yeung. s ipv6 in mobile networks tutorial apnic37 1392858312

TELS

TRA T

EMPL

ATE

4X3

BLU

E BET

A |

TELP

PTV4

TELS

TRA T

EMPL

ATE

4X3

BLU

E BET

A |

TELP

PTV4

IPV6 IN MOBILE NETWORKS APNIC37 - TUTORIAL PRESENTATION

TUESDAY 25/02/2014

Sunny Yeung Senior Technology Specialist

Telstra Wireless Data Engineering

AGENDA

1.  Why IPv6? 2.  3GPP Definitions 3.  Current Wireless Architectures 4.  IPv6 in Wireless Architectures 5.  Transition Methods 6.  Setup and Testing 7.  Configurations and Settings 8.  Solution testing and results 9.  Considerations 10. Q&A

2 IPv6 in Mobile Networks| Sunny Yeung | 02/2014|

WHY IPV6?

Drivers for IPv6 •  Exponential Growth in mobile data traffic. •  Growth in the number of mobile user equipment. •  New devices are session hungry, consuming multiple IP and ports. •  Projected uptake of Sensor-Networks using 6LoWPAN and Machine to Machine (M2M)

communications. •  IPv4 Public run out : Most operators started to deploy NAT44 very early on either on

Internet gateways or dedicated devices. •  IPv4 Private run out : APN IP Address pools. Reuse subnets if/where possible. •  Offload the NAT44 Architecture. •  Provider-hosted IPv6 services/content that can reduce private IPv4 address usage -  (VoLTE/IMS)

Remember - The use of IPv6 services should be invisible to the end-user.

3 IPv6 in Mobile Networks| Sunny Yeung | 02/2014 |

WIRELESS DEFINITIONS

4 IPv6 in Mobile Networks | Sunny Yeung | 02/2014 |

WIRELESS DEFINITIONS UE – User Equipment

This is the end-user equipment where it can be an IPv6 enabled USB dongle or Smartphone. It is expected the OS is fully IPv6 compliant.

Wireless networks are based on GPRS core networking which allows 2G, 3G, WCDMA, LTE

mobile networks to transmit IP packets to external networks such as the Internet. SGSN – Serving GPRS support node / MME

An SGSN is responsible for the delivery of data packets from and to the mobile stations within its geographical service area. It performs functions such as packet routing and transfer, tunnel/detunnel downlink/uplink packets towards the RNC, and carry out mobility management for connected nodes.

GGSN – Gateway GPRS support node / PGW

The GGSN is the main component of the GPRS network. It is responsible for internetworking between the GPRS network and the external network, such as the internet. From the internet’s perspective, the GGSN is a router to a ‘sub-network’ as it hides the GPRS network infrastructure behind the GGSN.


WIRELESS DEFINITIONS

RNC – Radio Network Controller The RNC controls the NodeBs, (Radio Towers), performs radio resource management, congestion controls, and delivers voice traffic to the media gateway and data traffic to the SGSN.

HLR – Home Location Register

The HLR is a central database that contains details of each mobile subscriber that is authorised to use the GSM core network. Each IMSI/MSISDN can be associated with only 1 HLR at a time. It also stores data such as GSM services that the subscriber has requested, GPRS settings for access to packet services, subscriber location, and call divert settings.

PDP context – Packet Data Protocol

The PDP context is a data structure present on the SGSN and the GGSN containing subscriber information for an active session. When a user wants to use GPRS, it must first activate a PDP context. The Context includes data such as: IP address, IMSI, Tunnel endpoint ID at the GGSN/SGSN.


CURRENT WIRELESS ARCHITECTURES


CURRENT IPV4 IMPLEMENTATION CENTRALISED CGNAT

- National non-overlapping Private Address space used for UE assignment. Large service numbers will mean high Private Address demand.

- CGNAT performs NAT/PAT 44.

PAT substantially reduces Public and Private IPv4 address demand, but does not prevent run out.


IPV6 IN WIRELESS ARCHITECTURES


BEARER TYPES IPv4 Only Bearer

•  The link is “IPv4 only” – 1x private IPv4 address allocated by the GGSN via PDP context request. IPv6 Only Bearer

•  The link is “IPv6 only” – 1x /64 prefix per bearer, and 1x IPv6 address on UE IPv4v6 Bearer

•  The link is “dual-stack”. The bearer is configured with both an IPv4 address and 1x /64 prefix.

