IPv6 Implementation Hints ________________________________________________ _ Andy Davidson Thursday 24 th November 2011 Hurricane Electric BELNET Conference, Brussels

Motivation Business Case Arguments Costs Motivation Business Case Arguments Costs Methodology Equipment Configuration Installation Methodology Equipment Configuration Installation

IANA RIPENCCARINAPNICLACNICAFRINIC ISPs Users Europe Broadband ISPs Content Delivery E-Commerce Hosting

v4 Run-Out in Europe “Run Out Fairly” Special rules for final /8 in RIPE-land Each LIR will be given one single /22 No PI will be assigned Probably implemented Q Similar rules in APNIC land and others..

“I don’t need IPv6, I have enough IPv4 to last for a BILLION years”

IPv4 Only Users IPv4 Only Content IPv6 Only Users IPv6 Only Content NAT Only Users Dual Stack Users Dual Stack Content

IPv4 Only Users IPv4 Only Content IPv6 Only Users IPv6 Only Content NAT Only Users Dual Stack Users Dual Stack Content

“Carrier Grade NAT will save me”

30 Sessions

20 sessions

15 sessions

10 sessions

“Only the network people care”

Users NAT Content Users in same city ? User stats ? ACLs? 4G/LTE Internet of things Opportunity

Google Yahoo Facebook Akamai BBC Cisco.com ….. hundreds more Over half of participants left Dual Stack turned on Including Youtube’s video engine

m users 1% of world population _________ bn users 30% world population

OPPORTUNITY: Seven Billion People © V. Tobin -

“OK, what can I do about it?”

So what am I recommending you do? NEVER buy Hardware/Services that are not IPv6 future proof! Get connectivity to your network v6 connectivity to your engineers (address your workstation) v6 trials in your lab (address some toy boxes, devel environment) v6 connectivity to all users Dual-stack production for some services Dual-stack production for all services

How we did it Don’t do it this way! It was 2001 – there was no stable v6 support in any vendor equipment In 2006, we found stable and mature IPv6 support so now I recommend dual stack. rtr server Real IPv4 IP6 Tunnel

Since 2006 Dual Stack – Every backbone link gets an IPv4 and IPv6 address – Every IGP has an IPv4 and IPv6 adjacency – BGP parity This is my strong recommendation to you. Overlay networks are not a v6 rollout and mean you need a future v6 native rollout.

Tunnel technology Transitional technology: – 6in4 (GRE Tunnels) – 6to4 (Auto Tunnel) – Terado (Auto Tunnel) Transitional technology poor compared with native, less well supported, overhead to debug, performance impacting. But 6in4 static tunnels are a reliable way to get connectivity into your laboratory, or in regions where no v6 native players exist

Buying Equipment and Services RIPE-501 is the template Do *not* buy kit or software without IPv6 support, it would be throwing money away. If v6 support is on the roadmap, demand evaluation units for your lab. If your lab needs v6, tunnelbroker.net

Addressing school Typical IPv4Typical IPv6 Assignment Unit/32 (An Address)/64 (A subnet) Assignment PolicyScarsityAggregation Addresses4 billion~350 Unidecilion NATNecessary Broken Not necessary Not supported Addressing ConfigurationStatic DHCP Static Stateless Autoconfig DHCP (Weak) DHCP-PD

Like with v4, addressing involves getting an IP address to a host ISP Identifier Customer ID My Network Number Host Part

RA Guard Any host can send Router-Advertisements – Problems with Windows ICS boxes – Turn on Terado and advertise a ::/0 path! – Other malicious intent Think of RA Guard like DHCP Guard interface GigabitEthernet0/0 switchport access vlan nn ipv6 nd raguard show ipv6 nd raguard policy

Thanks for adopting. cidr-report.org

Modern history – what’s happened this year? % increase in 12 months! 80% increase in 12 months!

IPv6 measured at via BGP ASNs with IPv6 Networks Running IPv6 We can measure the percentage of networks running IPv6 by comparing the set of ASes in the IPv6 routing table to those in the combined set of IPv4 and IPv6. IPv4 Ases: 38,889 IPv6 ASes: 4,592 ASes using only IPv4: 34,394 ASes using only IPv6: 97 ASes using IPv4 and IPv6: 4,495 ASes using IPv4 or IPv6: 38,986 Percentage of ASes (IPv4 or IPv6) running IPv6: 11.8% Date 11.8% Percentage of ASNs running v6 3.6%  IANA Runout  W6D

World IPv6 Day and real IPv6 traffic World IPv6 Day was about enabling web-based traffic for IPv6  Focus on content providers  Web (port 80 & 443 TCP traffic) plotted below

World IPv6 Day and real IPv6 traffic Long term win since W6D in IPv6 traffic levels  That means there are both content and eyeballs in play

Mostly, you need skills FREE!!

ipv6.he.net/certification/ T-shirt to Sages. FREE!!

PS: Free stuff drives adoption.

Have a positive IPv6 mindset

Any Questions Keep In Touch: Andy Davidson (114) ?