own 6LoWPAN Based IoT Network
Run Your Own 6LoWPAN Based IoT Network
 
Deploying IPv6-mostly access networks
Deploying IPv6-mostly access networksDeploying IPv6-mostly access networks
Deploying IPv6-mostly access networks
 
CAv6TF Meeting - 2014-05-27 - IPv6@ VMware Integration Engineering
CAv6TF Meeting - 2014-05-27 - IPv6@ VMware Integration EngineeringCAv6TF Meeting - 2014-05-27 - IPv6@ VMware Integration Engineering
CAv6TF Meeting - 2014-05-27 - IPv6@ VMware Integration Engineering
 
Hands-on Experience with IPv6 Routing and Services
Hands-on Experience with IPv6 Routing and ServicesHands-on Experience with IPv6 Routing and Services
Hands-on Experience with IPv6 Routing and Services
 
Hands-on Experience with IPv6 Routing and Switching
Hands-on Experience with IPv6 Routing and Switching Hands-on Experience with IPv6 Routing and Switching
Hands-on Experience with IPv6 Routing and Switching
 
IPv6: We Care So You Don't Have To
IPv6: We Care So You Don't Have ToIPv6: We Care So You Don't Have To
IPv6: We Care So You Don't Have To
 
Infrastructure API Lightning Talk by Jeremy Pollard of box.com
Infrastructure API Lightning Talk by Jeremy Pollard of box.comInfrastructure API Lightning Talk by Jeremy Pollard of box.com
Infrastructure API Lightning Talk by Jeremy Pollard of box.com
 
Microsoft IT's IPv6 Killer App
Microsoft IT's IPv6 Killer AppMicrosoft IT's IPv6 Killer App
Microsoft IT's IPv6 Killer App
 

More from RIPE NCC

Navigating IP Addresses: Insights from your Regional Internet Registry
Navigating IP Addresses: Insights from your Regional Internet RegistryNavigating IP Addresses: Insights from your Regional Internet Registry
Navigating IP Addresses: Insights from your Regional Internet RegistryRIPE NCC
 
Traces of Power: Internet Governance and Climate Action
Traces of Power: Internet Governance and Climate ActionTraces of Power: Internet Governance and Climate Action
Traces of Power: Internet Governance and Climate ActionRIPE NCC
 
Governing Environmental Sustainability in Tech
Governing Environmental Sustainability in TechGoverning Environmental Sustainability in Tech
Governing Environmental Sustainability in TechRIPE NCC
 
Gerardo-Viviers-RPKI-presentation-DKNOG14.pdf
Gerardo-Viviers-RPKI-presentation-DKNOG14.pdfGerardo-Viviers-RPKI-presentation-DKNOG14.pdf
Gerardo-Viviers-RPKI-presentation-DKNOG14.pdfRIPE NCC
 
LIA HESTINA - Minimising impact before incidents occur with RIPE Atlas and RIS
LIA HESTINA - Minimising impact before incidents occur with RIPE Atlas and RISLIA HESTINA - Minimising impact before incidents occur with RIPE Atlas and RIS
LIA HESTINA - Minimising impact before incidents occur with RIPE Atlas and RISRIPE NCC
 
Intro to RIPE and RIPE NCC: RIPE Atlas workshop
Intro to RIPE and RIPE NCC: RIPE Atlas workshopIntro to RIPE and RIPE NCC: RIPE Atlas workshop
Intro to RIPE and RIPE NCC: RIPE Atlas workshopRIPE NCC
 
IGF UA - Dialog with I_ organisations - Alena Muavska RIPE NCC.pdf
IGF UA - Dialog with I_ organisations - Alena Muavska RIPE NCC.pdfIGF UA - Dialog with I_ organisations - Alena Muavska RIPE NCC.pdf
IGF UA - Dialog with I_ organisations - Alena Muavska RIPE NCC.pdfRIPE NCC
 
