Professional Documents
Culture Documents
Legal statement
This presentation sets forth Juniper Networks current intention and is subject to change at any time without notice. No purchases are contingent upon Juniper Networks delivering any feature or functionality depicted in this presentation.
www.juniper.net
AGENDA
Who is Juniper Networks? Juniper perspective on IPv4 exhaustion and IPv6 deployment Juniper Supported Solutions Juniper Product overview Conclusion
3
Copyright 2010 Juniper Networks, Inc. www.juniper.net
2011
2010
Mobile Next
FORTUNE
THOUSAND #789
1
2006
SRX Series
2008 2007
2009
QFabric
M Series
2005 1996
Incorporated
PTX
1998
1999
2000
2002
2004
Mobile Backhaul
Revenue Employees
5
$500M 1000
1500
$1.3B 2500
$2B 3500
$2.3B 4800
$2.8B 5300
$3.5B 6500
$3.3B 7000
$4B 8700
www.juniper.net
Government
Best In Choice
Operational Excellence
Cash and investments Dedicated employees Annual R&D engine
www.juniper.net
0%
After completion: Existing IPv4 addresses will not stop working. Current networks will still operate.
8
Copyright 2010 Juniper Networks, Inc. www.juniper.net
Many hosts & applications in customer residential networks (eg Win 95/98/2000/XP, Playstations, consumer electronic devices) are IPv4-only. Most software & servers in enterprise network are IPv4-only
They will not function in an IPv6-only environment. Few of those can or will upgrade to IPv6.
Network
Servers
Linux 2.6+
End-user clients
Windows 7 (Many XP boxes out there) MacOS 10.x Game consoles Wii, PS3, Xbox
Software
Content servers (web, email,) are hosted on the Internet by many different parties. It will take time to upgrade those to IPv6.
Content CE
Current measurement:
0.15% of Alexa top 1-million web sites are available via IPv6
(This number has not changed in the last 12 months) Source: http://ipv6monitor.comcast.net
9
Copyright 2010 Juniper Networks, Inc. www.juniper.net
But, IPv6 does not solve the immediate problem of IPv4 address exhaust. Maintaining IPv4 service after IPv4 exhaustion is #1 priority for most players.
This implies some form of IPv4 address sharing: NAT This implies transition technologies to choose from: DS-lite, This implies transport technologies to choose from: MPLS (6PE, 6VPE), IPsec,
MPLS based
IP based
6PE
12
www.juniper.net
6VPE
VPN
MPLS tunnel
VPN
IPoIP
IPsec / GRE tunnel
IPv6
13
IPv4
Copyright 2010 Juniper Networks, Inc. www.juniper.net
IPv6
6RD Relay
IPv6
IPv6
14
IPv4
Copyright 2010 Juniper Networks, Inc. www.juniper.net
IPv6
15
www.juniper.net
DS-Lite
DS Lite function occurs on a customer premises equipment (CPE) device such as a home gateway. If a device sends an IPv6 packet, the packet is routed normally to the IPv6 destination. If a device sends an IPv4 packet, the CPE gateway performs the IPv4-in-IPv6 encapsulation, setting the destination address of the IPv6 packet to the address of the DS Lite enabled CGNAT (aka AFTR).
A variation on the DS-Lite model implements DS-Lite on an individual end system rather than on a CPE device. The device is dual stacked, and therefore can send and receive both IPv4 and IPv6 packets. This has great potential for mobile broadband.
16
www.juniper.net
NAT444:
Three layers of IPv4 addressing
A private IPv4 block within the user network (behind the CPE NAT) A different private IPv4 block for the user-to-provider links (between the CPE NAT and the CGN AT) A public IPv4 address on the outside of the CG-NAT
In NAT444, the same IPv4 address block can be reused within each customer network, and the same IPv4 block can be reused on the inside of each CGNAT for the user-toprovider links. It is this reuse of addresses behind multiple CG-NATs that provides the IPv4 address scaling for NAT444 architecture.
A key advantage of this architecture is that it imposes no special requirements on the CPE NAT (assuming that RFC 1918 address space is used). However, to enable IPv6 services, either natively or via an IPv6 rapid deployment (6rd) tunneling technology, the CPE devices will need to be upgraded. 17
Copyright 2010 Juniper Networks, Inc. www.juniper.net
NAT64
Is an IPv4to-IPv6 Network Address Translator.
The headers of packets passing between an IPv6-only end system and an IPv4-only end system are converted from one protocol to the other,
allowing the end systems to communicate without knowing that the remote system is using a different IP version.
A special DNS ALG, known as DNS64, is used to trick IPv6 hosts into thinking that the IPv4 destination is an IPv6 address.
The IPv6 host thinks that it is communicating with another IPv6 system, and the IPv4 system thinks that it is talking to another IPv4 system. Neither end system participates directly in the translation process
18
www.juniper.net
PRODUCT PORTFOLIO POWERS THE NEW NETWORK Running JUNOS SOFTWARE : THE POWER OF ONE:
FULL IPv6 toolkit enabled, provided by One OS, one release train, one architecture
Security and CPE
High-end SRX Series
Switches
EX Series
Routers
E Series
J Series
SRC Series
SBR Series
M Series
MX Series
20
www.juniper.net
CONCLUSION
It is the time for providers to get serious about IPv6. In doing so, it is critical to preserve IPv4 services.
Actions to be taken:
Replacing/upgrading every CPE to enable IPv6 Making the operation of NAT technologies scale Getting content on IPv6 Building an end-to-end network IPv6 enabled
Thank You