Presentation is loading. Please wait.

Presentation is loading. Please wait.

IPv6 deployment at CERN - status update -

Published byCathleen Rich Modified over 6 years ago

Similar presentations

Presentation on theme: "IPv6 deployment at CERN - status update -"— Presentation transcript:

1 IPv6 deployment at CERN - status update -
CERN, 4th of July 2013 CERN IT Department CH-1211 Genève 23 Switzerland

2 Agenda IPv4 depletion CERN IPv6 service description
IPv6 deployment status Challanges ahead HEPiX IPv6 working group Conclusion Test drive

3 IPv4 depletion

4 World IPv4 pools status Region Last /8 date Remaining /8 (16M)
Asia-Pacific 19-Apr Europe 14-Sep North America 14-Apr South America 05-Aug Africa 24-Sep [25th June 2013]

5 CERN IPv4 pools status (June 2013)
/16 (64K) - GPN dynamics (~65% used) /16 (64K) - LCG statics (~41% used) /16 (64K) - GPN statics (~92% used) /17 (32K) - GPN statics (~9% used) /17 (32K) - LCG statics (~8% used) /16 (64K) - Wigner datacentre (~1% used) [as of 25th of June 2013]

6 CERN IPv4 pools status (Jan 2013)
/16 (64K) - GPN dynamics (~65% used) /16 (64K) - LCG statics (~40% used) /16 (64K) - GPN statics (~92% used) /17 (32K) - GPN statics (~5% used) /17 (32K) - LCG statics (0% used) /16 (64K) - Wigner datacentre (0% used) [as of 7th of January 2013]

7 CERN IPv6 service description

8 CERN IPv6 service - Dual Stack
- One IPv6 address assigned to every IPv4 one - Identical performance as IPv4, no degradation - Common provisioning tools for IPv4 and IPv6 - Same network services portfolio as IPv4 - Common security policies for IPv4 and IPv6

9 Dual stack services At least one IPv6 sub-prefix per physical subnet, public and/or local. Subnet size: /64 (i.e. 64 bits for the network address, 64 bits for the host address) Available host addresses per subnets: 264 (recommended size). Router Switch /24 2001:1458:0201:0E00::/64 Servers, Hosts

10 IPv6 ready The DNS device name .cern.ch will be resolved only with the IPv4 address until the user declares to LANDB (via WEBREQ) to be IPv6 ready. IPv6 ready means: - IPv6 connectivity is OK - all the server's applications are listening on both IPv4 and IPv6 protocols Consequences: - IPv6 security openings activated in the central firewall - name.cern.ch returns IPv4 and IPv6 addresses (A and AAAA records)

11 IPv6 deployment status

12 IT/CS Network services
DNS: No DNS names for CERN IPv6 addresses DHCPv6 for statics: Ready DHCPv6 for portables: Testing NTP: Ready Internet: Ready Firewall: Static firewall only

13 IT/CS Network management
Network database (LANDB): Ready IT/CS tools (CSDBWEB, cfmgr): Ready User web interface (WEBREQ): Testing SOAP interface: Testing Monitoring (Spectrum): Developing

14 Timeline - Testing of network devices: completed
- IPv6 Testbed for CERN users: available - New LANDB schema: in production - Addressing plan in LANDB: in production - Provisioning tools (cfmgr and csdbweb): ready - User interfaces (webreq): testing - Network configuration: on going - Network services (DNS, DHCPv6...): on going - User training: on going - IPv6 Service ready for production in 2013 2011Q2 2011Q3 2021Q1 2012Q1 2012Q4 Today 2013Q4

15 Check the current status at
Latest news: Check the current status at

16 Challenges ahead

17 Opportunities.. - no more address poverty, no more fear to waste
- multiple addresses per interface, even in the same IPv6 subnet - no IPv6 NAT (not even designed) - Internet of things

18 ...and challenges - new operational issues - new software development
- new protocols to test (DHCPv6...) - new security threats (attacks on mixed stacks...) - some applications don't work (AFS...) - not-homogeneous dual-stacks (private v4 and public v6)

19 Lots of VMs Current VMs adoption plan will cause IPv4 depletion during 2014. Then two alternative options: A) VMs with only public IPv6 addresses + Unlimited number of VMs - Several applications don't run over IPv6 today (PXE, AFS, ...) - Very few remote sites have IPv6 enabled (limited remote connectivity) + Will push IPv6 adoption in the WLCG community B) VMs with private IPv4 and public IPv6 + Works flawlessly inside CERN domain - No connectivity with remote IPv4-only hosts (NAT solutions not supported nor recommended)

20 HEPiX IPv6 working group

21 HEPiX IPv6 Working Group
- Chairman: Dave Kelsey (RAL) - Active members: CERN, DESY, FNAL, FZU, GARR, Glasgow, INFN, KIT, Manchester, RAL, SLAC, USLHCnet (Caltech), CMS, ALICE and LHCb - Nearly 50 on the mail list - Regular video and face-to-face meetings

22 - IPv6 implementation check list
WG activities - IPv6 implementation check list - Software and tools compliance survey - Distributed dual-stack testbed - Security awareness Your help is needed! Contact the WG at

23 Conclusions

24 Conclusions - IPv6 deployment at CERN is progressing well
- IPv6 will bring new functionalities and opportunities - Future deployments cannot rely on large amounts of IPv4 public addresses - Use of IPv6 in the WLCG has to start as soon as possible

