SlideShare ist ein Scribd-Unternehmen logo

IPv6 Campus Deployment Panel

Shumon Huque
Shumon Huque

IPv6 Campus Deployment Updates panel; University of Pennsylvania (Shumon Huque), IIJ (Randy Bush), U of Hawaii (Alan Whinery) - Joint Techs Workshop; February 2010

Technologie
1 von 34
Downloaden Sie, um offline zu lesen
IPv6 Campus Deployment Updates Shumon Huque University of Pennsylvania Internet2 Joint Techs Conference Salt Lake City, Utah February 1st 2010 1
Campus Deployment Updates Panel • Shumon Huque, University of Pennsylvania • Alan Whinery, University of Hawaii • Randy Bush, Internet Initiative Japan • Focus: move beyond talking about IPv6 just in the network and into applications and services also. 2
Mark Prior’s deployment survey www.mrp.net/IPv6_Survey.html 3
Web Mail DNS NTP XMPP 4
5
More comprehensive examination Would be useful to have a more comprehensive, systematic categorization of IPv6 network & application services available and used at the campuses.What is the list of common applications? Which are IPv6 capable? Are they production or non-production? What is the scope (eg. department, entire campus, etc)? ... These panels may be one way of doing this. 6
Application Services • DNS (authoritative, recursive) • Web (HTTP) • Email (SMTP, POP, IMAP, Submission) • Time services (NTP, SNTP) • Remote Login (SSH,Telnet, ...) • Instant Messaging (XMPP, SIMPLE, ...) • VoIP (SIP or any other protocol based) • Authentication (Kerberos, PKI,Web-ISO systems ..) • Directory (LDAP, ...) 7
More Services • Address Assignment (SLAAC, stateless/stateful DHCPv6) • RA-Guard, SEND, DHCPv6 filtering • Network Management (SNMP) • Traffic accounting, characterization systems (MRTG, Arbor Peakflow, Netflow v9/IPFIX, ...) • IPsec in IPv6 • Disaster Recovery considerations 8
Middleboxes • Firewalls • IDS • VPNs • Server Load Balancers • etc 9
Transition & Coexistence Mechanisms • NAT-PT (deprecated) • NAT64, DNS64 • IVI • Dual Stack Lite • A+P 10
Multi-homing • Provider-Independent (PI, portable) address space? • Future possibilities: • SHIM6 • LISP (Locator/ID Separation Protocol) • IRTF RRG (routing research group) work 11
Network • Border, Core, Distribution, Edge, ... • Percentage of subnets/routed-interfaces • How many server & enduser subnets? • How many of those are outside central IT? • Estimated number of IPv6 capable devices connected to native IPv6 infrastructure • How much native vs tunnelled traffic 12
University of Pennsylvania update 13
Documentation • http://www.upenn.edu/computing/ipv6/ • Penn IPv6 Deployment Strategy paper: • http://www.upenn.edu/computing/ipv6/ strategy.html 14
Penn Deployment Timeline • Initial deployment began in our GigaPoP, MAGPI (late 2002) • Penn campus deployment began 2005 • Work ongoing (of course) 15
MAGPI GigaPoP • PA Address space from Internet2 /40 • Routing: IS-IS, MBGP-4 • Stateless Address Autoconfiguration • Services: DNS, NTP, SSH,Web • Multicast (work in progress) • Provides IPv6 to UPenn, Princeton, NJEdge 16
University campus • Production deployment began 2005 • Started with PA space delegated from MAGPI (2001:468:1802::/48) • Later obtained PI space from ARIN - 2607:f470::/32 • Renumbering still in progress 17
Campus Network • Routing: IS-IS, M-BGP4 • Border, core, & many distribution routers • Growing # of enduser & server subnets • All campus subnets by the end of FY’11? • Engineering School: almost all subnets • drivers: teaching & research; eliminate tunnels 18
External connectivity • Singly homed today via MAGPI and Internet2 • 2 Commercial ISPs: Level-3 & Cogent • examining IPv6 options through them • Level3:“beta” tunneled IPv6 service today, “limited” (?) native service at end of 1Q • Cogent: native or tunneled service today, depending on location & connection type 19
Address Assignment • Servers: static addresses • Endstations • Stateless autoconfig (mainly) • DHCPv6 (planning) 20
Application Services • Campus Wide Production Services: • DNS • NTP • Jabber (XMPP) 21
DNS • Authoritative DNS - ISC BIND • Campus resolver - ISC BIND • DNS Content Management system • Homegrown, custom protocol • Supports AAAA and v6 PTR records 22
Authoritative DNS $ dig @192.5.6.30 +norecurse www.upenn.edu a ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 1895 ;; flags: qr; QUERY: 1, ANSWER: 0, AUTHORITY: 4, ADDITIONAL: 6 ;; AUTHORITY SECTION: upenn.edu. 172800 IN NS dns1.udel.edu. upenn.edu. 172800 IN NS dns2.udel.edu. upenn.edu. 172800 IN NS noc2.dccs.upenn.edu. upenn.edu. 172800 IN NS noc3.dccs.upenn.edu. ;; ADDITIONAL SECTION: dns1.udel.edu. 172800 IN A 128.175.13.16 dns2.udel.edu. 172800 IN A 128.175.13.17 noc2.dccs.upenn.edu. 172800 IN A 128.91.254.1 noc2.dccs.upenn.edu. 172800 IN AAAA 2001:468:1802:102::805b:fe01 noc3.dccs.upenn.edu. 172800 IN A 128.91.251.158 noc3.dccs.upenn.edu. 172800 IN AAAA 2607:f470:1003::3:3 Looking at upenn.edu referral answer from EDU nameservers referralglue 23
DNS resolver service • IPv6 capable campus recursive resolvers available, but ... • No easy way to distribute them (don’t do DHCPv6 yet, and not all clients can even do DHCPv6, like Mac OS X) • If someone asks, we tell them, and they manually configure the addresses 24
Application Services • Services posing impediments: • Web (Akamai)* • E-mail (Message Labs/Symantec) *Disclaimer: I wasn’t involved in Akamaizing the Penn website, and this is probably not the place to discuss the topic of whether querier-specific DNS responses are good or evil, so I’m not going to do that (today). 25
Web ;; QUESTION SECTION: ;www.upenn.edu.!! ! IN!A ;; ANSWER SECTION: www.upenn.edu.! ! 300!IN!CNAME! www.upenn.edu.edgesuite.net. www.upenn.edu.edgesuite.net. 19482 IN! CNAME! a536.g.akamai.net. a536.g.akamai.net.! 20! IN! A! 128.91.34.234 a536.g.akamai.net.! 20! IN! A! 128.91.34.233 Penn website via Akamai IPv4, as viewed from Penn Penn-campus Akamai nodes, located on IPv6 capable network, so IPv6 possible in theory. 26
Web ;; QUESTION SECTION: ;www.upenn.edu.!! ! IN!AAAA ;; ANSWER SECTION: www.upenn.edu.! ! 300!IN!CNAME! www.upenn.edu.edgesuite.net. www.upenn.edu.edgesuite.net. 19482 IN! CNAME! a536.g.akamai.net. Penn website IPv6 view, via Akamai: We had been talking privately with Akamai about a possible trial IPv6 on the Penn campus Akamai nodes. But latest answer (1/28): “No IPv6 rollout plan in the immediate future. However, we’d be glad to work with you in rolling out IPv6 when we start the phased rollout”. No address records returned. No official IPv6 plans have been announced by Akamai. 27
E-mail • Central mail service uses Message Labs • inbound/outbound virus scanning, and SPAM scoring • from our Message Labs rep: “IPv6 is not currently on our roadmap” (June 2009) • Mail access/submission? (IMAP, POP, webmail)? • we might start with these first 28
Application Services • Kerberos • RADIUS • CoSign/Shibboleth (Web ISO, federation) • LDAP 29
Kerberos • Server implementation: MIT Kerberos • Production server names not yet IPv6 addressable • We do have IPv6 specific server names • kerberos{1,2,3}.ipv6.upenn.edu • Users can manually install client side configuration files that use them 30
CoSign • Web ISO system (umich, weblogin.org) • Login server support not there yet • Web application servers can be deployed on IPv6 and will be able to authenticate users with CoSign • Our Shibboleth deployment uses CoSign as IDP (bottleneck) - I’ve heard other work is needed to support it. 31
IPv6-IPv4 Transition • Trial deployment of DualStack Lite on campus, with Comcast & Engineering school faculty, as an experiment/research project. • http://tools.ietf.org/html/draft-ietf-softwire-dual- stack-lite-02 • It’s more likely that Penn will deploy something like NAT64 & DNS64 though, ie. enable v4-only and v6-only devices to communicate. 32
33
Questions/Comments? Shumon Huque shuque [at] upenn.edu 34

