IPv6 implementation aspects in the operator s environment. Grzegorz Kornacki F5 Field Systems Engineer
|
|
- Jeffrey Hill
- 6 years ago
- Views:
Transcription
1 IPv6 implementation aspects in the operator s environment Grzegorz Kornacki F5 Field Systems Engineer
2 Exposing applications & services to IP v6
3 Exposing applications / services to IP v6 Facebook has already done it 3
4 Exposing applications / services to IP v6 Facebook already done it. scroll down few slides.. to find regular F5 config file 4
5 Exposing applications / services to IP v6 It does not have to be CLI: Plus DNS record 5
6 Exposing applications / services to IP v6 Good to know: If there is very old, black box -like application that Nobody wants to touch Cannot log v6 addresses, You can: 1. Insert bogus prv v4 address into X-Forwarded-For and log v4 to v6 mapping into syslog 2. SNAT to bogus prv v4 address and log v5 to v6 mapping 6
7 Providing IP v6 to your Subscribers
8 Technologies overview Technology Translation /tunneling Stateful translation place Dual Stack n/a n/a 6rd (v6 over v4) tunneling n/a NAT64/DNS64 translation network XLAT translation network DS-Lite tunneling network MAP-E tunneling CPE MAP-T translation CPE 8
9 Out of classification example
10 Out of the classification example Leading American Cable TV Service provider over 15M CPEs New VOD servers deployed in IP v6 network only. Old Set Top Boxes equipped in IP v4 stack. Service Provider not able to replace all Set Top Boxes at once. New STB <-> new VOD server Pure IP v6 v6 Vod server v6 STB 10
11 Out of the classification example Leading American Cable TV Service provider over 15M CPEs Old STB <-> new VOD server mappings between: Server name - v4 Server name - v6 DNS IP v6 IP v4 v6 Vod server F5 LTM v4 STB 11
12 Out of the classification example Leading American Cable TV Service provider over 15M CPEs Old STB <-> new VOD server DNS 1. PTR query to get a name of the svr 2. AAAA query to get v6 address <96bit prf>:<src ip v4> New v6 IP v6 IP v4 v6 Vod server F5 LTM Own v4 Old v4 svr address v4 STB 12
13 Out of the classification example Leading American Cable TV Service provider over 15M CPEs Old STB <-> new VOD server DNS 1. query for a name of the server 2. query to get v4 address <96bit prf>:<src ip v4> New v6 IP v6 IP v4 v6 Vod server F5 LTM Own v4 Old v4 svr address v4 STB 13
14 Out of the classification example Leading American Cable TV Service provider over 15M CPEs Old STB <-> new VOD server Yes, it is F5 irules!!! The only Event used: CLIENT_ACCEPTED Commands used: split, lrange, lindex, string tolower, getfield (standard TCL commands) IP::client_addr, IP::local_addr RESOLV::lookup node, snat No single if/then, or switch, or while 14
15 Plain Dual-Stack with NAT44 IPv6 Home environment Internet Smart Phone IPv4/IPv6 network IPv6 CGN IPv4 CPE/AG Access Node BRAS/BNG (dual-stack) GGSN/PGW NAT44 IPv4 Internet (dual-stack) NAT44 Translating private IPv4 address into public IPv4 address on the internet side (1:1 NAT and N:1 NAPT) Stateful operation 15
16 Plain Dual-stack with NAT 44 Pros and Cons PROS CONS Full manageability of the IPv4 and IPv6 subscriber traffic (on BNG / GGSN) May require more licenses on BNG and/or GGSN for dual-stack operation (pre 3GPP R9) Field-proven model that can be used in fixed and mobile (uniform model / FMC) Poor mobile phone coverage No tunneling less overhead, no fragmentation issues, etc. In fixed the access and aggregation network should be IPv6 aware Routing private IPv4 addresses in the SP backbone may be undesirable
17 IPv6 Rapid Deployment (6RD) 6RD Border Relay IPv6 Home environment Internet IPv4 network IPv6 IPv4 tunnel CGN IPv4 CPE/AG Access Node BRAS/BNG (IPv4) GGSN/PGW NAT44 IPv4 Internet (IPv4) 6RD Border Relay Decapsulate IPv4 tunnels coming from CPE Forward encapsulated IPv6 packets coming out of these IPv4 tunnels towards IPv6 internet Note : source IPv6 address for user is constructed out of the 6RD prefix and the IPv4 address of the user (this allows for a stateless operation of the 6RD BR) 17
18 6RD Pros and Cons PROS CONS No additional license costs on BNG/GGSN (keep IPv4 based considered temporary and just postpones a real BNG/GGSN) Not future proof ( tunnel the future over legacy ), so investment in an IPv6 network Solution is transparent for the whole IPv4 network and requires little to no changes in the network Still requires a NAT44 to deal with IPv4 address depletion Cheapest solution to introduce IPv6 CPE vendor support still limited Tunneling technique, potentially resulting in fragmentation & reassembly issues
19 NAT64 with DNS64 IPv6 Home environment Internet Smart Phone IPv6 network IPv6 NAT64 IPv6 CPE/AG Access Node BRAS/BNG (IPv6 only) GGSN/PGW DNS64 IPv4 Internet (IPv6 only) DNS64 In case no AAAA exists for a destination, the DNS64 function adds specific IPv6 destination prefix to the A address of the destination and constructs a AAAA response based on that DNS64 can be internal in BIGIP providing NAT64 function or can be external NAT64 Attracts IPv6 subscriber traffic for specific IPv6 destination prefix used to perform NAT64 Extracts IPv4 destination address out of the IPv6 destination address Uses a public IPv4 address pool to source traffic towards IPv4 destination address (stateful) 19
