SlideShare une entreprise Scribd logo

Building an IPv6 Test Lab by Ron Broersma at gogoNET LIVE! 3 IPv6 Conference

gogo6
gogo6

gogo6 IPv6 Video Series. Event, presentation and speaker details below: EVENT gogoNET LIVE! 3: Enterprise wide Migration. http://gogonetlive.com November 12 – 14, 2012 at San Jose State University, California Agenda: http://gogonetlive.com/4105/gogonetlive3-agenda.asp PRESENTATION Building an IPv6 Test Lab Presentation video: http://www.gogo6.com/video/building-an-ipv6-test-lab-by-ron-broersma-at-gogonet-live-3-ipv6 Interview video: http://www.gogo6.com/video/interview-with-ron-broersma-at-gogonet-live-3-ipv6-conference SPEAKER Ron Broersma - Network Security Manager, SPAWAR Bio/Profile: http://www.gogo6.com/profile/RonBroersma MORE Learn more about IPv6 on the gogoNET social network http://www.gogo6.com Get free IPv6 connectivity with Freenet6 http://www.gogo6.com/Freenet6 Subscribe to the gogo6 IPv6 Channel on YouTube http://www.youtube.com/subscription_center?add_user=gogo6videos Follow gogo6 on Twitter http://twitter.com/gogo6inc Like gogo6 on Facebook http://www.facebook.com/pages/IPv6-products-community-and-services-gogo6/161626696777

