ipv6 only dns-oarc · t-mobile customer base 4 9/29/2017 • at wwdc 2015 apple announced the...
TRANSCRIPT
![Page 1: IPv6 Only DNS-OARC · T-Mobile Customer Base 4 9/29/2017 • At WWDC 2015 Apple announced the transition to IPv6-only network services in iOS 9. Starting June 1, 2016 all apps submitted](https://reader033.vdocuments.site/reader033/viewer/2022060514/5f8523d67b1d1c0b164f47b2/html5/thumbnails/1.jpg)
IPv6 Only DNS-OARC9/29/2017
T-Mobile Confidential
![Page 2: IPv6 Only DNS-OARC · T-Mobile Customer Base 4 9/29/2017 • At WWDC 2015 Apple announced the transition to IPv6-only network services in iOS 9. Starting June 1, 2016 all apps submitted](https://reader033.vdocuments.site/reader033/viewer/2022060514/5f8523d67b1d1c0b164f47b2/html5/thumbnails/2.jpg)
Introduction
9/29/20172
https://www.linkedin.com/in/stephanlagerholm/
@ipv4depletion
Stephan Lagerholm
![Page 3: IPv6 Only DNS-OARC · T-Mobile Customer Base 4 9/29/2017 • At WWDC 2015 Apple announced the transition to IPv6-only network services in iOS 9. Starting June 1, 2016 all apps submitted](https://reader033.vdocuments.site/reader033/viewer/2022060514/5f8523d67b1d1c0b164f47b2/html5/thumbnails/3.jpg)
Agenda
9/29/20173
▪ T-Mobile’s IPv6 journey
▪Background DNS64 and 464XLAT
▪ Testing DNS64 failure scenarios
▪Conclusion
![Page 4: IPv6 Only DNS-OARC · T-Mobile Customer Base 4 9/29/2017 • At WWDC 2015 Apple announced the transition to IPv6-only network services in iOS 9. Starting June 1, 2016 all apps submitted](https://reader033.vdocuments.site/reader033/viewer/2022060514/5f8523d67b1d1c0b164f47b2/html5/thumbnails/4.jpg)
T-Mobile Customer Base
9/29/20174
• At WWDC 2015 Apple announced the transition to IPv6-only network services in iOS 9. Starting June 1, 2016 all apps submitted to the App Store must support IPv6-only networking.
• IOS 10.3 is IPv6 only on the T-Mobile network
• Android 4.3 and later have support for IPv6 + 464XLAT
![Page 5: IPv6 Only DNS-OARC · T-Mobile Customer Base 4 9/29/2017 • At WWDC 2015 Apple announced the transition to IPv6-only network services in iOS 9. Starting June 1, 2016 all apps submitted](https://reader033.vdocuments.site/reader033/viewer/2022060514/5f8523d67b1d1c0b164f47b2/html5/thumbnails/5.jpg)
Our Progress towards IPv6
9/29/20175
Android 4.3
July 2013
Apricot 37
Feb 2014
16%
NANOG 61
June 2014
27%
NANOG 64
June 2015
54%
V6 Summit
April 2017
84%
DNS-OARC
Sept. 2017
89%
http://www.worldipv6launch.org/measurements/
![Page 6: IPv6 Only DNS-OARC · T-Mobile Customer Base 4 9/29/2017 • At WWDC 2015 Apple announced the transition to IPv6-only network services in iOS 9. Starting June 1, 2016 all apps submitted](https://reader033.vdocuments.site/reader033/viewer/2022060514/5f8523d67b1d1c0b164f47b2/html5/thumbnails/6.jpg)
The remaining 11%
9/29/20176
• TMUS Enterprise clients
• Really old handsets
• Tethering
• MVNO (Mobile Virtual Network Operators)
• Retries over IPv4 for one or another reason
![Page 7: IPv6 Only DNS-OARC · T-Mobile Customer Base 4 9/29/2017 • At WWDC 2015 Apple announced the transition to IPv6-only network services in iOS 9. Starting June 1, 2016 all apps submitted](https://reader033.vdocuments.site/reader033/viewer/2022060514/5f8523d67b1d1c0b164f47b2/html5/thumbnails/7.jpg)
DNS64/NAT64 (RFC6147)
9/29/20177
v6 only
V4 Internet
NAT64
DNS64
A 192.0.1.1
AAAA
64:ff9b::C000:101
V6 Internet
![Page 8: IPv6 Only DNS-OARC · T-Mobile Customer Base 4 9/29/2017 • At WWDC 2015 Apple announced the transition to IPv6-only network services in iOS 9. Starting June 1, 2016 all apps submitted](https://reader033.vdocuments.site/reader033/viewer/2022060514/5f8523d67b1d1c0b164f47b2/html5/thumbnails/8.jpg)
464 XLAT (RFC 6877)
9/29/20178
464XLAT for Windows 10 coming?
![Page 9: IPv6 Only DNS-OARC · T-Mobile Customer Base 4 9/29/2017 • At WWDC 2015 Apple announced the transition to IPv6-only network services in iOS 9. Starting June 1, 2016 all apps submitted](https://reader033.vdocuments.site/reader033/viewer/2022060514/5f8523d67b1d1c0b164f47b2/html5/thumbnails/9.jpg)
Discovery of IPv6 Prefix (RFC 7050)
9/29/20179
• Alternative to hardcoded pref64
• Sends DNS query for ipv4only.arpa
• Extract the pref64
• Happens during startup of 464XLAT
![Page 10: IPv6 Only DNS-OARC · T-Mobile Customer Base 4 9/29/2017 • At WWDC 2015 Apple announced the transition to IPv6-only network services in iOS 9. Starting June 1, 2016 all apps submitted](https://reader033.vdocuments.site/reader033/viewer/2022060514/5f8523d67b1d1c0b164f47b2/html5/thumbnails/10.jpg)
Happy Eyeballs (RFC6555)
9/29/201710
• Fallback to IPv4 after a reasonable time
• Happy Eyeballs work well for Dual Stack and 464XLAT clients
• Note! Happy Eyeballs have no effect on IPv6 only devices
• New version being worked on: draft-ietf-v6ops-rfc6555bis-05
![Page 11: IPv6 Only DNS-OARC · T-Mobile Customer Base 4 9/29/2017 • At WWDC 2015 Apple announced the transition to IPv6-only network services in iOS 9. Starting June 1, 2016 all apps submitted](https://reader033.vdocuments.site/reader033/viewer/2022060514/5f8523d67b1d1c0b164f47b2/html5/thumbnails/11.jpg)
Application level fallback
9/29/201711
• NSURLsession on Apple devices handles IPv4 literals
• Note there is no fallback if IPv6 fails, no Happy Eyeballs
https://developer.apple.com/library/content/documentation/NetworkingInternetWeb/Conceptual/NetworkingOverview/
UnderstandingandPreparingfortheIPv6Transition/UnderstandingandPreparingfortheIPv6Transition.html#//apple_ref/doc/uid/TP40010220-CH213-SW13
![Page 12: IPv6 Only DNS-OARC · T-Mobile Customer Base 4 9/29/2017 • At WWDC 2015 Apple announced the transition to IPv6-only network services in iOS 9. Starting June 1, 2016 all apps submitted](https://reader033.vdocuments.site/reader033/viewer/2022060514/5f8523d67b1d1c0b164f47b2/html5/thumbnails/12.jpg)
Android Interfaces
9/29/201712
464XLAT
IPv4 address
WiFi
IPv4 address
VoLTE
IPv6 address
Internet
IPv6 address
Tethering
IPv4 address
Network Info II app can be foundIn Google/Apple Store
![Page 13: IPv6 Only DNS-OARC · T-Mobile Customer Base 4 9/29/2017 • At WWDC 2015 Apple announced the transition to IPv6-only network services in iOS 9. Starting June 1, 2016 all apps submitted](https://reader033.vdocuments.site/reader033/viewer/2022060514/5f8523d67b1d1c0b164f47b2/html5/thumbnails/13.jpg)
Failure scenarios
9/29/201713
RCODE – Does not return EMPTY NOERROR or NXDOMAIN (rare)
www.nuevosvecinos.com
Flag – Does not return the AA flag in the empty answer (rare)
Major cloud storage app
SOA – Does not provide SOA for the same domain as asked for (somewhat common)
Photo site
Timeout – Simply does not return anything when asked for AAAA (common)
www.sky.com.mx
DNS Related failures
Routing – AAAA returned, but unable to connect to the IP, :: (very common)
www.ericsson.se
http://www.employees.org/~dwing/aaaa-stats/
Special use – Special use AAAA record such as ::1, link-local, etc (common)
Edu22.info
Network related failures
![Page 14: IPv6 Only DNS-OARC · T-Mobile Customer Base 4 9/29/2017 • At WWDC 2015 Apple announced the transition to IPv6-only network services in iOS 9. Starting June 1, 2016 all apps submitted](https://reader033.vdocuments.site/reader033/viewer/2022060514/5f8523d67b1d1c0b164f47b2/html5/thumbnails/14.jpg)
Testbed for failure scenarios
9/29/2017 T-Mobile Internal Use Only14
example:dig @2001:4860:4860::6464 soa.dns64.lagerholm.com AAAA
dig @2001:4860:4860::6464 flag.dns64.lagerholm.com AAAA
dig @2001:4860:4860::6464 rcode.dns64.lagerholm.com AAAA
dig @2001:4860:4860::6464 timeout.dns64.lagerholm.com AAAA
Expected result: timeout.dns64.lagerholm.com. 3 IN AAAA 64:ff9b::6464:6464
![Page 15: IPv6 Only DNS-OARC · T-Mobile Customer Base 4 9/29/2017 • At WWDC 2015 Apple announced the transition to IPv6-only network services in iOS 9. Starting June 1, 2016 all apps submitted](https://reader033.vdocuments.site/reader033/viewer/2022060514/5f8523d67b1d1c0b164f47b2/html5/thumbnails/15.jpg)
Results response to failure scenarios
9/29/2017 T-Mobile Internal Use Only15
Google DNS64As of 9/29/2017
Secure64CEM 3.2.4 A
BindUnbound
1.6.2
Soa SERVFAIL OK SERVFAIL OK
Timeout OK SERVFAIL TIMEOUT TIMEOUT*
Flag SERVFAIL SERVFAIL SERVFAIL OK
Rcode OK OK SERVFAIL SERVFAIL*
* On first try and after TTL expire
![Page 16: IPv6 Only DNS-OARC · T-Mobile Customer Base 4 9/29/2017 • At WWDC 2015 Apple announced the transition to IPv6-only network services in iOS 9. Starting June 1, 2016 all apps submitted](https://reader033.vdocuments.site/reader033/viewer/2022060514/5f8523d67b1d1c0b164f47b2/html5/thumbnails/16.jpg)
Slide / 16Slide / 16
• DNS64 and 464XLAT works well and scales
• Determine what sites/apps are important
• Proactively scan top sites
• Reach out to broken sites
• Don’t try to fix things with local overrides
• Scan social media for direct customer feedback
• Don’t try to change the world
• Keep things in perspective
• Enterprise rollout
Conclusion
![Page 17: IPv6 Only DNS-OARC · T-Mobile Customer Base 4 9/29/2017 • At WWDC 2015 Apple announced the transition to IPv6-only network services in iOS 9. Starting June 1, 2016 all apps submitted](https://reader033.vdocuments.site/reader033/viewer/2022060514/5f8523d67b1d1c0b164f47b2/html5/thumbnails/17.jpg)
Slide / 17Slide / 17 T-Mobile Confidential
Questions