20 Reachability of Top 88 Websites with NAT64/DNS64 Pure IPv6 IPv6 + F5 NAT64/DNS64 20
21 Network Migration NAT 64 Pros and Cons PROS CONS Natural phase-out of NAT Future-proof, setting the standard on IPv6 connectivity applications : Skype, Google videochat towards end users (IPv6 only sessions) No additional license costs on BNG/GGSN (transition from IPv4 to IPv6 on user side) No tunneling less overhead, no fragmentation issues, etc. Testing by other operators reveal some issues with IPv4 literals in websites Not practical for fixed deployments : end-user equipment may not be IPv6-capable (gaming consoles, STB,... )
22 XLAT (CLAT + NAT64) IPv6 Home environment Internet Smart Phone IPv6 network IPv6 NAT64 IPv6 CPE/AG Access Node BRAS/BNG (IPv6 only) GGSN/PGW DNS64 IPv4 Internet (IPv6 only) PLAT PLAT CLAT is Customer-side translator (XLAT) [RFC6145]. PLAT is Provider-side translator [RFC6146]. It translates 1:1 private IPv4 addresses to global IPv6 addresses. It translates N:1 global IPv6 addresses to global IPv4 addresses. The CLAT function is applicable to a router or an end-node such as a mobile phone or PC. It s in fact NAT64 under the new name It's usually seen as virtual interface with v4 address PLAT does not require DNS64 22
23 Network Migration XLAT Pros and Cons PROS PROS cont. Delivers v4 address to the application that needs them Natural phase-out of NAT As software package for PCs Future-proof, setting the standard on IPv6 connectivity Light-weight home router patch Is applicable for fix-line providers towards end users (IPv6 only sessions) No additional license costs on BNG/GGSN (transition from IPv4 to IPv6 on user side) No tunneling less overhead, no fragmentation issues, etc. CONS IPv4 literals in websites Could be solved with irules
24 Scalability & Performance Address translation is within «DNA» of F5 CGNAT requires TCP/UDP connection management Packet based solutions are not designed for that Connection management is native in BIG-IP system Single B4340N blade VIPRION 4800 chassis with 8 blades 1M connections per sec 8M connections per sec 60M connections 480M connections 80Gbps throughput 640Gbps throughput Unprecedented scale & performance 24
25 Translation & Mapping Flexibility NAPT NAPT Standard Deterministic Translation Modes Transition NAT64 NAT44 Techniques Mapping & DSLite DNS64 EIM EIF NAPT Custom PBA Custom 6RD Custom Hairpinning PCP Filtering Now irules Next release 25
26 Logging Flexibility Enriched CGNAT logging adding subscriber info when CLIENT_ACCEPTED { set hsl [HSL::open -proto TCP -pool syslog_server_pool] # Lookup the MSISDN set m [table lookup -subtable msisdn [IP::client_addr]] set i [table lookup -subtable imsi set c [table lookup -subtable chrid [IP::client_addr]] [IP::client_addr]] } # when SERVER_CONNECTED { # Get time set t [clock format [clock seconds] -format {%Y%m%d%H%M%S}] HSL::send $hsl "<190> 0;$t;$m;$i;$c;[IP::client_addr];[TCP::client_port];[IP::local_addr];[TCP::local_port];[IP::remote_addr];[TCP::remote_port];[IP::protocol]\n" } 26
27 Dual Stack Lite (DS-Lite) Supported now IPv6 Home environment Internet Unable to steer tunneled traffic IPv6 network Unable to distinguish IPv6 subscribers sessions AFTR AFTR IPv6 tunnel IPv4 CPE/RG Access Node BRAS/BNG (B4) (IPv6 only) GGSN/PGW NAT44 NAT44 IPv4 Internet (IPv6 only) DS-Lite (AFTR) AFTR AFTR function function CONFIDENTI A L. Decapsulate IPv6 tunnels from CPE (hosting B4 function) Provide a stateful NAT44 function to the encapsulated IPv4 traffic Encapsulated IPv4 traffic has overlapping addresses 27
28 F5 Network Services A unified platform and single management framework Intelligent traffic management CGNAT and ICSA certified Policy IPv6 migration network firewall enforcement Header enrichment and TCP Local URL optimization DNS filtering 29
29 F5 and intelligent traffic steering to VAS platforms A unified platform simplifies delivery of network services DS-Lite termination with with f5 subscriber awareness Internet RTR PGW VIPRION Context-aware steering & intelligent service chaining Data Center Video Optimization Transparent Caching URL Filtering Parental Controls 30
30 Network security & CGNAT in mobile Evolution and next steps Gi Firewalls are used in the mobile data path to protect Subscribers (e.g. battery drain attacks) Network (e.g. port scans and sweeps leading to RNC paging / signaling overload) IPv4 address exhaustion resulted in CGNAT deployments NAT44 enabled on the existing Gi firewall NAT44 enabled on a different standalone CGNAT platform CGNAT function is a stateful operation and hence has several characteristics of a Gi firewall Future challenges Traditional firewalls are lacking scale/performance to deal with increasing NAT44 traffic Some standalone CGNAT platforms (routers) are lacking security features to deal with new Gi firewall requirements (IPv6) 31
31 Mobile networks in EMEA Typical IPv4-IPv6 Transition Plan Capacity / Throughput Introduction of IPv6 Address consumption Public IPv4 address space exhausted Public IPv6 Need to introduce private IPv4 (Gi-FW) Private IPv4 (CGNAT) Public IPv4 (Gi-FW)