Opportunities for Youth in IG - Alena Muravska RIPE NCC.pdf
Opportunities for Youth in IG - Alena Muravska RIPE NCC.pdfOpportunities for Youth in IG - Alena Muravska RIPE NCC.pdf
Opportunities for Youth in IG - Alena Muravska RIPE NCC.pdfRIPE NCC
 
RIPE NCC Internet Measurement Tools
RIPE NCC Internet Measurement ToolsRIPE NCC Internet Measurement Tools
RIPE NCC Internet Measurement ToolsRIPE NCC
 
IPv6 in Central Europe and the Baltics
IPv6 in Central Europe and the BalticsIPv6 in Central Europe and the Baltics
IPv6 in Central Europe and the BalticsRIPE NCC
 
RPKI For Routing Security
RPKI For Routing SecurityRPKI For Routing Security
RPKI For Routing SecurityRIPE NCC
 
SEEDIG 8 - Alena Muravska RIPE NCC.pdf
SEEDIG 8 - Alena Muravska RIPE NCC.pdfSEEDIG 8 - Alena Muravska RIPE NCC.pdf
SEEDIG 8 - Alena Muravska RIPE NCC.pdfRIPE NCC
 
Know Your Network: Why Every Network Operator Should Host RIPE Atlas
Know Your Network: Why Every Network Operator Should Host RIPE AtlasKnow Your Network: Why Every Network Operator Should Host RIPE Atlas
Know Your Network: Why Every Network Operator Should Host RIPE AtlasRIPE NCC
 
Minimising Impact When Incidents Occur With RIPE Atlas
Minimising Impact When Incidents Occur With RIPE AtlasMinimising Impact When Incidents Occur With RIPE Atlas
Minimising Impact When Incidents Occur With RIPE AtlasRIPE NCC
 
RIPE NCC Internet Measurement Services
RIPE NCC Internet Measurement ServicesRIPE NCC Internet Measurement Services
RIPE NCC Internet Measurement ServicesRIPE NCC
 
Spotting Latency Issues with RIPE Atlas
Spotting Latency Issues with RIPE AtlasSpotting Latency Issues with RIPE Atlas
Spotting Latency Issues with RIPE AtlasRIPE NCC
 
Spotting Latency Issues with RIPE Atlas
Spotting Latency Issues with RIPE AtlasSpotting Latency Issues with RIPE Atlas
Spotting Latency Issues with RIPE AtlasRIPE NCC
 
Spotting Latency Issues with RIPE Atlas
Spotting Latency Issues with RIPE AtlasSpotting Latency Issues with RIPE Atlas
Spotting Latency Issues with RIPE AtlasRIPE NCC
 
111 views of Swiss Internet Infrastructure
111 views of Swiss Internet Infrastructure111 views of Swiss Internet Infrastructure
111 views of Swiss Internet InfrastructureRIPE NCC
 
The RIPE NCC’s View of IPv6 in Sweden
The RIPE NCC’s View of IPv6 in SwedenThe RIPE NCC’s View of IPv6 in Sweden
The RIPE NCC’s View of IPv6 in SwedenRIPE NCC
 

More from RIPE NCC (20)

Navigating IP Addresses: Insights from your Regional Internet Registry
Navigating IP Addresses: Insights from your Regional Internet RegistryNavigating IP Addresses: Insights from your Regional Internet Registry
Navigating IP Addresses: Insights from your Regional Internet Registry
 
Traces of Power: Internet Governance and Climate Action
Traces of Power: Internet Governance and Climate ActionTraces of Power: Internet Governance and Climate Action
Traces of Power: Internet Governance and Climate Action
 
Governing Environmental Sustainability in Tech
Governing Environmental Sustainability in TechGoverning Environmental Sustainability in Tech
Governing Environmental Sustainability in Tech
 
Gerardo-Viviers-RPKI-presentation-DKNOG14.pdf
Gerardo-Viviers-RPKI-presentation-DKNOG14.pdfGerardo-Viviers-RPKI-presentation-DKNOG14.pdf
Gerardo-Viviers-RPKI-presentation-DKNOG14.pdf
 