Empfohlen

Testing Rolling Roots
Testing Rolling RootsTesting Rolling Roots
Testing Rolling RootsAPNIC
 
OARC 26: Scoring the Root Server System
OARC 26: Scoring the Root Server SystemOARC 26: Scoring the Root Server System
OARC 26: Scoring the Root Server SystemAPNIC
 
Update on IPv6 activity in CERNET2
Update on IPv6 activity in CERNET2Update on IPv6 activity in CERNET2
Update on IPv6 activity in CERNET2APNIC
 
IPv6 in Finland - What Did We Measure?
IPv6 in Finland - What Did We Measure?IPv6 in Finland - What Did We Measure?
IPv6 in Finland - What Did We Measure?RIPE NCC
 
mnNOG 1: Securing internet Routing
mnNOG 1: Securing internet Routing mnNOG 1: Securing internet Routing
mnNOG 1: Securing internet Routing APNIC
 
VNIX-NOG 2021: IPv6 Deployment Update
VNIX-NOG 2021: IPv6 Deployment UpdateVNIX-NOG 2021: IPv6 Deployment Update
VNIX-NOG 2021: IPv6 Deployment UpdateAPNIC
 
28th TWNIC OPM and TWNOG 2017: Security best practices for network operators
28th TWNIC OPM and TWNOG 2017: Security best practices for network operators28th TWNIC OPM and TWNOG 2017: Security best practices for network operators
28th TWNIC OPM and TWNOG 2017: Security best practices for network operatorsAPNIC
 
Welcome to the APNIC Member Gathering, Mongolia
Welcome to the APNIC Member Gathering, MongoliaWelcome to the APNIC Member Gathering, Mongolia
Welcome to the APNIC Member Gathering, MongoliaAPNIC
 

Empfohlen

Testing Rolling Roots
Testing Rolling RootsTesting Rolling Roots
Testing Rolling RootsAPNIC
 
OARC 26: Scoring the Root Server System
OARC 26: Scoring the Root Server SystemOARC 26: Scoring the Root Server System
OARC 26: Scoring the Root Server SystemAPNIC
 
Update on IPv6 activity in CERNET2
Update on IPv6 activity in CERNET2Update on IPv6 activity in CERNET2
Update on IPv6 activity in CERNET2APNIC
 
IPv6 in Finland - What Did We Measure?
IPv6 in Finland - What Did We Measure?IPv6 in Finland - What Did We Measure?
IPv6 in Finland - What Did We Measure?RIPE NCC
 
mnNOG 1: Securing internet Routing
mnNOG 1: Securing internet Routing mnNOG 1: Securing internet Routing
mnNOG 1: Securing internet Routing APNIC
 
VNIX-NOG 2021: IPv6 Deployment Update
VNIX-NOG 2021: IPv6 Deployment UpdateVNIX-NOG 2021: IPv6 Deployment Update
VNIX-NOG 2021: IPv6 Deployment UpdateAPNIC
 
28th TWNIC OPM and TWNOG 2017: Security best practices for network operators
28th TWNIC OPM and TWNOG 2017: Security best practices for network operators28th TWNIC OPM and TWNOG 2017: Security best practices for network operators
28th TWNIC OPM and TWNOG 2017: Security best practices for network operatorsAPNIC
 
Welcome to the APNIC Member Gathering, Mongolia
Welcome to the APNIC Member Gathering, MongoliaWelcome to the APNIC Member Gathering, Mongolia
Welcome to the APNIC Member Gathering, MongoliaAPNIC
 
Extending the Yahoo Streaming Benchmark + MapR Benchmarks
Extending the Yahoo Streaming Benchmark + MapR BenchmarksExtending the Yahoo Streaming Benchmark + MapR Benchmarks
Extending the Yahoo Streaming Benchmark + MapR BenchmarksJamie Grier
 
Measuring IPv6 at Web Clients and Caching Resolvers
Measuring IPv6 at Web Clients and Caching ResolversMeasuring IPv6 at Web Clients and Caching Resolvers
Measuring IPv6 at Web Clients and Caching ResolversRIPE Meetings
 
