Presentation is loading. Please wait.

Presentation is loading. Please wait.

Copyright © 2006 Juniper Networks

Published byAnastasia Ross Modified over 6 years ago

Similar presentations

Presentation on theme: "Copyright © 2006 Juniper Networks"— Presentation transcript:

1 Copyright © 2006 Juniper Networks
Transitioning to IPv6: Issues and Mechanisms Jeff Doyle Senior Network Architect APRICOT 2006 Perth, Australia 1 March, 2006 11/12/2018 Copyright © 2006 Juniper Networks Author: G. Arheilger, Juniper Networks, EMEA Central Copyright © 2003 Juniper Networks, Inc. All rights reserved.

2 3 Types of Transition Mechanisms
Dual Stacks IPv4/IPv6 coexistence on one device Tunnels For tunneling IPv6 across IPv4 clouds Later, for tunneling IPv4 across IPv6 clouds IPv6 <-> IPv6 and IPv4 <-> IPv4 Translators IPv6 <-> IPv4 11/12/2018 Copyright © 2006 Juniper Networks Author: G. Arheilger, Juniper Networks, EMEA Central Copyright © 2003 Juniper Networks, Inc. All rights reserved.

3 Copyright © 2006 Juniper Networks
Dual Stacking In most cases, the simplest approach IPv6 now supported on most modern network platforms Routers Servers Hosts If (almost) everything is “bilingual”, transition is controlled by DNS 11/12/2018 Copyright © 2006 Juniper Networks Author: G. Arheilger, Juniper Networks, EMEA Central Copyright © 2003 Juniper Networks, Inc. All rights reserved.

4 Copyright © 2006 Juniper Networks
Dual Stacking IPv4-only Host: Dual-Stacked Host: stan.v4.com Query: stan.v4.com? A Resource Record: DNS IPv6-only Host: 3ffe:3700:1100:1:210:a4ff:fea0:bc97 ollie.v6.com 3ffe abcd.1234.dada.1 11/12/2018 Copyright © 2006 Juniper Networks Author: G. Arheilger, Juniper Networks, EMEA Central Copyright © 2003 Juniper Networks, Inc. All rights reserved.

5 Copyright © 2006 Juniper Networks
Dual Stacking IPv4-only Host: Dual-Stacked Host: stan.v4.com Query: ollie.v6.com? AAAA Resource Record: 3ffe abcd.1234.dada.1 DNS IPv6-only Host: 3ffe:3700:1100:1:210:a4ff:fea0:bc97 ollie.v6.com 3ffe abcd.1234.dada.1 11/12/2018 Copyright © 2006 Juniper Networks Author: G. Arheilger, Juniper Networks, EMEA Central Copyright © 2003 Juniper Networks, Inc. All rights reserved.

6 Copyright © 2006 Juniper Networks
Tunnels Necessary if all nodes between communicating endpoints are not dual stacked Add a layer of complexity to the network and the transition plan 11/12/2018 Copyright © 2006 Juniper Networks Author: G. Arheilger, Juniper Networks, EMEA Central Copyright © 2003 Juniper Networks, Inc. All rights reserved.

7 Host to Router / Router to Host
Tunnel Applications IPv4 Router to Router IPv6 IPv4 Host to Host IPv6 IPv6 Host to Router / Router to Host IPv4 11/12/2018 Copyright © 2006 Juniper Networks Author: G. Arheilger, Juniper Networks, EMEA Central Copyright © 2003 Juniper Networks, Inc. All rights reserved.

8 Copyright © 2006 Juniper Networks
Tunnel Types Configured Tunnels Application: Permanent site-to-site connectivity Carriers, SPs, large backbones Technologies: GRE, IP-IP, IPSec… MPLS Controlled, deterministic Automatic Tunnels Application: Transient connectivity Connectivity across “v6 unaware” segments Router to Router Host to Router Host to Host Technologies: Tunnel Brokers 6to4 ISATAP Teredo? DSTM Possibly non-deterministic Possible security risks 11/12/2018 Copyright © 2006 Juniper Networks Author: G. Arheilger, Juniper Networks, EMEA Central Copyright © 2003 Juniper Networks, Inc. All rights reserved.

9 Automatic Tunnels: Endpoint Determination
Configured tunnels: Endpoints (IP addresses) are determined by administrator Automatic tunnels require an automatic endpoint determination Two Approaches: Assign them from an authoritative server Tunnel brokers, Teredo, DSTM Imbed them in IPv6 addresses 6to4, ISATAP 11/12/2018 Copyright © 2006 Juniper Networks Author: G. Arheilger, Juniper Networks, EMEA Central Copyright © 2003 Juniper Networks, Inc. All rights reserved.