Technologie
1  sur  20
Télécharger pour lire hors ligne
IPv6 Testbeds Testing IPv6-only configurations gogoNET LIVE! 3 13 Nov, 2012 San Jose, CA Ron Broersma DREN Chief Engineer SPAWAR Network Security Manager Federal IPv6 Task Force ron@spawar.navy.mil
Purpose of a Testbed •  Test new products and capabilities without breaking your production network •  To test how well equipment supports IPv6 •  To serve as a learning environment •  Experiment with various configurations 13-Nov-2012 2
Are IPv6 testbeds still a necessity? •  Rarely –  IPv6 on mainstream switches, routers, and operating systems works well, and won’t break your production network. –  Implementing IPv6 on production networks can be done incrementally, in ways that will not impact operations. •  But testbeds are needed where you know things might break –  IPv6-only environments 13-Nov-2012 3
Easy Testbeds •  “Learning” testbed – Your Home Network –  IPv6 capable home router plus HE tunnel. –  take the HE IPv6 certification. •  Parallel infrastructure –  e.g. IPv6 firewall next to production firewall •  “Test” subnet on production network –  on a separate VLAN –  or over wireless on separate SSID •  Existing isolated network •  Tools: dumb hub, wireshark, RFCs, IPvFoo, IPvFox, Little Snitch, etc. 13-Nov-2012 4
Some IPv6-only Experiments •  IPv6-only Management LAN •  Client environments –  pure IPv6-only –  IPv6-only + NAT64/DNS64 •  IPv6-only Server farm 13-Nov-2012 5
IPv6-Only Management LAN
Management LAN •  Can you do all your network management using IPv6? •  Can you turn off IPv4 on your management LAN? •  How well do various products operate in this environment? 13-Nov-2012 7
Findings •  Very few products can be fully managed using IPv6 •  You won’t learn what’s missing or broken unless you try it in production –  remove the training wheels, and live on it •  Bugs take 6 to 12 months to get fixed •  Feature requests take 18 to 48 months to get fixed •  You can’t turn off IPv4 completely (yet) –  always some devices with no IPv6 •  T-1 and DSL bridges, microwave radios, old dialup and VPN servers, ATM switches, cameras, etc. 13-Nov-2012 8
Management over IPv6 in some products Previously (June ‘2011): SSH DNS Syslog SNMP NTP RADIUS Unified MIB Flow export TFTP CDP HTTPS RFC4293 FTP LLDP Cisco Brocade Juniper Now: SSH DNS Syslog SNMP NTP RADIUS Unified MIB Flow TFTP CDP IPv6 No v4 HTTPS RFC4293 export FTP LLDP MTU Cisco3 6 Brocade1 9 Juniper 5 ALU 4 A10 8 7 1.  Can’t reboot using SNMP over IPv6 2.  . 3.  15.2(2)TR 4.  10.0R6 (Nov 2012) 5.  12.3R1 Nov 2012 (beta in August) 6.  ASR1K:3.7S (July 2012) 7.  3.0 release, 2012Q4 13-Nov-2012 8.  No plans 9 9.  fix planned for Apr 2013
Example of an IPv6-only bug (recently fixed) •  when disabling IPv4 on Brocade FESX switches, they start responding to all ip- subnet-broadcasts, and start ARPing (from 0.0.0.0), and other strange behaviors. •  Example: echo request to x.x.x.255/24: 13-Nov-2012 10
IPv6-only client networks
IPv6-only client network •  My test environment: –  enterprise sub-network with ONLY IPv6 turned on (no IPv4 configuration or routing) •  “A” bit enabled (SLAAC) •  “M” and “O” enabled (for DHCPv6) –  delivered over wireless on SSID “IPv6 Only”, and on separate wired VLAN. –  DHCPv6 service –  Many operating systems connected, to see how they behave •  Windows, MacOSX, Linux (multiple distributions), FreeBSD •  iPhone, iPad, Android •  Anything without a dhcpv6-client won’t get DNS addresses –  Windows XP, MacOSX before Lion, Android 13-Nov-2012 12
IPv6-only •  Observation (MacOSX Lion): –  You can browse OK with Safari, but Chrome and Firefox hang when trying to browse to IPv6-only web sites •  happy-eyeballs not working –  tcpdump shows it ARPing for Internet addresses –  … because there is a default-route-to-interface installed in the routing table –  … because it assigns IPv4 link-local (RFC 3927) and implements “ARP for everything” (paragraph 2.6.2) –  … so it “thinks” it has full IPv4-internet reachability (unlike IPv6 behavior) •  Most other OS’s exhibit similar behavior •  Work-arounds? 13-Nov-2012 13
IPv6-only + NAT64/DNS64 •  Add NAT64/DNS64 to previous experiment –  maps entire IPv4 Internet into 64:ff9b::/96 –  DNS64 server maps the addresses on the fly –  NAT64 provides stateful v6/v4 translation •  Yes, NAT is evil, but here the breakage is local to your NAT64 domain. –  may be a viable means to reduce OP-EX of dual-stack 13-Nov-2012 14
IPv6-only + NAT64/DNS64 13-Nov-2012 15
IPv6-only + NAT64/DNS64 •  Most things actually work pretty well •  Things that don’t work –  sites with broken IPv6 (won’t fall back to IPv4) •  e.g. www.ntia.doc.gov –  web sites and apps with embedded IPv4 literals –  skype, games, P2P, some IM •  Read RFC 6586 for detailed experiences •  Watch the IETF “Sunset4” working group –  http://tools.ietf.org/wg/sunset4/ 13-Nov-2012 16
IPv6-only servers
IPv6-only servers •  Scenario #1 – weaning –  run server as dual-stack –  when client base is (mostly) IPv6-enabled, remove the “A” record from DNS –  works well for corporate Intra-nets that are largely dual-stack –  great incentive for stragglers to IPv6-enable their clients –  helps network administrators find the stragglers and special cases, without totally breaking things. –  IPv4 is still there as a fall-back for special cases, using explicit IPv4 address. •  Intranet users coming in over IPv4-only VPNs. 13-Nov-2012 18
IPv6-only servers •  Scenario #2 – remove training wheels –  run server as IPv6-only (IPv4 disabled) –  do this when all issues in Scenario #1 are resolved. –  works in Intranet environment, not when Internet access is required. •  see next scenario •  Scenario #3 – legacy IPv4 reachability –  use a dual-stack reverse proxy or LB –  use SIIT (RFC 6145) •  read draft-anderson-siit-dc-00 13-Nov-2012 19
END Contact me: ron@spawar.navy.mil

Recommandé

Building an IPv6 Test Lab
Building an IPv6 Test LabBuilding an IPv6 Test Lab
Building an IPv6 Test LabDavid Strom
 
IPv6 Troubleshooting for Helpdesks
IPv6 Troubleshooting for HelpdesksIPv6 Troubleshooting for Helpdesks
IPv6 Troubleshooting for HelpdesksDeploy360 Programme (Internet Society)
 
IPv6 Test Methodology
IPv6 Test MethodologyIPv6 Test Methodology
IPv6 Test MethodologyIxia
 