32 CGNAT and Gi-FW needs in mobile Option 1 : Leverage FW for CGNAT Options Firewall max capacity reached (connections / bandwidth) Enable NAT on Firewall Add more firewalls with load balancers Public IPv6 Investigate alternatives (router, ADC) Private IPv4 (Firewall for CGNAT) Public IPv4 (Firewall for Gi-FW)
33 CGNAT and Gi-FW needs in mobile Option 2 : Introduce Router for CGNAT Options IPv6 requires a Gi Firewall again Introduce new firewalls for IPv6 Investigate alternatives (ADC) Public IPv6 Add Router for CGNAT Private IPv4 (Router for CGNAT) Public IPv4 (Firewall for Gi-FW)
34 CGNAT and Gi-FW needs in mobile Option 3 : F5 for consolidated Gi-FW / CGNAT IPv6 requires a Gi Firewall again (Enable AFM module on F5) Public IPv6 Introduce F5 for CGNAT Private IPv4 (F5 for CGNAT) Public IPv4 (Firewall for Gi-FW)
35 Platform consolidation: happening now Network function consolidation L2 L L4 L Multi-service router L2 switching Full Proxy MPLS L2 PE (TCP opt, HHE) IP Routing Policy Enforcement MPLS L2 PE L3 routing MPLS L3 PE TCP OPTIM DPI/PCEF L7 STEERING Firewall MPLS L3 PE BRAS/BNG FW/CGN CGNAT HTTP HE L3/L4 BRAS/BNG Steering Dedicated platforms, Single platform, Dedicated platforms, Unified platform, different vendors L2 L3 consolidation different vendors L4 L7 consolidation 36
36 F5 the only reasonable choice Traffic Distribution Private Public IPv4 IPv4 NAT44 NAT64 IPv4 CGNAT CGNAT GGSN IPv6 PGW Gi-FW Public IPv6 Gi-FW Public (AFM) IPv6 Internet Time High scale / performance Gradual transition from CGNAT to IPv6 Gi-FW Investment protection 37
37
38 Backup slides
39 DNS 64 in action IPv4/IPv6 Internet Internet 1. DNS query 4. ADC responds to DNS request with AAAA response IPv6 client 2. ADC sends AAAA & A Queries to DNS (A) (AAAA) v6 v4 DNS DNS 3a. If v6 DNS then AAAA record returned to client as usual 3b. If only v4 DNS A record returned, ADC adds 96 bit prefix to A record and returns AAAA to client DNS64 40
40 1: IPv6 client access IPv6 content 1. IPv6 Client sends traffic to Server with IPv6 address Network IPv6 IPv6 client 2. Server responds directly to IPv6 Client (A) (AAAA) v6 v4 DNS DNS DNS64 41
41 2: IPv6 client access IPv4 content NAT64 Mapping: 96BitPrefix+IPv4 address to IPv4 Address 1. Client sends traffic to with IPv6 Address and LTM 96Bit Prefix 2. LTM transforms v6 address to v4 addresses for outgoing IPv4 4. LTM responds with IPv6 Source to Client 3. LTM maps and transforms IPv6 client v4 addresses to v6 for return traffic BIG-IP translates IPv6 IP Adresses with prefix to IPv4 Adresses (NAT64) (IPv4) 42
42 IPv6 to IPv4 Gateway: NAT64 IPv6 Client IPv6 to IPv4 Gateway IPv4 to IPv6 prefix: IPv6 Network IPv4 Network 64:ff9b:: IPv4: DNS request: DNS64 Hex Notation: ::1064:6464 DNS response: AAAA = 64.ff9b::1064:6464 GET to IPv6: 64.ff9b::1064:6464 GET to IPv4: NAT64 GET from IPv6: 64.ff9b::1064:6464 Response from IPv4:
43 Intelligent Traffic Management in action Steering to 2 VAS Services : Subscriber & RAT-Type based User Subscriber Policy John Video Optimization LTE bypass Paul Video Optimization always Parental Control Service Provider VAS Video Optimization Control Plane Emma Parental Control Parental Control PCRF PCRF Emma AAA AAA Radius Diameter Gx, Gy Radius (RAT-type updates) Other API (subscriber policies) GGSN John PGW Internet Paul Intelligent Traffic Management Policy-enabled per-connection or per-transaction steering to VAS/Optimization Subscriber 44
44 Intelligent Traffic Management in action User John : http traffic on LTE User Subscriber Policy John Video Optimization LTE bypass Paul Video Optimization always Parental Control Service Provider VAS Video Optimization Control Plane Emma Parental Control Parental Control PCRF PCRF AAA AAA Radius Emma Diameter Gx, Gy Other API http (LTE) Radius GGSN John PGW Internet Paul Intelligent Traffic Management Policy-enabled per-connection or per-transaction steering to VAS/Optimization Subscriber 45
45 Intelligent Traffic Management in action User John : http traffic on 3G User Subscriber Policy John Video Optimization LTE bypass Paul Video Optimization always Parental Control Service Provider VAS Video Optimization Control Plane Emma Parental Control Parental Control PCRF PCRF AAA AAA Radius Emma Diameter Gx, Gy Other API http (3G) Radius GGSN John PGW Internet Paul Intelligent Traffic Management Policy-enabled per-connection or per-transaction steering to VAS/Optimization Subscriber 46
46 Intelligent Traffic Management in action User Paul : http traffic on 3G/LTE User Subscriber Policy John Video Optimization LTE bypass Paul Video Optimization always Parental Control Service Provider VAS Video Optimization Control Plane Emma Parental Control Parental Control PCRF PCRF AAA AAA Radius Emma Diameter Gx, Gy Other API Radius GGSN John PGW Internet http Paul Intelligent Traffic Management Policy-enabled per-connection or per-transaction steering to VAS/Optimization Subscriber 47
47 Intelligent Traffic Management in action User Emma : http traffic on 3G/LTE User Subscriber Policy John Video Optimization LTE bypass Paul Video Optimization always Parental Control Service Provider VAS Video Optimization Control Plane Emma Parental Control Parental Control PCRF PCRF AAA AAA Radius Emma Diameter Gx, Gy http Other API Radius GGSN John PGW Internet Paul Intelligent Traffic Management Policy-enabled per-connection or per-transaction steering to VAS/Optimization Subscriber 48