25 More information: http://cern.ch/ipv6

26 Let's try

27 Ask ipv6@cern.ch to IPv6 enable your device

28 Renew the dhcp lease linux# dhclient -6 linux# ifconfig
eth Link encap:Ethernet HWaddr 00:22:4d:83:03:19 inet6 addr: fe80::222:4dff:fe83:319/64 Scope:Link inet6 addr: 2001:1458:201:b459::100:5/64 Scope:Global C:\Windows>ipconfig /renew Ethernet adapter Local Area Connection: IPv6 Address : 2001:1458:201:17::100:2 Link-local IPv6 Address : fe80::a844:b2c4:8637:5e8e%11 Default Gateway : fe80::215:60ff:feed:ce00%11 /macos> sudo ifconfig en0 up

29 Check: http://ipv6-test.com

30 SixOrNot Firefox add-on

31 Enjoy

Download ppt "IPv6 deployment at CERN - status update -"

Similar presentations

IPv6 Deployment CANTO Nate Davis, Chief Operating Officer 13 August 2014.

IPv6 Deployment CANTO Nate Davis, Chief Operating Officer 13 August 2014.
IPv6 Planning and Implementation at PSU.  1986 – PSU gets Class B network (128.118.0.0) & 5 Class C networks 192.5.157-.161  1988 – Department of Computer.

IPv6 Planning and Implementation at PSU.  1986 – PSU gets Class B network ( ) & 5 Class C networks  1988 – Department of Computer.
IPv6 at CERN Update on Network status David Gutiérrez Co-autor: Edoardo MartelliEdoardo Martelli Communication Services / Engineering

IPv6 at CERN Update on Network status David Gutiérrez Co-autor: Edoardo MartelliEdoardo Martelli Communication Services / Engineering
Understanding Internet Protocol

Understanding Internet Protocol
MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration Chapter 4 Installing and Configuring the Dynamic Host Configuration Protocol.

MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration Chapter 4 Installing and Configuring the Dynamic Host Configuration Protocol.
Module 4: Configuring Network Connectivity

Module 4: Configuring Network Connectivity
Linux Networking TCP/IP stack kernel controls the TCP/IP protocol Ethernet adapter is hooked to the kernel in with the ipconfig command ifconfig sets the.

Linux Networking TCP/IP stack kernel controls the TCP/IP protocol Ethernet adapter is hooked to the kernel in with the ipconfig command ifconfig sets the.
Agenda Network Infrastructures LCG Architecture Management

Agenda Network Infrastructures LCG Architecture Management
HEPiX IPv6 Working Group David Kelsey (STFC-RAL, UK) 4 May 2011 HEPiX, GSI, Darmstadt david.kelsey at stfc.ac.uk.

HEPiX IPv6 Working Group David Kelsey (STFC-RAL, UK) 4 May 2011 HEPiX, GSI, Darmstadt david.kelsey at stfc.ac.uk.
DYNAMIC HOST CONFIGURATION PROTOCOL (DHCP) BY: SAMHITA KAW IS 373.

DYNAMIC HOST CONFIGURATION PROTOCOL (DHCP) BY: SAMHITA KAW IS 373.
Damian Leibaschoff Support Escalation Engineer Microsoft Becky Ochs Program Manager Microsoft.

Damian Leibaschoff Support Escalation Engineer Microsoft Becky Ochs Program Manager Microsoft.
Status of WLCG Tier-0 Maite Barroso, CERN-IT With input from T0 service managers Grid Deployment Board 9 April 2014 9-Apr-2014 Maite Barroso Lopez (at)

Status of WLCG Tier-0 Maite Barroso, CERN-IT With input from T0 service managers Grid Deployment Board 9 April Apr-2014 Maite Barroso Lopez (at)
HEPiX IPv6 Working Group David Kelsey (STFC-RAL) 1 July 2011 UK HEP Sysman meeting.

HEPiX IPv6 Working Group David Kelsey (STFC-RAL) 1 July 2011 UK HEP Sysman meeting.
Module 3: Designing IP Addressing. Module Overview Designing an IPv4 Addressing Scheme Designing DHCP Implementation Designing DHCP Configuration Options.

Module 3: Designing IP Addressing. Module Overview Designing an IPv4 Addressing Scheme Designing DHCP Implementation Designing DHCP Configuration Options.
Module 4: Planning, Optimizing, and Troubleshooting DHCP

Module 4: Planning, Optimizing, and Troubleshooting DHCP
CERN IT Department CH-1211 Genève 23 Switzerland t IPv6 Deployment Project 2 April 2012

CERN IT Department CH-1211 Genève 23 Switzerland t IPv6 Deployment Project 2 April 2012
IPv6 at the University of Wisconsin Hopefully 79,228,162,514,264,337,593,543,950,336 IP addresses will be enough for a while. A subset of the UW IPv6 Task.

IPv6 at the University of Wisconsin Hopefully 79,228,162,514,264,337,593,543,950,336 IP addresses will be enough for a while. A subset of the UW IPv6 Task.
IPv6 – What You Need To Know Tom Hollingsworth CCNP,CCVP,CCSP, MCSE.

IPv6 – What You Need To Know Tom Hollingsworth CCNP,CCVP,CCSP, MCSE.
Links and LANs 2004-04-06. Link between two computers via cross cable The most simple way to connect two hosts is to link the two hosts with a cross cable.

Links and LANs Link between two computers via cross cable The most simple way to connect two hosts is to link the two hosts with a cross cable.
Communication Between Networks How the Internet Got Its Name.

Communication Between Networks How the Internet Got Its Name.

Similar presentations

Ads by Google