SlideShare a Scribd company logo

I Pv6 Now! Decix Tech Meeting #9

F
flyingpotato

IPv6: Migrate to IPv6 with IPv4 knowledge ... addressing scheme, OSPF and BGP Routing.

Technology
1 of 27
Download to read offline
IPv6. Now! DE-CIX Tekkie Meeting #9 Nov 13, 2008 Fredy Künzler, AS13030 kuenzler at init7 dot nospam dot net Init Seven AG Elias-Canetti-Strasse 7 CH-8050 Zürich www.init7.net www.blogg.ch www.bgp-and-beyond.com Disclaimer: the configuration examples in this presentation are probably inaccurate. Use it on your own risk. If you find 5 errors in the presentation, let me know and you qualify for a free Init7 geek T-Shirt (please note your size) ...
Face facts: Less than 1000 800 days until the free IPv4 pool gets exhausted. - Prediction by Geoff Huston, APNIC http://www.potaroo.net/tools/ipv4/ - Quoting Mike Leber, Hurricane Electric (he.net): Do you have an IPv6 plan? How long do you think it will be until Sarbanes Oxley and SAS 70 auditors start requiring disclosure of IPv4 exhaustion as a business continuity risk, as well as the presence or lack thereof of an IPv6 plan? 2
The good news #1: - If you are a LIR, request your IPv6 space now. It's just a formality: https://lirportal.ripe.net/ -> Request Forms -> IPv6 First Allocation Request Form After receiving the IPv6 allocation, put the appropriate route object into the RIPE database. 3
The good news #2: You don't have to reinvent the wheel. Everything you know about - BGP4 - Subnet Masks - OSPF - Route-Maps, Prefix-lists, AS-Path, Filter-Lists is still valid. More or less. - DualStack (IPv4/IPv6 on the same equipment) works well. - Do not think of deploying IPv6-Tunnels (unless you are an DSL/Cable user ... or a TIER-1 ;-) Initial IPv6 Deployment in a typical small provider network 4 is less than 1 day of work.
IPv6 Address Plan #1: - RIPE's allocation to the LIR is a /32 - Customer Assignments are usually a /48 (don't bother anymore how many addresses the customer should get) - IPv4 /30 (PtP) becomes IPv6 /126 - Host Address (IPv4 /32) becomes IPv6 /128 Deploying an address plan: - Stick to your existing IPv4 address scheme, for convenience. - Use a /48 for loopbacks - Use another /48 for Point-to-Point links 5
IPv6 Address Plan #2: Remember the notation of IPv6: 2001:db8::/32 = 2001:0db8:0000:0000:0000:0000:0000:0000/32 - 0 are omitted - two colons are replacing many 0 Note: 2001:db8::/32 should be used for any sample documentation. 6
IPv4 Sample Network (AS65000): IPv4 Transit IPv4 Peer 192.168.1.101/32 192.168.1.102/32 Router 2 Router 1 .1 .2 192.168.2.3/29 192.168.1.103/32 Router 3 192.168.2.9/30 Router 4 .10 192.168.1.104/32 192.168.3.1/24 Customer Server 192.168.3.50/24 7
Migration to IPv6 #1 IPv6 Loopback (Host) Addresses. We use 2001:db8:1::/48 for Loopbacks, and the last IPv4 IPv6 Transit IPv6 Peer octet corresponds to the IPv6 Loopback address. 2001:db8:1::101/128 2001:db8:1::102/128 Router 2 Router 1 2001:db8:1::103/128 Router 3 Router 4 2001:db8:1::104/128 8
Migration to IPv6 #2 IPv6 PtP / LAN Addresses. We use 2001:db8:2::/48 for LAN and PtP. Again, the IPv6 Transit IPv6 Peer addressing scheme corresponds to the legacy IPv4. PtP uses /126 addresses. 2001:db8:1::101/128 2001:db8:1::102/128 Router 2 Router 1 2001:db8:2::1/112 2001:db8:2::2/112 2001:db8:2::3/112 2001:db8:1::103/128 Router 3 2001:db8:2:1::d/126 Router 4 2001:db8:2:1::e/126 2001:db8:1::104/128 9
Migration to IPv6 #3 Server (End User) Addresses Assign a /48 to every end user, Example 2001:db8:ab::/48 IPv6 Transit IPv6 Peer 2001:db8:1::101/128 2001:db8:1::102/128 Router 2 Router 1 2001:db8:2::1/112 2001:db8:2::2/112 2001:db8:2::3/112 2001:db8:1::103/128 Router 3 2001:db8:2:1::d/126 Router 4 2001:db8:2:1::e/126 2001:db8:1::104/128 2001:db8:ab::1/48 Customer Server 2001:db8:ab::50/48 10
IPv6 Deployment #1: Enable IPv6 on routers: Cisco: ! ip cef !required by ipv6 cef ! ipv6 unicast-routing ipv6 cef ! Foundry Networks: ! ipv6 enable-acl-cam-sharing ipv6 unicast-routing ! 11
IPv6 Deployment #2: Configure Interfaces: Cisco: ! interface lo0 ipv6 enable ipv6 address 2001:db8:1::101/128 ! Foundry Networks: ! interface lo 1 ipv6 address 2001:db8:1::102/128 ipv6 enable ! 12
IPv6 Deployment #3: Configure IPv6 OSPF: Cisco: ! ipv6 router ospf 1 passive-interface default no passive-interface x/y ! interface x/y ipv6 ospf 1 area 0 ! Make sure that you are not talking OSPF to external interfaces (passive-interface default). 13
IPv6 Deployment #4: Configure IPv6 OSPF: Foundry Networks: ! ipv6 router ospf 1 area 0 ! interface lo 1 ipv6 ospf enable ipv6 ospf area 0 ! interface ethernet x/y ipv6 ospf enable ipv6 ospf area 0 ipv6 ospf passive !do not send OSPF multicast packets here ! 14
IPv6 Deployment #5: Check OSPF adjacencies and the IPv6 routing table: Cisco: # sh ipv6 ospf neighbor # sh ipv6 route [ospf|connected|static] Foundry Networks: # sh ipv6 ospf neighbor # sh ipv6 route [ospf|connect|static] 15