LIA HESTINA - Minimising impact before incidents occur with RIPE Atlas and RIS
LIA HESTINA - Minimising impact before incidents occur with RIPE Atlas and RISLIA HESTINA - Minimising impact before incidents occur with RIPE Atlas and RIS
LIA HESTINA - Minimising impact before incidents occur with RIPE Atlas and RIS
 
Intro to RIPE and RIPE NCC: RIPE Atlas workshop
Intro to RIPE and RIPE NCC: RIPE Atlas workshopIntro to RIPE and RIPE NCC: RIPE Atlas workshop
Intro to RIPE and RIPE NCC: RIPE Atlas workshop
 
IGF UA - Dialog with I_ organisations - Alena Muavska RIPE NCC.pdf
IGF UA - Dialog with I_ organisations - Alena Muavska RIPE NCC.pdfIGF UA - Dialog with I_ organisations - Alena Muavska RIPE NCC.pdf
IGF UA - Dialog with I_ organisations - Alena Muavska RIPE NCC.pdf
 
Opportunities for Youth in IG - Alena Muravska RIPE NCC.pdf
Opportunities for Youth in IG - Alena Muravska RIPE NCC.pdfOpportunities for Youth in IG - Alena Muravska RIPE NCC.pdf
Opportunities for Youth in IG - Alena Muravska RIPE NCC.pdf
 
RIPE NCC Internet Measurement Tools
RIPE NCC Internet Measurement ToolsRIPE NCC Internet Measurement Tools
RIPE NCC Internet Measurement Tools
 
IPv6 in Central Europe and the Baltics
IPv6 in Central Europe and the BalticsIPv6 in Central Europe and the Baltics
IPv6 in Central Europe and the Baltics
 
RPKI For Routing Security
RPKI For Routing SecurityRPKI For Routing Security
RPKI For Routing Security
 
SEEDIG 8 - Alena Muravska RIPE NCC.pdf
SEEDIG 8 - Alena Muravska RIPE NCC.pdfSEEDIG 8 - Alena Muravska RIPE NCC.pdf
SEEDIG 8 - Alena Muravska RIPE NCC.pdf
 
Know Your Network: Why Every Network Operator Should Host RIPE Atlas
Know Your Network: Why Every Network Operator Should Host RIPE AtlasKnow Your Network: Why Every Network Operator Should Host RIPE Atlas
Know Your Network: Why Every Network Operator Should Host RIPE Atlas
 
Minimising Impact When Incidents Occur With RIPE Atlas
Minimising Impact When Incidents Occur With RIPE AtlasMinimising Impact When Incidents Occur With RIPE Atlas
Minimising Impact When Incidents Occur With RIPE Atlas
 
RIPE NCC Internet Measurement Services
RIPE NCC Internet Measurement ServicesRIPE NCC Internet Measurement Services
RIPE NCC Internet Measurement Services
 
Spotting Latency Issues with RIPE Atlas
Spotting Latency Issues with RIPE AtlasSpotting Latency Issues with RIPE Atlas
Spotting Latency Issues with RIPE Atlas
 
Spotting Latency Issues with RIPE Atlas
Spotting Latency Issues with RIPE AtlasSpotting Latency Issues with RIPE Atlas
Spotting Latency Issues with RIPE Atlas
 
Spotting Latency Issues with RIPE Atlas
Spotting Latency Issues with RIPE AtlasSpotting Latency Issues with RIPE Atlas
Spotting Latency Issues with RIPE Atlas
 
111 views of Swiss Internet Infrastructure
111 views of Swiss Internet Infrastructure111 views of Swiss Internet Infrastructure
111 views of Swiss Internet Infrastructure
 
The RIPE NCC’s View of IPv6 in Sweden
The RIPE NCC’s View of IPv6 in SwedenThe RIPE NCC’s View of IPv6 in Sweden
The RIPE NCC’s View of IPv6 in Sweden
 

Recently uploaded

Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 3652toLead Limited
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsMark Billinghurst
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitecturePixlogix Infotech
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfAlex Barbosa Coqueiro
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Patryk Bandurski
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationRidwan Fadjar
 
