SlideShare ist ein Scribd-Unternehmen logo

Deploying IPv6 - planning, common pitfalls and security-considerations

SpeedPartner GmbH
SpeedPartner GmbH

Date: 2007-09-07 Location: Cologne, Germany Event: GUUG - ECAI6: European Conference on Applied IPv6 2007

Technologie
1 von 23
Downloaden Sie, um offline zu lesen
07.09.07 / Page 1 Deploying IPv6 Stefan Neufeind European Conference on Applied IPv6 Holiday Inn, Cologne Getting your hands wet ... D e p l o y i n g I P v 6 p l a n n i n g , c o m m o n p i t f a l l s a n d s e c u r i t y - c o n s i d e r a t i o n s
07.09.07 / Page 2 Deploying IPv6 Stefan Neufeind European Conference on Applied IPv6 Holiday Inn, Cologne About me Stefan Neufeind From Neuss (near Düsseldorf, Germany) Working for SpeedPartner GmbH (consulting, development, administration) Peering management for / founding member of OpenCarrier e.G. (ISP-association)
07.09.07 / Page 3 Deploying IPv6 Stefan Neufeind European Conference on Applied IPv6 Holiday Inn, Cologne Agenda Levels to consider for deployment Ways to connect Getting IPv6-addresses Address-planning Configuration Aspects to consider when deploying Open part
07.09.07 / Page 4 Deploying IPv6 Stefan Neufeind European Conference on Applied IPv6 Holiday Inn, Cologne Levels to consider for deployment End-users / clients (Linux, Windows, ...) Using services (DNS, Web, Mail, ...) Network equipment Routers, firewalls, ... Servers Offering services Interacting with others
07.09.07 / Page 5 Deploying IPv6 Stefan Neufeind European Conference on Applied IPv6 Holiday Inn, Cologne Ways to connect Migration techniques 6-to-4 Teredo Connectivity in multiple ways Native (datacenter, fixed line, PPPoE, ...) Through tunnels (IPv6-in-IPv4, GRE, L2TP / softwires, ...) Static Tunnel-brokers
07.09.07 / Page 6 Deploying IPv6 Stefan Neufeind European Conference on Applied IPv6 Holiday Inn, Cologne Ways to connect Example for migration technique: 6-to-4 Maps a /48 to each IPv4-address Host encapsulates IPv6-packet in Ipv4 Sends with public IPv4-address to a 6-to-4-gateway Either explicitly configured gateway – or anycast: 192.88.99.1 / 2002:c058:6301:: (RFC3068) 91.184.34.11 2002:5BB8:220B::/48
07.09.07 / Page 7 Deploying IPv6 Stefan Neufeind European Conference on Applied IPv6 Holiday Inn, Cologne Ways to connect Example for migration technique: 6-to-4 „Easy“ But asynchronous And quality might vary (especially with anycast- choosen gateways) And needs public IPv4-address per host (no NAT) A B gate1 gate2 Request, encapsulated in IPv4 Request, native IPv6 Answer, encapsulated in IPv4 Answer, native IPv6
07.09.07 / Page 8 Deploying IPv6 Stefan Neufeind European Conference on Applied IPv6 Holiday Inn, Cologne Ways to connect Example for migration technique: Teredo (only briefly!) Works over UDP-IPv4, also with NAT Teredo client: Only IPv4-connectivity Teredo server: For holepunching (with NAT) Teredo relay: For routing traffic Client-address constructed from Teredo-prefix (2001:0000::/32), NAT-type, UDP-port, NAT public IPv4-address
07.09.07 / Page 9 Deploying IPv6 Stefan Neufeind European Conference on Applied IPv6 Holiday Inn, Cologne Ways to connect Example for migration technique: Teredo (only briefly!) Source: Microsoft TechNet
07.09.07 / Page 10 Deploying IPv6 Stefan Neufeind European Conference on Applied IPv6 Holiday Inn, Cologne Ways to connect Example for tunneled connectity: SixXS Besides other things: IPv6-in-IPv4 with tunnel broker Handle e.g. registration and tunnel discovery Several POPs available Works with „aiccu“-client (available on several platforms including e.g. OpenWRT)
07.09.07 / Page 11 Deploying IPv6 Stefan Neufeind European Conference on Applied IPv6 Holiday Inn, Cologne Ways to connect Example for tunneled connectity: SixXS Statically assigned addresses (/64 and optionally /48) per tunnel Can work with changing Ipv4-addresses „Heartbeat protocol“ allows detection of stale tunnels But requires public Ipv4-address on host
07.09.07 / Page 12 Deploying IPv6 Stefan Neufeind European Conference on Applied IPv6 Holiday Inn, Cologne Getting IPv6 addresses For single client / „small network“: usually /64 prefix from provider assigned dynamically through tunnel/autodiscovery For network: prefix from provider (usually /48 prefix) PI-address-space? Not yet in RIPE-region Proposals were under discussion: http://ripe.net/ripe/meetings/ripe-52/presentations/ ripe52-plenary-ipv6-pi.pdf (by Jordi Palet)
07.09.07 / Page 13 Deploying IPv6 Stefan Neufeind European Conference on Applied IPv6 Holiday Inn, Cologne Address-planning Interesting finding: „There are the same number of /32s in IPv4 space as in IPv6 space.“ :-) (by david.conrad at icann.org on the global-v6-mailinglist) Fixed length of 16 bytes (128bit) Usually noted in 8 groups of each 4 hexadecimal digits Possible to leave out one or more groups of zeros with two colons (::) instead; e.g. 2001:0db8::1
07.09.07 / Page 14 Deploying IPv6 Stefan Neufeind European Conference on Applied IPv6 Holiday Inn, Cologne Address-planning Subnetting usually done on /16-boundary (/32, /48, /64, ...) Minimum /64 if you want to use auto-configuration Subnetting/numbering of hosts up to you. Examples: Sequentially By building/POP, city, country, ... Including VLAN-ID AS-numbers (there are also 32-bit AS-numbers now!) For fun: Why „A5“ in e.g. „2001:7F8:1::A504:1692:1“? Looks like „AS“ ... serious! :-)
07.09.07 / Page 15 Deploying IPv6 Stefan Neufeind European Conference on Applied IPv6 Holiday Inn, Cologne Configuration Routers Basics Interfaces OSPF v3 BGP4-MP Example on Cisco, only new things to configure: ipv6 unicast-routing ipv6 cef interface GigabitEthernet 0/1 ipv6 address 2001:DB8::1/64 no ipv6 redirects ipv6 nd suppress-ra ipv6 ospf 1 area 0 ipv6 router ospf 1 redistribute connected router bgp 65000 address-family ipv6 neighbor 2001:DB8::2 remote-as 65001 neighbor 2001:DB8::2 activate
07.09.07 / Page 16 Deploying IPv6 Stefan Neufeind European Conference on Applied IPv6 Holiday Inn, Cologne Configuration Routers Interfaces Example on Juniper, only new things to configure: interfaces { ge-0/0/0 { unit 1 { family inet6 { address 2001:db8::1/64; } } } }
07.09.07 / Page 17 Deploying IPv6 Stefan Neufeind European Conference on Applied IPv6 Holiday Inn, Cologne Configuration Routers BGP4-MP OSPF v3 Example on Juniper, only new things to configure: protocols { bgp { group peers-kleyrex-v6 { type external; family inet6 { unicast; } neighbor 2001:db8::2 { peer-as 65001; } } ospf3 { export OSPF3; area 0.0.0.1 { interface ge-0/0/0.791; interface ge-0/0/0.792; } } }
07.09.07 / Page 18 Deploying IPv6 Stefan Neufeind European Conference on Applied IPv6 Holiday Inn, Cologne Configuration End-user systems Servers Services DNS / rDNS (as well as RIR-objects) Web- / mailsystems etc. Monitoring / accounting (awstats, netflow/sflow, home-grown tools, ...)
07.09.07 / Page 19 Deploying IPv6 Stefan Neufeind European Conference on Applied IPv6 Holiday Inn, Cologne Configuration Documenting network-relationships in RPSL: Consider separate AS-sets for IPv4 / IPv6 in case of large difference of downstream-size IPv4 / IPv6 mp-import: afi ipv6.unicast from AS34225 accept AS-SPEEDPARTNER mp-export: afi ipv6.unicast to AS34225 announce ANY mp-import: afi ipv6.unicast from AS41692 accept AS-OPENCARRIER6 mp-export: afi ipv6.unicast to AS41692 announce ANY
07.09.07 / Page 20 Deploying IPv6 Stefan Neufeind European Conference on Applied IPv6 Holiday Inn, Cologne Configuration DNS in bind: Reverse-delegation at RIPE: In a normal zone: r1.example.com IN AAAA 2001:db8::1 For reverse-DNS: $ORIGIN 0.0.0.0.0.0.0.0.8.b.d.0.1.0.0.2.ip6.arpa. @ 86400 in SOA ns1.example.com. hostmaster.example.com. ( [...] 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0 1D IN PTR r1.example.com. Domain: 8.b.d.0.1.0.0.2.ip6.arpa admin-c: ABCD-RIPE tech-c: ABCD-RIPE zone-c: ABCD-RIPE nserver: ns1.example.com nserver: ns2.example.com mnt-by: ABCD-MNT
07.09.07 / Page 21 Deploying IPv6 Stefan Neufeind European Conference on Applied IPv6 Holiday Inn, Cologne Aspects to consider when deploying Does your gear support IPv6? In software or hardware? Since what firmware? How stable? Running dual-stack? Performance: Latency/jitter in sub-optimal IPv6-scenarios Export-protocol for monitoring / accounting Sflow? Netflow? Security-aspects (firewalls, ...)
07.09.07 / Page 22 Deploying IPv6 Stefan Neufeind European Conference on Applied IPv6 Holiday Inn, Cologne Links 6to4 with Linux: http://www.wlug.org.nz/6to4 Teredo: http://www.microsoft.com/technet/network/ipv6/teredo.mspx Public 6to4 routers: http://www.kfu.com/~nsayer/6to4/ Collection of IPv6-content: http://www.sixxs.net/misc/coolstuff/ Audio/video, IPv6-IPv4 gateways, IPv6 newsservers IPv6 filter recommendations: http://www.space.net/~gert/RIPE/ipv6-filters.html http://www.cymru.com/Bogons/ipv6.txt
07.09.07 / Page 23 Deploying IPv6 Stefan Neufeind European Conference on Applied IPv6 Holiday Inn, Cologne Thank you! Slides available at: http://talks.speedpartner.de/ Questions? neufeind (at) speedpartner.de