IPv6 Deployment #6: Configure IPv6 iBGP. Between Router 1/2/3 configure a full mesh, while Router 4 is configured as a route-reflector-client. All iBGP sessions should be configured between the loopback addresses (what else?). Cisco / Foundry Networks: ! router bgp 65000 neighbor 2001:db8:1::102 remote-as 65000 neighbor 2001:db8:1::102 description iBGP to Router 2 neighbor 2001:db8:1::102 update-source loopback 0 ! address-family ipv4 unicast no neighbor 2001:db8:1::102 activate ! address-family ipv6 unicast neighbor 2001:db8:1::102 activate neighbor 2001:db8:1::102 send-community neighbor 2001:db8:1::102 next-hop-self !depends on config. Neighbor 2001:db8:1::102 soft-reconfiguration inbound 16 !
IPv6 Deployment #7: Configure IPv6 eBGP Transit / Peers. Neighbor address is provided by Transit Provider or Internet Exchange. Cisco / Foundry Networks: ! ipv6 prefix-list MYSELF seq 5 permit 2001:db8::/32 ! router bgp 65000 neighbor x:x:x:x::x remote-as 123 neighbor x:x:x:x::x description IPv6 Transit Provider ! address-family ipv4 unicast no neighbor x:x:x:x::x activate ! address-family ipv6 unicast neighbor x:x:x:x::x activate neighbor x:x:x:x::x send-community !depends on config neighbor x:x:x:x::x next-hop-self !implicit neighbor x:x:x:x::x soft-reconfiguration inbound neighbor x:x:x:x::x prefix-list MYSELF out ! 17
IPv6 Deployment #8: Start propagating your IPv6 netblock. Advise your Transit Provider in order to adjust his inbound filter list. Don't forget the static route with high distance value... Cisco / Foundry Networks: ! ipv6 route 2001:db8::/32 null0 [distance] 250 ! router bgp 65000 network 2001:db8::/32 ! Check your propagation in various IPv6 Looking Glass. 18
Linux Server / Apache 2 Configure your Linux Server with IPv6: add into /etc/rc.local or /etc/network/interfaces # ifconfig eth0 inet6 add 2001:db8:ab::50/48 # Reboot or execute /etc/rc.local ... check connectivity with ping6. Apache 1.x is not IPv6 compatible. If not done yet, migrate to Apache 2. Good reading is Peter Bieringer's IPv6 Howto: http://www.bieringer.de/linux/IPv6/IPv6-HOWTO/ For Apache 2 see section #4. 19
No default gateway anymore ... Neighbor Discovery Protocol (ND) – no definition of the default gateway is required anymore. A router propagates himself as the Default Gateway to v6-Hosts [On by default]. Please turn it off at interfaces facing an Internet Exchange: Cisco: ! interface lo0 ipv6 enable ipv6 address 2001:db8:1::101/128 ipv6 nd suppress-ra ! Foundry Networks: ! interface lo 1 ipv6 address 2001:db8:1::102/128 ipv6 enable ipv6 nd suppress-ra 20 !
DNS Server Configure your DNS record with IPv6: ; servername.com. A 192.168.3.50 ; servername.com. AAAA 2001:db8:ab::50 www CNAME servername.com. Note: DNS servers don't need to be accessible via IPv6 to resolve AAAA records, however IPv6-only clients may have problems to resolve. 21
IPv6 Reverse DNS Server This is a nasty thing. I suppose we are going to postpone it... don't we always have a task list with priorities?! 22
Check your IPv6 Connectivity If you don't have an IPv6-enabled client, try the tools of SixXS: http://ipv4gate.sixxs.net/ http://www.sixxs.net/ 23
More IPv6 Links: Tunnelbrokers (IPv6 for IPv4-only broadband users): - http://tunnelbroker.net/ (by Hurricane Electric) - http://www.sixxs.net/faq/account/?faq=10steps From RIPE #56 - Structural Problems in the IPv6 Routing: http://rosie.ripe.net/ripe/meetings/ripe-56/presentations/uploads/Tuesday/Plenary%2016:00/upl/Schmidt-Structural_problems_in_the - IPv6 PI Space – refer to Gert Dörings Presentation: http://rosie.ripe.net/ripe/meetings/ripe-56/presentations/uploads/Thursday/Address%20Policy%202/upl/Doering-IPv6_Routing_Table_ - Measurement of the IPv6 deployment by Geoff Huston: http://rosie.ripe.net/ripe/meetings/ripe-56/presentations/uploads/Wednesday/Plenary%2009:00/upl/Huston-Measuring_IPv6_Deploym IPv6 BOGON information (use the “Relaxed” template): http://www.space.net/~gert/RIPE/ipv6-filters.html 24
History of IPv6 @ SwiNOG - SwiNOG #2 (March 21, 2001) by Simon Leinen, SWITCH: IPv6 Operational Experiences http://www.swinog.ch/meetings/swinog2/leinen-ipv6.ps - SwiNOG #8 (March 24, 2004) by Simon Leinen, SWITCH: IPv6 Peering Group http://www.swinog.ch/meetings/swinog8/ipv6_swinog.pdf - SwiNOG #11 (October 20, 2005) by Jeroen Massar SixXS: Looking at deploying IPv6 http://www.swinog.ch/meetings/swinog11/SwiNOG11-DeployingIPv6.pdf 25
Help to deploy IPv6 in Switzerland Europe! - Obtain your IPv6 allocation now - Init7 offers IPv6 connectivity to all existing Colo/Transit customers free of charge according to their current CDR (BGP4 feed or static routing). - Init7 offers IPv6 transit connectivity to non-customers (BGP4 feed only) free of charge until mid of 2009 (Cabling on prospects expense) [Disclaimer: up to a reasonable volume of traffic]. - DSL/Cable customers: no decent IPv6 CPE devices available yet, use Tunnelbrokers until further notice. 26 Blame ... | Fritz | Zyxel | Netopia | ... |
IPv6. Now! Questions? Fredy Künzler, AS13030 kuenzler at init7 dot nospam dot net www.init7.net www.blogg.ch www.bgp-and-beyond.com

