Last year on World IPv6 Day, Cisco brought up IPv6 on Alpha for 24-hours. Now on June 6, 2012, Cisco will participate in the World IPv6 Launch with www.cisco.com. Here are some important points about the upcoming launch:
• During this production launch, Website Operators, Network Operators and Home Router vendors will offer content over IPv6 for their production service (e.g. www.example.com).
• This is a “turn it on, leave it on” event.
• We will advertise an IPv6 DNS record for www.cisco.com to make www.cisco.com IPv6 permanently accessible to the world.
• 1000+ participating companies are participating in this event.
• Several cross functional Cisco groups participating including IT, Services and Engineering:
This is an important event for Cisco to participate in because it gives us the opportunity to enable our Enterprise with a very important Infrastructure capability as well as learn valuable lessons that can be shared with our peers, customers and internally to Engineering and Services. IPv6 is critical to the Internet’s continued growth as a platform for innovation and economic development.
We have a strong Cisco-on-Cisco message for June 6. Cisco is using many of our own technologies end-to-end for the World IPv6 Launch. Nexus 5k/7k, ASR, GSS, ACE30, Catalyst Switches, ASA and Netflow v9 to name a few.
The ACE30 is a key capability for making www.cisco.com IPv6 accessible for the World IPv6 Launch. We’re using the ACE30 to proxy IPv6 user traffic to our IPv4-only web servers.
We’ve been diligently preparing for June 6. Here are the key IPv6 projects allowing Cisco to successfully participate in the World IPv6 Launch:
1. The IPv6 Core Project -- Focused on the foundations of our network and deploying the IPv6 core regional tunnel head-ends and dual stacking CAPNet. This means the entire network is ready to support both IPv4 and IPv6 protocols. To-date, major milestones have been achieved including fully enabling IPv6 from Bangalore to San Jose and San Jose to Richardson IPv6 deployment.
2. The IPv6 DMZ Project – (1) Enabled IPv6 in the Richardson DMZ in order to support the World IPv6 Launch on June 6, 2012. (2) Enabled IPv6 for the Core DMZ in San Jose to support the Campus/Branch User internet access. (3) Make all 15 Cisco DMZs (transit and non-transit) IPv6-capable globally in FY12, including San Jose, Amsterdam, Bangalore, Allen, Richardson, Hong Kong, Raleigh, Singapore, Sydney, Tokyo, Boxborough, Johannesburg, Shanghai, Tel Aviv, and Vancouver.
3. The IPv6 Data Center Project – Ensures all Cisco Data Centers are IPv6 capable. The immediate goal is to ensure the data center in Richardson (Texas), running www.cisco.com, is capable to support the World IPv6 Launch.
I’m excited about the great work our team has achieved to get IPv6 launched globally.
World IPv6 Launch is just around the corner. By June 6, 2012, web companies, major ISPs, and home networking equipment manufacturers are coming together to permanently enable IPv6 for their products and services. Cisco is among them, participating in this global IPv6 launch both as a website operator and leading network solutions provider. As a web company, we’ll be making www.cisco.com permanently IPv6 accessible starting on June 6. Here’s a view into how Cisco IT has been preparing our IPv6 web presence.
The enterprise journey toward IPv6 started almost a decade ago, and the focus on our web presence started a couple of years ago when the Cisco IT team built a small-scale, parallel IPv6 environment in a sandbox network that was used to host static content. We used the domain name www.ipv6.cisco.com, knowing that few people would visit the site. It gave us a chance to get our feet wet with IPv6 while minimizing the risk should something go wrong.
Fast forward to June 8, 2011 and World IPv6 Day when many website operators globally enabled IPv6 access to their production sites and services as part of a 24-hour “test run.” Cisco made www.cisco.com IPv6 accessible on that day. The outcome was a success, and gave all the participants confidence that IPv6 was truly production ready. World IPv6 Day was also a valuable learning opportunity for Cisco IT to better understand what it would take to permanently IPv6-enable our website.
