“From IPv4 to eternity” - the High Energy Physics transition to IPv6 David Kelsey TNC2012, Reykjavik 23 May 2012.

Slides:



Advertisements
Similar presentations
The HEPiX IPv6 Working Group David Kelsey GridPP29, Oxford 27 Sep 2012.
Advertisements

IPv6 at CERN Update on Network status David Gutiérrez Co-autor: Edoardo MartelliEdoardo Martelli Communication Services / Engineering
MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration Chapter 4 Installing and Configuring the Dynamic Host Configuration Protocol.
IPv6 testing plans 25 Jan Short term – next 6 weeks Add sites to testbed – Glasgow (DPM storage end point) – Fix DESY – Others? Is GridFTP mesh.
News from the HEPiX IPv6 Working Group David Kelsey (STFC-RAL) HEPiX, Oxford 24 Mar 2015.
Agenda Network Infrastructures LCG Architecture Management
HEPiX IPv6 Working Group David Kelsey (STFC-RAL, UK) 4 May 2011 HEPiX, GSI, Darmstadt david.kelsey at stfc.ac.uk.
HEPiX Catania 19 th April 2002 Alan Silverman HEPiX Large Cluster SIG Report Alan Silverman 19 th April 2002 HEPiX 2002, Catania.
Status of WLCG Tier-0 Maite Barroso, CERN-IT With input from T0 service managers Grid Deployment Board 9 April Apr-2014 Maite Barroso Lopez (at)
HEPiX IPv6 Working Group David Kelsey (STFC-RAL) 1 July 2011 UK HEP Sysman meeting.
The HEPiX IPv6 Working Group David Kelsey HEPiX, IHEP Beijing 17 Oct 2012.
Module 10: Monitoring ISA Server Overview Monitoring Overview Configuring Alerts Configuring Session Monitoring Configuring Logging Configuring.
SRM 2.2: status of the implementations and GSSD 6 th March 2007 Flavia Donno, Maarten Litmaath INFN and IT/GD, CERN.
FP6−2004−Infrastructures−6-SSA IPv6 and Grid Middleware: the EUChinaGRID experience Gabriella Paolini – GARR Valentino.
News from the HEPiX IPv6 Working Group David Kelsey (STFC-RAL) WLCG GDB, CERN 8 July 2015.
News from the HEPiX IPv6 Working Group David Kelsey (STFC-RAL) GridPP35, Liverpool 11 Sep 2015.
The production deployment of IPv6 on WLCG David Kelsey (STFC-RAL) CHEP2015, OIST, Okinawa 16 Apr 2015.
Monitoring the Grid at local, national, and Global levels Pete Gronbech GridPP Project Manager ACAT - Brunel Sept 2011.
The HEPiX IPv6 Working Group David Kelsey (STFC-RAL) HEPiX, Ann Arbor MI 30 Oct 2013.
The HEPiX IPv6 Working Group David Kelsey EGI TF, Prague 18 Sep 2012.
FP6−2004−Infrastructures−6-SSA IPv6 in the EGEE Related Projects: the EUChinaGRID experience Gabriella Paolini – GARR.
EGI-InSPIRE RI EGI-InSPIRE EGI-InSPIRE RI EGI Report Mario Reale NGI IT / GARR HEPiX f2f meeting.
Security monitoring boxes Andrew McNab University of Manchester.
The HEPiX IPv6 Working Group David Kelsey WLCG GDB, CERN 14 Nov 2012.
“From IPv4 to eternity”: the HEPiX IPv6 working group CHEP2012, New York 21 May 2012.
HEPiX FNAL ‘02 25 th Oct 2002 Alan Silverman HEPiX Large Cluster SIG Report Alan Silverman 25 th October 2002 HEPiX 2002, FNAL.
EGEE-II INFSO-RI Enabling Grids for E-sciencE EGEE and gLite are registered trademarks IPv6 test methodology Mathieu Goutelle (CNRS.
MW Readiness WG Update Andrea Manzi Maria Dimou Lionel Cons 10/12/2014.
HEPiX IPv6 Group David Kelsey (STFC-RAL, UK) 8 Dec 2010 GDB, CERN david.kelsey at stfc.ac.uk.
6/23/2005 R. GARDNER OSG Baseline Services 1 OSG Baseline Services In my talk I’d like to discuss two questions:  What capabilities are we aiming for.
Derek Ross E-Science Department DCache Deployment at Tier1A UK HEP Sysman April 2005.
HEPiX IPv6 Working Group David Kelsey GDB, CERN 11 Jan 2012.