Rolling the Root Zone DNSSEC Key Signing Key
Rolling the Root Zone DNSSEC Key Signing KeyRolling the Root Zone DNSSEC Key Signing Key
Rolling the Root Zone DNSSEC Key Signing KeyAPNIC
 
IPv6 Deployment Case on a Korean Governmental Website
IPv6 Deployment Case on a Korean Governmental WebsiteIPv6 Deployment Case on a Korean Governmental Website
IPv6 Deployment Case on a Korean Governmental WebsiteAPNIC
 
HSB - Secure DNS en BGP ontwikkelingen - Benno Overeinder
HSB - Secure DNS en BGP ontwikkelingen - Benno OvereinderHSB - Secure DNS en BGP ontwikkelingen - Benno Overeinder
HSB - Secure DNS en BGP ontwikkelingen - Benno OvereinderSplend
 
Iptablesrocks
IptablesrocksIptablesrocks
Iptablesrocksqwer_asdf
 
Kafka Summit SF Apr 26 2016 - Generating Real-time Recommendations with NiFi,...
Kafka Summit SF Apr 26 2016 - Generating Real-time Recommendations with NiFi,...Kafka Summit SF Apr 26 2016 - Generating Real-time Recommendations with NiFi,...
Kafka Summit SF Apr 26 2016 - Generating Real-time Recommendations with NiFi,...Chris Fregly
 
IPv6 and the DNS, RIPE 73
IPv6 and the DNS, RIPE 73IPv6 and the DNS, RIPE 73
IPv6 and the DNS, RIPE 73APNIC
 
Openlab.2014 02-13.major.vi sion
Openlab.2014 02-13.major.vi sionOpenlab.2014 02-13.major.vi sion
Openlab.2014 02-13.major.vi sionCcie Light
 
IPv6 deployment at APNIC
IPv6 deployment at APNICIPv6 deployment at APNIC
IPv6 deployment at APNICAPNIC
 
Data centric mls rhel ecosystem
Data centric mls rhel ecosystemData centric mls rhel ecosystem
Data centric mls rhel ecosysteminside-BigData.com
 
Openstack meetup: Bootstrapping OpenStack to Corporate IT
Openstack meetup: Bootstrapping OpenStack to Corporate ITOpenstack meetup: Bootstrapping OpenStack to Corporate IT
Openstack meetup: Bootstrapping OpenStack to Corporate ITMirantis
 
BSides: BGP Hijacking and Secure Internet Routing
BSides: BGP Hijacking and Secure Internet RoutingBSides: BGP Hijacking and Secure Internet Routing
BSides: BGP Hijacking and Secure Internet RoutingAPNIC
 
OARC 26: Who's asking
OARC 26: Who's askingOARC 26: Who's asking
OARC 26: Who's askingAPNIC
 
HTTP/2: What's new?
HTTP/2: What's new? HTTP/2: What's new?
HTTP/2: What's new? Piet van Dongen
 
PBS and Scheduling at NCI: The past, present and future
PBS and Scheduling at NCI: The past, present and futurePBS and Scheduling at NCI: The past, present and future
PBS and Scheduling at NCI: The past, present and futureinside-BigData.com
 
More specific announcments in BGP
More specific announcments in BGPMore specific announcments in BGP
More specific announcments in BGPAPNIC
 
Ingesting Drone Data into Big Data Platforms
Ingesting Drone Data into Big Data Platforms Ingesting Drone Data into Big Data Platforms
Ingesting Drone Data into Big Data Platforms Timothy Spann
 
Network Automation (Bay Area Juniper Networks Meetup)
Network Automation (Bay Area Juniper Networks Meetup)Network Automation (Bay Area Juniper Networks Meetup)
Network Automation (Bay Area Juniper Networks Meetup)Alejandro Salinas
 
Future Architecture of Streaming Analytics: Capitalizing on the Analytics of ...
Future Architecture of Streaming Analytics: Capitalizing on the Analytics of ...Future Architecture of Streaming Analytics: Capitalizing on the Analytics of ...
Future Architecture of Streaming Analytics: Capitalizing on the Analytics of ...DataWorks Summit
 
MAGPI: Advanced Services: IPv6, Multicast, DNSSEC
MAGPI: Advanced Services: IPv6, Multicast, DNSSECMAGPI: Advanced Services: IPv6, Multicast, DNSSEC
MAGPI: Advanced Services: IPv6, Multicast, DNSSECShumon Huque
 
Tech 2 Tech IPv6 presentation
Tech 2 Tech IPv6 presentationTech 2 Tech IPv6 presentation
Tech 2 Tech IPv6 presentationJisc
 

Weitere ähnliche Inhalte

Was ist angesagt?

Extending the Yahoo Streaming Benchmark + MapR Benchmarks
Extending the Yahoo Streaming Benchmark + MapR BenchmarksExtending the Yahoo Streaming Benchmark + MapR Benchmarks
Extending the Yahoo Streaming Benchmark + MapR BenchmarksJamie Grier
 
Measuring IPv6 at Web Clients and Caching Resolvers
Measuring IPv6 at Web Clients and Caching ResolversMeasuring IPv6 at Web Clients and Caching Resolvers
Measuring IPv6 at Web Clients and Caching ResolversRIPE Meetings
 
Rolling the Root Zone DNSSEC Key Signing Key
Rolling the Root Zone DNSSEC Key Signing KeyRolling the Root Zone DNSSEC Key Signing Key
Rolling the Root Zone DNSSEC Key Signing KeyAPNIC
 
IPv6 Deployment Case on a Korean Governmental Website
IPv6 Deployment Case on a Korean Governmental WebsiteIPv6 Deployment Case on a Korean Governmental Website
IPv6 Deployment Case on a Korean Governmental WebsiteAPNIC
 
HSB - Secure DNS en BGP ontwikkelingen - Benno Overeinder
HSB - Secure DNS en BGP ontwikkelingen - Benno OvereinderHSB - Secure DNS en BGP ontwikkelingen - Benno Overeinder
HSB - Secure DNS en BGP ontwikkelingen - Benno OvereinderSplend
 
