A case study of IPv6 deployment. tcd.ie. David Malone. 22 May 2003

Similar documents
Rolling out IPv6 in TCD

A Case Study of IPv6 Deployment in tcd.ie

UNIX System Programming Lecture 19: IP Sockets

IPv6 It starts TODAY!

Computer Network Programming

Foreword xxiii Preface xxvii IPv6 Rationale and Features

TD#RNG#2# B.Stévant#

New IP Header. Why change IP. Address Notation. Changes. Information Sources. IP Version 6 ITL

Information Sources Hans Kruse & Shawn Ostermann, Ohio University

The Berkeley Sockets API. Networked Systems Architecture 3 Lecture 4

CSE 333 Section 8 - Client-Side Networking

IP version 6. The not so new next IP version. dr. C. P. J. Koymans. Informatics Institute University of Amsterdam.

Information Sources Hans Kruse & Shawn Ostermann, Ohio University

IPv6 tutorial. RedIRIS Miguel Angel Sotos

UNIX Sockets. Developed for the Azera Group By: Joseph D. Fournier B.Sc.E.E., M.Sc.E.E.

Network Programming in C: The Berkeley Sockets API. Networked Systems 3 Laboratory Sessions

IPv6 DEPLOYMENT GLOBAL TRANSIT COMMUNICATIONS. Presented by Mark Tinka Chief Network Architect Global Transit Kuala Lumpur, Malaysia

Sockets and Parallel Computing. CS439: Principles of Computer Systems April 11, 2018

목포해양대해양컴퓨터공학과. IPv6 적용

Network Programming in C. Networked Systems 3 Laboratory Sessions and Problem Sets

IPv6 Transition Technologies (TechRef)

Application Session (Hands-on) Athanassios Liakopoulos (GRNET) version 1.01

The Layer-2 Insecurities of IPv6 and the Mitigation Techniques

FiberstoreOS IP Service Configuration Guide

Dual Stacking a NOC. Dave Wilson, RIPE-46 DW238-RIPE

6to4 & 6rd. Explained

CSCI-1680 Network Layer:

Introduction to Computer Networks

Computer Network Addressing. The TCP/IP Layers and Addresses. Topics. The Internet Communication. The TCP/IP Layers and Addresses IP Address

Layer 4: UDP, TCP, and others. based on Chapter 9 of CompTIA Network+ Exam Guide, 4th ed., Mike Meyers

Hands-on Session Applications

Azblink API for Sending XMPP Messages via HTTP POST

DNS, DHCP and Auto- Configuration. IPv6 Training Day 18 th September 2012 Philip Smith APNIC

VLAN Configurations. 1 of :18. Available Categories. Adobe. Macromedia

Networking Fundamentals IPv6 APNIC 44. TAICHUNG, TAIWAN 7-14 September 2017

SJTU 2018 Fall Computer Networking. Wireless Communication

last time redo logging copy-on-write filesystems / snapshots distributed systems motivation, etc.

Indonesia IPv6 Update. Affan Basalamah

IPv6 Concepts. Improve router performance Simplify IP header Align to 64 bits Address hierarchy with more levels Simplify routing tables

CSEP 561 Internetworking. David Wetherall

IPv6 Next generation IP

CIS-331 Final Exam Fall 2015 Total of 120 Points. Version 1

Networks and Their Abstractions. CS439: Principles of Computer Systems April 9, 2018

IPv6: An Introduction

For personnal use only

VPN Definition SonicWall:

Example: Conditionally Generating Static Routes

Global Information Assurance Certification Paper

IPv6 Deployment at ORNL

Chapter 5 Network Layer

CSC 401 Data and Computer Communications Networks

Rocky Mountain IPv6 Summit April 9, 2008

IPv6 in Campus Networks

( A ) 1. WAP is a (A) protocol (B) hardware (C) software (D) network architecture

Socket Programming. #In the name of Allah. Computer Engineering Department Sharif University of Technology CE443- Computer Networks

