Paola Grosso - I2/ESCC Joint Tech IPv6 SLAC update Paola Grosso SLAC Networking Group

Slides:



Advertisements
Similar presentations
NAT, firewalls and IPv6 Christian Huitema Architect, Windows Networking Microsoft Corporation.
Advertisements

IPv6: The Next Generation Internet Protocol CEOS WGISS 18: Beijing, China September 2004 Dave Hartzell Computer Sciences Corp, NASA Ames
© 2006 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Implementing IP Addressing Services Accessing the WAN – Chapter 7.
Project by: Palak Baid (pb2358) Gaurav Pandey (gip2103) Guided by: Jong Yul Kim.
Implementing IPv6 Module B 8: Implementing IPv6
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Addressing the Network – IPv4 Network Fundamentals – Chapter 6.
Module 4: Configuring Network Connectivity
Configuring and Troubleshooting Network Connections
Cs/ee 143 Communication Networks Chapter 6 Internetworking Text: Walrand & Parekh, 2010 Steven Low CMS, EE, Caltech.
Technical Aspects of Peering Session 4. Overview Peering checklist/requirements Peering step by step Peering arrangements and options Exercises.
IPv6: The Next Generation Internet Protocol Luke Simpson and Martin Bouts ECE 4112 Spring 2005 May 2nd, 2005.
11 TROUBLESHOOTING Chapter 12. Chapter 12: TROUBLESHOOTING2 OVERVIEW  Determine whether a network communications problem is related to TCP/IP.  Understand.
OCT1 Principles From Chapter One of “Distributed Systems Concepts and Design”
Network Monitoring for Internet Traffic Engineering Jennifer Rexford AT&T Labs – Research Florham Park, NJ 07932
Introduction. 2 What Is SmartFlow? SmartFlow is the first application to test QoS and analyze the performance and behavior of the new breed of policy-based.
1 Version 3.0 Module 9 TCP/IP Protocol and IP Addressing.
Chapter 23: ARP, ICMP, DHCP IS333 Spring 2015.
WebReport/400 TCP/IP Configuration Presented by Kisco Information Systems.
1 Enabling Secure Internet Access with ISA Server.
Technical Overview Qube 2. Presentation I. Solutions –A Gateway to the World –A Business Server –An Internet Server –An Server II. Concept –Server.
Computer Concepts 2014 Chapter 6 The Internet. 6 Chapter Contents  Section A: Internet Technology  Section B: Fixed Internet Access Chapter 6: The Internet2.
Routing Measurements Matt Zekauskas, ITF Meeting 2006-Apr-24.
Microsoft Windows 2003 Server. Client/Server Environment Many client computers connect to a server.
Interior Gateway Routing Protocol (IGRP) is a distance vector interior routing protocol (IGP) invented by Cisco. It is used by routers to exchange routing.
Presentation Title Subtitle Author Copyright © 2002 OPNET Technologies, Inc. TM Introduction to IP and Routing.
© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 IT Essentials PC Hardware and Software 4.1 Instructional Resource Chapter.
Network Layer4-1 NAT: Network Address Translation local network (e.g., home network) /24 rest of.
Hands-on Networking Fundamentals
© 2007 Cisco Systems, Inc. All rights reserved.ICND2 v1.0—7-1 Address Space Management Scaling the Network with NAT and PAT.
Slide 1, Dr. Wolfgang Böhm, Mobile Internet, © Siemens AG 2001 Dr. Wolfgang Böhm Siemens AG, Mobile Internet Dr. Wolfgang.
Summary of Certification Process (part 1). IPv6 Client IPv6 packets inside IPv4 packets.
Chapter 6: Packet Filtering
70-291: MCSE Guide to Managing a Microsoft Windows Server 2003 Network Chapter 12: Routing.
Objectives Configure routing in Windows Server 2008 Configure Network Address Translation 1.
1. 2 Device management refers to the IDS Sensor's ability to dynamically reconfigure the filters and access control lists (ACL) on a router, switch, and.
KIS – Cvičenie #5 IP konfigurácia v prostredí OS Windows Marián Beszédeš, B506
Objectives Configure routing in Windows Server 2008 Configure Routing and Remote Access Services in Windows Server 2008 Network Address Translation 1.
1 The Firewall Menu. 2 Firewall Overview The GD eSeries appliance provides multiple pre-defined firewall components/sections which you can configure uniquely.
Networks – Network Architecture Network architecture is specification of design principles (including data formats and procedures) for creating a network.
Access Control List ACL. Access Control List ACL.
Windows 7 Firewall.
POSTECH DP&NM Lab. Internet Traffic Monitoring and Analysis: Methods and Applications (1) 4. Active Monitoring Techniques.
Windows Small Business Server 2003 Setting up and Connecting David Overton Partner Technical Specialist.
APNIC Update The state of IP address distribution and IPv6 deployment status Miwa Fujii Senior IPv6 Program Specialist APNIC.
1 TCP/IP Internetting ä Subnet layer ä Links stations on same subnet ä Often IEEE LAN standards ä PPP for telephone connections ä TCP/IP specifies.
Chapter 8: Internet Operation. Network Classes Class A: Few networks, each with many hosts All addresses begin with binary 0 Class B: Medium networks,
Cisco 3 - Switch Perrine. J Page 111/6/2015 Chapter 5 At which layer of the 3-layer design component would users with common interests be grouped? 1.Access.
Networking Fundamentals. Basics Network – collection of nodes and links that cooperate for communication Nodes – computer systems –Internal (routers,
IPv6 – The Future Of The Internet Redbrick Networking Conference 26 March 2003 Dave Wilson DW238-RIPE.
Monitoring Troubleshooting TCP/IP Chapter 3. Objectives for this Chapter Troubleshoot TCP/IP addressing Diagnose and resolve issues related to incorrect.
Tracking Rejected Traffic.  When creating Cisco router access lists, one of the greatest downfalls of the log keyword is that it only records matches.
Internet Connectivity and Performance for the HEP Community. Presented at HEPNT-HEPiX, October 6, 1999 by Warren Matthews Funded by DOE/MICS Internet End-to-end.
+ Routing Concepts 1 st semester Objectives  Describe the primary functions and features of a router.  Explain how routers use information.
Midterm Review Chapter 1: Introduction Chapter 2: Application Layer
PacINET 2011 The state of IP address distribution and its impact Elly Tawhai Senior Internet Resource Analyst/Liaison Officer, Pacific, APNIC 1.
EGI-InSPIRE RI EGI-InSPIRE EGI-InSPIRE RI Mario Reale – GARR NetJobs: Network Monitoring Using Grid Jobs.
ORNL Site Report ESCC July 15, 2013 Susan Hicks David Wantland.
Network Overview. Protocol Protocol (network protocols) - a special set of rules that define communication between two or more devices on a network.
Central Management of 300 Firewalls and Access-Lists Fabian Mauchle TNC 2012 Reykjavík, 21-May-2012.
LESSON Networking Fundamentals Understand IPv4.
LESSON Networking Fundamentals Understand TCP/IP.
Paola Grosso SLAC October
Chapter 4: Routing Concepts
Introducing Novell IPv6 Stack
Procket’s IPv6 Implementation
Access Control Lists CCNA 2 v3 – Module 11
Wide Area Networking at SLAC, Feb ‘03
SLAC monitoring Web Services
Computer Networks Protocols
Abilene Update Rick Summerhill
Presentation transcript:

