06 Yves Gheerolfs Juniper en Ipv6

Juniper Networks and IPv6
April 5th, 2011 Yves Gheerolfs Sr System Engineer ygheerolfs@juniper.net
Legal statement
This presentation sets forth Juniper Networks current intention and is subject to change at any time without notice. No purchases are contingent upon Juniper Networks delivering any feature or functionality depicted in this presentation.
Copyright 2010 Juniper Networks, Inc.
www.juniper.net
AGENDA
Who is Juniper Networks? Juniper perspective on IPv4 exhaustion and IPv6 deployment Juniper Supported Solutions Juniper Product overview Conclusion
3
Copyright 2010 Juniper Networks, Inc. www.juniper.net
WHO IS JUNIPER NETWORKS?

4
JUNIPER NETWORKS: FIFTEEN YEARS OF INNOVATION
2011
2010
Mobile Next
FORTUNE
THOUSAND #789
1
2006
SRX Series
2008 2007
2009
QFabric
M Series
2005 1996
Incorporated
T4000 EX Series TX Matrix+ MX Series
PTX
1998
1999
2000
2002
2004
IC Series Acorn T Series SSG Series T1600
Mobile Backhaul
Mobile Security Suite
Revenue Employees
5
$500M 1000
1500
$1.3B 2500
$2B 3500
$2.3B 4800
$2.8B 5300
$3.5B 6500
$3.3B 7000
$4B 8700
www.juniper.net
JUNIPER NETWORKS: LEADER IN HIGH-PERFORMANCE NETWORKING

Top 100 Service Providers Fortune 100 Enterprises Public Sector
Government
Best In Choice
Operational Excellence
Cash and investments Dedicated employees Annual R&D engine
$2.8B 8,772 $837M*

As of December 31, 2010 *Non-GAAP
www.juniper.net
JUNIPER PERSPECTIVE ON IPV4 EXHAUSTION AND IPV6 DEPLOYMENT

7
IPV4 REALITY CHECK: IANA FREE POOL HAS EXHAUSTED

IANA exhaust: 2/1/2011 RIR exhaust: soon after
2008 recession effect Pre 2008 recession Post 2008 recession
0%
After completion: Existing IPv4 addresses will not stop working. Current networks will still operate.
8
IPV6 REALITY CHECK: THE IPV4 LONG TAIL

Function
Element Core Router: T Status
Many hosts & applications in customer residential networks (eg Win 95/98/2000/XP, Playstations, consumer electronic devices) are IPv4-only. Most software & servers in enterprise network are IPv4-only
They will not function in an IPv6-only environment. Few of those can or will upgrade to IPv6.
Network
Edge Routers: MX, 6PE
Servers
Linux 2.6+
Datacenter equipments, CDN
End-user clients
Windows 7 (Many XP boxes out there) MacOS 10.x Game consoles Wii, PS3, Xbox
Software
Web Browser: Firefox, IE, Safari
Content servers (web, email,) are hosted on the Internet by many different parties. It will take time to upgrade those to IPv6.
Skype On-line PC games SSL VPN
Content CE
Web content available over IPv6 CPEs
Current measurement:
0.15% of Alexa top 1-million web sites are available via IPv6
(This number has not changed in the last 12 months) Source: http://ipv6monitor.comcast.net
9
IS IPV6 TAKING OFF?

A number of very large ISPs and very large content providers are deploying IPv6 and various transition technologies now.
Still early in the adoption curve. But momentum is building fast So definitely cant be ignored.
But, IPv6 does not solve the immediate problem of IPv4 address exhaust. Maintaining IPv4 service after IPv4 exhaustion is #1 priority for most players.
This implies some form of IPv4 address sharing: NAT This implies transition technologies to choose from: DS-lite, This implies transport technologies to choose from: MPLS (6PE, 6VPE), IPsec,
All having an impact on solution and network architecture

10
JUNIPER SUPPORTED SOLUTIONS

11
JUNOS supported IPv6 transport schemes

IPv6 schemes
MPLS based
IP based
6PE
IPv6 Layer 3 VPN (6VPE)
Native IPv6 (IPv4/IPv6 dual stack)
IPv6 over IPv4 configured tunnels (GRE, IPsec,6rd)
12
www.juniper.net
IPv6 transport schemes

6PE
MPLS tunnel
6VPE
VPN
MPLS tunnel
VPN
IPoIP
IPsec / GRE tunnel
IPv6
13
IPv4
IPv6
6RD (Rapid Deployment)

6rd is a transition technology to provide IPv6 service to end users over an existing IPv4 infrastructure. IPv6 packets are tunneled in IPv4 with stateless v6 to v4 mapping and automatic prefix delegation derived from the v6 destination of each packet. The key component changes are to the routed CPE to make it 6rd capable via software or hardware upgrade, and introduction of a 6rd border relay function in the Internet service provider (ISP) network to route the packets to IPv6 networks. This transition technology alternative enables IPv6 services over IPv4 infrastructure; however, it does not mitigate any IPv4 exhaustion concerns. 6rd can therefore be used as a complement to NAT444.
IPv6 end-user 6RD CPE
IPv6 in IPv4 tunnel
6RD Relay
IPv6
IPv6
14
IPv4
IPv6
IPv4 depletion and translation mechanism