Scaling the Web to Billions of Nodes: Towards the IPv6 “Internet of Things” b...
Scaling the Web to Billions of Nodes: Towards the IPv6 “Internet of Things” b...Scaling the Web to Billions of Nodes: Towards the IPv6 “Internet of Things” b...
Scaling the Web to Billions of Nodes: Towards the IPv6 “Internet of Things” b...gogo6
 
IoT Field Area Network Solutions & Integration of IPv6 Standards by Patrick G...
IoT Field Area Network Solutions & Integration of IPv6 Standards by Patrick G...IoT Field Area Network Solutions & Integration of IPv6 Standards by Patrick G...
IoT Field Area Network Solutions & Integration of IPv6 Standards by Patrick G...gogo6
 
Panel Discussion: Small Steps for USGv6 a giant leap for Internet-kind? with ...
Panel Discussion: Small Steps for USGv6 a giant leap for Internet-kind? with ...Panel Discussion: Small Steps for USGv6 a giant leap for Internet-kind? with ...
Panel Discussion: Small Steps for USGv6 a giant leap for Internet-kind? with ...gogo6
 
Panel Discussion: Small Steps for USGv6 a giant leap for Internet-kind? with ...
Panel Discussion: Small Steps for USGv6 a giant leap for Internet-kind? with ...Panel Discussion: Small Steps for USGv6 a giant leap for Internet-kind? with ...
Panel Discussion: Small Steps for USGv6 a giant leap for Internet-kind? with ...gogo6
 
Welcome to gogoNET LIVE! 3 - Updates on the CAv6TF and NAv6TF by George Usi a...
Welcome to gogoNET LIVE! 3 - Updates on the CAv6TF and NAv6TF by George Usi a...Welcome to gogoNET LIVE! 3 - Updates on the CAv6TF and NAv6TF by George Usi a...
Welcome to gogoNET LIVE! 3 - Updates on the CAv6TF and NAv6TF by George Usi a...gogo6
 

Recommandé

Building an IPv6 Test Lab
Building an IPv6 Test LabBuilding an IPv6 Test Lab
Building an IPv6 Test LabDavid Strom
 
IPv6 Troubleshooting for Helpdesks
IPv6 Troubleshooting for HelpdesksIPv6 Troubleshooting for Helpdesks
IPv6 Troubleshooting for HelpdesksDeploy360 Programme (Internet Society)
 
IPv6 Test Methodology
IPv6 Test MethodologyIPv6 Test Methodology
IPv6 Test MethodologyIxia
 
Scaling the Web to Billions of Nodes: Towards the IPv6 “Internet of Things” b...
Scaling the Web to Billions of Nodes: Towards the IPv6 “Internet of Things” b...Scaling the Web to Billions of Nodes: Towards the IPv6 “Internet of Things” b...
Scaling the Web to Billions of Nodes: Towards the IPv6 “Internet of Things” b...gogo6
 
IoT Field Area Network Solutions & Integration of IPv6 Standards by Patrick G...
IoT Field Area Network Solutions & Integration of IPv6 Standards by Patrick G...IoT Field Area Network Solutions & Integration of IPv6 Standards by Patrick G...
IoT Field Area Network Solutions & Integration of IPv6 Standards by Patrick G...gogo6
 
Panel Discussion: Small Steps for USGv6 a giant leap for Internet-kind? with ...
Panel Discussion: Small Steps for USGv6 a giant leap for Internet-kind? with ...Panel Discussion: Small Steps for USGv6 a giant leap for Internet-kind? with ...
Panel Discussion: Small Steps for USGv6 a giant leap for Internet-kind? with ...gogo6
 
Panel Discussion: Small Steps for USGv6 a giant leap for Internet-kind? with ...
Panel Discussion: Small Steps for USGv6 a giant leap for Internet-kind? with ...Panel Discussion: Small Steps for USGv6 a giant leap for Internet-kind? with ...
Panel Discussion: Small Steps for USGv6 a giant leap for Internet-kind? with ...gogo6
 
Welcome to gogoNET LIVE! 3 - Updates on the CAv6TF and NAv6TF by George Usi a...
Welcome to gogoNET LIVE! 3 - Updates on the CAv6TF and NAv6TF by George Usi a...Welcome to gogoNET LIVE! 3 - Updates on the CAv6TF and NAv6TF by George Usi a...
Welcome to gogoNET LIVE! 3 - Updates on the CAv6TF and NAv6TF by George Usi a...gogo6
 