Recommended

IPv6 Now! (Presentation at SwiNOG #16)
IPv6 Now! (Presentation at SwiNOG #16)IPv6 Now! (Presentation at SwiNOG #16)
IPv6 Now! (Presentation at SwiNOG #16)flyingpotato
 
PATENT of panatrate firewall
PATENT of panatrate firewallPATENT of panatrate firewall
PATENT of panatrate firewallBo Xiong
 
Intel DPDK Step by Step instructions
Intel DPDK Step by Step instructionsIntel DPDK Step by Step instructions
Intel DPDK Step by Step instructionsHisaki Ohara
 
Fcsi601 Linux Firewall Nat
Fcsi601 Linux Firewall NatFcsi601 Linux Firewall Nat
Fcsi601 Linux Firewall Natnarayannpp
 
Userspace networking
Userspace networkingUserspace networking
Userspace networkingStephen Hemminger
 
Session 3
Session 3Session 3
Session 3ahmed elmeghiny
 
Linux Bridging: Teaching an old dog new tricks
Linux Bridging: Teaching an old dog new tricksLinux Bridging: Teaching an old dog new tricks
Linux Bridging: Teaching an old dog new tricksStephen Hemminger
 
Introduction to firewalls through Iptables
Introduction to firewalls through IptablesIntroduction to firewalls through Iptables
Introduction to firewalls through IptablesBud Siddhisena
 

Recommended

IPv6 Now! (Presentation at SwiNOG #16)
IPv6 Now! (Presentation at SwiNOG #16)IPv6 Now! (Presentation at SwiNOG #16)
IPv6 Now! (Presentation at SwiNOG #16)flyingpotato
 
PATENT of panatrate firewall
PATENT of panatrate firewallPATENT of panatrate firewall
PATENT of panatrate firewallBo Xiong
 
Intel DPDK Step by Step instructions
Intel DPDK Step by Step instructionsIntel DPDK Step by Step instructions
Intel DPDK Step by Step instructionsHisaki Ohara
 
Fcsi601 Linux Firewall Nat
Fcsi601 Linux Firewall NatFcsi601 Linux Firewall Nat
Fcsi601 Linux Firewall Natnarayannpp
 
Userspace networking
Userspace networkingUserspace networking
Userspace networkingStephen Hemminger
 
Session 3
Session 3Session 3
Session 3ahmed elmeghiny
 
Linux Bridging: Teaching an old dog new tricks
Linux Bridging: Teaching an old dog new tricksLinux Bridging: Teaching an old dog new tricks
Linux Bridging: Teaching an old dog new tricksStephen Hemminger
 
Introduction to firewalls through Iptables
Introduction to firewalls through IptablesIntroduction to firewalls through Iptables
Introduction to firewalls through IptablesBud Siddhisena
 
Dpdk applications
Dpdk applicationsDpdk applications
Dpdk applicationsVipin Varghese
 
Basics of firewall, ebtables, arptables and iptables
Basics of firewall, ebtables, arptables and iptablesBasics of firewall, ebtables, arptables and iptables
Basics of firewall, ebtables, arptables and iptablesPrzemysław Piotrowski
 
Ccnp labs
Ccnp labsCcnp labs
Ccnp labsMarat Makulov
 
Lagopus presentation on 14th Annual ON*VECTOR International Photonics Workshop
Lagopus presentation on 14th Annual ON*VECTOR International Photonics WorkshopLagopus presentation on 14th Annual ON*VECTOR International Photonics Workshop
Lagopus presentation on 14th Annual ON*VECTOR International Photonics WorkshopLagopus SDN/OpenFlow switch
 
Leonardo Nve Egea - Playing in a Satellite Environment 1.2
Leonardo Nve Egea - Playing in a Satellite Environment 1.2Leonardo Nve Egea - Playing in a Satellite Environment 1.2
Leonardo Nve Egea - Playing in a Satellite Environment 1.2Jim Geovedi
 
Iptables Configuration
Iptables ConfigurationIptables Configuration
Iptables Configurationstom123
 
HA, SRX Cluster & Redundancy Groups
HA, SRX Cluster & Redundancy GroupsHA, SRX Cluster & Redundancy Groups
HA, SRX Cluster & Redundancy GroupsKashif Latif
 
Neighbor discoverydhcp
Neighbor discoverydhcpNeighbor discoverydhcp
Neighbor discoverydhcpFred Bovy
 
12 ethernet-wifi
12 ethernet-wifi12 ethernet-wifi
12 ethernet-wifiOlivier Bonaventure
 