10 Authoritative Server Approach: Tunnel Broker
AAA Authorization Configuration request TB chooses: TS IPv6 addresses Tunnel lifetime TB registers tunnel IPv6 addresses Config info sent to TS IPv6 Tunnel Config info sent to client: Tunnel parameters DNS name 3 4 Tunnel Broker DNS Tunnel enabled 1 2 5 6 IPv4 Network Client Tunnel Server IPv6 Network 7 11/12/2018 Copyright © 2006 Juniper Networks Author: G. Arheilger, Juniper Networks, EMEA Central Copyright © 2003 Juniper Networks, Inc. All rights reserved.

11 Imbedded Endpoint Address Approach: 6to4
(Dotted Decimal) = 8a0e:55d2 (Hex) IPv4 Interface: IPv4 Address: 6to4 prefix: 2002:8a0e:55d2::/48 6to4 prefix: 2002:4172:a85b::/48 IPv4 Network IPv6 Site IPv6 Site 6to4 Router 6to4 Router 6to4 address: 2002:4172:a85b:1:20a:95ff:fe8b:3cba 6to4 address: 2002:8a0e:55d2:1:230:65ff:fe2c:9a6 11/12/2018 Copyright © 2006 Juniper Networks Author: G. Arheilger, Juniper Networks, EMEA Central Copyright © 2003 Juniper Networks, Inc. All rights reserved.

12 Imbedded Endpoint Address Approach: 6to4
6to4 Router Recognizes 6to4 Prefixes Local Tunnel Endpoint = Packet Source Address: 2002:8a0e:55d2:1:230:65ff:fe2c:9a6 Packet Destination Address: 2002:4172:a85b:1:20a:95ff:fe8b:3cba Remote Tunnel Endpoint = IPv6 IPv4 Network IPv6 Site IPv6 Site 6to4 Router 6to4 Router Host1: 2002:8a0e:55d2:1:230:65ff:fe2c:9a6 DNS: Host2 = a85b:20a:95ff:fe8b:3cba Host2: 2002:4172:a85b:1:20a:95ff:fe8b:3cba 11/12/2018 Copyright © 2006 Juniper Networks Author: G. Arheilger, Juniper Networks, EMEA Central Copyright © 2003 Juniper Networks, Inc. All rights reserved.

13 Copyright © 2006 Juniper Networks
Translators Necessary if IPv6-only endnode and IPv4-only endnode must speak Very few situations where translators should be required Dual stacking and/or tunneling should be sufficient in most cases The great majority of modern IPv6-capable network/host systems are dual stack, not IPv6-only IPv6-only devices are likely to be specialized, and in IPv6-only networks Add another layer of complexity to the network and the transition plan Avoid them if you can 11/12/2018 Copyright © 2006 Juniper Networks Author: G. Arheilger, Juniper Networks, EMEA Central Copyright © 2003 Juniper Networks, Inc. All rights reserved.

14 Copyright © 2006 Juniper Networks
Translator Types Network level translators Stateless IP/ICMP Translation Algorithm (SIIT)(RFC 2765) NAT-PT (RFC 2766) Bump in the Stack (BIS) (RFC 2767) Transport level translators Transport Relay Translator (TRT) (RFC 3142) Application level translators Bump in the API (BIA)(RFC 3338) SOCKS64 (RFC 3089) Application Level Gateways (ALG) 11/12/2018 Copyright © 2006 Juniper Networks Author: G. Arheilger, Juniper Networks, EMEA Central Copyright © 2003 Juniper Networks, Inc. All rights reserved.

15 Copyright © 2006 Juniper Networks
Translator Types Network level translators Stateless IP/ICMP Translation Algorithm (SIIT)(RFC 2765) NAT-PT (RFC 2766) Bump in the Stack (BIS) (RFC 2767) Transport level translators Transport Relay Translator (TRT) (RFC 3142) Application level translators Bump in the API (BIA)(RFC 3338) SOCKS64 (RFC 3089) Application Level Gateways (ALG) NAT-PT (using SIIT procedures) has emerged as the dominant translator 11/12/2018 Copyright © 2006 Juniper Networks Author: G. Arheilger, Juniper Networks, EMEA Central Copyright © 2003 Juniper Networks, Inc. All rights reserved.

16 Stateless IP/ICMP Translation (SIIT)
IPv4 Network Source = Dest = IPv6 Network SIIT Source = Dest = Source = ::ffff:0: Dest = ::ffff: Source = ::ffff: Dest = ::ffff:0: SIIT also changes: Traffic Class   TOS Payload length Protocol Number   NH Number TTL   Hop Limit 3ffe:3700:1100:1:210:a4ff:fea0:bc97 11/12/2018 Copyright © 2006 Juniper Networks Author: G. Arheilger, Juniper Networks, EMEA Central Copyright © 2003 Juniper Networks, Inc. All rights reserved.

17 Network Address Translation - Protocol Translation (NAT-PT)
IPv6 Network IPv4 Network IPv4 Pool: /24 IPv6 prefix: 3ffe:3700:1100:2/64 DNS v4host.4net.org A v4host.4net.org? NAT-PT v4host.4net.org AAAA 3ffe:3700:1100:2:: v4host.4net.org v6host.6net.com 3ffe:3700:1100:1:210:a4ff:fea0:bc97 11/12/2018 Copyright © 2006 Juniper Networks Author: G. Arheilger, Juniper Networks, EMEA Central Copyright © 2003 Juniper Networks, Inc. All rights reserved.

18 Network Address Translation - Protocol Translation (NAT-PT)
IPv6 Network IPv4 Network IPv4 Pool: /24 IPv6 prefix: 3ffe:3700:1100:2/64 Mapping Table Inside Outside 3ffe:3700:1100:1:210:a4ff:fea0:bc DNS Source = Dest = Source = 3ffe:3700:1100:1:210:a4ff:fea0:bc97 Dest = 3ffe:3700:1100:2:: NAT-PT Source = Dest = v4host.4net.org Source = 3ffe:3700:1100:2:: Dest = 3ffe:3700:1100:1:210:a4ff:fea0:bc97 v6host.6net.com 3ffe:3700:1100:1:210:a4ff:fea0:bc97 11/12/2018 Copyright © 2006 Juniper Networks Author: G. Arheilger, Juniper Networks, EMEA Central Copyright © 2003 Juniper Networks, Inc. All rights reserved.

19 Copyright © 2006 Juniper Networks
Problems with NAT-PT Statefulness (mapping table) restricts asymmetric traffic Complicates network troubleshooting Single point of failure or attack Possible DNS difficulties Many of the same constraints, vulnerabilities as v4 NAT Nevertheless, some see v6 NAT as a necessity Maintaining provider independence, for example 11/12/2018 Copyright © 2006 Juniper Networks Author: G. Arheilger, Juniper Networks, EMEA Central Copyright © 2003 Juniper Networks, Inc. All rights reserved.

20 Transition Strategies: Dual Stacked IPv4/IPv6 Backbone
(Possibly) lower capital expense (Possibly) higher operational complexity More risk of network disruption during migration Less incremental migration Legacy equipment issues IPv4 IPv4/IPv6 Access Access 11/12/2018 Copyright © 2006 Juniper Networks Author: G. Arheilger, Juniper Networks, EMEA Central Copyright © 2003 Juniper Networks, Inc. All rights reserved.

21 Transition Strategies: Separate IPv4/IPv6 Backbones
(Possibly) higher capital expense Lower operational complexity Low risk to operational network Easier, more incremental migration IPv6 IPv4 Access Access 11/12/2018 Copyright © 2006 Juniper Networks Author: G. Arheilger, Juniper Networks, EMEA Central Copyright © 2003 Juniper Networks, Inc. All rights reserved.

22 Copyright © 2006 Juniper Networks
Conclusions Dual stacking is the simplest approach Tunnel only when necessary Translation should seldom be needed, if at all A long-range transition plan reduces cost IPv6 SW/HW phased in as part of normal network evolution Biggest transition expense is likely to be planning, testing, inventory, training, etc. i.e., human resource expenses Not capital expenses 11/12/2018 Copyright © 2006 Juniper Networks Author: G. Arheilger, Juniper Networks, EMEA Central Copyright © 2003 Juniper Networks, Inc. All rights reserved.

23 Copyright © 2006 Juniper Networks
Thank you! 11/12/2018 Copyright © 2006 Juniper Networks Author: G. Arheilger, Juniper Networks, EMEA Central Copyright © 2003 Juniper Networks, Inc. All rights reserved.

Download ppt "Copyright © 2006 Juniper Networks"

Similar presentations

1 IPv6 and IPv4 Interoperation and Transition Tony Hain co-chair IETF ngtrans WG

1 IPv6 and IPv4 Interoperation and Transition Tony Hain co-chair IETF ngtrans WG
IPv4 - IPv6 Integration and Coexistence Strategies Warakorn Sae-Tang Network Specialist Professional Service Department A Subsidiary.

IPv4 - IPv6 Integration and Coexistence Strategies Warakorn Sae-Tang Network Specialist Professional Service Department A Subsidiary.
TCP/IP Protocol Suite 1 Chapter 27 Upon completion you will be able to: Next Generation: IPv6 and ICMPv6 Understand the shortcomings of IPv4 Know the IPv6.

TCP/IP Protocol Suite 1 Chapter 27 Upon completion you will be able to: Next Generation: IPv6 and ICMPv6 Understand the shortcomings of IPv4 Know the IPv6.
Transitioning to IPv6 April 15,2005 Presented By: Richard Moore PBS Enterprise Technology.

Transitioning to IPv6 April 15,2005 Presented By: Richard Moore PBS Enterprise Technology.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Implementing IP Addressing Services Accessing the WAN – Chapter 7.

© 2006 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Implementing IP Addressing Services Accessing the WAN – Chapter 7.
Computer Networks20-1 Chapter 20. Network Layer: Internet Protocol 20.1 Internetworking 20.2 IPv4 20.3 IPv6.

Computer Networks20-1 Chapter 20. Network Layer: Internet Protocol 20.1 Internetworking 20.2 IPv IPv6.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE I Chapter 6 1 Implementing IP Addressing Services IPv6.

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE I Chapter 6 1 Implementing IP Addressing Services IPv6.
IPv6 Victor T. Norman.

IPv6 Victor T. Norman.
Project by: Palak Baid (pb2358) Gaurav Pandey (gip2103) Guided by: Jong Yul Kim.

Project by: Palak Baid (pb2358) Gaurav Pandey (gip2103) Guided by: Jong Yul Kim.
© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 W. Schulte Chapter 5: Network Address Translation for IPv4  Connecting.

© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 W. Schulte Chapter 5: Network Address Translation for IPv4  Connecting.
KOM 15032: Arsitektur Jaringan Terkini Bab 2. Pengalamatan IPv6.

KOM 15032: Arsitektur Jaringan Terkini Bab 2. Pengalamatan IPv6.
© 2008 National Engineers Training Services. All rights reserved. IPv6- End User Perspective Fakhar Mirza CCNA, CCSP, CCIE Head of Technical, NETS.

© 2008 National Engineers Training Services. All rights reserved. IPv6- End User Perspective Fakhar Mirza CCNA, CCSP, CCIE Head of Technical, NETS.
© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Lecture15: Network Address Translation for IPv4 Connecting Networks.

© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Lecture15: Network Address Translation for IPv4 Connecting Networks.
1 Teredo - Tunneling IPv6 through NATs Date: 2003-10-31 Speaker: Quincy Wu National Chiao Tung University.

1 Teredo - Tunneling IPv6 through NATs Date: Speaker: Quincy Wu National Chiao Tung University.
IPv4 & IPv6 Coexistence & Migration Joe Zhao SW2 Great China R&D Center ZyXEL Communications, Inc.

IPv4 & IPv6 Coexistence & Migration Joe Zhao SW2 Great China R&D Center ZyXEL Communications, Inc.
Enabling IPv6 in Corporate Intranet Networks

Enabling IPv6 in Corporate Intranet Networks
17/10/031 Summary Peer to peer applications and IPv6 Microsoft Three-Degrees IPv6 transition mechanisms used by Three- Degrees: 6to4 Teredo.

17/10/031 Summary Peer to peer applications and IPv6 Microsoft Three-Degrees IPv6 transition mechanisms used by Three- Degrees: 6to4 Teredo.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Addressing the Network – IPv4 Network Fundamentals – Chapter 6.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Addressing the Network – IPv4 Network Fundamentals – Chapter 6.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Addressing the Network – IPv4 Network Fundamentals – Chapter 6.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Addressing the Network – IPv4 Network Fundamentals – Chapter 6.
Octavio Medina ENSTB / IRISA DSTM Dual Stack Transition Mechanism.

Octavio Medina ENSTB / IRISA DSTM Dual Stack Transition Mechanism.

Similar presentations

Ads by Google