Paola Grosso - I2/ESCC Joint Tech IPv6 SLAC update Paola Grosso SLAC Networking Group

Paola Grosso - I2/ESCC Joint Tech IPv6 pros More addresses –128 bits addresses (1030 addresses/per person) to take care of the depletion of IPv4 addresses; to allow new devices to be network enabled. Better mobility –Auto configuration of nodes to allow movement without losing network connectivity (home address vs. care-of address). Better security –IPSec part of the protocols to enable end-to-end services (data integrity, access control).

Paola Grosso - I2/ESCC Joint Tech IPv6 out there… The research networks: –Native connection to the research networks backbones (Internet2, ESnet, GEANT) –IPv6 Land Speed record by CERN and CalTech of 983 mbps Internet.html The implementers: –Asia: Japan to convert IT infrastructure to IPv6 by 2005 –DOD to transition to IPv6 by The commercial world: –Major vendors (start to) ship IPv6 enabled products

Paola Grosso - I2/ESCC Joint Tech IPv6 at SLAC: why? We have not exhausted our address space (still “plenty” of addresses in our /16). We do not have any users/applications in need of IPv6. Why bother? Gain experience with the technology; Think and plan ahead; Find first portable applications.

Paola Grosso - I2/ESCC Joint Tech SLAC IPv6 network setup SLAC connects to the IPv6 Internet via a native connection provided from ESnet. Cisco 3640 Rtr-ipv6IPv6 internetESnet Juniper M10 SLAC IPv6 intranet IPv6 configuration: ipv6 unicast-routing interface no ip address ipv6 address Not BGP, but static route.

Paola Grosso - I2/ESCC Joint Tech SLAC IPv6 Addressing Schema ESnet provides us with a: Point to point network, for the router connections 2001:400:0e02:8::/64 The internal SLAC IPv6 network 2001:0400:0e10::/48 Internal addressing schema: essing-ipv6.html The grand schema is to have: 16 services each one with up to 64 subnets. (4 bits for services and 6 bits for the service subnets)

Paola Grosso - I2/ESCC Joint Tech SLAC IPv6 code requirements Three requirements for the project approval from the SLAC security group: –Running a cryptographic image that allows SSH client/server on the router; –Support for Reflexive Access Lists; –A Client-based network, i.e all connections have to be initiated from within, with few exceptions: SSH incoming IPv6 ping to internal nodes WEB server (approval pending) The Cisco code that can do this is : 12.3(1a)