Empfohlen

NAT64 and DNS64 in 30 minutes
NAT64 and DNS64 in 30 minutesNAT64 and DNS64 in 30 minutes
NAT64 and DNS64 in 30 minutesIvan Pepelnjak
 
NAT64 en LACNIC 18: Experimentos con NAT64 sin estado
NAT64 en LACNIC 18: Experimentos con NAT64 sin estadoNAT64 en LACNIC 18: Experimentos con NAT64 sin estado
NAT64 en LACNIC 18: Experimentos con NAT64 sin estadoCarlos Martinez Cagnazzo
 
6Rd
6Rd6Rd
6RdFred Bovy
 
2009 11 06 3gpp Ietf Ipv6 Shanghai Nat64
2009 11 06 3gpp Ietf Ipv6 Shanghai Nat642009 11 06 3gpp Ietf Ipv6 Shanghai Nat64
2009 11 06 3gpp Ietf Ipv6 Shanghai Nat64yacc2000
 
Upcoming internet challenges
Upcoming internet challengesUpcoming internet challenges
Upcoming internet challengesIvan Pepelnjak
 
Robert Raszuk - Technologies for IPv4/IPv6 coexistance
Robert Raszuk - Technologies for IPv4/IPv6 coexistanceRobert Raszuk - Technologies for IPv4/IPv6 coexistance
Robert Raszuk - Technologies for IPv4/IPv6 coexistancePROIDEA
 
Ipv6 course
Ipv6 courseIpv6 course
Ipv6 courserinnocente
 
Ipv6 introduction - MUM 2011 presentation
Ipv6 introduction - MUM 2011 presentationIpv6 introduction - MUM 2011 presentation
Ipv6 introduction - MUM 2011 presentationIDEA4PRO
 

Empfohlen

NAT64 and DNS64 in 30 minutes
NAT64 and DNS64 in 30 minutesNAT64 and DNS64 in 30 minutes
NAT64 and DNS64 in 30 minutesIvan Pepelnjak
 