COE IPv6 Roadmap Planning. ZyXEL

Network Management. IPv6 Bootcamp. Zhiyi Huang University of Otago

TCP/IP Network Essentials

2 nd SEE 6DISS Workshop Plovdiv June Host Configuration (Windows XP) Athanassios Liakopoulos

C18: Network Fundamentals and Reliable Sockets

Planning for Information Network

Exam Questions 1Z0-880

IP Basics Unix/IP Preparation Course June 29, 2010 Pago Pago, American Samoa

Migration Technologies. Dual Stack and Tunneling Using GRE, 6to4, and 6in4.

cs144 Midterm Review Fall 2010

Aeronautical Systems Center

Creating private Megaport connections using Juniper MX and EX series devices

Debian/GNU Linux Networking

Outline. IP Address. IP Address. The Internet Protocol. o Hostname & IP Address. o The Address

ECE 435 Network Engineering Lecture 14

Expanding ISP and Enterprise Connectivity with Cisco IOS NAT

CSE 333 SECTION 6. Networking and sockets

FiberstoreOS IPv6 Service Configuration Guide

CS615 - Aspects of System Administration

LOGICAL ADDRESSING. Faisal Karim Shaikh.

IPv6. Technical overview Policies & Procedures. Address depletion concerns. Squeeze on available addresses space

IPv6 transition: moving into the campus. Tim Chown University of Southampton

IPv6 Porting Applications

Web Server rpm. Web Server. #rpm q apache apache sis. package apache not installed CD-ROM

Network Configuration Example

Contents. IPv6 (Internet Protocol version 6) What s IPv6 Address Architecture Plug & play Domain Name System Transition The current status of IPv6

Introduction to IPv6 - II

Network+ Guide to Networks, Seventh Edition Chapter 2, Solutions

Network concepts introduction & wireshark

WISNETWORKS. WisOS 11ac V /3/21. Software version WisOS 11ac

CSC 4900 Computer Networks: Network Layer

FiberstoreOS. IP Service Configuration Guide

LOMBA KETERAMPILAN SISWA

The Netwok Layer IPv4 and IPv6 Part 2

CS 356: Computer Network Architectures. Lecture 15: DHCP, NAT, and IPv6. [PD] chapter 3.2.7, 3.2.9, 4.1.3, 4.3.3

IPv6 Cyber Security Briefing May 27, Ron Hulen VP and CTO Cyber Security Solutions Command Information, Inc.

FSOS IP Service Configuration Guide

ICS 351: Networking Protocols

The term "router" in this document refers to both routers and Layer 3 switches. Step Command Remarks. ipv6 host hostname ipv6-address

Transition to IPv6. Hui Chen, Ph.D. Dept. of Engineering & Computer Science Virginia State University Petersburg, VA 23806

Appendix B Policies and Filters

RMIT University. Data Communication and Net-Centric Computing COSC 1111/2061. Lecture 2. Internetworking IPv4, IPv6

Intro to IPv6 (nextgen)

CIS Test 1- Practice - Fall 2011

Introduction to Information Science and Technology 2017 Networking II. Sören Schwertfeger 师泽仁

Transcription:

A case study of IPv6 deployment tcd.ie David Malone <dwmalone@{maths.tcd,cnri.dit}.ie> 22 May 2003 1

Introduction TCD: University 17000 students/staff. Focused on central campus. Maths: 1000 students/staff. Traditional Unix service (10 servers, 60 xterms). Deployment plan for IPv6. 2

Example IPv6 Addresses 2001:0770:0010:0300:0000:0000:86e2:510b 2001:770:10:300:0:0:86e2:510b 2001:770:10:300::86e2:510b 2001:770:10:300::134.226.81.11 3

Special Addresses :: Unspec ::1 localhost fe80:: block link-local fec0:: block site-local ff00:: block multicast 4