Paola Grosso - I2/ESCC Joint Tech Access lists rules Few basic rules: 0. Anti-spoofing rules 1.Filter the non routable address: deny ipv6 ::/3 any deny ipv6 4000::/2 any deny ipv6 8000::/1 any log 2.Allow neighbor-advertisement and neighbor- solicitation traffic (implicit): Permit icmp any any nd-na Permit icpm any any nd-ns Deny ipv6 any any

Paola Grosso - I2/ESCC Joint Tech IPv6 on Linux RedHat Linux has been our OS of choice, so far. On the network in few steps with automatic configuration: –Add following line in /etc/sysconfig/network: NETWORKING_IPV6="yes" –Restart networking (or reboot) Static configuration for servers (as our Www): –Add the following line in /etc/sysconfig/network: IPV6_AUTOCONF=no –Add the following line in /etc/sysconfig/ifcfg- : IPV6_INIT=yes

Paola Grosso - I2/ESCC Joint Tech Software Bind/DNS –Version 9 with IPv6 support. –Configured an IPv6 DNS for caching-only Name Server –Added entries for IPv6 nodes on the SLAC IPv4 Name Server –Using the Indiana GigaPop DNS (ns4.indiana.edu) NTP –Distribution 4 with IPv6 support. –Running version 1.74 –Synchronized our nodes to the public Viagenie server: (

Paola Grosso - I2/ESCC Joint Tech PingER for IPv6 Previous experience at SLAC with IPv6 year ago was with PingER ( Starting point = the Perl module for IPv4 PingER. PingER-IPv6 required us minor code modifications: –To handle address/name resolution (like gethostbyname ) –The installation of Perl modules that do not come with the standard RedHat distribution: Time::CTime.pm (to format time a la ctime(3)) DB_file.pm (to tie to DB files) Socket.pm

Paola Grosso - I2/ESCC Joint Tech Monitored nodes A list of ping-able nodes, put together by Bill Owens, circulated on the I2 IPv6 mailing list: The 39 nodes are located in: –Abilene network (core routers and measurement nodes) –Front Range GigaPop –Great Plains Network –Indiana GigaPop –InterMountain GigaPop –Merit –NYSernet –Pittsburgh SuperComputing –Oregon GigaPop –WiscNet

Paola Grosso - I2/ESCC Joint Tech Monitored path The monitoring traffic leaves the ESnet network at Sunnyvale (one hop from SLAC) and it flows over the I2 network. Looking into having IPv6 nodes at ESnet sites, to look into the performance of the ESnet network. SLACESnet (SNV)I2 IPv6 network

Paola Grosso - I2/ESCC Joint Tech PingER metrics The information that can be extracted is the same as in the IPv4 PingER: –Duplicate Packets –Average Round Trip Time –Minimum Packet Loss –Inter-Quartile Range –Conditional Loss Probability –TCP Throughput –Ping Unreachability –Ping Unpredictability –Minimum Round Trip Time –Packet Loss –Out of Order Packets –Zero Packet Loss Frequency –Inter-Packet Delay Variation

Paola Grosso - I2/ESCC Joint Tech Results: RTT Sudden improvement on July21

Paola Grosso - I2/ESCC Joint Tech Results: RTT IPv6 vs. IPv4 CHIN,HSTN,IPLS still slower on IPv6 than IPv4 After the July 21 improvement

Paola Grosso - I2/ESCC Joint Tech Results: packets loss Only 3 sites have shown packets losses: maybe due to nodes reconfiguration? Other sites have 0% losses

Paola Grosso - I2/ESCC Joint Tech Results: other variables We have looked at the following: Reachability= very good. These nodes are always up and stable. Only node we are having problem with is mon.chpc.utah.edu: being configured/rebooted?) Out-of-order-packets=none Inter-packet-delay= normal (jitter slightly higher for WISCNET, NEXTGEN and COLUMBIA)

Paola Grosso - I2/ESCC Joint Tech Next… Monitoring –Expand the list of monitored nodes: keen on finding partners in the ESnet community! –Publish and make available the IPv6 Pinger module (Perl module); –Port to IPv6 other monitoring tools we are using (AbwE, IEPM-BW). Infrastructure –Add more nodes and experiment with other OSes Windows XP and Sun Solaris (as in SLAC IPv4 environment); –Extend the services: web server coming, more work on DNS, mail –Physics research applications that could benefit from running on IPv6.

Paola Grosso - I2/ESCC Joint Tech Conclusions The “easy part”: Connect to the native IPv6 ESnet Find some nodes to devote to IPv6 and configure/debug/port applications The “hard part”: Try to involve the other groups (system managers, web managers, security); Define the same standards of manageability, security as we have in the IPv4 environment; Move the product to the user community. The path from a few nodes on IPv6 to a “production” network is a long one. But we are starting…

Paola Grosso - I2/ESCC Joint Tech Starting too? Participating in the PingER-IPV6? – Web pages with PingER-IPv6 data: –IPv4 web server: wrap/pingtable.pl?dataset=ipv6 –IPv6 web server (coming-pending SLAC security approval): General IPv6 mailing lists: Internet2 = 6Bone =

Paola Grosso - I2/ESCC Joint Tech Backup slide = RTT to routers

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.