48 References NAT64/DNS64 (RFCs 6146, 6147) 464XLAT (RFC 6877) Dual-Stack Lite (DS-Lite - RFC 6333) XLAT demo: 49
RE-ARCHITECTING THE GI LAN OPTIMIZE & MONETIZE MOBILE BROADBAND. Bart Salaets Solution Architect
RE-ARCHITECTING THE GI LAN OPTIMIZE & MONETIZE MOBILE BROADBAND Bart Salaets Solution Architect Today s Gi LAN is static and inflexible DNS PCRF AAA OCS CSCF RADIUS, Diameter, DNS, SIP Control Plane Services
More informationA Practical Approach to IPv6
A Practical Approach to IPv6 Vietnam IPv6 Day Boonchareon Chong Global Solution Architect - Service Provider Boon@f5.com The move to IPv6 The Data Tsunami in Service Providers and Enterprises IP Everything
More informationTraffic Steering & Service Chaining
Traffic Steering & Service Chaining Optimize & Monetize with PEM Bart Salaets Solution Architect Agenda F5 Gi LAN Strategy Traffic Steering & Service Chaining Recent Evolutions Policy-Based Per-Flow and
More informationBIG-IP CGNAT: Implementations. Version 13.0
BIG-IP CGNAT: Implementations Version 13.0 Table of Contents Table of Contents Deploying a Carrier Grade NAT... 9 Overview: The carrier-grade NAT (CGNAT) module... 9 About ALG Profiles...10 About CGNAT
More informationBIG-IP CGNAT: Implementations. Version 12.1
BIG-IP CGNAT: Implementations Version 12.1 Table of Contents Table of Contents Deploying a Carrier Grade NAT... 7 Overview: The carrier-grade NAT (CGNAT) module... 7 About ALG Profiles...8 About CGNAT
More informationIPv6 migration strategies for mobile networks
migration strategies for mobile s White paper To cope with the increasing demand for IP addresses, most mobile operators (MNOs) have deployed Carrier Grade Network Address Translation (CG-NAT). Introducing
More informationIPv6 Transition Technology
www.huawei.com Transition Technology HUAWEI TECHNOLOGIES CO., LTD. Address exhaustion has occurred The address exhaustion has arrived. 4.3 billion addresses are not enough to address the humans and their
More informationService Providers trends & F5 Networks SP s portfolio overview
Service Providers trends & F5 Networks SP s portfolio overview Attacks from Internet Data Growth / IoT Regulations / Services DDoS protection L4-L7 security Traffic shaping Scalability, IPv4/v6 Traffic
More informationTransition To IPv6 October 2011
Transition To IPv6 October 2011 Fred Bovy ccie #3013 fred@fredbovy.com 2011 Fred Bovy fred@fredbovy.com. Transition to IPv6 1 1st Generation: The IPv6 Pioneers Tunnels for Experimental testing or Enterprises
More informationCOE IPv6 Roadmap Planning. ZyXEL
COE IPv6 Roadmap Planning ZyXEL COE Product Offering with IPv6 Dual Stack Lite / Translation & Dual Stack, IPv6 Core Phase I Chassis MSAN FW Rel. 3.96.1 MSC1000G, MSC1024G, MSC1224G, ALC12xxG- 5x, VLC13xxG-5x
More informationIPv6 Transition Strategies
IPv6 Transition Strategies Philip Smith MENOG 14 Dubai 1 st April 2014 Last updated 5 th March 2014 1 Presentation Slides p Will be available on n http://thyme.apnic.net/ftp/seminars/
More informationManaging the Migration to IPv6 Throughout the Service Provider Network White Paper
Managing the Migration to IPv6 Throughout the Service Provider Network Managing the Migration to IPv6 Throughout the Service Provider Network White Paper Introduction Service providers are feeling increasing
More informationIPv6 Transition Mechanisms
IPv6 Transition Mechanisms Petr Grygárek rek 1 IPv6 and IPv4 Coexistence Expected to co-exist together for many years Some IPv4 devices may exist forever Slow(?) transition of (part of?) networks to IPv6
More informationLeverage SDN Principles in LTE to Meet Future Network Demands
Leverage SDN Principles in LTE to Meet Future Network Demands PLATFORM FOR PROFITABLE GROWTH The Role of SDN in LTE Networks SDN refers to specific technologies considered promising for mobile network
More informationIPv6 Transition Strategies
IPv6 Transition Strategies Philip Smith APNIC 36 Xi an 20 th -30 th August 2013 Last updated 25 July 2013 1 Presentation Slides p Will be available on n http://thyme.apnic.net/ftp/seminars/apnic36-
More informationNetwork Configuration Example
Network Configuration Example Configuring Dual-Stack Lite for IPv6 Access Release NCE0025 Modified: 2016-10-12 Juniper Networks, Inc. 1133 Innovation Way Sunnyvale, California 94089 USA 408-745-2000 www.juniper.net
More informationStateless 4V6. draft-dec-stateless-4v6. September 2011
Stateless 4V6 draft-dec-stateless-4v6 September 2011 1 Operator s have an IPv6 network in production Limited Public IPv4 or exhausted Desire/intent to move to fully to IPv6 (at least operationally) End
More informationIPv6 Rapid Deployment (6rd) in broadband networks. Allen Huotari Technical Leader June 14, 2010 NANOG49 San Francisco, CA
Rapid Deployment () in broadband networks Allen Huotari Technical Leader ahuotari@cisco.com June 14, 2010 NANOG49 San Francisco, CA 1 Why IP Tunneling? IPv4 Tunnel Tunnel IPv4 IPv4 Retains end-end IP semantics
More informationARCHITECTING THE NETWORK FOR THE MOBILE IPV6 TRANSITION. Gary Hauser Sr. Marketing Mgr. Mobility Sector Member 3GPP RAN3 WG
ARCHITECTING THE NETWORK FOR THE MOBILE IPV6 TRANSITION Gary Hauser Sr. Marketing Mgr. Mobility Sector Member 3GPP RAN3 WG ghauser@juniper.net AGENDA! The State of Standards IPv6 & Transition in Mobile!