Dual Stack Implications 3GPP Release 8 : An IPv4 only + IPv6 only bearer is used, resulting in 2x bearers = significant

licensing costs to the carrier. 3GPP Release 9 : A single PDP context/bearer IPv4v6 is used as standard. Only 1 interface is used

on the GGSN/PGW.


IPv6

Radio Bearer

IPv4 PDP Context

Radio Bearer PDP Context

O Dual Stack – 3GPP Release 8

Radio Bearer

IPv4

IPv6

PDP Context

P Dual Stack – 3GPP Release 9

WIRELESS INTERNET ACCESS BASIC IPV6 REQUIREMENTS

- Dual-Stack / Native IPv6 UE -  Backhaul – IPv6 optional -  SGSN – IPv6 PDP aware - HLR – Full IPv6 support -  Radius AAA – Full IPv6 support

11

- DNS – Full IPv6 support + DNS64 -  GGSN – Full IPv6 support - MPLS Core – 6PE/6VPE -  Large Scale NAT – NAT44 and NAT64

IPv6 in Mobile Networks | Sunny Yeung | 02/2014 |

TRANSITION METHODS


TRANSITION METHOD 1 ENABLE IPV6 DUAL-STACK

- Our self-imposed requirement is to run a single PDP context / bearer Dual-Stack implementation to reduce licensing costs if this is the way forward

- Network Core is enabled with Dual-Stack regardless - Challenges with Dual-Stack:

•  It does not resolve any Private IPv4 runout problem! •  Requires IPv4v6 PDP context support on all network elements •  Possible OS behaviour uncertain (preferences, stack selection) – RFC6555? •  Operational overhead •  Limited available Handsets we are aware of that supports IPv4v6 single PDP. •  Still requires IPv4 connectivity provisioning 13 IPv6 in Mobile Networks | Sunny Yeung | 02/2014 |

TRANSITION METHOD 2 ENABLING IPV6 SINGLE STACK

-  Preferred method when there is a risk of Private IPv4 runout -  IPv4 used as backup in cases where IPv6 service is not available (eg. Roaming) -  Stateful NAT64 to replace NAT44 for IPv4 destined traffic. - Network Core is enabled with Dual-Stack regardless. - Challenges

•  Fragmentation and packet sizes due to NAT64 •  DNS resolution issues (local and/or remote) •  UE requires 464XLAT or similar due to many IPv4 only applications still out there. Requires

UEs to support 464XLAT 14 IPv6 in Mobile Networks | Sunny Yeung | 02/2014 |

WHICH METHOD?

SINGLE STACK + NAT64 - UE for Single Stack with NAT64 is available, but many network / application issues need to

be resolved. IPv4 literals do not work and requires re-work from developers. -  464XLAT need to be accepted as standard on the UE to accommodate for IPv4 only

applications. This is now standard on Android 4.3. -  Single Stack relies heavily on NAT64 for the initial few years of transition and many

applications require ALGs. These may not be fully supported by vendors. - DNS issues -  Fragmentation problems due to increased packet size. -  Translation required to access self-hosted content but issues around header enrichment

services must be addressed due to the translation and how radius is applied. DUAL-STACK with IPv4v6 - UE for Dual-Stack single PDP context / bearer are rare. -  Issues around which stack it selects on the OS of the UE - Does not help with relieving Private IPv4 address runout problems -  Suits well for providers with a lot of self-hosted content that cannot be changed to IPv6

quickly


SETUP AND TESTING


SETUP AND TESTING A common configuration can be deployed across all APNs with the following context types. This will provide the maximum flexibility on establishing a successful connection to the network. HLR = IPV4, IPV6+DS HSS = IPv4v6 MMS/SGSN = DAF set PGW/GGSN = IPv4v6

• NAT64 (RFC6146) + DNS64 (RFC6147) MUST be used within each APN. • 464XLAT (RFC6877) MUST be used for smartphones and handsets and establish a PDP context of type v6 only.


SETUP AND TESTING

IPv6 was tested using single stack again in 2013 after the release of 464XLAT code from Samsung on the Galaxy S4 device using test software. Dongles may forego 464XLAT only if establishing a Dual-Stack PDP type of IPv4v6 only. In the future when dongles are set with IPv6 only, it MUST support 464XLAT. Devices tested so far: -  Samsung Note 3 (Android 4.3) -  Samsung Galaxy S4 (Android 4.3) - Samsung Note 10.1 2014 (Android 4.3)


CONFIGURATIONS AND SETTINGS


CONFIGURATIONS AND SETTINGS ROUTERS AND SWITCHES

Don’t believe everything your vendor says about IPv6 support

• Running OSPF? IPv6 needs OSPFv3. Using it with VRF-Lite? Make sure it runs 15.1SY or above on Cisco Routers. • For Cisco devices, convert your access-layer and others to use HSRPv2.