NAT64 en LACNIC 18: Experimentos con NAT64 sin estado
NAT64 en LACNIC 18: Experimentos con NAT64 sin estadoNAT64 en LACNIC 18: Experimentos con NAT64 sin estado
NAT64 en LACNIC 18: Experimentos con NAT64 sin estadoCarlos Martinez Cagnazzo
 
6Rd
6Rd6Rd
6RdFred Bovy
 
2009 11 06 3gpp Ietf Ipv6 Shanghai Nat64
2009 11 06 3gpp Ietf Ipv6 Shanghai Nat642009 11 06 3gpp Ietf Ipv6 Shanghai Nat64
2009 11 06 3gpp Ietf Ipv6 Shanghai Nat64yacc2000
 
Upcoming internet challenges
Upcoming internet challengesUpcoming internet challenges
Upcoming internet challengesIvan Pepelnjak
 
Robert Raszuk - Technologies for IPv4/IPv6 coexistance
Robert Raszuk - Technologies for IPv4/IPv6 coexistanceRobert Raszuk - Technologies for IPv4/IPv6 coexistance
Robert Raszuk - Technologies for IPv4/IPv6 coexistancePROIDEA
 
Ipv6 course
Ipv6 courseIpv6 course
Ipv6 courserinnocente
 
Ipv6 introduction - MUM 2011 presentation
Ipv6 introduction - MUM 2011 presentationIpv6 introduction - MUM 2011 presentation
Ipv6 introduction - MUM 2011 presentationIDEA4PRO
 
OSDC 2017 - Casey Callendrello -The evolution of the Container Network Interface
OSDC 2017 - Casey Callendrello -The evolution of the Container Network InterfaceOSDC 2017 - Casey Callendrello -The evolution of the Container Network Interface
OSDC 2017 - Casey Callendrello -The evolution of the Container Network InterfaceNETWAYS
 
PLNOG 3: Fredy Kunzler - IPv6. Now!
PLNOG 3: Fredy Kunzler - IPv6. Now!PLNOG 3: Fredy Kunzler - IPv6. Now!
PLNOG 3: Fredy Kunzler - IPv6. Now!PROIDEA
 
CodiLime Tech Talk - Adam Kułagowski: IPv6 - introduction
CodiLime Tech Talk - Adam Kułagowski: IPv6 - introductionCodiLime Tech Talk - Adam Kułagowski: IPv6 - introduction
CodiLime Tech Talk - Adam Kułagowski: IPv6 - introductionCodiLime
 
IPv6 Address Planning
IPv6 Address PlanningIPv6 Address Planning
IPv6 Address PlanningAPNIC
 
Content over IPv6: no excuses
Content over IPv6: no excusesContent over IPv6: no excuses
Content over IPv6: no excusesIvan Pepelnjak
 
Compiling P4 to XDP, IOVISOR Summit 2017
Compiling P4 to XDP, IOVISOR Summit 2017Compiling P4 to XDP, IOVISOR Summit 2017
Compiling P4 to XDP, IOVISOR Summit 2017Cheng-Chun William Tu
 
IPV6 Hands on Lab
IPV6 Hands on Lab IPV6 Hands on Lab
IPV6 Hands on Lab Cisco Canada
 
Data Plane and VNF Acceleration Mini Summit
Data Plane and VNF Acceleration Mini Summit Data Plane and VNF Acceleration Mini Summit
Data Plane and VNF Acceleration Mini Summit Open-NFP
 
Future protocol IP v6
Future protocol IP v6Future protocol IP v6
Future protocol IP v6Manesh Sharma
 
NAT_Final
NAT_FinalNAT_Final
NAT_FinalPratik Bhide
 
The IPv6-Only Network
The IPv6-Only NetworkThe IPv6-Only Network
The IPv6-Only NetworkAPNIC
 
Getting started with IPv6
Getting started with IPv6Getting started with IPv6
Getting started with IPv6Private
 
IPv6 Transition & Deployment, including IPv6-only in cellular and broadband
IPv6 Transition & Deployment, including IPv6-only in cellular and broadbandIPv6 Transition & Deployment, including IPv6-only in cellular and broadband
IPv6 Transition & Deployment, including IPv6-only in cellular and broadbandAPNIC
 
Introduction to IPv6
Introduction to IPv6Introduction to IPv6
Introduction to IPv6Sara Q. Abedulridha
 
LF_DPDK17_GRO/GSO Libraries: Bring Significant Performance Gains to DPDK-base...
LF_DPDK17_GRO/GSO Libraries: Bring Significant Performance Gains to DPDK-base...LF_DPDK17_GRO/GSO Libraries: Bring Significant Performance Gains to DPDK-base...
LF_DPDK17_GRO/GSO Libraries: Bring Significant Performance Gains to DPDK-base...LF_DPDK
 
Basic of IPv6
Basic of IPv6Basic of IPv6
Basic of IPv6Jubin Aghara
 
IPv6_Quick_Start_Guide
IPv6_Quick_Start_GuideIPv6_Quick_Start_Guide
IPv6_Quick_Start_GuideParthiban Nallathambi
 
ipv4 to 6
ipv4 to 6ipv4 to 6
ipv4 to 6Bhrigu Raj Sharma
 
Cisco presentation2
Cisco presentation2Cisco presentation2
Cisco presentation2ehsan nazer
 
IPv6 next generation protocol
IPv6 next generation protocolIPv6 next generation protocol
IPv6 next generation protocolRupshanker Mishra
 
IPv6 In z/VSE:IBM z/VSE Live Virtual Class 2012
IPv6 In z/VSE:IBM z/VSE Live Virtual Class 2012IPv6 In z/VSE:IBM z/VSE Live Virtual Class 2012
IPv6 In z/VSE:IBM z/VSE Live Virtual Class 2012IBM India Smarter Computing
 
June 2004 IPv6 – Hands on
June 2004 IPv6 – Hands on June 2004 IPv6 – Hands on
June 2004 IPv6 – Hands on Videoguy
 

Weitere ähnliche Inhalte

Was ist angesagt?