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...apidays
 
FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024The Digital Insurer
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDropbox
 
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...Zilliz
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...apidays
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingEdi Saputra
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Victor Rentea
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businesspanagenda
 
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...apidays
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoffsammart93
 
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot ModelMcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot ModelDeepika Singh
 
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWEREMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWERMadyBayot
 
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Orbitshub
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobeapidays
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Jeffrey Haguewood
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMESafe Software
 
[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdfSandro Moreira
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MIND CTI
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...Zilliz
 
Elevate Developer Efficiency & build GenAI Application with Amazon Q​
Elevate Developer Efficiency & build GenAI Application with Amazon Q​Elevate Developer Efficiency & build GenAI Application with Amazon Q​
Elevate Developer Efficiency & build GenAI Application with Amazon Q​Bhuvaneswari Subramani
 
2024 State of Marketing Report – by Hubspot
2024 State of Marketing Report – by Hubspot2024 State of Marketing Report – by Hubspot
2024 State of Marketing Report – by HubspotMarius Sescu
 
Everything You Need To Know About ChatGPT
Everything You Need To Know About ChatGPTEverything You Need To Know About ChatGPT
Everything You Need To Know About ChatGPTExpeed Software
 

Contenu connexe

Dernier

Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...apidays
 
FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024The Digital Insurer
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDropbox
 
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...Zilliz
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...apidays
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingEdi Saputra
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Victor Rentea
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businesspanagenda
 
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...apidays
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoffsammart93
 
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot ModelMcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot ModelDeepika Singh
 
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWEREMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWERMadyBayot
 
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Orbitshub
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobeapidays
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Jeffrey Haguewood
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMESafe Software
 
[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdfSandro Moreira
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MIND CTI
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...Zilliz
 
Elevate Developer Efficiency & build GenAI Application with Amazon Q​
Elevate Developer Efficiency & build GenAI Application with Amazon Q​Elevate Developer Efficiency & build GenAI Application with Amazon Q​
Elevate Developer Efficiency & build GenAI Application with Amazon Q​Bhuvaneswari Subramani
 

Dernier (20)

Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
 
FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor Presentation
 
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
 
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot ModelMcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
 
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWEREMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
 
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
 
Elevate Developer Efficiency & build GenAI Application with Amazon Q​
Elevate Developer Efficiency & build GenAI Application with Amazon Q​Elevate Developer Efficiency & build GenAI Application with Amazon Q​
Elevate Developer Efficiency & build GenAI Application with Amazon Q​
 

En vedette

2024 State of Marketing Report – by Hubspot
2024 State of Marketing Report – by Hubspot2024 State of Marketing Report – by Hubspot
2024 State of Marketing Report – by HubspotMarius Sescu
 
Everything You Need To Know About ChatGPT
Everything You Need To Know About ChatGPTEverything You Need To Know About ChatGPT
Everything You Need To Know About ChatGPTExpeed Software
 
Product Design Trends in 2024 | Teenage Engineerings
Product Design Trends in 2024 | Teenage EngineeringsProduct Design Trends in 2024 | Teenage Engineerings
Product Design Trends in 2024 | Teenage EngineeringsPixeldarts
 
How Race, Age and Gender Shape Attitudes Towards Mental Health
How Race, Age and Gender Shape Attitudes Towards Mental HealthHow Race, Age and Gender Shape Attitudes Towards Mental Health
How Race, Age and Gender Shape Attitudes Towards Mental HealthThinkNow
 
AI Trends in Creative Operations 2024 by Artwork Flow.pdf
AI Trends in Creative Operations 2024 by Artwork Flow.pdfAI Trends in Creative Operations 2024 by Artwork Flow.pdf
AI Trends in Creative Operations 2024 by Artwork Flow.pdfmarketingartwork
 
PEPSICO Presentation to CAGNY Conference Feb 2024
PEPSICO Presentation to CAGNY Conference Feb 2024PEPSICO Presentation to CAGNY Conference Feb 2024
PEPSICO Presentation to CAGNY Conference Feb 2024Neil Kimberley
 
