indonesia ipv6 update - apan hanoi 2010

Post on 08-May-2015

1.718 Views

Category:

Documents

0 Downloads

Preview:

Click to see full reader

DESCRIPTION

Indonesia IPv6 Update - APAN Hanoi 2010

TRANSCRIPT

Indonesia IPv6 UpdateAPAN Meeting Hanoi 2010

Affan Basalamahaffan@itb.ac.id

Outline

• History of IPv6 in Indonesia REN• IPv6 Adoption in ITB• Plan on IPv6 Adoption in INHERENT

HISTORY OF IPV6 ON INDONESIA REN

History of IPv6 on Indonesia REN (1)

• 1998: IPv6 Experiment in ITB using FreeBSD and

INRIA IPv6 stack, pTLA 3ffe:0501::/32, sTLA 2001:200:0830::/48

• 2000: Connect to AI3-JP with FreeBSD and KAME

IPv6 stack, 2001:d30:3::/48

• 2002: First IPv6 Books in Indonesia by ITB students

• 2003: Start of IPv6 deployment on ITB campus after

Advanced Network Course by SOI-ASIA

• 2005: IPv6 Multicast video conference & e-learning

with SOI-ASIA

History of IPv6 on Indonesia REN (2)

• 2007: ITB get 2403:8000::/32 address from APNIC TEIN2 IPv6 Connectivity

• 2008 - 2010: IPv6 connection to multiple networks (AI3,

OpenIXP, TEIN3, tunnel to he.net)

History of IPv6 on Indonesia REN (3)

IPV6 ADOPTION IN ITB CAMPUS

Campus Network

IPv6 on Access Network

• 802.1Q Trunk VLAN to distribute IPv6 subnet via Router Advertisement (RA)

Layer 2 Switch

Layer 2 Switch

Layer 2 Switch

IPv4-only Layer 3 Switch

PC

PC

PC802.1Q Trunk

IPv4-only Layer 3 Switch

IPv6 PC Router

IPv6 on Core Network

• PC Router with VLAN interface• OSPFv3

IPv4-only Layer 3 Switch

IPv6 PC Router-1

IPv4-only Layer 3 Switch

IPv4-only Layer 3 Switch

IPv6 PC Router-2

IPv6 PC Router-3

Tunnel & VLAN

IPv6 on Edge Network

• PC Router with IPv4-only Layer 3 Switch

IPv4-only Layer 3 Switch

IPv6 PC Router-1

IPv6 Gateway PC Router

IPv6Network

• IPv6 address-family to all eBGP peers

IPv6 External Connection

INHERENTAS18007ITB

AS4796

TEIN3AS24489

Internetvia

LintasArtaAS4800

OpenIXPAS7717

he.netHong KongIPv6 BGP

Tunnel

IPv6 Routing Implementation

• FreeBSD/Linux-based PC Router (pre-2010) Quagga Routing Suite RIPng OSPFv3 BGP

• Dedicated Core Router/Switches (2010) Cisco Catalyst 6500 w/ Sup720-3B & Sup32 Juniper SRX650

IPv6 Application in ITB

• Operating System • DNS• WWW & FTP Server• Mail Exchange Server• Web Cache Proxy• Multicast Stream

Operating System for Server

• FreeBSD 8.x, 7.x, dan 6.x• CentOS Linux 5.x• OpenSolaris 2009.x• Windows Server 2003

Domain Name System (DNS)

• BIND 9.6.x• Forward zone AAAA record for MX & selected Server

• Reverse zone PTR record for 2403:8000::/32 delegated

from APNIC

Web Server

• Apache Web Server 2.2.x Serve IPv4 and IPv6 at the same time

• IPv6 PHP script to detect v6 client• Website IPv6 ITB http://www.itb.ac.id http://ipv6.itb.ac.id

ITB Official Website

Mail Exchange (MX) Server

• Postfix 2.7• mx[1-4].itb.ac.id • http://www.postfix.org/IPV6_README.ht

ml

Web Cache Proxy Server

• Squid 3.1• Web Cache Parenting over IPv6 to WIDE Project Japan

• Some IPv6 content observed Google IPv6 Youtube IPv6

• Serving IPv6 client in ITB• User Authentication with LDAP

Access.log Squid IPv6

Multicast Stream

• VLC IPv6 Unicast IPv6 Multicast

• Dokodemo SOI-ASIA (http://dokodemo.soi.asia) Allows regular IPv4 desktop to do VPN dial

and access IPv6 multicast video conference

Dokodemo

PLAN ON IPV6 ADOPTION IN INHERENT

Plans for IPv6 Adoption

• IPv6 Forum Indonesia• IPv6 Apps Delivery Controller Evaluation• IPv6 Deployment on INHERENT

IPv6 Forum Indonesia

• Initiated in IPv6 Summit June 2010, Bali• I’m working as VP Research & Application• http://www.ipv6forum.or.id

IPv6 Summit 2010 Bali

IPv6 SLB Evaluation

• ITB has just bought ServerIron ADX1000• IPv6 SLB that can translate: v6 client – v6 server v6 client – v6/v4 server v6 client – v4 server

Why evaluate IPv6 SLB?

• Hoping to solve questions: Which is comes first, network or application? What is IPv6 killer apps?

• How it’s going to solve: IPv4 killer apps can directly migrated to IPv6 No apps rewrite or migration

• At least in the theory Evaluation in the real world will tell you

IPv6 Deployment in INHERENT

INHERENT Network Status (1)

• 32 major sites (local nodes) in each province in Public University

• Inter-university connection 1 Gbps metro, STM-1, LC and satellite

• Other public/private universities in the province connected to local node 1 Gbps metro or 512k DSL

INHERENT Network Status (2)

• IPv4-only network• BGP Private AS in each major sites• Grouped together with BGP Confederation become AS18007

• BGP peering with: Universities which has Public IP/ASN Advertising prefixes to TEIN3

Plan on INHERENT IPv6 (1)

• Will use temporary /35 address from ITB 2403:8000:8000::/35 /40 to each local node /48 to each university

• Will ask for permanent IPv6 address from IDNIC

Plan on INHERENT IPv6 (2)

• 6 – 12 month timeframe• Plans: Human Resources Development Address allocation design Network Deployment plan Application Deployment pla Human Resources Development (again)

Network Deployment Plan

• Get address allocation• Enabling IPv6 on router• Configure IPv6 on network interface Loopback + WAN+LAN Interface

• Configure IPv6 routing Static, OSPF, BGP Tunneling if necessary

• IPv6 network verification

Application Deployment Plan

• Basic application deployment DNS IPv6 Tunneling to external network Web Server

• Advanced application deployment Proxy cache network over IPv6 IPv6 Multicast

Human Resource Development

• Make people aware about IPv6• Before & after deployment plan Hold the momentum after deployment

• To answer the question “now what?”

• Plans: Give information about IPv6 in Indonesian

• Books, blogs, tutorials

• I think it’s much harder than to setup the IPv6 network itself

Thanks!

top related