ipv6 networks management - renater · n management network n ipv6 mibs: ... • http, ftp, dns......

IPv6 networks management

Simon.Muyal@renater.fr

Simon Muyal 6net/Spring - 05/2004

Contribsn Bernard Tuy, Renatern Simon Muyal, Renatern Ralf Wolter, Ciscon Patrick Grossetête, Ciscon Munechika Sumikawa, Hitachin Patrick Paul, 6WIND

Simon Muyal 6net/Spring - 05/2004

Agendan Introductionn Management networkn IPv6 MIBs: current statusn Managing IPv6 networks n IPv6 MIBs implementationn Netflown SNMPv6n Management platformsn Management tools

n IPv6 LANn IPv6 MAN/WAN

n Examplesn Conclusionn Demo

Simon Muyal 6net/Spring - 05/2004

Introductionn Manage a network: What is it?

n A set of functions permitting:

• Monitoring• Security• Topology• Inventory• ...

Simon Muyal 6net/Spring - 05/2004

Introductionn IPv6 networks deployed:

n Most are dual stack • LANs (campuses, companies, …)• MANs (RAP, …)• WANs -ISPs (Géant, NRENs, IIJ, NTT/Verio, Abilene, …)• IXes

n Testbed, pilote net, production …=> Management tools are needed

n Which applications are available for managingthese nets ?n Equipment, configurations, …n IP services (servers : DNS, FTP, HTTP, …)

Simon Muyal 6net/Spring - 05/2004

Introductionn SNMP Model:

IPv6 MIBs Status

Simon Muyal 6net/Spring - 05/2004

IPv6 MIBs status

n MIBs are essential for the network management.

n SNMP-based applications are widely usedbut others exist too (NetFlow, …)

n SNMP rely upon MIBs …=>Need to have MIBs to collect IPv6

information as well as get MIBs reachable from an IPv6 address family.

Simon Muyal 6net/Spring - 05/2004

IPv6 MIBs /2n Standardization status at IETF:

n At the beginning:• IPv4 and IPv6 MIBs dissociated.

n Today :• Unified MIBs are on standardization track.

Simon Muyal 6net/Spring - 05/2004

IETF MIB Status /3

n draft-ietf-ipv6-rfc2096-update-07.txt n IP Forwarding Table MIB (02/2004)à proposed standard RFC(in the RFC Editor's queue… can be considered as done)

n draft-ietf-ipv6-rfc2013-update-03.txt n UDP MIB (04/2004)à this hasn't been submitted for publication yet

n draft-ietf-ipv6-rfc2012-update-06.txt n TCP MIB (02/2004)

n draft-ietf-ipv6-rfc2011-update-07.txt n IP MIB, last call Jan 04 n v09.txt (04/2004)

à These two are "Proposed Standard”, IESG Evaluation: “Revised ID Needed".

Simon Muyal 6net/Spring - 05/2004

IETF MIB Status /4

n BGP MIB v6: not stabilized yet.n The current document is draft-ietf-idr-bgp4-mibv2-04.txt(01/2004)

Note that the same folks are working on n draft-ietf-idr-bgp4-mib-14.txt (04/2004), update of RFC 1657.

->Neither of these has had a request for publication yet.

Managing an IPv6 Network

Simon Muyal 6net/Spring - 05/2004

Managing an IPv6 network

n Dual stack IPv6 networksn IPv6 only

n There are not the main case …

n Important to keep in mind n DS is not for evern One IP stack should be removed … one dayn No reasons for netadmins to face twice the

amount of work

Simon Muyal 6net/Spring - 05/2004

Dual Stack IP networksn Part of the monitoring via IPv4

n Connectivity to the equipmentn Tools to manage it (inventory, configurations,

«counters», routing info, …)

n Remaining Part needs IPv6n MIBs IPv6 supportn NetFlow (v9)

Simon Muyal 6net/Spring - 05/2004

IPv6 only networksn Topology discovery (LAN, WAN ?)n IPv6 SNMP agent n SNMP over IPv6 transport

=> Need to identify the missing parts

IPv6 MIBs implement°

Simon Muyal 6net/Spring - 05/2004

IPv6 MIBs implement°/1n Cisco

n Private Cisco MIBs implement ID-00 of RFC 2011 & 2096 updated drafts

n But, no distinction between IPv4 and IPv6 traffic at the interface level from the MIBs (available when new IETF MIB get implemented)

n Information available from CLI• show interface accounting• …

Simon Muyal 6net/Spring - 05/2004

n Juniper

n MIB based on RFC 2465

n with different counters for IPv4 and IPv6 traffic ?

n Or based on filters to collect IPv6 traffic

IPv6 MIBs implement°/2

Simon Muyal 6net/Spring - 05/2004

n Hitachi

n Routers (GR2000/GR4000) and Switches (GS4000) support IPv6 standard MIBs:

• RFC 2452: TCP/IPv6• RFC 2454: UDP/IPv6• RFC 2465: Textual conventions for IPv6• RFC 2466: ICMPv6

n The unified MIBs are not implemented yet.