BNL Service Challenge 3 Status Report Xin Zhao, Zhenping Liu, Wensheng Deng, Razvan Popescu, Dantong Yu and Bruce Gibbard USATLAS Computing Facility Brookhaven.
Testing and integrating the WLCG/EGEE middleware in the LHC computing Simone Campana, Alessandro Di Girolamo, Elisa Lanciotti, Nicolò Magini, Patricia.
Julia Andreeva on behalf of the MND section MND review.
Data Transfer Service Challenge Infrastructure Ian Bird GDB 12 th January 2005.
IPv6 security for WLCG sites (preparing for ISGC2016 talk) David Kelsey (STFC-RAL) HEPiX IPv6 WG, CERN 22 Jan 2016.
Andrea Manzi CERN On behalf of the DPM team HEPiX Fall 2014 Workshop DPM performance tuning hints for HTTP/WebDAV and Xrootd 1 16/10/2014.
HEP and IPv6 David Kelsey (STFC-RAL, UK) 3 Nov 2010 HEPiX, Cornell, Ithaca NY david.kelsey at stfc.ac.uk.
Nanbor Wang, Balamurali Ananthan Tech-X Corporation Gerald Gieraltowski, Edward May, Alexandre Vaniachine Argonne National Laboratory 2. ARCHITECTURE GSIMF:
The HEPiX IPv6 working group David Kelsey (STFC-RAL) HEPiX meeting, Bologna 17 Apr 2013.
Enabling Grids for E-sciencE INFSO-RI Enabling Grids for E-sciencE Gavin McCance GDB – 6 June 2007 FTS 2.0 deployment and testing.
WLCG and IPv6 David Kelsey (STFC-RAL) LHCOPN/LHCONE, Rome 28 Apr 2014.
LCG Issues from GDB John Gordon, STFC WLCG MB meeting September 28 th 2010.
CMS: T1 Disk/Tape separation Nicolò Magini, CERN IT/SDC Oliver Gutsche, FNAL November 11 th 2013.
WLCG Operations Coordination report Maria Alandes, Andrea Sciabà IT-SDC On behalf of the WLCG Operations Coordination team GDB 9 th April 2014.
EGEE-II INFSO-RI Enabling Grids for E-sciencE EGEE and gLite are registered trademarks EGEE Operations: Evolution of the Role of.
Ian Bird LCG Project Leader Status of EGEE  EGI transition WLCG LHCC Referees’ meeting 21 st September 2009.
INFSO-RI Enabling Grids for E-sciencE File Transfer Software and Service SC3 Gavin McCance – JRA1 Data Management Cluster Service.
The HEPiX IPv6 Working Group David Kelsey HEPiX, Prague 26 April 2012.
Breaking the frontiers of the Grid R. Graciani EGI TF 2012.
WLCG: Are we ready for IPv6? David Kelsey (STFC-RAL) ISGC 2014, Taipei 26 Mar 2014.
HEPiX IPv6 Working Group David Kelsey david DOT kelsey AT stfc DOT ac DOT uk (STFC-RAL) HEPiX, Vancouver 26 Oct 2011.
IPv6 Security Issues Georgios Koutepas, NTUA IPv6 Technology and Advanced Services Oct.19, 2004.
News from the HEPiX IPv6 Working Group David Kelsey (STFC-RAL) HEPIX, BNL 13 Oct 2015.
The HEPiX IPv6 Working Group David Kelsey (STFC-RAL) EGI OMB 19 Dec 2013.
WLCG Operations Coordination report Maria Dimou Andrea Sciabà IT/SDC On behalf of the WLCG Operations Coordination team GDB 12 th November 2014.
Maria Alandes Pradillo, CERN Training on GLUE 2 information validation EGI Technical Forum September 2013.
Grid Colombia Workshop with OSG Week 2 Startup Rob Gardner University of Chicago October 26, 2009.
HEPiX IPv6 Working Group David Kelsey (STFC-RAL) GridPP33 Ambleside 22 Aug 2014.
EGI-InSPIRE RI EGI-InSPIRE EGI-InSPIRE RI EGI IPv6 Report for HEPiX CERN October 5, 2012 CERN 1
“From IPv4 to eternity” - the High Energy Physics transition to IPv6 David Kelsey TNC2012, Reykjavik 23 May 2012.
“From IPv4 to eternity” The High Energy Physics transition to IPv6 David Kelsey EGI Community Forum, Munich 30 March 2012.
WLCG IPv6 deployment strategy
Plans to support IPv6-only CPU on WLCG
Update from the HEPiX IPv6 WG
IPv6 deployment at CERN - status update -
WLCG and support for IPv6-only CPU
IPv6 update Duncan Rand Imperial College London
Presentation transcript:

“From IPv4 to eternity” - the High Energy Physics transition to IPv6 David Kelsey TNC2012, Reykjavik 23 May 2012

On behalf of my colleagues Bob Cowles (SLAC), Marek Elias (FZU), Thomas Finnern (DESY), Lars Fischer (NORDUnet), David Foster (CERN), Bruno Hoeft (KIT), Tomas Kouba (FZU), Simon Leinen (SWITCH), Edoardo Martelli (CERN), Mark Mitchell (Univ Glasgow), Kars Ohrenberg (DESY), Andreas Pfeiffer (CERN), Francesco Prelz (INFN), Mario Reale (GARR), Sandor Rozsa (Caltech), Sabah Salih (Univ Manchester), Luuk Uljee (SARA), Ronald van der Pol (SARA), Ramiro Voicu (Caltech), Mattias Wadenstein (Univ Umea), Tony Wildish (Princeton University) And several others who have participated in the past Many thanks to them! – Credit to them – Mistakes are mine 23 May2012TNC2012, Kelsey, HEP IPv62

Outline The Worldwide LHC Computing Grid (WLCG) The HEPiX IPv6 Working Group WLCG software and tools IPv6 survey The HEP IPv6 testbed Working with others Problems found to date Managing IPv6 at large sites IPv6 security issues Recommendations and future plans Summary 23 May20123TNC2012, Kelsey, HEP IPv6

Worldwide LHC Computing Grid 23 May2012TNC2012, Kelsey, HEP IPv64 WLCG is made up of more than 140 computing centres in ~ 35 countries to process, analyze and store data produced from the LHC making it equally available to all partners, regardless of their physical location ~ xxx CPU Cores ~ yyy PB Disk

IPv6 and WLCG We currently do not know when WLCG will need to deploy IPv6-capable services – No current requests or warnings BUT to get there takes time! – Full survey of all software and tools – Need operational monitoring, security and tools – IPv6 operation, security and performance must be as good as IPv4 Physicists must not notice! 23 May2012TNC2012, Kelsey, HEP IPv65

HEPiX IPv6 Working Group Created in April 2011 with aims: Consider whether/how IPv6 should be deployed in HEP – especially WLCG (Worldwide Large Hadron Collider Grid) Readiness and Gap analysis HEP applications, middleware, security issues, system management and monitoring tools, end to end network monitoring tools Run a distributed HEP testbed – to help explore all the above issues We meet face to face 4 times a year – And by video conference in between 23 May20126TNC2012, Kelsey, HEP IPv6

WG membership Currently active (meetings, testbed, mail discussion): – CERN, DESY, FNAL, FZU, GARR, Glasgow, INFN, KIT, Manchester, RAL, SLAC, USLHCNet (Caltech) – CMS, ALICE and LHCb (ATLAS to come) ~50 on the mail list 23 May2012TNC2012, Kelsey, HEP IPv67

Limiting the scope The working group decided to concentrate on outward-facing WLCG services – Some backend services, e.g. Databases, could stay IPv4 only But need to include middleware, tools etc. Wherever possible, work with others (EGI) 23 May2012TNC2012, Kelsey, HEP IPv68

Software & Tools IPv6 Survey An “Asset” survey is well underway – A spreadsheet to be completed by sites and the LHC experiments – Includes all applications, middleware and tools – Tickets to be entered for all problems found If IPv6-readiness is known, can be recorded Otherwise we will need to investigate further – Ask developer and/or supplier – Scan source code or look for network calls while running – Test the running application under dual stack conditions 23 May20129TNC2012, Kelsey, HEP IPv6

Working with others Use tools developed earlier by EGEE EGI recently started IPv6 activities – Work together – Avoid duplication EMI testing nightly builds for IPv6 compliance – Will work together – We will open tickets if we find problems – Allow EMI developers access to our testbed 23 May2012TNC2012, Kelsey, HEP IPv610

IPv6 Testbed and testing We have deployed a distributed testbed – CERN, DESY, FZU, GARR, INFN, KIT and USLHCnet Connected to IPv6 and IPv4 networks – IPv6-only/IPv4-only names also registered in DNS – e.g. hepix-v6.desy.de & hepix-v4.desy.de A perl script (on wiki) validates configuration – Checks all DNS entries – runs ping and ping6 to all nodes 23 May201211TNC2012, Kelsey, HEP IPv6