OSDC 2017 - Casey Callendrello -The evolution of the Container Network Interface
OSDC 2017 - Casey Callendrello -The evolution of the Container Network InterfaceOSDC 2017 - Casey Callendrello -The evolution of the Container Network Interface
OSDC 2017 - Casey Callendrello -The evolution of the Container Network InterfaceNETWAYS
 
PLNOG 3: Fredy Kunzler - IPv6. Now!
PLNOG 3: Fredy Kunzler - IPv6. Now!PLNOG 3: Fredy Kunzler - IPv6. Now!
PLNOG 3: Fredy Kunzler - IPv6. Now!PROIDEA
 
CodiLime Tech Talk - Adam Kułagowski: IPv6 - introduction
CodiLime Tech Talk - Adam Kułagowski: IPv6 - introductionCodiLime Tech Talk - Adam Kułagowski: IPv6 - introduction
CodiLime Tech Talk - Adam Kułagowski: IPv6 - introductionCodiLime
 
IPv6 Address Planning
IPv6 Address PlanningIPv6 Address Planning
IPv6 Address PlanningAPNIC
 
Content over IPv6: no excuses
Content over IPv6: no excusesContent over IPv6: no excuses
Content over IPv6: no excusesIvan Pepelnjak
 
Compiling P4 to XDP, IOVISOR Summit 2017
Compiling P4 to XDP, IOVISOR Summit 2017Compiling P4 to XDP, IOVISOR Summit 2017
Compiling P4 to XDP, IOVISOR Summit 2017Cheng-Chun William Tu
 
IPV6 Hands on Lab
IPV6 Hands on Lab IPV6 Hands on Lab
IPV6 Hands on Lab Cisco Canada
 
Data Plane and VNF Acceleration Mini Summit
Data Plane and VNF Acceleration Mini Summit Data Plane and VNF Acceleration Mini Summit
Data Plane and VNF Acceleration Mini Summit Open-NFP
 
Future protocol IP v6
Future protocol IP v6Future protocol IP v6
Future protocol IP v6Manesh Sharma
 
The IPv6-Only Network
The IPv6-Only NetworkThe IPv6-Only Network
The IPv6-Only NetworkAPNIC
 
Getting started with IPv6
Getting started with IPv6Getting started with IPv6
Getting started with IPv6Private
 
IPv6 Transition & Deployment, including IPv6-only in cellular and broadband
IPv6 Transition & Deployment, including IPv6-only in cellular and broadbandIPv6 Transition & Deployment, including IPv6-only in cellular and broadband
IPv6 Transition & Deployment, including IPv6-only in cellular and broadbandAPNIC
 
LF_DPDK17_GRO/GSO Libraries: Bring Significant Performance Gains to DPDK-base...
LF_DPDK17_GRO/GSO Libraries: Bring Significant Performance Gains to DPDK-base...LF_DPDK17_GRO/GSO Libraries: Bring Significant Performance Gains to DPDK-base...
LF_DPDK17_GRO/GSO Libraries: Bring Significant Performance Gains to DPDK-base...LF_DPDK
 
Cisco presentation2
Cisco presentation2Cisco presentation2
Cisco presentation2ehsan nazer
 
IPv6 next generation protocol
IPv6 next generation protocolIPv6 next generation protocol
IPv6 next generation protocolRupshanker Mishra
 

Was ist angesagt? (20)

OSDC 2017 - Casey Callendrello -The evolution of the Container Network Interface
OSDC 2017 - Casey Callendrello -The evolution of the Container Network InterfaceOSDC 2017 - Casey Callendrello -The evolution of the Container Network Interface
OSDC 2017 - Casey Callendrello -The evolution of the Container Network Interface
 
PLNOG 3: Fredy Kunzler - IPv6. Now!
PLNOG 3: Fredy Kunzler - IPv6. Now!PLNOG 3: Fredy Kunzler - IPv6. Now!
PLNOG 3: Fredy Kunzler - IPv6. Now!
 
CodiLime Tech Talk - Adam Kułagowski: IPv6 - introduction
CodiLime Tech Talk - Adam Kułagowski: IPv6 - introductionCodiLime Tech Talk - Adam Kułagowski: IPv6 - introduction
CodiLime Tech Talk - Adam Kułagowski: IPv6 - introduction
 
IPv6 Address Planning
IPv6 Address PlanningIPv6 Address Planning
IPv6 Address Planning
 
Content over IPv6: no excuses
Content over IPv6: no excusesContent over IPv6: no excuses
Content over IPv6: no excuses
 
Compiling P4 to XDP, IOVISOR Summit 2017
Compiling P4 to XDP, IOVISOR Summit 2017Compiling P4 to XDP, IOVISOR Summit 2017
Compiling P4 to XDP, IOVISOR Summit 2017
 
IPV6 Hands on Lab
IPV6 Hands on Lab IPV6 Hands on Lab
IPV6 Hands on Lab
 
Data Plane and VNF Acceleration Mini Summit
Data Plane and VNF Acceleration Mini Summit Data Plane and VNF Acceleration Mini Summit
Data Plane and VNF Acceleration Mini Summit
 
Future protocol IP v6
Future protocol IP v6Future protocol IP v6
Future protocol IP v6
 
NAT_Final
NAT_FinalNAT_Final
NAT_Final
 
The IPv6-Only Network
The IPv6-Only NetworkThe IPv6-Only Network
The IPv6-Only Network
 
Getting started with IPv6
Getting started with IPv6Getting started with IPv6
Getting started with IPv6
 
IPv6 Transition & Deployment, including IPv6-only in cellular and broadband
IPv6 Transition & Deployment, including IPv6-only in cellular and broadbandIPv6 Transition & Deployment, including IPv6-only in cellular and broadband
IPv6 Transition & Deployment, including IPv6-only in cellular and broadband
 
Introduction to IPv6
Introduction to IPv6Introduction to IPv6
Introduction to IPv6
 
LF_DPDK17_GRO/GSO Libraries: Bring Significant Performance Gains to DPDK-base...
LF_DPDK17_GRO/GSO Libraries: Bring Significant Performance Gains to DPDK-base...LF_DPDK17_GRO/GSO Libraries: Bring Significant Performance Gains to DPDK-base...
LF_DPDK17_GRO/GSO Libraries: Bring Significant Performance Gains to DPDK-base...
 