In the year since that test run, our focus has been on preparing for the World IPv6 Launch. The big difference in planning for this launch stems from “the turn it on and leave it on” objective. To leave IPv6 on permanently demands production quality, and production quality demands readiness. Readiness started for us several months ago when we first sought support for World IPv6 Launch from IT and business leaders. Based on our experiences with World IPv6 Day, we knew that planning and delivery would require collaboration across most of the IT organization. So the first step was buy-in at the CIO level to help ensure that all needed teams were at the table.
Next, we turned our attention toward architecture and design. Our primary goals were to:
Leverage the existing production network infrastructure investment and avoid costs of parallel networks.
Ensure production quality and the ability to maintain service levels for www.cisco.com.
The design we chose centers on a reverse proxy model using the Cisco Application Control Engine (ACE). Incoming IPv6 sessions are proxied by the ACE to the existing web tier using IPv4. The network upstream of the ACE is dual stacked, including existing ISP connections.
With the design in place, our attention shifted to network hardware, software, service provider, and application readiness. We performed an assessment using the IPv6 Device Readiness Assessment service to determine whether existing devices in our DMZ and data center networks were capable of supporting IPv6. The assessment showed that existing hardware was capable of supporting IPv6, but software upgrades were required on some platforms. In parallel, we assessed our ISP partners and their ability to dual stack existing connections, as well as our content delivery network provider’s ability to accelerate content delivery for www.cisco.com over IPv6. Based on our experience with World IPv6 Day, we felt comfortable that existing applications and services residing behind the www.cisco.com domain name were compatible with IPv6. The only application that required slight modification was our web analytics system that tracks site usage for www.cisco.com and uses source IP address as a data point. We found that the system vendor supported IPv6 in the product, and we made minor configuration changes to accommodate IPv6 source addresses.
Operational readiness followed, which is a critical stage given the need to maintain production levels of service. With service assurance being top of mind, we enhanced our network management systems to support network, device, and application monitoring over IPv6. We also put together a training program to ensure that everyone, from the front line help desk to network engineers, had the IPv6 knowledge and skills appropriate for their role.
And finally we reached system-level testing, which is where we’re at today. End-to-end testing is under way with QA engineers performing functional and performance checks. Our last test will be a “final practice run” when we temporarily advertise an AAAA DNS record for a couple of hours and validate that everything works end to end in our production environment, including our content delivery network and ISP services.
The recent earthquakes and tsunamis have brought wide-spread devastation to Japan, including to the domestic and international telecommunications infrastructure that companies doing business in Japan rely on. (See the article, “In Japan, Many Undersea Cables are Damaged”). This impact extends to Cisco where Japan is home to numerous field offices with Tokyo the site of Cisco’s North Asia network backbone hub. This hub provides an aggregation point for regional WAN and Internet connectivity in North Asia as well as direct connectivity to four other regional CAPNet hub locations in Asia and the US.
In my last blog I described how Cisco employees have adopted teleworking, using either a software VPN client, or a hardware VPN solution called Cisco Virtual Office (CVO). Cisco employees who telework on a regular basis prefer CVO over software VPN because the connection tends to be more stable and Cisco Virtual Office saves them the trouble of constantly logging back in. In addition, CVO provides QoS (quality of service) for voice and video which is critical to a high quality audio and video experience.
The preference for CVO is reflected in the fact that our employees who use the software VPN client work a little over 1 day per week from home while the 21,000 employees who use CVO report that they telework an average 2.5 days per week.
In late September 2010, a Cisco employee somewhere in the world became the 20,000th to begin using Cisco Virtual Office at home. Cisco Virtual Office, which combines a small business router and IP phone, extends the enterprise wired and wireless network right into our homes. Telework is optional in most cases at Cisco, so the 20,000 milestone underscores the fact that our workforce and the company see the value of telework, and that we have the tools to make it work.