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024BookNet Canada
 
Vertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsVertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsMiki Katsuragi
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Mark Simos
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...Fwdays
 
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr LapshynFwdays
 
Bluetooth Controlled Car with Arduino.pdf
Bluetooth Controlled Car with Arduino.pdfBluetooth Controlled Car with Arduino.pdf
Bluetooth Controlled Car with Arduino.pdfngoud9212
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Enterprise Knowledge
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationSafe Software
 
costume and set research powerpoint presentation
costume and set research powerpoint presentationcostume and set research powerpoint presentation
costume and set research powerpoint presentationphoebematthew05
 
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)Wonjun Hwang
 

Recently uploaded (20)

Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping Elbows
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
 
DMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special EditionDMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special Edition
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC Architecture
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdf
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
 
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
 
Vertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsVertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering Tips
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
 
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptxE-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
 
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
 
Bluetooth Controlled Car with Arduino.pdf
Bluetooth Controlled Car with Arduino.pdfBluetooth Controlled Car with Arduino.pdf
Bluetooth Controlled Car with Arduino.pdf
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food Manufacturing
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
 
costume and set research powerpoint presentation
costume and set research powerpoint presentationcostume and set research powerpoint presentation
costume and set research powerpoint presentation
 
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
 

IPv6 Anchor Installation Challenges

  • 1. Swiss IPv6 Council |26 January 2015 IPv6 on your servers;  fun or frightening? Nathalie Trenaman
  • 2. Introduction • What is a RIPE Atlas Anchor? - Soekris net6501-70 - Well known target and powerful probe - 80 anchors installed - 200 probes targeting each anchor with measurements - Measurements between anchors 2
  • 3. Requirements • Capable of 10Mbit bandwidth (less needed today) • RJ45 network connection • Static IPv4 and IPv6 address - unfiltered - RIPE NCC needs unrestricted access • IPv6 address needs to be public • IPv6 connection needs to be native 3
  • 4. IPv6 Installation Challenges • The hardware is purchased by the host • The software is on a USB stick - With host provided network info • Anchor is configured to boot from USB stick ! ! ! ! • Silly bug • Is fixed in CentOS7 4
  • 5. IPv6 Installation Challenges • Anchor provisioning needs to be done over IPv4 and RIPE NCC remotely configures the IPv6 part of the network later. ! • Anchors will do SLAAC “out-of-the-box”, this needs to be disabled anyway when we do the manual configuration 5
  • 7. Example 1 • Starting point: - SLAAC provided address, gateway via RA - gateway address was link-local • We pushed the static IPv6 config and connectivity was lost… - global unicast gateway address we received from host did not respond to Neighbor Sollicitations: 7 [root@nl-ams-as12345678 ~]# ndisc6 2001:db8:123:a:192:0:2:1 eth0! Soliciting 2001:db8:123:a:192:0:2:1 (2001:db8:123:a:192:0:2:1) on eth0...! Timed out.! Timed out.! Timed out.! No response.
