IPv6 at NPO Bart Roos Marco Wessel NPO Intro NPO: Dutch Public - - PowerPoint PPT Presentation

ipv6 at npo
SMART_READER_LITE
LIVE PREVIEW

IPv6 at NPO Bart Roos Marco Wessel NPO Intro NPO: Dutch Public - - PowerPoint PPT Presentation

Jan 12, 2023 169 likes •434 views

IPv6 at NPO Bart Roos Marco Wessel NPO Intro NPO: Dutch Public Broadcasting NPO ICT: ISP for broadcasters Large network, providing a.o.: uitzendinggemist.nl omroep.nl live-streams of events etc. Intro IPv4 In

slide-1
SLIDE 1

IPv6 at NPO

Bart Roos Marco Wessel

slide-2
SLIDE 2

NPO Intro

  • NPO: Dutch Public Broadcasting
  • NPO ICT: ISP for broadcasters
  • Large network, providing a.o.:
  • uitzendinggemist.nl
  • omroep.nl
  • live-streams of events
  • etc.
slide-3
SLIDE 3

Intro

  • IPv4
  • In use since 1983
  • 32-bit address space
  • IPv6
  • Designed in early 1990s
  • 128-bit address space
  • Individually assigned: more than we could ever

use, given only the one planet we’re on.

slide-4
SLIDE 4

Address Space

  • 128-bits is staggeringly vast.
  • Divided into two parts: Network vs. Host,

both 64 bits.

  • Allows host to generate globally

reachable address given only the network prefix

  • DHCP no longer needed in its current

form

slide-5
SLIDE 5

IPv4 Address Space

slide-6
SLIDE 6

IPv6 Address Space

(Grossly understated)

slide-7
SLIDE 7

Practically Speaking...

  • The end of Network Address Translation
  • Some built-in obscurity
  • More efficient
  • Fixed-length header
  • no checksum
  • Improved multicast
  • IPSec support required
slide-8
SLIDE 8

Advantages for NPO

  • Allows UDP use for streaming
  • Less traffic, less processing
  • Video streams don’t care about a lost

packet or two

  • In theory, IPSec might be useful with DRM
slide-9
SLIDE 9

Implementing IPv6

  • First: IPv6 address space
  • Second: IPv6 in the Network
  • Third: IPv6 services
  • Later: IPv6 office
slide-10
SLIDE 10

IPv6 address space

  • Request space from LIR (SURF, KPN, ...)
  • Provider dependent addresses
  • Become LIR, request space from RIPE
  • Provider independent addresses
  • Allows sub-allocating to end-sites
slide-11
SLIDE 11

IPv6 address space

  • RIPE requirements for requesting as LIR:
  • Old: must have plan for 200 allocations

within two years

  • NPO not likely to satisfy
  • New: must have plan for an allocation

within two years

  • Easy!
slide-12
SLIDE 12

Subnetting

  • As a RIPE LIR, you will be allocated a /32.
  • 65536 /48s to assign to end-sites
  • One /48 allows 65536 /64 subnets for

hosts

  • End-site:
  • NPO, NOS, VPRO, BNN, etc.
slide-13
SLIDE 13

External Connectivity

  • The IPv6 world uses BGP, just like IPv4
  • Mostly the same, except:
  • IPv6 BGP routing protocols must send two

next-hop addresses:

  • Global (2000::/3)
  • Link-local (fe80::/64 for ICMPv6 redirects)
slide-14
SLIDE 14

External Connectivity

  • Where to go?
  • Internet Exchanges have IPv6 in

production (AMS-IX, NL-IX, etc.)

  • As do some (not all) large transit

networks (Level3, Global Crossing, etc.)

  • And most (all?) NRENs (SURFnet,

Belnet, etc.)

slide-15
SLIDE 15

Possible Caveats

  • IPv6 does away with ARP
  • Instead: ND (neighbour detection)
  • Uses Multicast rather than broadcasts
  • Problem exists with some IGMP-snooping

switches

  • Symptom: MAC-addresses aren’t learned
  • Only solution: disable IGMP snooping
slide-16
SLIDE 16

Clustered IPv6 Services

  • Transitioning to IPv6, three possibilities:
  • Single-stack cluster, separate single-stack

IPv6 node(s)

  • Dual-stack cluster, single-stack nodes
  • Dual-stack cluster, dual-stack nodes
slide-17
SLIDE 17

Load Balancer (Single Stack IPv4) Server IPv4 Server IPv4

Server IPv6

Single Stack Nodes

  • IPv6 testing environment
  • No chance of disruption
  • Good initial configuration
slide-18
SLIDE 18

Load Balancer (Dual Stack) Server IPv4 Server IPv4 Server IPv6

  • Still mostly separate, so should not cause

interference

  • Intermediate configuration
  • But: different configurations on servers

Single Stack Nodes

slide-19
SLIDE 19

Load Balancer (Dual Stack) Server IPv4 Server IPv4 Server IPv4 IPv6 IPv6 IPv6

  • Production configuration, after testing
  • All servers created equal

Dual Stack Nodes

slide-20
SLIDE 20

Load balancing

  • NPO uses Linux IP Virtual Server
  • Problem: does not support IPv6 (yet).
  • Use something else, or
  • Financially support IPv6 for IPVS

development

  • Is that really a problem?
  • Not much traffic yet, so load balancing

initially not required

slide-21
SLIDE 21

Services

  • Name servers
  • BIND, PowerDNS: good support
  • Web servers
  • Apache, Lighttpd: likewise
  • IIS: Not so much.
slide-22
SLIDE 22

Streaming services

  • Windows Media Services
  • Full support for IPv6 since version 9
  • Darwin Streaming Server
  • Does not support IPv6 yet (old patch

available)

  • Shoutcast
  • Also does not support IPv6
  • Can be replaced by Icecast, which does.
slide-23
SLIDE 23

Office network

  • Some support needed to offer services
  • Testing, development
  • Requires some more research
  • Auto configuration (DHCPv6?)
  • Host and software support
  • Firewalls
slide-24
SLIDE 24

Wrap-up

  • Implementing IPv6 is very possible
  • Several challenges do exist
  • Worthwhile for NPO?
  • Most users currently are nerds, but
  • More and more routers now support

automatic 6-to-4 tunneling (2002::/16)

  • Make it worthwhile for clients
  • Provide incentive to switch
slide-25
SLIDE 25

Thanks

slide-26
SLIDE 26

Questions?