IP tables
IP tablesIP tables
IP tablesaamodt
 
Practice
PracticePractice
PracticeAvinash Singal
 
Chapter 08
Chapter 08Chapter 08
Chapter 08guest35417d
 
MX960 Router
MX960 RouterMX960 Router
MX960 RouterKashif Latif
 
Session 1
Session 1Session 1
Session 1ahmed elmeghiny
 
Session 2
Session 2Session 2
Session 2ahmed elmeghiny
 
Juniper Networks Router Architecture
Juniper Networks Router ArchitectureJuniper Networks Router Architecture
Juniper Networks Router Architecturelawuah
 
Iptables in linux
Iptables in linuxIptables in linux
Iptables in linuxMandeep Singh
 
Attacking the spanning tree protocol
Attacking the spanning tree protocolAttacking the spanning tree protocol
Attacking the spanning tree protocolAsmadzakirah
 
IPv6 for Pentesters
IPv6 for PentestersIPv6 for Pentesters
IPv6 for Pentesterscamsec
 
The Spectre of Meltdowns
The Spectre of MeltdownsThe Spectre of Meltdowns
The Spectre of MeltdownsAndriy Berestovskyy
 
Switch And Data Acquistion Overview
Switch And Data Acquistion OverviewSwitch And Data Acquistion Overview
Switch And Data Acquistion Overviewflyingpotato
 
FTTH Position von Swisscom
FTTH Position von SwisscomFTTH Position von Swisscom
FTTH Position von Swisscomflyingpotato
 

More Related Content

What's hot

Basics of firewall, ebtables, arptables and iptables
Basics of firewall, ebtables, arptables and iptablesBasics of firewall, ebtables, arptables and iptables
Basics of firewall, ebtables, arptables and iptablesPrzemysław Piotrowski
 
Lagopus presentation on 14th Annual ON*VECTOR International Photonics Workshop
Lagopus presentation on 14th Annual ON*VECTOR International Photonics WorkshopLagopus presentation on 14th Annual ON*VECTOR International Photonics Workshop
Lagopus presentation on 14th Annual ON*VECTOR International Photonics WorkshopLagopus SDN/OpenFlow switch
 
Leonardo Nve Egea - Playing in a Satellite Environment 1.2
Leonardo Nve Egea - Playing in a Satellite Environment 1.2Leonardo Nve Egea - Playing in a Satellite Environment 1.2
Leonardo Nve Egea - Playing in a Satellite Environment 1.2Jim Geovedi
 
Iptables Configuration
Iptables ConfigurationIptables Configuration
Iptables Configurationstom123
 
HA, SRX Cluster & Redundancy Groups
HA, SRX Cluster & Redundancy GroupsHA, SRX Cluster & Redundancy Groups
HA, SRX Cluster & Redundancy GroupsKashif Latif
 
Neighbor discoverydhcp
Neighbor discoverydhcpNeighbor discoverydhcp
Neighbor discoverydhcpFred Bovy
 
IP tables
IP tablesIP tables
IP tablesaamodt
 
Juniper Networks Router Architecture
Juniper Networks Router ArchitectureJuniper Networks Router Architecture
Juniper Networks Router Architecturelawuah
 
Attacking the spanning tree protocol
Attacking the spanning tree protocolAttacking the spanning tree protocol
Attacking the spanning tree protocolAsmadzakirah
 
IPv6 for Pentesters
IPv6 for PentestersIPv6 for Pentesters
IPv6 for Pentesterscamsec
 

What's hot (20)

Dpdk applications
Dpdk applicationsDpdk applications
Dpdk applications
 
Basics of firewall, ebtables, arptables and iptables
Basics of firewall, ebtables, arptables and iptablesBasics of firewall, ebtables, arptables and iptables
Basics of firewall, ebtables, arptables and iptables
 
Ccnp labs
Ccnp labsCcnp labs
Ccnp labs
 
Lagopus presentation on 14th Annual ON*VECTOR International Photonics Workshop
Lagopus presentation on 14th Annual ON*VECTOR International Photonics WorkshopLagopus presentation on 14th Annual ON*VECTOR International Photonics Workshop
Lagopus presentation on 14th Annual ON*VECTOR International Photonics Workshop
 
Leonardo Nve Egea - Playing in a Satellite Environment 1.2
Leonardo Nve Egea - Playing in a Satellite Environment 1.2Leonardo Nve Egea - Playing in a Satellite Environment 1.2
Leonardo Nve Egea - Playing in a Satellite Environment 1.2
 
Iptables Configuration
Iptables ConfigurationIptables Configuration
Iptables Configuration
 
HA, SRX Cluster & Redundancy Groups
HA, SRX Cluster & Redundancy GroupsHA, SRX Cluster & Redundancy Groups
HA, SRX Cluster & Redundancy Groups
 
Neighbor discoverydhcp
Neighbor discoverydhcpNeighbor discoverydhcp
Neighbor discoverydhcp
 
12 ethernet-wifi
12 ethernet-wifi12 ethernet-wifi
12 ethernet-wifi
 
IP tables
IP tablesIP tables
IP tables
 
Practice
PracticePractice
Practice
 
Chapter 08
Chapter 08Chapter 08
Chapter 08
 
MX960 Router
MX960 RouterMX960 Router
MX960 Router
 
Session 1
Session 1Session 1
Session 1
 
Session 2
Session 2Session 2
Session 2
 
Juniper Networks Router Architecture
Juniper Networks Router ArchitectureJuniper Networks Router Architecture
Juniper Networks Router Architecture
 
Iptables in linux
Iptables in linuxIptables in linux
Iptables in linux
 
Attacking the spanning tree protocol
Attacking the spanning tree protocolAttacking the spanning tree protocol
Attacking the spanning tree protocol
 