More informationMapping of Address and Port using Translation (MAP-T) E. Jordan Gottlieb Network Engineering and Architecture
Mapping of Address and Port using Translation (MAP-T) E. Jordan Gottlieb Network Engineering and Architecture jordan.gottlieb@charter.com. What is MAP-T? One of two transport modes of MAP Mapping of Address
More information6RD. IPv6 Rapid Deployment. Version Fred Bovy. Chysalis6 6RD 1-1
6RD IPv6 Rapid Deployment Version 1.0 2012 Fred Bovy. Chysalis6 6RD 1-1 About the Author Fred Bovy 15 years experience in IPv6 IPv6 Forum Certified Gold Engineer IPv6 Forum Certified Gold Trainer 7 years
More informationIPv6 Transition Mechanisms
IPv6 Transition Mechanisms Petr Grygárek rek 1 IPv6 and IPv4 Coexistence Expected to co-exist together for many years Some IPv4 devices may exist forever Slow(?) transition of (part of?) networks to IPv6
More informationCarrier Grade NAT - Observations and Recommendations. Chris Grundemann North American IPv6 Summit 11 April 2012
Carrier Grade NAT - Observations and Recommendations Chris Grundemann North American IPv6 Summit 11 April 2012 Agenda CGN Technology CGN Challenges CGN Architectures Conclusions 2 Cable Television Laboratories,
More informationBIG-IP CGNAT: Implementations. Version 12.0
BIG-IP CGNAT: Implementations Version 12.0 Table of Contents Table of Contents Legal Notices...9 Legal notices...9 Deploying a Carrier Grade NAT...11 Overview: The carrier-grade NAT (CGNAT) module...11
More informationDESIGNING VALUE ADDED SERVICES IN WIRELINE NETWORKS. Norbert Wicker, EMEA Advanced Technology Specialist 8 th September 2012
DESIGNING VALUE ADDED SERVICES IN WIRELINE NETWORKS Norbert Wicker, EMEA Advanced Technology Specialist 8 th September 2012 OVERVIEW 2 Copyright 2012 Juniper Networks, Inc. www.juniper.net SERVICE DELIVERY
More informationIPv6 Transition Planning
IPv6 Transition Planning ITU/APNIC/MOIC IPv6 Workshop 19 th 21 st June 2017 Thimphu These materials are licensed under the Creative Commons Attribution-NonCommercial 4.0 International license (http://creativecommons.org/licenses/by-nc/4.0/)
More informationNetwork Address Translation Configuration Commands
NAT Commands Network Address Translation Configuration Commands Generic Commands description Syntax description description-string no description Context config>srevice>vprn>nat>outside>pool>address-range
More informationTowards IPv6 only: A large scale lw4o6 deployment (rfc7596) for broadband
Towards IPv6 only: A large scale lw4o6 deployment (rfc7596) for broadband users @AS6799 Kostas Zorbadelos Yannis Nikolopoulos Senior Systems & Network Engineers OTE IP Network Engineering RIPE 76 Marseille,
More informationNAT Command Reference
Command Reference Command Hierarchies ISA Configuration Commands on page 639 NAT Service Configuration Commands on page 640 VPRN Commands on page 643 NAT Subscriber Management Commands on page 645 NAT
More informationInternet Engineering Task Force (IETF) Request for Comments: 7040 Category: Informational. O. Vautrin Juniper Networks Y. Lee Comcast November 2013
Internet Engineering Task Force (IETF) Request for Comments: 7040 Category: Informational ISSN: 2070-1721 Y. Cui J. Wu P. Wu Tsinghua University O. Vautrin Juniper Networks Y. Lee Comcast November 2013
More informationJourney to IPv6 A Real-World deployment for Mobiles
Journey to IPv6 A Real-World deployment for Mobiles APRICOT 2017 February 2017 Telstra Unrestricted Copyright Telstra Introduction Instructional Slide Jeff Schmidt- Technology Team Manager, Telstra Wireless
More informationJourney to IPv6: A Real-World deployment for Mobiles
Journey to IPv6: A Real-World deployment for Mobiles ISP Workshops Last updated 1 st March 2017 Telstra Unrestricted Acknowledgements p We would like to acknowledge Jeff Schmidt @ Telstra for permitting
More informationIPv6 Community Wifi. Unique IPv6 Prefix per Host. IPv6 Enhanced Subscriber Access for WLAN Access Gunter Van de Velde Public.
IPv6 Community Wifi Unique IPv6 Prefix per Host IPv6 Enhanced Subscriber Access for WLAN Access Gunter Van de Velde 19-01-2016 1 Nokia 2016 Public IPv6 timeline 4 waves as noticed by ALU IP Division ~2000
More informationYasuo Kashimura Senior Manager, Japan, APAC IPCC Alcatel-lucent
Yasuo Kashimura Senior Manager, Japan, APAC IPCC Alcatel-lucent Agenda 1. 1. Current status of / internet 2. 2. continuity 3. 3. continuity over network 4. 4. rapid deployment 5. 6. Wider deployment 6.
More informationSimplifying Security for Mobile Networks
Simplifying Security for Mobile Networks Communications service providers face an array of complex challenges, from network growth and increasing security threats to technology transitions. The comprehensive
More informationNAT Tutorial. Dan Wing, IETF77, Anaheim March 21, 2010 V2.1
NAT Tutorial Dan Wing, dwing@cisco.com IETF77, Anaheim March 21, 2010 V2.1 1 Agenda NAT and NAPT Types of NATs Application Impact Application Layer Gateway (ALG) STUN, ICE, TURN Large-Scale NATs (LSN,
More informationThe trend of IPv4 over IPv6 techniques, use cases and experience
APRICOT 2013 @ Singapore The trend of IPv4 over IPv6 techniques, use cases and experience Japan Internet Exchange Co., Ltd. Masataka MAWATARI Copyright 2013 Japan Internet Exchange
More informationDual-Stack lite. Alain Durand. May 28th, 2009
Dual-Stack lite Alain Durand May 28th, 2009 Part I: Dealing with reality A dual-prong strategy IPv4 reality check: completion of allocation is real Today Uncertainty IPv6 reality check: the IPv4 long tail
More informationHost-based Translation Problem Statement.
Host-based Translation Problem Statement chengang@chinamobile.com Why we need host based translation Two IP families need talk each other, otherwise there are totally separated two worlds; There exists
More informationThe End of IPv4? Migration Paths to IPv6 WHITE PAPER
The End of IPv4? Migration Paths to IPv6 WHITE PAPER The End of IPv4? On February 3, 2011, the Internet Assigned Numbers Authority (IANA) allocated the last five remaining /8 s of IPv4 address space to
More informationIPv6 Evolution and Migration Solution
IPv6 Evolution and Migration Solution www.huawei.com HUAWEI TECHNOLOGIES CO., LTD. Contents Industry s Viewpoints to IPv6 Development IPv6 Migration Solution and Huawei IPv6 Solution Highlights The World
More informationF5 IPv6 Solutions. Ariel Santa Cruz FSE SoLA F5 Networks Inc. F5 Networks, Inc.