Iptablesrocks
IptablesrocksIptablesrocks
Iptablesrocksqwer_asdf
 
Kafka Summit SF Apr 26 2016 - Generating Real-time Recommendations with NiFi,...
Kafka Summit SF Apr 26 2016 - Generating Real-time Recommendations with NiFi,...Kafka Summit SF Apr 26 2016 - Generating Real-time Recommendations with NiFi,...
Kafka Summit SF Apr 26 2016 - Generating Real-time Recommendations with NiFi,...Chris Fregly
 
IPv6 and the DNS, RIPE 73
IPv6 and the DNS, RIPE 73IPv6 and the DNS, RIPE 73
IPv6 and the DNS, RIPE 73APNIC
 
Openlab.2014 02-13.major.vi sion
Openlab.2014 02-13.major.vi sionOpenlab.2014 02-13.major.vi sion
Openlab.2014 02-13.major.vi sionCcie Light
 
IPv6 deployment at APNIC
IPv6 deployment at APNICIPv6 deployment at APNIC
IPv6 deployment at APNICAPNIC
 
Data centric mls rhel ecosystem
Data centric mls rhel ecosystemData centric mls rhel ecosystem
Data centric mls rhel ecosysteminside-BigData.com
 
Openstack meetup: Bootstrapping OpenStack to Corporate IT
Openstack meetup: Bootstrapping OpenStack to Corporate ITOpenstack meetup: Bootstrapping OpenStack to Corporate IT
Openstack meetup: Bootstrapping OpenStack to Corporate ITMirantis
 
BSides: BGP Hijacking and Secure Internet Routing
BSides: BGP Hijacking and Secure Internet RoutingBSides: BGP Hijacking and Secure Internet Routing
BSides: BGP Hijacking and Secure Internet RoutingAPNIC
 
OARC 26: Who's asking
OARC 26: Who's askingOARC 26: Who's asking
OARC 26: Who's askingAPNIC
 
PBS and Scheduling at NCI: The past, present and future
PBS and Scheduling at NCI: The past, present and futurePBS and Scheduling at NCI: The past, present and future
PBS and Scheduling at NCI: The past, present and futureinside-BigData.com
 
More specific announcments in BGP
More specific announcments in BGPMore specific announcments in BGP
More specific announcments in BGPAPNIC
 
Ingesting Drone Data into Big Data Platforms
Ingesting Drone Data into Big Data Platforms Ingesting Drone Data into Big Data Platforms
Ingesting Drone Data into Big Data Platforms Timothy Spann
 
Network Automation (Bay Area Juniper Networks Meetup)
Network Automation (Bay Area Juniper Networks Meetup)Network Automation (Bay Area Juniper Networks Meetup)
Network Automation (Bay Area Juniper Networks Meetup)Alejandro Salinas
 
Future Architecture of Streaming Analytics: Capitalizing on the Analytics of ...
Future Architecture of Streaming Analytics: Capitalizing on the Analytics of ...Future Architecture of Streaming Analytics: Capitalizing on the Analytics of ...
Future Architecture of Streaming Analytics: Capitalizing on the Analytics of ...DataWorks Summit
 

Was ist angesagt? (20)

Extending the Yahoo Streaming Benchmark + MapR Benchmarks
Extending the Yahoo Streaming Benchmark + MapR BenchmarksExtending the Yahoo Streaming Benchmark + MapR Benchmarks
Extending the Yahoo Streaming Benchmark + MapR Benchmarks
 
Measuring IPv6 at Web Clients and Caching Resolvers
Measuring IPv6 at Web Clients and Caching ResolversMeasuring IPv6 at Web Clients and Caching Resolvers
Measuring IPv6 at Web Clients and Caching Resolvers
 
Rolling the Root Zone DNSSEC Key Signing Key
Rolling the Root Zone DNSSEC Key Signing KeyRolling the Root Zone DNSSEC Key Signing Key
Rolling the Root Zone DNSSEC Key Signing Key
 
IPv6 Deployment Case on a Korean Governmental Website
IPv6 Deployment Case on a Korean Governmental WebsiteIPv6 Deployment Case on a Korean Governmental Website
IPv6 Deployment Case on a Korean Governmental Website
 
HSB - Secure DNS en BGP ontwikkelingen - Benno Overeinder
HSB - Secure DNS en BGP ontwikkelingen - Benno OvereinderHSB - Secure DNS en BGP ontwikkelingen - Benno Overeinder
HSB - Secure DNS en BGP ontwikkelingen - Benno Overeinder
 
Iptablesrocks
IptablesrocksIptablesrocks
Iptablesrocks
 
Kafka Summit SF Apr 26 2016 - Generating Real-time Recommendations with NiFi,...
Kafka Summit SF Apr 26 2016 - Generating Real-time Recommendations with NiFi,...Kafka Summit SF Apr 26 2016 - Generating Real-time Recommendations with NiFi,...
Kafka Summit SF Apr 26 2016 - Generating Real-time Recommendations with NiFi,...
 
IPv6 and the DNS, RIPE 73
IPv6 and the DNS, RIPE 73IPv6 and the DNS, RIPE 73
IPv6 and the DNS, RIPE 73
 
Openlab.2014 02-13.major.vi sion
Openlab.2014 02-13.major.vi sionOpenlab.2014 02-13.major.vi sion
Openlab.2014 02-13.major.vi sion
 
IPv6 deployment at APNIC
IPv6 deployment at APNICIPv6 deployment at APNIC
IPv6 deployment at APNIC
 
Data centric mls rhel ecosystem
Data centric mls rhel ecosystemData centric mls rhel ecosystem
Data centric mls rhel ecosystem
 
Openstack meetup: Bootstrapping OpenStack to Corporate IT
Openstack meetup: Bootstrapping OpenStack to Corporate ITOpenstack meetup: Bootstrapping OpenStack to Corporate IT
Openstack meetup: Bootstrapping OpenStack to Corporate IT
 
BSides: BGP Hijacking and Secure Internet Routing
BSides: BGP Hijacking and Secure Internet RoutingBSides: BGP Hijacking and Secure Internet Routing
BSides: BGP Hijacking and Secure Internet Routing
 
OARC 26: Who's asking
OARC 26: Who's askingOARC 26: Who's asking
OARC 26: Who's asking
 
HTTP/2: What's new?
HTTP/2: What's new? HTTP/2: What's new?
HTTP/2: What's new?
 