IPv6 for Pentesters
IPv6 for PentestersIPv6 for Pentesters
IPv6 for Pentesters
 
The Spectre of Meltdowns
The Spectre of MeltdownsThe Spectre of Meltdowns
The Spectre of Meltdowns
 

Viewers also liked

Switch And Data Acquistion Overview
Switch And Data Acquistion OverviewSwitch And Data Acquistion Overview
Switch And Data Acquistion Overviewflyingpotato
 
FTTH Position von Swisscom
FTTH Position von SwisscomFTTH Position von Swisscom
FTTH Position von Swisscomflyingpotato
 
Swissix Update @ SwiNOG #16
Swissix Update @ SwiNOG #16Swissix Update @ SwiNOG #16
Swissix Update @ SwiNOG #16flyingpotato
 
Webhosting in Africa
Webhosting in AfricaWebhosting in Africa
Webhosting in Africaflyingpotato
 
RSS Feeds und Blogs aus Sicht des Suchmaschinenmarketings
RSS Feeds und Blogs aus Sicht des SuchmaschinenmarketingsRSS Feeds und Blogs aus Sicht des Suchmaschinenmarketings
RSS Feeds und Blogs aus Sicht des Suchmaschinenmarketingsflyingpotato
 
IPv6 Best Practice
IPv6 Best PracticeIPv6 Best Practice
IPv6 Best Practiceflyingpotato
 
Netclean Whitebox by Practeo
Netclean Whitebox by PracteoNetclean Whitebox by Practeo
Netclean Whitebox by Practeoflyingpotato
 
FTTX conferece Berlin December 2010 - Slides by Emanuel Kleindienst (5th Inte...
FTTX conferece Berlin December 2010 - Slides by Emanuel Kleindienst (5th Inte...FTTX conferece Berlin December 2010 - Slides by Emanuel Kleindienst (5th Inte...
FTTX conferece Berlin December 2010 - Slides by Emanuel Kleindienst (5th Inte...flyingpotato
 

Viewers also liked (8)

Switch And Data Acquistion Overview
Switch And Data Acquistion OverviewSwitch And Data Acquistion Overview
Switch And Data Acquistion Overview
 
FTTH Position von Swisscom
FTTH Position von SwisscomFTTH Position von Swisscom
FTTH Position von Swisscom
 
Swissix Update @ SwiNOG #16
Swissix Update @ SwiNOG #16Swissix Update @ SwiNOG #16
Swissix Update @ SwiNOG #16
 
Webhosting in Africa
Webhosting in AfricaWebhosting in Africa
Webhosting in Africa
 
RSS Feeds und Blogs aus Sicht des Suchmaschinenmarketings
RSS Feeds und Blogs aus Sicht des SuchmaschinenmarketingsRSS Feeds und Blogs aus Sicht des Suchmaschinenmarketings
RSS Feeds und Blogs aus Sicht des Suchmaschinenmarketings
 
IPv6 Best Practice
IPv6 Best PracticeIPv6 Best Practice
IPv6 Best Practice
 
Netclean Whitebox by Practeo
Netclean Whitebox by PracteoNetclean Whitebox by Practeo
Netclean Whitebox by Practeo
 
FTTX conferece Berlin December 2010 - Slides by Emanuel Kleindienst (5th Inte...
FTTX conferece Berlin December 2010 - Slides by Emanuel Kleindienst (5th Inte...FTTX conferece Berlin December 2010 - Slides by Emanuel Kleindienst (5th Inte...
FTTX conferece Berlin December 2010 - Slides by Emanuel Kleindienst (5th Inte...
 

Similar to I Pv6 Now! Decix Tech Meeting #9

Mcse notes
Mcse notesMcse notes
Mcse notesvrammn
 
Learning Erlang (from a Prolog dropout's perspective)
Learning Erlang (from a Prolog dropout's perspective)Learning Erlang (from a Prolog dropout's perspective)
Learning Erlang (from a Prolog dropout's perspective)elliando dias
 
Short Introduction to IPv6
Short Introduction to IPv6Short Introduction to IPv6
Short Introduction to IPv6Martin Schütte
 
Fedv6tf-IPv6-new-friends
Fedv6tf-IPv6-new-friendsFedv6tf-IPv6-new-friends
Fedv6tf-IPv6-new-friendsTim Martin
 
Deploy ipv6 multicast_v0_1
Deploy ipv6 multicast_v0_1Deploy ipv6 multicast_v0_1
Deploy ipv6 multicast_v0_1Nguyen Thanh
 
CodiLime Tech Talk - Adam Kułagowski: IPv6 - introduction
CodiLime Tech Talk - Adam Kułagowski: IPv6 - introductionCodiLime Tech Talk - Adam Kułagowski: IPv6 - introduction
CodiLime Tech Talk - Adam Kułagowski: IPv6 - introductionCodiLime
 
Automating auto-scaled load balancer based on linux and vm orchestrator
Automating auto-scaled load balancer based on linux and vm orchestratorAutomating auto-scaled load balancer based on linux and vm orchestrator
Automating auto-scaled load balancer based on linux and vm orchestratorAndrew Yongjoon Kong
 
IPv6 Theory by Cisco
IPv6 Theory by CiscoIPv6 Theory by Cisco
IPv6 Theory by CiscoFebrian ‎
 
Multivendor MPLS L3VPN
Multivendor MPLS L3VPNMultivendor MPLS L3VPN
Multivendor MPLS L3VPNStefano Sasso
 