1 F5 IPv6 Solutions Ariel Santa Cruz FSE SoLA F5 Networks Inc. a.santacruz@f5.com 2 Agenda End of IPv4 Common Customer Use Cases Ease the IPv6 Evolution Deliver Apps. to all clients Internal Access to
More informationFROM AN IPV4 GLOBAL INTERNET TO A MIX OF IPV4 NATED AND IPV6 WORLD. Alain Durand- Dir of Software Engineering PSG/CTO,
FROM AN IPV4 GLOBAL INTERNET TO A MIX OF IPV4 NATED AND IPV6 WORLD. Alain Durand- Dir of Software Engineering PSG/CTO, adurand@juniper.net 2011 JUNIPER PERSPECTIVE ON IPV4 EXHAUSTION AND IPV6 DEPLOYMENT
More informationSolutions Guide. F5 solutions for the emerging 5G landscape
Solutions Guide F5 solutions for the emerging 5G landscape 1 F5 Solutions for the emerging 5G landscape. Access Network Control Plane Cloud Mobile Edge and Core Analytics DNS EPC & IMS DDoS Mobile Access
More informationIt s a Lifecycle Strategy
WHITE PAPER CGNAT Isn t a Capability It s a Lifecycle Strategy What Service Providers Need to Consider When Choosing a Carrier-Grade NAT Solution Table of Contents Service Providers Utilize Address Translation
More informationIPv6 Transitioning. An overview of what s around. Marco Hogewoning Trainer, RIPE NCC
IPv6 Transitioning An overview of what s around Marco Hogewoning Trainer, RIPE NCC There Was a Plan The original idea was to have IPv6 deployed before we were out of IPv4 addresses By now the whole of
More informationOVERVIEW. Virtual Solutions for Your NFV Environment
Contents Introduction 3 Build a Virtualized Network with F5 s 4 Virtual Firewall (vfw) 4 Virtual CGNAT (vcgn) 4 Virtual Policy Charging Enforcement Function (vpcef) 4 Virtual Content Insertion (vci) 4
More informationEnabling Agile Service Chaining with Service Based Routing
Enabling Agile Service Chaining with Service Based Routing Contents Abstract...1 1. Introduction...1 2. Huawei s SBR Solution for Agile Service Chaining...3 2.1. Architecture Overview...3 2.2. Multi-Dimensional
More informationNetwork Configuration Example
Network Configuration Example Configuring Stateful NAT64 for Handling IPv4 Address Depletion Release NCE0030 Modified: 2017-01-23 Juniper Networks, Inc. 1133 Innovation Way Sunnyvale, California 94089
More informationNetwork Configuration Example
Network Configuration Example Deploying Scalable Services on an MX Series Router Acting as a Broadband Network Gateway Release NCE0062 Modified: 2017-01-24 Juniper Networks, Inc. 1133 Innovation Way Sunnyvale,
More informationMigration to IPv6 using DNS64/NAT64. Stephan Lagerholm
Migration to IPv6 using DNS64/NAT64 Stephan Lagerholm Agenda / About me DNS Architect at Secure64 Software Corp. Director and founder of the TXv6TF Personal blog at IPv4depletion.com 1 IPv4 depletion Global
More informationETSI TS V1.1.1 ( )
TS 103 443-1 V1.1.1 (2016-08) TECHNICAL SPECIFICATION Integrated broadband cable telecommunication networks (CABLE); IPv6 Transition Technology Engineering and Operational Aspects; Part 1: General 2 TS
More informationColloque IPv6. d IPv6 dans les réseaux mobiles. David BINET. Orange. Caen, 13 Juin 2013
Colloque IPv6 Caen, 13 Juin 2013 Stratégie de déploiement d IPv6 dans les réseaux mobiles David BINET Orange Agenda Mobile services: Orange group in few figures IPv6 introduction: the context IPv6 introduction
More informationIPv6 in Cellular Networks
IPv6 in Cellular Networks LACNIC 28 Montevideo, Uruguay September 2017 Jordi Palet (jordi.palet@theipv6company.com) - 1 Need to support IPv6 IPv4 exhaustion Sharing IPv4 (CGN) is not enough and is problematic
More informationIntended status: Standards Track Expires: April 26, 2012 Y. Ma Beijing University of Posts and Telecommunications October 24, 2011
softwire Internet-Draft Intended status: Standards Track Expires: April 26, 2012 Z. Li China Mobile Q. Zhao X. Huang Y. Ma Beijing University of Posts and Telecommunications October 24, 2011 DS-Lite Intra-Domain
More informationIP Services Gateway Overview
This chapter provides an overview of the IP Services Gateway (IPSG) product. This chapter covers the following topics: Introduction, page 1 How it Works, page 2 In-line Services, page 4 Enhanced Feature
More informationWhy, When & How? Asela Galappattige Sri Lanka Telecom PLC
Why, When & How? Asela Galappattige Sri Lanka Telecom PLC LkNOG Conference, Colombo Sri Lanka, 20 th Oct 2017 Precursor World has run out of IPv4 addresses IPv6 is the new Network Address Scheme for the
More informationKey Steps in the Transition to IPv6 WHITE PAPER
Key Steps in the Transition to IPv6 WHITE PAPER Content Introduction... 2 Internet Movement to IPv6... 2 Impact on the Enterprise... 3 Establishing Enterprise Web Presence on the IPv6 Internet... 4 The
More informationMapping of Address and Port (MAP) an ISPs Perspective. E. Jordan Gottlieb Principal Engineer Charter Communications
Mapping of Address and Port () an ISPs Perspective E. Jordan Gottlieb Principal Engineer Charter Communications jordan.gottlieb@charter.com Agenda What is? Benefits of in Action Algorithms in Action Deployment
More informationIPv6 transition for mobile networks. Tomas lynch ip & convergence Lacnog, sao paulo, brazil October 2010
IPv6 transition for mobile networks Tomas lynch ip & convergence Lacnog, sao paulo, brazil October 2010 agenda Introduction Transition and Migration Plan Mobile Networks Components Technical Recommendations
More information3GPP TR V1.1.1 ( )
TR 23.975 V1.1.1 (2010-05) Technical Report 3rd Generation Partnership Project; Technical Specification Group Services and System Aspects; IPv6 Migration Guidelines (Release 10) The present document has