Stage 1: Getting Started % ifconfig -a lo0: flags=8049<up,loopback,running,multicast> mtu 16384 inet6 ::1 prefixlen 128 inet6 fe80::1%lo0 prefixlen 64 scopeid 0x1 inet 127.0.0.1 netmask 0xff000000 en0: flags=8863<up,broadcast,smart,running,simplex,multicast> mtu 1500 inet6 fe80::203:93ff:fe46:17a6%en0 prefixlen 64 scopeid 0x4 inet 10.0.0.1 netmask 0xff000000 broadcast 10.255.255.255 ether 00:03:93:46:17:a6 5

Pinging & ssh % ping6 ::1 PING6(56=40+8+8 bytes) ::1 --> ::1 16 bytes from ::1, icmp_seq=0 hlim=64 time=0.392 ms % ping6 -I en0 fe80::230:65ff:fe03:d972 16 bytes from fe80::230:65ff:fe03:d972%en0, icmp_seq=0 hlim=64 time=1.373 ms % ping6 -I en0 ff02::1 PING ff02::1(ff02::1) from fe80::2b0:d0ff:fed7:741d en0: 56 data bytes 64 bytes from ::1: icmp_seq=1 ttl=64 time=0.062 ms 64 bytes from fe80::2b0:d0ff:fe05:fc06: icmp_seq=1 ttl=64 time=0.194 ms (DUP!) 64 bytes from fe80::206:5bff:fe68:249b: icmp_seq=1 ttl=64 time=0.224 ms (DUP!) 64 bytes from fe80::202:b3ff:fe65:604b: icmp_seq=1 ttl=64 time=0.256 ms (DUP!) 64 bytes from fe80::2b0:d0ff:fef4:c6c5: icmp_seq=1 ttl=64 time=0.334 ms (DUP!) 64 bytes from fe80::203:93ff:fe46:17a6: icmp_seq=1 ttl=64 time=0.384 ms (DUP!)... % ssh fe80::2b0:d0ff:fef4:c6c5%en1 dwmalone@fe80::2b0:d0ff:fef4:c6c5%en1 s password: As good as your Ethernet multicast. 6

Stage 2: IPv6 connectivity Use tunnel (Protocol 41). 2001:618:400:e::/64 address space from BT. Use ip6fw for filtering. % ifconfig gif0 create % ifconfig gif0 tunnel 134.226.10.51 193.113.58.80 % ifconfig gif0 inet6 2001:618:400::1:DC4:1467 2001:618:400::1:DC4:1466 prefixlen 128 % route add -inet6 default 2001:618:400::1:DC4:1466 % ifconfig fxp0 inet6 2001:618:400:e::1 prefixle 64 % ip6fw add 100 deny all from 2001:618:400:e::/64 to any in via gif0 % ip6fw add 200 allow all from 2001:618:400:e::/64 to any in via fxp0 % ip6fw add 300 allow all from fe80::/10 to any in via fxp0 % ip6fw add 400 allow all from :: to ff02::/16 in via fxp0 % ip6fw add 500 deny all from any to any in via fxp0 % sysctl net.inet6.ip6.forwarding=1 7

Rtadvd Configure prefix 2001:618:400:e:: Node gets 2001:618:400:e:2a0:c9ff:feb1:34e7 Use rtadvd fxp0 on FreeBSD. Advertises prefix, router, lifetimes, MTU... Can cause problems: Rapid prefix changes, Misplugged routers... 8

Problems with routing Scenic routing between {cs,maths}.tcd.ie. /48 from BT. Tunnel: BT to CS, CS to Maths. Addressing plan 2001:618:409:100:: ISS, 2001:618:409:200:: CS, 2001:618:409:300:: maths, 2001:618:409:400:: reserved. Renumbered when allocated 2001:770:10::/48 by HEAnet. 9

Stage 3: Services To be useful need DNS info: A: salmon 134.226.81.11. PTR: 11.81.226.134.in-addr.arpa salmon AAAA: salmon.ipv6 2001:770:10:300::... PTR:...0.7.7.0.1.0.0.2.ip6.arpa salmon.ip6 New reverse zone delegated from upstream. 10

Testing After updating known hosts, seems good. Further tests to before AAAA for normal names. IPv6 at home. Search ipv6.maths.tcd.ie first. All still good, add AAAA for normal names. 11