Data transfer tests Virtual Organisation – ipv6.hepix.org We have successfully installed and tested GridFTP clients and servers on all nodes Full mesh of data transfers (globus_url_copy) – Tested and works CMS members of the working group – Now performing continuous data transfers between pairs of nodes – In future this will use PhEDEx and FTS 23 May2012TNC2012, Kelsey, HEP IPv612

Data transfer results To be added 23 May2012TNC2012, Kelsey, HEP IPv613

File Transfer Service An interesting example of IPv6-ready middleware Functional IPv6 support in a software component does not imply that IPv6 transport is enabled by default This is hard to capture in either a survey or by automated code-checking tools 23 May2012TNC2012, Kelsey, HEP IPv614

FTS (2) gSOAP supports IPv6 – on TCP since version 2.5 (2005) – on UDP since version (still 2005) BUT compiled without the “WITH_IPv6” flag – Oracle IPv6-enabled from version 11g rel 2 but FTS transfer agent libraries in EMI-1 still carry a hard dependency on Oracle V10 – Transfer agents (Tomcat/Axis servlets) can be invoked on dual stack hosts and from dual stack clients – but ‘urlcopy’ agent still uses IPv4 for file transfer – As in the globus-url-copy command, IPv6 resolution in the Globus FTP client needs to be explicitly enabled 23 May2012TNC2012, Kelsey, HEP IPv615

Software with IPv6 problems Need to check many things – Break when installed on a dual-stack node? – Does it bind to both stacks? – Is IPv6 preferred? – Can it be configured to prefer V4 or V6? 23 May2012TNC2012, Kelsey, HEP IPv616

IPv6 problems found Already found a few problems OpenAFS, dCache, UberFTP FTS & globus_url_copy (see earlier) Expand – more problems found 23 May2012TNC2012, Kelsey, HEP IPv617

Managing IPv6 at large sites Best practices are still far from clear! Large sites (e.g. CERN and DESY) wish to manage the allocation of addresses – Do not like autoconfiguration (SLAAC) Wish to filter out Router Advertisements DHCPv6 very attractive – BUT IETF still discussing – Will the ‘route’ options be there or not? 23 May2012TNC2012, Kelsey, HEP IPv618

IPv6 security Are operational security teams ready for IPv6? No! Challenges include – Address format has multiple forms, many addresses per host and addresses difficult to remember – IPv6 standards contain many suggestions - implementation optional – Required security features, like RAGuard and SEND, are a long way from full deployment – Incomplete and immature implementations – Many vulnerabilities expected – Log parsing tools must all change – Dual stack and tunnels cause problems – e.g. packet inspection Must test that things which are not supposed to work do not 23 May2012TNC2012, Kelsey, HEP IPv619

Recommendations & future Should we deploy IPv6? Answer: Yes! When we are ready Aim to implement Dual Stack on all WLCG services – Avoid complications of tunnels, proxies, gateways etc. Perform full asset survey (Spring 2012) – Identify show-stoppers & quantify effort and resources required to fix Expand testbed gradually during 2012 – work with EGI and EMI – Considering merging of EGI and HEPiX testbeds later this year – All WLCG services – Perform more extensive functionality and performance tests Must consider operational impact – including security and monitoring 23 May2012TNC2012, Kelsey, HEP IPv620

Future plans (2) Review status at end of 2012 Produce implementation plans for 2013 and/or later Need to perform tests on the production infrastructure – involve WLCG Tier 1 centres Plan several HEP IPv6 “Days” (for 2013?) – turn on dual stack for 24 hours on production infrastructure and test/observe Earliest date for production of IPv6-only systems is (currently) Jan May201221TNC2012, Kelsey, HEP IPv6

Lessons learned For other research communities – Need to do a full-systems analysis – Consider all important applications and tools – Deploy a testbed and share experiences Start soon – Analysis and testing all takes lots of time! 23 May2012TNC2012, Kelsey, HEP IPv622

Further info HEPiX IPv6 wiki Working group meetings 23 May2012TNC2012, Kelsey, HEP IPv623

EGEE IPv6 tools Source code checker – A bash script looking for non compliant function calls and address data structures Dynamic Code Checker (IPV6 CARE tool) – A tool based on the LD_PRELOAD mechanism to intercept calls to non compliant functions in the dynamically linked libraries Analysis of all gLite code was performed – And code was modified to fix problems 23 May2012TNC2012, Kelsey, HEP IPv624

Summary The HEPiX IPv6 working group functioning well much work still to be done during the next year or two not able to support IPv6-only systems in WLCG before 2014 – Decision on timetable to be made by end May2012TNC2012, Kelsey, HEP IPv625

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com. Inc. All rights reserved.