3. 3
Orange Polska S.A.
IPv6 implementation
in mobile network- stage II
Solution
4. Ipv6 only CLAT+PLAT+DNS
4
Orange Polska S.A.
• One path for IPv4 traffic (always via CLAT)
• ALG’s treated as NAT44
• IPv4 literal & domain use same path
• One path for IPv6 traffic (native IPv6)
• Motivation for native IPv6 content
• Application address family independent
• Applicable for tethering and CPE routers
5. 5
Orange Polska S.A.
IPv6 implementation
in mobile network- stage II
IPv6 architecture
6. 6
Orange Polska S.A.
DNS or DNS64?
DNS64 only for plat-prefix discovery
Can be done by F5 irule or Nominum Vantio
7. 7
Orange Polska S.A.
NAT64 box – feature overview
Feature/bugs Juniper
SRX
Fortinet
FG1500D
A10
AX3200
Linux NAT64
stateless +
NAT44 statefull
Hashing NOK OK OK OK
CLAT-awareness
FTP,
NOK
RTSP*,
ALGs
PPTP*
FTP FTP,RTSP
Selective TCP
MSS override NOK OK OK OK
comments
*) not
tested,
demo only
8. 8
Orange Polska S.A.
NAT64 box – issues
• MTU and fragmentation (28B overhead)
• Hashing algorithm must be based on
IPv6 prefix
• ALGs
9. 9
Orange Polska S.A.
Roaming & IPv6-only
IPv6 or IPv4v6 is not populated in all roaming
partners
– IPv4 PDP guarantee failsafe automatic data roaming
regardless of visitied network
– Some times even PDP IPv4 does not work, but the clue
is more PDP IPv6 contexts in roaming
OPL failsafe mechanism for roaming case
– Mechanism works for Android, WP8.1 GDR1
– Roaming indicator triggers fallback to ipv4 APN
10. 10
Orange Polska S.A.
IPv6 implementation
in mobile network- stage II
Ipv6 transition
11. 11
Orange Polska S.A.
APN IPv6-only
c onfiguration
Name: Orange Internet
MCC/MNC 26003
APN internetipv6
Username/password internet
APN state readonly
APN protocol IPv6
APN Protocol when
IPv4
roaming
APN type default, hipri,
dun, supl
12. 12
Orange Polska S.A.
IPv6 devices
OPL certified IPv6 devices
Android – Sony/Samsung/HTC/LG
WP 8.1 – Nokia /Lumia
13. 13
Orange Polska S.A.
IPv6 devices -requirements
3.1. Dynamic IPv6 Address Allocation + IID randomly generated (privacy address) + UE shall use the
IID given in PDP activation response message to configure its LLA (3GPP TS 23.060)
http://www.3gpp.org/ftp/Specs/archive/23_series/23.060/.
3.2. Customer Side Translator function (CLAT) must be embedded (smartphone/tablet/router) as
part of 464xlat architecture RFC 6877. The CLAT must support ICMP, UDP, TCP, GRE and
fragmented packet. clatd.conf - may be generic where the domain for nat64 prefix discovery
must be “ipv4only.arpa” – static configuration may be request by OPL PM.
https://android.googlesource.com/platform/external/android-clat/
3.3. MTU size & device interfaces - If the network send MTU size in RA message, then device must
set it to the radio interface otherwise set the default value=1500B. The CLAT demon will
calculate MTU size automatically for its interfaces (clat and clat4).
4. IPv6 tethering - the CLAT helps Dual Stack tethering solution both USB/WIFI on the device
(http://tools.ietf.org/html/draft-ietf-v6ops-64share-09, scenario#2) when APN is IPv6-only. The
Global IPv6 and private IPv4 (clat) must be enabled on tethered LAN.
4.1. RA – device sends RA message to tethered host with Ipv6 prefix information. Router lifetime
set=9000 secs. Router sends periodically RA message – max. value 9000 secs.
4.2. DHCPv6 – device server relays PCO Ipv6 DNS'es addresses to tethered hosts.
4.3. DHCPv4 – device server relays private IPv4 address and send DNS IPv4 (CLAT DNS-proxy)
4.4. Tethering & MTU size – device propagates MTU size 1500B to tethered clients interfaces
( Ipv4&Ipv6)
5. IPv6 LTE UE - the device must set EIT bit=1 in “Initial Attach” message
14. 14
Orange Polska S.A.
Download Booster (CLAT+PLAT+DNS)
Device is connected to WiFi & LTE at the same
time (http speed up=LTE+80%WiFi !)
CLAT is always disabled while WiFi connected = platprefix
unknown, no IPv4-IPv6 synthesis= NAT64 unreachable
Proposed solution – add platprefix discovery on
application layer=get the prefix +IPv4-IPv6 synthesis
=NAT64 reachable
Solution works for IPv4 literal/domain names with DNS64
disabled
It solves „IPv4 without DNS” when DNS64 is enabled !
15. 15
Orange Polska S.A.
IPv6 implementation
in mobile network- stage II
IPv6 statistics
16. • OPL PDP IPv6 vs PDP IPv4
16
Orange Polska S.A.
12%
21. 21
Orange Polska S.A.
464XLAT mobile networks
T-MOBILE USA
ORANGE PL
EIRCOM IRLAND
TELENOR NORWAY
EE UK
TELSTRA AUSTRALIA
22. 22
Orange Polska S.A.
IPv6 implementation
in mobile network- stage II
IPv6 research
23. 23
Orange Polska S.A.
DNS new feature
•Limit DNS64 function
dns64 for domain „ipv4only.arpa” only
•Insted of use
iRules or static AAAA record
This helps to deploy DNS for all
subscribers
24. 24
Orange Polska S.A.
PLAT new feature
•operate with CLAT 2.0?
full RFC 6877 and DHCPv6 PD support
source IPv6 address /96 mapped IPv4 addresses
destination IPv6 address /96 mapped IPv4 addresses
Source_IPv6subs_CLAT_PD::194.0.0.4 => 192.0.0.4
Destination_IPv6_PLAT_WKP::8.8.8.8 => 8.8.8.8
CLAT-awareness ALGs more easy
IPv4 traffic are transparent for IPv6
transport
25. 25
Orange Polska S.A.
TAYGA new feature
•Combo NAT box
NAT64 stateless + NAT44 statefull in one box
at least with FTP ALG
process IPv4 pools internally
Possible to implement CLAT 2.0 support
http://www.litech.org/tayga/
26. 26
Orange Polska S.A.
TAYGA new feature ct’d
•Heterogeneous System Architecture (HSA) support
imageine a CPE router with Heterogeneous processor
handling packet at wirespeed with 10GE interfaces
http://www.litech.org/tayga/
http://www.hsafoundation.com/
27. 27
Orange Polska S.A.
IPv6 implementation
in mobile network- stage II
Demo
28. 28
Orange Polska S.A.
IPv6 tethering hotspots
Voyager 1,2,3,4
Pass 12345678
Visit Eric site
http://www.vyncke.org/countv6/stats.php