PBS and Scheduling at NCI: The past, present and future
PBS and Scheduling at NCI: The past, present and futurePBS and Scheduling at NCI: The past, present and future
PBS and Scheduling at NCI: The past, present and future
 
More specific announcments in BGP
More specific announcments in BGPMore specific announcments in BGP
More specific announcments in BGP
 
Ingesting Drone Data into Big Data Platforms
Ingesting Drone Data into Big Data Platforms Ingesting Drone Data into Big Data Platforms
Ingesting Drone Data into Big Data Platforms
 
Network Automation (Bay Area Juniper Networks Meetup)
Network Automation (Bay Area Juniper Networks Meetup)Network Automation (Bay Area Juniper Networks Meetup)
Network Automation (Bay Area Juniper Networks Meetup)
 
Future Architecture of Streaming Analytics: Capitalizing on the Analytics of ...
Future Architecture of Streaming Analytics: Capitalizing on the Analytics of ...Future Architecture of Streaming Analytics: Capitalizing on the Analytics of ...
Future Architecture of Streaming Analytics: Capitalizing on the Analytics of ...
 

Ähnlich wie IPv6 Campus Deployment Panel

MAGPI: Advanced Services: IPv6, Multicast, DNSSEC
MAGPI: Advanced Services: IPv6, Multicast, DNSSECMAGPI: Advanced Services: IPv6, Multicast, DNSSEC
MAGPI: Advanced Services: IPv6, Multicast, DNSSECShumon Huque
 
Tech 2 Tech IPv6 presentation
Tech 2 Tech IPv6 presentationTech 2 Tech IPv6 presentation
Tech 2 Tech IPv6 presentationJisc
 
IPv6 Security Panel (U of Penn)
IPv6 Security Panel (U of Penn)IPv6 Security Panel (U of Penn)
IPv6 Security Panel (U of Penn)Shumon Huque
 
12.00 - Dr. Tim Chown - University of Southampton
12.00 - Dr. Tim Chown - University of Southampton12.00 - Dr. Tim Chown - University of Southampton
12.00 - Dr. Tim Chown - University of SouthamptonIPv6 Summit 2010
 
IPv6 deployment on GridPP & WLCG
IPv6 deployment on GridPP & WLCGIPv6 deployment on GridPP & WLCG
IPv6 deployment on GridPP & WLCGJisc
 
APNIC Update
APNIC Update APNIC Update
APNIC Update APNIC
 
Network research
Network researchNetwork research
Network researchJisc
 
IPv6 Deployment: Why and Why not?
IPv6 Deployment: Why and Why not?IPv6 Deployment: Why and Why not?
IPv6 Deployment: Why and Why not?apnic_slides
 
Challenges in Practicing High Frequency Releases in Cloud Environments
Challenges in Practicing High Frequency Releases in Cloud Environments Challenges in Practicing High Frequency Releases in Cloud Environments
Challenges in Practicing High Frequency Releases in Cloud Environments Liming Zhu
 
The performance of IPv6, by John Brzozowski [APNIC 38 / IPv6 Plenary]
The performance of IPv6, by John Brzozowski [APNIC 38 / IPv6 Plenary]The performance of IPv6, by John Brzozowski [APNIC 38 / IPv6 Plenary]
The performance of IPv6, by John Brzozowski [APNIC 38 / IPv6 Plenary]APNIC
 
Private Network Project for Colleges
Private Network Project for CollegesPrivate Network Project for Colleges
Private Network Project for CollegesAditya Jain
 
02 - IDNOG04 - Sheryl Hermoso (APNIC) - IPv6 Deployment at APNIC
02 - IDNOG04 - Sheryl Hermoso (APNIC) - IPv6 Deployment at APNIC02 - IDNOG04 - Sheryl Hermoso (APNIC) - IPv6 Deployment at APNIC
02 - IDNOG04 - Sheryl Hermoso (APNIC) - IPv6 Deployment at APNICIndonesia Network Operators Group
 
Successes and Challenges of IPv6 Transition at APNIC
Successes and Challenges of IPv6 Transition at APNICSuccesses and Challenges of IPv6 Transition at APNIC
Successes and Challenges of IPv6 Transition at APNICAPNIC
 
ION Ljubljana - Nathalie Trenaman: World IPv6 Launch and RIPE Atlas Visualisa...
ION Ljubljana - Nathalie Trenaman: World IPv6 Launch and RIPE Atlas Visualisa...ION Ljubljana - Nathalie Trenaman: World IPv6 Launch and RIPE Atlas Visualisa...
ION Ljubljana - Nathalie Trenaman: World IPv6 Launch and RIPE Atlas Visualisa...Deploy360 Programme (Internet Society)
 
2012 11-09 facex - i pv6 transition planning-
2012 11-09 facex - i pv6 transition planning-2012 11-09 facex - i pv6 transition planning-
2012 11-09 facex - i pv6 transition planning-Eduardo Coelho
 
Future services on Janet
Future services on JanetFuture services on Janet
Future services on JanetJisc
 
SIPv6 Test Program
SIPv6 Test ProgramSIPv6 Test Program
SIPv6 Test ProgramIMTC
 
IPv6 Deployment: Why and Why not? - HostingCon 2013
IPv6 Deployment: Why and Why not? - HostingCon 2013IPv6 Deployment: Why and Why not? - HostingCon 2013
IPv6 Deployment: Why and Why not? - HostingCon 2013APNIC
 

Ähnlich wie IPv6 Campus Deployment Panel (20)

MAGPI: Advanced Services: IPv6, Multicast, DNSSEC
MAGPI: Advanced Services: IPv6, Multicast, DNSSECMAGPI: Advanced Services: IPv6, Multicast, DNSSEC
MAGPI: Advanced Services: IPv6, Multicast, DNSSEC
 
Tech 2 Tech IPv6 presentation
Tech 2 Tech IPv6 presentationTech 2 Tech IPv6 presentation
Tech 2 Tech IPv6 presentation
 
IPv6 Security Panel (U of Penn)
IPv6 Security Panel (U of Penn)IPv6 Security Panel (U of Penn)
IPv6 Security Panel (U of Penn)
 
12.00 - Dr. Tim Chown - University of Southampton
12.00 - Dr. Tim Chown - University of Southampton12.00 - Dr. Tim Chown - University of Southampton
12.00 - Dr. Tim Chown - University of Southampton
 
IPv6 deployment on GridPP & WLCG
IPv6 deployment on GridPP & WLCGIPv6 deployment on GridPP & WLCG
IPv6 deployment on GridPP & WLCG
 
APNIC Update
APNIC Update APNIC Update
APNIC Update
 
Network research
Network researchNetwork research
Network research
 
IPv6 Deployment: Why and Why not?
IPv6 Deployment: Why and Why not?IPv6 Deployment: Why and Why not?
IPv6 Deployment: Why and Why not?
 
