The upcoming World IPv6 launch is stimulating a lot of conversation around IPv6 deployment and common deployment scenarios. People regularly ask “where’s my NAT,” which is something we have tried to address in architectural discussions in RFC 2993, RFC 4864, and RFC 6269. Margaret Wasserman and I have worried specifically about the implications of the multiplication of provider-independent addresses at the edge and the issues of multihoming, and described a model for IPv6 network prefix translation that we think addresses most of the issues and yet facilitates scalable multihoming without provider-independent addressing and the bloating of the route table it implies. Per-residential-customer multihoming is currently in use for NTT BFLETS in Japan.
My colleague Andrew Yourtchenko, whom many of you may know from IPv6 events, has a very different opinion about network address translation. If anything, he would like to get rid of it. Andrew has contributed to some 14 RFCs on the topic of transition and has much of value to say.
While I agree with Andrew on a number of issues, I don’t agree about the model in which one deploys a prefix allocated by each of one’s upstreams providers on each of the LANs in a network. I think that while we have reduced costs for ISPs in the smaller route table, we have significantly expanded the complexity faced by the edge network without giving them a benefit that they readily recognize. I agree with the end-to-end model and the ability to deploy new applications anywhere in the network, but I think that stateless prefix translation can meet those issues and help in managing the size of the route table. Andrew and I recently weighed the pros and cons of our different opinions and included our thoughts in this blog. What is your opinion on this topic? Read More »
Tags: ILNP, IPv6, LISP, NAT, NPTv6
World IPv6 Launch is just around the corner. By June 6, 2012, web companies, major ISPs, and home networking equipment manufacturers are coming together to permanently enable IPv6 for their products and services. Cisco is among them, participating in this global IPv6 launch both as a website operator and leading network solutions provider. As a web company, we’ll be making www.cisco.com permanently IPv6 accessible starting on June 6. Here’s a view into how Cisco IT has been preparing our IPv6 web presence.
The enterprise journey toward IPv6 started almost a decade ago, and the focus on our web presence started a couple of years ago when the Cisco IT team built a small-scale, parallel IPv6 environment in a sandbox network that was used to host static content. We used the domain name www.ipv6.cisco.com, knowing that few people would visit the site. It gave us a chance to get our feet wet with IPv6 while minimizing the risk should something go wrong.
Fast forward to June 8, 2011 and World IPv6 Day when many website operators globally enabled IPv6 access to their production sites and services as part of a 24-hour “test run.” Cisco made www.cisco.com IPv6 accessible on that day. The outcome was a success, and gave all the participants confidence that IPv6 was truly production ready. World IPv6 Day was also a valuable learning opportunity for Cisco IT to better understand what it would take to permanently IPv6-enable our website.
In the year since that test run, our focus has been on preparing for the World IPv6 Launch. The big difference in planning for this launch stems from “the turn it on and leave it on” objective. To leave IPv6 on permanently demands production quality, and production quality demands readiness. Readiness started for us several months ago when we first sought support for World IPv6 Launch from IT and business leaders. Based on our experiences with World IPv6 Day, we knew that planning and delivery would require collaboration across most of the IT organization. So the first step was buy-in at the CIO level to help ensure that all needed teams were at the table.
Next, we turned our attention toward architecture and design. Our primary goals were to:
- Leverage the existing production network infrastructure investment and avoid costs of parallel networks.
- Ensure production quality and the ability to maintain service levels for www.cisco.com.
The design we chose centers on a reverse proxy model using the Cisco Application Control Engine (ACE). Incoming IPv6 sessions are proxied by the ACE to the existing web tier using IPv4. The network upstream of the ACE is dual stacked, including existing ISP connections.