Basic of IPv6
Basic of IPv6Basic of IPv6
Basic of IPv6
 
IPv6_Quick_Start_Guide
IPv6_Quick_Start_GuideIPv6_Quick_Start_Guide
IPv6_Quick_Start_Guide
 
ipv4 to 6
ipv4 to 6ipv4 to 6
ipv4 to 6
 
Cisco presentation2
Cisco presentation2Cisco presentation2
Cisco presentation2
 
IPv6 next generation protocol
IPv6 next generation protocolIPv6 next generation protocol
IPv6 next generation protocol
 

Ähnlich wie Deploying IPv6 - planning, common pitfalls and security-considerations

June 2004 IPv6 – Hands on
June 2004 IPv6 – Hands on June 2004 IPv6 – Hands on
June 2004 IPv6 – Hands on Videoguy
 
Academia Service Network: IPv6 Status Report
Academia Service Network: IPv6 Status ReportAcademia Service Network: IPv6 Status Report
Academia Service Network: IPv6 Status ReportEthern Lin
 
Get Ready For Ipv6
Get Ready For Ipv6Get Ready For Ipv6
Get Ready For Ipv6technext1
 
Get Ready For Ipv6
Get Ready For Ipv6Get Ready For Ipv6
Get Ready For Ipv6Rishu Mehra
 
Fb i pv6-sparchimanv1.0
Fb i pv6-sparchimanv1.0Fb i pv6-sparchimanv1.0
Fb i pv6-sparchimanv1.0Fred Bovy
 
TBE036 - IPV6 Solution ed06b.pptx
TBE036 - IPV6 Solution ed06b.pptxTBE036 - IPV6 Solution ed06b.pptx
TBE036 - IPV6 Solution ed06b.pptxLuisGarcia289543
 
Ceph Day Amsterdam 2015 - Ceph over IPv6
Ceph Day Amsterdam 2015 - Ceph over IPv6 Ceph Day Amsterdam 2015 - Ceph over IPv6
Ceph Day Amsterdam 2015 - Ceph over IPv6 Ceph Community
 
Academia Sinica IPv6 Status Report
Academia Sinica IPv6 Status ReportAcademia Sinica IPv6 Status Report
Academia Sinica IPv6 Status ReportEthern Lin
 
50 billion connected wireless devices... IPv6, anyone?: Fredrik Garneij, Syst...
50 billion connected wireless devices... IPv6, anyone?: Fredrik Garneij, Syst...50 billion connected wireless devices... IPv6, anyone?: Fredrik Garneij, Syst...
50 billion connected wireless devices... IPv6, anyone?: Fredrik Garneij, Syst...IPv6no
 
I pv6 tutorial
I pv6 tutorialI pv6 tutorial
I pv6 tutorialFred Bovy
 

Ähnlich wie Deploying IPv6 - planning, common pitfalls and security-considerations (20)

IPv6 In z/VSE:IBM z/VSE Live Virtual Class 2012
IPv6 In z/VSE:IBM z/VSE Live Virtual Class 2012IPv6 In z/VSE:IBM z/VSE Live Virtual Class 2012
IPv6 In z/VSE:IBM z/VSE Live Virtual Class 2012
 
June 2004 IPv6 – Hands on
June 2004 IPv6 – Hands on June 2004 IPv6 – Hands on
June 2004 IPv6 – Hands on
 
Academia Service Network: IPv6 Status Report
Academia Service Network: IPv6 Status ReportAcademia Service Network: IPv6 Status Report
Academia Service Network: IPv6 Status Report
 
IPv6
IPv6IPv6
IPv6
 
Get Ready For Ipv6
Get Ready For Ipv6Get Ready For Ipv6
Get Ready For Ipv6
 
Get Ready For Ipv6
Get Ready For Ipv6Get Ready For Ipv6
Get Ready For Ipv6
 
Fb i pv6-sparchimanv1.0
Fb i pv6-sparchimanv1.0Fb i pv6-sparchimanv1.0
Fb i pv6-sparchimanv1.0
 
3hows
3hows3hows
3hows
 
CCNA CHAPTER 16 BY jetarvind kumar madhukar
CCNA CHAPTER 16 BY jetarvind kumar madhukarCCNA CHAPTER 16 BY jetarvind kumar madhukar
CCNA CHAPTER 16 BY jetarvind kumar madhukar
 
TBE036 - IPV6 Solution ed06b.pptx
TBE036 - IPV6 Solution ed06b.pptxTBE036 - IPV6 Solution ed06b.pptx
TBE036 - IPV6 Solution ed06b.pptx
 
Ceph Day Amsterdam 2015 - Ceph over IPv6
Ceph Day Amsterdam 2015 - Ceph over IPv6 Ceph Day Amsterdam 2015 - Ceph over IPv6
Ceph Day Amsterdam 2015 - Ceph over IPv6
 
Academia Sinica IPv6 Status Report
Academia Sinica IPv6 Status ReportAcademia Sinica IPv6 Status Report
Academia Sinica IPv6 Status Report
 
Icnd210 s07l02
Icnd210 s07l02Icnd210 s07l02
Icnd210 s07l02
 
I pv6
I pv6I pv6
I pv6
 
IPV6
IPV6 IPV6
IPV6
 
50 billion connected wireless devices... IPv6, anyone?: Fredrik Garneij, Syst...
50 billion connected wireless devices... IPv6, anyone?: Fredrik Garneij, Syst...50 billion connected wireless devices... IPv6, anyone?: Fredrik Garneij, Syst...
50 billion connected wireless devices... IPv6, anyone?: Fredrik Garneij, Syst...
 
mpls CNNA.pdf
mpls CNNA.pdfmpls CNNA.pdf
mpls CNNA.pdf
 
I pv6 tutorial
I pv6 tutorialI pv6 tutorial
I pv6 tutorial
 
NAT Traversal
NAT TraversalNAT Traversal
NAT Traversal
 
Gogo6 I Pv6 Access 2010 Sahara
Gogo6 I Pv6 Access 2010 SaharaGogo6 I Pv6 Access 2010 Sahara
Gogo6 I Pv6 Access 2010 Sahara
 

Mehr von SpeedPartner GmbH

Extbase/Fluid: Kennenlernen und ausprobieren
Extbase/Fluid: Kennenlernen und ausprobierenExtbase/Fluid: Kennenlernen und ausprobieren
Extbase/Fluid: Kennenlernen und ausprobierenSpeedPartner GmbH
 
Professional reports with SVG
Professional reports with SVGProfessional reports with SVG
Professional reports with SVGSpeedPartner GmbH
 
XUL - The future of user-interfaces on the web
XUL - The future of user-interfaces on the webXUL - The future of user-interfaces on the web
XUL - The future of user-interfaces on the webSpeedPartner GmbH
 