More informationDeploy CGN to Retain IPv4 Addressing While Transitioning to IPv6
White Paper Deploy CGN to Retain Addressing While Transitioning to IPv6 The IANA ran out of addresses to allocate in February 2011, and the Regional Internet Registries (RIR) will have assigned most of
More informationCisco IOS XR Carrier Grade NAT Command Reference for the Cisco CRS Router, Release 5.2.x
Cisco IOS XR Carrier Grade NAT Command Reference for the Cisco CRS Router, 5.2.x First Published: 2016-07-01 Last Modified: 2014-10-01 Americas Headquarters Cisco Systems, Inc. 170 West Tasman Drive San
More informationIPv6 Implementation Best Practices For Service Providers
IPv6 Implementation Best Practices For Service Providers Brandon Ross Chief Network Architect and CEO 2013 Utilities Telecom Council Network Utility Force www.netuf.net @NetUF RFC 6540 - IPv6 Support Required
More informationBIG-IP Network Firewall: Policies and Implementations. Version 13.0
BIG-IP Network Firewall: Policies and Implementations Version 13.0 Table of Contents Table of Contents About the Network Firewall...9 What is the BIG-IP Network Firewall?...9 About firewall modes... 9
More informationIPv6 deployment scenarios in mobile networks Jouni Korhonen Netnod Spring Meeting 9-11 March, 2011 Stockholm, Sweden
IPv6 deployment scenarios in mobile networks Jouni Korhonen Netnod Spring Meeting 9-11 March, 2011 Stockholm, Sweden 1 Nokia Siemens Networks Foreword This presentation concentrates in most parts to 3GPP
More informationThe case for IPv6-only data centres...and how to pull it off in today's IPv4-dominated world
The case for IPv6-only data centres...and how to pull it off in today's IPv4-dominated world Tore Anderson Redpill Linpro AS PLNOG10, Warszawa, February 2013 Our traditional DC layout VLAN cust. 1 ~150
More informationBIG-IP APM: Access Policy Manager v11. David Perodin Field Systems Engineer
1 BIG-IP APM: Access Policy Manager v11 David Perodin Field Systems Engineer 3 Overview What is BIG-IP Access Policy Manager (APM)? How APM protects organization-facing applications by providing policy-based,
More informationControl and Optimize Your 4G LTE Network with Diameter
DATASHEET What s Inside 2 Protect Your Network from Signaling Bursts 2 Ensure Reliable Network Performance 3 Integration with SS7 and Other Legacy Network Elements 4 High Scalability for Growing Networks
More informationCarrier Grade Network Address Translation
(CGN) is a large-scale NAT that translates private IPv4 addresses into public IPv4 addresses. CGN employs Network Address and Port Translation methods to aggregate multiple private IPv4 addresses into
More informationExecutive Summary...1 Chapter 1: Introduction...1
Table of Contents Executive Summary...1 Chapter 1: Introduction...1 SSA Organization... 1 IRM Strategic Plan Purpose... 3 IRM Strategic Plan Objectives... 4 Relationship to Other Strategic Planning Documents...
More informationIPv6 in the Telco Cloud
IPv6 in the Telco Cloud APNIC 44 September 2017 Telstra Unrestricted Copyright Telstra Introduction Sunny Yeung Senior Technology Specialist, Telstra Wireless Network Engineering Sunny.Yeung@team.telstra.com
More informationHP A-F1000-A-EI_A-F1000-S-EI VPN Firewalls
HP A-F1000-A-EI_A-F1000-S-EI VPN Firewalls NAT Configuration Guide Part number:5998-2649 Document version: 6PW100-20110909 Legal and notice information Copyright 2011 Hewlett-Packard Development Company,
More informationTR-242 IPv6 Transition Mechanisms for Broadband Networks
TECHNICAL REPORT TR-242 IPv6 Transition Mechanisms for Broadband Networks Issue: 1 Issue Date: August 2012 The Broadband Forum. All rights reserved. Notice The Broadband Forum is a non-profit corporation
More informationMAP-E as IPv4 over IPv6 Technology
APRICOT 2015 MAP-E as IPv4 over Technology - with some operational experiences - Mar.4.2015 Japan Network Enabler Corporation 日本ネットワークイネイブラー株式会社 (JPNE) (JPNE) 中川あきら Akira Nakagawa 240b::1 Agenda 1. Why
More informationTunnels. Jean Yves Le Boudec 2015
Tunnels Jean Yves Le Boudec 2015 1. Tunnels Definition: a tunnel, also called encapsulation occurs whenever a communication layer carries packets of a layer that is not the one above e.g.: IP packet in
More informationA Evolvable RANGI Transition Strategy
A Evolvable RANGI Transition Strategy 1 Overview 5 Types of Sites: Progressive deployment of RANGI Interoperability between Type i and j (Total 10 cases) More RANGI deployment Smaller BGP Tables Less Address
More informationChapter 15 IPv6 Transition Technologies
Chapter 15 IPv6 Transition Technologies Published: April 18, 2006 Updated: November 06, 2006 Writer: Joe Davies 1 Abstract This chapter describes the mechanisms that aid in the transition of Internet Protocol
More informationIPv4 and IPv6 Transition & Coexistence
IPv4 and IPv6 Transition & Coexistence Copy Rights This slide set is the ownership of the 6DEPLOY project via its partners The Powerpoint version of this material may be reused and modified only with written
More informationDEPLOYMENT GUIDE Version 1.1. DNS Traffic Management using the BIG-IP Local Traffic Manager
DEPLOYMENT GUIDE Version 1.1 DNS Traffic Management using the BIG-IP Local Traffic Manager Table of Contents Table of Contents Introducing DNS server traffic management with the BIG-IP LTM Prerequisites
More informationPRACTICAL IPV6 DEPLOYMENT FOR THE MASS MARKET