Content Methodology: A Best Practices Report (Webinar)
Content Methodology: A Best Practices Report (Webinar)Content Methodology: A Best Practices Report (Webinar)
Content Methodology: A Best Practices Report (Webinar)contently
 
How to Prepare For a Successful Job Search for 2024
How to Prepare For a Successful Job Search for 2024How to Prepare For a Successful Job Search for 2024
How to Prepare For a Successful Job Search for 2024Albert Qian
 
Social Media Marketing Trends 2024 // The Global Indie Insights
Social Media Marketing Trends 2024 // The Global Indie InsightsSocial Media Marketing Trends 2024 // The Global Indie Insights
Social Media Marketing Trends 2024 // The Global Indie InsightsKurio // The Social Media Age(ncy)
 
Trends In Paid Search: Navigating The Digital Landscape In 2024
Trends In Paid Search: Navigating The Digital Landscape In 2024Trends In Paid Search: Navigating The Digital Landscape In 2024
Trends In Paid Search: Navigating The Digital Landscape In 2024Search Engine Journal
 
5 Public speaking tips from TED - Visualized summary
5 Public speaking tips from TED - Visualized summary5 Public speaking tips from TED - Visualized summary
5 Public speaking tips from TED - Visualized summarySpeakerHub
 
ChatGPT and the Future of Work - Clark Boyd
ChatGPT and the Future of Work - Clark Boyd ChatGPT and the Future of Work - Clark Boyd
ChatGPT and the Future of Work - Clark Boyd Clark Boyd
 
Getting into the tech field. what next
Getting into the tech field. what next Getting into the tech field. what next
Getting into the tech field. what next Tessa Mero
 
Google's Just Not That Into You: Understanding Core Updates & Search Intent
Google's Just Not That Into You: Understanding Core Updates & Search IntentGoogle's Just Not That Into You: Understanding Core Updates & Search Intent
Google's Just Not That Into You: Understanding Core Updates & Search IntentLily Ray
 
Time Management & Productivity - Best Practices
Time Management & Productivity - Best PracticesTime Management & Productivity - Best Practices
Time Management & Productivity - Best PracticesVit Horky
 
The six step guide to practical project management
The six step guide to practical project managementThe six step guide to practical project management
The six step guide to practical project managementMindGenius
 
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...RachelPearson36
 

En vedette (20)

2024 State of Marketing Report – by Hubspot
2024 State of Marketing Report – by Hubspot2024 State of Marketing Report – by Hubspot
2024 State of Marketing Report – by Hubspot
 
Everything You Need To Know About ChatGPT
Everything You Need To Know About ChatGPTEverything You Need To Know About ChatGPT
Everything You Need To Know About ChatGPT
 
Product Design Trends in 2024 | Teenage Engineerings
Product Design Trends in 2024 | Teenage EngineeringsProduct Design Trends in 2024 | Teenage Engineerings
Product Design Trends in 2024 | Teenage Engineerings
 
How Race, Age and Gender Shape Attitudes Towards Mental Health
How Race, Age and Gender Shape Attitudes Towards Mental HealthHow Race, Age and Gender Shape Attitudes Towards Mental Health
How Race, Age and Gender Shape Attitudes Towards Mental Health
 
AI Trends in Creative Operations 2024 by Artwork Flow.pdf
AI Trends in Creative Operations 2024 by Artwork Flow.pdfAI Trends in Creative Operations 2024 by Artwork Flow.pdf
AI Trends in Creative Operations 2024 by Artwork Flow.pdf
 
Skeleton Culture Code
Skeleton Culture CodeSkeleton Culture Code
Skeleton Culture Code
 
PEPSICO Presentation to CAGNY Conference Feb 2024
PEPSICO Presentation to CAGNY Conference Feb 2024PEPSICO Presentation to CAGNY Conference Feb 2024
PEPSICO Presentation to CAGNY Conference Feb 2024
 
Content Methodology: A Best Practices Report (Webinar)
Content Methodology: A Best Practices Report (Webinar)Content Methodology: A Best Practices Report (Webinar)
Content Methodology: A Best Practices Report (Webinar)
 
How to Prepare For a Successful Job Search for 2024
How to Prepare For a Successful Job Search for 2024How to Prepare For a Successful Job Search for 2024
How to Prepare For a Successful Job Search for 2024
 