  • 8. Example 1 • Yet we are receiving incoming packets on the anchor! • So the gateway works OK, but is not configured with a global address, or is configured not to respond to NS for that address • It turned out that the host gave us the wrong gateway address - They use 2 different IPv6 addressing schemes - One embeds the IPv4 address - One uses ::1/64 as gateway 8
  • 9. Example 2 • The host had working IPv6, ICMPv6 was working fine • It turned out that TCP/UDP was not allowed ! ! ! ! ! • Host forgot to modify edge filters for IPv6 9 bla@loki:~$ mtr -u -nrc 10 nl-bla-as1234567.anchors.atlas.ripe.net! Start: Mon Dec 9 15:57:29 2013! HOST: loki Loss% Snt Last Avg Best Wrst StDev! 1.|-- 2001:67c:2e8:13::2 0.0% 10 2.1 3.2 1.9 7.8 1.7! 2.|-- 2001:db8:1::b800:2308:1 0.0% 10 2.0 4.2 2.0 15.1 4.0! 3.|-- ??? 100.0 10 0.0 0.0 0.0 0.0 0.0
  • 10. Example 3 • Host gave us an IPv6 address ending on all zeroes - 2001:db8:3bda:666::/64 • The router on their subnet did not respond to NS that originate from the “subnet-zero” address • 2001:db8:3bda:666::2 worked fine ! • RFC4291 section 2.6.1 provided clarity - Subnet Router Anycast Address 10
  • 11. Example 3 • Juniper kindly rejected the all-zeroes IPv6 address: ! ! ! ! ! ! • Lesson learned: The all-zeroes IPv6 address is not a normal IPv6 address 11 [edit interfaces ge-3/0/8 unit 666 family inet6]!   'address 2001:db8:3bda:666::0'!      Cannot assign address 0 on subnet! error: configuration check-out failed
  • 12. Example 4 • This anchor had an invalid router advertisement for an ethernet link 12 [bla@nl-aaa-as2345678 ~]$ sudo rdisc6 eth0! Soliciting ff02::2 (ff02::2) on eth0...! Hop limit                ! :           64 (      0x40)! Stateful address conf.    ! :           No! Stateful other conf.      ! :           No! Router preference         ! :       medium! Router lifetime           ! :         1800 (0x00000708) seconds! Reachable time            ! :  unspecified (0x00000000)! Retransmit time           ! :  unspecified (0x00000000)!  Source link-layer address: 74:8E:F8:BC:07:89!  MTU                      ! :         1500 bytes (valid)!  Prefix                   ! : 2001:db8:102:200::/56!   Valid time              ! :      2592000 (0x00278d00) seconds!   Pref. time              ! :       604800 (0x00093a80) seconds!  from fe80::768e:f8ff:febc:0789
  • 13. Example 4 • [RFC2462] “An IPv6 address prefix used for SLAAC of an Ethernet interface must have a length of 64 bits” ! • We saw different variations for the same problem: - /32 - /56 - /128 • Because we override SLAAC with manual configuration, this problem is easy to solve 13
  • 14. Example 4 • In CentOS, it is not difficult to switch off SLAAC if you know where to look. ! • Change the /etc/sysconfig/network file • Change NETWORKING_IPV6=no to NETWORKING_IPV6=yes • Add: • IPV6_AUTOCONF=no • IPV6_DEFAULTGW=2001:db8::1 (use your own gateway!) 14
  • 15. Example 4 • Then, change the /etc/sysconfig/network-scripts/ ifcfg-eth0 file • Add: • IPV6INIT=yes • IPV6ADDR=2001:db8::10 • This is your picked manual address! • run “service network restart” • Now you have a static address configured and SLAAC switched off. 15
  • 16. Example 5 • This host had a broken gateway • Pings and traces did not succeed ! ! ! ! • Also broken to other destinations within the same provider • Default route for IPv6 was missing 16 [bla@nl-aaa-as2345678 ~]$ sudo traceroute6 -I jp-tyo-as2500.anchors.atlas.ripe.net! traceroute to jp-tyo-as2500.anchors.atlas.ripe.net (2001:200:0:6002::a10:1a2), 30 hops max, 80 byte packets!  1  2001:db8:2381:fffe::1 (2001:db8:2381:fffe::1)  1.836 ms !N  2.265 ms !N  2.505 ms !N
  • 17. Example 6 • This host was using a tunnel instead of native IPv6 • Also, they blocked the ICMPv6 message “packet too big” • We found this out because the size of packets we could deliver was 1480 bytes - instead of the 1500 configured on the wire • When a packet bigger than 1480 bytes was sent, we did not receive the “packet too big” message, with a suggestion for a different MTU size • Outbound packets of 1500 bytes were dropped.. 17
  • 19. Lessons learned… • There are still IPv6 related software bugs in current mainstream server OSes ! • Common mistakes are being made ! • IPv6 is still not as well understood as IPv4 19
  • 20. Questions? Section Title Petrie/Trenaman - RIPE69 - Date [06/11/2014] 20