PRACTICAL IPV6 DEPLOYMENT FOR THE MASS MARKET Kristoffer Larsen Network Development Engineer kri@telia.net THE HISTORY OF MASS MARKET IPV6 WITHIN TELIA COMPANY On fixed access Telia Company launched an
More informationISG-600 Cloud Gateway
ISG-600 Cloud Gateway Cumilon ISG Integrated Security Gateway Integrated Security Gateway Cumilon ISG-600C cloud gateway is the security product developed by Systrome for the distributed access network
More informationCisco ASR 5000 Series Small Cell Gateway
Data Sheet Cisco ASR 5000 Series Small Cell Gateway Mobile subscribers want access to the network at home, work, hotspots, and everywhere in between. This requires mobile operators to expand their service
More informationSubscriber Data Correlation
Subscriber Data Correlation Application of Cisco Stealthwatch to Service Provider mobility environment Introduction With the prevalence of smart mobile devices and the increase of application usage, Service
More informationMobil Core Monitoring Session aware load balancing of GTPv1 and GTPv2 traffic to multiple probes
Sessionmaster EXA Series Version 1.1 Okt. 2015 Technical Features & Models : Sessionmaster EXA 28 Ports 28 x 10 Gbit SFP+ Throughput 280 Gbps Application Presentation Session Transport Network Application
More informationProduct Brochure Traffix Signaling Delivery Controller (SDC)
Product Brochure Traffix Signaling Delivery Controller (SDC) The 4G & Diameter Experts Diameter Signaling Control: The Next Frontier in Network Architecture The mass market penetration of smart phones
More informationNetwork Virtualisation Vision and Strategy_ (based on lesson learned) Telefónica Global CTO
Network Virtualisation Vision and Strategy_ (based on lesson learned) Telefónica I+D @ Global CTO 18.03.2014 Business development requires a continuous evolution of our network but it still seems unable
More informationMPLS VPN--Inter-AS Option AB
The feature combines the best functionality of an Inter-AS Option (10) A and Inter-AS Option (10) B network to allow a Multiprotocol Label Switching (MPLS) Virtual Private Network (VPN) service provider
More informationNetwork Address Translators (NATs) and NAT Traversal
Network Address Translators (NATs) and NAT Traversal Ari Keränen ari.keranen@ericsson.com Ericsson Research Finland, NomadicLab Outline Introduction to NATs NAT Behavior UDP TCP NAT Traversal STUN TURN
More informationCubro Sessionmaster EXA40 series
Cubro Sessionmaster EXA40 series PRODUCT REVIEW Network Packet Broker (NPB) At a glance Definition A network packet broker (NPB) is a tool that receives data from number of network links, duplicates, aggregates
More informationIntelligent Service Function Chaining. March 2015
Intelligent Service Function Chaining March 2015 Drivers & challenges for Service Chaining 1. Easier & faster service deployment 2. Cost reduction 3. Smooth transition to the future architecture 4. Standardization
More informationF5 comprehensive protection against application attacks. Jakub Sumpich Territory Manager Eastern Europe
F5 comprehensive protection against application attacks Jakub Sumpich Territory Manager Eastern Europe j.sumpich@f5.com Evolving Security Threat Landscape cookie tampering Identity Extraction DNS Cache
More informationWhat's the big deal about IPv6? A plain-english guidebook for non-technical managers
What's the big deal about IPv6? A plain-english guidebook for non-technical managers Why should I care about IPv6? 2. We're all going to IPv6 Your network administrators will tell you that IPv6 is the
More informationNAT444+v6 Softwire. Shin Miyakawa, Ph.D. NTT Communications Corporation
NAT444+v6 Softwire Shin Miyakawa, Ph.D. NTT Communications Corporation miyakawa@nttv6.jp NAT444 + Softwire This is not IDEAL solution, we know There are several (maybe serious) problems However so, this
More informationBIG-IP DNS Services: Implementations. Version 12.0
BIG-IP DNS Services: Implementations Version 12.0 Table of Contents Table of Contents Configuring DNS Express...11 What is DNS Express?...11 About configuring DNS Express...11 Configuring DNS Express
More informationTunnels. Jean Yves Le Boudec 2015
Tunnels Jean Yves Le Boudec 2015 1. Tunnels Definition: a tunnel, also called encapsulation occurs whenever a communication layer carries packets of a layer that is not the one above e.g.: IP packet in
More informationNetwork Interconnection
Network Interconnection Covers different approaches for ensuring border or perimeter security Computer Networking: A Top Down Approach 6 th edition Jim Kurose, Keith Ross Addison-Wesley March 2012 Lecture
More informationComcast IPv6 Trials NANOG50 John Jason Brzozowski
Comcast IPv6 Trials NANOG50 John Jason Brzozowski October 2010 Overview Background Goals and Objectives Trials Observations 2 Background Comcast IPv6 program started over 5 years ago Incrementally planned
More informationCS 356: Computer Network Architectures. Lecture 14: Switching hardware, IP auxiliary functions, and midterm review. [PD] chapter 3.4.1, 3.2.
CS 356: Computer Network Architectures Lecture 14: Switching hardware, IP auxiliary functions, and midterm review [PD] chapter 3.4.1, 3.2.7 Xiaowei Yang xwy@cs.duke.edu Switching hardware Software switch
More informationENTERPRISE. Brief selected topics. Jeff Hartley, SP ADP SE
IPv6 TRANSITION FOR THE ENTERPRISE Brief selected topics Jeff Hartley, SP ADP SE Observations on IPv6 Deployment Trends Where do successful sites commonly deploy first? Upstream Connectivity (Transit/Border/Peering/etc.)
More information