RIP Routing Information Protocol Extreme Networks
RIP Routing Information Protocol Extreme NetworksRIP Routing Information Protocol Extreme Networks
RIP Routing Information Protocol Extreme NetworksDani Royman Simanjuntak
 
Network Programming: Data Plane Development Kit (DPDK)
Network Programming: Data Plane Development Kit (DPDK)Network Programming: Data Plane Development Kit (DPDK)
Network Programming: Data Plane Development Kit (DPDK)Andriy Berestovskyy
 
Deploying IPv6 in OpenStack Environments
Deploying IPv6 in OpenStack EnvironmentsDeploying IPv6 in OpenStack Environments
Deploying IPv6 in OpenStack EnvironmentsShannon McFarland
 
NAT and firewall presentation - how setup a nice firewall
NAT and firewall presentation - how setup a nice firewallNAT and firewall presentation - how setup a nice firewall
NAT and firewall presentation - how setup a nice firewallCassiano Campes
 

Similar to I Pv6 Now! Decix Tech Meeting #9 (20)

IPv6 Static Routes
IPv6 Static RoutesIPv6 Static Routes
IPv6 Static Routes
 
Mcse notes
Mcse notesMcse notes
Mcse notes
 
Learning Erlang (from a Prolog dropout's perspective)
Learning Erlang (from a Prolog dropout's perspective)Learning Erlang (from a Prolog dropout's perspective)
Learning Erlang (from a Prolog dropout's perspective)
 
Short Introduction to IPv6
Short Introduction to IPv6Short Introduction to IPv6
Short Introduction to IPv6
 
Fedv6tf-IPv6-new-friends
Fedv6tf-IPv6-new-friendsFedv6tf-IPv6-new-friends
Fedv6tf-IPv6-new-friends
 
IP anycasting
IP anycasting IP anycasting
IP anycasting
 
Deploy ipv6 multicast_v0_1
Deploy ipv6 multicast_v0_1Deploy ipv6 multicast_v0_1
Deploy ipv6 multicast_v0_1
 
I pv6 eigrp
I pv6 eigrpI pv6 eigrp
I pv6 eigrp
 
IPv6 EIGRP
IPv6 EIGRPIPv6 EIGRP
IPv6 EIGRP
 
CodiLime Tech Talk - Adam Kułagowski: IPv6 - introduction
CodiLime Tech Talk - Adam Kułagowski: IPv6 - introductionCodiLime Tech Talk - Adam Kułagowski: IPv6 - introduction
CodiLime Tech Talk - Adam Kułagowski: IPv6 - introduction
 
Automating auto-scaled load balancer based on linux and vm orchestrator
Automating auto-scaled load balancer based on linux and vm orchestratorAutomating auto-scaled load balancer based on linux and vm orchestrator
Automating auto-scaled load balancer based on linux and vm orchestrator
 
9 ipv6-routing
9 ipv6-routing9 ipv6-routing
9 ipv6-routing
 
IPv6 Theory by Cisco
IPv6 Theory by CiscoIPv6 Theory by Cisco
IPv6 Theory by Cisco
 
Multivendor MPLS L3VPN
Multivendor MPLS L3VPNMultivendor MPLS L3VPN
Multivendor MPLS L3VPN
 
Brkmpl 1261
Brkmpl 1261Brkmpl 1261
Brkmpl 1261
 
RIP Routing Information Protocol Extreme Networks
RIP Routing Information Protocol Extreme NetworksRIP Routing Information Protocol Extreme Networks
RIP Routing Information Protocol Extreme Networks
 
Ipv6 Alp
Ipv6 AlpIpv6 Alp
Ipv6 Alp
 
Network Programming: Data Plane Development Kit (DPDK)
Network Programming: Data Plane Development Kit (DPDK)Network Programming: Data Plane Development Kit (DPDK)
Network Programming: Data Plane Development Kit (DPDK)
 
Deploying IPv6 in OpenStack Environments
Deploying IPv6 in OpenStack EnvironmentsDeploying IPv6 in OpenStack Environments
Deploying IPv6 in OpenStack Environments
 
NAT and firewall presentation - how setup a nice firewall
NAT and firewall presentation - how setup a nice firewallNAT and firewall presentation - how setup a nice firewall
NAT and firewall presentation - how setup a nice firewall
 

Recently uploaded

Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfEnterprise Knowledge
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Igalia
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Allon Mureinik
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsTop 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsRoshan Dwivedi
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxKatpro Technologies
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEarley Information Science
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slidevu2urc
 

Recently uploaded (20)

Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsTop 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 

I Pv6 Now! Decix Tech Meeting #9

  • 1. IPv6. Now! DE-CIX Tekkie Meeting #9 Nov 13, 2008 Fredy Künzler, AS13030 kuenzler at init7 dot nospam dot net Init Seven AG Elias-Canetti-Strasse 7 CH-8050 Zürich www.init7.net www.blogg.ch www.bgp-and-beyond.com Disclaimer: the configuration examples in this presentation are probably inaccurate. Use it on your own risk. If you find 5 errors in the presentation, let me know and you qualify for a free Init7 geek T-Shirt (please note your size) ...
  • 2. Face facts: Less than 1000 800 days until the free IPv4 pool gets exhausted. - Prediction by Geoff Huston, APNIC http://www.potaroo.net/tools/ipv4/ - Quoting Mike Leber, Hurricane Electric (he.net): Do you have an IPv6 plan? How long do you think it will be until Sarbanes Oxley and SAS 70 auditors start requiring disclosure of IPv4 exhaustion as a business continuity risk, as well as the presence or lack thereof of an IPv6 plan? 2
  • 3. The good news #1: - If you are a LIR, request your IPv6 space now. It's just a formality: https://lirportal.ripe.net/ -> Request Forms -> IPv6 First Allocation Request Form After receiving the IPv6 allocation, put the appropriate route object into the RIPE database. 3
  • 4. The good news #2: You don't have to reinvent the wheel. Everything you know about - BGP4 - Subnet Masks - OSPF - Route-Maps, Prefix-lists, AS-Path, Filter-Lists is still valid. More or less. - DualStack (IPv4/IPv6 on the same equipment) works well. - Do not think of deploying IPv6-Tunnels (unless you are an DSL/Cable user ... or a TIER-1 ;-) Initial IPv6 Deployment in a typical small provider network 4 is less than 1 day of work.
  • 5. IPv6 Address Plan #1: - RIPE's allocation to the LIR is a /32 - Customer Assignments are usually a /48 (don't bother anymore how many addresses the customer should get) - IPv4 /30 (PtP) becomes IPv6 /126 - Host Address (IPv4 /32) becomes IPv6 /128 Deploying an address plan: - Stick to your existing IPv4 address scheme, for convenience. - Use a /48 for loopbacks - Use another /48 for Point-to-Point links 5
  • 6. IPv6 Address Plan #2: Remember the notation of IPv6: 2001:db8::/32 = 2001:0db8:0000:0000:0000:0000:0000:0000/32 - 0 are omitted - two colons are replacing many 0 Note: 2001:db8::/32 should be used for any sample documentation. 6
  • 7. IPv4 Sample Network (AS65000): IPv4 Transit IPv4 Peer 192.168.1.101/32 192.168.1.102/32 Router 2 Router 1 .1 .2 192.168.2.3/29 192.168.1.103/32 Router 3 192.168.2.9/30 Router 4 .10 192.168.1.104/32 192.168.3.1/24 Customer Server 192.168.3.50/24 7
  • 8. Migration to IPv6 #1 IPv6 Loopback (Host) Addresses. We use 2001:db8:1::/48 for Loopbacks, and the last IPv4 IPv6 Transit IPv6 Peer octet corresponds to the IPv6 Loopback address. 2001:db8:1::101/128 2001:db8:1::102/128 Router 2 Router 1 2001:db8:1::103/128 Router 3 Router 4 2001:db8:1::104/128 8
  • 9. Migration to IPv6 #2 IPv6 PtP / LAN Addresses. We use 2001:db8:2::/48 for LAN and PtP. Again, the IPv6 Transit IPv6 Peer addressing scheme corresponds to the legacy IPv4. PtP uses /126 addresses. 2001:db8:1::101/128 2001:db8:1::102/128 Router 2 Router 1 2001:db8:2::1/112 2001:db8:2::2/112 2001:db8:2::3/112 2001:db8:1::103/128 Router 3 2001:db8:2:1::d/126 Router 4 2001:db8:2:1::e/126 2001:db8:1::104/128 9
  • 10. Migration to IPv6 #3 Server (End User) Addresses Assign a /48 to every end user, Example 2001:db8:ab::/48 IPv6 Transit IPv6 Peer 2001:db8:1::101/128 2001:db8:1::102/128 Router 2 Router 1 2001:db8:2::1/112 2001:db8:2::2/112 2001:db8:2::3/112 2001:db8:1::103/128 Router 3 2001:db8:2:1::d/126 Router 4 2001:db8:2:1::e/126 2001:db8:1::104/128 2001:db8:ab::1/48 Customer Server 2001:db8:ab::50/48 10
  • 11. IPv6 Deployment #1: Enable IPv6 on routers: Cisco: ! ip cef !required by ipv6 cef ! ipv6 unicast-routing ipv6 cef ! Foundry Networks: ! ipv6 enable-acl-cam-sharing ipv6 unicast-routing ! 11
  • 12. IPv6 Deployment #2: Configure Interfaces: Cisco: ! interface lo0 ipv6 enable ipv6 address 2001:db8:1::101/128 ! Foundry Networks: ! interface lo 1 ipv6 address 2001:db8:1::102/128 ipv6 enable ! 12
  • 13. IPv6 Deployment #3: Configure IPv6 OSPF: Cisco: ! ipv6 router ospf 1 passive-interface default no passive-interface x/y ! interface x/y ipv6 ospf 1 area 0 ! Make sure that you are not talking OSPF to external interfaces (passive-interface default). 13
  • 14. IPv6 Deployment #4: Configure IPv6 OSPF: Foundry Networks: ! ipv6 router ospf 1 area 0 ! interface lo 1 ipv6 ospf enable ipv6 ospf area 0 ! interface ethernet x/y ipv6 ospf enable ipv6 ospf area 0 ipv6 ospf passive !do not send OSPF multicast packets here ! 14
  • 15. IPv6 Deployment #5: Check OSPF adjacencies and the IPv6 routing table: Cisco: # sh ipv6 ospf neighbor # sh ipv6 route [ospf|connected|static] Foundry Networks: # sh ipv6 ospf neighbor # sh ipv6 route [ospf|connect|static] 15
