For a few of us in the Cisco Brussels office the last weekend of January always marks a special occasion.
The weekend is dedicated to the Free and Open-source Software Developers’ European Meeting (FOSDEM) conference in Brussels, with around 5,000 visitors attending. The event happens at the ULB (Université libre de Bruxelles) campus, but traditionally uses its own network infrastructure, sponsored by Cisco. And we, who are Cisco employees, volunteered our time to help the community as well as meet some new friends and get extra hands-on experience with a sizable network.
What was different this year was that just before the official start of the conference I finally figured out how NAT64 works, gave a 5 minute warning on twitter (image below), and then disabled IPv4 on the main network (simply stated I removed the IPv4 address of the router on the client interface so that only the IPv6 address remained).
That meant that visitors would only get an IPv6 address and connectivity to the “legacy” IPv4-only Internet was solely provided using DNS64 and NAT64 on the Cisco ASR1001.
We believe that this was the very first time a public conference network was enabled as IPv6-only by default. The same infrastructure has been provided at RIPE, IETF, and at CiscoLive before, but the IPv6-only SSID was always experimental in nature and the IPv6-only main SSID was never the default choice. For clients who experienced problems there was a legacy dual stack (IPv4 and IPv6 at the same time) network available. We also encouraged anyone with an IPv6-only network issue to report a bug.
How did we do? Due to the openness of the conference, registration is not mandated - you just walk in and participate, so we have no hard numbers on the amount of visitors. However over the two days we saw 8,409 unique MAC addresses on the wireless network. Pretty good!
The connectivity was via a 1 Gbps uplink provided by Colt. We used the wired and wireless infrastructure of the ULB campus and Cisco provided a number of switches (a few AIR-CAP3502I wireless access points to provide coverage in the big conference room and an ASR1001 router to handle the actual traffic). To have first hop security for IPv6 on wireless you need a recent enough Wireless Lan Controller and Access Points.
Some statistics we gathered:
- Attendees used a variety of devices, some laptops, tablets, and smartphones. We measured that 0.7% used 802.11a, 4% used 802.11b, 35% used 802.11n(5GHz) and 60% used 802.11n(2.4GHz).
- 32% of attendees remained on the IPv6-only network, while 67% moved to the dual stack network. It’s very likely they moved to the dual stack network because they were using a device that had difficulties running without IPv4 addresses, see bug 32630). Additional bugs were filed for other problematic applications and systems.
- Over the course of the conference, we handled 32 million IPv4 connections and 6 million IPv6 connections. Of those 7 million were IPv4 HTTP connections and for IPv6 we had 1 million were HTTP connections. Sampling revealed that we expect to have the same amount of HTTPS (encrypted) sessions as HTTP (unencrypted) sessions. This being an open source conference, the next most popular service (after DNS and NTP) was IMAP-over-SSL (993). Peak bandwidth over wireless was about 300 Mbps incoming and 30 Mbps outgoing.
- NAT64 handled 2.3 million IPv6 to IPv4 connections without major problems being reported. In fact some visitors did not realise that they were on an IPv6-only network!
With these findings, we were able to clearly demonstrate that an IPv6-only network is a viable option for some customers already! We also received a significant amount of influential developers to notice, report, and fix any problems in their applications triggered by the lack of an IPv4 address. Many developers reported that this was the first time that they would test their applications and services in a pure IPv6 environment. You can also see the configuration of the ASR1001 on the Cisco Support Community.
Best regards from your Cisco and FOSDEM team,