ipv6 pre comp training - 02112012

8/13/2019 IPv6 Pre Comp Training - 02112012

1/55

www.progreso.com.sg

www.ipv6competition.com

1

IHL Pre Competition Training


2/55

www.progreso.com.sg2

IPv6 Pre-Competition Training

Time Description

14001415 hrs Registration of competition participants

14151430 hrs Introduction

14301500 hrs Topic 1: IPv6 Benefits and Features

15001600 hrs Topic 2: Components of an IPv6 Network

16001630 hrs Topic 3: IPv6 Case Study

16301700 hrs Q & A session

1700 hrs End of training


3/55


Competition written proposal submission:o Submission deadline on 12thNov 2012, Monday before 5pm;

o Submit in pdfformatto email: [email protected];

o Shortlisting of competition finalists by 19thNov 2012;

o Shortlisted teams will be informed via email after 19thNov 2012;

o 12 shortlisted teams to start preparation for presentation on

actual day of competition on 15thMar 2013, Fri.

Information to be included in the proposal:o

Name of school and team;o Selection of competition category;

o Name of project, team members, student ID number & email;

o IPv6 Intermediate certification number of all team members;

o Details of competition proposal.

Competition Rules
mailto:[email protected]:[email protected]


4/55


Competition Judging Criteria

Innovation and Originality: 20% Ease of Adoption and Integration: 20%

Commercial Viability: 20%

Contribution to Promote IPv6: 20% Presentation: 20%

TOTAL: 100%


5/55


Competition Prizes

Note:a. Winners of IPv6 competition may have a chance of showcasing their projects with

industry delegates in iDAsfuture IPv6 event/conference;

b. iDA will also leverage their IPv6 microsite (www.ida.gov.sg/ipv6) to promote this

entire event.
http://www.ida.gov.sg/ipv6http://www.ida.gov.sg/ipv6http://www.ida.gov.sg/ipv6http://www.ida.gov.sg/ipv6http://www.ida.gov.sg/ipv6http://www.ida.gov.sg/ipv6http://www.ida.gov.sg/ipv6http://www.ida.gov.sg/ipv6http://www.ida.gov.sg/ipv6


6/55

www.progreso.com.sg


6

Topic 1:

IPv6 Benefits and Features


7/55


Objectives

Upon completing this module, you will: Refresh your understanding of IPv6 merits;

Understand the high-level potentials of IPv6.


8/55


Agenda

IPv6 Improvements and Features


9/55www.progreso.com.sg9

Why IPv6?

Availabilityof huge number of globally routable addressspace;

Improved network management by address auto-

configuration with efficient address renumbering

solution;

Multiple IPv6 prefixes on single interface and

multihomingcapability;

Fixed, simpler headerallows greater efficient processingin hardware;



Why IPv6? (2)

Security &seamless mobility are now standardized atLayer 3;

Restores the original end-to-end connectivity at the

network layer;

Leverage next-generation application protocols;

Rich transition mechanisms;

Any way, anytime, anywhere interconnectivity.



Benefits ComparisonFeatures of IPv6 IPv6 IPv4

Availability 340 trillion trillion trillion addresses 4.2 billion addresses, globalpopulation 6.97 billion

Improved network

management

With additional auto-configuration

capabilities, networks are more

simple and manageable

Networks can only be configured

either manually or via DHCP. Thus,

increases the maintenance efforts

End-to-End connectivity With abundance of IPv6 addresses,NAT devices can effectively be

excluded in deployments. Thus,

restoring end-to-end connectivity

Excessive use of NAT devicesmeans that thousands and

thousands of private addresses are

mapped to a single public address.

Application protocols With the elimination of NAT devices

and scalability & flexibility of IPv6,

theres no restriction on the use of

protocol for potential innovations

IPv4 was only designed as a

transport mechanism. Thus,

constraints are inevitable.

Built-in Security IPSEC is built into the IPv6 protocol IPv4 was designed without

security. Thus, it can only be

dependent on applications



Potentials of IPv6

(Examples from IPv6 now)

IPv6 can lift production efficiency via real-time

information:

o Computers and networks substantially boosted

productivity in the mid 1990s partly because businessmanagers could obtain access to sales information in

real time (commonly known as CRM now);

o IPv6 can provide even greater inventory control, with

real-time information that allows production

planning to meet customer demand more accurately,

and reduces the need to continue paying for

redundant production capacity.



IPv6 can shift time-based maintenance regimes to

performance-based:

o Currently industry uses time-based maintenance

regimes, for example, after a certain period, do acertain type of maintenance;

o IPv6 can support extensive sensor networks which

can provide information on the actual

usage/performance of an item so that maintenance

can be scheduled when it is genuinely needed.

Potentials of IPv6

(Examples from IPv6 now)



Business Value of IPv6

SmartThings:o The huge address space of IPv6 will enable support of

innovative smart appliances, mobile devices and more;

o Enhance customer experience;

o Could potentially result in one of the largest

transformations of human civilization;

.. and more



Enabling Technologies

LTE (Long term Evolution also known as 4G); Advances in Artificial Intelligence;

GPS (Global Positioning System);

Integrated logistic and advanced supply chainsystems that involve automated techniques;

Sensor networks that consist of autonomous

sensors that collaborate to monitor specificphysical and environmental conditions.

and more



Sectors that may benefit from IPv6 Government Agencies

Defence

Telecommunications

Entertainment, Leisure & Gaming

Transportation

Logistics, Inventory Control & Supply Chain Management

Electric Utilities

Health Care

Education

Real Estate



Break

Time for us to


18/55www.progreso.com.sg


18

Topic 2:

Components of an IPv6 Network



Objectives

Upon completing this module, you will: Know the basic network components

Understand how to build a simple IPv6 network



Agenda

Introduction to Network Components

Building an IPv6 Network

Advanced Network Components



Router:o Handles IP packet forwarding;

o Provides connectivity to inter-networks (external / internal);

o Static or Dynamic Routing.


ISP Gateway to Internet

A B

Default Route

Network B

Network B



Firewall:o Police network communications;

o Packet-filtering;

o Stateful packet inspection;

o Application-layer filtering.


Untrusted Trusted

Access External Server, HTTP trafficAccess External Server, HTTP traffic

Reply from External Server, HTTP traffic Reply from External Server, HTTP traffic

Access Internal Host, RDP traffic

Access External Server, P2P traffic



Switch:o Performs frame-switching;

o Connects network segments or multiple hosts on same network;

o Aggregates access device connections.


Router Switch

Laptop

Server

Desktop

Wireless AP

Printer



Network Interface Card:o Provides physical access to network;

o Installed in end devices;

o Common mediaCopper Ethernet, Fiber.




Agenda

Introduction to Network Components Building an IPv6 Network




Setup Example (Server end)


Internet Border DMZ Switching Access

Router

Switch

ServersIPv6

Firewall


27/55


Setup Example (User end)


Border / Switching

Router

Access

Laptop

Internet

IPv6


28/55


IPv6 Communication Flow Example



Router

Switch

ServersIPv6

Firewall

Border / Switching

Router

Access

Laptop


29/55





Router

Switch

ServersIPv6

Firewall

Border / Switching

Router

Access

Laptophttp://www.example.com1


30/55





Router

Switch

ServersIPv6

Firewall

Border / Switching

Router

Access

Laptop

2 DNS Query: What is the IP address of www.example.com?

2001:db8::/32

2001:db8::1000

2222:3333::aaaa

2222:3333::/32


31/55


32/55





Router

Switch

ServersIPv6

Firewall

Border / Switching

Router

Access

Laptop

4 HTTP GET request for www.example.com

via IPv6 Routing to 2001:db8::1000

2001:db8::/32

2001:db8::1000

2222:3333::aaaa

2222:3333::/32


33/55





Router

Switch

ServersIPv6

Firewall

Border / Switching

Router

Access

Laptop

5 HTTP reply for www.example.com

2001:db8::/32

2001:db8::1000

2222:3333::aaaa

2222:3333::/32

via IPv6 Routing to 2222:3333::aaaa


34/55





Router

Switch

ServersIPv6

Firewall

Border / Switching

Router

Access

Laptop

2001:db8::/32

2001:db8::1000

2222:3333::aaaa

2222:3333::/32

http://www.example.com6


35/55


Agenda

Introduction to Network Components Building an IPv6 Network



36/55


Domain Name System version 6 (DNSv6):o Resolves name queries into IP addresses;

o IPv6 DNS Records = AAAA Records.


Laptop

IPv6 ClientLocal DNS Server example.com

DNS Server.com DNS Server root DNS Server

www.example.com

www.example.com

Referral

www.example.com

Referral

www.example.com

AAAA record2001:db8::1000

AAAA record2001:db8::1000

Recursive Query


37/55


Alternative for DNS:o OS hosts file to achieve name resolution;

o Text file containing manual IP address-to-domain name mappings;

o E.g. ::1 www.example.com;

o Location of hosts file.


Operating System File Location

Windows c:\windows\system32\drivers\etc\hosts

Unix /etc/hosts

Apple System Folder: Preferences
http://www.example.com/http://www.example.com/


38/55


Dynamic Host Configuration Protocol (DHCPv6):o Stateful allocation of IPv6 addresses to hosts;

o Provide supplementary configurations e.g. DNSv6 Server IP

Addresses for name resolutions.



39/55


Alternatives for DHCP:o Manual IPv6 Address Assignment;

o StateLess Address Auto-Configuration (SLAAC):

Router sends out Router Advertisement (RA) message with /64 prefix, client

machines generate last 64 bits of address.


Router

Laptop

RA: IPv6 Prefix = 2222:3333:4444:5555::/64

MAC Address: 00-1f-16-26-43-3f

EUI-64IPv6 Address = 2222:3333:4444:5555: 021f:16ff:fe26:433f


40/55


Load Balancers

Network Access Control

Traffic Shapers

Web Cache Servers

And many others

(*May not be necessary)



41/55


42/55


Questions?


43/55

www.progreso.com.sg


43

Topic 3:

IPv6 Case Study


44/55


NETFLIX - Introduction

An US company that provides service to their members

to watch unlimited movies and TV shows streaming

over the Internet to PCs, Macs and TVs;

More than 27 million streaming members in the

United States, Canada, Latin America, United Kingdomand Ireland;

One of the world's leading Internet subscription

service for enjoying movies and TV shows.


45/55


46/55


NETFLIX - Challenge

System and Platform Issues

Compatibility Issues

Upstream IPv6 Support

Pilot Test


47/55


NETFLIX Challenge: System & Platform Issues

Relatively smaller impact:

o Most of the latest OS supports IPv6;

o Hardware can be easily IPv6 supported via firmware upgrade.

NETFLIX selected PC/Mac as the platform because of:

o IPv6 robustness requirements;

o Ability to drive a large number of streaming hours;

o Commonly being used among most users.


48/55


NETFLIX Challenge: Compatibility Issues

Leak of IPv6 code wasnt apparent until the system

processed 232packets:o Free active memory;

o Not easy to notice as the system needs to process large amount to

trigger the threshold.

IP Address versus Hostname:

o Use of IP address as URL to open the streams:

Pros: overcome overhead of querying DNS;

Cons: less flexibility when using IPv4 address.

o Enable DNS for IPv6 clients/server as a short term solution to

overcome this problem.


49/55


NETFLIX Challenge: Upstream IPv6 Support

Streaming services are deployed to Amazons EC2

Infrastructure;

Edge service leverage on AWS Elastic Load Balancer;

NETFLIX has to ensure:

o Allocated with IPv6 Address Block: 2406:da00:ff00::/32

o Availability of IPv6 enabled DNS Services:

CNAME records with both A and AAAA records to enable dual stack

capability;

AAAA records created to store IPv6 Address.


50/55


NETFLIX Challenge: Pilot Test & Rollout (1)

Test on subset of customer before rolling out:

o DNS Provider helps to resolve hostname based on the geo-location;

o Enabled from California state:

Unaccounted on new IPv6 traffic or dips in IPv4 traffic;

Unable to discover request from IPv6 that fails in similar or different ways than

those of IPv4.

o No error have been reported and limited geo-location failed to

provide IPv6 traffic:

Watch on the traffic is unsuccessful;

Enabling the service across the state.


51/55


NETFLIX Challenge: Pilot Test & Rollout (2)

No perfect rollout:

o DNS servers are not geo-aware by specification thus the testingplan is invalid;

o Non-authoritative DNS server fails to differentiate which user

should receive IPv4 or IPv6 traffic;

o Authoritative DNS servers are doing geo-location based on the IPaddress of the non-authoritative DNS server:

Expecting IPv4 or IPv6 request from customer are not under control.

Despite these limitations, NETFLIX has accomplished:

o The goal of targeting a subset of customers;o Ability to "dial up" support for IPv6 without making complete

rollout.


52/55


NETFLIX Outcome (1)

According to Sandvine report covered by TechCrunch:

IPv6 traffic in the U.S. hit record highs yesterday, but the biggest

recent gains actually came about two weeks ago when Netflix

turned on IPv6functionality for its network.

NETFLIX has successfully provide streaming service viaIPv6 to their subscribers;

With the large pool of IPv6 addresses, subscribers are

able to view the streaming anywhere in US which is

better than using IPv4 with limited address allocation.


53/55


NETFLIX Outcome (2)


54/55


55/55

ipv6 pre comp training - 02112012

Documents