With the design in place, our attention shifted to network hardware, software, service provider, and application readiness. We performed an assessment using the IPv6 Device Readiness Assessment service to determine whether existing devices in our DMZ and data center networks were capable of supporting IPv6. The assessment showed that existing hardware was capable of supporting IPv6, but software upgrades were required on some platforms. In parallel, we assessed our ISP partners and their ability to dual stack existing connections, as well as our content delivery network provider’s ability to accelerate content delivery for www.cisco.com over IPv6. Based on our experience with World IPv6 Day, we felt comfortable that existing applications and services residing behind the www.cisco.com domain name were compatible with IPv6. The only application that required slight modification was our web analytics system that tracks site usage for www.cisco.com and uses source IP address as a data point. We found that the system vendor supported IPv6 in the product, and we made minor configuration changes to accommodate IPv6 source addresses.
Operational readiness followed, which is a critical stage given the need to maintain production levels of service. With service assurance being top of mind, we enhanced our network management systems to support network, device, and application monitoring over IPv6. We also put together a training program to ensure that everyone, from the front line help desk to network engineers, had the IPv6 knowledge and skills appropriate for their role.
And finally we reached system-level testing, which is where we’re at today. End-to-end testing is under way with QA engineers performing functional and performance checks. Our last test will be a “final practice run” when we temporarily advertise an AAAA DNS record for a couple of hours and validate that everything works end to end in our production environment, including our content delivery network and ISP services.
Next stop? June 6, 2012 00:00 UTC.
Tags: Cisco IT, cisco on cisco, coc-borderless-networks, IPv6, World IPv6 Launch
As we approach the much talked about World IPv6 Launch on June 6th, 2012 it is important to help as many as possible do what is needed to prepare their own Internet Edge to not only participate in the launch but also to ensure business continuity regardless of which IP version is used. Start now so you don’t have to rush your deployment at the end.
There are important first steps to take before you ever type the first command or click the first check box on a product. Important stuff like a gap analysis on what you can and cannot support as well as what your provider supports IPv6-wise, what your address plan will look like and other considerations. Luckily Cisco has either written a document or a blog on many of these topics. Recent blogs include:
Given that we are just shy of a month away from World IPv6 Launch, I wanted to blog on the top considerations for enabling IPv6 support on one of the most important components of any Internet Edge design, the Application Delivery Controller (ADC) or more commonly known as a Server Load Balancer (SLB).
Read More »
Tags: Cisco ACE, Cisco Validated Designs, IPv6, server load balancing, Shannon McFarland, World IPv6 Launch
One of the topics we covered this week at the Cisco Packet Optical Networking Conference was cloud computing. A benefit of cloud computing is that the physical infrastructure – the storage and compute resources – can be located almost anywhere as long as there is reliable network access. Several countries are leveraging their low cost green power to grow their economies with new data center facilities. A publicly announced example of this is Facebook which has built an enormous facility in northern Sweden. Iceland with its cooler temperatures and green geothermal power, plus ideal location between North America and Europe has seen a significant growth in its data center industry. However, being an island nation it faces a challenge to ensure that sufficient cost-effective network capacity is available to connect off-island users with its storage and compute resources.
Farice, the primary provider of networking services to and from Iceland and operator of two submarine cable links to Europe has sought to Read More »
Tags: 100G, 100GE, ASR9000, Cisco, cloud, DWDM, facebook, Farice, Green Data Center, IPv6, PONC, Service Provider
When I was younger and faced with a large problem, I tended to shy away from the problem and take other paths to avoid the issue in the hope that the issue either got smaller or ideally went away. I’m finding that as an adult, you cannot always do that. Some issues just will not go away no matter how hard you try to avoid them or how creative your excuses get for why they are not important right now.
Integrating IPv6 into your network is one of those issues. It is a large problem that impacts all areas of what goes on in the IT shop – network, security, applications, content, operating systems, etc. The key to making an integration successful is to make sure that representatives from all IT organizations participate and contribute to the project and to approach the problem by breaking it into manageable chunks.
Step 1: Don’t panic. Read More »
Tags: IPv6, IPv6 addressing, World IPv6 Day