Websockets: Leichtgewichtige Verbindungen für Web-Applikationen
Websockets: Leichtgewichtige Verbindungen für Web-ApplikationenWebsockets: Leichtgewichtige Verbindungen für Web-Applikationen
Websockets: Leichtgewichtige Verbindungen für Web-ApplikationenSpeedPartner GmbH
 
Web-Performance-Optimierung mit varnish
Web-Performance-Optimierung mit varnishWeb-Performance-Optimierung mit varnish
Web-Performance-Optimierung mit varnishSpeedPartner GmbH
 
System-Management-Trio: Zentrale Verwaltung mit facter, puppet und augeas
System-Management-Trio: Zentrale Verwaltung mit facter, puppet und augeasSystem-Management-Trio: Zentrale Verwaltung mit facter, puppet und augeas
System-Management-Trio: Zentrale Verwaltung mit facter, puppet und augeasSpeedPartner GmbH
 
.EU – eine neue Top-Level-Domain
.EU – eine neue Top-Level-Domain.EU – eine neue Top-Level-Domain
.EU – eine neue Top-Level-DomainSpeedPartner GmbH
 
Leben und Arbeiten in einer Community
Leben und Arbeiten in einer CommunityLeben und Arbeiten in einer Community
Leben und Arbeiten in einer CommunitySpeedPartner GmbH
 
System-Management-Trio: Zentrale Verwaltung mit facter, puppet und augeas
System-Management-Trio: Zentrale Verwaltung mit facter, puppet und augeasSystem-Management-Trio: Zentrale Verwaltung mit facter, puppet und augeas
System-Management-Trio: Zentrale Verwaltung mit facter, puppet und augeasSpeedPartner GmbH
 
Sicherer Wegweiser im Internet: DNSSEC im praktischen Einsatz
Sicherer Wegweiser im Internet: DNSSEC im praktischen EinsatzSicherer Wegweiser im Internet: DNSSEC im praktischen Einsatz
Sicherer Wegweiser im Internet: DNSSEC im praktischen EinsatzSpeedPartner GmbH
 
System-Management-Trio: Zentrale Verwaltung mit facter, puppet und augeas
System-Management-Trio: Zentrale Verwaltung mit facter, puppet und augeasSystem-Management-Trio: Zentrale Verwaltung mit facter, puppet und augeas
System-Management-Trio: Zentrale Verwaltung mit facter, puppet und augeasSpeedPartner GmbH
 
Web-Performance-Optimierung mit varnish
Web-Performance-Optimierung mit varnishWeb-Performance-Optimierung mit varnish
Web-Performance-Optimierung mit varnishSpeedPartner GmbH
 
System-Management-Trio: Zentrale Verwaltung mit facter, puppet und augeas
System-Management-Trio: Zentrale Verwaltung mit facter, puppet und augeasSystem-Management-Trio: Zentrale Verwaltung mit facter, puppet und augeas
System-Management-Trio: Zentrale Verwaltung mit facter, puppet und augeasSpeedPartner GmbH
 
Sicherer Wegweiser im Internet: DNSSEC im praktischen Einsatz
Sicherer Wegweiser im Internet: DNSSEC im praktischen EinsatzSicherer Wegweiser im Internet: DNSSEC im praktischen Einsatz
Sicherer Wegweiser im Internet: DNSSEC im praktischen EinsatzSpeedPartner GmbH
 

Mehr von SpeedPartner GmbH (20)

Extbase/Fluid: Kennenlernen und ausprobieren
Extbase/Fluid: Kennenlernen und ausprobierenExtbase/Fluid: Kennenlernen und ausprobieren
Extbase/Fluid: Kennenlernen und ausprobieren
 
Professional reports with SVG
Professional reports with SVGProfessional reports with SVG
Professional reports with SVG
 
Secure PHP environment
Secure PHP environmentSecure PHP environment
Secure PHP environment
 
XUL - The future of user-interfaces on the web
XUL - The future of user-interfaces on the webXUL - The future of user-interfaces on the web
XUL - The future of user-interfaces on the web
 
PHP-Applikationen mit PEAR
PHP-Applikationen mit PEARPHP-Applikationen mit PEAR
PHP-Applikationen mit PEAR
 
PHP-Entwicklung mit PEAR
PHP-Entwicklung mit PEARPHP-Entwicklung mit PEAR
PHP-Entwicklung mit PEAR
 
Websockets: Leichtgewichtige Verbindungen für Web-Applikationen
Websockets: Leichtgewichtige Verbindungen für Web-ApplikationenWebsockets: Leichtgewichtige Verbindungen für Web-Applikationen
Websockets: Leichtgewichtige Verbindungen für Web-Applikationen
 
Web-Performance-Optimierung mit varnish
Web-Performance-Optimierung mit varnishWeb-Performance-Optimierung mit varnish
Web-Performance-Optimierung mit varnish
 
System-Management-Trio: Zentrale Verwaltung mit facter, puppet und augeas
System-Management-Trio: Zentrale Verwaltung mit facter, puppet und augeasSystem-Management-Trio: Zentrale Verwaltung mit facter, puppet und augeas
System-Management-Trio: Zentrale Verwaltung mit facter, puppet und augeas
 
News from PEAR
News from PEARNews from PEAR
News from PEAR
 
PEAR - An introduction
PEAR - An introductionPEAR - An introduction
PEAR - An introduction
 
Suchmaschinen-Optimierung
Suchmaschinen-OptimierungSuchmaschinen-Optimierung
Suchmaschinen-Optimierung
 
.EU – eine neue Top-Level-Domain
.EU – eine neue Top-Level-Domain.EU – eine neue Top-Level-Domain
.EU – eine neue Top-Level-Domain
 
Leben und Arbeiten in einer Community
Leben und Arbeiten in einer CommunityLeben und Arbeiten in einer Community
Leben und Arbeiten in einer Community
 
System-Management-Trio: Zentrale Verwaltung mit facter, puppet und augeas
System-Management-Trio: Zentrale Verwaltung mit facter, puppet und augeasSystem-Management-Trio: Zentrale Verwaltung mit facter, puppet und augeas
System-Management-Trio: Zentrale Verwaltung mit facter, puppet und augeas
 
Sicherer Wegweiser im Internet: DNSSEC im praktischen Einsatz
Sicherer Wegweiser im Internet: DNSSEC im praktischen EinsatzSicherer Wegweiser im Internet: DNSSEC im praktischen Einsatz
Sicherer Wegweiser im Internet: DNSSEC im praktischen Einsatz
 