IPv6 MIBs implement°/3

Simon Muyal 6net/Spring - 05/2004

n 6WIND

n MIBs based on RFC 2465 and RFC 2466n To be checked at our lab …

IPv6 MIBs implement°/4

Netflow

Simon Muyal 6net/Spring - 05/2004

Netflow

Simon Muyal 6net/Spring - 05/2004

NetFlow for IPv6 /1n IETF IPFIX WGn Cisco

n Netflow for IPv6 on Cisco IOS 12.3(7)T• Compliant Netflow v9• Still use an IPv4 transport to export the data• Needs to update your own Netflow Collector

• Cisco NFC v5.0 available• Other collectors are available too …

=>Netflow is not yet there for GSRs though

Simon Muyal 6net/Spring - 05/2004

NetFlow for IPv6 /2n Hitachi

n Support sflow (http://www.sflow.org/) and Netflow is on the roadmap.

n 6WIND:n Not available

SNMP over IPv6

Simon Muyal 6net/Spring - 05/2004

SNMP over IPv6n Cisco:

nSNMP over IPv6 is shipping in 12.0(27)S1. (This is the "limited" version that 6Net tested, so the transportis there, but some features (snmp proxy, infra mibs) still lack IPv6 capability)The plan is to have full SNMP over IPv6 in future releasesnToday, syslog messages related to IPv6 are sent over an IPv4 transport. Later, syslog will run over IPv6 as well

n Hitachi:nSNMP over IPv6 is available

n 6WINDnSNMP over IPv6 is available

Management platforms

Simon Muyal 6net/Spring - 05/2004

Management platforms

n Commercial ISPs use to have integrated management platforms (NRENs folks mostly use GPL or Home made tools)

n HP-OV proposes a version with IPv6 features: NNM 7.0 (sept 2003).

n Ciscoworks: IPv6 version for • Campus Manager under tests Application note on IPv6 management

n Netview (IBM) doesn’t propose any IPv6 featuresn Tivoli : no information …n Infovista : « no IPv6 plan at the moment »

Simon Muyal 6net/Spring - 05/2004

n HP Openviewn Ciscoworks 2000

(Campus Manager)n IBM Netviewn Infovista, Tivolin …

IPv6 ready

IPv6 not ready

« Top ten » …

Monitoring tools

Simon Muyal 6net/Spring - 05/2004

Monitoring tools for IPv6 networks

n For a LAN:• Nagios• Argus• MRTG…

n For a MAN/WAN:• AS PATH tree• Weather map• Netflow• Rancid• Looking Glass…

Simon Muyal 6net/Spring - 05/2004

6Net and IPv6 monitoring toolsn 6Net wp6 : managing large scale IPv6

netsn Tests lot of ipv6 ready toolsn Port many others to ipv6

Simon Muyal 6net/Spring - 05/2004

6Net outcomen 30+ monitoring tools for IPv6

n Testedn Implemented n Documented

n URL: http://tools.6net.org/n To be publicly available in a few weeks

Examples

Simon Muyal 6net/Spring - 05/2004

IPv6 LAN management: Nagios

n URL://www.nagios.orgn Administration of network:

• PCs• Switches• Routers

n Administration of services:• http, ftp, dns...

n Evolution: new features can be added with plug-ins

Simon Muyal 6net/Spring - 05/2004

Nagios

Simon Muyal 6net/Spring - 05/2004

IPv6 MAN/WAN management: AS Path Tree

n Display BGP4+ « topology » from

n BGP4+ routing table.

n Generate HTML pages.

Simon Muyal 6net/Spring - 05/2004

AS Path Tree

Simon Muyal 6net/Spring - 05/2004

IPv6 MAN/WAN management : Looking Glass

n Get information on a router w/o directconnection

n Web Interfacen Final user don’t need a loginn Allow the user to detect causes of failures

w/o asking the NOC

Simon Muyal 6net/Spring - 05/2004

Looking Glass

Simon Muyal 6net/Spring - 05/2004

Inventory : Architecture

Utilisateur Serveur WEBPHP

Serveur BDMysql

RENATER 3

GIPRENATER

NOCRENATERServeur

Perlcrontab

Collecteur SNMP

1''

4''

2'' 3''

Polling SNMP1

2

3'

FTP

SSH 1

2MySql

Simon Muyal 6net/Spring - 05/2004

Inventory: Interfaces

Simon Muyal 6net/Spring - 05/2004

Inventory: BGP Peerings

Simon Muyal 6net/Spring - 05/2004

Conclusionn ISPs –and any other organisations-

need monitoring tools to launch a new service/protocolinto production

n Lot of monitoring tools are now ready for IPv6 networks

n But :n Q1: are my usual tools (used for IPv4 monitoring)

available for IPv6 too ?n Q2: what I need to stress to my favourite vendor to be

ready and manage my IPv6 network ?

Simon Muyal 6net/Spring - 05/2004

Retrieve this information …

n http://sem2.renater.fr/n -> Présentations n -> RFCs …

Simon Muyal 6net/Spring - 05/2004

Demos:n …

Simon Muyal 6net/Spring - 05/2004