Connecting at home 6to4 very easy, easy config. www.xxx.yyy.zzz 2002:WWXX:YYZZ:: Eircom, Esat and HEAnet offer relays. Tunnels now available to those with fixed IPv4. 12

Source host on 6to4 Network 6to4 Router 2002:c000:0204:2::2 2002:c000:0204:2::1 192.0.2.4 IPv6 Packet From 2002:c000:0204:2::2 To 2001:db8::1... Destination host 2001:db8::1 13 IPv4 Packet containing IPv6 packet From 192.0.2.4 To 192.88.99.1... IPv4 Internet IPv4 packet 192.88.99.1 Nearest Relay Router Decapsulated IPv6 packet IPv6 Internet

Destination host on 6to4 Network 6to4 Router 2002:c000:0204:2::2 2002:c000:0204:2::1 Original IPv6 192.0.2.4 IPv4 Packet packet Packet encapsulated by relay router From relay router To 192.0.2.4 IPv6 packet... From 2001:db8::1 To 2002:c000:0204:2::2... 2002:c000:0204:2::2 14 IPv4 Internet Advertises route 2002::/16 Nearest Relay Router IPv6 packet IPv6 Internet

Web Server Upgrade to Apache2 s/port 80/Listen 80/ Add IPv6 addrs to.htaccess files. Update log processing scripts. PHP problems? Run as CGI. Linux sendfile & checksum offloading. 15

DNS & Bind 9 (or 8.4) Having AAAA and doing DNS over v6 different. named.conf: + listen-on { any; }; + listen-on-v6 { any; }; query-source address * port 53; + query-source-v6 address * port 53; - acl tcd { 134.226.0.0/16; } + acl tcd { 134.226.0.0/16; 2001:770:10::/48; } zone file: ; Master nameserver for maths.tcd.ie. ns IN A 134.226.81.11 + IN AAAA 2001:770:10:300::86e2:510b Glue in.tcd.ie and.ie zone. Autoconf? 16

Mail IPv6 sendmail, postfix (patch), qmail (patch), exim. We use MMDF challenge by Dave Wilson. Receive mail from network. Look up addresses for MX. Send mail to network. 17

Converting Apps Sockets pretty agnostic: s/af INET/AF INET6/ Need to look up A and AAAA records. New functions getaddrinfo and getnameinfo. struct addrinfo hints, *res, *res0; int s; memset(&hints, 0, sizeof(hints)); hints.ai_family = PF_UNSPEC; hints.ai_socktype = SOCK_STREAM; getaddrinfo("www.kame.net", "http", &hints, &res0); for (res = res0; res; res = res->ai_next) { s = socket(res->ai_family, res->ai_socktype, res->ai_protocol); if (connect(s, res->ai_addr, res->ai_addrlen) < 0) continue; break; } freeaddrinfo(res0); 18

Wait and see HTTP 500/d (max 96K!), SMTP 50/d each way. Use multicast to monitor population. Increasing numbers: OS X, Linux, *BSD. Link moved to native Ethernet. Protocol redundancy during SQLslammer! 19

ISP Backbone ISP Router Department Router ISP IPv6 Router WAN Ethernet Campus Router Campus Backbone 20 ISP Router Department Router ISP IPv6 Router WAN Ethernet Campus Router Campus Backbone

Other services NNTP: innd+patch, Diablo-CVS. FTP: wu-ftpd+patch, tweaks for reverse DNS. ident, lpd, courier-imap. cvsup: netcat fudge. NTP: 4.1.80 problems with fall-back. WiFi: router + switch + APs. Need short lifetimes. 21

Stage 4: Future Working on college host.db, DNS, HTTP. Use FreeBSD/Linux vifs to connect all vlans? Need to IPv6 finger and web proxy. Bad doubleclick! Internal services: NFS, X11, phone, samba, snmp, diskless xterms... 22

Summary 1. link-local setup 2. connectivity, filtering, route advertisment. 3. test DNS, services, real DNS. 23

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback