IPv6 @ Swisscom

cursefarmΔίκτυα και Επικοινωνίες

24 Οκτ 2013 (πριν από 4 χρόνια και 16 μέρες)

126 εμφανίσεις

IPv6 @ Swisscom

Martin Gysi, 9.5.2011

Senior Network Development Engineer, Swisscom

Public

2

The question „will IPv6 ever by widely deployed?“ is no
longer open.

The answer is a clear „yes“.


Google, Facebook are accessible using IPv6


Free.fr has 500‘000 IPv6
-
enabled customers (which makes it the
largest IPv6 ISP in the world)


Most major Telcos have stated that they are now starting to deploy
real IPv6 services. Most will do so in 2011/2012


And yes, IPv4 addresses will become scarce real soon… But that’s
another story…


3

The driver for IPv6 is the lack of IPv4 addresses.

But IPv6 does not solve the IPv4 address shortage
problem


IPv6 is not compatible to IPv4. So IPv4 must continue to be operated


IPv4 addresses can be saved by using them more efficiently, or by
deploying NAT inside the carrier‘s network (NAT44, CGN). Drives
complexity and costs


short term fix.


IPv6 is not the short term solution. But in the long run it‘s the only way
to continue the Internet as we know it today.











IPv6 does not replace IPv4, it‘s added in parallel to it


„Dual Stack“


IPv4 address depletion

Short term fix:

NAT44 deployment

Medium term strategy:

IPv6 migration

Action plan:

End
-
to
-
end

IPv6 deployment

4

Our IPv6 policy:

We enable our customers to access the IPv6
Internet, and we offer our services to the IPv6
Internet


External communication (aka Internet) will need IPv6 first. Gartner
recommends that enterprises establish an IPv6 Internet presence no longer
than 2014.


Internal networks and services can remain IPv4 on the longer term



Swisscom is currently analyzing all its services, to identify the steps required
for introducing IPv6, and is working out a detailed roll
-
out plan


Entire
IT tool chain
: order entry, service fulfillment and assurance, billing


Network

elements (routers, firewalls, load
-
balancers…) and platforms


Regulatory

aspects, such as lawful intercept


Security
, both from Swisscom’s and our customer’s point of view


Product

integration (part of the standard offering or option, …)


Customer experience


Impact on
operations
, training of staff

5

So, what are we doing right now?

IPv6 @ Swisscom


IP
-
plus backbone is fully dual
-
stack, IP
-
plus business Internet access
is available with native IPv6.



IPv6 in our mobile network. Works in the lab, are now expanding from
there into the IT systems (RADIUS, User Databases (HLR), Mobile
Proxy, Billing, etc.) and into the radio access network.


The few handsets that support IPv6 cannot operate Dual Stack.
IPv6 only is not interesting for most people


LTE Rel. 8 / 3G Rel. 9 defines a Dual Stack PDP context.


Newest chipsets support PDPv4v6, so the handset situation will
improve.


More labs for broadband access and datacenter environments. Gives
those engineers and sysadmins something to learn from!



We’ll launch IPv6 for residential Internet access this year

6

What is required for an IPv6 Internet Access Service?

Complex infrastructure is barrier to cost
-
efficient IPv6
deployment. Legacy infrastructure cannot be upgraded easily.

End
-
to
-
end overview of Swisscom‘s Internet Access Service
network

7

Using 6RD, IPv6 Internet access is an incremental
upgrade.


Production
-
quality IPv6 Internet access at a fraction of the costs


No complex upgrade of infrastructure,
leverage IPv4 network to provide
IPv6 access. Simply...


Add IPv6 and 6RD support to
customer modems


Add 6RD Border Relays to dual
-
stack
portion of network

IPv4 access
network

Internet peering (dual stack)

IPv6
Internet

6RD Border
Relay
Lausanne

6RD Border
Relay Zürich

native IPv6
home network

Home network (dual stack)

Swisscom Internet
Access Service
network (IPv4 only)

6RD CE

router

8

Network
topology

6RD is a Stateless Tunnel Technology, Embedding the
CE’s IPv4 Address into the IPv6 Prefix.

IPv4
network

native
IPv6
network

native IPv6
network

6RD CE router

6RD Border Relay

0

28

60

64

subscriber subnetting

up to 32 bits of subscriber’s IPv4 address

Interface ID

Subnet ID

85.5.7.171


2A02:1200

6RD prefix

IPv4 dest 85.5.7.171

IPv4 Header

IPv6 Header

IPv6 Payload







copy

send to preconfigured BR address

send to embedded CE address

IPv6 Rapid Deployment on IPv4 Infrastructures (RFC 5969)

IPv6 address
format for 6RD

IPv4 header &
encapsulated
IPv6 packet
(downstream)

IPv6 prefix is
calculated

from the IPv4 address

9

OSPFv3

OSPFv2

6RD Border Relay

Implementation Details

6RD Border Relay

Dual stack core
router

IPv4

IPv6

OSPFv3

IPv4 + IPv6

OSPFv2

6RD Border Relay

IPv4

IPv6

Link failure
propagated
on both
IGPs

Link failure
not noticed in
IPv4 IGP (or
vice versa)

Router on a stick

Separate IPv4
and

IPv6
interface


Cisco ASR1002
-
ESP10




scales up to 10 Gb/s per box (tested)


Using anycast IPv4 address, geographically distributed


scale by adding
more boxes


Topology: “Router on a stick“



No danger of black hole routing, as IPv4 and IPv6 interface status is
inherently coupled.


10

6RD CPE Routers


Implementation Details


Vendors: Motorola, ADB Broadband (formerly Pirelli
Broadband)


6RD parameters configured using TR
-
069


Swisscom 6RD prefix and length (2a02:1200::/28)


IPv4 bits suffix length (all 32 bits)


6rd Border Relay anycast IPv4 address


Swisscom DNS servers


IPv6 flag (enable/disable)


IPv6 must be enabled by customer on “customer centre”
website (no other changes to IT/OSS tools)


Third
-
party modems (AVM Fritz Box and others) work, but
need manual configuration

11


Display IPv6 check box on “customer centre” website if router
supports IPv6, store IPv6 status in customer database


Display IPv6 status to customer support, enable them to change
status


Implement new TR069 parameters for 6RD


No other changes!

No address management, no provisioning, etc!











Separate DNS (Google white
-
listed) that can stop handing out AAAA
records if problems with IPv6 should occur


6rd.swisscom.com

Implementation details

IT aspects

IT Systems

DNS

12

First deployment experiences:

expect to find problems with turning on IPv6


2011


the year of the MTU? Make sure Path MTU Discovery works!



7600 with 6748 LAN card and IOS 12.2(22)SXF10: sets IPv6 MTU to
1486 Bytes (no matter what is configured)


Motorola CPE (Beta version) does not do PTMUD at all…


ASR
-
1k: ICMP Packet Too Big messages use final destination’s
address as source address (not local address)



7600 with
12.2(33)SRE3: Buffer leak when IPv6 is enabled. Requires
periodic reboot of the box.

13

Swisscom will launch IPv6 for residential
customers in 2011, using 6rd technology.


6RD changes the IPv6 “business case” from complex & expensive to
simple & cheap. There’s no excuse for not deploying IPv6 now!


6RD is simple, reliable, scalable technology


Fast prototyping thanks to Linux implementation


Vendors engineering/beta implementations quickly available, yet
(inter
-
) worked flawlessly


Tested and proven scalability



Large
-
scale pilot to be started in July 2011.


If you are a Swisscom customer and


have a “Centro” series router, then


apply at
swisscom.ipv6@swisscom.com


Check out the “sneak preview” at
http://labs.swisscom.com



14