geantcampus » start page » ipv6_mar_2011

GEANT3 IPv6 Workshop - Networking without IPv4?

Organisers

This workshop was organised as part of the GEANT3 project.

The responsible GEANT3 task team has been "Campus Best Practices" (NA3/T4).

Venue and date

  • Dipoli conference center, Hall 4A, Otakaari 24, 00076 Aalto, Espoo, Finland.
  • March 24th and 25th, 2011.

Target Group

The workshop is open to anyone. Intended target group is:

  • Network engineers working with deployment of IPv6 on campuses
  • NREN staff involved with IPv6 and campus deployment

Letter of Invitation

At the moment we are using internet which is based on the use of IPv4 protocol. However, the depletion of the IPv4 address space shakes the foundations of the networks as there's no new room for expansion.

The next phase of evolution, IPv6, has been available for quite a while. Although both the support for the protocol itself in various networking equipment and the deployment in the networks have progressed, this growth has been infinitesimal compared to the IPv4.

The GN3 IPv6 workshop explores the question of networking without IPv4. Arguments can be taken pro and against, but the speakers and event participants are asked to base their contributions on practical experiences in addition to their professional competence.

By exploring the farthermost edges of deployments the workshop participants will get understanding what is actually a feasible level of IPv6 deployment and where the current challenges are. The focus is in the campus and access networks because they will bear the burden of the end users and their services.

The users are starting to turn their IPv6 stack on. Perhaps one day they will turn their IPv4 stack off?

Welcome to the workshop!

Programme

More details on the talks below.

Webcasting

  • The Thursday and Friday program is webcasted. Please have a look
  • In case you missed any of the Thursday or Friday presentations, please find the recordings in the Funet media archive

We had 434 play-outs from 117 unique IP addresses from 63 different domains across Europe.

Thursday March the 24th

12:00
The reception opens
13:00 - 13.15 Opening and welcome: introduction to the 1st dayJuha Oinonen, CSC/Funet
Vidar Faltinsen, UNINETT and GN3/NA3/T4
Theme: IPv6 in the IPv4 internet (M1B, M2A)
13.15-13.45 "How we did it" - practical approach to IPv6 deployment on campusJani Myyry, Aalto University Student Union
13.45-14.15 Security concerns and solutions with IPv6Tomas Podermanski (CESNET)
14.15-14.45
coffee break
Theme: Transitioning out of IPv4 (M5)
14.45-15.15Addressing and address managementJanos Mohacsi (NIIF)
15.15-15.45IPv6 gatewaysMariusz Stankiewicz (Gdansk University of Technology)
15.45-16.15Practical experiences on the use of transition mechanismsTrond Skjesol (UNINETT)
16.15 - 16.45
coffee break
Theme: The future with IPv6 only (M8)
16.45 - 17.15IPv6 only networking (not presented live do to illness) Ari Keränen (Ericsson)
17.15 - 17.45A strategic approach to IPv6Dave Wilson (HEANET, vconf)
17.45 - 17.50Ending of the first dayJari Miettinen (CSC)

Dinner

The workshop dinner is starting at 8 P.M. at:

  • Restaurant Loiste (Kaivokatu 3, Helsinki)

Friday March the 25th

8:30
The reception opens
Theme: Campus issues
9:00 - 9:15 Opening and welcome: introduction to the 2nd dayVidar Faltinsen (GN3 project)
9.15-11.00 Open microphone - lightning talks (15 min) from the audience
11.00-12.00
lunch break
Theme: Next steps
12:00-13.00 Panel on practical deployment: Dual stack or IPv6 only? (see the summary)1st day speakers (panelists), Pekka Savola (CSC, chair)
13.00-13.50 Meeting on the practical advancement of IPv6 on campuses (see the summary)
  • What is needed for the universities to make more progress on deployment? Your suggestions, please:-)
  • Do we have all the documents/good practices needed?
  • What reasons are used for not deploying? Can we remove more obstacles?
Gunnar Bøe (GN3 project)
13.50-14.00Wrap-up and farewellJari Miettinen (CSC)
14.00-15.00
free discussion with coffee
15.00The reception closes

List of participants

Further description of the talks

Thursday

Theme: IPv6 in the IPv4 internet (M1B, M2A) ("news from the field")
===================================================================
Topic1: "How we did it" - practical approach to IPv6
   deployment on campus 
   Experiences from the deployment and  a general description of the
   solution. End user feedback is a definite bonus.

Topic2: Security concerns and solutions with IPv6

   Growing number of IPv6 devices in the network would bring new security
   challenges. Are there any security improvements comparing to IPv4 or
   IPv6 brings some new security threads. IPv6 have been developed for more
   than 15 years so far and presentation tries to find the answer if IPv6
   cold be a complex security solutions for today's networks.

Theme: Transitioning out of IPv4 (M5, M6a, M6b) ("Problems and solutions")
==========================================================================
Topic3: Addressing and address management 

   Taking IPv6 into use means receiving an enormous amount of
   addresses. What is a good strategy to assign the IP numbers
   to the networks? Is there some good tips and practices?
  
Topic4: IPv6 gateways 
    IPv4 and IPv6 are mutually incompatible protocols, i.e. they are 
    transparent to each other in L2 networks.
    In order to enable communication between IPv4 and IPv6 internets, 
    several solutions have been proposed and implemented.
    This talk gives an overview on several different mechanisms and 
    developed solutions that facilitate IPv6 adoption. In particular, 
    universal, portable, multi-system DHCPv6 solution, a IPv6 Migration Guide 
    software and stateless IPv4-IPv6 translator are presented.

Topic5: Practical experiences on the use of transition mechanisms 

   The various IPv4-IPv6 transition mechanisms have been used for
   quite a long time and they have revealed pitfalls in the implementation
   and practices when used in the live networks. The talk gives an overview
   on the problems with some example cases.

Topic6: IPv6 only networking 

   What if there was no IPv4? In this presentation we share our
   experiences and measurement results from using IPv6-only networks.

Topic7: A strategic approach to IPv6 - Campuses and NRENs in co-operative transitioning

    The NRENs have had the IPv6 support for a considerable time.
    How this capability could be spread? What could put things into move?
    What is needed of various stakeholders? What is waiting for us in
    the IPv6-only future?
Excluded Topic8: DIY programming with IPv6

   It's pretty common situation that the sysadmins need to hack something 
   themselves. The question is: what tools to use if you want to program with 
   IPv6 support? The practical application could be e.g. network monitoring
   or cloud/cluster/system management.



Excluded Topic9: IPv6 routing and global view

   What's the size of the IPv6 internet backbone? What you can actually reach 
   natively? What about peerings and backbone router support?

Friday

Open microphone - 15 minutes lightning talks from the audience 
   We enroll talks as they are put forward.
   Can be on any topics/results/experiences.

Panel on practical deployment
   
Meeting on the practical advancement of IPv6 on campuses
   Based on earlier discussions, summarize what best practice documents are needed in 
   the area of IPv6 deployment on campus.

Summary of the panel debate and meeting

On the last day of the workshop (Friday) there was a panel debate with the first day speakers. Then there was a follow-up meeting on the practical advancements of IPv6 on campuses.

Here is a concentrated summary of these two agenda items:

Regarding IPv6 deployment today

  • IPv6 only networks is a bit early due to the lack of IPv6-to-IPv4 translation software with sufficient support for various protocols and the lack of IPv6 support in applications.
  • Mass deployments today should focus on dual stack
    • implement on all clients networks without informing users, they will not notice anyway - and this is better than tunnels.
  • IPv6 only networks should be deployed in niche environments

Main challenges for IPv6 today

  • Autoconfiguration of clients.
    • SLAAC does not contain addresses of DNS servers
    • DHCPv6 support is not supported on all OS yet
  • Current security challenges need to be solved
    1. Rouge RA.
      • Spoofing support in some switches only, need to improve
      • Alternative is to detect rouge RAs and block them or disable their impact (send RA with zero lifetime)
    2. ddos possibilities in ipv6
    3. Fragmentation challenges with ipv6
    4. Transition techniques create new paths for attacks MLD snooping support varies - a problem for IPv6 multicast
  • Transition techniques
    • Translation software NAT64/DNS64 immature

Strategy when IPv4 addresses are exhausted

  • Transition techniques was not originally planned, but with NAT64 and 4to6 gateways new positive possibilities arise.
  • Two alternatives:
    1. Dual stack: IPv6 + IPv4 NAT
    2. IPv6 only with NAT64 for IPv4 connectivity
  • IPv6 only (#2) is the most tempting approach, however it is not recommended just yet. Main problems:
    • Not all applications work behind NAT64 (i.e. skype)
    • Generally not stable yet, needs more testing
    • Many (mobile) devices do not support it.
  • Important to trial and test the IPv6 only approach in a larger scale. Example of possible deployments:
    • Subnet with office machines (be brave)
    • eduroam IPv6 only service
    • SIP phones

Strategies for improving the campus deployment rate of IPv6

  • Statistics listing the campuses that are doing good
  • It takes two to tango; i.e. you having enough IPv4 addresses is not a good reason to not deploy IPv6.
  • Government funding (done in Hungary)
  • Government enforcement (done in Czech republic for government offices)
  • NRENs reduce traffic costs for IPv6 traffic for their customers?
  • Introduce IPv6 only services
  • EU push? (EU commission are requesting IPv6 deployment numbers)
  • Seminar/workshops with vendors

Practical advancements for the GN3campus team

  • Get some IPv6 BPDs out there
  • Do not reinvent the wheel: when good information is available, do not write, but link
    • Example: documents written by Surfnet
  • Offer an index page of IPv6 information: own documents and links to well structured/good quality docs.
  • Consider a joint event with 6deploy-2.
  • Announce the ipv6-ops-request@lists.cluenet.de list, consider a new ipv6campus list?
  • Offer an IPv6 wiki (or an IPv6 area of an existing wiki)
  • Inform how a working group at the national level can be facilitated by the NREN
    • Working groups need a strong charter, focus and objective (should GN3campus suggest a charter?).
    • There must be some funding, at least for workshops and meetings.

Practical information

  • Moving around Helsinki: There's an extensive public transport system in the greater Helsinki area. Taxis and Airport Taxi services are also available. It takes about one hour to reach Dipoli from the Airport using public transport. Taxi service halves the time. The rush hours (7:00-9:00, 15:00-17:00) usually double the driving time.
  • Networking: eduroam and IPv6 only wireless at the workshop
  • Eating and dining: coffee service and dinner on March 24th, lunch and coffee service on March 25th

For more information, please see:

  • How to get from the airport to Dipoli by public transport? Take bus number 615 from the airport to the city center. Walk from the bus stop to the main bus station. Take bus 102 or 103 and sit until the last bus stop. Walk 150 meters.
    • Walking from the Helsinki city bus stop to the bus station (Google Maps)
    • Walking last 200 meters to Dipoli (Google Maps)
  • Locations:
  • Examples of Hotels
 
 
geantcampus/ipv6_mar_2011.txt · Last modified: 2011/04/08 13:17 by faltin@uninett.no

Viktig melding: openwiki.uninett.no

UNINETT OpenWiki er under utfasing. Wikier som er lite brukt er satt i kun-lese-modus. Ta kontakt med UNINETT for å åpne for skrivetilgang ved behov.

Group memberships: no groups