Contenu connexe Similaire à Ole - Ipv4onlifesupport (20) Ole - Ipv4onlifesupport1. Ole Trøan, cisco Engineering
IP fundamentalist With help from:
2011-11-22 Randy Bush (Dr Vision)
Dan Wing (Mr NAT)
Mark Townsley (Mr Tunnel)
Geoff Huston (Dr Doom)
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 1
2. The “inevitability” of
technological
evolution?
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 2
3. The “inevitability” of
technological
evolution?
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 3
4. © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 4
5. “I’m driving at 100 kph, and I
see a wall 100m ahead of me.
I’m not there yet; I’ll worry
about that tomorrow…”
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 5
6. © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 6
7. © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 7
8. © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 8
9. • Enthusiasts working in corporations, friendly to “new stuff”
• Encouraged by government regulation / procurement
requirements
• Out of fear (let’s be ready if this IPv6 thing happens…)
• New opportunities. If we are early into IPv6 we may have an
advantage.
• Green field. Let’s not bother with legacy stuff in a new network
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 9
10. © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 10
11. © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 11
12. © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 12
13. © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 13
14. © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 14
15. © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 15
16. © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 16
17. © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 17
18. “
SAME
TIME
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 18
19. The challenge often lies in
managing the transition
from one technology to
another
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 19
20. To get from “here” to “there” requires an
excursion through an environment of
The CGNs, CDNs,often lies similar middleware
challenge ALGs and in
„solutions‟ to IPv4 address exhaustion
managing the transition from
one technology to another
IPv6
CGNs
IPv4
ALGs CDNs
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 20
21. But will this be merely a IPv6
temporary phase of
transition?
CGNs
IPv4
ALGs CDNs
Transition requires the network owner to undertake capital
investment in network service infrastructure to support IPv4 address
sharing/rationing.
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 21
22. The challenge often lies in
managing the transition from
one technology to another
IPv6
CGNs
IPv4
ALGs CDNs
The risk in this transition phase is that the Internet
heads off in a completely different direction!
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 22
23. 201x? IPv6
ARIN
LACNIC
AFRINIC
CGNs RIPE NCC
IPv4
ALGs CDNs
APNIC
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 23
24. © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 24
25. © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 25
26. 128 bits
32 bits
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 26
27. © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 27
28. © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 28
29. © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 29
30. Service Continuity
They are NOT
Transitioning to IPv6”
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 30
31. © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 31
32. © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 32
33. “
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 33
34. • IPv6 service (to end users)
6rd, L2TP, (IPv6 in IP, GRE, ISATAP, Teredo, Tunnel brokers)
• IPv4 exhaustion (IP address sharing)
A+P: Mapping of Address and port (Shared IPv4 address over IPv6)
CGN / SD-NAT
DS-lite
• “Interoperate”:
IPv6 to IPv4 connectivity
NAT64, TRT, Application proxies
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 34
35. © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 35
36. Tunnels act like the
layer below that which
they are carrying
Often not perfectly, but
“good enough” for a
specific purpose
IP tunnels act like Data
Link Layers
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 36
37. All problems in
computer science
can be solved by
another level of
indirection…
…except for the
problem of too
many levels of
indirection
- David Wheeler
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 37
39. Private IPv4
IPv6
Private IPv4
IPv6
IPv6 IPv6
IPv4
IPv4
Private IPv4
IPv6
Subscribers Providers Internet
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 39
40. Source: Shin Miyakawa, NTT Communications
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 40
41. Obtain IPv4 Addresses (RIR, address broker)
IPv4
CGN, N
AT44, IPv4 Address Sharing
IPv4 SD-NAT
Address
Run-Out 6rd Dual MAP(
+ Stack 4rd/
CGN Lite dIVI)
IPv6 native 6rd
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 41
42. IPv4
IPv6
NAT64
IPv4-only hosts IPv6-only hosts
• NAT Purpose 2: connect IPv6 to IPv4
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 42
43. • NAT64 is not perfect
• IPv6 and IPv4 are not compatible
Fragmentation (IPv4: network fragments, IPv6: hosts fragment)
minimum MTU (IPv4: 576, IPv6: 1280)
IPv4 options versus IPv6 extensions
• Like NAT44:
NAT64 can also bring Application Layer Gateway (ALG) issues
Complicates troubleshooting and abuse handling
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 43
44. • Traditional Voice has stupid edge devices, phone
instruments, and a very smart expensive core
• The Internet has a smart edge, computers with
operating systems, applications, …, and a simple
stupid core, which just does packet forwarding
• Adding an entirely new Internet service is just a
matter of distributing an application to a few
consenting desktops (until NATs)
• Compare that to adding a service to Voice
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 44
45. © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 45
46. translate tunnel native routing
worst best
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 46
47. IPv4-Only
Network
Dual Stack
NAT Network
IPv4-Only
Network IPv6-Only
PE
PE
NAT CE CE
IPv4-Only Dual-Stack IPv6-Only
Users Users Users
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 47
48. IPv4-Only Dual Stack Dual Stack Dual Stack
Network Network Network Network
Dual Stack
NAT Network 6↔4
I
IPv4-Only IPv6 IPv6
Network Only IPv6-Only
Only
PE
PE
NAT CE CE CE CE
IPv4-Only Dual-Stack Dual-Stack Dual-Stack IPv6-Only
Users Users Users Users Users
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 48
49. • IP address sharing is necessary to keep business running
• Necessary to keep end users happy (long tail IPv4)
• It is never ideal
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 49
51. Prefer Mechanisms Which
are simple, Stateless,
Use IPv6 not IPv4, …
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 51
52. Keep state at the edge not
the core
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 52
53. Use Mechanisms Which
Preserve e2e and the
Other Basic Principles as
Much as Possible
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 53
Notes de l'éditeur 3 people in Google.2 people in Facebook1 person in RedpillLinpro1 person in Altibox There is no short term economic incentive. What lengths will the network owner then go to to protect the value of this additional investment by locking itself into this “transitional” service model for an extended/indefinite period? Adaptation FunctionPseudowire Which is the solution to all problems in computer science, except those brought on by the indirection <Insert LISP or MPLS use-case list here> NAT at the CPE, at the Provider or at both.Who gets the public IPv4 address?