Challenges in Practicing High Frequency Releases in Cloud Environments
Challenges in Practicing High Frequency Releases in Cloud Environments Challenges in Practicing High Frequency Releases in Cloud Environments
Challenges in Practicing High Frequency Releases in Cloud Environments
 
The performance of IPv6, by John Brzozowski [APNIC 38 / IPv6 Plenary]
The performance of IPv6, by John Brzozowski [APNIC 38 / IPv6 Plenary]The performance of IPv6, by John Brzozowski [APNIC 38 / IPv6 Plenary]
The performance of IPv6, by John Brzozowski [APNIC 38 / IPv6 Plenary]
 
Private Network Project for Colleges
Private Network Project for CollegesPrivate Network Project for Colleges
Private Network Project for Colleges
 
02 - IDNOG04 - Sheryl Hermoso (APNIC) - IPv6 Deployment at APNIC
02 - IDNOG04 - Sheryl Hermoso (APNIC) - IPv6 Deployment at APNIC02 - IDNOG04 - Sheryl Hermoso (APNIC) - IPv6 Deployment at APNIC
02 - IDNOG04 - Sheryl Hermoso (APNIC) - IPv6 Deployment at APNIC
 
Successes and Challenges of IPv6 Transition at APNIC
Successes and Challenges of IPv6 Transition at APNICSuccesses and Challenges of IPv6 Transition at APNIC
Successes and Challenges of IPv6 Transition at APNIC
 
ION Ljubljana - Nathalie Trenaman: World IPv6 Launch and RIPE Atlas Visualisa...
ION Ljubljana - Nathalie Trenaman: World IPv6 Launch and RIPE Atlas Visualisa...ION Ljubljana - Nathalie Trenaman: World IPv6 Launch and RIPE Atlas Visualisa...
ION Ljubljana - Nathalie Trenaman: World IPv6 Launch and RIPE Atlas Visualisa...
 
2012 11-09 facex - i pv6 transition planning-
2012 11-09 facex - i pv6 transition planning-2012 11-09 facex - i pv6 transition planning-
2012 11-09 facex - i pv6 transition planning-
 
IPv6 on the Interop Network
IPv6 on the Interop NetworkIPv6 on the Interop Network
IPv6 on the Interop Network
 
Future services on Janet
Future services on JanetFuture services on Janet
Future services on Janet
 
Getting The World IPv6 Enabled
Getting The World IPv6 EnabledGetting The World IPv6 Enabled
Getting The World IPv6 Enabled
 
SIPv6 Test Program
SIPv6 Test ProgramSIPv6 Test Program
SIPv6 Test Program
 
IPv6 Deployment: Why and Why not? - HostingCon 2013
IPv6 Deployment: Why and Why not? - HostingCon 2013IPv6 Deployment: Why and Why not? - HostingCon 2013
IPv6 Deployment: Why and Why not? - HostingCon 2013
 

Mehr von Shumon Huque

DANE and DNSSEC Authentication Chain Extension for TLS
DANE and DNSSEC Authentication Chain Extension for TLSDANE and DNSSEC Authentication Chain Extension for TLS
DANE and DNSSEC Authentication Chain Extension for TLSShumon Huque
 
Client Certificates in DANE TLSA Records
Client Certificates in DANE TLSA RecordsClient Certificates in DANE TLSA Records
Client Certificates in DANE TLSA RecordsShumon Huque
 
Query-name Minimization and Authoritative Server Behavior
Query-name Minimization and Authoritative Server BehaviorQuery-name Minimization and Authoritative Server Behavior
Query-name Minimization and Authoritative Server BehaviorShumon Huque
 
DANE and Application Uses of DNSSEC
DANE and Application Uses of DNSSECDANE and Application Uses of DNSSEC
DANE and Application Uses of DNSSECShumon Huque
 
Hands-on getdns Tutorial
Hands-on getdns TutorialHands-on getdns Tutorial
Hands-on getdns TutorialShumon Huque
 
DANE and Application Uses of DNSSEC
DANE and Application Uses of DNSSECDANE and Application Uses of DNSSEC
DANE and Application Uses of DNSSECShumon Huque
 
IPv6 Tutorial; USENIX LISA 2013
IPv6 Tutorial; USENIX LISA 2013IPv6 Tutorial; USENIX LISA 2013
IPv6 Tutorial; USENIX LISA 2013Shumon Huque
 
DNSSEC Tutorial; USENIX LISA 2013
DNSSEC Tutorial; USENIX LISA 2013DNSSEC Tutorial; USENIX LISA 2013
DNSSEC Tutorial; USENIX LISA 2013Shumon Huque
 
IPv6 Transition in Research & Education
IPv6 Transition in Research & EducationIPv6 Transition in Research & Education
IPv6 Transition in Research & EducationShumon Huque
 
Authorization at Penn
Authorization at PennAuthorization at Penn
Authorization at PennShumon Huque
 
IPv6 Deployment Panel
IPv6 Deployment PanelIPv6 Deployment Panel
IPv6 Deployment PanelShumon Huque
 
A survey of DNSSEC Deployment in the US R&E Community
A survey of DNSSEC Deployment in the US R&E CommunityA survey of DNSSEC Deployment in the US R&E Community
A survey of DNSSEC Deployment in the US R&E CommunityShumon Huque
 
World IPv6 Launch at Penn
World IPv6 Launch at PennWorld IPv6 Launch at Penn
World IPv6 Launch at PennShumon Huque
 
Open Source VoIP at Penn
Open Source VoIP at PennOpen Source VoIP at Penn
Open Source VoIP at PennShumon Huque
 
Kerberos at Penn (MIT Kerberos Consortium)
Kerberos at Penn (MIT Kerberos Consortium)Kerberos at Penn (MIT Kerberos Consortium)
Kerberos at Penn (MIT Kerberos Consortium)Shumon Huque
 
.EDU DNSSEC Testbed - Lessons Learned
.EDU DNSSEC Testbed - Lessons Learned.EDU DNSSEC Testbed - Lessons Learned
.EDU DNSSEC Testbed - Lessons LearnedShumon Huque
 
.EDU DNSSEC Testbed
.EDU DNSSEC Testbed.EDU DNSSEC Testbed
.EDU DNSSEC TestbedShumon Huque
 
Internet2 DNSSEC Pilot
Internet2 DNSSEC PilotInternet2 DNSSEC Pilot
Internet2 DNSSEC PilotShumon Huque
 

Mehr von Shumon Huque (20)

DANE and DNSSEC Authentication Chain Extension for TLS
DANE and DNSSEC Authentication Chain Extension for TLSDANE and DNSSEC Authentication Chain Extension for TLS
DANE and DNSSEC Authentication Chain Extension for TLS
 
Client Certificates in DANE TLSA Records
Client Certificates in DANE TLSA RecordsClient Certificates in DANE TLSA Records
Client Certificates in DANE TLSA Records
 
Query-name Minimization and Authoritative Server Behavior
Query-name Minimization and Authoritative Server BehaviorQuery-name Minimization and Authoritative Server Behavior
Query-name Minimization and Authoritative Server Behavior
 
DANE and Application Uses of DNSSEC
DANE and Application Uses of DNSSECDANE and Application Uses of DNSSEC
DANE and Application Uses of DNSSEC
 
Hands-on getdns Tutorial
Hands-on getdns TutorialHands-on getdns Tutorial
Hands-on getdns Tutorial
 
DANE and Application Uses of DNSSEC
DANE and Application Uses of DNSSECDANE and Application Uses of DNSSEC
DANE and Application Uses of DNSSEC
 
IPv6 Tutorial; USENIX LISA 2013
IPv6 Tutorial; USENIX LISA 2013IPv6 Tutorial; USENIX LISA 2013
IPv6 Tutorial; USENIX LISA 2013
 
DNSSEC Tutorial; USENIX LISA 2013
DNSSEC Tutorial; USENIX LISA 2013DNSSEC Tutorial; USENIX LISA 2013
DNSSEC Tutorial; USENIX LISA 2013
 
IPv6 Transition in Research & Education
IPv6 Transition in Research & EducationIPv6 Transition in Research & Education
IPv6 Transition in Research & Education
 
Authorization at Penn
Authorization at PennAuthorization at Penn
Authorization at Penn
 
IPv6 Deployment Panel
IPv6 Deployment PanelIPv6 Deployment Panel
IPv6 Deployment Panel
 
A survey of DNSSEC Deployment in the US R&E Community
A survey of DNSSEC Deployment in the US R&E CommunityA survey of DNSSEC Deployment in the US R&E Community
A survey of DNSSEC Deployment in the US R&E Community
 
World IPv6 Launch at Penn
World IPv6 Launch at PennWorld IPv6 Launch at Penn
World IPv6 Launch at Penn
 
Open Source VoIP at Penn
Open Source VoIP at PennOpen Source VoIP at Penn
Open Source VoIP at Penn
 
Kerberos at Penn (MIT Kerberos Consortium)
Kerberos at Penn (MIT Kerberos Consortium)Kerberos at Penn (MIT Kerberos Consortium)
Kerberos at Penn (MIT Kerberos Consortium)
 
.EDU DNSSEC Testbed - Lessons Learned
.EDU DNSSEC Testbed - Lessons Learned.EDU DNSSEC Testbed - Lessons Learned
.EDU DNSSEC Testbed - Lessons Learned
 
.EDU DNSSEC Testbed
.EDU DNSSEC Testbed.EDU DNSSEC Testbed
.EDU DNSSEC Testbed
 
DNSSEC at Penn
DNSSEC at PennDNSSEC at Penn
DNSSEC at Penn
 
PennNet and MAGPI
PennNet and MAGPIPennNet and MAGPI
PennNet and MAGPI
 
Internet2 DNSSEC Pilot
Internet2 DNSSEC PilotInternet2 DNSSEC Pilot
Internet2 DNSSEC Pilot
 

Kürzlich hochgeladen

How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slidevu2urc
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Neo4j
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsJoaquim Jorge
 
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessAdvantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessPixlogix Infotech
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 

Kürzlich hochgeladen (20)

How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessAdvantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your Business
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 

IPv6 Campus Deployment Panel

  • 1. IPv6 Campus Deployment Updates Shumon Huque University of Pennsylvania Internet2 Joint Techs Conference Salt Lake City, Utah February 1st 2010 1
  • 2. Campus Deployment Updates Panel • Shumon Huque, University of Pennsylvania • Alan Whinery, University of Hawaii • Randy Bush, Internet Initiative Japan • Focus: move beyond talking about IPv6 just in the network and into applications and services also. 2
  • 3. Mark Prior’s deployment survey www.mrp.net/IPv6_Survey.html 3
  • 4. Web Mail DNS NTP XMPP 4
  • 5. 5
  • 6. More comprehensive examination Would be useful to have a more comprehensive, systematic categorization of IPv6 network & application services available and used at the campuses.What is the list of common applications? Which are IPv6 capable? Are they production or non-production? What is the scope (eg. department, entire campus, etc)? ... These panels may be one way of doing this. 6
  • 7. Application Services • DNS (authoritative, recursive) • Web (HTTP) • Email (SMTP, POP, IMAP, Submission) • Time services (NTP, SNTP) • Remote Login (SSH,Telnet, ...) • Instant Messaging (XMPP, SIMPLE, ...) • VoIP (SIP or any other protocol based) • Authentication (Kerberos, PKI,Web-ISO systems ..) • Directory (LDAP, ...) 7
  • 8. More Services • Address Assignment (SLAAC, stateless/stateful DHCPv6) • RA-Guard, SEND, DHCPv6 filtering • Network Management (SNMP) • Traffic accounting, characterization systems (MRTG, Arbor Peakflow, Netflow v9/IPFIX, ...) • IPsec in IPv6 • Disaster Recovery considerations 8
  • 9. Middleboxes • Firewalls • IDS • VPNs • Server Load Balancers • etc 9
  • 10. Transition & Coexistence Mechanisms • NAT-PT (deprecated) • NAT64, DNS64 • IVI • Dual Stack Lite • A+P 10
  • 11. Multi-homing • Provider-Independent (PI, portable) address space? • Future possibilities: • SHIM6 • LISP (Locator/ID Separation Protocol) • IRTF RRG (routing research group) work 11
  • 12. Network • Border, Core, Distribution, Edge, ... • Percentage of subnets/routed-interfaces • How many server & enduser subnets? • How many of those are outside central IT? • Estimated number of IPv6 capable devices connected to native IPv6 infrastructure • How much native vs tunnelled traffic 12
  • 14. Documentation • http://www.upenn.edu/computing/ipv6/ • Penn IPv6 Deployment Strategy paper: • http://www.upenn.edu/computing/ipv6/ strategy.html 14
  • 15. Penn Deployment Timeline • Initial deployment began in our GigaPoP, MAGPI (late 2002) • Penn campus deployment began 2005 • Work ongoing (of course) 15
  • 16. MAGPI GigaPoP • PA Address space from Internet2 /40 • Routing: IS-IS, MBGP-4 • Stateless Address Autoconfiguration • Services: DNS, NTP, SSH,Web • Multicast (work in progress) • Provides IPv6 to UPenn, Princeton, NJEdge 16
  • 17. University campus • Production deployment began 2005 • Started with PA space delegated from MAGPI (2001:468:1802::/48) • Later obtained PI space from ARIN - 2607:f470::/32 • Renumbering still in progress 17
  • 18. Campus Network • Routing: IS-IS, M-BGP4 • Border, core, & many distribution routers • Growing # of enduser & server subnets • All campus subnets by the end of FY’11? • Engineering School: almost all subnets • drivers: teaching & research; eliminate tunnels 18
  • 19. External connectivity • Singly homed today via MAGPI and Internet2 • 2 Commercial ISPs: Level-3 & Cogent • examining IPv6 options through them • Level3:“beta” tunneled IPv6 service today, “limited” (?) native service at end of 1Q • Cogent: native or tunneled service today, depending on location & connection type 19
  • 20. Address Assignment • Servers: static addresses • Endstations • Stateless autoconfig (mainly) • DHCPv6 (planning) 20
  • 21. Application Services • Campus Wide Production Services: • DNS • NTP • Jabber (XMPP) 21
  • 22. DNS • Authoritative DNS - ISC BIND • Campus resolver - ISC BIND • DNS Content Management system • Homegrown, custom protocol • Supports AAAA and v6 PTR records 22
  • 23. Authoritative DNS $ dig @192.5.6.30 +norecurse www.upenn.edu a ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 1895 ;; flags: qr; QUERY: 1, ANSWER: 0, AUTHORITY: 4, ADDITIONAL: 6 ;; AUTHORITY SECTION: upenn.edu. 172800 IN NS dns1.udel.edu. upenn.edu. 172800 IN NS dns2.udel.edu. upenn.edu. 172800 IN NS noc2.dccs.upenn.edu. upenn.edu. 172800 IN NS noc3.dccs.upenn.edu. ;; ADDITIONAL SECTION: dns1.udel.edu. 172800 IN A 128.175.13.16 dns2.udel.edu. 172800 IN A 128.175.13.17 noc2.dccs.upenn.edu. 172800 IN A 128.91.254.1 noc2.dccs.upenn.edu. 172800 IN AAAA 2001:468:1802:102::805b:fe01 noc3.dccs.upenn.edu. 172800 IN A 128.91.251.158 noc3.dccs.upenn.edu. 172800 IN AAAA 2607:f470:1003::3:3 Looking at upenn.edu referral answer from EDU nameservers referralglue 23
  • 24. DNS resolver service • IPv6 capable campus recursive resolvers available, but ... • No easy way to distribute them (don’t do DHCPv6 yet, and not all clients can even do DHCPv6, like Mac OS X) • If someone asks, we tell them, and they manually configure the addresses 24
  • 25. Application Services • Services posing impediments: • Web (Akamai)* • E-mail (Message Labs/Symantec) *Disclaimer: I wasn’t involved in Akamaizing the Penn website, and this is probably not the place to discuss the topic of whether querier-specific DNS responses are good or evil, so I’m not going to do that (today). 25
  • 26. Web ;; QUESTION SECTION: ;www.upenn.edu.!! ! IN!A ;; ANSWER SECTION: www.upenn.edu.! ! 300!IN!CNAME! www.upenn.edu.edgesuite.net. www.upenn.edu.edgesuite.net. 19482 IN! CNAME! a536.g.akamai.net. a536.g.akamai.net.! 20! IN! A! 128.91.34.234 a536.g.akamai.net.! 20! IN! A! 128.91.34.233 Penn website via Akamai IPv4, as viewed from Penn Penn-campus Akamai nodes, located on IPv6 capable network, so IPv6 possible in theory. 26
  • 27. Web ;; QUESTION SECTION: ;www.upenn.edu.!! ! IN!AAAA ;; ANSWER SECTION: www.upenn.edu.! ! 300!IN!CNAME! www.upenn.edu.edgesuite.net. www.upenn.edu.edgesuite.net. 19482 IN! CNAME! a536.g.akamai.net. Penn website IPv6 view, via Akamai: We had been talking privately with Akamai about a possible trial IPv6 on the Penn campus Akamai nodes. But latest answer (1/28): “No IPv6 rollout plan in the immediate future. However, we’d be glad to work with you in rolling out IPv6 when we start the phased rollout”. No address records returned. No official IPv6 plans have been announced by Akamai. 27
  • 28. E-mail • Central mail service uses Message Labs • inbound/outbound virus scanning, and SPAM scoring • from our Message Labs rep: “IPv6 is not currently on our roadmap” (June 2009) • Mail access/submission? (IMAP, POP, webmail)? • we might start with these first 28
  • 29. Application Services • Kerberos • RADIUS • CoSign/Shibboleth (Web ISO, federation) • LDAP 29
  • 30. Kerberos • Server implementation: MIT Kerberos • Production server names not yet IPv6 addressable • We do have IPv6 specific server names • kerberos{1,2,3}.ipv6.upenn.edu • Users can manually install client side configuration files that use them 30
  • 31. CoSign • Web ISO system (umich, weblogin.org) • Login server support not there yet • Web application servers can be deployed on IPv6 and will be able to authenticate users with CoSign • Our Shibboleth deployment uses CoSign as IDP (bottleneck) - I’ve heard other work is needed to support it. 31
  • 32. IPv6-IPv4 Transition • Trial deployment of DualStack Lite on campus, with Comcast & Engineering school faculty, as an experiment/research project. • http://tools.ietf.org/html/draft-ietf-softwire-dual- stack-lite-02 • It’s more likely that Penn will deploy something like NAT64 & DNS64 though, ie. enable v4-only and v6-only devices to communicate. 32
  • 33. 33