indonesia ipv6 update - apan hanoi 2010
DESCRIPTION
Indonesia IPv6 Update - APAN Hanoi 2010TRANSCRIPT
Indonesia IPv6 UpdateAPAN Meeting Hanoi 2010
Affan [email protected]
Outline
• History of IPv6 in Indonesia REN• IPv6 Adoption in ITB• Plan on IPv6 Adoption in INHERENT
HISTORY OF IPV6 ON INDONESIA REN
History of IPv6 on Indonesia REN (1)
• 1998: IPv6 Experiment in ITB using FreeBSD and
INRIA IPv6 stack, pTLA 3ffe:0501::/32, sTLA 2001:200:0830::/48
• 2000: Connect to AI3-JP with FreeBSD and KAME
IPv6 stack, 2001:d30:3::/48
• 2002: First IPv6 Books in Indonesia by ITB students
• 2003: Start of IPv6 deployment on ITB campus after
Advanced Network Course by SOI-ASIA
• 2005: IPv6 Multicast video conference & e-learning
with SOI-ASIA
History of IPv6 on Indonesia REN (2)
• 2007: ITB get 2403:8000::/32 address from APNIC TEIN2 IPv6 Connectivity
• 2008 - 2010: IPv6 connection to multiple networks (AI3,
OpenIXP, TEIN3, tunnel to he.net)
History of IPv6 on Indonesia REN (3)
IPV6 ADOPTION IN ITB CAMPUS
Campus Network
IPv6 on Access Network
• 802.1Q Trunk VLAN to distribute IPv6 subnet via Router Advertisement (RA)
Layer 2 Switch
Layer 2 Switch
Layer 2 Switch
IPv4-only Layer 3 Switch
PC
PC
PC802.1Q Trunk
IPv4-only Layer 3 Switch
IPv6 PC Router
IPv6 on Core Network
• PC Router with VLAN interface• OSPFv3
IPv4-only Layer 3 Switch
IPv6 PC Router-1
IPv4-only Layer 3 Switch
IPv4-only Layer 3 Switch
IPv6 PC Router-2
IPv6 PC Router-3
Tunnel & VLAN
IPv6 on Edge Network
• PC Router with IPv4-only Layer 3 Switch
IPv4-only Layer 3 Switch
IPv6 PC Router-1
IPv6 Gateway PC Router
IPv6Network
• IPv6 address-family to all eBGP peers
IPv6 External Connection
INHERENTAS18007ITB
AS4796
TEIN3AS24489
Internetvia
LintasArtaAS4800
OpenIXPAS7717
he.netHong KongIPv6 BGP
Tunnel
IPv6 Routing Implementation
• FreeBSD/Linux-based PC Router (pre-2010) Quagga Routing Suite RIPng OSPFv3 BGP
• Dedicated Core Router/Switches (2010) Cisco Catalyst 6500 w/ Sup720-3B & Sup32 Juniper SRX650
IPv6 Application in ITB
• Operating System • DNS• WWW & FTP Server• Mail Exchange Server• Web Cache Proxy• Multicast Stream
Operating System for Server
• FreeBSD 8.x, 7.x, dan 6.x• CentOS Linux 5.x• OpenSolaris 2009.x• Windows Server 2003
Domain Name System (DNS)
• BIND 9.6.x• Forward zone AAAA record for MX & selected Server
• Reverse zone PTR record for 2403:8000::/32 delegated
from APNIC
Web Server
• Apache Web Server 2.2.x Serve IPv4 and IPv6 at the same time
• IPv6 PHP script to detect v6 client• Website IPv6 ITB http://www.itb.ac.id http://ipv6.itb.ac.id
ITB Official Website
Mail Exchange (MX) Server
• Postfix 2.7• mx[1-4].itb.ac.id • http://www.postfix.org/IPV6_README.ht
ml
Web Cache Proxy Server
• Squid 3.1• Web Cache Parenting over IPv6 to WIDE Project Japan
• Some IPv6 content observed Google IPv6 Youtube IPv6
• Serving IPv6 client in ITB• User Authentication with LDAP
Access.log Squid IPv6
Multicast Stream
• VLC IPv6 Unicast IPv6 Multicast
• Dokodemo SOI-ASIA (http://dokodemo.soi.asia) Allows regular IPv4 desktop to do VPN dial
and access IPv6 multicast video conference
Dokodemo
PLAN ON IPV6 ADOPTION IN INHERENT
Plans for IPv6 Adoption
• IPv6 Forum Indonesia• IPv6 Apps Delivery Controller Evaluation• IPv6 Deployment on INHERENT
IPv6 Forum Indonesia
• Initiated in IPv6 Summit June 2010, Bali• I’m working as VP Research & Application• http://www.ipv6forum.or.id
IPv6 Summit 2010 Bali
IPv6 SLB Evaluation
• ITB has just bought ServerIron ADX1000• IPv6 SLB that can translate: v6 client – v6 server v6 client – v6/v4 server v6 client – v4 server
Why evaluate IPv6 SLB?
• Hoping to solve questions: Which is comes first, network or application? What is IPv6 killer apps?
• How it’s going to solve: IPv4 killer apps can directly migrated to IPv6 No apps rewrite or migration
• At least in the theory Evaluation in the real world will tell you
IPv6 Deployment in INHERENT
INHERENT Network Status (1)
• 32 major sites (local nodes) in each province in Public University
• Inter-university connection 1 Gbps metro, STM-1, LC and satellite
• Other public/private universities in the province connected to local node 1 Gbps metro or 512k DSL
INHERENT Network Status (2)
• IPv4-only network• BGP Private AS in each major sites• Grouped together with BGP Confederation become AS18007
• BGP peering with: Universities which has Public IP/ASN Advertising prefixes to TEIN3
Plan on INHERENT IPv6 (1)
• Will use temporary /35 address from ITB 2403:8000:8000::/35 /40 to each local node /48 to each university
• Will ask for permanent IPv6 address from IDNIC
Plan on INHERENT IPv6 (2)
• 6 – 12 month timeframe• Plans: Human Resources Development Address allocation design Network Deployment plan Application Deployment pla Human Resources Development (again)
Network Deployment Plan
• Get address allocation• Enabling IPv6 on router• Configure IPv6 on network interface Loopback + WAN+LAN Interface
• Configure IPv6 routing Static, OSPF, BGP Tunneling if necessary
• IPv6 network verification
Application Deployment Plan
• Basic application deployment DNS IPv6 Tunneling to external network Web Server
• Advanced application deployment Proxy cache network over IPv6 IPv6 Multicast
Human Resource Development
• Make people aware about IPv6• Before & after deployment plan Hold the momentum after deployment
• To answer the question “now what?”
• Plans: Give information about IPv6 in Indonesian
• Books, blogs, tutorials
• I think it’s much harder than to setup the IPv6 network itself
Thanks!