Social Media Marketing Trends 2024 // The Global Indie Insights
Social Media Marketing Trends 2024 // The Global Indie InsightsSocial Media Marketing Trends 2024 // The Global Indie Insights
Social Media Marketing Trends 2024 // The Global Indie Insights
 
Trends In Paid Search: Navigating The Digital Landscape In 2024
Trends In Paid Search: Navigating The Digital Landscape In 2024Trends In Paid Search: Navigating The Digital Landscape In 2024
Trends In Paid Search: Navigating The Digital Landscape In 2024
 
5 Public speaking tips from TED - Visualized summary
5 Public speaking tips from TED - Visualized summary5 Public speaking tips from TED - Visualized summary
5 Public speaking tips from TED - Visualized summary
 
ChatGPT and the Future of Work - Clark Boyd
ChatGPT and the Future of Work - Clark Boyd ChatGPT and the Future of Work - Clark Boyd
ChatGPT and the Future of Work - Clark Boyd
 
Getting into the tech field. what next
Getting into the tech field. what next Getting into the tech field. what next
Getting into the tech field. what next
 
Google's Just Not That Into You: Understanding Core Updates & Search Intent
Google's Just Not That Into You: Understanding Core Updates & Search IntentGoogle's Just Not That Into You: Understanding Core Updates & Search Intent
Google's Just Not That Into You: Understanding Core Updates & Search Intent
 
How to have difficult conversations
How to have difficult conversations How to have difficult conversations
How to have difficult conversations
 
Introduction to Data Science
Introduction to Data ScienceIntroduction to Data Science
Introduction to Data Science
 
Time Management & Productivity - Best Practices
Time Management & Productivity - Best PracticesTime Management & Productivity - Best Practices
Time Management & Productivity - Best Practices
 
The six step guide to practical project management
The six step guide to practical project managementThe six step guide to practical project management
The six step guide to practical project management
 