DS-lite NAT444 NAT64
15
www.juniper.net
DS-Lite
DS Lite function occurs on a customer premises equipment (CPE) device such as a home gateway. If a device sends an IPv6 packet, the packet is routed normally to the IPv6 destination. If a device sends an IPv4 packet, the CPE gateway performs the IPv4-in-IPv6 encapsulation, setting the destination address of the IPv6 packet to the address of the DS Lite enabled CGNAT (aka AFTR).
A variation on the DS-Lite model implements DS-Lite on an individual end system rather than on a CPE device. The device is dual stacked, and therefore can send and receive both IPv4 and IPv6 packets. This has great potential for mobile broadband.
16
www.juniper.net
NAT444:
Three layers of IPv4 addressing
A private IPv4 block within the user network (behind the CPE NAT) A different private IPv4 block for the user-to-provider links (between the CPE NAT and the CGN AT) A public IPv4 address on the outside of the CG-NAT
In NAT444, the same IPv4 address block can be reused within each customer network, and the same IPv4 block can be reused on the inside of each CGNAT for the user-toprovider links. It is this reuse of addresses behind multiple CG-NATs that provides the IPv4 address scaling for NAT444 architecture.
A key advantage of this architecture is that it imposes no special requirements on the CPE NAT (assuming that RFC 1918 address space is used). However, to enable IPv6 services, either natively or via an IPv6 rapid deployment (6rd) tunneling technology, the CPE devices will need to be upgraded. 17
NAT64
Is an IPv4to-IPv6 Network Address Translator.
The headers of packets passing between an IPv6-only end system and an IPv4-only end system are converted from one protocol to the other,
allowing the end systems to communicate without knowing that the remote system is using a different IP version.
A special DNS ALG, known as DNS64, is used to trick IPv6 hosts into thinking that the IPv4 destination is an IPv6 address.
The IPv6 host thinks that it is communicating with another IPv6 system, and the IPv4 system thinks that it is talking to another IPv4 system. Neither end system participates directly in the translation process
18
www.juniper.net
JUNIPER PRODUCT PORTFOLIO

19
PRODUCT PORTFOLIO POWERS THE NEW NETWORK Running JUNOS SOFTWARE : THE POWER OF ONE:
FULL IPv6 toolkit enabled, provided by One OS, one release train, one architecture
Security and CPE
High-end SRX Series
Switches
EX Series
Routers
E Series
T Series Branch SRX Series
J Series
SRC Series
SBR Series
M Series
MX Series
SA Series & UAC
20
www.juniper.net
CONCLUSION
It is the time for providers to get serious about IPv6. In doing so, it is critical to preserve IPv4 services.
Actions to be taken:
Replacing/upgrading every CPE to enable IPv6 Making the operation of NAT technologies scale Getting content on IPv6 Building an end-to-end network IPv6 enabled
Juniper provides what is needed today

More info on www.juniper.net/IPv6 and/or http://ipv6.juniper.net/IPv6
21
Thank You

06 Yves Gheerolfs Juniper en Ipv6

Uploaded by

Document Information

Original Description:

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

06 Yves Gheerolfs Juniper en Ipv6

Uploaded by

Copyright:

Available Formats

Juniper Networks and IPv6

April 5th, 2011 Yves Gheerolfs Sr System Engineer ygheerolfs@juniper.net

Copyright 2010 Juniper Networks, Inc.

WHO IS JUNIPER NETWORKS?

JUNIPER NETWORKS: FIFTEEN YEARS OF INNOVATION

T4000 EX Series TX Matrix+ MX Series

IC Series Acorn T Series SSG Series T1600

Mobile Security Suite

Copyright 2010 Juniper Networks, Inc.

JUNIPER NETWORKS: LEADER IN HIGH-PERFORMANCE NETWORKING

$2.8B 8,772 $837M*

Copyright 2010 Juniper Networks, Inc.

JUNIPER PERSPECTIVE ON IPV4 EXHAUSTION AND IPV6 DEPLOYMENT

IPV4 REALITY CHECK: IANA FREE POOL HAS EXHAUSTED

2008 recession effect Pre 2008 recession Post 2008 recession

IPV6 REALITY CHECK: THE IPV4 LONG TAIL

Edge Routers: MX, 6PE

Datacenter equipments, CDN

Web Browser: Firefox, IE, Safari

Skype On-line PC games SSL VPN

Web content available over IPv6 CPEs

IS IPV6 TAKING OFF?

All having an impact on solution and network architecture

JUNIPER SUPPORTED SOLUTIONS

JUNOS supported IPv6 transport schemes

IPv6 Layer 3 VPN (6VPE)

Native IPv6 (IPv4/IPv6 dual stack)

IPv6 over IPv4 configured tunnels (GRE, IPsec,6rd)

Copyright 2010 Juniper Networks, Inc.

IPv6 transport schemes

6RD (Rapid Deployment)

IPv6 end-user 6RD CPE

IPv6 in IPv4 tunnel

IPv4 depletion and translation mechanism

Copyright 2010 Juniper Networks, Inc.

Copyright 2010 Juniper Networks, Inc.

Copyright 2010 Juniper Networks, Inc.

JUNIPER PRODUCT PORTFOLIO

T Series Branch SRX Series

SA Series & UAC

Copyright 2010 Juniper Networks, Inc.

Juniper provides what is needed today

You might also like