  • 16. IPv6 Deployment #6: Configure IPv6 iBGP. Between Router 1/2/3 configure a full mesh, while Router 4 is configured as a route-reflector-client. All iBGP sessions should be configured between the loopback addresses (what else?). Cisco / Foundry Networks: ! router bgp 65000 neighbor 2001:db8:1::102 remote-as 65000 neighbor 2001:db8:1::102 description iBGP to Router 2 neighbor 2001:db8:1::102 update-source loopback 0 ! address-family ipv4 unicast no neighbor 2001:db8:1::102 activate ! address-family ipv6 unicast neighbor 2001:db8:1::102 activate neighbor 2001:db8:1::102 send-community neighbor 2001:db8:1::102 next-hop-self !depends on config. Neighbor 2001:db8:1::102 soft-reconfiguration inbound 16 !
  • 17. IPv6 Deployment #7: Configure IPv6 eBGP Transit / Peers. Neighbor address is provided by Transit Provider or Internet Exchange. Cisco / Foundry Networks: ! ipv6 prefix-list MYSELF seq 5 permit 2001:db8::/32 ! router bgp 65000 neighbor x:x:x:x::x remote-as 123 neighbor x:x:x:x::x description IPv6 Transit Provider ! address-family ipv4 unicast no neighbor x:x:x:x::x activate ! address-family ipv6 unicast neighbor x:x:x:x::x activate neighbor x:x:x:x::x send-community !depends on config neighbor x:x:x:x::x next-hop-self !implicit neighbor x:x:x:x::x soft-reconfiguration inbound neighbor x:x:x:x::x prefix-list MYSELF out ! 17
  • 18. IPv6 Deployment #8: Start propagating your IPv6 netblock. Advise your Transit Provider in order to adjust his inbound filter list. Don't forget the static route with high distance value... Cisco / Foundry Networks: ! ipv6 route 2001:db8::/32 null0 [distance] 250 ! router bgp 65000 network 2001:db8::/32 ! Check your propagation in various IPv6 Looking Glass. 18
  • 19. Linux Server / Apache 2 Configure your Linux Server with IPv6: add into /etc/rc.local or /etc/network/interfaces # ifconfig eth0 inet6 add 2001:db8:ab::50/48 # Reboot or execute /etc/rc.local ... check connectivity with ping6. Apache 1.x is not IPv6 compatible. If not done yet, migrate to Apache 2. Good reading is Peter Bieringer's IPv6 Howto: http://www.bieringer.de/linux/IPv6/IPv6-HOWTO/ For Apache 2 see section #4. 19
  • 20. No default gateway anymore ... Neighbor Discovery Protocol (ND) – no definition of the default gateway is required anymore. A router propagates himself as the Default Gateway to v6-Hosts [On by default]. Please turn it off at interfaces facing an Internet Exchange: Cisco: ! interface lo0 ipv6 enable ipv6 address 2001:db8:1::101/128 ipv6 nd suppress-ra ! Foundry Networks: ! interface lo 1 ipv6 address 2001:db8:1::102/128 ipv6 enable ipv6 nd suppress-ra 20 !
  • 21. DNS Server Configure your DNS record with IPv6: ; servername.com. A 192.168.3.50 ; servername.com. AAAA 2001:db8:ab::50 www CNAME servername.com. Note: DNS servers don't need to be accessible via IPv6 to resolve AAAA records, however IPv6-only clients may have problems to resolve. 21
  • 22. IPv6 Reverse DNS Server This is a nasty thing. I suppose we are going to postpone it... don't we always have a task list with priorities?! 22
  • 23. Check your IPv6 Connectivity If you don't have an IPv6-enabled client, try the tools of SixXS: http://ipv4gate.sixxs.net/ http://www.sixxs.net/ 23
  • 24. More IPv6 Links: Tunnelbrokers (IPv6 for IPv4-only broadband users): - http://tunnelbroker.net/ (by Hurricane Electric) - http://www.sixxs.net/faq/account/?faq=10steps From RIPE #56 - Structural Problems in the IPv6 Routing: http://rosie.ripe.net/ripe/meetings/ripe-56/presentations/uploads/Tuesday/Plenary%2016:00/upl/Schmidt-Structural_problems_in_the - IPv6 PI Space – refer to Gert Dörings Presentation: http://rosie.ripe.net/ripe/meetings/ripe-56/presentations/uploads/Thursday/Address%20Policy%202/upl/Doering-IPv6_Routing_Table_ - Measurement of the IPv6 deployment by Geoff Huston: http://rosie.ripe.net/ripe/meetings/ripe-56/presentations/uploads/Wednesday/Plenary%2009:00/upl/Huston-Measuring_IPv6_Deploym IPv6 BOGON information (use the “Relaxed” template): http://www.space.net/~gert/RIPE/ipv6-filters.html 24
  • 25. History of IPv6 @ SwiNOG - SwiNOG #2 (March 21, 2001) by Simon Leinen, SWITCH: IPv6 Operational Experiences http://www.swinog.ch/meetings/swinog2/leinen-ipv6.ps - SwiNOG #8 (March 24, 2004) by Simon Leinen, SWITCH: IPv6 Peering Group http://www.swinog.ch/meetings/swinog8/ipv6_swinog.pdf - SwiNOG #11 (October 20, 2005) by Jeroen Massar SixXS: Looking at deploying IPv6 http://www.swinog.ch/meetings/swinog11/SwiNOG11-DeployingIPv6.pdf 25
  • 26. Help to deploy IPv6 in Switzerland Europe! - Obtain your IPv6 allocation now - Init7 offers IPv6 connectivity to all existing Colo/Transit customers free of charge according to their current CDR (BGP4 feed or static routing). - Init7 offers IPv6 transit connectivity to non-customers (BGP4 feed only) free of charge until mid of 2009 (Cabling on prospects expense) [Disclaimer: up to a reasonable volume of traffic]. - DSL/Cable customers: no decent IPv6 CPE devices available yet, use Tunnelbrokers until further notice. 26 Blame ... | Fritz | Zyxel | Netopia | ... |
  • 27. IPv6. Now! Questions? Fredy Künzler, AS13030 kuenzler at init7 dot nospam dot net www.init7.net www.blogg.ch www.bgp-and-beyond.com