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
 

Building an IPv6 Test Lab by Ron Broersma at gogoNET LIVE! 3 IPv6 Conference

  • 1. IPv6 Testbeds Testing IPv6-only configurations gogoNET LIVE! 3 13 Nov, 2012 San Jose, CA Ron Broersma DREN Chief Engineer SPAWAR Network Security Manager Federal IPv6 Task Force ron@spawar.navy.mil
  • 2. Purpose of a Testbed •  Test new products and capabilities without breaking your production network •  To test how well equipment supports IPv6 •  To serve as a learning environment •  Experiment with various configurations 13-Nov-2012 2
  • 3. Are IPv6 testbeds still a necessity? •  Rarely –  IPv6 on mainstream switches, routers, and operating systems works well, and won’t break your production network. –  Implementing IPv6 on production networks can be done incrementally, in ways that will not impact operations. •  But testbeds are needed where you know things might break –  IPv6-only environments 13-Nov-2012 3
  • 4. Easy Testbeds •  “Learning” testbed – Your Home Network –  IPv6 capable home router plus HE tunnel. –  take the HE IPv6 certification. •  Parallel infrastructure –  e.g. IPv6 firewall next to production firewall •  “Test” subnet on production network –  on a separate VLAN –  or over wireless on separate SSID •  Existing isolated network •  Tools: dumb hub, wireshark, RFCs, IPvFoo, IPvFox, Little Snitch, etc. 13-Nov-2012 4
  • 5. Some IPv6-only Experiments •  IPv6-only Management LAN •  Client environments –  pure IPv6-only –  IPv6-only + NAT64/DNS64 •  IPv6-only Server farm 13-Nov-2012 5
  • 7. Management LAN •  Can you do all your network management using IPv6? •  Can you turn off IPv4 on your management LAN? •  How well do various products operate in this environment? 13-Nov-2012 7
  • 8. Findings •  Very few products can be fully managed using IPv6 •  You won’t learn what’s missing or broken unless you try it in production –  remove the training wheels, and live on it •  Bugs take 6 to 12 months to get fixed •  Feature requests take 18 to 48 months to get fixed •  You can’t turn off IPv4 completely (yet) –  always some devices with no IPv6 •  T-1 and DSL bridges, microwave radios, old dialup and VPN servers, ATM switches, cameras, etc. 13-Nov-2012 8
  • 9. Management over IPv6 in some products Previously (June ‘2011): SSH DNS Syslog SNMP NTP RADIUS Unified MIB Flow export TFTP CDP HTTPS RFC4293 FTP LLDP Cisco Brocade Juniper Now: SSH DNS Syslog SNMP NTP RADIUS Unified MIB Flow TFTP CDP IPv6 No v4 HTTPS RFC4293 export FTP LLDP MTU Cisco3 6 Brocade1 9 Juniper 5 ALU 4 A10 8 7 1.  Can’t reboot using SNMP over IPv6 2.  . 3.  15.2(2)TR 4.  10.0R6 (Nov 2012) 5.  12.3R1 Nov 2012 (beta in August) 6.  ASR1K:3.7S (July 2012) 7.  3.0 release, 2012Q4 13-Nov-2012 8.  No plans 9 9.  fix planned for Apr 2013
  • 10. Example of an IPv6-only bug (recently fixed) •  when disabling IPv4 on Brocade FESX switches, they start responding to all ip- subnet-broadcasts, and start ARPing (from 0.0.0.0), and other strange behaviors. •  Example: echo request to x.x.x.255/24: 13-Nov-2012 10
  • 12. IPv6-only client network •  My test environment: –  enterprise sub-network with ONLY IPv6 turned on (no IPv4 configuration or routing) •  “A” bit enabled (SLAAC) •  “M” and “O” enabled (for DHCPv6) –  delivered over wireless on SSID “IPv6 Only”, and on separate wired VLAN. –  DHCPv6 service –  Many operating systems connected, to see how they behave •  Windows, MacOSX, Linux (multiple distributions), FreeBSD •  iPhone, iPad, Android •  Anything without a dhcpv6-client won’t get DNS addresses –  Windows XP, MacOSX before Lion, Android 13-Nov-2012 12
  • 13. IPv6-only •  Observation (MacOSX Lion): –  You can browse OK with Safari, but Chrome and Firefox hang when trying to browse to IPv6-only web sites •  happy-eyeballs not working –  tcpdump shows it ARPing for Internet addresses –  … because there is a default-route-to-interface installed in the routing table –  … because it assigns IPv4 link-local (RFC 3927) and implements “ARP for everything” (paragraph 2.6.2) –  … so it “thinks” it has full IPv4-internet reachability (unlike IPv6 behavior) •  Most other OS’s exhibit similar behavior •  Work-arounds? 13-Nov-2012 13
  • 14. IPv6-only + NAT64/DNS64 •  Add NAT64/DNS64 to previous experiment –  maps entire IPv4 Internet into 64:ff9b::/96 –  DNS64 server maps the addresses on the fly –  NAT64 provides stateful v6/v4 translation •  Yes, NAT is evil, but here the breakage is local to your NAT64 domain. –  may be a viable means to reduce OP-EX of dual-stack 13-Nov-2012 14
  • 16. IPv6-only + NAT64/DNS64 •  Most things actually work pretty well •  Things that don’t work –  sites with broken IPv6 (won’t fall back to IPv4) •  e.g. www.ntia.doc.gov –  web sites and apps with embedded IPv4 literals –  skype, games, P2P, some IM •  Read RFC 6586 for detailed experiences •  Watch the IETF “Sunset4” working group –  http://tools.ietf.org/wg/sunset4/ 13-Nov-2012 16
  • 18. IPv6-only servers •  Scenario #1 – weaning –  run server as dual-stack –  when client base is (mostly) IPv6-enabled, remove the “A” record from DNS –  works well for corporate Intra-nets that are largely dual-stack –  great incentive for stragglers to IPv6-enable their clients –  helps network administrators find the stragglers and special cases, without totally breaking things. –  IPv4 is still there as a fall-back for special cases, using explicit IPv4 address. •  Intranet users coming in over IPv4-only VPNs. 13-Nov-2012 18
  • 19. IPv6-only servers •  Scenario #2 – remove training wheels –  run server as IPv6-only (IPv4 disabled) –  do this when all issues in Scenario #1 are resolved. –  works in Intranet environment, not when Internet access is required. •  see next scenario •  Scenario #3 – legacy IPv4 reachability –  use a dual-stack reverse proxy or LB –  use SIIT (RFC 6145) •  read draft-anderson-siit-dc-00 13-Nov-2012 19
  • 20. END Contact me: ron@spawar.navy.mil