System-Management-Trio: Zentrale Verwaltung mit facter, puppet und augeas
System-Management-Trio: Zentrale Verwaltung mit facter, puppet und augeasSystem-Management-Trio: Zentrale Verwaltung mit facter, puppet und augeas
System-Management-Trio: Zentrale Verwaltung mit facter, puppet und augeas
 
Web-Performance-Optimierung mit varnish
Web-Performance-Optimierung mit varnishWeb-Performance-Optimierung mit varnish
Web-Performance-Optimierung mit varnish
 
System-Management-Trio: Zentrale Verwaltung mit facter, puppet und augeas
System-Management-Trio: Zentrale Verwaltung mit facter, puppet und augeasSystem-Management-Trio: Zentrale Verwaltung mit facter, puppet und augeas
System-Management-Trio: Zentrale Verwaltung mit facter, puppet und augeas
 
Sicherer Wegweiser im Internet: DNSSEC im praktischen Einsatz
Sicherer Wegweiser im Internet: DNSSEC im praktischen EinsatzSicherer Wegweiser im Internet: DNSSEC im praktischen Einsatz
Sicherer Wegweiser im Internet: DNSSEC im praktischen Einsatz
 

Kürzlich hochgeladen

How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?Igalia
 
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...Principled Technologies
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAndrey Devyatkin
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businesspanagenda
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUK Journal
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CVKhem
 
Manulife - Insurer Innovation Award 2024
Manulife - Insurer Innovation Award 2024Manulife - Insurer Innovation Award 2024
Manulife - Insurer Innovation Award 2024The Digital Insurer
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobeapidays
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Scriptwesley chun
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...apidays
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodJuan lago vázquez
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherRemote DBA Services
 

Kürzlich hochgeladen (20)

How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
 
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
 
Manulife - Insurer Innovation Award 2024
Manulife - Insurer Innovation Award 2024Manulife - Insurer Innovation Award 2024
Manulife - Insurer Innovation Award 2024
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 