• Not all devices have IPv6 unicast routing enabled by default! Remember to enable multi-layer switching


Cisco (config) # ipv6 unicast-routing Cisco (config) # mls ipv6 vrf Cisco (config) # vrf definition Payload Cisco (config-vrf) # address family ipv4 Cisco (config-vrf) # address family ipv6

CONFIGURATIONS AND SETTINGS ROUTERS AND SWITCHES

• Juniper Routers don’t necessarily advertise IPv6 directly connected routes by itself – you need to tell it what to do!

• For static routes, its even weirder: • IPv4 static route:

• IPv6 static route:


user@HOST# set interfaces xe-1/0/0 unit 10 family inet6 address 2001:2000:D:200::2/64 user@HOST# set protocols router-advertisement interface xe-1/0/0.10 prefix 2001:2000:D:200::/64

user@HOST# set routing-instances IPv6Test routing-options rib IPv6Test.inet6.0 static route 2001:2000:C:200::/64 next-hop 2001:2000:D:200::4

user@HOST# set routing-instances IPv6Test routing-options static route 10.1.1.0/28 next-hop 10.4.63.9

SOLUTION TESTING AND RESULTS


464XLAT TESTING INDICATIVE RESULTS FROM 2013 TRIAL


Most applications working reasonably well. IPsec/VPN applications require more testing Some IPv4-only applications now working better with 464XLAT Some applications still experiencing issues – we are still investigating why even though 464XLAT is implemented. Please talk to me separately if you are interested.

CONSIDERATIONS FOR THE FUTURE



Most networks usually use Dual-Stack first, but NAT44 networks with private address constraints, like many mobile networks, may benefit going directly to Single-Stack IPv6. Be careful when defining what Single-Stack and Dual-Stack is for Mobiles – Dual-Stack is deployed in the Mobile IP Core for the foreseeable future! Single Stack is highly recommended for the PDP session! You can begin deploying IPv6 today in the Core! Check with your vendor to ensure the features needed are supported. Begin today, don’t delay! The ‘chicken or the egg first’ scenario no longer applies! Networks with IPv4v6 PDP enabled should not have DNS64 enabled simultaneously. Networks with IPv6 PDP only enabled must have DNS64 enabled. Begin looking at enabling your content to support native IPv6 CGN may be required to extend the IPv4 runout. Don’t be afraid to use it but don’t be over-reliant on it – the end goal is always native IPv6. CGN will not prevent the inevitable!



Devices on Single Stack IPv6 must support 464XLAT – until all applications have native IPv6 support and IPv4 literals disappear from the internet.

• Push your device Vendors to support 464XLAT as a standard release • Push for devices that support IPv6 and IPv4v6 • Make sure you include RFC6555 (Happy Eyeballs) as a requirement for DS devices

We need all Mobile operators to support 3GPP R8 and above so the transition to support IPv6 international roaming is simplified in the future. If everyone can get to R8+, then we can do IPv6 international roaming! For the immediate next 2-3 years, devices when roaming should default back to IPv4. (debatable!).


MORE INFORMATION CGN considerations APNIC Plenary: Anatomy of CGN Ballroom B, Wednesday 26/02/2014, 9am to 10:30am Pressure caused by IPv4 address exhaustion is increasing and real. Some Service Providers need to deploy IPv6 transition technologies while extending their IPv4 address space by relying more on private addresses. Carrier Grade NAT (CGN) has been discussed as an option to extend globally routable IPv4 addresses since 2010. Various arguments have been put forward about its pros and cons. What is 464XLAT? 464XLAT: Breaking Free of IPv4 Lotus 5&6, Tuesday 25/02/2014, 4pm to 5:30pm Presented by Cameron Byrne from T-Mobile, this tutorial will review 464XLAT (RFC6877) and how it applies to mobile and broadband networks to enable growth beyond IPv4 scale while minimizing translation and tunnelling and positively incentivizing end-to-end IPv6 deployment.


QUESTIONS?


CONTACT Sunny Yeung Senior Technology Specialist Telstra Wireless Data Engineering [email protected]


yeung. s ipv6 in mobile networks tutorial apnic37 1392858312

Documents