Deploying IPv6 - planning, common pitfalls and security-considerations

  • 1. 07.09.07 / Page 1 Deploying IPv6 Stefan Neufeind European Conference on Applied IPv6 Holiday Inn, Cologne Getting your hands wet ... D e p l o y i n g I P v 6 p l a n n i n g , c o m m o n p i t f a l l s a n d s e c u r i t y - c o n s i d e r a t i o n s
  • 2. 07.09.07 / Page 2 Deploying IPv6 Stefan Neufeind European Conference on Applied IPv6 Holiday Inn, Cologne About me Stefan Neufeind From Neuss (near Düsseldorf, Germany) Working for SpeedPartner GmbH (consulting, development, administration) Peering management for / founding member of OpenCarrier e.G. (ISP-association)
  • 3. 07.09.07 / Page 3 Deploying IPv6 Stefan Neufeind European Conference on Applied IPv6 Holiday Inn, Cologne Agenda Levels to consider for deployment Ways to connect Getting IPv6-addresses Address-planning Configuration Aspects to consider when deploying Open part
  • 4. 07.09.07 / Page 4 Deploying IPv6 Stefan Neufeind European Conference on Applied IPv6 Holiday Inn, Cologne Levels to consider for deployment End-users / clients (Linux, Windows, ...) Using services (DNS, Web, Mail, ...) Network equipment Routers, firewalls, ... Servers Offering services Interacting with others
  • 5. 07.09.07 / Page 5 Deploying IPv6 Stefan Neufeind European Conference on Applied IPv6 Holiday Inn, Cologne Ways to connect Migration techniques 6-to-4 Teredo Connectivity in multiple ways Native (datacenter, fixed line, PPPoE, ...) Through tunnels (IPv6-in-IPv4, GRE, L2TP / softwires, ...) Static Tunnel-brokers
  • 6. 07.09.07 / Page 6 Deploying IPv6 Stefan Neufeind European Conference on Applied IPv6 Holiday Inn, Cologne Ways to connect Example for migration technique: 6-to-4 Maps a /48 to each IPv4-address Host encapsulates IPv6-packet in Ipv4 Sends with public IPv4-address to a 6-to-4-gateway Either explicitly configured gateway – or anycast: 192.88.99.1 / 2002:c058:6301:: (RFC3068) 91.184.34.11 2002:5BB8:220B::/48
  • 7. 07.09.07 / Page 7 Deploying IPv6 Stefan Neufeind European Conference on Applied IPv6 Holiday Inn, Cologne Ways to connect Example for migration technique: 6-to-4 „Easy“ But asynchronous And quality might vary (especially with anycast- choosen gateways) And needs public IPv4-address per host (no NAT) A B gate1 gate2 Request, encapsulated in IPv4 Request, native IPv6 Answer, encapsulated in IPv4 Answer, native IPv6
  • 8. 07.09.07 / Page 8 Deploying IPv6 Stefan Neufeind European Conference on Applied IPv6 Holiday Inn, Cologne Ways to connect Example for migration technique: Teredo (only briefly!) Works over UDP-IPv4, also with NAT Teredo client: Only IPv4-connectivity Teredo server: For holepunching (with NAT) Teredo relay: For routing traffic Client-address constructed from Teredo-prefix (2001:0000::/32), NAT-type, UDP-port, NAT public IPv4-address
  • 9. 07.09.07 / Page 9 Deploying IPv6 Stefan Neufeind European Conference on Applied IPv6 Holiday Inn, Cologne Ways to connect Example for migration technique: Teredo (only briefly!) Source: Microsoft TechNet
  • 10. 07.09.07 / Page 10 Deploying IPv6 Stefan Neufeind European Conference on Applied IPv6 Holiday Inn, Cologne Ways to connect Example for tunneled connectity: SixXS Besides other things: IPv6-in-IPv4 with tunnel broker Handle e.g. registration and tunnel discovery Several POPs available Works with „aiccu“-client (available on several platforms including e.g. OpenWRT)
  • 11. 07.09.07 / Page 11 Deploying IPv6 Stefan Neufeind European Conference on Applied IPv6 Holiday Inn, Cologne Ways to connect Example for tunneled connectity: SixXS Statically assigned addresses (/64 and optionally /48) per tunnel Can work with changing Ipv4-addresses „Heartbeat protocol“ allows detection of stale tunnels But requires public Ipv4-address on host
  • 12. 07.09.07 / Page 12 Deploying IPv6 Stefan Neufeind European Conference on Applied IPv6 Holiday Inn, Cologne Getting IPv6 addresses For single client / „small network“: usually /64 prefix from provider assigned dynamically through tunnel/autodiscovery For network: prefix from provider (usually /48 prefix) PI-address-space? Not yet in RIPE-region Proposals were under discussion: http://ripe.net/ripe/meetings/ripe-52/presentations/ ripe52-plenary-ipv6-pi.pdf (by Jordi Palet)
  • 13. 07.09.07 / Page 13 Deploying IPv6 Stefan Neufeind European Conference on Applied IPv6 Holiday Inn, Cologne Address-planning Interesting finding: „There are the same number of /32s in IPv4 space as in IPv6 space.“ :-) (by david.conrad at icann.org on the global-v6-mailinglist) Fixed length of 16 bytes (128bit) Usually noted in 8 groups of each 4 hexadecimal digits Possible to leave out one or more groups of zeros with two colons (::) instead; e.g. 2001:0db8::1
  • 14. 07.09.07 / Page 14 Deploying IPv6 Stefan Neufeind European Conference on Applied IPv6 Holiday Inn, Cologne Address-planning Subnetting usually done on /16-boundary (/32, /48, /64, ...) Minimum /64 if you want to use auto-configuration Subnetting/numbering of hosts up to you. Examples: Sequentially By building/POP, city, country, ... Including VLAN-ID AS-numbers (there are also 32-bit AS-numbers now!) For fun: Why „A5“ in e.g. „2001:7F8:1::A504:1692:1“? Looks like „AS“ ... serious! :-)
  • 15. 07.09.07 / Page 15 Deploying IPv6 Stefan Neufeind European Conference on Applied IPv6 Holiday Inn, Cologne Configuration Routers Basics Interfaces OSPF v3 BGP4-MP Example on Cisco, only new things to configure: ipv6 unicast-routing ipv6 cef interface GigabitEthernet 0/1 ipv6 address 2001:DB8::1/64 no ipv6 redirects ipv6 nd suppress-ra ipv6 ospf 1 area 0 ipv6 router ospf 1 redistribute connected router bgp 65000 address-family ipv6 neighbor 2001:DB8::2 remote-as 65001 neighbor 2001:DB8::2 activate
  • 16. 07.09.07 / Page 16 Deploying IPv6 Stefan Neufeind European Conference on Applied IPv6 Holiday Inn, Cologne Configuration Routers Interfaces Example on Juniper, only new things to configure: interfaces { ge-0/0/0 { unit 1 { family inet6 { address 2001:db8::1/64; } } } }
  • 17. 07.09.07 / Page 17 Deploying IPv6 Stefan Neufeind European Conference on Applied IPv6 Holiday Inn, Cologne Configuration Routers BGP4-MP OSPF v3 Example on Juniper, only new things to configure: protocols { bgp { group peers-kleyrex-v6 { type external; family inet6 { unicast; } neighbor 2001:db8::2 { peer-as 65001; } } ospf3 { export OSPF3; area 0.0.0.1 { interface ge-0/0/0.791; interface ge-0/0/0.792; } } }
  • 18. 07.09.07 / Page 18 Deploying IPv6 Stefan Neufeind European Conference on Applied IPv6 Holiday Inn, Cologne Configuration End-user systems Servers Services DNS / rDNS (as well as RIR-objects) Web- / mailsystems etc. Monitoring / accounting (awstats, netflow/sflow, home-grown tools, ...)
  • 19. 07.09.07 / Page 19 Deploying IPv6 Stefan Neufeind European Conference on Applied IPv6 Holiday Inn, Cologne Configuration Documenting network-relationships in RPSL: Consider separate AS-sets for IPv4 / IPv6 in case of large difference of downstream-size IPv4 / IPv6 mp-import: afi ipv6.unicast from AS34225 accept AS-SPEEDPARTNER mp-export: afi ipv6.unicast to AS34225 announce ANY mp-import: afi ipv6.unicast from AS41692 accept AS-OPENCARRIER6 mp-export: afi ipv6.unicast to AS41692 announce ANY
  • 20. 07.09.07 / Page 20 Deploying IPv6 Stefan Neufeind European Conference on Applied IPv6 Holiday Inn, Cologne Configuration DNS in bind: Reverse-delegation at RIPE: In a normal zone: r1.example.com IN AAAA 2001:db8::1 For reverse-DNS: $ORIGIN 0.0.0.0.0.0.0.0.8.b.d.0.1.0.0.2.ip6.arpa. @ 86400 in SOA ns1.example.com. hostmaster.example.com. ( [...] 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0 1D IN PTR r1.example.com. Domain: 8.b.d.0.1.0.0.2.ip6.arpa admin-c: ABCD-RIPE tech-c: ABCD-RIPE zone-c: ABCD-RIPE nserver: ns1.example.com nserver: ns2.example.com mnt-by: ABCD-MNT
  • 21. 07.09.07 / Page 21 Deploying IPv6 Stefan Neufeind European Conference on Applied IPv6 Holiday Inn, Cologne Aspects to consider when deploying Does your gear support IPv6? In software or hardware? Since what firmware? How stable? Running dual-stack? Performance: Latency/jitter in sub-optimal IPv6-scenarios Export-protocol for monitoring / accounting Sflow? Netflow? Security-aspects (firewalls, ...)
  • 22. 07.09.07 / Page 22 Deploying IPv6 Stefan Neufeind European Conference on Applied IPv6 Holiday Inn, Cologne Links 6to4 with Linux: http://www.wlug.org.nz/6to4 Teredo: http://www.microsoft.com/technet/network/ipv6/teredo.mspx Public 6to4 routers: http://www.kfu.com/~nsayer/6to4/ Collection of IPv6-content: http://www.sixxs.net/misc/coolstuff/ Audio/video, IPv6-IPv4 gateways, IPv6 newsservers IPv6 filter recommendations: http://www.space.net/~gert/RIPE/ipv6-filters.html http://www.cymru.com/Bogons/ipv6.txt
  • 23. 07.09.07 / Page 23 Deploying IPv6 Stefan Neufeind European Conference on Applied IPv6 Holiday Inn, Cologne Thank you! Slides available at: http://talks.speedpartner.de/ Questions? neufeind (at) speedpartner.de